From 0a3670d777d4806d55c10f2ac00f2371a4ac96be Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Sun, 15 Oct 2023 10:04:43 +0200 Subject: [PATCH 1/4] Regen readmes 4 --- .../bastion-host/.test/common/main.test.bicep | 3 + .../bastion-host/.test/min/main.test.bicep | 3 + modules/network/bastion-host/README.md | 297 +++++++++++---- modules/network/bastion-host/main.json | 16 +- modules/network/connection/README.md | 270 +++++++++++--- modules/network/connection/main.json | 4 +- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + .../network/ddos-protection-plan/README.md | 132 +++++-- .../network/ddos-protection-plan/main.json | 8 +- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + .../network/dns-forwarding-ruleset/README.md | 154 ++++++-- .../forwarding-rule/README.md | 146 ++++---- .../forwarding-rule/main.json | 4 +- .../network/dns-forwarding-ruleset/main.json | 16 +- .../virtual-network-link/README.md | 53 ++- .../virtual-network-link/main.json | 4 +- .../dns-resolver/.test/common/main.test.bicep | 3 + modules/network/dns-resolver/README.md | 146 ++++++-- modules/network/dns-resolver/main.json | 8 +- .../dns-zone/.test/common/main.test.bicep | 3 + .../dns-zone/.test/min/main.test.bicep | 3 + modules/network/dns-zone/README.md | 222 +++++++++--- modules/network/dns-zone/a/README.md | 80 +++- modules/network/dns-zone/a/main.json | 8 +- modules/network/dns-zone/aaaa/README.md | 80 +++- modules/network/dns-zone/aaaa/main.json | 8 +- modules/network/dns-zone/caa/README.md | 71 +++- modules/network/dns-zone/caa/main.json | 8 +- modules/network/dns-zone/cname/README.md | 80 +++- modules/network/dns-zone/cname/main.json | 8 +- modules/network/dns-zone/main.json | 88 ++--- modules/network/dns-zone/mx/README.md | 71 +++- modules/network/dns-zone/mx/main.json | 8 +- modules/network/dns-zone/ns/README.md | 71 +++- modules/network/dns-zone/ns/main.json | 8 +- modules/network/dns-zone/ptr/README.md | 71 +++- modules/network/dns-zone/ptr/main.json | 8 +- modules/network/dns-zone/soa/README.md | 71 +++- modules/network/dns-zone/soa/main.json | 8 +- modules/network/dns-zone/srv/README.md | 71 +++- modules/network/dns-zone/srv/main.json | 8 +- modules/network/dns-zone/txt/README.md | 71 +++- modules/network/dns-zone/txt/main.json | 8 +- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + .../network/express-route-circuit/README.md | 343 ++++++++++++++---- .../network/express-route-circuit/main.json | 8 +- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + .../network/express-route-gateway/README.md | 172 ++++++--- .../network/express-route-gateway/main.json | 8 +- .../.test/common/main.test.bicep | 3 + .../firewall-policy/.test/min/main.test.bicep | 3 + modules/network/firewall-policy/README.md | 302 ++++++++++++--- modules/network/firewall-policy/main.json | 8 +- .../rule-collection-group/README.md | 52 ++- .../rule-collection-group/main.json | 4 +- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + .../README.md | 165 ++++++--- .../main.json | 8 +- .../front-door/.test/common/main.test.bicep | 3 + .../front-door/.test/min/main.test.bicep | 3 + modules/network/front-door/README.md | 258 ++++++++++--- modules/network/front-door/main.json | 8 +- .../ip-group/.test/common/main.test.bicep | 3 + .../ip-group/.test/min/main.test.bicep | 3 + modules/network/ip-group/README.md | 141 +++++-- modules/network/ip-group/main.json | 8 +- .../.test/common/main.test.bicep | 3 + .../load-balancer/.test/min/main.test.bicep | 3 + modules/network/load-balancer/README.md | 256 ++++++++++--- .../backend-address-pool/README.md | 72 +++- .../backend-address-pool/main.json | 4 +- .../load-balancer/inbound-nat-rule/README.md | 124 ++++++- .../load-balancer/inbound-nat-rule/main.json | 4 +- modules/network/load-balancer/main.json | 16 +- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + .../network/local-network-gateway/README.md | 184 +++++++--- .../network/local-network-gateway/main.json | 8 +- .../nat-gateway/.test/common/main.test.bicep | 3 + modules/network/nat-gateway/README.md | 269 +++++++++++--- modules/network/nat-gateway/main.json | 16 +- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + modules/network/network-interface/README.md | 256 ++++++++++--- modules/network/network-interface/main.json | 8 +- .../.test/common/main.test.bicep | 3 + modules/network/network-manager/README.md | 190 +++++++--- .../connectivity-configuration/README.md | 93 ++++- .../network-manager/network-group/README.md | 53 ++- .../network-group/static-member/README.md | 51 ++- .../scope-connection/README.md | 60 ++- .../security-admin-configuration/README.md | 65 +++- .../rule-collection/README.md | 68 +++- .../rule-collection/rule/README.md | 133 ++++++- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + .../network/network-security-group/README.md | 201 +++++++--- .../network/network-security-group/main.json | 12 +- .../security-rule/README.md | 172 +++++++-- .../security-rule/main.json | 4 +- .../.test/common/main.test.bicep | 3 + .../network-watcher/.test/min/main.test.bicep | 3 + modules/network/network-watcher/README.md | 141 +++++-- .../connection-monitor/README.md | 88 ++++- .../connection-monitor/main.json | 4 +- .../network-watcher/flow-log/README.md | 120 +++++- .../network-watcher/flow-log/main.json | 4 +- modules/network/network-watcher/main.json | 16 +- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + modules/network/private-dns-zone/README.md | 213 ++++++++--- modules/network/private-dns-zone/a/README.md | 71 +++- modules/network/private-dns-zone/a/main.json | 8 +- .../network/private-dns-zone/aaaa/README.md | 71 +++- .../network/private-dns-zone/aaaa/main.json | 8 +- .../network/private-dns-zone/cname/README.md | 71 +++- .../network/private-dns-zone/cname/main.json | 8 +- modules/network/private-dns-zone/main.json | 76 ++-- modules/network/private-dns-zone/mx/README.md | 71 +++- modules/network/private-dns-zone/mx/main.json | 8 +- .../network/private-dns-zone/ptr/README.md | 71 +++- .../network/private-dns-zone/ptr/main.json | 8 +- .../network/private-dns-zone/soa/README.md | 71 +++- .../network/private-dns-zone/soa/main.json | 8 +- .../network/private-dns-zone/srv/README.md | 71 +++- .../network/private-dns-zone/srv/main.json | 8 +- .../network/private-dns-zone/txt/README.md | 71 +++- .../network/private-dns-zone/txt/main.json | 8 +- .../virtual-network-link/README.md | 71 +++- .../virtual-network-link/main.json | 4 +- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + modules/network/private-endpoint/README.md | 210 ++++++++--- modules/network/private-endpoint/main.json | 12 +- .../private-dns-zone-group/README.md | 44 ++- .../private-dns-zone-group/main.json | 4 +- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + .../network/private-link-service/README.md | 194 +++++++--- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + modules/network/public-ip-address/README.md | 294 ++++++++++++--- modules/network/public-ip-address/main.json | 8 +- .../.test/common/main.test.bicep | 3 + .../.test/min/main.test.bicep | 3 + modules/network/public-ip-prefix/README.md | 149 +++++--- modules/network/public-ip-prefix/main.json | 8 +- .../route-table/.test/common/main.test.bicep | 3 + .../route-table/.test/min/main.test.bicep | 3 + modules/network/route-table/README.md | 150 +++++--- modules/network/route-table/main.json | 8 +- 156 files changed, 6788 insertions(+), 1986 deletions(-) diff --git a/modules/network/bastion-host/.test/common/main.test.bicep b/modules/network/bastion-host/.test/common/main.test.bicep index 35ab2e3670..d2f4cf6fb8 100644 --- a/modules/network/bastion-host/.test/common/main.test.bicep +++ b/modules/network/bastion-host/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/bastion-host/.test/min/main.test.bicep b/modules/network/bastion-host/.test/min/main.test.bicep index 5c3fb70bb0..8a6f75385c 100644 --- a/modules/network/bastion-host/.test/min/main.test.bicep +++ b/modules/network/bastion-host/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/bastion-host/README.md b/modules/network/bastion-host/README.md index b68e8d4c80..cff8ea7092 100644 --- a/modules/network/bastion-host/README.md +++ b/modules/network/bastion-host/README.md @@ -5,10 +5,10 @@ This module deploys a Bastion Host. ## Navigation - [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) ## Resource Types @@ -20,75 +20,30 @@ This module deploys a Bastion Host. | `Microsoft.Network/bastionHosts` | [2022-11-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-11-01/bastionHosts) | | `Microsoft.Network/publicIPAddresses` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/publicIPAddresses) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Name of the Azure Bastion resource. | -| `vNetId` | string | Shared services Virtual Network resource identifier. | - -**Optional parameters** +## Usage examples -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `bastionSubnetPublicIpResourceId` | string | `''` | | The Public IP resource ID to associate to the azureBastionSubnet. If empty, then the Public IP that is created as part of this module will be applied to the azureBastionSubnet. | -| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | -| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, BastionAuditLogs]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | -| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | -| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | -| `disableCopyPaste` | bool | `False` | | Choose to disable or enable Copy Paste. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `enableFileCopy` | bool | `True` | | Choose to disable or enable File Copy. | -| `enableIpConnect` | bool | `False` | | Choose to disable or enable IP Connect. | -| `enableKerberos` | bool | `False` | | Choose to disable or enable Kerberos authentication. | -| `enableShareableLink` | bool | `False` | | Choose to disable or enable Shareable Link. | -| `isCreateDefaultPublicIP` | bool | `True` | | Specifies if a Public IP should be created by default if one is not provided. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `publicIPAddressObject` | object | `{object}` | | Specifies the properties of the Public IP to create and be used by Azure Bastion. If it's not provided and publicIPAddressResourceId is empty, a '-pip' suffix will be appended to the Bastion's name. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `scaleUnits` | int | `2` | | The scale units for the Bastion Host resource. | -| `skuName` | string | `'Basic'` | `[Basic, Standard]` | The SKU of this Bastion Host. | -| `tags` | object | `{object}` | | Tags of the resource. | - - -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `ipConfAzureBastionSubnet` | object | The Public IPconfiguration object for the AzureBastionSubnet. | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name the Azure Bastion. | -| `resourceGroupName` | string | The resource group the Azure Bastion was deployed into. | -| `resourceId` | string | The resource ID the Azure Bastion. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -This section gives you an overview of all local-referenced module files (i.e., other CARML modules that are referenced in this module) and all remote-referenced files (i.e., Bicep modules that are referenced from a Bicep Registry or Template Specs). + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.bastion-host:1.0.0`. -| Reference | Type | -| :-- | :-- | -| `network/public-ip-address` | Local reference | +- [Using only defaults](#example-1-using-only-defaults) +- [Custompip](#example-2-custompip) +- [Using Maximum Parameters](#example-3-using-maximum-parameters) -## Deployment examples +### Example 1: _Using only defaults_ -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +This instance deploys the module with the minimum set of required parameters. - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. - -

Example 1: Common

via Bicep module ```bicep -module bastionHost './network/bastion-host/main.bicep' = { +module bastionHost 'br:bicep/modules/network.bastion-host:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nbhcom' params: { // Required parameters @@ -210,14 +165,14 @@ module bastionHost './network/bastion-host/main.bicep' = {

-

Example 2: Custompip

+### Example 2: _Custompip_
via Bicep module ```bicep -module bastionHost './network/bastion-host/main.bicep' = { +module bastionHost 'br:bicep/modules/network.bastion-host:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nbhctmpip' params: { // Required parameters @@ -331,14 +286,17 @@ module bastionHost './network/bastion-host/main.bicep' = {

-

Example 3: Min

+### Example 3: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module bastionHost './network/bastion-host/main.bicep' = { +module bastionHost 'br:bicep/modules/network.bastion-host:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nbhmin' params: { // Required parameters @@ -379,3 +337,220 @@ module bastionHost './network/bastion-host/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Name of the Azure Bastion resource. | +| [`vNetId`](#parameter-vnetid) | string | Shared services Virtual Network resource identifier. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`bastionSubnetPublicIpResourceId`](#parameter-bastionsubnetpublicipresourceid) | string | The Public IP resource ID to associate to the azureBastionSubnet. If empty, then the Public IP that is created as part of this module will be applied to the azureBastionSubnet. | +| [`diagnosticEventHubAuthorizationRuleId`](#parameter-diagnosticeventhubauthorizationruleid) | string | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | +| [`diagnosticEventHubName`](#parameter-diagnosticeventhubname) | string | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | +| [`diagnosticLogCategoriesToEnable`](#parameter-diagnosticlogcategoriestoenable) | array | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | +| [`diagnosticSettingsName`](#parameter-diagnosticsettingsname) | string | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | +| [`diagnosticStorageAccountId`](#parameter-diagnosticstorageaccountid) | string | Resource ID of the diagnostic storage account. | +| [`diagnosticWorkspaceId`](#parameter-diagnosticworkspaceid) | string | Resource ID of the diagnostic log analytics workspace. | +| [`disableCopyPaste`](#parameter-disablecopypaste) | bool | Choose to disable or enable Copy Paste. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`enableFileCopy`](#parameter-enablefilecopy) | bool | Choose to disable or enable File Copy. | +| [`enableIpConnect`](#parameter-enableipconnect) | bool | Choose to disable or enable IP Connect. | +| [`enableKerberos`](#parameter-enablekerberos) | bool | Choose to disable or enable Kerberos authentication. | +| [`enableShareableLink`](#parameter-enableshareablelink) | bool | Choose to disable or enable Shareable Link. | +| [`isCreateDefaultPublicIP`](#parameter-iscreatedefaultpublicip) | bool | Specifies if a Public IP should be created by default if one is not provided. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`publicIPAddressObject`](#parameter-publicipaddressobject) | object | Specifies the properties of the Public IP to create and be used by Azure Bastion. If it's not provided and publicIPAddressResourceId is empty, a '-pip' suffix will be appended to the Bastion's name. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`scaleUnits`](#parameter-scaleunits) | int | The scale units for the Bastion Host resource. | +| [`skuName`](#parameter-skuname) | string | The SKU of this Bastion Host. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | + +### Parameter: `bastionSubnetPublicIpResourceId` + +The Public IP resource ID to associate to the azureBastionSubnet. If empty, then the Public IP that is created as part of this module will be applied to the azureBastionSubnet. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticEventHubAuthorizationRuleId` + +Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticEventHubName` + +Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticLogCategoriesToEnable` + +The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. +- Required: No +- Type: array +- Default: `[allLogs]` +- Allowed: `['', allLogs, BastionAuditLogs]` + +### Parameter: `diagnosticSettingsName` + +The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticStorageAccountId` + +Resource ID of the diagnostic storage account. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticWorkspaceId` + +Resource ID of the diagnostic log analytics workspace. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `disableCopyPaste` + +Choose to disable or enable Copy Paste. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `enableFileCopy` + +Choose to disable or enable File Copy. +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `enableIpConnect` + +Choose to disable or enable IP Connect. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `enableKerberos` + +Choose to disable or enable Kerberos authentication. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `enableShareableLink` + +Choose to disable or enable Shareable Link. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `isCreateDefaultPublicIP` + +Specifies if a Public IP should be created by default if one is not provided. +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name of the Azure Bastion resource. +- Required: Yes +- Type: string + +### Parameter: `publicIPAddressObject` + +Specifies the properties of the Public IP to create and be used by Azure Bastion. If it's not provided and publicIPAddressResourceId is empty, a '-pip' suffix will be appended to the Bastion's name. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `scaleUnits` + +The scale units for the Bastion Host resource. +- Required: No +- Type: int +- Default: `2` + +### Parameter: `skuName` + +The SKU of this Bastion Host. +- Required: No +- Type: string +- Default: `'Basic'` +- Allowed: `[Basic, Standard]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `vNetId` + +Shared services Virtual Network resource identifier. +- Required: Yes +- Type: string + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `ipConfAzureBastionSubnet` | object | The Public IPconfiguration object for the AzureBastionSubnet. | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name the Azure Bastion. | +| `resourceGroupName` | string | The resource group the Azure Bastion was deployed into. | +| `resourceId` | string | The resource ID the Azure Bastion. | + +## Cross-referenced modules + +This section gives you an overview of all local-referenced module files (i.e., other CARML modules that are referenced in this module) and all remote-referenced files (i.e., Bicep modules that are referenced from a Bicep Registry or Template Specs). + +| Reference | Type | +| :-- | :-- | +| `modules/network/public-ip-address` | Local reference | diff --git a/modules/network/bastion-host/main.json b/modules/network/bastion-host/main.json index 0370ab6fdd..ab504b7428 100644 --- a/modules/network/bastion-host/main.json +++ b/modules/network/bastion-host/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "17208156201497944921" + "version": "0.22.6.54827", + "templateHash": "18039554301844568366" }, "name": "Bastion Hosts", "description": "This module deploys a Bastion Host.", @@ -326,8 +326,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "1887898957722092173" + "version": "0.22.6.54827", + "templateHash": "4317747709004918530" }, "name": "Public IP Addresses", "description": "This module deploys a Public IP Address.", @@ -660,8 +660,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "7328126239184883887" + "version": "0.22.6.54827", + "templateHash": "9976109177347918049" } }, "parameters": { @@ -878,8 +878,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "5797020701488147835" + "version": "0.22.6.54827", + "templateHash": "7732571198100682148" } }, "parameters": { diff --git a/modules/network/connection/README.md b/modules/network/connection/README.md index a8e9cf6573..a9f6c4f04f 100644 --- a/modules/network/connection/README.md +++ b/modules/network/connection/README.md @@ -4,83 +4,39 @@ This module deploys a Virtual Network Gateway Connection. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) - [Notes](#Notes) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | | `Microsoft.Authorization/locks` | [2020-05-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2020-05-01/locks) | | `Microsoft.Network/connections` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/connections) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Remote connection name. | -| `virtualNetworkGateway1` | object | The primary Virtual Network Gateway. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `authorizationKey` | securestring | `''` | | The Authorization Key to connect to an Express Route Circuit. Used for connection type [ExpressRoute]. | -| `connectionMode` | string | `'Default'` | `[Default, InitiatorOnly, ResponderOnly]` | The connection connectionMode for this connection. Available for IPSec connections. | -| `connectionProtocol` | string | `'IKEv2'` | `[IKEv1, IKEv2]` | Connection connectionProtocol used for this connection. Available for IPSec connections. | -| `connectionType` | string | `'IPsec'` | `[ExpressRoute, IPsec, Vnet2Vnet, VPNClient]` | Gateway connection connectionType. | -| `customIPSecPolicy` | object | `{object}` | | The IPSec Policies to be considered by this connection. | -| `dpdTimeoutSeconds` | int | `45` | | The dead peer detection timeout of this connection in seconds. Setting the timeout to shorter periods will cause IKE to rekey more aggressively, causing the connection to appear to be disconnected in some instances. The general recommendation is to set the timeout between 30 to 45 seconds. | -| `enableBgp` | bool | `False` | | Value to specify if BGP is enabled or not. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `enablePrivateLinkFastPath` | bool | `False` | | Bypass the ExpressRoute gateway when accessing private-links. ExpressRoute FastPath (expressRouteGatewayBypass) must be enabled. Only available when connection connectionType is Express Route. | -| `expressRouteGatewayBypass` | bool | `False` | | Bypass ExpressRoute Gateway for data forwarding. Only available when connection connectionType is Express Route. | -| `localNetworkGateway2` | object | `{object}` | | The local network gateway. Used for connection type [IPsec]. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the connectionType of lock. | -| `peer` | object | `{object}` | | The remote peer. Used for connection connectionType [ExpressRoute]. | -| `routingWeight` | int | `-1` | | The weight added to routes learned from this BGP speaker. | -| `tags` | object | `{object}` | | Tags of the resource. | -| `useLocalAzureIpAddress` | bool | `False` | | Use private local Azure IP for the connection. Only available for IPSec Virtual Network Gateways that use the Azure Private IP Property. | -| `usePolicyBasedTrafficSelectors` | bool | `False` | | Enable policy-based traffic selectors. | -| `virtualNetworkGateway2` | object | `{object}` | | The remote Virtual Network Gateway. Used for connection connectionType [Vnet2Vnet]. | -| `vpnSharedKey` | securestring | `''` | | Specifies a VPN shared key. The same value has to be specified on both Virtual Network Gateways. | - - -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the remote connection. | -| `resourceGroupName` | string | The resource group the remote connection was deployed into. | -| `resourceId` | string | The resource ID of the remote connection. | - -## Cross-referenced modules - -_None_ - -## Deployment examples +## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -

Example 1: Vnet2vnet

+ >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.connection:1.0.0`. + +- [Vnet2vnet](#example-1-vnet2vnet) + +### Example 1: _Vnet2vnet_
via Bicep module ```bicep -module connection './network/connection/main.bicep' = { +module connection 'br:bicep/modules/network.connection:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-ncvtv' params: { // Required parameters @@ -163,6 +119,210 @@ module connection './network/connection/main.bicep' = {

+## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Remote connection name. | +| [`virtualNetworkGateway1`](#parameter-virtualnetworkgateway1) | object | The primary Virtual Network Gateway. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`authorizationKey`](#parameter-authorizationkey) | securestring | The Authorization Key to connect to an Express Route Circuit. Used for connection type [ExpressRoute]. | +| [`connectionMode`](#parameter-connectionmode) | string | The connection connectionMode for this connection. Available for IPSec connections. | +| [`connectionProtocol`](#parameter-connectionprotocol) | string | Connection connectionProtocol used for this connection. Available for IPSec connections. | +| [`connectionType`](#parameter-connectiontype) | string | Gateway connection connectionType. | +| [`customIPSecPolicy`](#parameter-customipsecpolicy) | object | The IPSec Policies to be considered by this connection. | +| [`dpdTimeoutSeconds`](#parameter-dpdtimeoutseconds) | int | The dead peer detection timeout of this connection in seconds. Setting the timeout to shorter periods will cause IKE to rekey more aggressively, causing the connection to appear to be disconnected in some instances. The general recommendation is to set the timeout between 30 to 45 seconds. | +| [`enableBgp`](#parameter-enablebgp) | bool | Value to specify if BGP is enabled or not. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`enablePrivateLinkFastPath`](#parameter-enableprivatelinkfastpath) | bool | Bypass the ExpressRoute gateway when accessing private-links. ExpressRoute FastPath (expressRouteGatewayBypass) must be enabled. Only available when connection connectionType is Express Route. | +| [`expressRouteGatewayBypass`](#parameter-expressroutegatewaybypass) | bool | Bypass ExpressRoute Gateway for data forwarding. Only available when connection connectionType is Express Route. | +| [`localNetworkGateway2`](#parameter-localnetworkgateway2) | object | The local network gateway. Used for connection type [IPsec]. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the connectionType of lock. | +| [`peer`](#parameter-peer) | object | The remote peer. Used for connection connectionType [ExpressRoute]. | +| [`routingWeight`](#parameter-routingweight) | int | The weight added to routes learned from this BGP speaker. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | +| [`useLocalAzureIpAddress`](#parameter-uselocalazureipaddress) | bool | Use private local Azure IP for the connection. Only available for IPSec Virtual Network Gateways that use the Azure Private IP Property. | +| [`usePolicyBasedTrafficSelectors`](#parameter-usepolicybasedtrafficselectors) | bool | Enable policy-based traffic selectors. | +| [`virtualNetworkGateway2`](#parameter-virtualnetworkgateway2) | object | The remote Virtual Network Gateway. Used for connection connectionType [Vnet2Vnet]. | +| [`vpnSharedKey`](#parameter-vpnsharedkey) | securestring | Specifies a VPN shared key. The same value has to be specified on both Virtual Network Gateways. | + +### Parameter: `authorizationKey` + +The Authorization Key to connect to an Express Route Circuit. Used for connection type [ExpressRoute]. +- Required: No +- Type: securestring +- Default: `''` + +### Parameter: `connectionMode` + +The connection connectionMode for this connection. Available for IPSec connections. +- Required: No +- Type: string +- Default: `'Default'` +- Allowed: `[Default, InitiatorOnly, ResponderOnly]` + +### Parameter: `connectionProtocol` + +Connection connectionProtocol used for this connection. Available for IPSec connections. +- Required: No +- Type: string +- Default: `'IKEv2'` +- Allowed: `[IKEv1, IKEv2]` + +### Parameter: `connectionType` + +Gateway connection connectionType. +- Required: No +- Type: string +- Default: `'IPsec'` +- Allowed: `[ExpressRoute, IPsec, Vnet2Vnet, VPNClient]` + +### Parameter: `customIPSecPolicy` + +The IPSec Policies to be considered by this connection. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `dpdTimeoutSeconds` + +The dead peer detection timeout of this connection in seconds. Setting the timeout to shorter periods will cause IKE to rekey more aggressively, causing the connection to appear to be disconnected in some instances. The general recommendation is to set the timeout between 30 to 45 seconds. +- Required: No +- Type: int +- Default: `45` + +### Parameter: `enableBgp` + +Value to specify if BGP is enabled or not. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `enablePrivateLinkFastPath` + +Bypass the ExpressRoute gateway when accessing private-links. ExpressRoute FastPath (expressRouteGatewayBypass) must be enabled. Only available when connection connectionType is Express Route. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `expressRouteGatewayBypass` + +Bypass ExpressRoute Gateway for data forwarding. Only available when connection connectionType is Express Route. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `localNetworkGateway2` + +The local network gateway. Used for connection type [IPsec]. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the connectionType of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Remote connection name. +- Required: Yes +- Type: string + +### Parameter: `peer` + +The remote peer. Used for connection connectionType [ExpressRoute]. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `routingWeight` + +The weight added to routes learned from this BGP speaker. +- Required: No +- Type: int +- Default: `-1` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `useLocalAzureIpAddress` + +Use private local Azure IP for the connection. Only available for IPSec Virtual Network Gateways that use the Azure Private IP Property. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `usePolicyBasedTrafficSelectors` + +Enable policy-based traffic selectors. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `virtualNetworkGateway1` + +The primary Virtual Network Gateway. +- Required: Yes +- Type: object + +### Parameter: `virtualNetworkGateway2` + +The remote Virtual Network Gateway. Used for connection connectionType [Vnet2Vnet]. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `vpnSharedKey` + +Specifies a VPN shared key. The same value has to be specified on both Virtual Network Gateways. +- Required: No +- Type: securestring +- Default: `''` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the remote connection. | +| `resourceGroupName` | string | The resource group the remote connection was deployed into. | +| `resourceId` | string | The resource ID of the remote connection. | + +## Cross-referenced modules + +_None_ + ## Notes ### Parameter Usage: `localNetworkGateway2` diff --git a/modules/network/connection/main.json b/modules/network/connection/main.json index 1f36ad5004..e72fe07213 100644 --- a/modules/network/connection/main.json +++ b/modules/network/connection/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "16230225022830179202" + "version": "0.22.6.54827", + "templateHash": "4819464445955431710" }, "name": "Virtual Network Gateway Connections", "description": "This module deploys a Virtual Network Gateway Connection.", diff --git a/modules/network/ddos-protection-plan/.test/common/main.test.bicep b/modules/network/ddos-protection-plan/.test/common/main.test.bicep index fa1ddafb22..da05471a15 100644 --- a/modules/network/ddos-protection-plan/.test/common/main.test.bicep +++ b/modules/network/ddos-protection-plan/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/ddos-protection-plan/.test/min/main.test.bicep b/modules/network/ddos-protection-plan/.test/min/main.test.bicep index b961a7b2e4..9f8a66aa32 100644 --- a/modules/network/ddos-protection-plan/.test/min/main.test.bicep +++ b/modules/network/ddos-protection-plan/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/ddos-protection-plan/README.md b/modules/network/ddos-protection-plan/README.md index d41f975e6c..c963258757 100644 --- a/modules/network/ddos-protection-plan/README.md +++ b/modules/network/ddos-protection-plan/README.md @@ -4,13 +4,13 @@ This module deploys a DDoS Protection Plan. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -18,53 +18,29 @@ This module deploys a DDoS Protection Plan. | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Network/ddosProtectionPlans` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/ddosProtectionPlans) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Name of the DDoS protection plan to assign the VNET to. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `tags` | object | `{object}` | | Tags of the resource. | +## Usage examples +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the DDOS protection plan. | -| `resourceGroupName` | string | The resource group the DDOS protection plan was deployed into. | -| `resourceId` | string | The resource ID of the DDOS protection plan. | - -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.ddos-protection-plan:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module ddosProtectionPlan './network/ddos-protection-plan/main.bicep' = { +module ddosProtectionPlan 'br:bicep/modules/network.ddos-protection-plan:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-ndppcom' params: { // Required parameters @@ -138,14 +114,17 @@ module ddosProtectionPlan './network/ddos-protection-plan/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module ddosProtectionPlan './network/ddos-protection-plan/main.bicep' = { +module ddosProtectionPlan 'br:bicep/modules/network.ddos-protection-plan:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-ndppmin' params: { // Required parameters @@ -182,3 +161,78 @@ module ddosProtectionPlan './network/ddos-protection-plan/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Name of the DDoS protection plan to assign the VNET to. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name of the DDoS protection plan to assign the VNET to. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the DDOS protection plan. | +| `resourceGroupName` | string | The resource group the DDOS protection plan was deployed into. | +| `resourceId` | string | The resource ID of the DDOS protection plan. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/ddos-protection-plan/main.json b/modules/network/ddos-protection-plan/main.json index da760e0ac6..f67227f30a 100644 --- a/modules/network/ddos-protection-plan/main.json +++ b/modules/network/ddos-protection-plan/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "4598977816480625428" + "version": "0.22.6.54827", + "templateHash": "10705912154060159414" }, "name": "DDoS Protection Plans", "description": "This module deploys a DDoS Protection Plan.", @@ -131,8 +131,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "3995691276861378568" + "version": "0.22.6.54827", + "templateHash": "17533391111719842656" } }, "parameters": { diff --git a/modules/network/dns-forwarding-ruleset/.test/common/main.test.bicep b/modules/network/dns-forwarding-ruleset/.test/common/main.test.bicep index fb7c7a3a91..74ecb4002b 100644 --- a/modules/network/dns-forwarding-ruleset/.test/common/main.test.bicep +++ b/modules/network/dns-forwarding-ruleset/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/dns-forwarding-ruleset/.test/min/main.test.bicep b/modules/network/dns-forwarding-ruleset/.test/min/main.test.bicep index 43e250ddf4..36dafb5a90 100644 --- a/modules/network/dns-forwarding-ruleset/.test/min/main.test.bicep +++ b/modules/network/dns-forwarding-ruleset/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/dns-forwarding-ruleset/README.md b/modules/network/dns-forwarding-ruleset/README.md index c391b29ada..1e3946a38c 100644 --- a/modules/network/dns-forwarding-ruleset/README.md +++ b/modules/network/dns-forwarding-ruleset/README.md @@ -5,10 +5,10 @@ This template deploys an dns forwarding ruleset. ## Navigation - [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) ## Resource Types @@ -20,56 +20,29 @@ This template deploys an dns forwarding ruleset. | `Microsoft.Network/dnsForwardingRulesets/forwardingRules` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/dnsForwardingRulesets/forwardingRules) | | `Microsoft.Network/dnsForwardingRulesets/virtualNetworkLinks` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/dnsForwardingRulesets/virtualNetworkLinks) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `dnsResolverOutboundEndpointResourceIds` | array | The reference to the DNS resolver outbound endpoints that are used to route DNS queries matching the forwarding rules in the ruleset to the target DNS servers. | -| `name` | string | Name of the DNS Forwarding Ruleset. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `forwardingRules` | array | `[]` | | Array of forwarding rules. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `tags` | object | `{object}` | | Tags of the resource. | -| `vNetLinks` | array | `[]` | | Array of virtual network links. | - +## Usage examples -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the DNS Forwarding Ruleset. | -| `resourceGroupName` | string | The resource group the DNS Forwarding Ruleset was deployed into. | -| `resourceId` | string | The resource ID of the DNS Forwarding Ruleset. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.dns-forwarding-ruleset:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module dnsForwardingRuleset './network/dns-forwarding-ruleset/main.bicep' = { +module dnsForwardingRuleset 'br:bicep/modules/network.dns-forwarding-ruleset:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-ndfrscom' params: { // Required parameters @@ -187,14 +160,17 @@ module dnsForwardingRuleset './network/dns-forwarding-ruleset/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module dnsForwardingRuleset './network/dns-forwarding-ruleset/main.bicep' = { +module dnsForwardingRuleset 'br:bicep/modules/network.dns-forwarding-ruleset:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-ndfrsmin' params: { // Required parameters @@ -239,3 +215,101 @@ module dnsForwardingRuleset './network/dns-forwarding-ruleset/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`dnsResolverOutboundEndpointResourceIds`](#parameter-dnsresolveroutboundendpointresourceids) | array | The reference to the DNS resolver outbound endpoints that are used to route DNS queries matching the forwarding rules in the ruleset to the target DNS servers. | +| [`name`](#parameter-name) | string | Name of the DNS Forwarding Ruleset. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`forwardingRules`](#parameter-forwardingrules) | array | Array of forwarding rules. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | +| [`vNetLinks`](#parameter-vnetlinks) | array | Array of virtual network links. | + +### Parameter: `dnsResolverOutboundEndpointResourceIds` + +The reference to the DNS resolver outbound endpoints that are used to route DNS queries matching the forwarding rules in the ruleset to the target DNS servers. +- Required: Yes +- Type: array + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `forwardingRules` + +Array of forwarding rules. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name of the DNS Forwarding Ruleset. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `vNetLinks` + +Array of virtual network links. +- Required: No +- Type: array +- Default: `[]` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the DNS Forwarding Ruleset. | +| `resourceGroupName` | string | The resource group the DNS Forwarding Ruleset was deployed into. | +| `resourceId` | string | The resource ID of the DNS Forwarding Ruleset. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/dns-forwarding-ruleset/forwarding-rule/README.md b/modules/network/dns-forwarding-ruleset/forwarding-rule/README.md index b99f308ee7..7f9b46b23d 100644 --- a/modules/network/dns-forwarding-ruleset/forwarding-rule/README.md +++ b/modules/network/dns-forwarding-ruleset/forwarding-rule/README.md @@ -8,7 +8,6 @@ This template deploys Forwarding Rule in a Dns Forwarding Ruleset. - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) ## Resource Types @@ -20,31 +19,84 @@ This template deploys Forwarding Rule in a Dns Forwarding Ruleset. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `domainName` | string | The domain name for the forwarding rule. | -| `name` | string | Name of the Forwarding Rule. | -| `targetDnsServers` | array | DNS servers to forward the DNS query to. | +| [`domainName`](#parameter-domainname) | string | The domain name for the forwarding rule. | +| [`name`](#parameter-name) | string | Name of the Forwarding Rule. | +| [`targetDnsServers`](#parameter-targetdnsservers) | array | DNS servers to forward the DNS query to. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `dnsForwardingRulesetName` | string | Name of the parent DNS Forwarding Ruleset. Required if the template is used in a standalone deployment. | +| [`dnsForwardingRulesetName`](#parameter-dnsforwardingrulesetname) | string | Name of the parent DNS Forwarding Ruleset. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `forwardingRuleState` | string | `'Enabled'` | `[Disabled, Enabled]` | The state of forwarding rule. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `metadata` | object | `{object}` | | Metadata attached to the forwarding rule. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`forwardingRuleState`](#parameter-forwardingrulestate) | string | The state of forwarding rule. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`metadata`](#parameter-metadata) | object | Metadata attached to the forwarding rule. | + +### Parameter: `dnsForwardingRulesetName` + +Name of the parent DNS Forwarding Ruleset. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `domainName` + +The domain name for the forwarding rule. +- Required: Yes +- Type: string + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `forwardingRuleState` + +The state of forwarding rule. +- Required: No +- Type: string +- Default: `'Enabled'` +- Allowed: `[Disabled, Enabled]` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `metadata` + +Metadata attached to the forwarding rule. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +Name of the Forwarding Rule. +- Required: Yes +- Type: string + +### Parameter: `targetDnsServers` + +DNS servers to forward the DNS query to. +- Required: Yes +- Type: array ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the Forwarding Rule. | | `resourceGroupName` | string | The resource group the Forwarding Rule was deployed into. | @@ -53,69 +105,3 @@ This template deploys Forwarding Rule in a Dns Forwarding Ruleset. ## Cross-referenced modules _None_ - -## Deployment examples - -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. - - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. - -

Example 1: Common

- -
- -via Bicep module - -```bicep -module dnsForwardingRulesets './Microsoft.Network/dnsForwardingRulesets/deploy.bicep' = { - name: '${uniqueString(deployment().name, location)}-test-ndfrscom' - params: { - // Required parameters - dnsResolverOutboundEndpointId: '' - name: '[[namePrefix]]ndfrscom001' - // Non-required parameters - enableDefaultTelemetry: '' - tags: { - Environment: 'Non-Prod' - Role: 'DeploymentValidation' - } - } -} -``` - -
-

