From 36faa2bd33d6ae49ec734f41a50ef85c8b8f0c47 Mon Sep 17 00:00:00 2001 From: Seif Bassem <38246040+sebassem@users.noreply.github.com> Date: Sun, 10 Sep 2023 12:50:23 +0300 Subject: [PATCH] adding resource provider features and readme --- .../scripts/Register-SubResourceProviders.ps1 | 89 ++++++++ README.md | 1 + ...le-5-Hub-and-Spoke-With-RP-registration.md | 190 ++++++++++++++++++ main.bicep | 164 +++++++++++++++ main.bicep.parameters.md | 35 ++++ src/self/subResourceWrapper/deploy.bicep | 111 +--------- 6 files changed, 490 insertions(+), 100 deletions(-) create mode 100644 .github/scripts/Register-SubResourceProviders.ps1 create mode 100644 docs/wiki/Example-5-Hub-and-Spoke-With-RP-registration.md diff --git a/.github/scripts/Register-SubResourceProviders.ps1 b/.github/scripts/Register-SubResourceProviders.ps1 new file mode 100644 index 00000000..58b7dcde --- /dev/null +++ b/.github/scripts/Register-SubResourceProviders.ps1 @@ -0,0 +1,89 @@ +param( + [string]$subscriptionId, + [string]$resourceProviders, + [string]$resourceProvidersFeatures +) + +$ErrorActionPreference = "SilentlyContinue" +# Selecting the right subscription +Select-AzSubscription -SubscriptionId $subscriptionId + +# Defining variables +$providers = $resourceProviders | ConvertFrom-Json +$features = $resourceProvidersFeatures | ConvertFrom-Json +$failedProviders = "" +$failedFeatures = "" +$DeploymentScriptOutputs = @{} + +######################################### +## Registering the resource providers +######################################### + +foreach ($provider in $providers ) { + try { + $providerStatus = (Get-AzResourceProvider -ListAvailable | Where-Object ProviderNamespace -eq $provider).registrationState + # Check if the providered is registered + if ($providerStatus -ne 'Registered') { + Write-Output "`n Registering the '$provider' provider" + if (Register-AzResourceProvider -ProviderNamespace $provider) { + Write-Output "`n The '$provider' has been registered successfully" + } + else { + Write-Output "`n The '$provider' provider has not been registered successfully" + $failedProviders += ",$provider" + } + } + if ($failedProviders.length -gt 0) { + $output = $failedProviders.substring(1) + } + else { + $output = "N/A" + } + $DeploymentScriptOutputs["failedProviderRegistrations"] = $output + } + catch { + Write-Output "`n There was a problem registering the '$provider' provider. Please make sure this provider namespace is valid" + } +} + +################################################## +## Registering the resource providers features +################################################## + +if ($features.length -gt 0) { + foreach ($feature in $features) { + # Define variables + try { + $feature = (Get-AzProviderFeature -ListAvailable | Where-Object FeatureName -eq $feature) + $featureName = $feature.FeatureName + $featureStatus = $feature.RegistrationState + $featureProvider = $feature.ProviderName + # Check if the feature is registered + if ($featureStatus -eq 'NotRegistered') { + Write-Output "`n Registering the '$featureName' feature" + # Check if the feature's resource provider is registered, if not then register first + $providerStatus = (Get-AzResourceProvider -ListAvailable | Where-Object ProviderNamespace -eq $featureProvider).RegistrationState + if ($providerStatus -ne 'Registered') { + if (Register-AzResourceProvider -ProviderNamespace $featureProvider) { + Write-Output "`n The '$featureProvider' has been registered