Azure/ResourceModules v0.3.0

v 0.3.0

on GitHub

Highlights

• Modules
  • Full alignment to parent-child-resource structure to allow individual child deployment as well as top-down deployments (parent plus child resources)
  • Vastly improved alignment of module parameters to API (for example almost all modules use the name input parameter instead of <resourceType>Name). This should make the modules easier to use and cross reference with for example the ARM template reference
  • Numerous smaller fixes
  • Added many additional parameter files for module validation and test cases in each (for example diagnosticSettings)
  • Added remaining metadata to module outputs
  • Aligned identity handling across modules
• Platform
  • More streamlined pipeline that executes each tested parameter file in one job (validate-deploy-remove) instead of waiting at each stage for all other tests to conclude
  • Revamped resource removal using deployment names instead of tags for increased stability & a wider support of resources
  • Updated dependency pipeline
  • Introduced Token-Replacement solution to make shared-parameter usage (for example RBAC principalId) and secret-masking (for example subscriptionId) easier.
    • Implemented local testing script to enable continuous local testing - even with tokens added in the parameter files
• Tools
  • Improved ReadMe generation script (for example, now supports also Parameter Usage section)
• Wiki
  • Added a Context section to illustrate where CARML fits in a larger IaC setup
  • Improved docs for Pipelines, Modules & Testing
  • Extended Getting Started section