- -

- -via JSON Parameter file - -```json -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - // Required parameters - "dnsResolverOutboundEndpointId": { - "value": "" - }, - "name": { - "value": "[[namePrefix]]ndfrscom001" - }, - // Non-required parameters - "enableDefaultTelemetry": { - "value": "" - }, - "tags": { - "value": { - "Environment": "Non-Prod", - "Role": "DeploymentValidation" - } - } - } -} -``` - -
-

diff --git a/modules/network/dns-forwarding-ruleset/forwarding-rule/main.json b/modules/network/dns-forwarding-ruleset/forwarding-rule/main.json index 4d23c6d66f..398ba866ee 100644 --- a/modules/network/dns-forwarding-ruleset/forwarding-rule/main.json +++ b/modules/network/dns-forwarding-ruleset/forwarding-rule/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "9007779430484184440" + "version": "0.22.6.54827", + "templateHash": "14481617304679147684" }, "name": "Dns Forwarding Rulesets Forwarding Rules", "description": "This template deploys Forwarding Rule in a Dns Forwarding Ruleset.", diff --git a/modules/network/dns-forwarding-ruleset/main.json b/modules/network/dns-forwarding-ruleset/main.json index e1335f72c5..19ee04a44f 100644 --- a/modules/network/dns-forwarding-ruleset/main.json +++ b/modules/network/dns-forwarding-ruleset/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "1553146733132520499" + "version": "0.22.6.54827", + "templateHash": "3259269947258844338" }, "name": "Dns Forwarding Rulesets", "description": "This template deploys an dns forwarding ruleset.", @@ -163,8 +163,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "18119021871235878699" + "version": "0.22.6.54827", + "templateHash": "14481617304679147684" }, "name": "Dns Forwarding Rulesets Forwarding Rules", "description": "This template deploys Forwarding Rule in a Dns Forwarding Ruleset.", @@ -310,8 +310,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "9549351328560052808" + "version": "0.22.6.54827", + "templateHash": "13868433916800604215" }, "name": "Dns Forwarding Rulesets Virtual Network Links", "description": "This template deploys Virtual Network Link in a Dns Forwarding Ruleset.", @@ -441,8 +441,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "5837323048310954906" + "version": "0.22.6.54827", + "templateHash": "8279185746379392662" } }, "parameters": { diff --git a/modules/network/dns-forwarding-ruleset/virtual-network-link/README.md b/modules/network/dns-forwarding-ruleset/virtual-network-link/README.md index 8fa0d6c219..af8b359da9 100644 --- a/modules/network/dns-forwarding-ruleset/virtual-network-link/README.md +++ b/modules/network/dns-forwarding-ruleset/virtual-network-link/README.md @@ -19,28 +19,61 @@ This template deploys Virtual Network Link in a Dns Forwarding Ruleset. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `virtualNetworkResourceId` | string | Link to another virtual network resource ID. | +| [`virtualNetworkResourceId`](#parameter-virtualnetworkresourceid) | string | Link to another virtual network resource ID. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `dnsForwardingRulesetName` | string | The name of the parent DNS Fowarding Rule Set. Required if the template is used in a standalone deployment. | +| [`dnsForwardingRulesetName`](#parameter-dnsforwardingrulesetname) | string | The name of the parent DNS Fowarding Rule Set. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `location` | string | `'global'` | The location of the PrivateDNSZone. Should be global. | -| `name` | string | `[format('{0}-vnetlink', last(split(parameters('virtualNetworkResourceId'), '/')))]` | The name of the virtual network link. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`location`](#parameter-location) | string | The location of the PrivateDNSZone. Should be global. | +| [`name`](#parameter-name) | string | The name of the virtual network link. | + +### Parameter: `dnsForwardingRulesetName` + +The name of the parent DNS Fowarding Rule Set. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `location` + +The location of the PrivateDNSZone. Should be global. +- Required: No +- Type: string +- Default: `'global'` + +### Parameter: `name` + +The name of the virtual network link. +- Required: No +- Type: string +- Default: `[format('{0}-vnetlink', last(split(parameters('virtualNetworkResourceId'), '/')))]` + +### Parameter: `virtualNetworkResourceId` + +Link to another virtual network resource ID. +- Required: Yes +- Type: string ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed virtual network link. | | `resourceGroupName` | string | The resource group of the deployed virtual network link. | diff --git a/modules/network/dns-forwarding-ruleset/virtual-network-link/main.json b/modules/network/dns-forwarding-ruleset/virtual-network-link/main.json index f41aa5933d..ac505b8cef 100644 --- a/modules/network/dns-forwarding-ruleset/virtual-network-link/main.json +++ b/modules/network/dns-forwarding-ruleset/virtual-network-link/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "13969101007511584177" + "version": "0.22.6.54827", + "templateHash": "13868433916800604215" }, "name": "Dns Forwarding Rulesets Virtual Network Links", "description": "This template deploys Virtual Network Link in a Dns Forwarding Ruleset.", diff --git a/modules/network/dns-resolver/.test/common/main.test.bicep b/modules/network/dns-resolver/.test/common/main.test.bicep index 87c839c618..77aa7c02cc 100644 --- a/modules/network/dns-resolver/.test/common/main.test.bicep +++ b/modules/network/dns-resolver/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/dns-resolver/README.md b/modules/network/dns-resolver/README.md index cc337017bd..9449b67548 100644 --- a/modules/network/dns-resolver/README.md +++ b/modules/network/dns-resolver/README.md @@ -5,10 +5,10 @@ This module deploys a DNS Resolver. ## Navigation - [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) ## Resource Types @@ -20,56 +20,28 @@ This module deploys a DNS Resolver. | `Microsoft.Network/dnsResolvers/inboundEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/dnsResolvers/inboundEndpoints) | | `Microsoft.Network/dnsResolvers/outboundEndpoints` | [2022-07-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-07-01/dnsResolvers/outboundEndpoints) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Name of the Private DNS Resolver. | -| `virtualNetworkId` | string | ResourceId of the virtual network to attach the Private DNS Resolver to. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `inboundEndpoints` | array | `[]` | | Inbound Endpoints for Private DNS Resolver. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `outboundEndpoints` | array | `[]` | | Outbound Endpoints for Private DNS Resolver. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `tags` | object | `{object}` | | Tags of the resource. | +## Usage examples +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the Private DNS Resolver. | -| `resourceGroupName` | string | The resource group the Private DNS Resolver was deployed into. | -| `resourceId` | string | The resource ID of the Private DNS Resolver. | - -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.dns-resolver:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module dnsResolver './network/dns-resolver/main.bicep' = { +module dnsResolver 'br:bicep/modules/network.dns-resolver:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-ndrcom' params: { // Required parameters @@ -150,3 +122,101 @@ module dnsResolver './network/dns-resolver/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Name of the Private DNS Resolver. | +| [`virtualNetworkId`](#parameter-virtualnetworkid) | string | ResourceId of the virtual network to attach the Private DNS Resolver to. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`inboundEndpoints`](#parameter-inboundendpoints) | array | Inbound Endpoints for Private DNS Resolver. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`outboundEndpoints`](#parameter-outboundendpoints) | array | Outbound Endpoints for Private DNS Resolver. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `inboundEndpoints` + +Inbound Endpoints for Private DNS Resolver. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name of the Private DNS Resolver. +- Required: Yes +- Type: string + +### Parameter: `outboundEndpoints` + +Outbound Endpoints for Private DNS Resolver. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `virtualNetworkId` + +ResourceId of the virtual network to attach the Private DNS Resolver to. +- Required: Yes +- Type: string + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the Private DNS Resolver. | +| `resourceGroupName` | string | The resource group the Private DNS Resolver was deployed into. | +| `resourceId` | string | The resource ID of the Private DNS Resolver. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/dns-resolver/main.json b/modules/network/dns-resolver/main.json index 0ec0f996bf..f4fde16620 100644 --- a/modules/network/dns-resolver/main.json +++ b/modules/network/dns-resolver/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "3727820015033589972" + "version": "0.22.6.54827", + "templateHash": "317150262818676597" }, "name": "DNS Resolvers", "description": "This module deploys a DNS Resolver.", @@ -197,8 +197,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "8749643017224763236" + "version": "0.22.6.54827", + "templateHash": "14781577945075842659" } }, "parameters": { diff --git a/modules/network/dns-zone/.test/common/main.test.bicep b/modules/network/dns-zone/.test/common/main.test.bicep index 7fec103202..9494d9f363 100644 --- a/modules/network/dns-zone/.test/common/main.test.bicep +++ b/modules/network/dns-zone/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/dns-zone/.test/min/main.test.bicep b/modules/network/dns-zone/.test/min/main.test.bicep index 096c2d1315..f1ac6ecea8 100644 --- a/modules/network/dns-zone/.test/min/main.test.bicep +++ b/modules/network/dns-zone/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/dns-zone/README.md b/modules/network/dns-zone/README.md index 4e03141daa..3f712420fc 100644 --- a/modules/network/dns-zone/README.md +++ b/modules/network/dns-zone/README.md @@ -4,13 +4,13 @@ This module deploys a Public DNS zone. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -28,63 +28,29 @@ This module deploys a Public DNS zone. | `Microsoft.Network/dnsZones/SRV` | [2018-05-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2018-05-01/dnsZones/SRV) | | `Microsoft.Network/dnsZones/TXT` | [2018-05-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2018-05-01/dnsZones/TXT) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | DNS zone name. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `a` | _[a](a/README.md)_ array | `[]` | | Array of A records. | -| `aaaa` | _[aaaa](aaaa/README.md)_ array | `[]` | | Array of AAAA records. | -| `caa` | _[caa](caa/README.md)_ array | `[]` | | Array of CAA records. | -| `cname` | _[cname](cname/README.md)_ array | `[]` | | Array of CNAME records. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `location` | string | `'global'` | | The location of the dnsZone. Should be global. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `mx` | _[mx](mx/README.md)_ array | `[]` | | Array of MX records. | -| `ns` | _[ns](ns/README.md)_ array | `[]` | | Array of NS records. | -| `ptr` | _[ptr](ptr/README.md)_ array | `[]` | | Array of PTR records. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `soa` | _[soa](soa/README.md)_ array | `[]` | | Array of SOA records. | -| `srv` | _[srv](srv/README.md)_ array | `[]` | | Array of SRV records. | -| `tags` | object | `{object}` | | Tags of the resource. | -| `txt` | _[txt](txt/README.md)_ array | `[]` | | Array of TXT records. | - - -## Outputs +## Usage examples -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the DNS zone. | -| `resourceGroupName` | string | The resource group the DNS zone was deployed into. | -| `resourceId` | string | The resource ID of the DNS zone. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.dns-zone:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module dnsZone './network/dns-zone/main.bicep' = { +module dnsZone 'br:bicep/modules/network.dns-zone:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-ndzcom' params: { // Required parameters @@ -500,14 +466,17 @@ module dnsZone './network/dns-zone/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module dnsZone './network/dns-zone/main.bicep' = { +module dnsZone 'br:bicep/modules/network.dns-zone:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-ndzmin' params: { // Required parameters @@ -544,3 +513,158 @@ module dnsZone './network/dns-zone/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | DNS zone name. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`a`](#parameter-a) | array | Array of A records. | +| [`aaaa`](#parameter-aaaa) | array | Array of AAAA records. | +| [`caa`](#parameter-caa) | array | Array of CAA records. | +| [`cname`](#parameter-cname) | array | Array of CNAME records. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`location`](#parameter-location) | string | The location of the dnsZone. Should be global. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`mx`](#parameter-mx) | array | Array of MX records. | +| [`ns`](#parameter-ns) | array | Array of NS records. | +| [`ptr`](#parameter-ptr) | array | Array of PTR records. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`soa`](#parameter-soa) | array | Array of SOA records. | +| [`srv`](#parameter-srv) | array | Array of SRV records. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | +| [`txt`](#parameter-txt) | array | Array of TXT records. | + +### Parameter: `a` + +Array of A records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `aaaa` + +Array of AAAA records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `caa` + +Array of CAA records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `cname` + +Array of CNAME records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `location` + +The location of the dnsZone. Should be global. +- Required: No +- Type: string +- Default: `'global'` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `mx` + +Array of MX records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `name` + +DNS zone name. +- Required: Yes +- Type: string + +### Parameter: `ns` + +Array of NS records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ptr` + +Array of PTR records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `soa` + +Array of SOA records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `srv` + +Array of SRV records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `txt` + +Array of TXT records. +- Required: No +- Type: array +- Default: `[]` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the DNS zone. | +| `resourceGroupName` | string | The resource group the DNS zone was deployed into. | +| `resourceId` | string | The resource ID of the DNS zone. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/dns-zone/a/README.md b/modules/network/dns-zone/a/README.md index 243741caa9..0929f596ca 100644 --- a/modules/network/dns-zone/a/README.md +++ b/modules/network/dns-zone/a/README.md @@ -20,31 +20,85 @@ This module deploys a Public DNS Zone A record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the A record. | +| [`name`](#parameter-name) | string | The name of the A record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `dnsZoneName` | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | +| [`dnsZoneName`](#parameter-dnszonename) | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `aRecords` | array | `[]` | The list of A records in the record set. Cannot be used in conjuction with the "targetResource" property. | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `targetResourceId` | string | `''` | A reference to an azure resource from where the dns resource value is taken. Also known as an alias record sets and are only supported for record types A, AAAA and CNAME. A resource ID can be an Azure Traffic Manager, Azure CDN, Front Door, Static Web App, or a resource ID of a record set of the same type in the DNS zone (i.e. A, AAAA or CNAME). Cannot be used in conjuction with the "aRecords" property. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`aRecords`](#parameter-arecords) | array | The list of A records in the record set. Cannot be used in conjuction with the "targetResource" property. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`targetResourceId`](#parameter-targetresourceid) | string | A reference to an azure resource from where the dns resource value is taken. Also known as an alias record sets and are only supported for record types A, AAAA and CNAME. A resource ID can be an Azure Traffic Manager, Azure CDN, Front Door, Static Web App, or a resource ID of a record set of the same type in the DNS zone (i.e. A, AAAA or CNAME). Cannot be used in conjuction with the "aRecords" property. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `aRecords` + +The list of A records in the record set. Cannot be used in conjuction with the "targetResource" property. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `dnsZoneName` + +The name of the parent DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the A record. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `targetResourceId` + +A reference to an azure resource from where the dns resource value is taken. Also known as an alias record sets and are only supported for record types A, AAAA and CNAME. A resource ID can be an Azure Traffic Manager, Azure CDN, Front Door, Static Web App, or a resource ID of a record set of the same type in the DNS zone (i.e. A, AAAA or CNAME). Cannot be used in conjuction with the "aRecords" property. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed A record. | | `resourceGroupName` | string | The resource group of the deployed A record. | diff --git a/modules/network/dns-zone/a/main.json b/modules/network/dns-zone/a/main.json index 003161d55c..9aeb4218f1 100644 --- a/modules/network/dns-zone/a/main.json +++ b/modules/network/dns-zone/a/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "5170145363622927115" + "version": "0.22.6.54827", + "templateHash": "6542208080967583866" }, "name": "Public DNS Zone A record", "description": "This module deploys a Public DNS Zone A record.", @@ -127,8 +127,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "3558751375290910792" + "version": "0.22.6.54827", + "templateHash": "12863297534613170503" } }, "parameters": { diff --git a/modules/network/dns-zone/aaaa/README.md b/modules/network/dns-zone/aaaa/README.md index 3ced8d13c1..c4e820ffe6 100644 --- a/modules/network/dns-zone/aaaa/README.md +++ b/modules/network/dns-zone/aaaa/README.md @@ -20,31 +20,85 @@ This module deploys a Public DNS Zone AAAA record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the AAAA record. | +| [`name`](#parameter-name) | string | The name of the AAAA record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `dnsZoneName` | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | +| [`dnsZoneName`](#parameter-dnszonename) | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `aaaaRecords` | array | `[]` | The list of AAAA records in the record set. Cannot be used in conjuction with the "targetResource" property. | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `targetResourceId` | string | `''` | A reference to an azure resource from where the dns resource value is taken. Also known as an alias record sets and are only supported for record types A, AAAA and CNAME. A resource ID can be an Azure Traffic Manager, Azure CDN, Front Door, Static Web App, or a resource ID of a record set of the same type in the DNS zone (i.e. A, AAAA or CNAME). Cannot be used in conjuction with the "aRecords" property. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`aaaaRecords`](#parameter-aaaarecords) | array | The list of AAAA records in the record set. Cannot be used in conjuction with the "targetResource" property. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`targetResourceId`](#parameter-targetresourceid) | string | A reference to an azure resource from where the dns resource value is taken. Also known as an alias record sets and are only supported for record types A, AAAA and CNAME. A resource ID can be an Azure Traffic Manager, Azure CDN, Front Door, Static Web App, or a resource ID of a record set of the same type in the DNS zone (i.e. A, AAAA or CNAME). Cannot be used in conjuction with the "aRecords" property. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `aaaaRecords` + +The list of AAAA records in the record set. Cannot be used in conjuction with the "targetResource" property. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `dnsZoneName` + +The name of the parent DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the AAAA record. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `targetResourceId` + +A reference to an azure resource from where the dns resource value is taken. Also known as an alias record sets and are only supported for record types A, AAAA and CNAME. A resource ID can be an Azure Traffic Manager, Azure CDN, Front Door, Static Web App, or a resource ID of a record set of the same type in the DNS zone (i.e. A, AAAA or CNAME). Cannot be used in conjuction with the "aRecords" property. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed AAAA record. | | `resourceGroupName` | string | The resource group of the deployed AAAA record. | diff --git a/modules/network/dns-zone/aaaa/main.json b/modules/network/dns-zone/aaaa/main.json index 9bcf93a5ff..1a9f64999a 100644 --- a/modules/network/dns-zone/aaaa/main.json +++ b/modules/network/dns-zone/aaaa/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "14783067103445567469" + "version": "0.22.6.54827", + "templateHash": "3710520452642205212" }, "name": "Public DNS Zone AAAA record", "description": "This module deploys a Public DNS Zone AAAA record.", @@ -127,8 +127,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "10619447653791643982" + "version": "0.22.6.54827", + "templateHash": "8289108097363297951" } }, "parameters": { diff --git a/modules/network/dns-zone/caa/README.md b/modules/network/dns-zone/caa/README.md index 790b850ff9..9bfa2bb020 100644 --- a/modules/network/dns-zone/caa/README.md +++ b/modules/network/dns-zone/caa/README.md @@ -20,30 +20,77 @@ This module deploys a Public DNS Zone CAA record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the CAA record. | +| [`name`](#parameter-name) | string | The name of the CAA record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `dnsZoneName` | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | +| [`dnsZoneName`](#parameter-dnszonename) | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `caaRecords` | array | `[]` | The list of CAA records in the record set. | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`caaRecords`](#parameter-caarecords) | array | The list of CAA records in the record set. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `caaRecords` + +The list of CAA records in the record set. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `dnsZoneName` + +The name of the parent DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the CAA record. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed CAA record. | | `resourceGroupName` | string | The resource group of the deployed CAA record. | diff --git a/modules/network/dns-zone/caa/main.json b/modules/network/dns-zone/caa/main.json index 01174cacf6..c0b6623111 100644 --- a/modules/network/dns-zone/caa/main.json +++ b/modules/network/dns-zone/caa/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "4477853461523597510" + "version": "0.22.6.54827", + "templateHash": "139457689749453308" }, "name": "Public DNS Zone CAA record", "description": "This module deploys a Public DNS Zone CAA record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "17740559314627874296" + "version": "0.22.6.54827", + "templateHash": "9470565833545804306" } }, "parameters": { diff --git a/modules/network/dns-zone/cname/README.md b/modules/network/dns-zone/cname/README.md index 761f346b01..d58c077c0d 100644 --- a/modules/network/dns-zone/cname/README.md +++ b/modules/network/dns-zone/cname/README.md @@ -20,31 +20,85 @@ This module deploys a Public DNS Zone CNAME record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the CNAME record. | +| [`name`](#parameter-name) | string | The name of the CNAME record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `dnsZoneName` | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | +| [`dnsZoneName`](#parameter-dnszonename) | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `cnameRecord` | object | `{object}` | A CNAME record. Cannot be used in conjuction with the "targetResource" property. | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `targetResourceId` | string | `''` | A reference to an azure resource from where the dns resource value is taken. Also known as an alias record sets and are only supported for record types A, AAAA and CNAME. A resource ID can be an Azure Traffic Manager, Azure CDN, Front Door, Static Web App, or a resource ID of a record set of the same type in the DNS zone (i.e. A, AAAA or CNAME). Cannot be used in conjuction with the "aRecords" property. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`cnameRecord`](#parameter-cnamerecord) | object | A CNAME record. Cannot be used in conjuction with the "targetResource" property. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`targetResourceId`](#parameter-targetresourceid) | string | A reference to an azure resource from where the dns resource value is taken. Also known as an alias record sets and are only supported for record types A, AAAA and CNAME. A resource ID can be an Azure Traffic Manager, Azure CDN, Front Door, Static Web App, or a resource ID of a record set of the same type in the DNS zone (i.e. A, AAAA or CNAME). Cannot be used in conjuction with the "aRecords" property. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `cnameRecord` + +A CNAME record. Cannot be used in conjuction with the "targetResource" property. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `dnsZoneName` + +The name of the parent DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the CNAME record. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `targetResourceId` + +A reference to an azure resource from where the dns resource value is taken. Also known as an alias record sets and are only supported for record types A, AAAA and CNAME. A resource ID can be an Azure Traffic Manager, Azure CDN, Front Door, Static Web App, or a resource ID of a record set of the same type in the DNS zone (i.e. A, AAAA or CNAME). Cannot be used in conjuction with the "aRecords" property. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed CNAME record. | | `resourceGroupName` | string | The resource group of the deployed CNAME record. | diff --git a/modules/network/dns-zone/cname/main.json b/modules/network/dns-zone/cname/main.json index 4f413117dd..78d4dd61c0 100644 --- a/modules/network/dns-zone/cname/main.json +++ b/modules/network/dns-zone/cname/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "16690614046545500600" + "version": "0.22.6.54827", + "templateHash": "9638487977820751575" }, "name": "Public DNS Zone CNAME record", "description": "This module deploys a Public DNS Zone CNAME record.", @@ -127,8 +127,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "1579300133069941204" + "version": "0.22.6.54827", + "templateHash": "9902709125102553327" } }, "parameters": { diff --git a/modules/network/dns-zone/main.json b/modules/network/dns-zone/main.json index 2cd166e951..2050ccbfa3 100644 --- a/modules/network/dns-zone/main.json +++ b/modules/network/dns-zone/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "6851549629737338757" + "version": "0.22.6.54827", + "templateHash": "9774189040753970370" }, "name": "Public DNS Zones", "description": "This module deploys a Public DNS zone.", @@ -208,8 +208,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "68732993276774389" + "version": "0.22.6.54827", + "templateHash": "6542208080967583866" }, "name": "Public DNS Zone A record", "description": "This module deploys a Public DNS Zone A record.", @@ -331,8 +331,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "5391899014295336127" + "version": "0.22.6.54827", + "templateHash": "12863297534613170503" } }, "parameters": { @@ -539,8 +539,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "1399420754199725079" + "version": "0.22.6.54827", + "templateHash": "3710520452642205212" }, "name": "Public DNS Zone AAAA record", "description": "This module deploys a Public DNS Zone AAAA record.", @@ -662,8 +662,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "11088059014224151171" + "version": "0.22.6.54827", + "templateHash": "8289108097363297951" } }, "parameters": { @@ -870,8 +870,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "1081451111818125712" + "version": "0.22.6.54827", + "templateHash": "9638487977820751575" }, "name": "Public DNS Zone CNAME record", "description": "This module deploys a Public DNS Zone CNAME record.", @@ -993,8 +993,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "8600790202870820366" + "version": "0.22.6.54827", + "templateHash": "9902709125102553327" } }, "parameters": { @@ -1200,8 +1200,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "5673527444453988582" + "version": "0.22.6.54827", + "templateHash": "139457689749453308" }, "name": "Public DNS Zone CAA record", "description": "This module deploys a Public DNS Zone CAA record.", @@ -1315,8 +1315,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "15901517837296662514" + "version": "0.22.6.54827", + "templateHash": "9470565833545804306" } }, "parameters": { @@ -1522,8 +1522,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "12122627275966612771" + "version": "0.22.6.54827", + "templateHash": "17935109453553054168" }, "name": "Public DNS Zone MX record", "description": "This module deploys a Public DNS Zone MX record.", @@ -1637,8 +1637,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "12990053881217536027" + "version": "0.22.6.54827", + "templateHash": "3617371994879925017" } }, "parameters": { @@ -1844,8 +1844,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "1252842746264260293" + "version": "0.22.6.54827", + "templateHash": "5114862259619051357" }, "name": "Public DNS Zone NS record", "description": "This module deploys a Public DNS Zone NS record.", @@ -1959,8 +1959,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "4203054026416577590" + "version": "0.22.6.54827", + "templateHash": "14367633254025428198" } }, "parameters": { @@ -2166,8 +2166,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "8254188493299686045" + "version": "0.22.6.54827", + "templateHash": "10998530599333888745" }, "name": "Public DNS Zone PTR record", "description": "This module deploys a Public DNS Zone PTR record.", @@ -2281,8 +2281,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "3382234855470984930" + "version": "0.22.6.54827", + "templateHash": "17983831737512612600" } }, "parameters": { @@ -2488,8 +2488,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "9958980921150733070" + "version": "0.22.6.54827", + "templateHash": "10118634861239112279" }, "name": "Public DNS Zone SOA record", "description": "This module deploys a Public DNS Zone SOA record.", @@ -2603,8 +2603,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "10962387383395206364" + "version": "0.22.6.54827", + "templateHash": "7383644209973085042" } }, "parameters": { @@ -2810,8 +2810,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "11054274383314435498" + "version": "0.22.6.54827", + "templateHash": "17870818057963659035" }, "name": "Public DNS Zone SRV record", "description": "This module deploys a Public DNS Zone SRV record.", @@ -2925,8 +2925,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "17186909847958573798" + "version": "0.22.6.54827", + "templateHash": "1743157605226588693" } }, "parameters": { @@ -3132,8 +3132,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "4896316740645265762" + "version": "0.22.6.54827", + "templateHash": "13941492299186927650" }, "name": "Public DNS Zone TXT record", "description": "This module deploys a Public DNS Zone TXT record.", @@ -3247,8 +3247,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "2655826582817627242" + "version": "0.22.6.54827", + "templateHash": "7288997439030042721" } }, "parameters": { @@ -3454,8 +3454,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "14647311365948094297" + "version": "0.22.6.54827", + "templateHash": "10745925950629635011" } }, "parameters": { diff --git a/modules/network/dns-zone/mx/README.md b/modules/network/dns-zone/mx/README.md index e6b6a99d5a..2404e76d3a 100644 --- a/modules/network/dns-zone/mx/README.md +++ b/modules/network/dns-zone/mx/README.md @@ -20,30 +20,77 @@ This module deploys a Public DNS Zone MX record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the MX record. | +| [`name`](#parameter-name) | string | The name of the MX record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `dnsZoneName` | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | +| [`dnsZoneName`](#parameter-dnszonename) | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `mxRecords` | array | `[]` | The list of MX records in the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`mxRecords`](#parameter-mxrecords) | array | The list of MX records in the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `dnsZoneName` + +The name of the parent DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `mxRecords` + +The list of MX records in the record set. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `name` + +The name of the MX record. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed MX record. | | `resourceGroupName` | string | The resource group of the deployed MX record. | diff --git a/modules/network/dns-zone/mx/main.json b/modules/network/dns-zone/mx/main.json index 8b13e14708..1c740cd6dc 100644 --- a/modules/network/dns-zone/mx/main.json +++ b/modules/network/dns-zone/mx/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "14301321817801341159" + "version": "0.22.6.54827", + "templateHash": "17935109453553054168" }, "name": "Public DNS Zone MX record", "description": "This module deploys a Public DNS Zone MX record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "9536077061979113211" + "version": "0.22.6.54827", + "templateHash": "3617371994879925017" } }, "parameters": { diff --git a/modules/network/dns-zone/ns/README.md b/modules/network/dns-zone/ns/README.md index 411d63a495..f95a252125 100644 --- a/modules/network/dns-zone/ns/README.md +++ b/modules/network/dns-zone/ns/README.md @@ -20,30 +20,77 @@ This module deploys a Public DNS Zone NS record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the NS record. | +| [`name`](#parameter-name) | string | The name of the NS record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `dnsZoneName` | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | +| [`dnsZoneName`](#parameter-dnszonename) | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `nsRecords` | array | `[]` | The list of NS records in the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`nsRecords`](#parameter-nsrecords) | array | The list of NS records in the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `dnsZoneName` + +The name of the parent DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the NS record. +- Required: Yes +- Type: string + +### Parameter: `nsRecords` + +The list of NS records in the record set. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed NS record. | | `resourceGroupName` | string | The resource group of the deployed NS record. | diff --git a/modules/network/dns-zone/ns/main.json b/modules/network/dns-zone/ns/main.json index 39cbd138f6..0324b74495 100644 --- a/modules/network/dns-zone/ns/main.json +++ b/modules/network/dns-zone/ns/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "13879924638868874443" + "version": "0.22.6.54827", + "templateHash": "5114862259619051357" }, "name": "Public DNS Zone NS record", "description": "This module deploys a Public DNS Zone NS record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "2717382131813837654" + "version": "0.22.6.54827", + "templateHash": "14367633254025428198" } }, "parameters": { diff --git a/modules/network/dns-zone/ptr/README.md b/modules/network/dns-zone/ptr/README.md index caf2ea722a..04db682bb4 100644 --- a/modules/network/dns-zone/ptr/README.md +++ b/modules/network/dns-zone/ptr/README.md @@ -20,30 +20,77 @@ This module deploys a Public DNS Zone PTR record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the PTR record. | +| [`name`](#parameter-name) | string | The name of the PTR record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `dnsZoneName` | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | +| [`dnsZoneName`](#parameter-dnszonename) | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `ptrRecords` | array | `[]` | The list of PTR records in the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`ptrRecords`](#parameter-ptrrecords) | array | The list of PTR records in the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `dnsZoneName` + +The name of the parent DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the PTR record. +- Required: Yes +- Type: string + +### Parameter: `ptrRecords` + +The list of PTR records in the record set. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed PTR record. | | `resourceGroupName` | string | The resource group of the deployed PTR record. | diff --git a/modules/network/dns-zone/ptr/main.json b/modules/network/dns-zone/ptr/main.json index 8e886f5e90..d596d246fc 100644 --- a/modules/network/dns-zone/ptr/main.json +++ b/modules/network/dns-zone/ptr/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "14950916556855362521" + "version": "0.22.6.54827", + "templateHash": "10998530599333888745" }, "name": "Public DNS Zone PTR record", "description": "This module deploys a Public DNS Zone PTR record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "14048540340305231771" + "version": "0.22.6.54827", + "templateHash": "17983831737512612600" } }, "parameters": { diff --git a/modules/network/dns-zone/soa/README.md b/modules/network/dns-zone/soa/README.md index 83c0fa4654..ec6efc70ec 100644 --- a/modules/network/dns-zone/soa/README.md +++ b/modules/network/dns-zone/soa/README.md @@ -20,30 +20,77 @@ This module deploys a Public DNS Zone SOA record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the SOA record. | +| [`name`](#parameter-name) | string | The name of the SOA record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `dnsZoneName` | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | +| [`dnsZoneName`](#parameter-dnszonename) | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `soaRecord` | object | `{object}` | A SOA record. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`soaRecord`](#parameter-soarecord) | object | A SOA record. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `dnsZoneName` + +The name of the parent DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the SOA record. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `soaRecord` + +A SOA record. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed SOA record. | | `resourceGroupName` | string | The resource group of the deployed SOA record. | diff --git a/modules/network/dns-zone/soa/main.json b/modules/network/dns-zone/soa/main.json index 69744041ff..17ba5d7803 100644 --- a/modules/network/dns-zone/soa/main.json +++ b/modules/network/dns-zone/soa/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "15092776661272728734" + "version": "0.22.6.54827", + "templateHash": "10118634861239112279" }, "name": "Public DNS Zone SOA record", "description": "This module deploys a Public DNS Zone SOA record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "17247816691852004236" + "version": "0.22.6.54827", + "templateHash": "7383644209973085042" } }, "parameters": { diff --git a/modules/network/dns-zone/srv/README.md b/modules/network/dns-zone/srv/README.md index fb1f8c35f6..8947cd2a5f 100644 --- a/modules/network/dns-zone/srv/README.md +++ b/modules/network/dns-zone/srv/README.md @@ -20,30 +20,77 @@ This module deploys a Public DNS Zone SRV record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the SRV record. | +| [`name`](#parameter-name) | string | The name of the SRV record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `dnsZoneName` | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | +| [`dnsZoneName`](#parameter-dnszonename) | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `srvRecords` | array | `[]` | The list of SRV records in the record set. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`srvRecords`](#parameter-srvrecords) | array | The list of SRV records in the record set. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `dnsZoneName` + +The name of the parent DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the SRV record. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `srvRecords` + +The list of SRV records in the record set. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed SRV record. | | `resourceGroupName` | string | The resource group of the deployed SRV record. | diff --git a/modules/network/dns-zone/srv/main.json b/modules/network/dns-zone/srv/main.json index 6e3933b6ad..d0c3e30324 100644 --- a/modules/network/dns-zone/srv/main.json +++ b/modules/network/dns-zone/srv/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "2772370204362718864" + "version": "0.22.6.54827", + "templateHash": "17870818057963659035" }, "name": "Public DNS Zone SRV record", "description": "This module deploys a Public DNS Zone SRV record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "13880457002928639304" + "version": "0.22.6.54827", + "templateHash": "1743157605226588693" } }, "parameters": { diff --git a/modules/network/dns-zone/txt/README.md b/modules/network/dns-zone/txt/README.md index 9db5f6f73e..54111ce95e 100644 --- a/modules/network/dns-zone/txt/README.md +++ b/modules/network/dns-zone/txt/README.md @@ -20,30 +20,77 @@ This module deploys a Public DNS Zone TXT record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the TXT record. | +| [`name`](#parameter-name) | string | The name of the TXT record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `dnsZoneName` | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | +| [`dnsZoneName`](#parameter-dnszonename) | string | The name of the parent DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | -| `txtRecords` | array | `[]` | The list of TXT records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | +| [`txtRecords`](#parameter-txtrecords) | array | The list of TXT records in the record set. | + +### Parameter: `dnsZoneName` + +The name of the parent DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the TXT record. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` + +### Parameter: `txtRecords` + +The list of TXT records in the record set. +- Required: No +- Type: array +- Default: `[]` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed TXT record. | | `resourceGroupName` | string | The resource group of the deployed TXT record. | diff --git a/modules/network/dns-zone/txt/main.json b/modules/network/dns-zone/txt/main.json index 3cc94f1b0e..d6a56e6411 100644 --- a/modules/network/dns-zone/txt/main.json +++ b/modules/network/dns-zone/txt/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "16370550186541929198" + "version": "0.22.6.54827", + "templateHash": "13941492299186927650" }, "name": "Public DNS Zone TXT record", "description": "This module deploys a Public DNS Zone TXT record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "17843024796725206765" + "version": "0.22.6.54827", + "templateHash": "7288997439030042721" } }, "parameters": { diff --git a/modules/network/express-route-circuit/.test/common/main.test.bicep b/modules/network/express-route-circuit/.test/common/main.test.bicep index 054fed2490..c53e938738 100644 --- a/modules/network/express-route-circuit/.test/common/main.test.bicep +++ b/modules/network/express-route-circuit/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/express-route-circuit/.test/min/main.test.bicep b/modules/network/express-route-circuit/.test/min/main.test.bicep index 10ba226791..67c484ddc6 100644 --- a/modules/network/express-route-circuit/.test/min/main.test.bicep +++ b/modules/network/express-route-circuit/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/express-route-circuit/README.md b/modules/network/express-route-circuit/README.md index 679f0b7aa6..28fc5376f4 100644 --- a/modules/network/express-route-circuit/README.md +++ b/modules/network/express-route-circuit/README.md @@ -4,13 +4,13 @@ This module deploys an Express Route Circuit. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -19,77 +19,29 @@ This module deploys an Express Route Circuit. | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) | | `Microsoft.Network/expressRouteCircuits` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/expressRouteCircuits) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `bandwidthInMbps` | int | This is the bandwidth in Mbps of the circuit being created. It must exactly match one of the available bandwidth offers List ExpressRoute Service Providers API call. | -| `name` | string | This is the name of the ExpressRoute circuit. | -| `peeringLocation` | string | This is the name of the peering location and not the ARM resource location. It must exactly match one of the available peering locations from List ExpressRoute Service Providers API call. | -| `serviceProviderName` | string | This is the name of the ExpressRoute Service Provider. It must exactly match one of the Service Providers from List ExpressRoute Service Providers API call. | - -**Optional parameters** +## Usage examples -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `allowClassicOperations` | bool | `False` | | Allow classic operations. You can connect to virtual networks in the classic deployment model by setting allowClassicOperations to true. | -| `bandwidthInGbps` | int | `0` | | The bandwidth of the circuit when the circuit is provisioned on an ExpressRoutePort resource. Available when configuring Express Route Direct. Default value of 0 will set the property to null. | -| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | -| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, PeeringRouteLog]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | -| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | -| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | -| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `expressRoutePortResourceId` | string | `''` | | The reference to the ExpressRoutePort resource when the circuit is provisioned on an ExpressRoutePort resource. Available when configuring Express Route Direct. | -| `globalReachEnabled` | bool | `False` | | Flag denoting global reach status. To enable ExpressRoute Global Reach between different geopolitical regions, your circuits must be Premium SKU. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `peerASN` | int | `0` | | The autonomous system number of the customer/connectivity provider. | -| `peering` | bool | `False` | | Enabled BGP peering type for the Circuit. | -| `peeringType` | string | `'AzurePrivatePeering'` | `[AzurePrivatePeering, MicrosoftPeering]` | BGP peering type for the Circuit. Choose from AzurePrivatePeering, AzurePublicPeering or MicrosoftPeering. | -| `primaryPeerAddressPrefix` | string | `''` | | A /30 subnet used to configure IP addresses for interfaces on Link1. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `secondaryPeerAddressPrefix` | string | `''` | | A /30 subnet used to configure IP addresses for interfaces on Link2. | -| `sharedKey` | string | `''` | | The shared key for peering configuration. Router does MD5 hash comparison to validate the packets sent by BGP connection. This parameter is optional and can be removed from peering configuration if not required. | -| `skuFamily` | string | `'MeteredData'` | `[MeteredData, UnlimitedData]` | Chosen SKU family of ExpressRoute circuit. Choose from MeteredData or UnlimitedData SKU families. | -| `skuTier` | string | `'Standard'` | `[Local, Premium, Standard]` | Chosen SKU Tier of ExpressRoute circuit. Choose from Local, Premium or Standard SKU tiers. | -| `tags` | object | `{object}` | | Tags of the resource. | -| `vlanId` | int | `0` | | Specifies the identifier that is used to identify the customer. | - - -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of express route curcuit. | -| `resourceGroupName` | string | The resource group the express route curcuit was deployed into. | -| `resourceId` | string | The resource ID of express route curcuit. | -| `serviceKey` | string | The service key of the express route circuit. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.express-route-circuit:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module expressRouteCircuit './network/express-route-circuit/main.bicep' = { +module expressRouteCircuit 'br:bicep/modules/network.express-route-circuit:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nerccom' params: { // Required parameters @@ -203,14 +155,17 @@ module expressRouteCircuit './network/express-route-circuit/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module expressRouteCircuit './network/express-route-circuit/main.bicep' = { +module expressRouteCircuit 'br:bicep/modules/network.express-route-circuit:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nercmin' params: { // Required parameters @@ -259,3 +214,265 @@ module expressRouteCircuit './network/express-route-circuit/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`bandwidthInMbps`](#parameter-bandwidthinmbps) | int | This is the bandwidth in Mbps of the circuit being created. It must exactly match one of the available bandwidth offers List ExpressRoute Service Providers API call. | +| [`name`](#parameter-name) | string | This is the name of the ExpressRoute circuit. | +| [`peeringLocation`](#parameter-peeringlocation) | string | This is the name of the peering location and not the ARM resource location. It must exactly match one of the available peering locations from List ExpressRoute Service Providers API call. | +| [`serviceProviderName`](#parameter-serviceprovidername) | string | This is the name of the ExpressRoute Service Provider. It must exactly match one of the Service Providers from List ExpressRoute Service Providers API call. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`allowClassicOperations`](#parameter-allowclassicoperations) | bool | Allow classic operations. You can connect to virtual networks in the classic deployment model by setting allowClassicOperations to true. | +| [`bandwidthInGbps`](#parameter-bandwidthingbps) | int | The bandwidth of the circuit when the circuit is provisioned on an ExpressRoutePort resource. Available when configuring Express Route Direct. Default value of 0 will set the property to null. | +| [`diagnosticEventHubAuthorizationRuleId`](#parameter-diagnosticeventhubauthorizationruleid) | string | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | +| [`diagnosticEventHubName`](#parameter-diagnosticeventhubname) | string | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | +| [`diagnosticLogCategoriesToEnable`](#parameter-diagnosticlogcategoriestoenable) | array | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | +| [`diagnosticMetricsToEnable`](#parameter-diagnosticmetricstoenable) | array | The name of metrics that will be streamed. | +| [`diagnosticSettingsName`](#parameter-diagnosticsettingsname) | string | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | +| [`diagnosticStorageAccountId`](#parameter-diagnosticstorageaccountid) | string | Resource ID of the diagnostic storage account. | +| [`diagnosticWorkspaceId`](#parameter-diagnosticworkspaceid) | string | Resource ID of the diagnostic log analytics workspace. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`expressRoutePortResourceId`](#parameter-expressrouteportresourceid) | string | The reference to the ExpressRoutePort resource when the circuit is provisioned on an ExpressRoutePort resource. Available when configuring Express Route Direct. | +| [`globalReachEnabled`](#parameter-globalreachenabled) | bool | Flag denoting global reach status. To enable ExpressRoute Global Reach between different geopolitical regions, your circuits must be Premium SKU. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`peerASN`](#parameter-peerasn) | int | The autonomous system number of the customer/connectivity provider. | +| [`peering`](#parameter-peering) | bool | Enabled BGP peering type for the Circuit. | +| [`peeringType`](#parameter-peeringtype) | string | BGP peering type for the Circuit. Choose from AzurePrivatePeering, AzurePublicPeering or MicrosoftPeering. | +| [`primaryPeerAddressPrefix`](#parameter-primarypeeraddressprefix) | string | A /30 subnet used to configure IP addresses for interfaces on Link1. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`secondaryPeerAddressPrefix`](#parameter-secondarypeeraddressprefix) | string | A /30 subnet used to configure IP addresses for interfaces on Link2. | +| [`sharedKey`](#parameter-sharedkey) | string | The shared key for peering configuration. Router does MD5 hash comparison to validate the packets sent by BGP connection. This parameter is optional and can be removed from peering configuration if not required. | +| [`skuFamily`](#parameter-skufamily) | string | Chosen SKU family of ExpressRoute circuit. Choose from MeteredData or UnlimitedData SKU families. | +| [`skuTier`](#parameter-skutier) | string | Chosen SKU Tier of ExpressRoute circuit. Choose from Local, Premium or Standard SKU tiers. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | +| [`vlanId`](#parameter-vlanid) | int | Specifies the identifier that is used to identify the customer. | + +### Parameter: `allowClassicOperations` + +Allow classic operations. You can connect to virtual networks in the classic deployment model by setting allowClassicOperations to true. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `bandwidthInGbps` + +The bandwidth of the circuit when the circuit is provisioned on an ExpressRoutePort resource. Available when configuring Express Route Direct. Default value of 0 will set the property to null. +- Required: No +- Type: int +- Default: `0` + +### Parameter: `bandwidthInMbps` + +This is the bandwidth in Mbps of the circuit being created. It must exactly match one of the available bandwidth offers List ExpressRoute Service Providers API call. +- Required: Yes +- Type: int + +### Parameter: `diagnosticEventHubAuthorizationRuleId` + +Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticEventHubName` + +Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticLogCategoriesToEnable` + +The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. +- Required: No +- Type: array +- Default: `[allLogs]` +- Allowed: `['', allLogs, PeeringRouteLog]` + +### Parameter: `diagnosticMetricsToEnable` + +The name of metrics that will be streamed. +- Required: No +- Type: array +- Default: `[AllMetrics]` +- Allowed: `[AllMetrics]` + +### Parameter: `diagnosticSettingsName` + +The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticStorageAccountId` + +Resource ID of the diagnostic storage account. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticWorkspaceId` + +Resource ID of the diagnostic log analytics workspace. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `expressRoutePortResourceId` + +The reference to the ExpressRoutePort resource when the circuit is provisioned on an ExpressRoutePort resource. Available when configuring Express Route Direct. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `globalReachEnabled` + +Flag denoting global reach status. To enable ExpressRoute Global Reach between different geopolitical regions, your circuits must be Premium SKU. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +This is the name of the ExpressRoute circuit. +- Required: Yes +- Type: string + +### Parameter: `peerASN` + +The autonomous system number of the customer/connectivity provider. +- Required: No +- Type: int +- Default: `0` + +### Parameter: `peering` + +Enabled BGP peering type for the Circuit. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `peeringLocation` + +This is the name of the peering location and not the ARM resource location. It must exactly match one of the available peering locations from List ExpressRoute Service Providers API call. +- Required: Yes +- Type: string + +### Parameter: `peeringType` + +BGP peering type for the Circuit. Choose from AzurePrivatePeering, AzurePublicPeering or MicrosoftPeering. +- Required: No +- Type: string +- Default: `'AzurePrivatePeering'` +- Allowed: `[AzurePrivatePeering, MicrosoftPeering]` + +### Parameter: `primaryPeerAddressPrefix` + +A /30 subnet used to configure IP addresses for interfaces on Link1. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `secondaryPeerAddressPrefix` + +A /30 subnet used to configure IP addresses for interfaces on Link2. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `serviceProviderName` + +This is the name of the ExpressRoute Service Provider. It must exactly match one of the Service Providers from List ExpressRoute Service Providers API call. +- Required: Yes +- Type: string + +### Parameter: `sharedKey` + +The shared key for peering configuration. Router does MD5 hash comparison to validate the packets sent by BGP connection. This parameter is optional and can be removed from peering configuration if not required. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `skuFamily` + +Chosen SKU family of ExpressRoute circuit. Choose from MeteredData or UnlimitedData SKU families. +- Required: No +- Type: string +- Default: `'MeteredData'` +- Allowed: `[MeteredData, UnlimitedData]` + +### Parameter: `skuTier` + +Chosen SKU Tier of ExpressRoute circuit. Choose from Local, Premium or Standard SKU tiers. +- Required: No +- Type: string +- Default: `'Standard'` +- Allowed: `[Local, Premium, Standard]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `vlanId` + +Specifies the identifier that is used to identify the customer. +- Required: No +- Type: int +- Default: `0` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of express route curcuit. | +| `resourceGroupName` | string | The resource group the express route curcuit was deployed into. | +| `resourceId` | string | The resource ID of express route curcuit. | +| `serviceKey` | string | The service key of the express route circuit. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/express-route-circuit/main.json b/modules/network/express-route-circuit/main.json index 7ee4c7678d..74d56855cd 100644 --- a/modules/network/express-route-circuit/main.json +++ b/modules/network/express-route-circuit/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "6824996198660601155" + "version": "0.22.6.54827", + "templateHash": "15387700502783731966" }, "name": "ExpressRoute Circuits", "description": "This module deploys an Express Route Circuit.", @@ -382,8 +382,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "1993477429002621283" + "version": "0.22.6.54827", + "templateHash": "14124226202821764051" } }, "parameters": { diff --git a/modules/network/express-route-gateway/.test/common/main.test.bicep b/modules/network/express-route-gateway/.test/common/main.test.bicep index 264ba8ba7e..8744b1d5ea 100644 --- a/modules/network/express-route-gateway/.test/common/main.test.bicep +++ b/modules/network/express-route-gateway/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/express-route-gateway/.test/min/main.test.bicep b/modules/network/express-route-gateway/.test/min/main.test.bicep index ec61027df0..42e56e5b89 100644 --- a/modules/network/express-route-gateway/.test/min/main.test.bicep +++ b/modules/network/express-route-gateway/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/express-route-gateway/README.md b/modules/network/express-route-gateway/README.md index f7160b91ba..753d130bc6 100644 --- a/modules/network/express-route-gateway/README.md +++ b/modules/network/express-route-gateway/README.md @@ -5,10 +5,10 @@ This module deploys an Express Route Gateway. ## Navigation - [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) ## Resource Types @@ -18,58 +18,29 @@ This module deploys an Express Route Gateway. | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Network/expressRouteGateways` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/expressRouteGateways) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Name of the Express Route Gateway. | -| `virtualHubId` | string | Resource ID of the Virtual Wan Hub. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `allowNonVirtualWanTraffic` | bool | `False` | | Configures this gateway to accept traffic from non Virtual WAN networks. | -| `autoScaleConfigurationBoundsMax` | int | `2` | | Maximum number of scale units deployed for ExpressRoute gateway. | -| `autoScaleConfigurationBoundsMin` | int | `2` | | Minimum number of scale units deployed for ExpressRoute gateway. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `expressRouteConnections` | array | `[]` | | List of ExpressRoute connections to the ExpressRoute gateway. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `tags` | object | `{object}` | | Tags of the Firewall policy resource. | - +## Usage examples -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the ExpressRoute Gateway. | -| `resourceGroupName` | string | The resource group of the ExpressRoute Gateway was deployed into. | -| `resourceId` | string | The resource ID of the ExpressRoute Gateway. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.express-route-gateway:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module expressRouteGateway './network/express-route-gateway/main.bicep' = { +module expressRouteGateway 'br:bicep/modules/network.express-route-gateway:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nergcom' params: { // Required parameters @@ -153,14 +124,17 @@ module expressRouteGateway './network/express-route-gateway/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module expressRouteGateway './network/express-route-gateway/main.bicep' = { +module expressRouteGateway 'br:bicep/modules/network.express-route-gateway:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nergmin' params: { // Required parameters @@ -201,3 +175,117 @@ module expressRouteGateway './network/express-route-gateway/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Name of the Express Route Gateway. | +| [`virtualHubId`](#parameter-virtualhubid) | string | Resource ID of the Virtual Wan Hub. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`allowNonVirtualWanTraffic`](#parameter-allownonvirtualwantraffic) | bool | Configures this gateway to accept traffic from non Virtual WAN networks. | +| [`autoScaleConfigurationBoundsMax`](#parameter-autoscaleconfigurationboundsmax) | int | Maximum number of scale units deployed for ExpressRoute gateway. | +| [`autoScaleConfigurationBoundsMin`](#parameter-autoscaleconfigurationboundsmin) | int | Minimum number of scale units deployed for ExpressRoute gateway. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`expressRouteConnections`](#parameter-expressrouteconnections) | array | List of ExpressRoute connections to the ExpressRoute gateway. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`tags`](#parameter-tags) | object | Tags of the Firewall policy resource. | + +### Parameter: `allowNonVirtualWanTraffic` + +Configures this gateway to accept traffic from non Virtual WAN networks. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `autoScaleConfigurationBoundsMax` + +Maximum number of scale units deployed for ExpressRoute gateway. +- Required: No +- Type: int +- Default: `2` + +### Parameter: `autoScaleConfigurationBoundsMin` + +Minimum number of scale units deployed for ExpressRoute gateway. +- Required: No +- Type: int +- Default: `2` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `expressRouteConnections` + +List of ExpressRoute connections to the ExpressRoute gateway. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name of the Express Route Gateway. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the Firewall policy resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `virtualHubId` + +Resource ID of the Virtual Wan Hub. +- Required: Yes +- Type: string + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the ExpressRoute Gateway. | +| `resourceGroupName` | string | The resource group of the ExpressRoute Gateway was deployed into. | +| `resourceId` | string | The resource ID of the ExpressRoute Gateway. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/express-route-gateway/main.json b/modules/network/express-route-gateway/main.json index 3431a0aef3..084701ac54 100644 --- a/modules/network/express-route-gateway/main.json +++ b/modules/network/express-route-gateway/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "4204996721387656228" + "version": "0.22.6.54827", + "templateHash": "8092497363245159180" }, "name": "Express Route Gateways", "description": "This module deploys an Express Route Gateway.", @@ -176,8 +176,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "13068351482866901446" + "version": "0.22.6.54827", + "templateHash": "10999249246469924012" } }, "parameters": { diff --git a/modules/network/firewall-policy/.test/common/main.test.bicep b/modules/network/firewall-policy/.test/common/main.test.bicep index bf8c202a14..d4904dcad3 100644 --- a/modules/network/firewall-policy/.test/common/main.test.bicep +++ b/modules/network/firewall-policy/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/firewall-policy/.test/min/main.test.bicep b/modules/network/firewall-policy/.test/min/main.test.bicep index bd06e9e9f4..9befa1733c 100644 --- a/modules/network/firewall-policy/.test/min/main.test.bicep +++ b/modules/network/firewall-policy/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/firewall-policy/README.md b/modules/network/firewall-policy/README.md index 28a24d3072..6a4c12ae18 100644 --- a/modules/network/firewall-policy/README.md +++ b/modules/network/firewall-policy/README.md @@ -5,10 +5,10 @@ This module deploys a Firewall Policy. ## Navigation - [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) ## Resource Types @@ -17,72 +17,29 @@ This module deploys a Firewall Policy. | `Microsoft.Network/firewallPolicies` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/firewallPolicies) | | `Microsoft.Network/firewallPolicies/ruleCollectionGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/firewallPolicies/ruleCollectionGroups) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Name of the Firewall Policy. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `allowSqlRedirect` | bool | `False` | | A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999. | -| `autoLearnPrivateRanges` | string | `'Disabled'` | `[Disabled, Enabled]` | The operation mode for automatically learning private ranges to not be SNAT. | -| `basePolicyResourceId` | string | `''` | | Resource ID of the base policy. | -| `bypassTrafficSettings` | array | `[]` | | List of rules for traffic to bypass. | -| `certificateName` | string | `''` | | Name of the CA certificate. | -| `defaultWorkspaceId` | string | `''` | | Default Log Analytics Resource ID for Firewall Policy Insights. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `enableProxy` | bool | `False` | | Enable DNS Proxy on Firewalls attached to the Firewall Policy. | -| `fqdns` | array | `[]` | | List of FQDNs for the ThreatIntel Allowlist. | -| `insightsIsEnabled` | bool | `False` | | A flag to indicate if the insights are enabled on the policy. | -| `ipAddresses` | array | `[]` | | List of IP addresses for the ThreatIntel Allowlist. | -| `keyVaultSecretId` | string | `''` | | Secret ID of (base-64 encoded unencrypted PFX) Secret or Certificate object stored in KeyVault. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `mode` | string | `'Off'` | `[Alert, Deny, Off]` | The configuring of intrusion detection. | -| `privateRanges` | array | `[]` | | List of private IP addresses/IP address ranges to not be SNAT. | -| `retentionDays` | int | `365` | | Number of days the insights should be enabled on the policy. | -| `ruleCollectionGroups` | array | `[]` | | Rule collection groups. | -| `servers` | array | `[]` | | List of Custom DNS Servers. | -| `signatureOverrides` | array | `[]` | | List of specific signatures states. | -| `tags` | object | `{object}` | | Tags of the Firewall policy resource. | -| `threatIntelMode` | string | `'Off'` | `[Alert, Deny, Off]` | The operation mode for Threat Intel. | -| `tier` | string | `'Standard'` | `[Premium, Standard]` | Tier of Firewall Policy. | -| `userAssignedIdentities` | object | `{object}` | | The ID(s) to assign to the resource. | -| `workspaces` | array | `[]` | | List of workspaces for Firewall Policy Insights. | - +## Usage examples -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the deployed firewall policy. | -| `resourceGroupName` | string | The resource group of the deployed firewall policy. | -| `resourceId` | string | The resource ID of the deployed firewall policy. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.firewall-policy:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module firewallPolicy './network/firewall-policy/main.bicep' = { +module firewallPolicy 'br:bicep/modules/network.firewall-policy:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nfpcom' params: { // Required parameters @@ -218,14 +175,17 @@ module firewallPolicy './network/firewall-policy/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module firewallPolicy './network/firewall-policy/main.bicep' = { +module firewallPolicy 'br:bicep/modules/network.firewall-policy:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nfpmin' params: { // Required parameters @@ -262,3 +222,233 @@ module firewallPolicy './network/firewall-policy/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Name of the Firewall Policy. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`allowSqlRedirect`](#parameter-allowsqlredirect) | bool | A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999. | +| [`autoLearnPrivateRanges`](#parameter-autolearnprivateranges) | string | The operation mode for automatically learning private ranges to not be SNAT. | +| [`basePolicyResourceId`](#parameter-basepolicyresourceid) | string | Resource ID of the base policy. | +| [`bypassTrafficSettings`](#parameter-bypasstrafficsettings) | array | List of rules for traffic to bypass. | +| [`certificateName`](#parameter-certificatename) | string | Name of the CA certificate. | +| [`defaultWorkspaceId`](#parameter-defaultworkspaceid) | string | Default Log Analytics Resource ID for Firewall Policy Insights. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`enableProxy`](#parameter-enableproxy) | bool | Enable DNS Proxy on Firewalls attached to the Firewall Policy. | +| [`fqdns`](#parameter-fqdns) | array | List of FQDNs for the ThreatIntel Allowlist. | +| [`insightsIsEnabled`](#parameter-insightsisenabled) | bool | A flag to indicate if the insights are enabled on the policy. | +| [`ipAddresses`](#parameter-ipaddresses) | array | List of IP addresses for the ThreatIntel Allowlist. | +| [`keyVaultSecretId`](#parameter-keyvaultsecretid) | string | Secret ID of (base-64 encoded unencrypted PFX) Secret or Certificate object stored in KeyVault. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`mode`](#parameter-mode) | string | The configuring of intrusion detection. | +| [`privateRanges`](#parameter-privateranges) | array | List of private IP addresses/IP address ranges to not be SNAT. | +| [`retentionDays`](#parameter-retentiondays) | int | Number of days the insights should be enabled on the policy. | +| [`ruleCollectionGroups`](#parameter-rulecollectiongroups) | array | Rule collection groups. | +| [`servers`](#parameter-servers) | array | List of Custom DNS Servers. | +| [`signatureOverrides`](#parameter-signatureoverrides) | array | List of specific signatures states. | +| [`tags`](#parameter-tags) | object | Tags of the Firewall policy resource. | +| [`threatIntelMode`](#parameter-threatintelmode) | string | The operation mode for Threat Intel. | +| [`tier`](#parameter-tier) | string | Tier of Firewall Policy. | +| [`userAssignedIdentities`](#parameter-userassignedidentities) | object | The ID(s) to assign to the resource. | +| [`workspaces`](#parameter-workspaces) | array | List of workspaces for Firewall Policy Insights. | + +### Parameter: `allowSqlRedirect` + +A flag to indicate if SQL Redirect traffic filtering is enabled. Turning on the flag requires no rule using port 11000-11999. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `autoLearnPrivateRanges` + +The operation mode for automatically learning private ranges to not be SNAT. +- Required: No +- Type: string +- Default: `'Disabled'` +- Allowed: `[Disabled, Enabled]` + +### Parameter: `basePolicyResourceId` + +Resource ID of the base policy. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `bypassTrafficSettings` + +List of rules for traffic to bypass. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `certificateName` + +Name of the CA certificate. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `defaultWorkspaceId` + +Default Log Analytics Resource ID for Firewall Policy Insights. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `enableProxy` + +Enable DNS Proxy on Firewalls attached to the Firewall Policy. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `fqdns` + +List of FQDNs for the ThreatIntel Allowlist. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `insightsIsEnabled` + +A flag to indicate if the insights are enabled on the policy. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `ipAddresses` + +List of IP addresses for the ThreatIntel Allowlist. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `keyVaultSecretId` + +Secret ID of (base-64 encoded unencrypted PFX) Secret or Certificate object stored in KeyVault. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `mode` + +The configuring of intrusion detection. +- Required: No +- Type: string +- Default: `'Off'` +- Allowed: `[Alert, Deny, Off]` + +### Parameter: `name` + +Name of the Firewall Policy. +- Required: Yes +- Type: string + +### Parameter: `privateRanges` + +List of private IP addresses/IP address ranges to not be SNAT. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `retentionDays` + +Number of days the insights should be enabled on the policy. +- Required: No +- Type: int +- Default: `365` + +### Parameter: `ruleCollectionGroups` + +Rule collection groups. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `servers` + +List of Custom DNS Servers. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `signatureOverrides` + +List of specific signatures states. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the Firewall policy resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `threatIntelMode` + +The operation mode for Threat Intel. +- Required: No +- Type: string +- Default: `'Off'` +- Allowed: `[Alert, Deny, Off]` + +### Parameter: `tier` + +Tier of Firewall Policy. +- Required: No +- Type: string +- Default: `'Standard'` +- Allowed: `[Premium, Standard]` + +### Parameter: `userAssignedIdentities` + +The ID(s) to assign to the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `workspaces` + +List of workspaces for Firewall Policy Insights. +- Required: No +- Type: array +- Default: `[]` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the deployed firewall policy. | +| `resourceGroupName` | string | The resource group of the deployed firewall policy. | +| `resourceId` | string | The resource ID of the deployed firewall policy. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/firewall-policy/main.json b/modules/network/firewall-policy/main.json index 17bff00e52..466fff08d7 100644 --- a/modules/network/firewall-policy/main.json +++ b/modules/network/firewall-policy/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "6554136279481645026" + "version": "0.22.6.54827", + "templateHash": "18116522930721554549" }, "name": "Firewall Policies", "description": "This module deploys a Firewall Policy.", @@ -290,8 +290,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "6780265410658307445" + "version": "0.22.6.54827", + "templateHash": "13617778659554817427" }, "name": "Firewall Policy Rule Collection Groups", "description": "This module deploys a Firewall Policy Rule Collection Group.", diff --git a/modules/network/firewall-policy/rule-collection-group/README.md b/modules/network/firewall-policy/rule-collection-group/README.md index 9be45dfd53..920f33ecd8 100644 --- a/modules/network/firewall-policy/rule-collection-group/README.md +++ b/modules/network/firewall-policy/rule-collection-group/README.md @@ -19,28 +19,60 @@ This module deploys a Firewall Policy Rule Collection Group. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the rule collection group to deploy. | -| `priority` | int | Priority of the Firewall Policy Rule Collection Group resource. | +| [`name`](#parameter-name) | string | The name of the rule collection group to deploy. | +| [`priority`](#parameter-priority) | int | Priority of the Firewall Policy Rule Collection Group resource. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `firewallPolicyName` | string | The name of the parent Firewall Policy. Required if the template is used in a standalone deployment. | +| [`firewallPolicyName`](#parameter-firewallpolicyname) | string | The name of the parent Firewall Policy. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `ruleCollections` | array | `[]` | Group of Firewall Policy rule collections. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`ruleCollections`](#parameter-rulecollections) | array | Group of Firewall Policy rule collections. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `firewallPolicyName` + +The name of the parent Firewall Policy. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `name` + +The name of the rule collection group to deploy. +- Required: Yes +- Type: string + +### Parameter: `priority` + +Priority of the Firewall Policy Rule Collection Group resource. +- Required: Yes +- Type: int + +### Parameter: `ruleCollections` + +Group of Firewall Policy rule collections. +- Required: No +- Type: array +- Default: `[]` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed rule collection group. | | `resourceGroupName` | string | The resource group of the deployed rule collection group. | diff --git a/modules/network/firewall-policy/rule-collection-group/main.json b/modules/network/firewall-policy/rule-collection-group/main.json index f2abb4caf2..6c26a49d8a 100644 --- a/modules/network/firewall-policy/rule-collection-group/main.json +++ b/modules/network/firewall-policy/rule-collection-group/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "12741470915279971248" + "version": "0.22.6.54827", + "templateHash": "13617778659554817427" }, "name": "Firewall Policy Rule Collection Groups", "description": "This module deploys a Firewall Policy Rule Collection Group.", diff --git a/modules/network/front-door-web-application-firewall-policy/.test/common/main.test.bicep b/modules/network/front-door-web-application-firewall-policy/.test/common/main.test.bicep index 838318de95..bce0b16d65 100644 --- a/modules/network/front-door-web-application-firewall-policy/.test/common/main.test.bicep +++ b/modules/network/front-door-web-application-firewall-policy/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/front-door-web-application-firewall-policy/.test/min/main.test.bicep b/modules/network/front-door-web-application-firewall-policy/.test/min/main.test.bicep index 469b740344..2203aa1dd7 100644 --- a/modules/network/front-door-web-application-firewall-policy/.test/min/main.test.bicep +++ b/modules/network/front-door-web-application-firewall-policy/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/front-door-web-application-firewall-policy/README.md b/modules/network/front-door-web-application-firewall-policy/README.md index 41570c94cd..8b56ef7643 100644 --- a/modules/network/front-door-web-application-firewall-policy/README.md +++ b/modules/network/front-door-web-application-firewall-policy/README.md @@ -5,10 +5,10 @@ This module deploys a Front Door Web Application Firewall (WAF) Policy. ## Navigation - [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) ## Resource Types @@ -18,57 +18,29 @@ This module deploys a Front Door Web Application Firewall (WAF) Policy. | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Network/FrontDoorWebApplicationFirewallPolicies` | [2022-05-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-05-01/FrontDoorWebApplicationFirewallPolicies) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Name of the Front Door WAF policy. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `customRules` | object | `{object}` | | The custom rules inside the policy. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `location` | string | `'global'` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `managedRules` | object | `{object}` | | Describes the managedRules structure. | -| `policySettings` | object | `{object}` | | The PolicySettings for policy. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `sku` | string | `'Standard_AzureFrontDoor'` | `[Premium_AzureFrontDoor, Standard_AzureFrontDoor]` | The pricing tier of the WAF profile. | -| `tags` | object | `{object}` | | Resource tags. | - +## Usage examples -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the Front Door WAF policy. | -| `resourceGroupName` | string | The resource group the Front Door WAF policy was deployed into. | -| `resourceId` | string | The resource ID of the Front Door WAF policy. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.front-door-web-application-firewall-policy:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module frontDoorWebApplicationFirewallPolicy './network/front-door-web-application-firewall-policy/main.bicep' = { +module frontDoorWebApplicationFirewallPolicy 'br:bicep/modules/network.front-door-web-application-firewall-policy:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nagwafpcom' params: { // Required parameters @@ -276,14 +248,17 @@ module frontDoorWebApplicationFirewallPolicy './network/front-door-web-applicati