successfully" + Register-AzProviderFeature -FeatureName $featureName -ProviderNamespace $featureProvider + } + else { + Write-Output "`n The '$featureName' feature has not been registered successfully" + $failedFeatures += ",$featureName" + } + } + } + if ($failedFeatures.length -gt 0) { + $output = $failedFeatures.substring(1) + } + else { + $output = "N/A" + } + $DeploymentScriptOutputs["failedFeaturesRegistrations"] = $output + } + catch { + Write-Output "`n There was a problem registering the '$featureName' feature. Please make sure this feature name is valid" + } + } +} diff --git a/README.md b/README.md index 96a5ec97..0b860419 100644 --- a/README.md +++ b/README.md @@ -25,6 +25,7 @@ This is currently split logically into the following capabilities: - Specify Custom DNS Servers - Role assignments - Tags +- Resource providers and resource providers features registration > When creating Virtual Network peerings, be aware of the [limit of peerings per Virtual Network.](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=%2Fazure%2Fvirtual-network%2Ftoc.json#azure-resource-manager-virtual-networking-limits) diff --git a/docs/wiki/Example-5-Hub-and-Spoke-With-RP-registration.md b/docs/wiki/Example-5-Hub-and-Spoke-With-RP-registration.md new file mode 100644 index 00000000..db03839a --- /dev/null +++ b/docs/wiki/Example-5-Hub-and-Spoke-With-RP-registration.md @@ -0,0 +1,190 @@ + +## Example 5 - Landing Zone (Subscription) with a spoke Virtual Network peered to a Hub Virtual Network and resource providers registration + +### Bicep Module Registry + +Here is a simple example Bicep file for deploying a landing zone (Subscription) with a spoke Virtual Network peered to a Hub Virtual Network, resource providers and features registration using the [Bicep Module Registry](https://github.com/Azure/bicep-registry-modules): + +```bicep +targetScope = 'managementGroup' + +@description('Specifies the location for resources.') +param location string = 'uksouth' + +module sub003 'br/public:lz/sub-vending:1.4.1' = { + name: 'sub-bicep-lz-vending-example-001' + params: { + subscriptionAliasEnabled: true + subscriptionBillingScope: '/providers/Microsoft.Billing/billingAccounts/1234567/enrollmentAccounts/123456' + subscriptionAliasName: 'sub-bicep-lz-vending-example-001' + subscriptionDisplayName: 'sub-bicep-lz-vending-example-001' + subscriptionTags: { + test: 'true' + } + subscriptionWorkload: 'Production' + subscriptionManagementGroupAssociationEnabled: true + subscriptionManagementGroupId: 'alz-landingzones-corp' + virtualNetworkEnabled: true + virtualNetworkLocation: location + virtualNetworkResourceGroupName: 'rsg-${location}-net-001' + virtualNetworkName: 'vnet-${location}-001' + virtualNetworkAddressSpace: [ + '10.0.0.0/16' + ] + virtualNetworkResourceGroupLockEnabled: false + virtualNetworkPeeringEnabled: true + hubNetworkResourceId: '/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/rsg-uks-net-hub-001/providers/Microsoft.Network/virtualNetworks/vnet-uks-hub-001' + resourceProviders : [ + 'Microsoft.Compute' + 'Microsoft.AVS' + ] + resourceProvidersFeatures: [ + 'AzureServicesVm' + 'InGuestHotPatchVMPreview' + ] + } +} +``` + +### ARM JSON Parameter File + +Here is a simple example parameter file for deploying a landing zone (Subscription) with a spoke Virtual Network peered to a Hub Virtual Network, resource providers and features registration: + +```json +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "subscriptionAliasEnabled": { + "value": true + }, + "subscriptionDisplayName": { + "value": "sub-bicep-lz-vending-example-001" + }, + "subscriptionAliasName": { + "value": "sub-bicep-lz-vending-example-001" + }, + "subscriptionBillingScope": { + "value": "providers/Microsoft.Billing/billingAccounts/1234567/enrollmentAccounts/123456" + }, + "subscriptionWorkload": { + "value": "Production" + }, + "existingSubscriptionId": { + "value": "" + }, + "subscriptionManagementGroupAssociationEnabled": { + "value": true + }, + "subscriptionManagementGroupId": { + "value": "alz-landingzones-corp" + }, + "subscriptionTags": { + "value": { + "Cost-Center": "ABC123", + "Usage": "Example" + } + }, + "virtualNetworkEnabled": { + "value": true + }, + "virtualNetworkResourceGroupName": { + "value": "rg-networking-001" + }, + "virtualNetworkResourceGroupTags": { + "value": { + "Cost-Center": "ABC123", + "Usage": "Example", + "Managed-By": "Platform Team" + } + }, + "virtualNetworkResourceGroupLockEnabled": { + "value": true + }, + "virtualNetworkLocation": { + "value": "uksouth" + }, + "virtualNetworkName": { + "value": "vnet-example-001" + }, + "virtualNetworkTags": { + "value": { + "Cost-Center": "ABC123", + "Usage": "Example", + "Managed-By": "Platform Team" + } + }, + "virtualNetworkAddressSpace": { + "value": [ + "10.0.0.0/16" + ] + }, + "virtualNetworkDnsServers": { + "value": [ + "10.4.1.4", + "10.2.1.5" + ] + }, + "virtualNetworkDdosPlanId": { + "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/rg-hub-network-001/providers/Microsoft.Network/ddosProtectionPlans/ddos-001" + }, + "virtualNetworkPeeringEnabled": { + "value": true + }, + "hubNetworkResourceId": { + "value": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/rg-hub-network-001/providers/Microsoft.Network/virtualNetworks/vnet-hub-001" + }, + "virtualNetworkUseRemoteGateways": { + "value": true + }, + "virtualNetworkVwanAssociatedRouteTableResourceId": { + "value": "" + }, + "virtualNetworkVwanPropagatedRouteTablesResourceIds": { + "value": [] + }, + "virtualNetworkVwanPropagatedLabels": { + "value": [] + }, + "roleAssignmentEnabled": { + "value": true + }, + "roleAssignments": { + "value": [ + { + "principalId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", + "definition": "Contributor", + "relativeScope": "" + }, + { + "principalId": "yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy", + "definition": "/providers/Microsoft.Authorization/roleDefinitions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", + "relativeScope": "" + }, + { + "principalId": "zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzzzzzz", + "definition": "Reader", + "relativeScope": "/resourceGroups/rg-networking-001" + } + ] + }, + "resourceProviders":{ + "value":[ + "Microsoft.Compute", + "Microsoft.AVS" + ] + }, + "resourceProvidersFeatures":{ + "value":[ + "AzureServicesVm", + "InGuestHotPatchVMPreview" + ] + }, + "disableTelemetry": { + "value": false + } + } +} +``` + +Back to [Examples](Examples) diff --git a/main.bicep b/main.bicep index 9ee8f7cb..5c872956 100644 --- a/main.bicep +++ b/main.bicep @@ -453,6 +453,165 @@ param deploymentScriptName string = 'ds-${deployment().location}-${guid}' @sys.description('The name of the user managed identity for the resource providers registration deployment script.') param deploymentScriptManagedIdentityName string = 'id-${deployment().location}-${guid}' + +@metadata({ + example: [ + 'Microsoft.Compute' + 'Microsoft.Storage' + ] +}) +@sys.description('''An