Merged PRs

• Update Testing wiki by @eriqua in #334
• Updated parameter & pipelines to new tenant IDs by @MrMCake in #348
• • additional ER GW Skus to support no AZ regions by @ahmadabdalla in #350
• Updated MgmtGroupID by @MrMCake in #352
• Cleanup + alignment by @MariusStorhaug in #353
• Storage security: set allowBlobPublicAccess to false by @eriqua in #356
• Correct typo roleAssigment -> roleAssignment by @MariusStorhaug in #355
• Updated expressRouteCircuits module with Local tier by @torivara in #358
• Fixed incorrect output that would only work if a certain param is provided by @MrMCake in #365
• Fixing AVD and storage by @eriqua in #366
• Align RBAC on Microsoft.AnalysisServices by @MariusStorhaug in #361
• Align RBAC on Microsoft.ApiManagement by @MariusStorhaug in #362
• Align RBAC on Microsoft.CognitiveServices by @MariusStorhaug in #364
• Align RBAC on Microsoft.Automation by @MariusStorhaug in #363
• Latest DEV to main by @MrMCake in #371
• Added ReadMe reference to wiki + moved script to tools by @MrMCake in #372
• Align RBAC on Microsoft.ContainerService by @MariusStorhaug in #374
• Align RBAC on Microsoft.ContainerRegistry by @MariusStorhaug in #375
• Align RBAC on Microsoft.Databricks by @MariusStorhaug in #376
• Align RBAC on Microsoft.DocumentDB by @MariusStorhaug in #379
• Align RBAC on Microsoft.EventGrid by @MariusStorhaug in #380
• Align RBAC on Microsoft.DesktopVirtualization by @MariusStorhaug in #378
• Align RBAC on Microsoft.DataFactory by @MariusStorhaug in #377
• Align RBAC on Microsoft.Web by @MariusStorhaug in #399
• Align RBAC on Microsoft.VirtualMachineImages by @MariusStorhaug in #398
• Align RBAC on Microsoft.Storage by @MariusStorhaug in #397
• Align RBAC on Microsoft.Sql by @MariusStorhaug in #395
• Align RBAC on Microsoft.ServiceBus by @MariusStorhaug in #394
• Align RBAC on Microsoft.Resources by @MariusStorhaug in #393
• Align RBAC on Microsoft.RecoveryServices by @MariusStorhaug in #392
• Align RBAC on Microsoft.OperationalInsights by @MariusStorhaug in #391
• Align RBAC on Microsoft.NetApp by @MariusStorhaug in #389
• Align RBAC on Microsoft.ManagedIdentity by @MariusStorhaug in #387
• Align RBAC on Microsoft.MachineLearningServices by @MariusStorhaug in #386
• Align RBAC on Microsoft.Logic by @MariusStorhaug in #385
• Align RBAC on Microsoft.KeyVault by @MariusStorhaug in #384
• Align RBAC on Microsoft.Insights by @MariusStorhaug in #383
• Fix avd applications by @eriqua in #396
• Align RBAC on Microsoft.Network by @MariusStorhaug in #390
• Align RBAC on Microsoft.HealthBot by @MariusStorhaug in #382
• Align RBAC on Microsoft.EventHub by @MariusStorhaug in #381
• Align RBAC on Microsoft.Management by @MariusStorhaug in #388
• Add RSV dependency by @eriqua in #402
• Add keyvault certificate to fix app gateway run by @eriqua in #406
• Align RBAC on Microsoft.Compute by @MariusStorhaug in #367
• Fix privateEndpoint module by @eriqua in #409
• Fix Virtual Network Gateway Dependencies by @eriqua in #408
• Change vpnSharedKey param not Required Parameter by @jceval in #370
• Cleaned up network modules & added output descriptions by @MrMCake in #420
• Cleaned up service bus module & added output descriptions by @MrMCake in #423
• Cleaned up api management modules & added output descriptions by @MrMCake in #424
• Disable MD034 Bare URLs rule + order settings by @MariusStorhaug in #425
• Cleaned up web modules & added output descriptions by @MrMCake in #422
• Cleaned up compute modules & added output descriptions by @MrMCake in #421
• Restructured EventHub to new child-resources structure by @MrMCake in #407
• Implemented private bicep registry publish by @MrMCake in #326
• Removed unsupported default value by @MrMCake in #429
• Users/alsehr/publish hot fix by @MrMCake in #430
• Users/torivara/virtual network gateways update by @torivara in #405
• Hotfix for Azure Policy Exemptions. Updated Policy Assignment ID and extended date by @ahmadabdalla in #433
• Users/rahalan/add vnet child resources by @rahalan in #428
• Update NetworkWatcher to new child-resource structure by @MariusStorhaug in #432
• Update PrivateEndpoints to new child-resource structure by @MariusStorhaug in #438
• Update Dependency pipeline after child restructure by @eriqua in #448
• Update reference to peering resource module by @jceval in #445
• Closes #340: Update AVD Application groups by @Msanzdelrio in #412
• Implemented a first version to allow for custom removal scripts & retry by @MrMCake in #431
• Minor fix for avd appgroup param name by @eriqua in #461
• Users/ahmad/dependency avd by @ahmadabdalla in #460
• Replace json('null') -> null by @MariusStorhaug in #464
• RBAC Construct - Moved builtInRoleNames to rbac module by @MariusStorhaug in #457
• RSV Child Resource Rework by @senavar in #441
• Tokens Replacement Service [Pilot] by @ahmadabdalla in #447