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module frontDoorWebApplicationFirewallPolicy './network/front-door-web-application-firewall-policy/main.bicep' = { +module frontDoorWebApplicationFirewallPolicy 'br:bicep/modules/network.front-door-web-application-firewall-policy:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nagwafpmin' params: { // Required parameters @@ -320,3 +295,111 @@ module frontDoorWebApplicationFirewallPolicy './network/front-door-web-applicati

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Name of the Front Door WAF policy. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`customRules`](#parameter-customrules) | object | The custom rules inside the policy. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`managedRules`](#parameter-managedrules) | object | Describes the managedRules structure. | +| [`policySettings`](#parameter-policysettings) | object | The PolicySettings for policy. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`sku`](#parameter-sku) | string | The pricing tier of the WAF profile. | +| [`tags`](#parameter-tags) | object | Resource tags. | + +### Parameter: `customRules` + +The custom rules inside the policy. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `'global'` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `managedRules` + +Describes the managedRules structure. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +Name of the Front Door WAF policy. +- Required: Yes +- Type: string + +### Parameter: `policySettings` + +The PolicySettings for policy. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `sku` + +The pricing tier of the WAF profile. +- Required: No +- Type: string +- Default: `'Standard_AzureFrontDoor'` +- Allowed: `[Premium_AzureFrontDoor, Standard_AzureFrontDoor]` + +### Parameter: `tags` + +Resource tags. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the Front Door WAF policy. | +| `resourceGroupName` | string | The resource group the Front Door WAF policy was deployed into. | +| `resourceId` | string | The resource ID of the Front Door WAF policy. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/front-door-web-application-firewall-policy/main.json b/modules/network/front-door-web-application-firewall-policy/main.json index 0d56d79ca8..a2dffd263e 100644 --- a/modules/network/front-door-web-application-firewall-policy/main.json +++ b/modules/network/front-door-web-application-firewall-policy/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "3252423512239689635" + "version": "0.22.6.54827", + "templateHash": "9522616710967870505" }, "name": "Front Door Web Application Firewall (WAF) Policies", "description": "This module deploys a Front Door Web Application Firewall (WAF) Policy.", @@ -210,8 +210,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "9019610193929502057" + "version": "0.22.6.54827", + "templateHash": "15230534892714027949" } }, "parameters": { diff --git a/modules/network/front-door/.test/common/main.test.bicep b/modules/network/front-door/.test/common/main.test.bicep index c8ce73be84..953b044059 100644 --- a/modules/network/front-door/.test/common/main.test.bicep +++ b/modules/network/front-door/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/front-door/.test/min/main.test.bicep b/modules/network/front-door/.test/min/main.test.bicep index 5cde0a04e4..a11667f30d 100644 --- a/modules/network/front-door/.test/min/main.test.bicep +++ b/modules/network/front-door/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/front-door/README.md b/modules/network/front-door/README.md index 64e78ae5f3..2d15e13f22 100644 --- a/modules/network/front-door/README.md +++ b/modules/network/front-door/README.md @@ -5,10 +5,10 @@ This module deploys an Azure Front Door. ## Navigation - [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) ## Resource Types @@ -19,67 +19,29 @@ This module deploys an Azure Front Door. | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) | | `Microsoft.Network/frontDoors` | [2020-05-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2020-05-01/frontDoors) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `backendPools` | array | Backend address pool of the frontdoor resource. | -| `frontendEndpoints` | array | Frontend endpoints of the frontdoor resource. | -| `healthProbeSettings` | array | Heath probe settings of the frontdoor resource. | -| `loadBalancingSettings` | array | Load balancing settings of the frontdoor resource. | -| `name` | string | The name of the frontDoor. | -| `routingRules` | array | Routing rules settings of the frontdoor resource. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | -| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | -| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, FrontdoorAccessLog, FrontdoorWebApplicationFirewallLog]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | -| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `enabledState` | string | `'Enabled'` | | State of the frontdoor resource. | -| `enforceCertificateNameCheck` | string | `'Disabled'` | | Enforce certificate name check of the frontdoor resource. | -| `friendlyName` | string | `''` | | Friendly name of the frontdoor resource. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `metricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `sendRecvTimeoutSeconds` | int | `240` | | Certificate name check time of the frontdoor resource. | -| `tags` | object | `{object}` | | Resource tags. | - - -## Outputs +## Usage examples -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | The name of the front door. | -| `resourceGroupName` | string | The resource group the front door was deployed into. | -| `resourceId` | string | The resource ID of the front door. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.front-door:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module frontDoor './network/front-door/main.bicep' = { +module frontDoor 'br:bicep/modules/network.front-door:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nfdcom' params: { // Required parameters @@ -345,14 +307,17 @@ module frontDoor './network/front-door/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module frontDoor './network/front-door/main.bicep' = { +module frontDoor 'br:bicep/modules/network.front-door:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nfdmin' params: { // Required parameters @@ -557,3 +522,194 @@ module frontDoor './network/front-door/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`backendPools`](#parameter-backendpools) | array | Backend address pool of the frontdoor resource. | +| [`frontendEndpoints`](#parameter-frontendendpoints) | array | Frontend endpoints of the frontdoor resource. | +| [`healthProbeSettings`](#parameter-healthprobesettings) | array | Heath probe settings of the frontdoor resource. | +| [`loadBalancingSettings`](#parameter-loadbalancingsettings) | array | Load balancing settings of the frontdoor resource. | +| [`name`](#parameter-name) | string | The name of the frontDoor. | +| [`routingRules`](#parameter-routingrules) | array | Routing rules settings of the frontdoor resource. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`diagnosticEventHubAuthorizationRuleId`](#parameter-diagnosticeventhubauthorizationruleid) | string | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | +| [`diagnosticEventHubName`](#parameter-diagnosticeventhubname) | string | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | +| [`diagnosticLogCategoriesToEnable`](#parameter-diagnosticlogcategoriestoenable) | array | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | +| [`diagnosticStorageAccountId`](#parameter-diagnosticstorageaccountid) | string | Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | +| [`diagnosticWorkspaceId`](#parameter-diagnosticworkspaceid) | string | Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`enabledState`](#parameter-enabledstate) | string | State of the frontdoor resource. | +| [`enforceCertificateNameCheck`](#parameter-enforcecertificatenamecheck) | string | Enforce certificate name check of the frontdoor resource. | +| [`friendlyName`](#parameter-friendlyname) | string | Friendly name of the frontdoor resource. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`metricsToEnable`](#parameter-metricstoenable) | array | The name of metrics that will be streamed. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`sendRecvTimeoutSeconds`](#parameter-sendrecvtimeoutseconds) | int | Certificate name check time of the frontdoor resource. | +| [`tags`](#parameter-tags) | object | Resource tags. | + +### Parameter: `backendPools` + +Backend address pool of the frontdoor resource. +- Required: Yes +- Type: array + +### Parameter: `diagnosticEventHubAuthorizationRuleId` + +Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticEventHubName` + +Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticLogCategoriesToEnable` + +The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. +- Required: No +- Type: array +- Default: `[allLogs]` +- Allowed: `['', allLogs, FrontdoorAccessLog, FrontdoorWebApplicationFirewallLog]` + +### Parameter: `diagnosticStorageAccountId` + +Resource ID of the diagnostic storage account. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticWorkspaceId` + +Resource ID of the diagnostic log analytics workspace. For security reasons, it is recommended to set diagnostic settings to send data to either storage account, log analytics workspace or event hub. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `enabledState` + +State of the frontdoor resource. +- Required: No +- Type: string +- Default: `'Enabled'` + +### Parameter: `enforceCertificateNameCheck` + +Enforce certificate name check of the frontdoor resource. +- Required: No +- Type: string +- Default: `'Disabled'` + +### Parameter: `friendlyName` + +Friendly name of the frontdoor resource. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `frontendEndpoints` + +Frontend endpoints of the frontdoor resource. +- Required: Yes +- Type: array + +### Parameter: `healthProbeSettings` + +Heath probe settings of the frontdoor resource. +- Required: Yes +- Type: array + +### Parameter: `loadBalancingSettings` + +Load balancing settings of the frontdoor resource. +- Required: Yes +- Type: array + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `metricsToEnable` + +The name of metrics that will be streamed. +- Required: No +- Type: array +- Default: `[AllMetrics]` +- Allowed: `[AllMetrics]` + +### Parameter: `name` + +The name of the frontDoor. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `routingRules` + +Routing rules settings of the frontdoor resource. +- Required: Yes +- Type: array + +### Parameter: `sendRecvTimeoutSeconds` + +Certificate name check time of the frontdoor resource. +- Required: No +- Type: int +- Default: `240` + +### Parameter: `tags` + +Resource tags. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `name` | string | The name of the front door. | +| `resourceGroupName` | string | The resource group the front door was deployed into. | +| `resourceId` | string | The resource ID of the front door. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/front-door/main.json b/modules/network/front-door/main.json index 6d8212300c..3722abf630 100644 --- a/modules/network/front-door/main.json +++ b/modules/network/front-door/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "18085582863238637831" + "version": "0.22.6.54827", + "templateHash": "1800137372393005313" }, "name": "Azure Front Doors", "description": "This module deploys an Azure Front Door.", @@ -298,8 +298,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "15530628531766056415" + "version": "0.22.6.54827", + "templateHash": "9337028153232884606" } }, "parameters": { diff --git a/modules/network/ip-group/.test/common/main.test.bicep b/modules/network/ip-group/.test/common/main.test.bicep index 3dad1a2400..163f4b662b 100644 --- a/modules/network/ip-group/.test/common/main.test.bicep +++ b/modules/network/ip-group/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/ip-group/.test/min/main.test.bicep b/modules/network/ip-group/.test/min/main.test.bicep index dc0c682523..fdf786819e 100644 --- a/modules/network/ip-group/.test/min/main.test.bicep +++ b/modules/network/ip-group/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/ip-group/README.md b/modules/network/ip-group/README.md index d6481e255f..49d93b2d35 100644 --- a/modules/network/ip-group/README.md +++ b/modules/network/ip-group/README.md @@ -4,13 +4,13 @@ This module deploys an IP Group. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -18,54 +18,29 @@ This module deploys an IP Group. | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Network/ipGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/ipGroups) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | The name of the ipGroups. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `ipAddresses` | array | `[]` | | IpAddresses/IpAddressPrefixes in the IpGroups resource. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `tags` | object | `{object}` | | Resource tags. | +## Usage examples +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the IP group. | -| `resourceGroupName` | string | The resource group of the IP group was deployed into. | -| `resourceId` | string | The resource ID of the IP group. | - -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.ip-group:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module ipGroup './network/ip-group/main.bicep' = { +module ipGroup 'br:bicep/modules/network.ip-group:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nigcom' params: { // Required parameters @@ -149,14 +124,17 @@ module ipGroup './network/ip-group/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module ipGroup './network/ip-group/main.bicep' = { +module ipGroup 'br:bicep/modules/network.ip-group:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nigmin' params: { // Required parameters @@ -193,3 +171,86 @@ module ipGroup './network/ip-group/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | The name of the ipGroups. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`ipAddresses`](#parameter-ipaddresses) | array | IpAddresses/IpAddressPrefixes in the IpGroups resource. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`tags`](#parameter-tags) | object | Resource tags. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `ipAddresses` + +IpAddresses/IpAddressPrefixes in the IpGroups resource. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +The name of the ipGroups. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Resource tags. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the IP group. | +| `resourceGroupName` | string | The resource group of the IP group was deployed into. | +| `resourceId` | string | The resource ID of the IP group. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/ip-group/main.json b/modules/network/ip-group/main.json index 5ab53eaa7a..3d3b61dbe5 100644 --- a/modules/network/ip-group/main.json +++ b/modules/network/ip-group/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "14113274555296490837" + "version": "0.22.6.54827", + "templateHash": "3722289923159347480" }, "name": "IP Groups", "description": "This module deploys an IP Group.", @@ -140,8 +140,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "15558620083655583266" + "version": "0.22.6.54827", + "templateHash": "11934973470926193389" } }, "parameters": { diff --git a/modules/network/load-balancer/.test/common/main.test.bicep b/modules/network/load-balancer/.test/common/main.test.bicep index 79ce0f2cbd..cdfff057be 100644 --- a/modules/network/load-balancer/.test/common/main.test.bicep +++ b/modules/network/load-balancer/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/load-balancer/.test/min/main.test.bicep b/modules/network/load-balancer/.test/min/main.test.bicep index de083737e7..fa33adefac 100644 --- a/modules/network/load-balancer/.test/min/main.test.bicep +++ b/modules/network/load-balancer/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/load-balancer/README.md b/modules/network/load-balancer/README.md index 5c8c51a3b7..107cbb8f8a 100644 --- a/modules/network/load-balancer/README.md +++ b/modules/network/load-balancer/README.md @@ -4,14 +4,14 @@ This module deploys a Load Balancer. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) - [Notes](#Notes) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -22,67 +22,30 @@ This module deploys a Load Balancer. | `Microsoft.Network/loadBalancers/backendAddressPools` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/loadBalancers/backendAddressPools) | | `Microsoft.Network/loadBalancers/inboundNatRules` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/loadBalancers/inboundNatRules) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `frontendIPConfigurations` | array | Array of objects containing all frontend IP configurations. | -| `name` | string | The Proximity Placement Groups Name. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `backendAddressPools` | array | `[]` | | Collection of backend address pools used by a load balancer. | -| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | -| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | -| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | -| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | -| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `inboundNatRules` | array | `[]` | | Collection of inbound NAT Rules used by a load balancer. Defining inbound NAT rules on your load balancer is mutually exclusive with defining an inbound NAT pool. Inbound NAT pools are referenced from virtual machine scale sets. NICs that are associated with individual virtual machines cannot reference an Inbound NAT pool. They have to reference individual inbound NAT rules. | -| `loadBalancingRules` | array | `[]` | | Array of objects containing all load balancing rules. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `outboundRules` | array | `[]` | | The outbound rules. | -| `probes` | array | `[]` | | Array of objects containing all probes, these are references in the load balancing rules. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `skuName` | string | `'Standard'` | `[Basic, Standard]` | Name of a load balancer SKU. | -| `tags` | object | `{object}` | | Tags of the resource. | - - -## Outputs +## Usage examples -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `backendpools` | array | The backend address pools available in the load balancer. | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the load balancer. | -| `resourceGroupName` | string | The resource group the load balancer was deployed into. | -| `resourceId` | string | The resource ID of the load balancer. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.load-balancer:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Internal](#example-2-internal) +- [Using Maximum Parameters](#example-3-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module loadBalancer './network/load-balancer/main.bicep' = { +module loadBalancer 'br:bicep/modules/network.load-balancer:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nlbcom' params: { // Required parameters @@ -344,14 +307,14 @@ module loadBalancer './network/load-balancer/main.bicep' = {