array of resource providers features to register. If left blank/empty, the default resource providers will be registered. +- Type: `[]` Array +- Default value: `[ + 'Microsoft.ApiManagement' + 'Microsoft.AppPlatform' + 'Microsoft.Authorization' + 'Microsoft.Automation' + 'Microsoft.AVS' + 'Microsoft.Blueprint' + 'Microsoft.BotService' + 'Microsoft.Cache' + 'Microsoft.Cdn' + 'Microsoft.CognitiveServices' + 'Microsoft.Compute' + 'Microsoft.ContainerInstance' + 'Microsoft.ContainerRegistry' + 'Microsoft.ContainerService' + 'Microsoft.CostManagement' + 'Microsoft.CustomProviders' + 'Microsoft.Databricks' + 'Microsoft.DataLakeAnalytics' + 'Microsoft.DataLakeStore' + 'Microsoft.DataMigration' + 'Microsoft.DataProtection' + 'Microsoft.DBforMariaDB' + 'Microsoft.DBforMySQL' + 'Microsoft.DBforPostgreSQL' + 'Microsoft.DesktopVirtualization' + 'Microsoft.Devices' + 'Microsoft.DevTestLab' + 'Microsoft.DocumentDB' + 'Microsoft.EventGrid' + 'Microsoft.EventHub' + 'Microsoft.HDInsight' + 'Microsoft.HealthcareApis' + 'Microsoft.GuestConfiguration' + 'Microsoft.KeyVault' + 'Microsoft.Kusto' + 'microsoft.insights' + 'Microsoft.Logic' + 'Microsoft.MachineLearningServices' + 'Microsoft.Maintenance' + 'Microsoft.ManagedIdentity' + 'Microsoft.ManagedServices' + 'Microsoft.Management' + 'Microsoft.Maps' + 'Microsoft.MarketplaceOrdering' + 'Microsoft.Media' + 'Microsoft.MixedReality' + 'Microsoft.Network' + 'Microsoft.NotificationHubs' + 'Microsoft.OperationalInsights' + 'Microsoft.OperationsManagement' + 'Microsoft.PolicyInsights' + 'Microsoft.PowerBIDedicated' + 'Microsoft.Relay' + 'Microsoft.RecoveryServices' + 'Microsoft.Resources' + 'Microsoft.Search' + 'Microsoft.Security' + 'Microsoft.SecurityInsights' + 'Microsoft.ServiceBus' + 'Microsoft.ServiceFabric' + 'Microsoft.Sql' + 'Microsoft.Storage' + 'Microsoft.StreamAnalytics' + 'Microsoft.TimeSeriesInsights' + 'Microsoft.Web' +]` +''') +@sys.description('Supply an array of resource providers to register.') +param resourceProviders array = [ + 'Microsoft.ApiManagement' + 'Microsoft.AppPlatform' + 'Microsoft.Authorization' + 'Microsoft.Automation' + 'Microsoft.AVS' + 'Microsoft.Blueprint' + 'Microsoft.BotService' + 'Microsoft.Cache' + 'Microsoft.Cdn' + 'Microsoft.CognitiveServices' + 'Microsoft.Compute' + 'Microsoft.ContainerInstance' + 'Microsoft.ContainerRegistry' + 'Microsoft.ContainerService' + 'Microsoft.CostManagement' + 'Microsoft.CustomProviders' + 'Microsoft.Databricks' + 'Microsoft.DataLakeAnalytics' + 'Microsoft.DataLakeStore' + 'Microsoft.DataMigration' + 'Microsoft.DataProtection' + 'Microsoft.DBforMariaDB' + 'Microsoft.DBforMySQL' + 'Microsoft.DBforPostgreSQL' + 'Microsoft.DesktopVirtualization' + 'Microsoft.Devices' + 'Microsoft.DevTestLab' + 'Microsoft.DocumentDB' + 'Microsoft.EventGrid' + 'Microsoft.EventHub' + 'Microsoft.HDInsight' + 'Microsoft.HealthcareApis' + 'Microsoft.GuestConfiguration' + 'Microsoft.KeyVault' + 'Microsoft.Kusto' + 'microsoft.insights' + 'Microsoft.Logic' + 'Microsoft.MachineLearningServices' + 'Microsoft.Maintenance' + 'Microsoft.ManagedIdentity' + 'Microsoft.ManagedServices' + 'Microsoft.Management' + 'Microsoft.Maps' + 'Microsoft.MarketplaceOrdering' + 'Microsoft.Media' + 'Microsoft.MixedReality' + 'Microsoft.Network' + 'Microsoft.NotificationHubs' + 'Microsoft.OperationalInsights' + 'Microsoft.OperationsManagement' + 'Microsoft.PolicyInsights' + 'Microsoft.PowerBIDedicated' + 'Microsoft.Relay' + 'Microsoft.RecoveryServices' + 'Microsoft.Resources' + 