• Hotfix: Tokens Wiki by @ahmadabdalla in #473
• Microsoft.Automation\automationAccounts refactoring by @eriqua in #467
• Microsoft.OperationalInsights/workspaces refactoring by @Msanzdelrio in #463
• Parameter File Tokens: Improvements by @ahmadabdalla in #481
• Users/alsehr/simoneb ms removal by @MrMCake in #471
• Closes #347: Virtual Machine Module Refactor by @ahmadabdalla in #483
• Changed API management to child module structure by @rahalan in #475
• Restructured Repo to allow for ADO reference (+ minor bugfix) by @MrMCake in #485
• Fix local network gatway pipeline by @rahalan in #490
• add missing keyword Optional by @rahalan in #491
• Closes: #487 - Fixed Test-ModuleLocally Script Post Folder Restructures + Updated Links in Wiki by @ahmadabdalla in #488
• Dependency pipeline update by @eriqua in #477
• Refactored pester tests to not fail due to HTML conversion issues by @MrMCake in #501
• Users/alsehr/storage account child by @MrMCake in #499
• Update Microsoft.ContainerService/managedClusters to new child-resource structure by @lsnoddy in #494
• Hofix Microsoft.ContainerService agentPools Bugfix by @lsnoddy in #511
• Add missing API management childs into correct structure by @rahalan in #512
• Dependency pipeline update for sqlmi and pe by @eriqua in #520
• Fixed a missing child-structure-update for storage by @MrMCake in #509
• Automation account refactoring by @eriqua in #492
• Added a extended version for PipelineDesign & Pipeline Usage by @MrMCake in #519
• Users/simonb/339 galleries module by @simonbMS in #417
• Roll out new parameter inputs to all workflows by @eriqua in #522
• Added a 'vision' section to the wiki to explain the fundamental ideas of the platform in the greater scheme by @MrMCake in #514
• PR to fix file ref by @MrMCake in #524
• Fixed file ref by @MrMCake in #525
• Deployment of virtual gateway is failing, as the IP address has not set a zone, although the VPN GW is zone aware. by @rahalan in #503
• Re-write of Microsoft.Insights/schedulequeryrules by @FelixBorst in #513
• Hotfix: Fix wrong param file for scheduledqueryrules by @FelixBorst in #527
• Update dependency pipeline after galleries refactoring by @eriqua in #526
• Managed instance restructured by @MrMCake in #322
• Fix Microsoft.Web\sites by @eriqua in #532
• Change trigger on pipelines to get not triggered on changes in child resource readme files by @rahalan in #531
• Move SQL Server database childs into correct structure by @rahalan in #533
• Fix: Deploy V1 storage account by @rahalan in #536
• standardize rbac by @rahalan in #538
• Users/yimengyuan/privatednsrefactored by @Yimyames in #495
• Data Factory Child Resource Update by @senavar in #516
• Closes #274: Token Rollout to all workflows and parameter files by @ahmadabdalla in #500
• Child module names documentation change by @simonbMS in #541
• Hotfix - Private DNS Zone Name was using Token by @ahmadabdalla in #584
• Update Network ProviderNamespace to new RBAC structure, input params & child-resource ref by @MrMCake in #583
• Fix RBAC deployment for EventHubs by @rahalan in #544
• Update nested_rbac input parameter to resourceId by @rahalan in #585
• Refactored RSV to use existing by @MrMCake in #590
• Updated inputs, outputs & readme by @MrMCake in #594
• Updated inputs, outputs & readMe by @MrMCake in #593
• Update inputs, outputs & readme by @MrMCake in #595
• Updated resources namespace to naming pattern by @MrMCake in #586
• Users/simonb/fix workflows by @simonbMS in #599
• fix wrong split parameters for name by @rahalan in #601
• Implemented existing for key vault children by @MrMCake in #596
• Update inputs, outputs & readme by @MrMCake in #597
• Update the inputs, outputs und docs by @MrMCake in #592
• Update API with existing by @MrMCake in #619
• Updated Analysis Services to use name input parameter by @MrMCake in #618
• Update ImageTemplate to use name input parameter by @MrMCake in #617
• Updated batch to use name input parameter by @MrMCake in #615
• Updated cognitive services to use name input parameter by @MrMCake in #614
• Update budget to use name input parameter by @MrMCake in #613
• Update ContainerInstance to use name input parameter by @MrMCake in #612
• Updata Databricks to use name input param by @MrMCake in #611
• Updated DataFactory to use existing by @MrMCake in #610
• Updated ManagedClusters to use existing by @MrMCake in #609
• Updated DocumentDB to use existing by @MrMCake in #607
• Update to latest by @MrMCake in #606
• Update EventHub to use existing by @MrMCake in #605
• Update input parameter to name by @MrMCake in #604
• Updated AVD namespace to use existing by @MrMCake in #603
• Updated OMS to use existing by @MrMCake in #591
• Updated Microsoft.SQL to child-resource structure by @MrMCake in #587
• Added Variables + MI for AutomationAccounts by @MariusStorhaug in #589