-

Example 2: Internal

+### Example 2: _Internal_
via Bicep module ```bicep -module loadBalancer './network/load-balancer/main.bicep' = { +module loadBalancer 'br:bicep/modules/network.load-balancer:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nlbint' params: { // Required parameters @@ -559,14 +522,17 @@ module loadBalancer './network/load-balancer/main.bicep' = {

-

Example 3: Min

+### Example 3: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module loadBalancer './network/load-balancer/main.bicep' = { +module loadBalancer 'br:bicep/modules/network.load-balancer:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nlbmin' params: { // Required parameters @@ -619,6 +585,186 @@ module loadBalancer './network/load-balancer/main.bicep' = {

+## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`frontendIPConfigurations`](#parameter-frontendipconfigurations) | array | Array of objects containing all frontend IP configurations. | +| [`name`](#parameter-name) | string | The Proximity Placement Groups Name. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`backendAddressPools`](#parameter-backendaddresspools) | array | Collection of backend address pools used by a load balancer. | +| [`diagnosticEventHubAuthorizationRuleId`](#parameter-diagnosticeventhubauthorizationruleid) | string | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | +| [`diagnosticEventHubName`](#parameter-diagnosticeventhubname) | string | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | +| [`diagnosticMetricsToEnable`](#parameter-diagnosticmetricstoenable) | array | The name of metrics that will be streamed. | +| [`diagnosticSettingsName`](#parameter-diagnosticsettingsname) | string | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | +| [`diagnosticStorageAccountId`](#parameter-diagnosticstorageaccountid) | string | Resource ID of the diagnostic storage account. | +| [`diagnosticWorkspaceId`](#parameter-diagnosticworkspaceid) | string | Resource ID of the diagnostic log analytics workspace. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`inboundNatRules`](#parameter-inboundnatrules) | array | Collection of inbound NAT Rules used by a load balancer. Defining inbound NAT rules on your load balancer is mutually exclusive with defining an inbound NAT pool. Inbound NAT pools are referenced from virtual machine scale sets. NICs that are associated with individual virtual machines cannot reference an Inbound NAT pool. They have to reference individual inbound NAT rules. | +| [`loadBalancingRules`](#parameter-loadbalancingrules) | array | Array of objects containing all load balancing rules. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`outboundRules`](#parameter-outboundrules) | array | The outbound rules. | +| [`probes`](#parameter-probes) | array | Array of objects containing all probes, these are references in the load balancing rules. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`skuName`](#parameter-skuname) | string | Name of a load balancer SKU. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | + +### Parameter: `backendAddressPools` + +Collection of backend address pools used by a load balancer. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `diagnosticEventHubAuthorizationRuleId` + +Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticEventHubName` + +Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticMetricsToEnable` + +The name of metrics that will be streamed. +- Required: No +- Type: array +- Default: `[AllMetrics]` +- Allowed: `[AllMetrics]` + +### Parameter: `diagnosticSettingsName` + +The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticStorageAccountId` + +Resource ID of the diagnostic storage account. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticWorkspaceId` + +Resource ID of the diagnostic log analytics workspace. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `frontendIPConfigurations` + +Array of objects containing all frontend IP configurations. +- Required: Yes +- Type: array + +### Parameter: `inboundNatRules` + +Collection of inbound NAT Rules used by a load balancer. Defining inbound NAT rules on your load balancer is mutually exclusive with defining an inbound NAT pool. Inbound NAT pools are referenced from virtual machine scale sets. NICs that are associated with individual virtual machines cannot reference an Inbound NAT pool. They have to reference individual inbound NAT rules. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `loadBalancingRules` + +Array of objects containing all load balancing rules. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +The Proximity Placement Groups Name. +- Required: Yes +- Type: string + +### Parameter: `outboundRules` + +The outbound rules. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `probes` + +Array of objects containing all probes, these are references in the load balancing rules. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `skuName` + +Name of a load balancer SKU. +- Required: No +- Type: string +- Default: `'Standard'` +- Allowed: `[Basic, Standard]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `backendpools` | array | The backend address pools available in the load balancer. | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the load balancer. | +| `resourceGroupName` | string | The resource group the load balancer was deployed into. | +| `resourceId` | string | The resource ID of the load balancer. | + +## Cross-referenced modules + +_None_ + ## Notes ### Parameter Usage: `backendAddressPools` diff --git a/modules/network/load-balancer/backend-address-pool/README.md b/modules/network/load-balancer/backend-address-pool/README.md index 44dfdef1f7..99b752c0a9 100644 --- a/modules/network/load-balancer/backend-address-pool/README.md +++ b/modules/network/load-balancer/backend-address-pool/README.md @@ -19,30 +19,78 @@ This module deploys a Load Balancer Backend Address Pools. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the backend address pool. | +| [`name`](#parameter-name) | string | The name of the backend address pool. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `loadBalancerName` | string | The name of the parent load balancer. Required if the template is used in a standalone deployment. | +| [`loadBalancerName`](#parameter-loadbalancername) | string | The name of the parent load balancer. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `drainPeriodInSeconds` | int | `0` | | Amount of seconds Load Balancer waits for before sending RESET to client and backend address. if value is 0 then this property will be set to null. Subscription must register the feature Microsoft.Network/SLBAllowConnectionDraining before using this property. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `loadBalancerBackendAddresses` | array | `[]` | | An array of backend addresses. | -| `syncMode` | string | `''` | `['', Automatic, Manual]` | Backend address synchronous mode for the backend pool. | -| `tunnelInterfaces` | array | `[]` | | An array of gateway load balancer tunnel interfaces. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`drainPeriodInSeconds`](#parameter-drainperiodinseconds) | int | Amount of seconds Load Balancer waits for before sending RESET to client and backend address. if value is 0 then this property will be set to null. Subscription must register the feature Microsoft.Network/SLBAllowConnectionDraining before using this property. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`loadBalancerBackendAddresses`](#parameter-loadbalancerbackendaddresses) | array | An array of backend addresses. | +| [`syncMode`](#parameter-syncmode) | string | Backend address synchronous mode for the backend pool. | +| [`tunnelInterfaces`](#parameter-tunnelinterfaces) | array | An array of gateway load balancer tunnel interfaces. | + +### Parameter: `drainPeriodInSeconds` + +Amount of seconds Load Balancer waits for before sending RESET to client and backend address. if value is 0 then this property will be set to null. Subscription must register the feature Microsoft.Network/SLBAllowConnectionDraining before using this property. +- Required: No +- Type: int +- Default: `0` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `loadBalancerBackendAddresses` + +An array of backend addresses. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `loadBalancerName` + +The name of the parent load balancer. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `name` + +The name of the backend address pool. +- Required: Yes +- Type: string + +### Parameter: `syncMode` + +Backend address synchronous mode for the backend pool. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', Automatic, Manual]` + +### Parameter: `tunnelInterfaces` + +An array of gateway load balancer tunnel interfaces. +- Required: No +- Type: array +- Default: `[]` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the backend address pool. | | `resourceGroupName` | string | The resource group the backend address pool was deployed into. | diff --git a/modules/network/load-balancer/backend-address-pool/main.json b/modules/network/load-balancer/backend-address-pool/main.json index 4c67067b1a..e79735bfeb 100644 --- a/modules/network/load-balancer/backend-address-pool/main.json +++ b/modules/network/load-balancer/backend-address-pool/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "14919070901241549953" + "version": "0.22.6.54827", + "templateHash": "8746126160153035357" }, "name": "Load Balancer Backend Address Pools", "description": "This module deploys a Load Balancer Backend Address Pools.", diff --git a/modules/network/load-balancer/inbound-nat-rule/README.md b/modules/network/load-balancer/inbound-nat-rule/README.md index c26aee6bf8..012c32a79f 100644 --- a/modules/network/load-balancer/inbound-nat-rule/README.md +++ b/modules/network/load-balancer/inbound-nat-rule/README.md @@ -19,36 +19,124 @@ This module deploys a Load Balancer Inbound NAT Rules. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `frontendIPConfigurationName` | string | The name of the frontend IP address to set for the inbound NAT rule. | -| `frontendPort` | int | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. | -| `name` | string | The name of the inbound NAT rule. | +| [`frontendIPConfigurationName`](#parameter-frontendipconfigurationname) | string | The name of the frontend IP address to set for the inbound NAT rule. | +| [`frontendPort`](#parameter-frontendport) | int | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. | +| [`name`](#parameter-name) | string | The name of the inbound NAT rule. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `loadBalancerName` | string | The name of the parent load balancer. Required if the template is used in a standalone deployment. | +| [`loadBalancerName`](#parameter-loadbalancername) | string | The name of the parent load balancer. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `backendAddressPoolName` | string | `''` | | Name of the backend address pool. | -| `backendPort` | int | `[parameters('frontendPort')]` | | The port used for the internal endpoint. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `enableFloatingIP` | bool | `False` | | Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint. | -| `enableTcpReset` | bool | `False` | | Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP. | -| `frontendPortRangeEnd` | int | `-1` | | The port range end for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeStart. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. | -| `frontendPortRangeStart` | int | `-1` | | The port range start for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeEnd. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. | -| `idleTimeoutInMinutes` | int | `4` | | The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP. | -| `protocol` | string | `'Tcp'` | `[All, Tcp, Udp]` | The transport protocol for the endpoint. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`backendAddressPoolName`](#parameter-backendaddresspoolname) | string | Name of the backend address pool. | +| [`backendPort`](#parameter-backendport) | int | The port used for the internal endpoint. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`enableFloatingIP`](#parameter-enablefloatingip) | bool | Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint. | +| [`enableTcpReset`](#parameter-enabletcpreset) | bool | Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP. | +| [`frontendPortRangeEnd`](#parameter-frontendportrangeend) | int | The port range end for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeStart. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. | +| [`frontendPortRangeStart`](#parameter-frontendportrangestart) | int | The port range start for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeEnd. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. | +| [`idleTimeoutInMinutes`](#parameter-idletimeoutinminutes) | int | The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP. | +| [`protocol`](#parameter-protocol) | string | The transport protocol for the endpoint. | + +### Parameter: `backendAddressPoolName` + +Name of the backend address pool. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `backendPort` + +The port used for the internal endpoint. +- Required: No +- Type: int +- Default: `[parameters('frontendPort')]` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `enableFloatingIP` + +Configures a virtual machine's endpoint for the floating IP capability required to configure a SQL AlwaysOn Availability Group. This setting is required when using the SQL AlwaysOn Availability Groups in SQL server. This setting can't be changed after you create the endpoint. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `enableTcpReset` + +Receive bidirectional TCP Reset on TCP flow idle timeout or unexpected connection termination. This element is only used when the protocol is set to TCP. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `frontendIPConfigurationName` + +The name of the frontend IP address to set for the inbound NAT rule. +- Required: Yes +- Type: string + +### Parameter: `frontendPort` + +The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. +- Required: Yes +- Type: int + +### Parameter: `frontendPortRangeEnd` + +The port range end for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeStart. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. +- Required: No +- Type: int +- Default: `-1` + +### Parameter: `frontendPortRangeStart` + +The port range start for the external endpoint. This property is used together with BackendAddressPool and FrontendPortRangeEnd. Individual inbound NAT rule port mappings will be created for each backend address from BackendAddressPool. +- Required: No +- Type: int +- Default: `-1` + +### Parameter: `idleTimeoutInMinutes` + +The timeout for the TCP idle connection. The value can be set between 4 and 30 minutes. The default value is 4 minutes. This element is only used when the protocol is set to TCP. +- Required: No +- Type: int +- Default: `4` + +### Parameter: `loadBalancerName` + +The name of the parent load balancer. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `name` + +The name of the inbound NAT rule. +- Required: Yes +- Type: string + +### Parameter: `protocol` + +The transport protocol for the endpoint. +- Required: No +- Type: string +- Default: `'Tcp'` +- Allowed: `[All, Tcp, Udp]` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the inbound NAT rule. | | `resourceGroupName` | string | The resource group the inbound NAT rule was deployed into. | diff --git a/modules/network/load-balancer/inbound-nat-rule/main.json b/modules/network/load-balancer/inbound-nat-rule/main.json index e340a35b19..f72e675dc4 100644 --- a/modules/network/load-balancer/inbound-nat-rule/main.json +++ b/modules/network/load-balancer/inbound-nat-rule/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "17563889842244498787" + "version": "0.22.6.54827", + "templateHash": "10708877822656641045" }, "name": "Load Balancer Inbound NAT Rules", "description": "This module deploys a Load Balancer Inbound NAT Rules.", diff --git a/modules/network/load-balancer/main.json b/modules/network/load-balancer/main.json index ef65dd9b14..974b7006fd 100644 --- a/modules/network/load-balancer/main.json +++ b/modules/network/load-balancer/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "5174015576413093389" + "version": "0.22.6.54827", + "templateHash": "4129476930281729422" }, "name": "Load Balancers", "description": "This module deploys a Load Balancer.", @@ -353,8 +353,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "10695626328021788561" + "version": "0.22.6.54827", + "templateHash": "8746126160153035357" }, "name": "Load Balancer Backend Address Pools", "description": "This module deploys a Load Balancer Backend Address Pools.", @@ -514,8 +514,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "8138775732002888044" + "version": "0.22.6.54827", + "templateHash": "10708877822656641045" }, "name": "Load Balancer Inbound NAT Rules", "description": "This module deploys a Load Balancer Inbound NAT Rules.", @@ -722,8 +722,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "5738508706605924950" + "version": "0.22.6.54827", + "templateHash": "14340033754168371744" } }, "parameters": { diff --git a/modules/network/local-network-gateway/.test/common/main.test.bicep b/modules/network/local-network-gateway/.test/common/main.test.bicep index eb7d4a2d7a..1a5b15a9df 100644 --- a/modules/network/local-network-gateway/.test/common/main.test.bicep +++ b/modules/network/local-network-gateway/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/local-network-gateway/.test/min/main.test.bicep b/modules/network/local-network-gateway/.test/min/main.test.bicep index 54f8df4c34..4e18475d60 100644 --- a/modules/network/local-network-gateway/.test/min/main.test.bicep +++ b/modules/network/local-network-gateway/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/local-network-gateway/README.md b/modules/network/local-network-gateway/README.md index 6cbde10008..19e39e7759 100644 --- a/modules/network/local-network-gateway/README.md +++ b/modules/network/local-network-gateway/README.md @@ -4,13 +4,13 @@ This module deploys a Local Network Gateway. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -18,59 +18,29 @@ This module deploys a Local Network Gateway. | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Network/localNetworkGateways` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/localNetworkGateways) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `localAddressPrefixes` | array | List of the local (on-premises) IP address ranges. | -| `localGatewayPublicIpAddress` | string | Public IP of the local gateway. | -| `name` | string | Name of the Local Network Gateway. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `fqdn` | string | `''` | | FQDN of local network gateway. | -| `localAsn` | string | `''` | | The BGP speaker's ASN. Not providing this value will automatically disable BGP on this Local Network Gateway resource. | -| `localBgpPeeringAddress` | string | `''` | | The BGP peering address and BGP identifier of this BGP speaker. Not providing this value will automatically disable BGP on this Local Network Gateway resource. | -| `localPeerWeight` | string | `''` | | The weight added to routes learned from this BGP speaker. This will only take effect if both the localAsn and the localBgpPeeringAddress values are provided. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `tags` | object | `{object}` | | Tags of the resource. | - +## Usage examples -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the local network gateway. | -| `resourceGroupName` | string | The resource group the local network gateway was deployed into. | -| `resourceId` | string | The resource ID of the local network gateway. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.local-network-gateway:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module localNetworkGateway './network/local-network-gateway/main.bicep' = { +module localNetworkGateway 'br:bicep/modules/network.local-network-gateway:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nlngcom' params: { // Required parameters @@ -164,14 +134,17 @@ module localNetworkGateway './network/local-network-gateway/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module localNetworkGateway './network/local-network-gateway/main.bicep' = { +module localNetworkGateway 'br:bicep/modules/network.local-network-gateway:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nlngmin' params: { // Required parameters @@ -220,3 +193,124 @@ module localNetworkGateway './network/local-network-gateway/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`localAddressPrefixes`](#parameter-localaddressprefixes) | array | List of the local (on-premises) IP address ranges. | +| [`localGatewayPublicIpAddress`](#parameter-localgatewaypublicipaddress) | string | Public IP of the local gateway. | +| [`name`](#parameter-name) | string | Name of the Local Network Gateway. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`fqdn`](#parameter-fqdn) | string | FQDN of local network gateway. | +| [`localAsn`](#parameter-localasn) | string | The BGP speaker's ASN. Not providing this value will automatically disable BGP on this Local Network Gateway resource. | +| [`localBgpPeeringAddress`](#parameter-localbgppeeringaddress) | string | The BGP peering address and BGP identifier of this BGP speaker. Not providing this value will automatically disable BGP on this Local Network Gateway resource. | +| [`localPeerWeight`](#parameter-localpeerweight) | string | The weight added to routes learned from this BGP speaker. This will only take effect if both the localAsn and the localBgpPeeringAddress values are provided. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `fqdn` + +FQDN of local network gateway. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `localAddressPrefixes` + +List of the local (on-premises) IP address ranges. +- Required: Yes +- Type: array + +### Parameter: `localAsn` + +The BGP speaker's ASN. Not providing this value will automatically disable BGP on this Local Network Gateway resource. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `localBgpPeeringAddress` + +The BGP peering address and BGP identifier of this BGP speaker. Not providing this value will automatically disable BGP on this Local Network Gateway resource. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `localGatewayPublicIpAddress` + +Public IP of the local gateway. +- Required: Yes +- Type: string + +### Parameter: `localPeerWeight` + +The weight added to routes learned from this BGP speaker. This will only take effect if both the localAsn and the localBgpPeeringAddress values are provided. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name of the Local Network Gateway. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the local network gateway. | +| `resourceGroupName` | string | The resource group the local network gateway was deployed into. | +| `resourceId` | string | The resource ID of the local network gateway. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/local-network-gateway/main.json b/modules/network/local-network-gateway/main.json index ab62f612c9..7ddb2effdf 100644 --- a/modules/network/local-network-gateway/main.json +++ b/modules/network/local-network-gateway/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "12820613470164660088" + "version": "0.22.6.54827", + "templateHash": "3075207124319652071" }, "name": "Local Network Gateways", "description": "This module deploys a Local Network Gateway.", @@ -185,8 +185,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "12018482118126048951" + "version": "0.22.6.54827", + "templateHash": "181485081298307705" } }, "parameters": { diff --git a/modules/network/nat-gateway/.test/common/main.test.bicep b/modules/network/nat-gateway/.test/common/main.test.bicep index 8bb8083fdd..c2e784ada1 100644 --- a/modules/network/nat-gateway/.test/common/main.test.bicep +++ b/modules/network/nat-gateway/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/nat-gateway/README.md b/modules/network/nat-gateway/README.md index 2ae5f1ad5c..cc91d2343b 100644 --- a/modules/network/nat-gateway/README.md +++ b/modules/network/nat-gateway/README.md @@ -4,13 +4,13 @@ This module deploys a NAT Gateway. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -20,72 +20,28 @@ This module deploys a NAT Gateway. | `Microsoft.Network/natGateways` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/natGateways) | | `Microsoft.Network/publicIPAddresses` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/publicIPAddresses) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Name of the Azure Bastion resource. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | -| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | -| `diagnosticSettingsName` | string | `''` | | The name of the public IP diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | -| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | -| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | -| `domainNameLabel` | string | `''` | | DNS name of the Public IP resource. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `idleTimeoutInMinutes` | int | `5` | | The idle timeout of the NAT gateway. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `natGatewayPipName` | string | `''` | | Specifies the name of the Public IP used by the NAT Gateway. If it's not provided, a '-pip' suffix will be appended to the Bastion's name. | -| `natGatewayPublicIpAddress` | bool | `False` | | Use to have a new Public IP Address created for the NAT Gateway. | -| `publicIpAddresses` | array | `[]` | | Existing Public IP Address resource names to use for the NAT Gateway. | -| `publicIpPrefixes` | array | `[]` | | Existing Public IP Prefixes resource names to use for the NAT Gateway. | -| `publicIPPrefixResourceId` | string | `''` | | Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `tags` | object | `{object}` | | Tags for the resource. | -| `zones` | array | `[]` | | A list of availability zones denoting the zone in which Nat Gateway should be deployed. | - +## Usage examples -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the NAT Gateway. | -| `resourceGroupName` | string | The resource group the NAT Gateway was deployed into. | -| `resourceId` | string | The resource ID of the NAT Gateway. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -This section gives you an overview of all local-referenced module files (i.e., other CARML modules that are referenced in this module) and all remote-referenced files (i.e., Bicep modules that are referenced from a Bicep Registry or Template Specs). + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.nat-gateway:1.0.0`. -| Reference | Type | -| :-- | :-- | -| `network/public-ip-address` | Local reference | +- [Using only defaults](#example-1-using-only-defaults) -## Deployment examples +### Example 1: _Using only defaults_ -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +This instance deploys the module with the minimum set of required parameters. - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. - -

Example 1: Common

via Bicep module ```bicep -module natGateway './network/nat-gateway/main.bicep' = { +module natGateway 'br:bicep/modules/network.nat-gateway:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nngcom' params: { // Required parameters @@ -178,3 +134,204 @@ module natGateway './network/nat-gateway/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Name of the Azure Bastion resource. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`diagnosticEventHubAuthorizationRuleId`](#parameter-diagnosticeventhubauthorizationruleid) | string | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | +| [`diagnosticEventHubName`](#parameter-diagnosticeventhubname) | string | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | +| [`diagnosticLogCategoriesToEnable`](#parameter-diagnosticlogcategoriestoenable) | array | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | +| [`diagnosticMetricsToEnable`](#parameter-diagnosticmetricstoenable) | array | The name of metrics that will be streamed. | +| [`diagnosticSettingsName`](#parameter-diagnosticsettingsname) | string | The name of the public IP diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | +| [`diagnosticStorageAccountId`](#parameter-diagnosticstorageaccountid) | string | Resource ID of the diagnostic storage account. | +| [`diagnosticWorkspaceId`](#parameter-diagnosticworkspaceid) | string | Resource ID of the diagnostic log analytics workspace. | +| [`domainNameLabel`](#parameter-domainnamelabel) | string | DNS name of the Public IP resource. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`idleTimeoutInMinutes`](#parameter-idletimeoutinminutes) | int | The idle timeout of the NAT gateway. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`natGatewayPipName`](#parameter-natgatewaypipname) | string | Specifies the name of the Public IP used by the NAT Gateway. If it's not provided, a '-pip' suffix will be appended to the Bastion's name. | +| [`natGatewayPublicIpAddress`](#parameter-natgatewaypublicipaddress) | bool | Use to have a new Public IP Address created for the NAT Gateway. | +| [`publicIpAddresses`](#parameter-publicipaddresses) | array | Existing Public IP Address resource names to use for the NAT Gateway. | +| [`publicIpPrefixes`](#parameter-publicipprefixes) | array | Existing Public IP Prefixes resource names to use for the NAT Gateway. | +| [`publicIPPrefixResourceId`](#parameter-publicipprefixresourceid) | string | Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`tags`](#parameter-tags) | object | Tags for the resource. | +| [`zones`](#parameter-zones) | array | A list of availability zones denoting the zone in which Nat Gateway should be deployed. | + +### Parameter: `diagnosticEventHubAuthorizationRuleId` + +Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticEventHubName` + +Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticLogCategoriesToEnable` + +The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. +- Required: No +- Type: array +- Default: `[allLogs]` +- Allowed: `['', allLogs, DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` + +### Parameter: `diagnosticMetricsToEnable` + +The name of metrics that will be streamed. +- Required: No +- Type: array +- Default: `[AllMetrics]` +- Allowed: `[AllMetrics]` + +### Parameter: `diagnosticSettingsName` + +The name of the public IP diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticStorageAccountId` + +Resource ID of the diagnostic storage account. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticWorkspaceId` + +Resource ID of the diagnostic log analytics workspace. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `domainNameLabel` + +DNS name of the Public IP resource. A region specific suffix will be appended to it, e.g.: your-DNS-name.westeurope.cloudapp.azure.com. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `idleTimeoutInMinutes` + +The idle timeout of the NAT gateway. +- Required: No +- Type: int +- Default: `5` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name of the Azure Bastion resource. +- Required: Yes +- Type: string + +### Parameter: `natGatewayPipName` + +Specifies the name of the Public IP used by the NAT Gateway. If it's not provided, a '-pip' suffix will be appended to the Bastion's name. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `natGatewayPublicIpAddress` + +Use to have a new Public IP Address created for the NAT Gateway. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `publicIpAddresses` + +Existing Public IP Address resource names to use for the NAT Gateway. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `publicIpPrefixes` + +Existing Public IP Prefixes resource names to use for the NAT Gateway. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `publicIPPrefixResourceId` + +Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags for the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `zones` + +A list of availability zones denoting the zone in which Nat Gateway should be deployed. +- Required: No +- Type: array +- Default: `[]` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the NAT Gateway. | +| `resourceGroupName` | string | The resource group the NAT Gateway was deployed into. | +| `resourceId` | string | The resource ID of the NAT Gateway. | + +## Cross-referenced modules + +This section gives you an overview of all local-referenced module files (i.e., other CARML modules that are referenced in this module) and all remote-referenced files (i.e., Bicep modules that are referenced from a Bicep Registry or Template Specs). + +| Reference | Type | +| :-- | :-- | +| `modules/network/public-ip-address` | Local reference | diff --git a/modules/network/nat-gateway/main.json b/modules/network/nat-gateway/main.json index 8ae2e59ca3..ffc7620f1a 100644 --- a/modules/network/nat-gateway/main.json +++ b/modules/network/nat-gateway/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "14895423675743454" + "version": "0.22.6.54827", + "templateHash": "9634258356447527908" }, "name": "NAT Gateways", "description": "This module deploys a NAT Gateway.", @@ -314,8 +314,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "1887898957722092173" + "version": "0.22.6.54827", + "templateHash": "4317747709004918530" }, "name": "Public IP Addresses", "description": "This module deploys a Public IP Address.", @@ -648,8 +648,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "7328126239184883887" + "version": "0.22.6.54827", + "templateHash": "9976109177347918049" } }, "parameters": { @@ -866,8 +866,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "15916588634255073631" + "version": "0.22.6.54827", + "templateHash": "15036243165894053484" } }, "parameters": { diff --git a/modules/network/network-interface/.test/common/main.test.bicep b/modules/network/network-interface/.test/common/main.test.bicep index 50737c3734..af1b75e90a 100644 --- a/modules/network/network-interface/.test/common/main.test.bicep +++ b/modules/network/network-interface/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/network-interface/.test/min/main.test.bicep b/modules/network/network-interface/.test/min/main.test.bicep index 11236f4d45..6b96f1f644 100644 --- a/modules/network/network-interface/.test/min/main.test.bicep +++ b/modules/network/network-interface/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/network-interface/README.md b/modules/network/network-interface/README.md index ed14946f06..5f9acf3af5 100644 --- a/modules/network/network-interface/README.md +++ b/modules/network/network-interface/README.md @@ -5,10 +5,10 @@ This module deploys a Network Interface. ## Navigation - [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) ## Resource Types @@ -19,67 +19,29 @@ This module deploys a Network Interface. | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) | | `Microsoft.Network/networkInterfaces` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/networkInterfaces) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `ipConfigurations` | array | A list of IPConfigurations of the network interface. | -| `name` | string | The name of the network interface. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `auxiliaryMode` | string | `'None'` | `[Floating, MaxConnections, None]` | Auxiliary mode of Network Interface resource. Not all regions are enabled for Auxiliary Mode Nic. | -| `auxiliarySku` | string | `'None'` | `[A1, A2, A4, A8, None]` | Auxiliary sku of Network Interface resource. Not all regions are enabled for Auxiliary Mode Nic. | -| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | -| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | -| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | -| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | -| `diagnosticWorkspaceId` | string | `''` | | Resource identifier of log analytics. | -| `disableTcpStateTracking` | bool | `False` | | Indicates whether to disable tcp state tracking. Subscription must be registered for the Microsoft.Network/AllowDisableTcpStateTracking feature before this property can be set to true. | -| `dnsServers` | array | `[]` | | List of DNS servers IP addresses. Use 'AzureProvidedDNS' to switch to azure provided DNS resolution. 'AzureProvidedDNS' value cannot be combined with other IPs, it must be the only value in dnsServers collection. | -| `enableAcceleratedNetworking` | bool | `False` | | If the network interface is accelerated networking enabled. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `enableIPForwarding` | bool | `False` | | Indicates whether IP forwarding is enabled on this network interface. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `networkSecurityGroupResourceId` | string | `''` | | The network security group (NSG) to attach to the network interface. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `tags` | object | `{object}` | | Tags of the resource. | - - -## Outputs +## Usage examples -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the deployed resource. | -| `resourceGroupName` | string | The resource group of the deployed resource. | -| `resourceId` | string | The resource ID of the deployed resource. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.network-interface:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module networkInterface './network/network-interface/main.bicep' = { +module networkInterface 'br:bicep/modules/network.network-interface:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nnicom' params: { // Required parameters @@ -219,14 +181,17 @@ module networkInterface './network/network-interface/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module networkInterface './network/network-interface/main.bicep' = { +module networkInterface 'br:bicep/modules/network.network-interface:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nnimin' params: { // Required parameters @@ -277,3 +242,192 @@ module networkInterface './network/network-interface/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`ipConfigurations`](#parameter-ipconfigurations) | array | A list of IPConfigurations of the network interface. | +| [`name`](#parameter-name) | string | The name of the network interface. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`auxiliaryMode`](#parameter-auxiliarymode) | string | Auxiliary mode of Network Interface resource. Not all regions are enabled for Auxiliary Mode Nic. | +| [`auxiliarySku`](#parameter-auxiliarysku) | string | Auxiliary sku of Network Interface resource. Not all regions are enabled for Auxiliary Mode Nic. | +| [`diagnosticEventHubAuthorizationRuleId`](#parameter-diagnosticeventhubauthorizationruleid) | string | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | +| [`diagnosticEventHubName`](#parameter-diagnosticeventhubname) | string | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | +| [`diagnosticMetricsToEnable`](#parameter-diagnosticmetricstoenable) | array | The name of metrics that will be streamed. | +| [`diagnosticSettingsName`](#parameter-diagnosticsettingsname) | string | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | +| [`diagnosticStorageAccountId`](#parameter-diagnosticstorageaccountid) | string | Resource ID of the diagnostic storage account. | +| [`diagnosticWorkspaceId`](#parameter-diagnosticworkspaceid) | string | Resource identifier of log analytics. | +| [`disableTcpStateTracking`](#parameter-disabletcpstatetracking) | bool | Indicates whether to disable tcp state tracking. Subscription must be registered for the Microsoft.Network/AllowDisableTcpStateTracking feature before this property can be set to true. | +| [`dnsServers`](#parameter-dnsservers) | array | List of DNS servers IP addresses. Use 'AzureProvidedDNS' to switch to azure provided DNS resolution. 'AzureProvidedDNS' value cannot be combined with other IPs, it must be the only value in dnsServers collection. | +| [`enableAcceleratedNetworking`](#parameter-enableacceleratednetworking) | bool | If the network interface is accelerated networking enabled. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`enableIPForwarding`](#parameter-enableipforwarding) | bool | Indicates whether IP forwarding is enabled on this network interface. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`networkSecurityGroupResourceId`](#parameter-networksecuritygroupresourceid) | string | The network security group (NSG) to attach to the network interface. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | + +### Parameter: `auxiliaryMode` + +Auxiliary mode of Network Interface resource. Not all regions are enabled for Auxiliary Mode Nic. +- Required: No +- Type: string +- Default: `'None'` +- Allowed: `[Floating, MaxConnections, None]` + +### Parameter: `auxiliarySku` + +Auxiliary sku of Network Interface resource. Not all regions are enabled for Auxiliary Mode Nic. +- Required: No +- Type: string +- Default: `'None'` +- Allowed: `[A1, A2, A4, A8, None]` + +### Parameter: `diagnosticEventHubAuthorizationRuleId` + +Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticEventHubName` + +Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticMetricsToEnable` + +The name of metrics that will be streamed. +- Required: No +- Type: array +- Default: `[AllMetrics]` +- Allowed: `[AllMetrics]` + +### Parameter: `diagnosticSettingsName` + +The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticStorageAccountId` + +Resource ID of the diagnostic storage account. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticWorkspaceId` + +Resource identifier of log analytics. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `disableTcpStateTracking` + +Indicates whether to disable tcp state tracking. Subscription must be registered for the Microsoft.Network/AllowDisableTcpStateTracking feature before this property can be set to true. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `dnsServers` + +List of DNS servers IP addresses. Use 'AzureProvidedDNS' to switch to azure provided DNS resolution. 'AzureProvidedDNS' value cannot be combined with other IPs, it must be the only value in dnsServers collection. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `enableAcceleratedNetworking` + +If the network interface is accelerated networking enabled. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `enableIPForwarding` + +Indicates whether IP forwarding is enabled on this network interface. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `ipConfigurations` + +A list of IPConfigurations of the network interface. +- Required: Yes +- Type: array + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +The name of the network interface. +- Required: Yes +- Type: string + +### Parameter: `networkSecurityGroupResourceId` + +The network security group (NSG) to attach to the network interface. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the deployed resource. | +| `resourceGroupName` | string | The resource group of the deployed resource. | +| `resourceId` | string | The resource ID of the deployed resource. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/network-interface/main.json b/modules/network/network-interface/main.json index 59419cbae3..20e292dd8f 100644 --- a/modules/network/network-interface/main.json +++ b/modules/network/network-interface/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "5974456600868040376" + "version": "0.22.6.54827", + "templateHash": "14479255820598719580" }, "name": "Network Interface", "description": "This module deploys a Network Interface.", @@ -307,8 +307,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "10645923556503351364" + "version": "0.22.6.54827", + "templateHash": "11518733977101662334" } }, "parameters": { diff --git a/modules/network/network-manager/.test/common/main.test.bicep b/modules/network/network-manager/.test/common/main.test.bicep index 1ebb51582a..fa35be8530 100644 --- a/modules/network/network-manager/.test/common/main.test.bicep +++ b/modules/network/network-manager/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/network-manager/README.md b/modules/network/network-manager/README.md index 656930cdc9..a107a7ffab 100644 --- a/modules/network/network-manager/README.md +++ b/modules/network/network-manager/README.md @@ -5,10 +5,10 @@ This module deploys a Network Manager. ## Navigation - [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) - [Notes](#Notes) ## Resource Types @@ -26,65 +26,28 @@ This module deploys a Network Manager. | `Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections` | [2023-02-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-02-01/networkManagers/securityAdminConfigurations/ruleCollections) | | `Microsoft.Network/networkManagers/securityAdminConfigurations/ruleCollections/rules` | [2023-02-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-02-01/networkManagers/securityAdminConfigurations/ruleCollections/rules) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Name of the Network Manager. | -| `networkManagerScopeAccesses` | array | Scope Access. String array containing any of "Connectivity", "SecurityAdmin". The connectivity feature allows you to create network topologies at scale. The security admin feature lets you create high-priority security rules, which take precedence over NSGs. | -| `networkManagerScopes` | object | Scope of Network Manager. Contains a list of management groups or a list of subscriptions. This defines the boundary of network resources that this Network Manager instance can manage. If using Management Groups, ensure that the "Microsoft.Network" resource provider is registered for those Management Groups prior to deployment. | - -**Conditional parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `networkGroups` | array | Network Groups and static members to create for the network manager. Required if using "connectivityConfigurations" or "securityAdminConfigurations" parameters. A network group is global container that includes a set of virtual network resources from any region. Then, configurations are applied to target the network group, which applies the configuration to all members of the group. The two types are group memberships are static and dynamic memberships. Static membership allows you to explicitly add virtual networks to a group by manually selecting individual virtual networks, and is available as a child module, while dynamic membership is defined through Azure policy. See [How Azure Policy works with Network Groups](https://learn.microsoft.com/en-us/azure/virtual-network-manager/concept-azure-policy-integration) for more details. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `connectivityConfigurations` | array | `[]` | | Connectivity Configurations to create for the network manager. Network manager must contain at least one network group in order to define connectivity configurations. | -| `description` | string | `''` | | A description of the network manager. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `scopeConnections` | array | `[]` | | Scope Connections to create for the network manager. Allows network manager to manage resources from another tenant. Supports management groups or subscriptions from another tenant. | -| `securityAdminConfigurations` | array | `[]` | | Security Admin Configurations, Rule Collections and Rules to create for the network manager. Azure Virtual Network Manager provides two different types of configurations you can deploy across your virtual networks, one of them being a SecurityAdmin configuration. A security admin configuration contains a set of rule collections. Each rule collection contains one or more security admin rules. You then associate the rule collection with the network groups that you want to apply the security admin rules to. | -| `tags` | object | `{object}` | | Tags of the resource. | - - -## Outputs +## Usage examples -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the network manager. | -| `resourceGroupName` | string | The resource group the network manager was deployed into. | -| `resourceId` | string | The resource ID of the network manager. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.network-manager:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module networkManager './network/network-manager/main.bicep' = { +module networkManager 'br:bicep/modules/network.network-manager:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nnmcom' params: { // Required parameters @@ -523,6 +486,139 @@ module networkManager './network/network-manager/main.bicep' = {

+## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Name of the Network Manager. | +| [`networkManagerScopeAccesses`](#parameter-networkmanagerscopeaccesses) | array | Scope Access. String array containing any of "Connectivity", "SecurityAdmin". The connectivity feature allows you to create network topologies at scale. The security admin feature lets you create high-priority security rules, which take precedence over NSGs. | +| [`networkManagerScopes`](#parameter-networkmanagerscopes) | object | Scope of Network Manager. Contains a list of management groups or a list of subscriptions. This defines the boundary of network resources that this Network Manager instance can manage. If using Management Groups, ensure that the "Microsoft.Network" resource provider is registered for those Management Groups prior to deployment. | + +**Conditional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`networkGroups`](#parameter-networkgroups) | array | Network Groups and static members to create for the network manager. Required if using "connectivityConfigurations" or "securityAdminConfigurations" parameters. A network group is global container that includes a set of virtual network resources from any region. Then, configurations are applied to target the network group, which applies the configuration to all members of the group. The two types are group memberships are static and dynamic memberships. Static membership allows you to explicitly add virtual networks to a group by manually selecting individual virtual networks, and is available as a child module, while dynamic membership is defined through Azure policy. See [How Azure Policy works with Network Groups](https://learn.microsoft.com/en-us/azure/virtual-network-manager/concept-azure-policy-integration) for more details. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`connectivityConfigurations`](#parameter-connectivityconfigurations) | array | Connectivity Configurations to create for the network manager. Network manager must contain at least one network group in order to define connectivity configurations. | +| [`description`](#parameter-description) | string | A description of the network manager. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`scopeConnections`](#parameter-scopeconnections) | array | Scope Connections to create for the network manager. Allows network manager to manage resources from another tenant. Supports management groups or subscriptions from another tenant. | +| [`securityAdminConfigurations`](#parameter-securityadminconfigurations) | array | Security Admin Configurations, Rule Collections and Rules to create for the network manager. Azure Virtual Network Manager provides two different types of configurations you can deploy across your virtual networks, one of them being a SecurityAdmin configuration. A security admin configuration contains a set of rule collections. Each rule collection contains one or more security admin rules. You then associate the rule collection with the network groups that you want to apply the security admin rules to. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | + +### Parameter: `connectivityConfigurations` + +Connectivity Configurations to create for the network manager. Network manager must contain at least one network group in order to define connectivity configurations. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `description` + +A description of the network manager. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name of the Network Manager. +- Required: Yes +- Type: string + +### Parameter: `networkGroups` + +Network Groups and static members to create for the network manager. Required if using "connectivityConfigurations" or "securityAdminConfigurations" parameters. A network group is global container that includes a set of virtual network resources from any region. Then, configurations are applied to target the network group, which applies the configuration to all members of the group. The two types are group memberships are static and dynamic memberships. Static membership allows you to explicitly add virtual networks to a group by manually selecting individual virtual networks, and is available as a child module, while dynamic membership is defined through Azure policy. See [How Azure Policy works with Network Groups](https://learn.microsoft.com/en-us/azure/virtual-network-manager/concept-azure-policy-integration) for more details. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `networkManagerScopeAccesses` + +Scope Access. String array containing any of "Connectivity", "SecurityAdmin". The connectivity feature allows you to create network topologies at scale. The security admin feature lets you create high-priority security rules, which take precedence over NSGs. +- Required: Yes +- Type: array + +### Parameter: `networkManagerScopes` + +Scope of Network Manager. Contains a list of management groups or a list of subscriptions. This defines the boundary of network resources that this Network Manager instance can manage. If using Management Groups, ensure that the "Microsoft.Network" resource provider is registered for those Management Groups prior to deployment. +- Required: Yes +- Type: object + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `scopeConnections` + +Scope Connections to create for the network manager. Allows network manager to manage resources from another tenant. Supports management groups or subscriptions from another tenant. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `securityAdminConfigurations` + +Security Admin Configurations, Rule Collections and Rules to create for the network manager. Azure Virtual Network Manager provides two different types of configurations you can deploy across your virtual networks, one of them being a SecurityAdmin configuration. A security admin configuration contains a set of rule collections. Each rule collection contains one or more security admin rules. You then associate the rule collection with the network groups that you want to apply the security admin rules to. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the network manager. | +| `resourceGroupName` | string | The resource group the network manager was deployed into. | +| `resourceId` | string | The resource ID of the network manager. | + +## Cross-referenced modules + +_None_ + ## Notes ### Considerations diff --git a/modules/network/network-manager/connectivity-configuration/README.md b/modules/network/network-manager/connectivity-configuration/README.md index 77c750ba1f..cf5ff24e23 100644 --- a/modules/network/network-manager/connectivity-configuration/README.md +++ b/modules/network/network-manager/connectivity-configuration/README.md @@ -20,32 +20,95 @@ Connectivity configurations define hub-and-spoke or mesh topologies applied to o **Required parameters** -| Parameter Name | Type | Allowed Values | Description | -| :-- | :-- | :-- | :-- | -| `appliesToGroups` | array | | Network Groups for the configuration. | -| `connectivityTopology` | string | `[HubAndSpoke, Mesh]` | Connectivity topology type. | -| `name` | string | | The name of the connectivity configuration. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`appliesToGroups`](#parameter-appliestogroups) | array | Network Groups for the configuration. | +| [`connectivityTopology`](#parameter-connectivitytopology) | string | Connectivity topology type. | +| [`name`](#parameter-name) | string | The name of the connectivity configuration. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `hubs` | array | List of hub items. This will create peerings between the specified hub and the virtual networks in the network group specified. Required if connectivityTopology is of type "HubAndSpoke". | -| `networkManagerName` | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | +| [`hubs`](#parameter-hubs) | array | List of hub items. This will create peerings between the specified hub and the virtual networks in the network group specified. Required if connectivityTopology is of type "HubAndSpoke". | +| [`networkManagerName`](#parameter-networkmanagername) | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `deleteExistingPeering` | string | `'False'` | `[False, True]` | Flag if need to remove current existing peerings. If set to "True", all peerings on virtual networks in selected network groups will be removed and replaced with the peerings defined by this configuration. Optional when connectivityTopology is of type "HubAndSpoke". | -| `description` | string | `''` | | A description of the connectivity configuration. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `isGlobal` | string | `'False'` | `[False, True]` | Flag if global mesh is supported. By default, mesh connectivity is applied to virtual networks within the same region. If set to "True", a global mesh enables connectivity across regions. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`deleteExistingPeering`](#parameter-deleteexistingpeering) | string | Flag if need to remove current existing peerings. If set to "True", all peerings on virtual networks in selected network groups will be removed and replaced with the peerings defined by this configuration. Optional when connectivityTopology is of type "HubAndSpoke". | +| [`description`](#parameter-description) | string | A description of the connectivity configuration. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`isGlobal`](#parameter-isglobal) | string | Flag if global mesh is supported. By default, mesh connectivity is applied to virtual networks within the same region. If set to "True", a global mesh enables connectivity across regions. | + +### Parameter: `appliesToGroups` + +Network Groups for the configuration. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `connectivityTopology` + +Connectivity topology type. +- Required: Yes +- Type: string +- Allowed: `[HubAndSpoke, Mesh]` + +### Parameter: `deleteExistingPeering` + +Flag if need to remove current existing peerings. If set to "True", all peerings on virtual networks in selected network groups will be removed and replaced with the peerings defined by this configuration. Optional when connectivityTopology is of type "HubAndSpoke". +- Required: No +- Type: string +- Default: `'False'` +- Allowed: `[False, True]` + +### Parameter: `description` + +A description of the connectivity configuration. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `hubs` + +List of hub items. This will create peerings between the specified hub and the virtual networks in the network group specified. Required if connectivityTopology is of type "HubAndSpoke". +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `isGlobal` + +Flag if global mesh is supported. By default, mesh connectivity is applied to virtual networks within the same region. If set to "True", a global mesh enables connectivity across regions. +- Required: No +- Type: string +- Default: `'False'` +- Allowed: `[False, True]` + +### Parameter: `name` + +The name of the connectivity configuration. +- Required: Yes +- Type: string + +### Parameter: `networkManagerName` + +The name of the parent network manager. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed connectivity configuration. | | `resourceGroupName` | string | The resource group the connectivity configuration was deployed into. | diff --git a/modules/network/network-manager/network-group/README.md b/modules/network/network-manager/network-group/README.md index b902fd22a1..a5f8dca4a0 100644 --- a/modules/network/network-manager/network-group/README.md +++ b/modules/network/network-manager/network-group/README.md @@ -21,28 +21,61 @@ A network group is a collection of same-type network resources that you can asso **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the network group. | +| [`name`](#parameter-name) | string | The name of the network group. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `networkManagerName` | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | +| [`networkManagerName`](#parameter-networkmanagername) | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `description` | string | `''` | A description of the network group. | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `staticMembers` | array | `[]` | Static Members to create for the network group. Contains virtual networks to add to the network group. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`description`](#parameter-description) | string | A description of the network group. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`staticMembers`](#parameter-staticmembers) | array | Static Members to create for the network group. Contains virtual networks to add to the network group. | + +### Parameter: `description` + +A description of the network group. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `name` + +The name of the network group. +- Required: Yes +- Type: string + +### Parameter: `networkManagerName` + +The name of the parent network manager. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `staticMembers` + +Static Members to create for the network group. Contains virtual networks to add to the network group. +- Required: No +- Type: array +- Default: `[]` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed network group. | | `resourceGroupName` | string | The resource group the network group was deployed into. | diff --git a/modules/network/network-manager/network-group/static-member/README.md b/modules/network/network-manager/network-group/static-member/README.md index 54989f4a2c..7a10fbc50c 100644 --- a/modules/network/network-manager/network-group/static-member/README.md +++ b/modules/network/network-manager/network-group/static-member/README.md @@ -20,28 +20,59 @@ Static membership allows you to explicitly add virtual networks to a group by ma **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the static member. | -| `resourceId` | string | Resource ID of the virtual network. | +| [`name`](#parameter-name) | string | The name of the static member. | +| [`resourceId`](#parameter-resourceid) | string | Resource ID of the virtual network. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `networkGroupName` | string | The name of the parent network group. Required if the template is used in a standalone deployment. | -| `networkManagerName` | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | +| [`networkGroupName`](#parameter-networkgroupname) | string | The name of the parent network group. Required if the template is used in a standalone deployment. | +| [`networkManagerName`](#parameter-networkmanagername) | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `name` + +The name of the static member. +- Required: Yes +- Type: string + +### Parameter: `networkGroupName` + +The name of the parent network group. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `networkManagerName` + +The name of the parent network manager. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `resourceId` + +Resource ID of the virtual network. +- Required: Yes +- Type: string ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed static member. | | `resourceGroupName` | string | The resource group the static member was deployed into. | diff --git a/modules/network/network-manager/scope-connection/README.md b/modules/network/network-manager/scope-connection/README.md index 3c0ef6d896..b2e6fbf6c5 100644 --- a/modules/network/network-manager/scope-connection/README.md +++ b/modules/network/network-manager/scope-connection/README.md @@ -20,29 +20,67 @@ Create a cross-tenant connection to manage a resource from another tenant. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the scope connection. | -| `resourceId` | string | Enter the subscription or management group resource ID that you want to add to this network manager's scope. | -| `tenantId` | string | Tenant ID of the subscription or management group that you want to manage. | +| [`name`](#parameter-name) | string | The name of the scope connection. | +| [`resourceId`](#parameter-resourceid) | string | Enter the subscription or management group resource ID that you want to add to this network manager's scope. | +| [`tenantId`](#parameter-tenantid) | string | Tenant ID of the subscription or management group that you want to manage. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `networkManagerName` | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | +| [`networkManagerName`](#parameter-networkmanagername) | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `description` | string | `''` | A description of the scope connection. | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`description`](#parameter-description) | string | A description of the scope connection. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | + +### Parameter: `description` + +A description of the scope connection. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `name` + +The name of the scope connection. +- Required: Yes +- Type: string + +### Parameter: `networkManagerName` + +The name of the parent network manager. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `resourceId` + +Enter the subscription or management group resource ID that you want to add to this network manager's scope. +- Required: Yes +- Type: string + +### Parameter: `tenantId` + +Tenant ID of the subscription or management group that you want to manage. +- Required: Yes +- Type: string ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed scope connection. | | `resourceGroupName` | string | The resource group the scope connection was deployed into. | diff --git a/modules/network/network-manager/security-admin-configuration/README.md b/modules/network/network-manager/security-admin-configuration/README.md index 10cd562c0a..c6cb473a8a 100644 --- a/modules/network/network-manager/security-admin-configuration/README.md +++ b/modules/network/network-manager/security-admin-configuration/README.md @@ -22,29 +22,70 @@ A security admin configuration contains a set of rule collections. Each rule col **Required parameters** -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `applyOnNetworkIntentPolicyBasedServices` | array | `[None]` | `[All, AllowRulesOnly, None]` | Enum list of network intent policy based services. | -| `name` | string | | | The name of the security admin configuration. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`applyOnNetworkIntentPolicyBasedServices`](#parameter-applyonnetworkintentpolicybasedservices) | array | Enum list of network intent policy based services. | +| [`name`](#parameter-name) | string | The name of the security admin configuration. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `networkManagerName` | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | +| [`networkManagerName`](#parameter-networkmanagername) | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `description` | string | `''` | A description of the security admin configuration. | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `ruleCollections` | array | `[]` | A security admin configuration contains a set of rule collections that are applied to network groups. Each rule collection contains one or more security admin rules. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`description`](#parameter-description) | string | A description of the security admin configuration. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`ruleCollections`](#parameter-rulecollections) | array | A security admin configuration contains a set of rule collections that are applied to network groups. Each rule collection contains one or more security admin rules. | + +### Parameter: `applyOnNetworkIntentPolicyBasedServices` + +Enum list of network intent policy based services. +- Required: No +- Type: array +- Default: `[None]` +- Allowed: `[All, AllowRulesOnly, None]` + +### Parameter: `description` + +A description of the security admin configuration. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `name` + +The name of the security admin configuration. +- Required: Yes +- Type: string + +### Parameter: `networkManagerName` + +The name of the parent network manager. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `ruleCollections` + +A security admin configuration contains a set of rule collections that are applied to network groups. Each rule collection contains one or more security admin rules. +- Required: No +- Type: array +- Default: `[]` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed security admin configuration. | | `resourceGroupName` | string | The resource group the security admin configuration was deployed into. | diff --git a/modules/network/network-manager/security-admin-configuration/rule-collection/README.md b/modules/network/network-manager/security-admin-configuration/rule-collection/README.md index 33bd75c517..8f8dbcef8f 100644 --- a/modules/network/network-manager/security-admin-configuration/rule-collection/README.md +++ b/modules/network/network-manager/security-admin-configuration/rule-collection/README.md @@ -21,30 +21,74 @@ A security admin configuration contains a set of rule collections. Each rule col **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `appliesToGroups` | array | List of network groups for configuration. An admin rule collection must be associated to at least one network group. | -| `name` | string | The name of the admin rule collection. | +| [`appliesToGroups`](#parameter-appliestogroups) | array | List of network groups for configuration. An admin rule collection must be associated to at least one network group. | +| [`name`](#parameter-name) | string | The name of the admin rule collection. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `networkManagerName` | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | -| `securityAdminConfigurationName` | string | The name of the parent security admin configuration. Required if the template is used in a standalone deployment. | +| [`networkManagerName`](#parameter-networkmanagername) | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | +| [`securityAdminConfigurationName`](#parameter-securityadminconfigurationname) | string | The name of the parent security admin configuration. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `description` | string | `''` | A description of the admin rule collection. | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `rules` | array | | List of rules for the admin rules collection. Security admin rules allows enforcing security policy criteria that matches the conditions set. Warning: A rule collection without rule will cause a deployment configuration for security admin goal state in network manager to fail. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`description`](#parameter-description) | string | A description of the admin rule collection. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`rules`](#parameter-rules) | array | List of rules for the admin rules collection. Security admin rules allows enforcing security policy criteria that matches the conditions set. Warning: A rule collection without rule will cause a deployment configuration for security admin goal state in network manager to fail. | + +### Parameter: `appliesToGroups` + +List of network groups for configuration. An admin rule collection must be associated to at least one network group. +- Required: Yes +- Type: array + +### Parameter: `description` + +A description of the admin rule collection. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `name` + +The name of the admin rule collection. +- Required: Yes +- Type: string + +### Parameter: `networkManagerName` + +The name of the parent network manager. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `rules` + +List of rules for the admin rules collection. Security admin rules allows enforcing security policy criteria that matches the conditions set. Warning: A rule collection without rule will cause a deployment configuration for security admin goal state in network manager to fail. +- Required: Yes +- Type: array + +### Parameter: `securityAdminConfigurationName` + +The name of the parent security admin configuration. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed admin rule collection. | | `resourceGroupName` | string | The resource group the admin rule collection was deployed into. | diff --git a/modules/network/network-manager/security-admin-configuration/rule-collection/rule/README.md b/modules/network/network-manager/security-admin-configuration/rule-collection/rule/README.md index f053a1c8ee..6f0eb7a62f 100644 --- a/modules/network/network-manager/security-admin-configuration/rule-collection/rule/README.md +++ b/modules/network/network-manager/security-admin-configuration/rule-collection/rule/README.md @@ -20,37 +20,130 @@ A security admin configuration contains a set of rule collections. Each rule col **Required parameters** -| Parameter Name | Type | Allowed Values | Description | -| :-- | :-- | :-- | :-- | -| `access` | string | `[Allow, AlwaysAllow, Deny]` | Indicates the access allowed for this particular rule. "Allow" means traffic matching this rule will be allowed. "Deny" means traffic matching this rule will be blocked. "AlwaysAllow" means that traffic matching this rule will be allowed regardless of other rules with lower priority or user-defined NSGs. | -| `direction` | string | `[Inbound, Outbound]` | Indicates if the traffic matched against the rule in inbound or outbound. | -| `name` | string | | The name of the rule. | -| `priority` | int | | The priority of the rule. The value can be between 1 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | -| `protocol` | string | `[Ah, Any, Esp, Icmp, Tcp, Udp]` | Network protocol this rule applies to. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`access`](#parameter-access) | string | Indicates the access allowed for this particular rule. "Allow" means traffic matching this rule will be allowed. "Deny" means traffic matching this rule will be blocked. "AlwaysAllow" means that traffic matching this rule will be allowed regardless of other rules with lower priority or user-defined NSGs. | +| [`direction`](#parameter-direction) | string | Indicates if the traffic matched against the rule in inbound or outbound. | +| [`name`](#parameter-name) | string | The name of the rule. | +| [`priority`](#parameter-priority) | int | The priority of the rule. The value can be between 1 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | +| [`protocol`](#parameter-protocol) | string | Network protocol this rule applies to. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `networkManagerName` | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | -| `ruleCollectionName` | string | The name of the parent rule collection. Required if the template is used in a standalone deployment. | -| `securityAdminConfigurationName` | string | The name of the parent security admin configuration. Required if the template is used in a standalone deployment. | +| [`networkManagerName`](#parameter-networkmanagername) | string | The name of the parent network manager. Required if the template is used in a standalone deployment. | +| [`ruleCollectionName`](#parameter-rulecollectionname) | string | The name of the parent rule collection. Required if the template is used in a standalone deployment. | +| [`securityAdminConfigurationName`](#parameter-securityadminconfigurationname) | string | The name of the parent security admin configuration. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `description` | string | `''` | A description of the rule. | -| `destinationPortRanges` | array | `[]` | List of destination port ranges. This specifies on which ports traffic will be allowed or denied by this rule. Provide an (*) to allow traffic on any port. Port ranges are between 1-65535. | -| `destinations` | array | `[]` | The destnations filter can be an IP Address or a service tag. Each filter contains the properties AddressPrefixType (IPPrefix or ServiceTag) and AddressPrefix (using CIDR notation (e.g. 192.168.99.0/24 or 2001:1234::/64) or a service tag (e.g. AppService.WestEurope)). Combining CIDR and Service tags in one rule filter is not permitted. | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `sourcePortRanges` | array | `[]` | List of destination port ranges. This specifies on which ports traffic will be allowed or denied by this rule. Provide an (*) to allow traffic on any port. Port ranges are between 1-65535. | -| `sources` | array | `[]` | The source filter can be an IP Address or a service tag. Each filter contains the properties AddressPrefixType (IPPrefix or ServiceTag) and AddressPrefix (using CIDR notation (e.g. 192.168.99.0/24 or 2001:1234::/64) or a service tag (e.g. AppService.WestEurope)). Combining CIDR and Service tags in one rule filter is not permitted. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`description`](#parameter-description) | string | A description of the rule. | +| [`destinationPortRanges`](#parameter-destinationportranges) | array | List of destination port ranges. This specifies on which ports traffic will be allowed or denied by this rule. Provide an (*) to allow traffic on any port. Port ranges are between 1-65535. | +| [`destinations`](#parameter-destinations) | array | The destnations filter can be an IP Address or a service tag. Each filter contains the properties AddressPrefixType (IPPrefix or ServiceTag) and AddressPrefix (using CIDR notation (e.g. 192.168.99.0/24 or 2001:1234::/64) or a service tag (e.g. AppService.WestEurope)). Combining CIDR and Service tags in one rule filter is not permitted. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`sourcePortRanges`](#parameter-sourceportranges) | array | List of destination port ranges. This specifies on which ports traffic will be allowed or denied by this rule. Provide an (*) to allow traffic on any port. Port ranges are between 1-65535. | +| [`sources`](#parameter-sources) | array | The source filter can be an IP Address or a service tag. Each filter contains the properties AddressPrefixType (IPPrefix or ServiceTag) and AddressPrefix (using CIDR notation (e.g. 192.168.99.0/24 or 2001:1234::/64) or a service tag (e.g. AppService.WestEurope)). Combining CIDR and Service tags in one rule filter is not permitted. | + +### Parameter: `access` + +Indicates the access allowed for this particular rule. "Allow" means traffic matching this rule will be allowed. "Deny" means traffic matching this rule will be blocked. "AlwaysAllow" means that traffic matching this rule will be allowed regardless of other rules with lower priority or user-defined NSGs. +- Required: Yes +- Type: string +- Allowed: `[Allow, AlwaysAllow, Deny]` + +### Parameter: `description` + +A description of the rule. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `destinationPortRanges` + +List of destination port ranges. This specifies on which ports traffic will be allowed or denied by this rule. Provide an (*) to allow traffic on any port. Port ranges are between 1-65535. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `destinations` + +The destnations filter can be an IP Address or a service tag. Each filter contains the properties AddressPrefixType (IPPrefix or ServiceTag) and AddressPrefix (using CIDR notation (e.g. 192.168.99.0/24 or 2001:1234::/64) or a service tag (e.g. AppService.WestEurope)). Combining CIDR and Service tags in one rule filter is not permitted. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `direction` + +Indicates if the traffic matched against the rule in inbound or outbound. +- Required: Yes +- Type: string +- Allowed: `[Inbound, Outbound]` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `name` + +The name of the rule. +- Required: Yes +- Type: string + +### Parameter: `networkManagerName` + +The name of the parent network manager. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `priority` + +The priority of the rule. The value can be between 1 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. +- Required: Yes +- Type: int + +### Parameter: `protocol` + +Network protocol this rule applies to. +- Required: Yes +- Type: string +- Allowed: `[Ah, Any, Esp, Icmp, Tcp, Udp]` + +### Parameter: `ruleCollectionName` + +The name of the parent rule collection. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `securityAdminConfigurationName` + +The name of the parent security admin configuration. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `sourcePortRanges` + +List of destination port ranges. This specifies on which ports traffic will be allowed or denied by this rule. Provide an (*) to allow traffic on any port. Port ranges are between 1-65535. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `sources` + +The source filter can be an IP Address or a service tag. Each filter contains the properties AddressPrefixType (IPPrefix or ServiceTag) and AddressPrefix (using CIDR notation (e.g. 192.168.99.0/24 or 2001:1234::/64) or a service tag (e.g. AppService.WestEurope)). Combining CIDR and Service tags in one rule filter is not permitted. +- Required: No +- Type: array +- Default: `[]` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed rule. | | `resourceGroupName` | string | The resource group the rule was deployed into. | diff --git a/modules/network/network-security-group/.test/common/main.test.bicep b/modules/network/network-security-group/.test/common/main.test.bicep index e527049267..f86dd33cf3 100644 --- a/modules/network/network-security-group/.test/common/main.test.bicep +++ b/modules/network/network-security-group/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/network-security-group/.test/min/main.test.bicep b/modules/network/network-security-group/.test/min/main.test.bicep index 744ad53a8c..75f9cf419d 100644 --- a/modules/network/network-security-group/.test/min/main.test.bicep +++ b/modules/network/network-security-group/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/network-security-group/README.md b/modules/network/network-security-group/README.md index 306ed08855..50b679a40a 100644 --- a/modules/network/network-security-group/README.md +++ b/modules/network/network-security-group/README.md @@ -5,10 +5,10 @@ This module deploys a Network security Group (NSG). ## Navigation - [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) ## Resource Types @@ -20,61 +20,29 @@ This module deploys a Network security Group (NSG). | `Microsoft.Network/networkSecurityGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/networkSecurityGroups) | | `Microsoft.Network/networkSecurityGroups/securityRules` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/networkSecurityGroups/securityRules) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Name of the Network Security Group. | +## Usage examples -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | -| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, NetworkSecurityGroupEvent, NetworkSecurityGroupRuleCounter]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | -| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | -| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `flushConnection` | bool | `False` | | When enabled, flows created from Network Security Group connections will be re-evaluated when rules are updates. Initial enablement will trigger re-evaluation. Network Security Group connection flushing is not available in all regions. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `securityRules` | array | `[]` | | Array of Security Rules to deploy to the Network Security Group. When not provided, an NSG including only the built-in roles will be deployed. | -| `tags` | object | `{object}` | | Tags of the NSG resource. | - - -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the network security group. | -| `resourceGroupName` | string | The resource group the network security group was deployed into. | -| `resourceId` | string | The resource ID of the network security group. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.network-security-group:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module networkSecurityGroup './network/network-security-group/main.bicep' = { +module networkSecurityGroup 'br:bicep/modules/network.network-security-group:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nnsgcom' params: { // Required parameters @@ -294,14 +262,17 @@ module networkSecurityGroup './network/network-security-group/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module networkSecurityGroup './network/network-security-group/main.bicep' = { +module networkSecurityGroup 'br:bicep/modules/network.network-security-group:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nnsgmin' params: { // Required parameters @@ -338,3 +309,143 @@ module networkSecurityGroup './network/network-security-group/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Name of the Network Security Group. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`diagnosticEventHubAuthorizationRuleId`](#parameter-diagnosticeventhubauthorizationruleid) | string | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | +| [`diagnosticEventHubName`](#parameter-diagnosticeventhubname) | string | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | +| [`diagnosticLogCategoriesToEnable`](#parameter-diagnosticlogcategoriestoenable) | array | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | +| [`diagnosticSettingsName`](#parameter-diagnosticsettingsname) | string | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | +| [`diagnosticStorageAccountId`](#parameter-diagnosticstorageaccountid) | string | Resource ID of the diagnostic storage account. | +| [`diagnosticWorkspaceId`](#parameter-diagnosticworkspaceid) | string | Resource ID of the diagnostic log analytics workspace. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`flushConnection`](#parameter-flushconnection) | bool | When enabled, flows created from Network Security Group connections will be re-evaluated when rules are updates. Initial enablement will trigger re-evaluation. Network Security Group connection flushing is not available in all regions. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`securityRules`](#parameter-securityrules) | array | Array of Security Rules to deploy to the Network Security Group. When not provided, an NSG including only the built-in roles will be deployed. | +| [`tags`](#parameter-tags) | object | Tags of the NSG resource. | + +### Parameter: `diagnosticEventHubAuthorizationRuleId` + +Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticEventHubName` + +Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticLogCategoriesToEnable` + +The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. +- Required: No +- Type: array +- Default: `[allLogs]` +- Allowed: `['', allLogs, NetworkSecurityGroupEvent, NetworkSecurityGroupRuleCounter]` + +### Parameter: `diagnosticSettingsName` + +The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticStorageAccountId` + +Resource ID of the diagnostic storage account. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticWorkspaceId` + +Resource ID of the diagnostic log analytics workspace. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `flushConnection` + +When enabled, flows created from Network Security Group connections will be re-evaluated when rules are updates. Initial enablement will trigger re-evaluation. Network Security Group connection flushing is not available in all regions. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name of the Network Security Group. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `securityRules` + +Array of Security Rules to deploy to the Network Security Group. When not provided, an NSG including only the built-in roles will be deployed. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the NSG resource. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the network security group. | +| `resourceGroupName` | string | The resource group the network security group was deployed into. | +| `resourceId` | string | The resource ID of the network security group. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/network-security-group/main.json b/modules/network/network-security-group/main.json index b06da3fe4f..abb0e70fca 100644 --- a/modules/network/network-security-group/main.json +++ b/modules/network/network-security-group/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "9239709220807810810" + "version": "0.22.6.54827", + "templateHash": "8128749516786730234" }, "name": "Network Security Groups", "description": "This module deploys a Network security Group (NSG).", @@ -272,8 +272,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "18244678468796534516" + "version": "0.22.6.54827", + "templateHash": "820939823450891186" }, "name": "Network Security Group (NSG) Security Rules", "description": "This module deploys a Network Security Group (NSG) Security Rule.", @@ -520,8 +520,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "8259083650687909209" + "version": "0.22.6.54827", + "templateHash": "12098965438500552299" } }, "parameters": { diff --git a/modules/network/network-security-group/security-rule/README.md b/modules/network/network-security-group/security-rule/README.md index 57868287ca..bac421ca53 100644 --- a/modules/network/network-security-group/security-rule/README.md +++ b/modules/network/network-security-group/security-rule/README.md @@ -19,41 +19,165 @@ This module deploys a Network Security Group (NSG) Security Rule. **Required parameters** -| Parameter Name | Type | Allowed Values | Description | -| :-- | :-- | :-- | :-- | -| `direction` | string | `[Inbound, Outbound]` | The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | -| `name` | string | | The name of the security rule. | -| `priority` | int | | The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | -| `protocol` | string | `[*, Ah, Esp, Icmp, Tcp, Udp]` | Network protocol this rule applies to. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`direction`](#parameter-direction) | string | The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. | +| [`name`](#parameter-name) | string | The name of the security rule. | +| [`priority`](#parameter-priority) | int | The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | +| [`protocol`](#parameter-protocol) | string | Network protocol this rule applies to. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `networkSecurityGroupName` | string | The name of the parent network security group to deploy the security rule into. Required if the template is used in a standalone deployment. | +| [`networkSecurityGroupName`](#parameter-networksecuritygroupname) | string | The name of the parent network security group to deploy the security rule into. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `access` | string | `'Deny'` | `[Allow, Deny]` | Whether network traffic is allowed or denied. | -| `description` | string | `''` | | A description for this rule. | -| `destinationAddressPrefix` | string | `''` | | The destination address prefix. CIDR or destination IP range. Asterisk "*" can also be used to match all source IPs. Default tags such as "VirtualNetwork", "AzureLoadBalancer" and "Internet" can also be used. | -| `destinationAddressPrefixes` | array | `[]` | | The destination address prefixes. CIDR or destination IP ranges. | -| `destinationApplicationSecurityGroups` | array | `[]` | | The application security group specified as destination. | -| `destinationPortRange` | string | `''` | | The destination port or range. Integer or range between 0 and 65535. Asterisk "*" can also be used to match all ports. | -| `destinationPortRanges` | array | `[]` | | The destination port ranges. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `sourceAddressPrefix` | string | `''` | | The CIDR or source IP range. Asterisk "*" can also be used to match all source IPs. Default tags such as "VirtualNetwork", "AzureLoadBalancer" and "Internet" can also be used. If this is an ingress rule, specifies where network traffic originates from. | -| `sourceAddressPrefixes` | array | `[]` | | The CIDR or source IP ranges. | -| `sourceApplicationSecurityGroups` | array | `[]` | | The application security group specified as source. | -| `sourcePortRange` | string | `''` | | The source port or range. Integer or range between 0 and 65535. Asterisk "*" can also be used to match all ports. | -| `sourcePortRanges` | array | `[]` | | The source port ranges. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`access`](#parameter-access) | string | Whether network traffic is allowed or denied. | +| [`description`](#parameter-description) | string | A description for this rule. | +| [`destinationAddressPrefix`](#parameter-destinationaddressprefix) | string | The destination address prefix. CIDR or destination IP range. Asterisk "*" can also be used to match all source IPs. Default tags such as "VirtualNetwork", "AzureLoadBalancer" and "Internet" can also be used. | +| [`destinationAddressPrefixes`](#parameter-destinationaddressprefixes) | array | The destination address prefixes. CIDR or destination IP ranges. | +| [`destinationApplicationSecurityGroups`](#parameter-destinationapplicationsecuritygroups) | array | The application security group specified as destination. | +| [`destinationPortRange`](#parameter-destinationportrange) | string | The destination port or range. Integer or range between 0 and 65535. Asterisk "*" can also be used to match all ports. | +| [`destinationPortRanges`](#parameter-destinationportranges) | array | The destination port ranges. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`sourceAddressPrefix`](#parameter-sourceaddressprefix) | string | The CIDR or source IP range. Asterisk "*" can also be used to match all source IPs. Default tags such as "VirtualNetwork", "AzureLoadBalancer" and "Internet" can also be used. If this is an ingress rule, specifies where network traffic originates from. | +| [`sourceAddressPrefixes`](#parameter-sourceaddressprefixes) | array | The CIDR or source IP ranges. | +| [`sourceApplicationSecurityGroups`](#parameter-sourceapplicationsecuritygroups) | array | The application security group specified as source. | +| [`sourcePortRange`](#parameter-sourceportrange) | string | The source port or range. Integer or range between 0 and 65535. Asterisk "*" can also be used to match all ports. | +| [`sourcePortRanges`](#parameter-sourceportranges) | array | The source port ranges. | + +### Parameter: `access` + +Whether network traffic is allowed or denied. +- Required: No +- Type: string +- Default: `'Deny'` +- Allowed: `[Allow, Deny]` + +### Parameter: `description` + +A description for this rule. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `destinationAddressPrefix` + +The destination address prefix. CIDR or destination IP range. Asterisk "*" can also be used to match all source IPs. Default tags such as "VirtualNetwork", "AzureLoadBalancer" and "Internet" can also be used. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `destinationAddressPrefixes` + +The destination address prefixes. CIDR or destination IP ranges. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `destinationApplicationSecurityGroups` + +The application security group specified as destination. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `destinationPortRange` + +The destination port or range. Integer or range between 0 and 65535. Asterisk "*" can also be used to match all ports. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `destinationPortRanges` + +The destination port ranges. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `direction` + +The direction of the rule. The direction specifies if rule will be evaluated on incoming or outgoing traffic. +- Required: Yes +- Type: string +- Allowed: `[Inbound, Outbound]` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `name` + +The name of the security rule. +- Required: Yes +- Type: string + +### Parameter: `networkSecurityGroupName` + +The name of the parent network security group to deploy the security rule into. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `priority` + +The priority of the rule. The value can be between 100 and 4096. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. +- Required: Yes +- Type: int + +### Parameter: `protocol` + +Network protocol this rule applies to. +- Required: Yes +- Type: string +- Allowed: `[*, Ah, Esp, Icmp, Tcp, Udp]` + +### Parameter: `sourceAddressPrefix` + +The CIDR or source IP range. Asterisk "*" can also be used to match all source IPs. Default tags such as "VirtualNetwork", "AzureLoadBalancer" and "Internet" can also be used. If this is an ingress rule, specifies where network traffic originates from. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `sourceAddressPrefixes` + +The CIDR or source IP ranges. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `sourceApplicationSecurityGroups` + +The application security group specified as source. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `sourcePortRange` + +The source port or range. Integer or range between 0 and 65535. Asterisk "*" can also be used to match all ports. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `sourcePortRanges` + +The source port ranges. +- Required: No +- Type: array +- Default: `[]` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the security rule. | | `resourceGroupName` | string | The resource group the security rule was deployed into. | diff --git a/modules/network/network-security-group/security-rule/main.json b/modules/network/network-security-group/security-rule/main.json index f926892555..a024c862c1 100644 --- a/modules/network/network-security-group/security-rule/main.json +++ b/modules/network/network-security-group/security-rule/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "4767935764969237300" + "version": "0.22.6.54827", + "templateHash": "820939823450891186" }, "name": "Network Security Group (NSG) Security Rules", "description": "This module deploys a Network Security Group (NSG) Security Rule.", diff --git a/modules/network/network-watcher/.test/common/main.test.bicep b/modules/network/network-watcher/.test/common/main.test.bicep index 64e2265f18..d704a562c7 100644 --- a/modules/network/network-watcher/.test/common/main.test.bicep +++ b/modules/network/network-watcher/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/network-watcher/.test/min/main.test.bicep b/modules/network/network-watcher/.test/min/main.test.bicep index 89dee769f8..873216d559 100644 --- a/modules/network/network-watcher/.test/min/main.test.bicep +++ b/modules/network/network-watcher/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/network-watcher/README.md b/modules/network/network-watcher/README.md index d41d90b40b..79fb42d997 100644 --- a/modules/network/network-watcher/README.md +++ b/modules/network/network-watcher/README.md @@ -4,13 +4,13 @@ This module deploys a Network Watcher. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -20,50 +20,29 @@ This module deploys a Network Watcher. | `Microsoft.Network/networkWatchers/connectionMonitors` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/networkWatchers/connectionMonitors) | | `Microsoft.Network/networkWatchers/flowLogs` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/networkWatchers/flowLogs) | -## Parameters - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `connectionMonitors` | array | `[]` | | Array that contains the Connection Monitors. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `flowLogs` | array | `[]` | | Array that contains the Flow Logs. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `name` | string | `[format('NetworkWatcher_{0}', parameters('location'))]` | | Name of the Network Watcher resource (hidden). | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `tags` | object | `{object}` | | Tags of the resource. | - - -## Outputs +## Usage examples -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the deployed network watcher. | -| `resourceGroupName` | string | The resource group the network watcher was deployed into. | -| `resourceId` | string | The resource ID of the deployed network watcher. | +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.network-watcher:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module networkWatcher './network/network-watcher/main.bicep' = { +module networkWatcher 'br:bicep/modules/network.network-watcher:1.0.0' = { name: '${uniqueString(deployment().name, testLocation)}-test-nnwcom' params: { connectionMonitors: [ @@ -275,14 +254,17 @@ module networkWatcher './network/network-watcher/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module networkWatcher './network/network-watcher/main.bicep' = { +module networkWatcher 'br:bicep/modules/network.network-watcher:1.0.0' = { name: '${uniqueString(deployment().name, testLocation)}-test-nnwmin' params: { enableDefaultTelemetry: '' @@ -315,3 +297,90 @@ module networkWatcher './network/network-watcher/main.bicep' = {

+ + +## Parameters + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`connectionMonitors`](#parameter-connectionmonitors) | array | Array that contains the Connection Monitors. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`flowLogs`](#parameter-flowlogs) | array | Array that contains the Flow Logs. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`name`](#parameter-name) | string | Name of the Network Watcher resource (hidden). | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | + +### Parameter: `connectionMonitors` + +Array that contains the Connection Monitors. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `flowLogs` + +Array that contains the Flow Logs. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name of the Network Watcher resource (hidden). +- Required: No +- Type: string +- Default: `[format('NetworkWatcher_{0}', parameters('location'))]` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the deployed network watcher. | +| `resourceGroupName` | string | The resource group the network watcher was deployed into. | +| `resourceId` | string | The resource ID of the deployed network watcher. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/network-watcher/connection-monitor/README.md b/modules/network/network-watcher/connection-monitor/README.md index d066d55387..efd44e1102 100644 --- a/modules/network/network-watcher/connection-monitor/README.md +++ b/modules/network/network-watcher/connection-monitor/README.md @@ -19,27 +19,89 @@ This module deploys a Network Watcher Connection Monitor. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | Name of the resource. | +| [`name`](#parameter-name) | string | Name of the resource. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `endpoints` | array | `[]` | List of connection monitor endpoints. | -| `location` | string | `[resourceGroup().location]` | Location for all resources. | -| `networkWatcherName` | string | `[format('NetworkWatcher_{0}', resourceGroup().location)]` | Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG. | -| `tags` | object | `{object}` | Tags of the resource. | -| `testConfigurations` | array | `[]` | List of connection monitor test configurations. | -| `testGroups` | array | `[]` | List of connection monitor test groups. | -| `workspaceResourceId` | string | `''` | Specify the Log Analytics Workspace Resource ID. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`endpoints`](#parameter-endpoints) | array | List of connection monitor endpoints. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`networkWatcherName`](#parameter-networkwatchername) | string | Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | +| [`testConfigurations`](#parameter-testconfigurations) | array | List of connection monitor test configurations. | +| [`testGroups`](#parameter-testgroups) | array | List of connection monitor test groups. | +| [`workspaceResourceId`](#parameter-workspaceresourceid) | string | Specify the Log Analytics Workspace Resource ID. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `endpoints` + +List of connection monitor endpoints. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `name` + +Name of the resource. +- Required: Yes +- Type: string + +### Parameter: `networkWatcherName` + +Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG. +- Required: No +- Type: string +- Default: `[format('NetworkWatcher_{0}', resourceGroup().location)]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `testConfigurations` + +List of connection monitor test configurations. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `testGroups` + +List of connection monitor test groups. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `workspaceResourceId` + +Specify the Log Analytics Workspace Resource ID. +- Required: No +- Type: string +- Default: `''` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `location` | string | The location the resource was deployed into. | | `name` | string | The name of the deployed connection monitor. | diff --git a/modules/network/network-watcher/connection-monitor/main.json b/modules/network/network-watcher/connection-monitor/main.json index e76438a305..c7df0ada6e 100644 --- a/modules/network/network-watcher/connection-monitor/main.json +++ b/modules/network/network-watcher/connection-monitor/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "9435199226792787351" + "version": "0.22.6.54827", + "templateHash": "11763235795280157018" }, "name": "Network Watchers Connection Monitors", "description": "This module deploys a Network Watcher Connection Monitor.", diff --git a/modules/network/network-watcher/flow-log/README.md b/modules/network/network-watcher/flow-log/README.md index 0dacbbb823..1afef915fc 100644 --- a/modules/network/network-watcher/flow-log/README.md +++ b/modules/network/network-watcher/flow-log/README.md @@ -5,12 +5,12 @@ This module controls the Network Security Group Flow Logs and analytics settings ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -20,30 +20,114 @@ This module controls the Network Security Group Flow Logs and analytics settings **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `storageId` | string | Resource ID of the diagnostic storage account. | -| `targetResourceId` | string | Resource ID of the NSG that must be enabled for Flow Logs. | +| [`storageId`](#parameter-storageid) | string | Resource ID of the diagnostic storage account. | +| [`targetResourceId`](#parameter-targetresourceid) | string | Resource ID of the NSG that must be enabled for Flow Logs. | **Optional parameters** -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `enabled` | bool | `True` | | If the flow log should be enabled. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `formatVersion` | int | `2` | `[1, 2]` | The flow log format version. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `name` | string | `[format('{0}-{1}-flowlog', last(split(parameters('targetResourceId'), '/')), split(parameters('targetResourceId'), '/')[4])]` | | Name of the resource. | -| `networkWatcherName` | string | `[format('NetworkWatcher_{0}', resourceGroup().location)]` | | Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG. | -| `retentionInDays` | int | `365` | | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | -| `tags` | object | `{object}` | | Tags of the resource. | -| `trafficAnalyticsInterval` | int | `60` | `[10, 60]` | The interval in minutes which would decide how frequently TA service should do flow analytics. | -| `workspaceResourceId` | string | `''` | | Specify the Log Analytics Workspace Resource ID. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enabled`](#parameter-enabled) | bool | If the flow log should be enabled. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`formatVersion`](#parameter-formatversion) | int | The flow log format version. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`name`](#parameter-name) | string | Name of the resource. | +| [`networkWatcherName`](#parameter-networkwatchername) | string | Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG. | +| [`retentionInDays`](#parameter-retentionindays) | int | Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | +| [`trafficAnalyticsInterval`](#parameter-trafficanalyticsinterval) | int | The interval in minutes which would decide how frequently TA service should do flow analytics. | +| [`workspaceResourceId`](#parameter-workspaceresourceid) | string | Specify the Log Analytics Workspace Resource ID. | + +### Parameter: `enabled` + +If the flow log should be enabled. +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `formatVersion` + +The flow log format version. +- Required: No +- Type: int +- Default: `2` +- Allowed: `[1, 2]` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `name` + +Name of the resource. +- Required: No +- Type: string +- Default: `[format('{0}-{1}-flowlog', last(split(parameters('targetResourceId'), '/')), split(parameters('targetResourceId'), '/')[4])]` + +### Parameter: `networkWatcherName` + +Name of the network watcher resource. Must be in the resource group where the Flow log will be created and same region as the NSG. +- Required: No +- Type: string +- Default: `[format('NetworkWatcher_{0}', resourceGroup().location)]` + +### Parameter: `retentionInDays` + +Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely. +- Required: No +- Type: int +- Default: `365` + +### Parameter: `storageId` + +Resource ID of the diagnostic storage account. +- Required: Yes +- Type: string + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `targetResourceId` + +Resource ID of the NSG that must be enabled for Flow Logs. +- Required: Yes +- Type: string + +### Parameter: `trafficAnalyticsInterval` + +The interval in minutes which would decide how frequently TA service should do flow analytics. +- Required: No +- Type: int +- Default: `60` +- Allowed: `[10, 60]` + +### Parameter: `workspaceResourceId` + +Specify the Log Analytics Workspace Resource ID. +- Required: No +- Type: string +- Default: `''` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `location` | string | The location the resource was deployed into. | | `name` | string | The name of the flow log. | diff --git a/modules/network/network-watcher/flow-log/main.json b/modules/network/network-watcher/flow-log/main.json index 1a9023a4ba..0d737f5dce 100644 --- a/modules/network/network-watcher/flow-log/main.json +++ b/modules/network/network-watcher/flow-log/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "11308204478162486459" + "version": "0.22.6.54827", + "templateHash": "17949647288095694070" }, "name": "NSG Flow Logs", "description": "This module controls the Network Security Group Flow Logs and analytics settings.\r\n**Note: this module must be run on the Resource Group where Network Watcher is deployed**", diff --git a/modules/network/network-watcher/main.json b/modules/network/network-watcher/main.json index 076bf236c0..7d746b120d 100644 --- a/modules/network/network-watcher/main.json +++ b/modules/network/network-watcher/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "3813984795397304605" + "version": "0.22.6.54827", + "templateHash": "3515911577845014451" }, "name": "Network Watchers", "description": "This module deploys a Network Watcher.", @@ -149,8 +149,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "4655888316956810002" + "version": "0.22.6.54827", + "templateHash": "9894011822541177112" } }, "parameters": { @@ -326,8 +326,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "4201838654770127390" + "version": "0.22.6.54827", + "templateHash": "11763235795280157018" }, "name": "Network Watchers Connection Monitors", "description": "This module deploys a Network Watcher Connection Monitor.", @@ -505,8 +505,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "11547142807846840674" + "version": "0.22.6.54827", + "templateHash": "17949647288095694070" }, "name": "NSG Flow Logs", "description": "This module controls the Network Security Group Flow Logs and analytics settings.\r\n**Note: this module must be run on the Resource Group where Network Watcher is deployed**", diff --git a/modules/network/private-dns-zone/.test/common/main.test.bicep b/modules/network/private-dns-zone/.test/common/main.test.bicep index 175acecf7f..c4d8f69524 100644 --- a/modules/network/private-dns-zone/.test/common/main.test.bicep +++ b/modules/network/private-dns-zone/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/private-dns-zone/.test/min/main.test.bicep b/modules/network/private-dns-zone/.test/min/main.test.bicep index f32a389c03..945a123d21 100644 --- a/modules/network/private-dns-zone/.test/min/main.test.bicep +++ b/modules/network/private-dns-zone/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/private-dns-zone/README.md b/modules/network/private-dns-zone/README.md index a6d1f62e04..a67a704c4f 100644 --- a/modules/network/private-dns-zone/README.md +++ b/modules/network/private-dns-zone/README.md @@ -4,13 +4,13 @@ This module deploys a Private DNS zone. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -27,62 +27,29 @@ This module deploys a Private DNS zone. | `Microsoft.Network/privateDnsZones/TXT` | [2020-06-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2020-06-01/privateDnsZones/TXT) | | `Microsoft.Network/privateDnsZones/virtualNetworkLinks` | [2020-06-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2020-06-01/privateDnsZones/virtualNetworkLinks) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Private DNS zone name. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `a` | _[a](a/README.md)_ array | `[]` | | Array of A records. | -| `aaaa` | _[aaaa](aaaa/README.md)_ array | `[]` | | Array of AAAA records. | -| `cname` | _[cname](cname/README.md)_ array | `[]` | | Array of CNAME records. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `location` | string | `'global'` | | The location of the PrivateDNSZone. Should be global. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `mx` | _[mx](mx/README.md)_ array | `[]` | | Array of MX records. | -| `ptr` | _[ptr](ptr/README.md)_ array | `[]` | | Array of PTR records. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `soa` | _[soa](soa/README.md)_ array | `[]` | | Array of SOA records. | -| `srv` | _[srv](srv/README.md)_ array | `[]` | | Array of SRV records. | -| `tags` | object | `{object}` | | Tags of the resource. | -| `txt` | _[txt](txt/README.md)_ array | `[]` | | Array of TXT records. | -| `virtualNetworkLinks` | array | `[]` | | Array of custom objects describing vNet links of the DNS zone. Each object should contain properties 'vnetResourceId' and 'registrationEnabled'. The 'vnetResourceId' is a resource ID of a vNet to link, 'registrationEnabled' (bool) enables automatic DNS registration in the zone for the linked vNet. | +## Usage examples +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Outputs + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the private DNS zone. | -| `resourceGroupName` | string | The resource group the private DNS zone was deployed into. | -| `resourceId` | string | The resource ID of the private DNS zone. | + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.private-dns-zone:1.0.0`. -## Cross-referenced modules +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -_None_ +### Example 1: _Using only defaults_ -## Deployment examples +This instance deploys the module with the minimum set of required parameters. -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. - - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. - -

Example 1: Common

via Bicep module ```bicep -module privateDnsZone './network/private-dns-zone/main.bicep' = { +module privateDnsZone 'br:bicep/modules/network.private-dns-zone:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-npdzcom' params: { // Required parameters @@ -504,14 +471,17 @@ module privateDnsZone './network/private-dns-zone/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module privateDnsZone './network/private-dns-zone/main.bicep' = { +module privateDnsZone 'br:bicep/modules/network.private-dns-zone:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-npdzmin' params: { // Required parameters @@ -548,3 +518,150 @@ module privateDnsZone './network/private-dns-zone/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Private DNS zone name. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`a`](#parameter-a) | array | Array of A records. | +| [`aaaa`](#parameter-aaaa) | array | Array of AAAA records. | +| [`cname`](#parameter-cname) | array | Array of CNAME records. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`location`](#parameter-location) | string | The location of the PrivateDNSZone. Should be global. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`mx`](#parameter-mx) | array | Array of MX records. | +| [`ptr`](#parameter-ptr) | array | Array of PTR records. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`soa`](#parameter-soa) | array | Array of SOA records. | +| [`srv`](#parameter-srv) | array | Array of SRV records. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | +| [`txt`](#parameter-txt) | array | Array of TXT records. | +| [`virtualNetworkLinks`](#parameter-virtualnetworklinks) | array | Array of custom objects describing vNet links of the DNS zone. Each object should contain properties 'vnetResourceId' and 'registrationEnabled'. The 'vnetResourceId' is a resource ID of a vNet to link, 'registrationEnabled' (bool) enables automatic DNS registration in the zone for the linked vNet. | + +### Parameter: `a` + +Array of A records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `aaaa` + +Array of AAAA records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `cname` + +Array of CNAME records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `location` + +The location of the PrivateDNSZone. Should be global. +- Required: No +- Type: string +- Default: `'global'` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `mx` + +Array of MX records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `name` + +Private DNS zone name. +- Required: Yes +- Type: string + +### Parameter: `ptr` + +Array of PTR records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `soa` + +Array of SOA records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `srv` + +Array of SRV records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `txt` + +Array of TXT records. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `virtualNetworkLinks` + +Array of custom objects describing vNet links of the DNS zone. Each object should contain properties 'vnetResourceId' and 'registrationEnabled'. The 'vnetResourceId' is a resource ID of a vNet to link, 'registrationEnabled' (bool) enables automatic DNS registration in the zone for the linked vNet. +- Required: No +- Type: array +- Default: `[]` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the private DNS zone. | +| `resourceGroupName` | string | The resource group the private DNS zone was deployed into. | +| `resourceId` | string | The resource ID of the private DNS zone. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/private-dns-zone/a/README.md b/modules/network/private-dns-zone/a/README.md index 54ae836063..c3368e5187 100644 --- a/modules/network/private-dns-zone/a/README.md +++ b/modules/network/private-dns-zone/a/README.md @@ -20,30 +20,77 @@ This module deploys a Private DNS Zone A record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the A record. | +| [`name`](#parameter-name) | string | The name of the A record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `privateDnsZoneName` | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | +| [`privateDnsZoneName`](#parameter-privatednszonename) | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `aRecords` | array | `[]` | The list of A records in the record set. | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`aRecords`](#parameter-arecords) | array | The list of A records in the record set. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `aRecords` + +The list of A records in the record set. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the A record. +- Required: Yes +- Type: string + +### Parameter: `privateDnsZoneName` + +The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed A record. | | `resourceGroupName` | string | The resource group of the deployed A record. | diff --git a/modules/network/private-dns-zone/a/main.json b/modules/network/private-dns-zone/a/main.json index 413cc464b5..a6c913362e 100644 --- a/modules/network/private-dns-zone/a/main.json +++ b/modules/network/private-dns-zone/a/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "2464749993448285338" + "version": "0.22.6.54827", + "templateHash": "3286674755199812485" }, "name": "Private DNS Zone A record", "description": "This module deploys a Private DNS Zone A record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "16462248861146180112" + "version": "0.22.6.54827", + "templateHash": "13885309482367640092" } }, "parameters": { diff --git a/modules/network/private-dns-zone/aaaa/README.md b/modules/network/private-dns-zone/aaaa/README.md index 10dbc0d92d..8519032b83 100644 --- a/modules/network/private-dns-zone/aaaa/README.md +++ b/modules/network/private-dns-zone/aaaa/README.md @@ -20,30 +20,77 @@ This module deploys a Private DNS Zone AAAA record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the AAAA record. | +| [`name`](#parameter-name) | string | The name of the AAAA record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `privateDnsZoneName` | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | +| [`privateDnsZoneName`](#parameter-privatednszonename) | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `aaaaRecords` | array | `[]` | The list of AAAA records in the record set. | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`aaaaRecords`](#parameter-aaaarecords) | array | The list of AAAA records in the record set. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `aaaaRecords` + +The list of AAAA records in the record set. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the AAAA record. +- Required: Yes +- Type: string + +### Parameter: `privateDnsZoneName` + +The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed AAAA record. | | `resourceGroupName` | string | The resource group of the deployed AAAA record. | diff --git a/modules/network/private-dns-zone/aaaa/main.json b/modules/network/private-dns-zone/aaaa/main.json index 506b619a23..5d0169ad3e 100644 --- a/modules/network/private-dns-zone/aaaa/main.json +++ b/modules/network/private-dns-zone/aaaa/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "2479547994885250676" + "version": "0.22.6.54827", + "templateHash": "17200265918515224034" }, "name": "Private DNS Zone AAAA record", "description": "This module deploys a Private DNS Zone AAAA record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "8284082844313029952" + "version": "0.22.6.54827", + "templateHash": "370590810970469037" } }, "parameters": { diff --git a/modules/network/private-dns-zone/cname/README.md b/modules/network/private-dns-zone/cname/README.md index 274c08ff98..258427ccc4 100644 --- a/modules/network/private-dns-zone/cname/README.md +++ b/modules/network/private-dns-zone/cname/README.md @@ -20,30 +20,77 @@ This module deploys a Private DNS Zone CNAME record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the CNAME record. | +| [`name`](#parameter-name) | string | The name of the CNAME record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `privateDnsZoneName` | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | +| [`privateDnsZoneName`](#parameter-privatednszonename) | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `cnameRecord` | object | `{object}` | A CNAME record. | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`cnameRecord`](#parameter-cnamerecord) | object | A CNAME record. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `cnameRecord` + +A CNAME record. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the CNAME record. +- Required: Yes +- Type: string + +### Parameter: `privateDnsZoneName` + +The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed CNAME record. | | `resourceGroupName` | string | The resource group of the deployed CNAME record. | diff --git a/modules/network/private-dns-zone/cname/main.json b/modules/network/private-dns-zone/cname/main.json index ac82b9556b..a5b1b40592 100644 --- a/modules/network/private-dns-zone/cname/main.json +++ b/modules/network/private-dns-zone/cname/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "3131685819107198557" + "version": "0.22.6.54827", + "templateHash": "1218346372201244802" }, "name": "Private DNS Zone CNAME record", "description": "This module deploys a Private DNS Zone CNAME record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "14977392232463085529" + "version": "0.22.6.54827", + "templateHash": "3701509590842402185" } }, "parameters": { diff --git a/modules/network/private-dns-zone/main.json b/modules/network/private-dns-zone/main.json index 67a605e5c0..575b535727 100644 --- a/modules/network/private-dns-zone/main.json +++ b/modules/network/private-dns-zone/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "13683700730440109473" + "version": "0.22.6.54827", + "templateHash": "7094231343264488816" }, "name": "Private DNS Zones", "description": "This module deploys a Private DNS zone.", @@ -195,8 +195,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "3023625235674916080" + "version": "0.22.6.54827", + "templateHash": "3286674755199812485" }, "name": "Private DNS Zone A record", "description": "This module deploys a Private DNS Zone A record.", @@ -310,8 +310,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "3091185834162670777" + "version": "0.22.6.54827", + "templateHash": "13885309482367640092" } }, "parameters": { @@ -517,8 +517,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "9619664849560898729" + "version": "0.22.6.54827", + "templateHash": "17200265918515224034" }, "name": "Private DNS Zone AAAA record", "description": "This module deploys a Private DNS Zone AAAA record.", @@ -632,8 +632,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "16612032211561905990" + "version": "0.22.6.54827", + "templateHash": "370590810970469037" } }, "parameters": { @@ -839,8 +839,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "18350416636780213220" + "version": "0.22.6.54827", + "templateHash": "1218346372201244802" }, "name": "Private DNS Zone CNAME record", "description": "This module deploys a Private DNS Zone CNAME record.", @@ -954,8 +954,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "12449188823441255969" + "version": "0.22.6.54827", + "templateHash": "3701509590842402185" } }, "parameters": { @@ -1167,8 +1167,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "5407325770336305290" + "version": "0.22.6.54827", + "templateHash": "498719698216860438" }, "name": "Private DNS Zone MX record", "description": "This module deploys a Private DNS Zone MX record.", @@ -1282,8 +1282,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "5166139968688256157" + "version": "0.22.6.54827", + "templateHash": "3875667684091614842" } }, "parameters": { @@ -1489,8 +1489,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "7429124351513910459" + "version": "0.22.6.54827", + "templateHash": "15278019758073479253" }, "name": "Private DNS Zone PTR record", "description": "This module deploys a Private DNS Zone PTR record.", @@ -1604,8 +1604,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "9774124555582341628" + "version": "0.22.6.54827", + "templateHash": "1115653551360161833" } }, "parameters": { @@ -1811,8 +1811,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "6237133824894088471" + "version": "0.22.6.54827", + "templateHash": "2312801328936888366" }, "name": "Private DNS Zone SOA record", "description": "This module deploys a Private DNS Zone SOA record.", @@ -1926,8 +1926,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "13019341765980531210" + "version": "0.22.6.54827", + "templateHash": "7407904296801266090" } }, "parameters": { @@ -2133,8 +2133,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "8022373880556162081" + "version": "0.22.6.54827", + "templateHash": "5952665052269893806" }, "name": "Private DNS Zone SRV record", "description": "This module deploys a Private DNS Zone SRV record.", @@ -2248,8 +2248,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "18406157225832506146" + "version": "0.22.6.54827", + "templateHash": "7603100820795358011" } }, "parameters": { @@ -2455,8 +2455,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "9882979825935476673" + "version": "0.22.6.54827", + "templateHash": "1124215030878784014" }, "name": "Private DNS Zone TXT record", "description": "This module deploys a Private DNS Zone TXT record.", @@ -2570,8 +2570,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "3370209117297708556" + "version": "0.22.6.54827", + "templateHash": "16791864516622438253" } }, "parameters": { @@ -2777,8 +2777,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "2352064432983921161" + "version": "0.22.6.54827", + "templateHash": "12342244725180262876" }, "name": "Private DNS Zone Virtual Network Link", "description": "This module deploys a Private DNS Zone Virtual Network Link.", @@ -2932,8 +2932,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "13504974986686820957" + "version": "0.22.6.54827", + "templateHash": "2044377995221762227" } }, "parameters": { diff --git a/modules/network/private-dns-zone/mx/README.md b/modules/network/private-dns-zone/mx/README.md index 2e235dc3a0..66a893a225 100644 --- a/modules/network/private-dns-zone/mx/README.md +++ b/modules/network/private-dns-zone/mx/README.md @@ -20,30 +20,77 @@ This module deploys a Private DNS Zone MX record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the MX record. | +| [`name`](#parameter-name) | string | The name of the MX record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `privateDnsZoneName` | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | +| [`privateDnsZoneName`](#parameter-privatednszonename) | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `mxRecords` | array | `[]` | The list of MX records in the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`mxRecords`](#parameter-mxrecords) | array | The list of MX records in the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `mxRecords` + +The list of MX records in the record set. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `name` + +The name of the MX record. +- Required: Yes +- Type: string + +### Parameter: `privateDnsZoneName` + +The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed MX record. | | `resourceGroupName` | string | The resource group of the deployed MX record. | diff --git a/modules/network/private-dns-zone/mx/main.json b/modules/network/private-dns-zone/mx/main.json index 418f721f60..1e0f858136 100644 --- a/modules/network/private-dns-zone/mx/main.json +++ b/modules/network/private-dns-zone/mx/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "6965287962374254577" + "version": "0.22.6.54827", + "templateHash": "498719698216860438" }, "name": "Private DNS Zone MX record", "description": "This module deploys a Private DNS Zone MX record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "11594799085721281275" + "version": "0.22.6.54827", + "templateHash": "3875667684091614842" } }, "parameters": { diff --git a/modules/network/private-dns-zone/ptr/README.md b/modules/network/private-dns-zone/ptr/README.md index 1af2199b1e..f680fea464 100644 --- a/modules/network/private-dns-zone/ptr/README.md +++ b/modules/network/private-dns-zone/ptr/README.md @@ -20,30 +20,77 @@ This module deploys a Private DNS Zone PTR record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the PTR record. | +| [`name`](#parameter-name) | string | The name of the PTR record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `privateDnsZoneName` | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | +| [`privateDnsZoneName`](#parameter-privatednszonename) | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `ptrRecords` | array | `[]` | The list of PTR records in the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`ptrRecords`](#parameter-ptrrecords) | array | The list of PTR records in the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the PTR record. +- Required: Yes +- Type: string + +### Parameter: `privateDnsZoneName` + +The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `ptrRecords` + +The list of PTR records in the record set. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed PTR record. | | `resourceGroupName` | string | The resource group of the deployed PTR record. | diff --git a/modules/network/private-dns-zone/ptr/main.json b/modules/network/private-dns-zone/ptr/main.json index 06a5084efd..fd96b1c0b3 100644 --- a/modules/network/private-dns-zone/ptr/main.json +++ b/modules/network/private-dns-zone/ptr/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "13259276818307387958" + "version": "0.22.6.54827", + "templateHash": "15278019758073479253" }, "name": "Private DNS Zone PTR record", "description": "This module deploys a Private DNS Zone PTR record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "11481493487541604106" + "version": "0.22.6.54827", + "templateHash": "1115653551360161833" } }, "parameters": { diff --git a/modules/network/private-dns-zone/soa/README.md b/modules/network/private-dns-zone/soa/README.md index d67c893c38..67fd6e00e6 100644 --- a/modules/network/private-dns-zone/soa/README.md +++ b/modules/network/private-dns-zone/soa/README.md @@ -20,30 +20,77 @@ This module deploys a Private DNS Zone SOA record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the SOA record. | +| [`name`](#parameter-name) | string | The name of the SOA record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `privateDnsZoneName` | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | +| [`privateDnsZoneName`](#parameter-privatednszonename) | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `soaRecord` | object | `{object}` | A SOA record. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`soaRecord`](#parameter-soarecord) | object | A SOA record. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the SOA record. +- Required: Yes +- Type: string + +### Parameter: `privateDnsZoneName` + +The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `soaRecord` + +A SOA record. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed SOA record. | | `resourceGroupName` | string | The resource group of the deployed SOA record. | diff --git a/modules/network/private-dns-zone/soa/main.json b/modules/network/private-dns-zone/soa/main.json index e3427de316..0cb2fbaa4c 100644 --- a/modules/network/private-dns-zone/soa/main.json +++ b/modules/network/private-dns-zone/soa/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "1534736495493771844" + "version": "0.22.6.54827", + "templateHash": "2312801328936888366" }, "name": "Private DNS Zone SOA record", "description": "This module deploys a Private DNS Zone SOA record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "13036989829941135965" + "version": "0.22.6.54827", + "templateHash": "7407904296801266090" } }, "parameters": { diff --git a/modules/network/private-dns-zone/srv/README.md b/modules/network/private-dns-zone/srv/README.md index fbddcefda1..9fddfb9099 100644 --- a/modules/network/private-dns-zone/srv/README.md +++ b/modules/network/private-dns-zone/srv/README.md @@ -20,30 +20,77 @@ This module deploys a Private DNS Zone SRV record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the SRV record. | +| [`name`](#parameter-name) | string | The name of the SRV record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `privateDnsZoneName` | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | +| [`privateDnsZoneName`](#parameter-privatednszonename) | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `srvRecords` | array | `[]` | The list of SRV records in the record set. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`srvRecords`](#parameter-srvrecords) | array | The list of SRV records in the record set. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the SRV record. +- Required: Yes +- Type: string + +### Parameter: `privateDnsZoneName` + +The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `srvRecords` + +The list of SRV records in the record set. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed SRV record. | | `resourceGroupName` | string | The resource group of the deployed SRV record. | diff --git a/modules/network/private-dns-zone/srv/main.json b/modules/network/private-dns-zone/srv/main.json index f52d859ff7..0380f2b5a4 100644 --- a/modules/network/private-dns-zone/srv/main.json +++ b/modules/network/private-dns-zone/srv/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "6444239705368252849" + "version": "0.22.6.54827", + "templateHash": "5952665052269893806" }, "name": "Private DNS Zone SRV record", "description": "This module deploys a Private DNS Zone SRV record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "17805809595422297514" + "version": "0.22.6.54827", + "templateHash": "7603100820795358011" } }, "parameters": { diff --git a/modules/network/private-dns-zone/txt/README.md b/modules/network/private-dns-zone/txt/README.md index 62fe57a009..10472d8fbd 100644 --- a/modules/network/private-dns-zone/txt/README.md +++ b/modules/network/private-dns-zone/txt/README.md @@ -20,30 +20,77 @@ This module deploys a Private DNS Zone TXT record. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `name` | string | The name of the TXT record. | +| [`name`](#parameter-name) | string | The name of the TXT record. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `privateDnsZoneName` | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | +| [`privateDnsZoneName`](#parameter-privatednszonename) | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `metadata` | object | `{object}` | The metadata attached to the record set. | -| `roleAssignments` | array | `[]` | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `ttl` | int | `3600` | The TTL (time-to-live) of the records in the record set. | -| `txtRecords` | array | `[]` | The list of TXT records in the record set. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`metadata`](#parameter-metadata) | object | The metadata attached to the record set. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`ttl`](#parameter-ttl) | int | The TTL (time-to-live) of the records in the record set. | +| [`txtRecords`](#parameter-txtrecords) | array | The list of TXT records in the record set. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `metadata` + +The metadata attached to the record set. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `name` + +The name of the TXT record. +- Required: Yes +- Type: string + +### Parameter: `privateDnsZoneName` + +The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ttl` + +The TTL (time-to-live) of the records in the record set. +- Required: No +- Type: int +- Default: `3600` + +### Parameter: `txtRecords` + +The list of TXT records in the record set. +- Required: No +- Type: array +- Default: `[]` ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the deployed TXT record. | | `resourceGroupName` | string | The resource group of the deployed TXT record. | diff --git a/modules/network/private-dns-zone/txt/main.json b/modules/network/private-dns-zone/txt/main.json index 9bc41b0ee0..49da878984 100644 --- a/modules/network/private-dns-zone/txt/main.json +++ b/modules/network/private-dns-zone/txt/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "11503781556355030458" + "version": "0.22.6.54827", + "templateHash": "1124215030878784014" }, "name": "Private DNS Zone TXT record", "description": "This module deploys a Private DNS Zone TXT record.", @@ -119,8 +119,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "9559644743323745935" + "version": "0.22.6.54827", + "templateHash": "16791864516622438253" } }, "parameters": { diff --git a/modules/network/private-dns-zone/virtual-network-link/README.md b/modules/network/private-dns-zone/virtual-network-link/README.md index 44f61227f6..b745342815 100644 --- a/modules/network/private-dns-zone/virtual-network-link/README.md +++ b/modules/network/private-dns-zone/virtual-network-link/README.md @@ -19,30 +19,77 @@ This module deploys a Private DNS Zone Virtual Network Link. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `virtualNetworkResourceId` | string | Link to another virtual network resource ID. | +| [`virtualNetworkResourceId`](#parameter-virtualnetworkresourceid) | string | Link to another virtual network resource ID. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `privateDnsZoneName` | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | +| [`privateDnsZoneName`](#parameter-privatednszonename) | string | The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `location` | string | `'global'` | The location of the PrivateDNSZone. Should be global. | -| `name` | string | `[format('{0}-vnetlink', last(split(parameters('virtualNetworkResourceId'), '/')))]` | The name of the virtual network link. | -| `registrationEnabled` | bool | `False` | Is auto-registration of virtual machine records in the virtual network in the Private DNS zone enabled?. | -| `tags` | object | `{object}` | Tags of the resource. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`location`](#parameter-location) | string | The location of the PrivateDNSZone. Should be global. | +| [`name`](#parameter-name) | string | The name of the virtual network link. | +| [`registrationEnabled`](#parameter-registrationenabled) | bool | Is auto-registration of virtual machine records in the virtual network in the Private DNS zone enabled?. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `location` + +The location of the PrivateDNSZone. Should be global. +- Required: No +- Type: string +- Default: `'global'` + +### Parameter: `name` + +The name of the virtual network link. +- Required: No +- Type: string +- Default: `[format('{0}-vnetlink', last(split(parameters('virtualNetworkResourceId'), '/')))]` + +### Parameter: `privateDnsZoneName` + +The name of the parent Private DNS zone. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string + +### Parameter: `registrationEnabled` + +Is auto-registration of virtual machine records in the virtual network in the Private DNS zone enabled?. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `virtualNetworkResourceId` + +Link to another virtual network resource ID. +- Required: Yes +- Type: string ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `location` | string | The location the resource was deployed into. | | `name` | string | The name of the deployed virtual network link. | diff --git a/modules/network/private-dns-zone/virtual-network-link/main.json b/modules/network/private-dns-zone/virtual-network-link/main.json index 7d0bc4e594..51d922b079 100644 --- a/modules/network/private-dns-zone/virtual-network-link/main.json +++ b/modules/network/private-dns-zone/virtual-network-link/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "8504562326898440676" + "version": "0.22.6.54827", + "templateHash": "12342244725180262876" }, "name": "Private DNS Zone Virtual Network Link", "description": "This module deploys a Private DNS Zone Virtual Network Link.", diff --git a/modules/network/private-endpoint/.test/common/main.test.bicep b/modules/network/private-endpoint/.test/common/main.test.bicep index 548ffb6f74..927054e31c 100644 --- a/modules/network/private-endpoint/.test/common/main.test.bicep +++ b/modules/network/private-endpoint/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/private-endpoint/.test/min/main.test.bicep b/modules/network/private-endpoint/.test/min/main.test.bicep index f858091d54..06ca2b7696 100644 --- a/modules/network/private-endpoint/.test/min/main.test.bicep +++ b/modules/network/private-endpoint/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/private-endpoint/README.md b/modules/network/private-endpoint/README.md index 86ea2dc1c5..d7b82e105b 100644 --- a/modules/network/private-endpoint/README.md +++ b/modules/network/private-endpoint/README.md @@ -4,13 +4,13 @@ This module deploys a Private Endpoint. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -19,62 +19,29 @@ This module deploys a Private Endpoint. | `Microsoft.Network/privateEndpoints` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints) | | `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `groupIds` | array | Subtype(s) of the connection to be created. The allowed values depend on the type serviceResourceId refers to. | -| `name` | string | Name of the private endpoint resource to create. | -| `serviceResourceId` | string | Resource ID of the resource that needs to be connected to the network. | -| `subnetResourceId` | string | Resource ID of the subnet where the endpoint needs to be created. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `applicationSecurityGroups` | array | `[]` | | Application security groups in which the private endpoint IP configuration is included. | -| `customDnsConfigs` | array | `[]` | | Custom DNS configurations. | -| `customNetworkInterfaceName` | string | `''` | | The custom name of the network interface attached to the private endpoint. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `ipConfigurations` | array | `[]` | | A list of IP configurations of the private endpoint. This will be used to map to the First Party Service endpoints. | -| `location` | string | `[resourceGroup().location]` | | Location for all Resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `manualPrivateLinkServiceConnections` | array | `[]` | | Manual PrivateLink Service Connections. | -| `privateDnsZoneGroup` | _[privateDnsZoneGroup](private-dns-zone-group/README.md)_ object | `{object}` | | The private DNS zone group configuration used to associate the private endpoint with one or multiple private DNS zones. A DNS zone group can support up to 5 DNS zones. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `tags` | object | `{object}` | | Tags to be applied on all resources/resource groups in this deployment. | +## Usage examples +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Outputs + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the private endpoint. | -| `resourceGroupName` | string | The resource group the private endpoint was deployed into. | -| `resourceId` | string | The resource ID of the private endpoint. | + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.private-endpoint:1.0.0`. -## Cross-referenced modules +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -_None_ +### Example 1: _Using only defaults_ -## Deployment examples +This instance deploys the module with the minimum set of required parameters. -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. - - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. - -