• Update NetApp files module by @Msanzdelrio in #521
• Web Site child refactoring by @eriqua in #602
• Pipeline Streamlining PoC by @MrMCake in #534
• Small hotfix for incorrect removal loop by @MrMCake in #622
• Fix private bicep registry and private DNS zones dependencies by @eriqua in #621
• Account for linter complains about terminology by @MrMCake in #530
• Added pattern to ModuleDesign wiki by @MrMCake in #539
• Updated AutomationAccount with existing by @MrMCake in #616
• Fixed incorrect token by @MrMCake in #626
• Added scope section to wiki & fixed relative links by @MrMCake in #540
• Updated ACR name for bicep by @MrMCake in #627
• Updated ServiceBus to avoid concatination by @MrMCake in #588
• Minor fix for MI on AA by @MariusStorhaug in #628
• ManagedIdentity alignment for API Management by @MariusStorhaug in #620
• Update ASE & connection input parameters to use name by @MrMCake in #630
• Update AutoManage to use name input parameter by @MrMCake in #631
• Removed temporal workaround from Module ReadMe Script by @MrMCake in #639
• Fix Container Instances by @eriqua in #646
• Update Set-ModuleReadMe script by @MariusStorhaug in #638
• Aligned serveral modules to use name parameter by @MrMCake in #648
• Update the Getting Started section by @MrMCake in #641
• Closes #470: Tokens Pilot Feedback + Enhancements by @ahmadabdalla in #637
• Aligning all workflow names to use PascalCase by @eriqua in #653
• Align MI on CogniticeServices/Accounts by @MariusStorhaug in #640
• #443 Update child resources for insights/privateLinkScopes by @simonbMS in #655
• Fix #582: connectionMonitor readme.md parameter example error #582 by @MrMCake in #636
• (546) - Policy Set Definitions: Updated Module To Align with Other Resources by @ahmadabdalla in #647
• (546) - RoleAssignments: Updated Module To Align with Other Resources by @ahmadabdalla in #645
• Updated privateLinkScopes to existing by @MrMCake in #658
• Aligning top level modules readme titles to Start Case by @eriqua in #657
• Align plural in readme titles to be shown in the repo home readme by @eriqua in #660
• Attempt to be more explicit regarding the deployment names in Wiki by @MrMCake in #650
• Align MI on DocumentDB by @MariusStorhaug in #643
• Updated the Set-ModuleReadMe script to dynamically populate the ParameterUsage section(s) by @MrMCake in #665
• (546) - Policy Exemptions: Updated Module To Align with Other Resources by @ahmadabdalla in #668
• (546) - Policy Assignments: Updated Module To Align with Other Resources by @ahmadabdalla in #667
• Align MI on SQL MI by @MariusStorhaug in #671
• Adding diagnostics tests to all modules by @rahalan in #662
• Updated compute modules to use existing und name input parameter by @MrMCake in #633
• Align MI on SQL Servers by @MariusStorhaug in #672
• Align MI on Web Sites by @MariusStorhaug in #673
• Align MI on Service Bus Namespace by @MariusStorhaug in #674
• (546) - RoleDefinitions: Updated Module To Align with Other Resources by @ahmadabdalla in #642
• Applied fix to main ReadMe script by @MrMCake in #681
• Fix to dependency pipeline parameter files by @MrMCake in #683
• Align MI on Logic Apps by @MariusStorhaug in #679
• Align MI on Storage Account by @MariusStorhaug in #670
• Align MI on Recovery Service Vaults by @MariusStorhaug in #675
• Align MI on DeploymentScripts by @MariusStorhaug in #676
• (546) - Policy Definitions: Updated Module To Align with Other Resources by @ahmadabdalla in #649
• Fix Bastion Host by @eriqua in #663
• Update Storage to use existing by @MrMCake in #632
• Added dependency consideration for removal by @MrMCake in #689
• Align MI on ContainerInstance by @MariusStorhaug in #687
• Align MI on VM by @MariusStorhaug in #690
• Align MI on ContinerRegistry by @MariusStorhaug in #686
• Remove references to removal tags from the the wiki by @MrMCake in #664
• Align MI on EvenHub Namespace by @MariusStorhaug in #680
• Align MI on Data Factory by @MariusStorhaug in #682
• Align MI on ContainerService by @MariusStorhaug in #685
• Align MI on VM scale set by @MariusStorhaug in #688
• Users/erikag/ghdependencies 11 by @eriqua in #692
• Align MI on Network ApplicationGW by @MariusStorhaug in #677
• Update law 2nd step by @eriqua in #693
• Fix LAW dependency 3rd group by @eriqua in #694
• Align MI on MLServices by @MariusStorhaug in #684
• Update VMSS to child resource structure & align VM with it by @MrMCake in #691
• MI and readme Cleanup by @MariusStorhaug in #695
• Update the logs to differentiate in between function app & web app logs by @MrMCake in #696

New Contributors

• @torivara made their first contribution in #358
• @jceval made their first contribution in #370
• @lsnoddy made their first contribution in #494
• @FelixBorst made their first contribution in #513
• @Yimyames made their first contribution in #495

Full Changelog: v0.2.0...v0.3.0