Example 1: Common

via Bicep module ```bicep -module privateEndpoint './network/private-endpoint/main.bicep' = { +module privateEndpoint 'br:bicep/modules/network.private-endpoint:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-npecom' params: { // Required parameters @@ -214,14 +181,17 @@ module privateEndpoint './network/private-endpoint/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module privateEndpoint './network/private-endpoint/main.bicep' = { +module privateEndpoint 'br:bicep/modules/network.private-endpoint:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-npemin' params: { // Required parameters @@ -274,3 +244,147 @@ module privateEndpoint './network/private-endpoint/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`groupIds`](#parameter-groupids) | array | Subtype(s) of the connection to be created. The allowed values depend on the type serviceResourceId refers to. | +| [`name`](#parameter-name) | string | Name of the private endpoint resource to create. | +| [`serviceResourceId`](#parameter-serviceresourceid) | string | Resource ID of the resource that needs to be connected to the network. | +| [`subnetResourceId`](#parameter-subnetresourceid) | string | Resource ID of the subnet where the endpoint needs to be created. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`applicationSecurityGroups`](#parameter-applicationsecuritygroups) | array | Application security groups in which the private endpoint IP configuration is included. | +| [`customDnsConfigs`](#parameter-customdnsconfigs) | array | Custom DNS configurations. | +| [`customNetworkInterfaceName`](#parameter-customnetworkinterfacename) | string | The custom name of the network interface attached to the private endpoint. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`ipConfigurations`](#parameter-ipconfigurations) | array | A list of IP configurations of the private endpoint. This will be used to map to the First Party Service endpoints. | +| [`location`](#parameter-location) | string | Location for all Resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`manualPrivateLinkServiceConnections`](#parameter-manualprivatelinkserviceconnections) | array | Manual PrivateLink Service Connections. | +| [`privateDnsZoneGroup`](#parameter-privatednszonegroup) | object | The private DNS zone group configuration used to associate the private endpoint with one or multiple private DNS zones. A DNS zone group can support up to 5 DNS zones. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`tags`](#parameter-tags) | object | Tags to be applied on all resources/resource groups in this deployment. | + +### Parameter: `applicationSecurityGroups` + +Application security groups in which the private endpoint IP configuration is included. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `customDnsConfigs` + +Custom DNS configurations. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `customNetworkInterfaceName` + +The custom name of the network interface attached to the private endpoint. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `groupIds` + +Subtype(s) of the connection to be created. The allowed values depend on the type serviceResourceId refers to. +- Required: Yes +- Type: array + +### Parameter: `ipConfigurations` + +A list of IP configurations of the private endpoint. This will be used to map to the First Party Service endpoints. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `location` + +Location for all Resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `manualPrivateLinkServiceConnections` + +Manual PrivateLink Service Connections. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `name` + +Name of the private endpoint resource to create. +- Required: Yes +- Type: string + +### Parameter: `privateDnsZoneGroup` + +The private DNS zone group configuration used to associate the private endpoint with one or multiple private DNS zones. A DNS zone group can support up to 5 DNS zones. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `serviceResourceId` + +Resource ID of the resource that needs to be connected to the network. +- Required: Yes +- Type: string + +### Parameter: `subnetResourceId` + +Resource ID of the subnet where the endpoint needs to be created. +- Required: Yes +- Type: string + +### Parameter: `tags` + +Tags to be applied on all resources/resource groups in this deployment. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the private endpoint. | +| `resourceGroupName` | string | The resource group the private endpoint was deployed into. | +| `resourceId` | string | The resource ID of the private endpoint. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/private-endpoint/main.json b/modules/network/private-endpoint/main.json index ec5e636ac3..afc81174b1 100644 --- a/modules/network/private-endpoint/main.json +++ b/modules/network/private-endpoint/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "14580007913383558904" + "version": "0.22.6.54827", + "templateHash": "2884140170473394983" }, "name": "Private Endpoints", "description": "This module deploys a Private Endpoint.", @@ -204,8 +204,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "2469208411936339153" + "version": "0.22.6.54827", + "templateHash": "5610247137574346230" }, "name": "Private Endpoint Private DNS Zone Groups", "description": "This module deploys a Private Endpoint Private DNS Zone Group.", @@ -342,8 +342,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "13032708393704093995" + "version": "0.22.6.54827", + "templateHash": "14351187799927334028" } }, "parameters": { diff --git a/modules/network/private-endpoint/private-dns-zone-group/README.md b/modules/network/private-endpoint/private-dns-zone-group/README.md index e1d46b8986..2aebf21298 100644 --- a/modules/network/private-endpoint/private-dns-zone-group/README.md +++ b/modules/network/private-endpoint/private-dns-zone-group/README.md @@ -19,27 +19,53 @@ This module deploys a Private Endpoint Private DNS Zone Group. **Required parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `privateDNSResourceIds` | array | Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones. | +| [`privateDNSResourceIds`](#parameter-privatednsresourceids) | array | Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones. | **Conditional parameters** -| Parameter Name | Type | Description | +| Parameter | Type | Description | | :-- | :-- | :-- | -| `privateEndpointName` | string | The name of the parent private endpoint. Required if the template is used in a standalone deployment. | +| [`privateEndpointName`](#parameter-privateendpointname) | string | The name of the parent private endpoint. Required if the template is used in a standalone deployment. | **Optional parameters** -| Parameter Name | Type | Default Value | Description | -| :-- | :-- | :-- | :-- | -| `enableDefaultTelemetry` | bool | `True` | Enable telemetry via a Globally Unique Identifier (GUID). | -| `name` | string | `'default'` | The name of the private DNS zone group. | +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`name`](#parameter-name) | string | The name of the private DNS zone group. | + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `name` + +The name of the private DNS zone group. +- Required: No +- Type: string +- Default: `'default'` + +### Parameter: `privateDNSResourceIds` + +Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones. +- Required: Yes +- Type: array + +### Parameter: `privateEndpointName` + +The name of the parent private endpoint. Required if the template is used in a standalone deployment. +- Required: Yes +- Type: string ## Outputs -| Output Name | Type | Description | +| Output | Type | Description | | :-- | :-- | :-- | | `name` | string | The name of the private endpoint DNS zone group. | | `resourceGroupName` | string | The resource group the private endpoint DNS zone group was deployed into. | diff --git a/modules/network/private-endpoint/private-dns-zone-group/main.json b/modules/network/private-endpoint/private-dns-zone-group/main.json index 93baa64a6d..a631f45296 100644 --- a/modules/network/private-endpoint/private-dns-zone-group/main.json +++ b/modules/network/private-endpoint/private-dns-zone-group/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.20.4.51522", - "templateHash": "17831763001460207830" + "version": "0.22.6.54827", + "templateHash": "5610247137574346230" }, "name": "Private Endpoint Private DNS Zone Groups", "description": "This module deploys a Private Endpoint Private DNS Zone Group.", diff --git a/modules/network/private-link-service/.test/common/main.test.bicep b/modules/network/private-link-service/.test/common/main.test.bicep index 76599c870e..de2d3c38f0 100644 --- a/modules/network/private-link-service/.test/common/main.test.bicep +++ b/modules/network/private-link-service/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/private-link-service/.test/min/main.test.bicep b/modules/network/private-link-service/.test/min/main.test.bicep index 7e1e9580f8..ce32db372e 100644 --- a/modules/network/private-link-service/.test/min/main.test.bicep +++ b/modules/network/private-link-service/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/private-link-service/README.md b/modules/network/private-link-service/README.md index 779847dd62..d52541742f 100644 --- a/modules/network/private-link-service/README.md +++ b/modules/network/private-link-service/README.md @@ -4,14 +4,14 @@ This module deploys a Private Link Service. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) - [Notes](#Notes) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -19,60 +19,29 @@ This module deploys a Private Link Service. | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Network/privateLinkServices` | [2022-11-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2022-11-01/privateLinkServices) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Name of the private link service to create. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `autoApproval` | object | `{object}` | | The auto-approval list of the private link service. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `enableProxyProtocol` | bool | `False` | | Lets the service provider use tcp proxy v2 to retrieve connection information about the service consumer. Service Provider is responsible for setting up receiver configs to be able to parse the proxy protocol v2 header. | -| `extendedLocation` | object | `{object}` | | The extended location of the load balancer. | -| `fqdns` | array | `[]` | | The list of Fqdn. | -| `ipConfigurations` | array | `[]` | | An array of private link service IP configurations. | -| `loadBalancerFrontendIpConfigurations` | array | `[]` | | An array of references to the load balancer IP configurations. The Private Link service is tied to the frontend IP address of a Standard Load Balancer. All traffic destined for the service will reach the frontend of the SLB. You can configure SLB rules to direct this traffic to appropriate backend pools where your applications are running. Load balancer frontend IP configurations are different than NAT IP configurations. | -| `location` | string | `[resourceGroup().location]` | | Location for all Resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `tags` | object | `{object}` | | Tags to be applied on all resources/resource groups in this deployment. | -| `visibility` | object | `{object}` | | Controls the exposure settings for your Private Link service. Service providers can choose to limit the exposure to their service to subscriptions with Azure role-based access control (Azure RBAC) permissions, a restricted set of subscriptions, or all Azure subscriptions. | +## Usage examples +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Outputs + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the private link service. | -| `resourceGroupName` | string | The resource group the private link service was deployed into. | -| `resourceId` | string | The resource ID of the private link service. | + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.private-link-service:1.0.0`. -## Cross-referenced modules +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -_None_ +### Example 1: _Using only defaults_ -## Deployment examples +This instance deploys the module with the minimum set of required parameters. -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. - - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. - -

Example 1: Common

via Bicep module ```bicep -module privateLinkService './network/private-link-service/main.bicep' = { +module privateLinkService 'br:bicep/modules/network.private-link-service:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nplscom' params: { // Required parameters @@ -220,14 +189,17 @@ module privateLinkService './network/private-link-service/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module privateLinkService './network/private-link-service/main.bicep' = { +module privateLinkService 'br:bicep/modules/network.private-link-service:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nplsmin' params: { // Required parameters @@ -300,6 +272,136 @@ module privateLinkService './network/private-link-service/main.bicep' = {

+## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Name of the private link service to create. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`autoApproval`](#parameter-autoapproval) | object | The auto-approval list of the private link service. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`enableProxyProtocol`](#parameter-enableproxyprotocol) | bool | Lets the service provider use tcp proxy v2 to retrieve connection information about the service consumer. Service Provider is responsible for setting up receiver configs to be able to parse the proxy protocol v2 header. | +| [`extendedLocation`](#parameter-extendedlocation) | object | The extended location of the load balancer. | +| [`fqdns`](#parameter-fqdns) | array | The list of Fqdn. | +| [`ipConfigurations`](#parameter-ipconfigurations) | array | An array of private link service IP configurations. | +| [`loadBalancerFrontendIpConfigurations`](#parameter-loadbalancerfrontendipconfigurations) | array | An array of references to the load balancer IP configurations. The Private Link service is tied to the frontend IP address of a Standard Load Balancer. All traffic destined for the service will reach the frontend of the SLB. You can configure SLB rules to direct this traffic to appropriate backend pools where your applications are running. Load balancer frontend IP configurations are different than NAT IP configurations. | +| [`location`](#parameter-location) | string | Location for all Resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`tags`](#parameter-tags) | object | Tags to be applied on all resources/resource groups in this deployment. | +| [`visibility`](#parameter-visibility) | object | Controls the exposure settings for your Private Link service. Service providers can choose to limit the exposure to their service to subscriptions with Azure role-based access control (Azure RBAC) permissions, a restricted set of subscriptions, or all Azure subscriptions. | + +### Parameter: `autoApproval` + +The auto-approval list of the private link service. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `enableProxyProtocol` + +Lets the service provider use tcp proxy v2 to retrieve connection information about the service consumer. Service Provider is responsible for setting up receiver configs to be able to parse the proxy protocol v2 header. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `extendedLocation` + +The extended location of the load balancer. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `fqdns` + +The list of Fqdn. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `ipConfigurations` + +An array of private link service IP configurations. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `loadBalancerFrontendIpConfigurations` + +An array of references to the load balancer IP configurations. The Private Link service is tied to the frontend IP address of a Standard Load Balancer. All traffic destined for the service will reach the frontend of the SLB. You can configure SLB rules to direct this traffic to appropriate backend pools where your applications are running. Load balancer frontend IP configurations are different than NAT IP configurations. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `location` + +Location for all Resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name of the private link service to create. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags to be applied on all resources/resource groups in this deployment. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `visibility` + +Controls the exposure settings for your Private Link service. Service providers can choose to limit the exposure to their service to subscriptions with Azure role-based access control (Azure RBAC) permissions, a restricted set of subscriptions, or all Azure subscriptions. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the private link service. | +| `resourceGroupName` | string | The resource group the private link service was deployed into. | +| `resourceId` | string | The resource ID of the private link service. | + +## Cross-referenced modules + +_None_ + ## Notes ### Parameter Usage: `ipConfigurations` diff --git a/modules/network/public-ip-address/.test/common/main.test.bicep b/modules/network/public-ip-address/.test/common/main.test.bicep index abe179fbf3..f5a4054443 100644 --- a/modules/network/public-ip-address/.test/common/main.test.bicep +++ b/modules/network/public-ip-address/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/public-ip-address/.test/min/main.test.bicep b/modules/network/public-ip-address/.test/min/main.test.bicep index dbcf0b97fc..1e35fe3c31 100644 --- a/modules/network/public-ip-address/.test/min/main.test.bicep +++ b/modules/network/public-ip-address/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/public-ip-address/README.md b/modules/network/public-ip-address/README.md index f9fbb64201..55f40cc11a 100644 --- a/modules/network/public-ip-address/README.md +++ b/modules/network/public-ip-address/README.md @@ -4,13 +4,13 @@ This module deploys a Public IP Address. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -19,71 +19,29 @@ This module deploys a Public IP Address. | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) | | `Microsoft.Network/publicIPAddresses` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/publicIPAddresses) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | The name of the Public IP Address. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `diagnosticEventHubAuthorizationRuleId` | string | `''` | | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | -| `diagnosticEventHubName` | string | `''` | | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | -| `diagnosticLogCategoriesToEnable` | array | `[allLogs]` | `['', allLogs, DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | -| `diagnosticMetricsToEnable` | array | `[AllMetrics]` | `[AllMetrics]` | The name of metrics that will be streamed. | -| `diagnosticSettingsName` | string | `''` | | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | -| `diagnosticStorageAccountId` | string | `''` | | Resource ID of the diagnostic storage account. | -| `diagnosticWorkspaceId` | string | `''` | | Resource ID of the diagnostic log analytics workspace. | -| `domainNameLabel` | string | `''` | | The domain name label. The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system. | -| `domainNameLabelScope` | string | `''` | `['', NoReuse, ResourceGroupReuse, SubscriptionReuse, TenantReuse]` | The domain name label scope. If a domain name label and a domain name label scope are specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system with a hashed value includes in FQDN. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `fqdn` | string | `''` | | The Fully Qualified Domain Name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone. | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `publicIPAddressVersion` | string | `'IPv4'` | `[IPv4, IPv6]` | IP address version. | -| `publicIPAllocationMethod` | string | `'Static'` | `[Dynamic, Static]` | The public IP address allocation method. | -| `publicIPPrefixResourceId` | string | `''` | | Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. | -| `reverseFqdn` | string | `''` | | The reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `skuName` | string | `'Standard'` | `[Basic, Standard]` | Name of a public IP address SKU. | -| `skuTier` | string | `'Regional'` | `[Global, Regional]` | Tier of a public IP address SKU. | -| `tags` | object | `{object}` | | Tags of the resource. | -| `zones` | array | `[]` | | A list of availability zones denoting the IP allocated for the resource needs to come from. | +## Usage examples +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Outputs + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `ipAddress` | string | The public IP address of the public IP address resource. | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the public IP address. | -| `resourceGroupName` | string | The resource group the public IP address was deployed into. | -| `resourceId` | string | The resource ID of the public IP address. | + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.public-ip-address:1.0.0`. -## Cross-referenced modules +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -_None_ +### Example 1: _Using only defaults_ -## Deployment examples +This instance deploys the module with the minimum set of required parameters. -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. - - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. - -

Example 1: Common

via Bicep module ```bicep -module publicIpAddress './network/public-ip-address/main.bicep' = { +module publicIpAddress 'br:bicep/modules/network.public-ip-address:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-npiacom' params: { // Required parameters @@ -193,14 +151,17 @@ module publicIpAddress './network/public-ip-address/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module publicIpAddress './network/public-ip-address/main.bicep' = { +module publicIpAddress 'br:bicep/modules/network.public-ip-address:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-npiamin' params: { // Required parameters @@ -237,3 +198,222 @@ module publicIpAddress './network/public-ip-address/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | The name of the Public IP Address. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`diagnosticEventHubAuthorizationRuleId`](#parameter-diagnosticeventhubauthorizationruleid) | string | Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. | +| [`diagnosticEventHubName`](#parameter-diagnosticeventhubname) | string | Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. | +| [`diagnosticLogCategoriesToEnable`](#parameter-diagnosticlogcategoriestoenable) | array | The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. | +| [`diagnosticMetricsToEnable`](#parameter-diagnosticmetricstoenable) | array | The name of metrics that will be streamed. | +| [`diagnosticSettingsName`](#parameter-diagnosticsettingsname) | string | The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". | +| [`diagnosticStorageAccountId`](#parameter-diagnosticstorageaccountid) | string | Resource ID of the diagnostic storage account. | +| [`diagnosticWorkspaceId`](#parameter-diagnosticworkspaceid) | string | Resource ID of the diagnostic log analytics workspace. | +| [`domainNameLabel`](#parameter-domainnamelabel) | string | The domain name label. The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system. | +| [`domainNameLabelScope`](#parameter-domainnamelabelscope) | string | The domain name label scope. If a domain name label and a domain name label scope are specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system with a hashed value includes in FQDN. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`fqdn`](#parameter-fqdn) | string | The Fully Qualified Domain Name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone. | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`publicIPAddressVersion`](#parameter-publicipaddressversion) | string | IP address version. | +| [`publicIPAllocationMethod`](#parameter-publicipallocationmethod) | string | The public IP address allocation method. | +| [`publicIPPrefixResourceId`](#parameter-publicipprefixresourceid) | string | Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. | +| [`reverseFqdn`](#parameter-reversefqdn) | string | The reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`skuName`](#parameter-skuname) | string | Name of a public IP address SKU. | +| [`skuTier`](#parameter-skutier) | string | Tier of a public IP address SKU. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | +| [`zones`](#parameter-zones) | array | A list of availability zones denoting the IP allocated for the resource needs to come from. | + +### Parameter: `diagnosticEventHubAuthorizationRuleId` + +Resource ID of the diagnostic event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticEventHubName` + +Name of the diagnostic event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticLogCategoriesToEnable` + +The name of logs that will be streamed. "allLogs" includes all possible logs for the resource. Set to '' to disable log collection. +- Required: No +- Type: array +- Default: `[allLogs]` +- Allowed: `['', allLogs, DDoSMitigationFlowLogs, DDoSMitigationReports, DDoSProtectionNotifications]` + +### Parameter: `diagnosticMetricsToEnable` + +The name of metrics that will be streamed. +- Required: No +- Type: array +- Default: `[AllMetrics]` +- Allowed: `[AllMetrics]` + +### Parameter: `diagnosticSettingsName` + +The name of the diagnostic setting, if deployed. If left empty, it defaults to "-diagnosticSettings". +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticStorageAccountId` + +Resource ID of the diagnostic storage account. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `diagnosticWorkspaceId` + +Resource ID of the diagnostic log analytics workspace. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `domainNameLabel` + +The domain name label. The concatenation of the domain name label and the regionalized DNS zone make up the fully qualified domain name associated with the public IP address. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `domainNameLabelScope` + +The domain name label scope. If a domain name label and a domain name label scope are specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system with a hashed value includes in FQDN. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', NoReuse, ResourceGroupReuse, SubscriptionReuse, TenantReuse]` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `fqdn` + +The Fully Qualified Domain Name of the A DNS record associated with the public IP. This is the concatenation of the domainNameLabel and the regionalized DNS zone. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +The name of the Public IP Address. +- Required: Yes +- Type: string + +### Parameter: `publicIPAddressVersion` + +IP address version. +- Required: No +- Type: string +- Default: `'IPv4'` +- Allowed: `[IPv4, IPv6]` + +### Parameter: `publicIPAllocationMethod` + +The public IP address allocation method. +- Required: No +- Type: string +- Default: `'Static'` +- Allowed: `[Dynamic, Static]` + +### Parameter: `publicIPPrefixResourceId` + +Resource ID of the Public IP Prefix object. This is only needed if you want your Public IPs created in a PIP Prefix. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `reverseFqdn` + +The reverse FQDN. A user-visible, fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN. +- Required: No +- Type: string +- Default: `''` + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `skuName` + +Name of a public IP address SKU. +- Required: No +- Type: string +- Default: `'Standard'` +- Allowed: `[Basic, Standard]` + +### Parameter: `skuTier` + +Tier of a public IP address SKU. +- Required: No +- Type: string +- Default: `'Regional'` +- Allowed: `[Global, Regional]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `zones` + +A list of availability zones denoting the IP allocated for the resource needs to come from. +- Required: No +- Type: array +- Default: `[]` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `ipAddress` | string | The public IP address of the public IP address resource. | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the public IP address. | +| `resourceGroupName` | string | The resource group the public IP address was deployed into. | +| `resourceId` | string | The resource ID of the public IP address. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/public-ip-address/main.json b/modules/network/public-ip-address/main.json index 8bdcd4365b..583eea8a97 100644 --- a/modules/network/public-ip-address/main.json +++ b/modules/network/public-ip-address/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "1887898957722092173" + "version": "0.22.6.54827", + "templateHash": "4317747709004918530" }, "name": "Public IP Addresses", "description": "This module deploys a Public IP Address.", @@ -338,8 +338,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "7328126239184883887" + "version": "0.22.6.54827", + "templateHash": "9976109177347918049" } }, "parameters": { diff --git a/modules/network/public-ip-prefix/.test/common/main.test.bicep b/modules/network/public-ip-prefix/.test/common/main.test.bicep index edaa6063a0..473816e95b 100644 --- a/modules/network/public-ip-prefix/.test/common/main.test.bicep +++ b/modules/network/public-ip-prefix/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/public-ip-prefix/.test/min/main.test.bicep b/modules/network/public-ip-prefix/.test/min/main.test.bicep index 4c9350f358..33a41d88b4 100644 --- a/modules/network/public-ip-prefix/.test/min/main.test.bicep +++ b/modules/network/public-ip-prefix/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/public-ip-prefix/README.md b/modules/network/public-ip-prefix/README.md index 4c46286757..9e13285776 100644 --- a/modules/network/public-ip-prefix/README.md +++ b/modules/network/public-ip-prefix/README.md @@ -4,13 +4,13 @@ This module deploys a Public IP Prefix. ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -18,55 +18,29 @@ This module deploys a Public IP Prefix. | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Network/publicIPPrefixes` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/publicIPPrefixes) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Name of the Public IP Prefix. | -| `prefixLength` | int | Length of the Public IP Prefix. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `customIPPrefix` | object | `{object}` | | The customIpPrefix that this prefix is associated with. A custom IP address prefix is a contiguous range of IP addresses owned by an external customer and provisioned into a subscription. When a custom IP prefix is in Provisioned, Commissioning, or Commissioned state, a linked public IP prefix can be created. Either as a subset of the custom IP prefix range or the entire range. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `tags` | object | `{object}` | | Tags of the resource. | +## Usage examples +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the public IP prefix. | -| `resourceGroupName` | string | The resource group the public IP prefix was deployed into. | -| `resourceId` | string | The resource ID of the public IP prefix. | - -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.public-ip-prefix:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module publicIpPrefix './network/public-ip-prefix/main.bicep' = { +module publicIpPrefix 'br:bicep/modules/network.public-ip-prefix:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-npipcom' params: { // Required parameters @@ -144,14 +118,17 @@ module publicIpPrefix './network/public-ip-prefix/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module publicIpPrefix './network/public-ip-prefix/main.bicep' = { +module publicIpPrefix 'br:bicep/modules/network.public-ip-prefix:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-npipmin' params: { // Required parameters @@ -192,3 +169,93 @@ module publicIpPrefix './network/public-ip-prefix/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Name of the Public IP Prefix. | +| [`prefixLength`](#parameter-prefixlength) | int | Length of the Public IP Prefix. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`customIPPrefix`](#parameter-customipprefix) | object | The customIpPrefix that this prefix is associated with. A custom IP address prefix is a contiguous range of IP addresses owned by an external customer and provisioned into a subscription. When a custom IP prefix is in Provisioned, Commissioning, or Commissioned state, a linked public IP prefix can be created. Either as a subset of the custom IP prefix range or the entire range. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | + +### Parameter: `customIPPrefix` + +The customIpPrefix that this prefix is associated with. A custom IP address prefix is a contiguous range of IP addresses owned by an external customer and provisioned into a subscription. When a custom IP prefix is in Provisioned, Commissioning, or Commissioned state, a linked public IP prefix can be created. Either as a subset of the custom IP prefix range or the entire range. +- Required: No +- Type: object +- Default: `{object}` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name of the Public IP Prefix. +- Required: Yes +- Type: string + +### Parameter: `prefixLength` + +Length of the Public IP Prefix. +- Required: Yes +- Type: int + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the public IP prefix. | +| `resourceGroupName` | string | The resource group the public IP prefix was deployed into. | +| `resourceId` | string | The resource ID of the public IP prefix. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/public-ip-prefix/main.json b/modules/network/public-ip-prefix/main.json index 6c4991917a..be4b9e2e6f 100644 --- a/modules/network/public-ip-prefix/main.json +++ b/modules/network/public-ip-prefix/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "8483631788691370434" + "version": "0.22.6.54827", + "templateHash": "823818284337127737" }, "name": "Public IP Prefixes", "description": "This module deploys a Public IP Prefix.", @@ -153,8 +153,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "12600348536826609497" + "version": "0.22.6.54827", + "templateHash": "11602921617847310411" } }, "parameters": { diff --git a/modules/network/route-table/.test/common/main.test.bicep b/modules/network/route-table/.test/common/main.test.bicep index 4fafb95fe9..4c871b1d4c 100644 --- a/modules/network/route-table/.test/common/main.test.bicep +++ b/modules/network/route-table/.test/common/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/route-table/.test/min/main.test.bicep b/modules/network/route-table/.test/min/main.test.bicep index 1171694e3e..07d4264df8 100644 --- a/modules/network/route-table/.test/min/main.test.bicep +++ b/modules/network/route-table/.test/min/main.test.bicep @@ -1,5 +1,8 @@ targetScope = 'subscription' +metadata name = 'Using Maximum Parameters' +metadata description = 'This instance deploys the module with the large set of possible parameters.' + // ========== // // Parameters // // ========== // diff --git a/modules/network/route-table/README.md b/modules/network/route-table/README.md index cc9d1fc7b2..2a6b8a8c79 100644 --- a/modules/network/route-table/README.md +++ b/modules/network/route-table/README.md @@ -4,13 +4,13 @@ This module deploys a User Defined Route Table (UDR). ## Navigation -- [Resource types](#Resource-types) +- [Resource Types](#Resource-Types) +- [Usage examples](#Usage-examples) - [Parameters](#Parameters) - [Outputs](#Outputs) - [Cross-referenced modules](#Cross-referenced-modules) -- [Deployment examples](#Deployment-examples) -## Resource types +## Resource Types | Resource Type | API Version | | :-- | :-- | @@ -18,55 +18,29 @@ This module deploys a User Defined Route Table (UDR). | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Network/routeTables` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/routeTables) | -## Parameters - -**Required parameters** - -| Parameter Name | Type | Description | -| :-- | :-- | :-- | -| `name` | string | Name given for the hub route table. | - -**Optional parameters** - -| Parameter Name | Type | Default Value | Allowed Values | Description | -| :-- | :-- | :-- | :-- | :-- | -| `disableBgpRoutePropagation` | bool | `False` | | Switch to disable BGP route propagation. | -| `enableDefaultTelemetry` | bool | `True` | | Enable telemetry via a Globally Unique Identifier (GUID). | -| `location` | string | `[resourceGroup().location]` | | Location for all resources. | -| `lock` | string | `''` | `['', CanNotDelete, ReadOnly]` | Specify the type of lock. | -| `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| `routes` | array | `[]` | | An Array of Routes to be established within the hub route table. | -| `tags` | object | `{object}` | | Tags of the resource. | +## Usage examples +The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. + >**Note**: The name of each example is based on the name of the file from which it is taken. -## Outputs - -| Output Name | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the route table. | -| `resourceGroupName` | string | The resource group the route table was deployed into. | -| `resourceId` | string | The resource ID of the route table. | - -## Cross-referenced modules + >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. -_None_ + >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.route-table:1.0.0`. -## Deployment examples +- [Using only defaults](#example-1-using-only-defaults) +- [Using Maximum Parameters](#example-2-using-maximum-parameters) -The following module usage examples are retrieved from the content of the files hosted in the module's `.test` folder. - >**Note**: The name of each example is based on the name of the file from which it is taken. +### Example 1: _Using only defaults_ - >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. +This instance deploys the module with the minimum set of required parameters. -

Example 1: Common

via Bicep module ```bicep -module routeTable './network/route-table/main.bicep' = { +module routeTable 'br:bicep/modules/network.route-table:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nrtcom' params: { // Required parameters @@ -162,14 +136,17 @@ module routeTable './network/route-table/main.bicep' = {

-

Example 2: Min

+### Example 2: _Using Maximum Parameters_ + +This instance deploys the module with the large set of possible parameters. +
via Bicep module ```bicep -module routeTable './network/route-table/main.bicep' = { +module routeTable 'br:bicep/modules/network.route-table:1.0.0' = { name: '${uniqueString(deployment().name, location)}-test-nrtmin' params: { // Required parameters @@ -206,3 +183,94 @@ module routeTable './network/route-table/main.bicep' = {

+ + +## Parameters + +**Required parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`name`](#parameter-name) | string | Name given for the hub route table. | + +**Optional parameters** + +| Parameter | Type | Description | +| :-- | :-- | :-- | +| [`disableBgpRoutePropagation`](#parameter-disablebgproutepropagation) | bool | Switch to disable BGP route propagation. | +| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable telemetry via a Globally Unique Identifier (GUID). | +| [`location`](#parameter-location) | string | Location for all resources. | +| [`lock`](#parameter-lock) | string | Specify the type of lock. | +| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| [`routes`](#parameter-routes) | array | An Array of Routes to be established within the hub route table. | +| [`tags`](#parameter-tags) | object | Tags of the resource. | + +### Parameter: `disableBgpRoutePropagation` + +Switch to disable BGP route propagation. +- Required: No +- Type: bool +- Default: `False` + +### Parameter: `enableDefaultTelemetry` + +Enable telemetry via a Globally Unique Identifier (GUID). +- Required: No +- Type: bool +- Default: `True` + +### Parameter: `location` + +Location for all resources. +- Required: No +- Type: string +- Default: `[resourceGroup().location]` + +### Parameter: `lock` + +Specify the type of lock. +- Required: No +- Type: string +- Default: `''` +- Allowed: `['', CanNotDelete, ReadOnly]` + +### Parameter: `name` + +Name given for the hub route table. +- Required: Yes +- Type: string + +### Parameter: `roleAssignments` + +Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `routes` + +An Array of Routes to be established within the hub route table. +- Required: No +- Type: array +- Default: `[]` + +### Parameter: `tags` + +Tags of the resource. +- Required: No +- Type: object +- Default: `{object}` + + +## Outputs + +| Output | Type | Description | +| :-- | :-- | :-- | +| `location` | string | The location the resource was deployed into. | +| `name` | string | The name of the route table. | +| `resourceGroupName` | string | The resource group the route table was deployed into. | +| `resourceId` | string | The resource ID of the route table. | + +## Cross-referenced modules + +_None_ diff --git a/modules/network/route-table/main.json b/modules/network/route-table/main.json index 88ee39b935..af2f4acac1 100644 --- a/modules/network/route-table/main.json +++ b/modules/network/route-table/main.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "16901020059432572250" + "version": "0.22.6.54827", + "templateHash": "14175124869769293837" }, "name": "Route Tables", "description": "This module deploys a User Defined Route Table (UDR).", @@ -147,8 +147,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.21.1.54444", - "templateHash": "15918129007023123856" + "version": "0.22.6.54827", + "templateHash": "5854028200493831551" } }, "parameters": { From 9c06daf419aaf486201f9b6c06a3f6272265df65 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Sun, 15 Oct 2023 18:43:46 +0200 Subject: [PATCH 2/4] Fixed templates --- modules/network/bastion-host/.test/common/main.test.bicep | 4 ++-- modules/network/bastion-host/.test/min/main.test.bicep | 4 ++-- .../network/ddos-protection-plan/.test/common/main.test.bicep | 4 ++-- .../network/ddos-protection-plan/.test/min/main.test.bicep | 4 ++-- .../dns-forwarding-ruleset/.test/common/main.test.bicep | 4 ++-- .../network/dns-forwarding-ruleset/.test/min/main.test.bicep | 4 ++-- modules/network/dns-resolver/.test/common/main.test.bicep | 4 ++-- modules/network/dns-zone/.test/common/main.test.bicep | 4 ++-- modules/network/dns-zone/.test/min/main.test.bicep | 4 ++-- .../express-route-circuit/.test/common/main.test.bicep | 4 ++-- .../network/express-route-circuit/.test/min/main.test.bicep | 4 ++-- .../express-route-gateway/.test/common/main.test.bicep | 4 ++-- .../network/express-route-gateway/.test/min/main.test.bicep | 4 ++-- modules/network/firewall-policy/.test/common/main.test.bicep | 4 ++-- modules/network/firewall-policy/.test/min/main.test.bicep | 4 ++-- .../.test/common/main.test.bicep | 4 ++-- .../.test/min/main.test.bicep | 4 ++-- modules/network/front-door/.test/common/main.test.bicep | 4 ++-- modules/network/front-door/.test/min/main.test.bicep | 4 ++-- modules/network/ip-group/.test/common/main.test.bicep | 4 ++-- modules/network/ip-group/.test/min/main.test.bicep | 4 ++-- modules/network/load-balancer/.test/common/main.test.bicep | 4 ++-- modules/network/load-balancer/.test/min/main.test.bicep | 4 ++-- .../local-network-gateway/.test/common/main.test.bicep | 4 ++-- .../network/local-network-gateway/.test/min/main.test.bicep | 4 ++-- modules/network/nat-gateway/.test/common/main.test.bicep | 4 ++-- .../network/network-interface/.test/common/main.test.bicep | 4 ++-- modules/network/network-interface/.test/min/main.test.bicep | 4 ++-- modules/network/network-manager/.test/common/main.test.bicep | 4 ++-- .../network-security-group/.test/common/main.test.bicep | 4 ++-- .../network/network-security-group/.test/min/main.test.bicep | 4 ++-- modules/network/network-watcher/.test/common/main.test.bicep | 4 ++-- modules/network/network-watcher/.test/min/main.test.bicep | 4 ++-- modules/network/private-dns-zone/.test/common/main.test.bicep | 4 ++-- modules/network/private-dns-zone/.test/min/main.test.bicep | 4 ++-- modules/network/private-endpoint/.test/common/main.test.bicep | 4 ++-- modules/network/private-endpoint/.test/min/main.test.bicep | 4 ++-- .../network/private-link-service/.test/common/main.test.bicep | 4 ++-- .../network/private-link-service/.test/min/main.test.bicep | 4 ++-- .../network/public-ip-address/.test/common/main.test.bicep | 4 ++-- modules/network/public-ip-address/.test/min/main.test.bicep | 4 ++-- modules/network/public-ip-prefix/.test/common/main.test.bicep | 4 ++-- modules/network/public-ip-prefix/.test/min/main.test.bicep | 4 ++-- modules/network/route-table/.test/common/main.test.bicep | 4 ++-- modules/network/route-table/.test/min/main.test.bicep | 4 ++-- 45 files changed, 90 insertions(+), 90 deletions(-) diff --git a/modules/network/bastion-host/.test/common/main.test.bicep b/modules/network/bastion-host/.test/common/main.test.bicep index d2f4cf6fb8..d1d35669e5 100644 --- a/modules/network/bastion-host/.test/common/main.test.bicep +++ b/modules/network/bastion-host/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/bastion-host/.test/min/main.test.bicep b/modules/network/bastion-host/.test/min/main.test.bicep index 8a6f75385c..8292377077 100644 --- a/modules/network/bastion-host/.test/min/main.test.bicep +++ b/modules/network/bastion-host/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/ddos-protection-plan/.test/common/main.test.bicep b/modules/network/ddos-protection-plan/.test/common/main.test.bicep index da05471a15..fce1f1a2e1 100644 --- a/modules/network/ddos-protection-plan/.test/common/main.test.bicep +++ b/modules/network/ddos-protection-plan/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/ddos-protection-plan/.test/min/main.test.bicep b/modules/network/ddos-protection-plan/.test/min/main.test.bicep index 9f8a66aa32..3f06befe16 100644 --- a/modules/network/ddos-protection-plan/.test/min/main.test.bicep +++ b/modules/network/ddos-protection-plan/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/dns-forwarding-ruleset/.test/common/main.test.bicep b/modules/network/dns-forwarding-ruleset/.test/common/main.test.bicep index 74ecb4002b..456840540e 100644 --- a/modules/network/dns-forwarding-ruleset/.test/common/main.test.bicep +++ b/modules/network/dns-forwarding-ruleset/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/dns-forwarding-ruleset/.test/min/main.test.bicep b/modules/network/dns-forwarding-ruleset/.test/min/main.test.bicep index 36dafb5a90..0d95972412 100644 --- a/modules/network/dns-forwarding-ruleset/.test/min/main.test.bicep +++ b/modules/network/dns-forwarding-ruleset/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/dns-resolver/.test/common/main.test.bicep b/modules/network/dns-resolver/.test/common/main.test.bicep index 77aa7c02cc..91b991219f 100644 --- a/modules/network/dns-resolver/.test/common/main.test.bicep +++ b/modules/network/dns-resolver/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/dns-zone/.test/common/main.test.bicep b/modules/network/dns-zone/.test/common/main.test.bicep index 9494d9f363..9089e5552d 100644 --- a/modules/network/dns-zone/.test/common/main.test.bicep +++ b/modules/network/dns-zone/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/dns-zone/.test/min/main.test.bicep b/modules/network/dns-zone/.test/min/main.test.bicep index f1ac6ecea8..99dd5b9612 100644 --- a/modules/network/dns-zone/.test/min/main.test.bicep +++ b/modules/network/dns-zone/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/express-route-circuit/.test/common/main.test.bicep b/modules/network/express-route-circuit/.test/common/main.test.bicep index c53e938738..998480bdb7 100644 --- a/modules/network/express-route-circuit/.test/common/main.test.bicep +++ b/modules/network/express-route-circuit/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/express-route-circuit/.test/min/main.test.bicep b/modules/network/express-route-circuit/.test/min/main.test.bicep index 67c484ddc6..9023c41dfe 100644 --- a/modules/network/express-route-circuit/.test/min/main.test.bicep +++ b/modules/network/express-route-circuit/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/express-route-gateway/.test/common/main.test.bicep b/modules/network/express-route-gateway/.test/common/main.test.bicep index 8744b1d5ea..f389654b3a 100644 --- a/modules/network/express-route-gateway/.test/common/main.test.bicep +++ b/modules/network/express-route-gateway/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/express-route-gateway/.test/min/main.test.bicep b/modules/network/express-route-gateway/.test/min/main.test.bicep index 42e56e5b89..b410608160 100644 --- a/modules/network/express-route-gateway/.test/min/main.test.bicep +++ b/modules/network/express-route-gateway/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/firewall-policy/.test/common/main.test.bicep b/modules/network/firewall-policy/.test/common/main.test.bicep index d4904dcad3..6e31f926a9 100644 --- a/modules/network/firewall-policy/.test/common/main.test.bicep +++ b/modules/network/firewall-policy/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/firewall-policy/.test/min/main.test.bicep b/modules/network/firewall-policy/.test/min/main.test.bicep index 9befa1733c..2efbeaeead 100644 --- a/modules/network/firewall-policy/.test/min/main.test.bicep +++ b/modules/network/firewall-policy/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/front-door-web-application-firewall-policy/.test/common/main.test.bicep b/modules/network/front-door-web-application-firewall-policy/.test/common/main.test.bicep index bce0b16d65..cac5194f09 100644 --- a/modules/network/front-door-web-application-firewall-policy/.test/common/main.test.bicep +++ b/modules/network/front-door-web-application-firewall-policy/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/front-door-web-application-firewall-policy/.test/min/main.test.bicep b/modules/network/front-door-web-application-firewall-policy/.test/min/main.test.bicep index 2203aa1dd7..e6dc94614a 100644 --- a/modules/network/front-door-web-application-firewall-policy/.test/min/main.test.bicep +++ b/modules/network/front-door-web-application-firewall-policy/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/front-door/.test/common/main.test.bicep b/modules/network/front-door/.test/common/main.test.bicep index 953b044059..0be1df0eeb 100644 --- a/modules/network/front-door/.test/common/main.test.bicep +++ b/modules/network/front-door/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/front-door/.test/min/main.test.bicep b/modules/network/front-door/.test/min/main.test.bicep index a11667f30d..d924dcbb25 100644 --- a/modules/network/front-door/.test/min/main.test.bicep +++ b/modules/network/front-door/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/ip-group/.test/common/main.test.bicep b/modules/network/ip-group/.test/common/main.test.bicep index 163f4b662b..a039b89e08 100644 --- a/modules/network/ip-group/.test/common/main.test.bicep +++ b/modules/network/ip-group/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/ip-group/.test/min/main.test.bicep b/modules/network/ip-group/.test/min/main.test.bicep index fdf786819e..174c87ae38 100644 --- a/modules/network/ip-group/.test/min/main.test.bicep +++ b/modules/network/ip-group/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/load-balancer/.test/common/main.test.bicep b/modules/network/load-balancer/.test/common/main.test.bicep index cdfff057be..48e5080b95 100644 --- a/modules/network/load-balancer/.test/common/main.test.bicep +++ b/modules/network/load-balancer/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/load-balancer/.test/min/main.test.bicep b/modules/network/load-balancer/.test/min/main.test.bicep index fa33adefac..dbb4ca6571 100644 --- a/modules/network/load-balancer/.test/min/main.test.bicep +++ b/modules/network/load-balancer/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/local-network-gateway/.test/common/main.test.bicep b/modules/network/local-network-gateway/.test/common/main.test.bicep index 1a5b15a9df..1571c5666b 100644 --- a/modules/network/local-network-gateway/.test/common/main.test.bicep +++ b/modules/network/local-network-gateway/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/local-network-gateway/.test/min/main.test.bicep b/modules/network/local-network-gateway/.test/min/main.test.bicep index 4e18475d60..b9577924ea 100644 --- a/modules/network/local-network-gateway/.test/min/main.test.bicep +++ b/modules/network/local-network-gateway/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/nat-gateway/.test/common/main.test.bicep b/modules/network/nat-gateway/.test/common/main.test.bicep index c2e784ada1..123ea8fa33 100644 --- a/modules/network/nat-gateway/.test/common/main.test.bicep +++ b/modules/network/nat-gateway/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/network-interface/.test/common/main.test.bicep b/modules/network/network-interface/.test/common/main.test.bicep index af1b75e90a..83c71ae251 100644 --- a/modules/network/network-interface/.test/common/main.test.bicep +++ b/modules/network/network-interface/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/network-interface/.test/min/main.test.bicep b/modules/network/network-interface/.test/min/main.test.bicep index 6b96f1f644..8a045fec44 100644 --- a/modules/network/network-interface/.test/min/main.test.bicep +++ b/modules/network/network-interface/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/network-manager/.test/common/main.test.bicep b/modules/network/network-manager/.test/common/main.test.bicep index fa35be8530..4fe31be136 100644 --- a/modules/network/network-manager/.test/common/main.test.bicep +++ b/modules/network/network-manager/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/network-security-group/.test/common/main.test.bicep b/modules/network/network-security-group/.test/common/main.test.bicep index f86dd33cf3..7485a71e53 100644 --- a/modules/network/network-security-group/.test/common/main.test.bicep +++ b/modules/network/network-security-group/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/network-security-group/.test/min/main.test.bicep b/modules/network/network-security-group/.test/min/main.test.bicep index 75f9cf419d..225b630945 100644 --- a/modules/network/network-security-group/.test/min/main.test.bicep +++ b/modules/network/network-security-group/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/network-watcher/.test/common/main.test.bicep b/modules/network/network-watcher/.test/common/main.test.bicep index d704a562c7..e2f9503531 100644 --- a/modules/network/network-watcher/.test/common/main.test.bicep +++ b/modules/network/network-watcher/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/network-watcher/.test/min/main.test.bicep b/modules/network/network-watcher/.test/min/main.test.bicep index 873216d559..026f230ae4 100644 --- a/modules/network/network-watcher/.test/min/main.test.bicep +++ b/modules/network/network-watcher/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/private-dns-zone/.test/common/main.test.bicep b/modules/network/private-dns-zone/.test/common/main.test.bicep index c4d8f69524..aa4ccf202e 100644 --- a/modules/network/private-dns-zone/.test/common/main.test.bicep +++ b/modules/network/private-dns-zone/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/private-dns-zone/.test/min/main.test.bicep b/modules/network/private-dns-zone/.test/min/main.test.bicep index 945a123d21..db60e58143 100644 --- a/modules/network/private-dns-zone/.test/min/main.test.bicep +++ b/modules/network/private-dns-zone/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/private-endpoint/.test/common/main.test.bicep b/modules/network/private-endpoint/.test/common/main.test.bicep index 927054e31c..cb0fb12e41 100644 --- a/modules/network/private-endpoint/.test/common/main.test.bicep +++ b/modules/network/private-endpoint/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/private-endpoint/.test/min/main.test.bicep b/modules/network/private-endpoint/.test/min/main.test.bicep index 06ca2b7696..6d5c80f1b3 100644 --- a/modules/network/private-endpoint/.test/min/main.test.bicep +++ b/modules/network/private-endpoint/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/private-link-service/.test/common/main.test.bicep b/modules/network/private-link-service/.test/common/main.test.bicep index de2d3c38f0..484eb7d22f 100644 --- a/modules/network/private-link-service/.test/common/main.test.bicep +++ b/modules/network/private-link-service/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/private-link-service/.test/min/main.test.bicep b/modules/network/private-link-service/.test/min/main.test.bicep index ce32db372e..d56543c89b 100644 --- a/modules/network/private-link-service/.test/min/main.test.bicep +++ b/modules/network/private-link-service/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/public-ip-address/.test/common/main.test.bicep b/modules/network/public-ip-address/.test/common/main.test.bicep index f5a4054443..277545a521 100644 --- a/modules/network/public-ip-address/.test/common/main.test.bicep +++ b/modules/network/public-ip-address/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/public-ip-address/.test/min/main.test.bicep b/modules/network/public-ip-address/.test/min/main.test.bicep index 1e35fe3c31..e0f4f0d87d 100644 --- a/modules/network/public-ip-address/.test/min/main.test.bicep +++ b/modules/network/public-ip-address/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/public-ip-prefix/.test/common/main.test.bicep b/modules/network/public-ip-prefix/.test/common/main.test.bicep index 473816e95b..e7db377c6b 100644 --- a/modules/network/public-ip-prefix/.test/common/main.test.bicep +++ b/modules/network/public-ip-prefix/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/public-ip-prefix/.test/min/main.test.bicep b/modules/network/public-ip-prefix/.test/min/main.test.bicep index 33a41d88b4..8115e852ed 100644 --- a/modules/network/public-ip-prefix/.test/min/main.test.bicep +++ b/modules/network/public-ip-prefix/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // diff --git a/modules/network/route-table/.test/common/main.test.bicep b/modules/network/route-table/.test/common/main.test.bicep index 4c871b1d4c..6503e9bef3 100644 --- a/modules/network/route-table/.test/common/main.test.bicep +++ b/modules/network/route-table/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using only defaults' -metadata description = 'This instance deploys the module with the minimum set of required parameters.' +metadata name = 'Using a large set of parameters' +metadata description = 'This instance deploys the module with a large set of possible parameters.' // ========== // // Parameters // diff --git a/modules/network/route-table/.test/min/main.test.bicep b/modules/network/route-table/.test/min/main.test.bicep index 07d4264df8..1515b9a8fb 100644 --- a/modules/network/route-table/.test/min/main.test.bicep +++ b/modules/network/route-table/.test/min/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using Maximum Parameters' -metadata description = 'This instance deploys the module with the large set of possible parameters.' +metadata name = 'Using only defaults' +metadata description = 'This instance deploys the module with the minimum set of required parameters.' // ========== // // Parameters // From 10d145c1a144de5abfdf6ada025407066f971a02 Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Sun, 15 Oct 2023 19:14:14 +0200 Subject: [PATCH 3/4] Regen --- .../bastion-host/.test/common/main.test.bicep | 4 ++-- modules/network/bastion-host/README.md | 12 ++++++------ .../.test/common/main.test.bicep | 4 ++-- modules/network/ddos-protection-plan/README.md | 12 ++++++------ .../.test/common/main.test.bicep | 4 ++-- modules/network/dns-forwarding-ruleset/README.md | 12 ++++++------ .../dns-resolver/.test/common/main.test.bicep | 4 ++-- modules/network/dns-resolver/README.md | 6 +++--- .../network/dns-zone/.test/common/main.test.bicep | 4 ++-- modules/network/dns-zone/README.md | 12 ++++++------ .../.test/common/main.test.bicep | 4 ++-- modules/network/express-route-circuit/README.md | 12 ++++++------ .../.test/common/main.test.bicep | 4 ++-- modules/network/express-route-gateway/README.md | 12 ++++++------ .../firewall-policy/.test/common/main.test.bicep | 4 ++-- modules/network/firewall-policy/README.md | 12 ++++++------ .../.test/common/main.test.bicep | 4 ++-- .../README.md | 12 ++++++------ .../network/front-door/.test/common/main.test.bicep | 4 ++-- modules/network/front-door/README.md | 12 ++++++------ .../network/ip-group/.test/common/main.test.bicep | 4 ++-- modules/network/ip-group/README.md | 12 ++++++------ .../load-balancer/.test/common/main.test.bicep | 4 ++-- modules/network/load-balancer/README.md | 12 ++++++------ .../.test/common/main.test.bicep | 4 ++-- modules/network/local-network-gateway/README.md | 12 ++++++------ .../network/nat-gateway/.test/common/main.test.bicep | 4 ++-- modules/network/nat-gateway/README.md | 6 +++--- .../network-interface/.test/common/main.test.bicep | 4 ++-- modules/network/network-interface/README.md | 12 ++++++------ .../network-manager/.test/common/main.test.bicep | 4 ++-- modules/network/network-manager/README.md | 6 +++--- .../.test/common/main.test.bicep | 4 ++-- modules/network/network-security-group/README.md | 12 ++++++------ .../network-watcher/.test/common/main.test.bicep | 4 ++-- modules/network/network-watcher/README.md | 12 ++++++------ .../private-dns-zone/.test/common/main.test.bicep | 4 ++-- modules/network/private-dns-zone/README.md | 12 ++++++------ .../private-endpoint/.test/common/main.test.bicep | 4 ++-- modules/network/private-endpoint/README.md | 12 ++++++------ .../.test/common/main.test.bicep | 4 ++-- modules/network/private-link-service/README.md | 12 ++++++------ .../public-ip-address/.test/common/main.test.bicep | 4 ++-- modules/network/public-ip-address/README.md | 12 ++++++------ .../public-ip-prefix/.test/common/main.test.bicep | 4 ++-- modules/network/public-ip-prefix/README.md | 12 ++++++------ .../network/route-table/.test/common/main.test.bicep | 4 ++-- modules/network/route-table/README.md | 12 ++++++------ 48 files changed, 183 insertions(+), 183 deletions(-) diff --git a/modules/network/bastion-host/.test/common/main.test.bicep b/modules/network/bastion-host/.test/common/main.test.bicep index d1d35669e5..5d384c25e9 100644 --- a/modules/network/bastion-host/.test/common/main.test.bicep +++ b/modules/network/bastion-host/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/bastion-host/README.md b/modules/network/bastion-host/README.md index cff8ea7092..5a6daabb5b 100644 --- a/modules/network/bastion-host/README.md +++ b/modules/network/bastion-host/README.md @@ -29,13 +29,13 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.bastion-host:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) +- [Using large parameter set](#example-1-using-large-parameter-set) - [Custompip](#example-2-custompip) -- [Using Maximum Parameters](#example-3-using-maximum-parameters) +- [Using only defaults](#example-3-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.

@@ -286,9 +286,9 @@ module bastionHost 'br:bicep/modules/network.bastion-host:1.0.0' = {

-### Example 3: _Using Maximum Parameters_ +### Example 3: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/ddos-protection-plan/.test/common/main.test.bicep b/modules/network/ddos-protection-plan/.test/common/main.test.bicep index fce1f1a2e1..07f548e028 100644 --- a/modules/network/ddos-protection-plan/.test/common/main.test.bicep +++ b/modules/network/ddos-protection-plan/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/ddos-protection-plan/README.md b/modules/network/ddos-protection-plan/README.md index c963258757..499492a915 100644 --- a/modules/network/ddos-protection-plan/README.md +++ b/modules/network/ddos-protection-plan/README.md @@ -27,12 +27,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.ddos-protection-plan:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -114,9 +114,9 @@ module ddosProtectionPlan 'br:bicep/modules/network.ddos-protection-plan:1.0.0'

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/dns-forwarding-ruleset/.test/common/main.test.bicep b/modules/network/dns-forwarding-ruleset/.test/common/main.test.bicep index 456840540e..1580914504 100644 --- a/modules/network/dns-forwarding-ruleset/.test/common/main.test.bicep +++ b/modules/network/dns-forwarding-ruleset/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/dns-forwarding-ruleset/README.md b/modules/network/dns-forwarding-ruleset/README.md index 1e3946a38c..718fb0a48e 100644 --- a/modules/network/dns-forwarding-ruleset/README.md +++ b/modules/network/dns-forwarding-ruleset/README.md @@ -29,12 +29,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.dns-forwarding-ruleset:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -160,9 +160,9 @@ module dnsForwardingRuleset 'br:bicep/modules/network.dns-forwarding-ruleset:1.0

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/dns-resolver/.test/common/main.test.bicep b/modules/network/dns-resolver/.test/common/main.test.bicep index 91b991219f..10ca18a16f 100644 --- a/modules/network/dns-resolver/.test/common/main.test.bicep +++ b/modules/network/dns-resolver/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/dns-resolver/README.md b/modules/network/dns-resolver/README.md index 9449b67548..c58cc86c25 100644 --- a/modules/network/dns-resolver/README.md +++ b/modules/network/dns-resolver/README.md @@ -29,11 +29,11 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.dns-resolver:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) +- [Using large parameter set](#example-1-using-large-parameter-set) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
diff --git a/modules/network/dns-zone/.test/common/main.test.bicep b/modules/network/dns-zone/.test/common/main.test.bicep index 9089e5552d..f23e497864 100644 --- a/modules/network/dns-zone/.test/common/main.test.bicep +++ b/modules/network/dns-zone/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/dns-zone/README.md b/modules/network/dns-zone/README.md index 3f712420fc..b3ba131d95 100644 --- a/modules/network/dns-zone/README.md +++ b/modules/network/dns-zone/README.md @@ -37,12 +37,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.dns-zone:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -466,9 +466,9 @@ module dnsZone 'br:bicep/modules/network.dns-zone:1.0.0' = {

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/express-route-circuit/.test/common/main.test.bicep b/modules/network/express-route-circuit/.test/common/main.test.bicep index 998480bdb7..58ce2762f0 100644 --- a/modules/network/express-route-circuit/.test/common/main.test.bicep +++ b/modules/network/express-route-circuit/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/express-route-circuit/README.md b/modules/network/express-route-circuit/README.md index 28fc5376f4..eca37fe8f3 100644 --- a/modules/network/express-route-circuit/README.md +++ b/modules/network/express-route-circuit/README.md @@ -28,12 +28,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.express-route-circuit:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -155,9 +155,9 @@ module expressRouteCircuit 'br:bicep/modules/network.express-route-circuit:1.0.0

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/express-route-gateway/.test/common/main.test.bicep b/modules/network/express-route-gateway/.test/common/main.test.bicep index f389654b3a..9dd58dbbe3 100644 --- a/modules/network/express-route-gateway/.test/common/main.test.bicep +++ b/modules/network/express-route-gateway/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/express-route-gateway/README.md b/modules/network/express-route-gateway/README.md index 753d130bc6..fe14fb245d 100644 --- a/modules/network/express-route-gateway/README.md +++ b/modules/network/express-route-gateway/README.md @@ -27,12 +27,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.express-route-gateway:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -124,9 +124,9 @@ module expressRouteGateway 'br:bicep/modules/network.express-route-gateway:1.0.0

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/firewall-policy/.test/common/main.test.bicep b/modules/network/firewall-policy/.test/common/main.test.bicep index 6e31f926a9..b0f3e73de8 100644 --- a/modules/network/firewall-policy/.test/common/main.test.bicep +++ b/modules/network/firewall-policy/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/firewall-policy/README.md b/modules/network/firewall-policy/README.md index 6a4c12ae18..ca06ec2bdb 100644 --- a/modules/network/firewall-policy/README.md +++ b/modules/network/firewall-policy/README.md @@ -26,12 +26,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.firewall-policy:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -175,9 +175,9 @@ module firewallPolicy 'br:bicep/modules/network.firewall-policy:1.0.0' = {

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/front-door-web-application-firewall-policy/.test/common/main.test.bicep b/modules/network/front-door-web-application-firewall-policy/.test/common/main.test.bicep index cac5194f09..a971d68691 100644 --- a/modules/network/front-door-web-application-firewall-policy/.test/common/main.test.bicep +++ b/modules/network/front-door-web-application-firewall-policy/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/front-door-web-application-firewall-policy/README.md b/modules/network/front-door-web-application-firewall-policy/README.md index 8b56ef7643..1933188523 100644 --- a/modules/network/front-door-web-application-firewall-policy/README.md +++ b/modules/network/front-door-web-application-firewall-policy/README.md @@ -27,12 +27,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.front-door-web-application-firewall-policy:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -248,9 +248,9 @@ module frontDoorWebApplicationFirewallPolicy 'br:bicep/modules/network.front-doo

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/front-door/.test/common/main.test.bicep b/modules/network/front-door/.test/common/main.test.bicep index 0be1df0eeb..dfc4e2b726 100644 --- a/modules/network/front-door/.test/common/main.test.bicep +++ b/modules/network/front-door/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/front-door/README.md b/modules/network/front-door/README.md index 2d15e13f22..f15fd3ed45 100644 --- a/modules/network/front-door/README.md +++ b/modules/network/front-door/README.md @@ -28,12 +28,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.front-door:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -307,9 +307,9 @@ module frontDoor 'br:bicep/modules/network.front-door:1.0.0' = {

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/ip-group/.test/common/main.test.bicep b/modules/network/ip-group/.test/common/main.test.bicep index a039b89e08..61476fd930 100644 --- a/modules/network/ip-group/.test/common/main.test.bicep +++ b/modules/network/ip-group/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/ip-group/README.md b/modules/network/ip-group/README.md index 49d93b2d35..97d15373da 100644 --- a/modules/network/ip-group/README.md +++ b/modules/network/ip-group/README.md @@ -27,12 +27,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.ip-group:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -124,9 +124,9 @@ module ipGroup 'br:bicep/modules/network.ip-group:1.0.0' = {

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/load-balancer/.test/common/main.test.bicep b/modules/network/load-balancer/.test/common/main.test.bicep index 48e5080b95..6efb446ead 100644 --- a/modules/network/load-balancer/.test/common/main.test.bicep +++ b/modules/network/load-balancer/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/load-balancer/README.md b/modules/network/load-balancer/README.md index 107cbb8f8a..aeb7730c37 100644 --- a/modules/network/load-balancer/README.md +++ b/modules/network/load-balancer/README.md @@ -31,13 +31,13 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.load-balancer:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) +- [Using large parameter set](#example-1-using-large-parameter-set) - [Internal](#example-2-internal) -- [Using Maximum Parameters](#example-3-using-maximum-parameters) +- [Using only defaults](#example-3-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -522,9 +522,9 @@ module loadBalancer 'br:bicep/modules/network.load-balancer:1.0.0' = {

-### Example 3: _Using Maximum Parameters_ +### Example 3: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/local-network-gateway/.test/common/main.test.bicep b/modules/network/local-network-gateway/.test/common/main.test.bicep index 1571c5666b..8bebc4a7aa 100644 --- a/modules/network/local-network-gateway/.test/common/main.test.bicep +++ b/modules/network/local-network-gateway/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/local-network-gateway/README.md b/modules/network/local-network-gateway/README.md index 19e39e7759..7d85fd717d 100644 --- a/modules/network/local-network-gateway/README.md +++ b/modules/network/local-network-gateway/README.md @@ -27,12 +27,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.local-network-gateway:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -134,9 +134,9 @@ module localNetworkGateway 'br:bicep/modules/network.local-network-gateway:1.0.0

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/nat-gateway/.test/common/main.test.bicep b/modules/network/nat-gateway/.test/common/main.test.bicep index 123ea8fa33..178f58c027 100644 --- a/modules/network/nat-gateway/.test/common/main.test.bicep +++ b/modules/network/nat-gateway/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/nat-gateway/README.md b/modules/network/nat-gateway/README.md index cc91d2343b..f91f5944f4 100644 --- a/modules/network/nat-gateway/README.md +++ b/modules/network/nat-gateway/README.md @@ -29,11 +29,11 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.nat-gateway:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) +- [Using large parameter set](#example-1-using-large-parameter-set) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
diff --git a/modules/network/network-interface/.test/common/main.test.bicep b/modules/network/network-interface/.test/common/main.test.bicep index 83c71ae251..5a7bfcf666 100644 --- a/modules/network/network-interface/.test/common/main.test.bicep +++ b/modules/network/network-interface/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/network-interface/README.md b/modules/network/network-interface/README.md index 5f9acf3af5..88df39883f 100644 --- a/modules/network/network-interface/README.md +++ b/modules/network/network-interface/README.md @@ -28,12 +28,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.network-interface:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -181,9 +181,9 @@ module networkInterface 'br:bicep/modules/network.network-interface:1.0.0' = {

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/network-manager/.test/common/main.test.bicep b/modules/network/network-manager/.test/common/main.test.bicep index 4fe31be136..e0899bd41c 100644 --- a/modules/network/network-manager/.test/common/main.test.bicep +++ b/modules/network/network-manager/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/network-manager/README.md b/modules/network/network-manager/README.md index a107a7ffab..e1b62219f6 100644 --- a/modules/network/network-manager/README.md +++ b/modules/network/network-manager/README.md @@ -35,11 +35,11 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.network-manager:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) +- [Using large parameter set](#example-1-using-large-parameter-set) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
diff --git a/modules/network/network-security-group/.test/common/main.test.bicep b/modules/network/network-security-group/.test/common/main.test.bicep index 7485a71e53..b3d3aa351f 100644 --- a/modules/network/network-security-group/.test/common/main.test.bicep +++ b/modules/network/network-security-group/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/network-security-group/README.md b/modules/network/network-security-group/README.md index 50b679a40a..d3fbf0e24c 100644 --- a/modules/network/network-security-group/README.md +++ b/modules/network/network-security-group/README.md @@ -29,12 +29,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.network-security-group:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -262,9 +262,9 @@ module networkSecurityGroup 'br:bicep/modules/network.network-security-group:1.0

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/network-watcher/.test/common/main.test.bicep b/modules/network/network-watcher/.test/common/main.test.bicep index e2f9503531..ddc0677786 100644 --- a/modules/network/network-watcher/.test/common/main.test.bicep +++ b/modules/network/network-watcher/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/network-watcher/README.md b/modules/network/network-watcher/README.md index 79fb42d997..073d9e291c 100644 --- a/modules/network/network-watcher/README.md +++ b/modules/network/network-watcher/README.md @@ -29,12 +29,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.network-watcher:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -254,9 +254,9 @@ module networkWatcher 'br:bicep/modules/network.network-watcher:1.0.0' = {

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/private-dns-zone/.test/common/main.test.bicep b/modules/network/private-dns-zone/.test/common/main.test.bicep index aa4ccf202e..d3e5ad38db 100644 --- a/modules/network/private-dns-zone/.test/common/main.test.bicep +++ b/modules/network/private-dns-zone/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/private-dns-zone/README.md b/modules/network/private-dns-zone/README.md index a67a704c4f..061d4ba5e7 100644 --- a/modules/network/private-dns-zone/README.md +++ b/modules/network/private-dns-zone/README.md @@ -36,12 +36,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.private-dns-zone:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -471,9 +471,9 @@ module privateDnsZone 'br:bicep/modules/network.private-dns-zone:1.0.0' = {

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/private-endpoint/.test/common/main.test.bicep b/modules/network/private-endpoint/.test/common/main.test.bicep index cb0fb12e41..856807277f 100644 --- a/modules/network/private-endpoint/.test/common/main.test.bicep +++ b/modules/network/private-endpoint/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/private-endpoint/README.md b/modules/network/private-endpoint/README.md index d7b82e105b..3483991f6e 100644 --- a/modules/network/private-endpoint/README.md +++ b/modules/network/private-endpoint/README.md @@ -28,12 +28,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.private-endpoint:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -181,9 +181,9 @@ module privateEndpoint 'br:bicep/modules/network.private-endpoint:1.0.0' = {

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/private-link-service/.test/common/main.test.bicep b/modules/network/private-link-service/.test/common/main.test.bicep index 484eb7d22f..2566dda08b 100644 --- a/modules/network/private-link-service/.test/common/main.test.bicep +++ b/modules/network/private-link-service/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/private-link-service/README.md b/modules/network/private-link-service/README.md index d52541742f..ae01faa267 100644 --- a/modules/network/private-link-service/README.md +++ b/modules/network/private-link-service/README.md @@ -28,12 +28,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.private-link-service:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -189,9 +189,9 @@ module privateLinkService 'br:bicep/modules/network.private-link-service:1.0.0'

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/public-ip-address/.test/common/main.test.bicep b/modules/network/public-ip-address/.test/common/main.test.bicep index 277545a521..73fe5bb4a5 100644 --- a/modules/network/public-ip-address/.test/common/main.test.bicep +++ b/modules/network/public-ip-address/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/public-ip-address/README.md b/modules/network/public-ip-address/README.md index 55f40cc11a..6e61c0e14d 100644 --- a/modules/network/public-ip-address/README.md +++ b/modules/network/public-ip-address/README.md @@ -28,12 +28,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.public-ip-address:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -151,9 +151,9 @@ module publicIpAddress 'br:bicep/modules/network.public-ip-address:1.0.0' = {

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/public-ip-prefix/.test/common/main.test.bicep b/modules/network/public-ip-prefix/.test/common/main.test.bicep index e7db377c6b..4c96332650 100644 --- a/modules/network/public-ip-prefix/.test/common/main.test.bicep +++ b/modules/network/public-ip-prefix/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/public-ip-prefix/README.md b/modules/network/public-ip-prefix/README.md index 9e13285776..4b36341ba4 100644 --- a/modules/network/public-ip-prefix/README.md +++ b/modules/network/public-ip-prefix/README.md @@ -27,12 +27,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.public-ip-prefix:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -118,9 +118,9 @@ module publicIpPrefix 'br:bicep/modules/network.public-ip-prefix:1.0.0' = {

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

diff --git a/modules/network/route-table/.test/common/main.test.bicep b/modules/network/route-table/.test/common/main.test.bicep index 6503e9bef3..760b5c2741 100644 --- a/modules/network/route-table/.test/common/main.test.bicep +++ b/modules/network/route-table/.test/common/main.test.bicep @@ -1,7 +1,7 @@ targetScope = 'subscription' -metadata name = 'Using a large set of parameters' -metadata description = 'This instance deploys the module with a large set of possible parameters.' +metadata name = 'Using large parameter set' +metadata description = 'This instance deploys the module with most of its features enabled.' // ========== // // Parameters // diff --git a/modules/network/route-table/README.md b/modules/network/route-table/README.md index 2a6b8a8c79..3e2e93cad8 100644 --- a/modules/network/route-table/README.md +++ b/modules/network/route-table/README.md @@ -27,12 +27,12 @@ The following module usage examples are retrieved from the content of the files >**Note**: To reference the module, please use the following syntax `br:bicep/modules/network.route-table:1.0.0`. -- [Using only defaults](#example-1-using-only-defaults) -- [Using Maximum Parameters](#example-2-using-maximum-parameters) +- [Using large parameter set](#example-1-using-large-parameter-set) +- [Using only defaults](#example-2-using-only-defaults) -### Example 1: _Using only defaults_ +### Example 1: _Using large parameter set_ -This instance deploys the module with the minimum set of required parameters. +This instance deploys the module with most of its features enabled.
@@ -136,9 +136,9 @@ module routeTable 'br:bicep/modules/network.route-table:1.0.0' = {

-### Example 2: _Using Maximum Parameters_ +### Example 2: _Using only defaults_ -This instance deploys the module with the large set of possible parameters. +This instance deploys the module with the minimum set of required parameters.

From f9c6a238d949e70a1fb7eeaa0dc5c29475d3a09c Mon Sep 17 00:00:00 2001 From: AlexanderSehr Date: Mon, 16 Oct 2023 12:56:18 +0200 Subject: [PATCH 4/4] Renamed header --- modules/network/bastion-host/README.md | 2 +- modules/network/connection/README.md | 2 +- modules/network/ddos-protection-plan/README.md | 2 +- modules/network/dns-forwarding-ruleset/README.md | 2 +- modules/network/dns-resolver/README.md | 2 +- modules/network/dns-zone/README.md | 2 +- modules/network/express-route-circuit/README.md | 2 +- modules/network/express-route-gateway/README.md | 2 +- modules/network/firewall-policy/README.md | 2 +- .../front-door-web-application-firewall-policy/README.md | 2 +- modules/network/front-door/README.md | 2 +- modules/network/ip-group/README.md | 2 +- modules/network/load-balancer/README.md | 2 +- modules/network/local-network-gateway/README.md | 2 +- modules/network/nat-gateway/README.md | 2 +- modules/network/network-interface/README.md | 2 +- modules/network/network-manager/README.md | 2 +- modules/network/network-security-group/README.md | 2 +- modules/network/network-watcher/README.md | 2 +- modules/network/private-dns-zone/README.md | 2 +- modules/network/private-endpoint/README.md | 2 +- modules/network/private-link-service/README.md | 2 +- modules/network/public-ip-address/README.md | 2 +- modules/network/public-ip-prefix/README.md | 2 +- modules/network/route-table/README.md | 2 +- 25 files changed, 25 insertions(+), 25 deletions(-) diff --git a/modules/network/bastion-host/README.md b/modules/network/bastion-host/README.md index 5a6daabb5b..6a426f834e 100644 --- a/modules/network/bastion-host/README.md +++ b/modules/network/bastion-host/README.md @@ -22,7 +22,7 @@ This module deploys a Bastion Host. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/connection/README.md b/modules/network/connection/README.md index a9f6c4f04f..118cbacdc0 100644 --- a/modules/network/connection/README.md +++ b/modules/network/connection/README.md @@ -20,7 +20,7 @@ This module deploys a Virtual Network Gateway Connection. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/ddos-protection-plan/README.md b/modules/network/ddos-protection-plan/README.md index 499492a915..6f6556d8b5 100644 --- a/modules/network/ddos-protection-plan/README.md +++ b/modules/network/ddos-protection-plan/README.md @@ -20,7 +20,7 @@ This module deploys a DDoS Protection Plan. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/dns-forwarding-ruleset/README.md b/modules/network/dns-forwarding-ruleset/README.md index 718fb0a48e..2662c26b01 100644 --- a/modules/network/dns-forwarding-ruleset/README.md +++ b/modules/network/dns-forwarding-ruleset/README.md @@ -22,7 +22,7 @@ This template deploys an dns forwarding ruleset. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/dns-resolver/README.md b/modules/network/dns-resolver/README.md index c58cc86c25..afce3669ec 100644 --- a/modules/network/dns-resolver/README.md +++ b/modules/network/dns-resolver/README.md @@ -22,7 +22,7 @@ This module deploys a DNS Resolver. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/dns-zone/README.md b/modules/network/dns-zone/README.md index b3ba131d95..f2b2294a26 100644 --- a/modules/network/dns-zone/README.md +++ b/modules/network/dns-zone/README.md @@ -30,7 +30,7 @@ This module deploys a Public DNS zone. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/express-route-circuit/README.md b/modules/network/express-route-circuit/README.md index eca37fe8f3..92c9e6ab0f 100644 --- a/modules/network/express-route-circuit/README.md +++ b/modules/network/express-route-circuit/README.md @@ -21,7 +21,7 @@ This module deploys an Express Route Circuit. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/express-route-gateway/README.md b/modules/network/express-route-gateway/README.md index fe14fb245d..399b06a08f 100644 --- a/modules/network/express-route-gateway/README.md +++ b/modules/network/express-route-gateway/README.md @@ -20,7 +20,7 @@ This module deploys an Express Route Gateway. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/firewall-policy/README.md b/modules/network/firewall-policy/README.md index ca06ec2bdb..715406c80a 100644 --- a/modules/network/firewall-policy/README.md +++ b/modules/network/firewall-policy/README.md @@ -19,7 +19,7 @@ This module deploys a Firewall Policy. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/front-door-web-application-firewall-policy/README.md b/modules/network/front-door-web-application-firewall-policy/README.md index 1933188523..99ffa22093 100644 --- a/modules/network/front-door-web-application-firewall-policy/README.md +++ b/modules/network/front-door-web-application-firewall-policy/README.md @@ -20,7 +20,7 @@ This module deploys a Front Door Web Application Firewall (WAF) Policy. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/front-door/README.md b/modules/network/front-door/README.md index f15fd3ed45..e910915724 100644 --- a/modules/network/front-door/README.md +++ b/modules/network/front-door/README.md @@ -21,7 +21,7 @@ This module deploys an Azure Front Door. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/ip-group/README.md b/modules/network/ip-group/README.md index 97d15373da..7c3d499c03 100644 --- a/modules/network/ip-group/README.md +++ b/modules/network/ip-group/README.md @@ -20,7 +20,7 @@ This module deploys an IP Group. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/load-balancer/README.md b/modules/network/load-balancer/README.md index aeb7730c37..60841765ed 100644 --- a/modules/network/load-balancer/README.md +++ b/modules/network/load-balancer/README.md @@ -24,7 +24,7 @@ This module deploys a Load Balancer. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/local-network-gateway/README.md b/modules/network/local-network-gateway/README.md index 7d85fd717d..f96090d77c 100644 --- a/modules/network/local-network-gateway/README.md +++ b/modules/network/local-network-gateway/README.md @@ -20,7 +20,7 @@ This module deploys a Local Network Gateway. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/nat-gateway/README.md b/modules/network/nat-gateway/README.md index f91f5944f4..39752020da 100644 --- a/modules/network/nat-gateway/README.md +++ b/modules/network/nat-gateway/README.md @@ -22,7 +22,7 @@ This module deploys a NAT Gateway. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/network-interface/README.md b/modules/network/network-interface/README.md index 88df39883f..4209edea84 100644 --- a/modules/network/network-interface/README.md +++ b/modules/network/network-interface/README.md @@ -21,7 +21,7 @@ This module deploys a Network Interface. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/network-manager/README.md b/modules/network/network-manager/README.md index e1b62219f6..740c783726 100644 --- a/modules/network/network-manager/README.md +++ b/modules/network/network-manager/README.md @@ -28,7 +28,7 @@ This module deploys a Network Manager. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/network-security-group/README.md b/modules/network/network-security-group/README.md index d3fbf0e24c..9400d62eca 100644 --- a/modules/network/network-security-group/README.md +++ b/modules/network/network-security-group/README.md @@ -22,7 +22,7 @@ This module deploys a Network security Group (NSG). ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/network-watcher/README.md b/modules/network/network-watcher/README.md index 073d9e291c..e19e0d9429 100644 --- a/modules/network/network-watcher/README.md +++ b/modules/network/network-watcher/README.md @@ -22,7 +22,7 @@ This module deploys a Network Watcher. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/private-dns-zone/README.md b/modules/network/private-dns-zone/README.md index 061d4ba5e7..d350acc2d9 100644 --- a/modules/network/private-dns-zone/README.md +++ b/modules/network/private-dns-zone/README.md @@ -29,7 +29,7 @@ This module deploys a Private DNS zone. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/private-endpoint/README.md b/modules/network/private-endpoint/README.md index 3483991f6e..a0950eb2e3 100644 --- a/modules/network/private-endpoint/README.md +++ b/modules/network/private-endpoint/README.md @@ -21,7 +21,7 @@ This module deploys a Private Endpoint. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/private-link-service/README.md b/modules/network/private-link-service/README.md index ae01faa267..c6550ce2d4 100644 --- a/modules/network/private-link-service/README.md +++ b/modules/network/private-link-service/README.md @@ -21,7 +21,7 @@ This module deploys a Private Link Service. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/public-ip-address/README.md b/modules/network/public-ip-address/README.md index 6e61c0e14d..729e77265e 100644 --- a/modules/network/public-ip-address/README.md +++ b/modules/network/public-ip-address/README.md @@ -21,7 +21,7 @@ This module deploys a Public IP Address. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/public-ip-prefix/README.md b/modules/network/public-ip-prefix/README.md index 4b36341ba4..d8ee284789 100644 --- a/modules/network/public-ip-prefix/README.md +++ b/modules/network/public-ip-prefix/README.md @@ -20,7 +20,7 @@ This module deploys a Public IP Prefix. ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order. diff --git a/modules/network/route-table/README.md b/modules/network/route-table/README.md index 3e2e93cad8..19136ab892 100644 --- a/modules/network/route-table/README.md +++ b/modules/network/route-table/README.md @@ -20,7 +20,7 @@ This module deploys a User Defined Route Table (UDR). ## Usage examples -The following module usage examples are retrieved from the content of the files hosted in the module's `tests` folder. +The following section provides usage examples for the module, which were used to validate and deploy the module successfully. For a full reference, please review the module's test folder in its repository. >**Note**: The name of each example is based on the name of the file from which it is taken. >**Note**: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.