'Microsoft.Search' + 'Microsoft.Security' + 'Microsoft.SecurityInsights' + 'Microsoft.ServiceBus' + 'Microsoft.ServiceFabric' + 'Microsoft.Sql' + 'Microsoft.Storage' + 'Microsoft.StreamAnalytics' + 'Microsoft.TimeSeriesInsights' + 'Microsoft.Web' +] + + +@metadata({ + example: [ + 'InGuestPatchVMPreview' + 'LiveResize' + ] +}) +@sys.description('''An array of resource providers features to register. If left blank/empty, no features will be registered. +- Type: `[]` Array +- Default value: `[]` *(empty array)* +''') +param resourceProvidersFeatures array = [] + // VARIABLES var existingSubscriptionIDEmptyCheck = empty(existingSubscriptionId) ? 'No Subscription ID Provided' : existingSubscriptionId @@ -523,6 +682,8 @@ module createSubscriptionResources 'src/self/subResourceWrapper/deploy.bicep' = deploymentScriptResourceGroupName: deploymentScriptResourceGroupName deploymentScriptName: deploymentScriptName deploymentScriptManagedIdentityName: deploymentScriptManagedIdentityName + resourceProviders: resourceProviders + resourceProvidersFeatures: resourceProvidersFeatures } } @@ -542,3 +703,6 @@ output subscriptionAcceptOwnershipUrl string = (subscriptionAliasEnabled && empt @sys.description('The resource providers that filed to register') output failedResourceProviders string = createSubscriptionResources.outputs.failedProviders + +@sys.description('The resource providers features that filed to register') +output failedResourceProvidersFeatures string = createSubscriptionResources.outputs.failedFeatures diff --git a/main.bicep.parameters.md b/main.bicep.parameters.md index 833dcb9e..ae607a26 100644 --- a/main.bicep.parameters.md +++ b/main.bicep.parameters.md @@ -42,6 +42,8 @@ virtualNetworkVwanPropagatedRouteTablesResourceIds | No | An array of of o virtualNetworkVwanPropagatedLabels | No | An array of virtual hub route table labels to propagate routes to. If left blank/empty the default label will be propagated to only. - Type: `[]` Array - Default value: `[]` *(empty array)* roleAssignmentEnabled | No | Whether to create role assignments or not. If true, supply the array of role assignment objects in the parameter called `roleAssignments`. - Type: Boolean roleAssignments | No | Supply an array of objects containing the details of the role assignments to create. Each object must contain the following `keys`: - `principalId` = The Object ID of the User, Group, SPN, Managed Identity to assign the RBAC role too. - `definition` = The Name of built-In RBAC Roles or a Resource ID of a Built-in or custom RBAC Role Definition. - `relativeScope` = 2 options can be provided for input value: 1. `''` *(empty string)* = Make RBAC Role Assignment to Subscription scope 2. `'/resourceGroups/'` = Make RBAC Role Assignment to specified Resource Group > See below [example in parameter file](#parameter-file) of various combinations - Type: `[]` Array - Default value: `[]` *(empty array)* +resourceProviders | No | Supply an array of strings containing the resource providers to register on the subscription, e.g. `["Microsoft.Compute","Microsoft.Storage"]` - Type: `[]` Array - Default value: `['Microsoft.ApiManagement','Microsoft.AppPlatform','Microsoft.Authorization','Microsoft.Automation','Microsoft.AVS','Microsoft.Blueprint','Microsoft.BotService','Microsoft.Cache','Microsoft.Cdn','Microsoft.CognitiveServices','Microsoft.Compute','Microsoft.ContainerInstance','Microsoft.ContainerRegistry','Microsoft.ContainerService','Microsoft.CostManagement','Microsoft.CustomProviders','Microsoft.Databricks','Microsoft.DataLakeAnalytics','Microsoft.DataLakeStore','Microsoft.DataMigration','Microsoft.DataProtection','Microsoft.DBforMariaDB','Microsoft.DBforMySQL','Microsoft.DBforPostgreSQL','Microsoft.DesktopVirtualization','Microsoft.Devices','Microsoft.DevTestLab','Microsoft.DocumentDB','Microsoft.EventGrid','Microsoft.EventHub','Microsoft.HDInsight','Microsoft.HealthcareApis','Microsoft.GuestConfiguration','Microsoft.KeyVault','Microsoft.Kusto','microsoft.insights','Microsoft.Logic','Microsoft.MachineLearningServices','Microsoft.Maintenance','Microsoft.ManagedIdentity','Microsoft.ManagedServices','Microsoft.Management','Microsoft.Maps','Microsoft.MarketplaceOrdering','Microsoft.Media','Microsoft.MixedReality','Microsoft.Network','Microsoft.NotificationHubs','Microsoft.OperationalInsights','Microsoft.OperationsManagement','Microsoft.PolicyInsights','Microsoft.PowerBIDedicated','Microsoft.Relay','Microsoft.RecoveryServices','Microsoft.Resources','Microsoft.Search','Microsoft.Security','Microsoft.SecurityInsights','Microsoft.ServiceBus','Microsoft.ServiceFabric','Microsoft.Sql','Microsoft.Storage','Microsoft.StreamAnalytics','Microsoft.TimeSeriesInsights','Microsoft.Web']` +resourceProvidersFeatures | No | Supply an array of strings containing the resource providers features to register on the subscription, e.g. `["AzureServicesVm","InGuestHotPatchVMPreview"]` - Type: `[]` Array - Default value: `[]` *(empty array)* disableTelemetry | No | Disable telemetry collection by this module. For more information on the telemetry collected by this module, that is controlled by this parameter, see this page in the wiki: [Telemetry Tracking Using Customer Usage Attribution (PID)](https://github.com/Azure/bicep-lz-vending/wiki/Telemetry) ### subscriptionAliasEnabled @@ -470,6 +472,27 @@ Each object must contain the following `keys`: - Type: `[]` Array - Default value: `[]` *(empty array)* +### resourceProviders + +![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square) + +Supply an array of strings containing the resource providers to register on the subscription, e.g. `["Microsoft.Compute","Microsoft.Storage"]` + +> A resoure group gets created in the subscription with a deployment script and a user-assigned managed identity. This resource group needs to be manually deleted if not needed after the resource providers registration process. + +- Type: `[]` Array +- Default value: `['Microsoft.ApiManagement','Microsoft.AppPlatform','Microsoft.Authorization','Microsoft.Automation','Microsoft.AVS','Microsoft.Blueprint','Microsoft.BotService','Microsoft.Cache','Microsoft.Cdn','Microsoft.CognitiveServices','Microsoft.Compute','Microsoft.ContainerInstance','Microsoft.ContainerRegistry','Microsoft.ContainerService','Microsoft.CostManagement','Microsoft.CustomProviders','Microsoft.Databricks','Microsoft.DataLakeAnalytics','Microsoft.DataLakeStore','Microsoft.DataMigration','Microsoft.DataProtection','Microsoft.DBforMariaDB','Microsoft.DBforMySQL','Microsoft.DBforPostgreSQL','Microsoft.DesktopVirtualization','Microsoft.Devices','Microsoft.DevTestLab','Microsoft.DocumentDB','Microsoft.EventGrid','Microsoft.EventHub','Microsoft.HDInsight','Microsoft.HealthcareApis','Microsoft.GuestConfiguration','Microsoft.KeyVault','Microsoft.Kusto','microsoft.insights','Microsoft.Logic','Microsoft.MachineLearningServices','Microsoft.Maintenance','Microsoft.ManagedIdentity','Microsoft.ManagedServices','Microsoft.Management','Microsoft.Maps','Microsoft.MarketplaceOrdering','Microsoft.Media','Microsoft.MixedReality','Microsoft.Network','Microsoft.NotificationHubs','Microsoft.OperationalInsights','Microsoft.OperationsManagement','Microsoft.PolicyInsights','Microsoft.PowerBIDedicated','Microsoft.Relay','Microsoft.RecoveryServices','Microsoft.Resources','Microsoft.Search','Microsoft.Security','Microsoft.SecurityInsights','Microsoft.ServiceBus','Microsoft.ServiceFabric','Microsoft.Sql','Microsoft.Storage','Microsoft.StreamAnalytics','Microsoft.TimeSeriesInsights','Microsoft.Web']` + +### resourceProvidersFeatures + +![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square) + +Supply an array of strings containing the resource providers features to register on the subscription, e.g. `["AzureServicesVm","InGuestHotPatchVMPreview"]` + +> A resoure group gets created in the subscription with a deployment script and a user-assigned managed identity. This resource group needs to be manually deleted if not needed after the resource providers features registration process. + +- Type: `[]` Array +- Default value: `[]` *(empty array)* ### disableTelemetry @@ -642,6 +665,18 @@ subscriptionAcceptOwnershipUrl | string | The Subscription Ownership URL. Only u } ] }, + "resourceProviders": { + "value": [ + "Microsoft.Compute", + "Microsoft.Storage" + ] + }, + "resourceProvidersFeatures": { + "value": [ + "AzureServicesVm", + "InGuestHotPatchVMPreview" + ] + }, "disableTelemetry": { "value": false } diff --git a/src/self/subResourceWrapper/deploy.bicep b/src/self/subResourceWrapper/deploy.bicep index 28d35c83..740908b6 100644 --- a/src/self/subResourceWrapper/deploy.bicep +++ b/src/self/subResourceWrapper/deploy.bicep @@ -99,73 +99,10 @@ param deploymentScriptLocation string = deployment().location param deploymentScriptName string @sys.description('Supply an array of resource providers to register.') -param resourceProviders array = [ - 'Microsoft.ApiManagement' - 'Microsoft.AppPlatform' - 'Microsoft.Authorization' - 'Microsoft.Automation' - 'Microsoft.AVS' - 'Microsoft.Blueprint' - 'Microsoft.BotService' - 'Microsoft.Cache' - 'Microsoft.Cdn' - 'Microsoft.CognitiveServices' - 'Microsoft.Compute' - 'Microsoft.ContainerInstance' - 'Microsoft.ContainerRegistry' - 'Microsoft.ContainerService' - 'Microsoft.CostManagement' - 'Microsoft.CustomProviders' - 'Microsoft.Databricks' - 'Microsoft.DataLakeAnalytics' - 'Microsoft.DataLakeStore' - 'Microsoft.DataMigration' - 'Microsoft.DataProtection' - 'Microsoft.DBforMariaDB' - 'Microsoft.DBforMySQL' - 'Microsoft.DBforPostgreSQL' - 'Microsoft.DesktopVirtualization' - 'Microsoft.Devices' - 'Microsoft.DevTestLab' - 'Microsoft.DocumentDB' - 'Microsoft.EventGrid' - 'Microsoft.EventHub' - 'Microsoft.HDInsight' - 'Microsoft.HealthcareApis' - 'Microsoft.GuestConfiguration' - 'Microsoft.KeyVault' - 'Microsoft.Kusto' - 'microsoft.insights' - 'Microsoft.Logic' - 'Microsoft.MachineLearningServices' - 'Microsoft.Maintenance' - 'Microsoft.ManagedIdentity' - 'Microsoft.ManagedServices' - 'Microsoft.Management' - 'Microsoft.Maps' - 'Microsoft.MarketplaceOrdering' - 'Microsoft.Media' - 'Microsoft.MixedReality' - 'Microsoft.Network' - 'Microsoft.NotificationHubs' - 'Microsoft.OperationalInsights' - 'Microsoft.OperationsManagement' - 'Microsoft.PolicyInsights' - 'Microsoft.PowerBIDedicated' - 'Microsoft.Relay' - 'Microsoft.RecoveryServices' - 'Microsoft.Resources' - 'Microsoft.Search' - 'Microsoft.Security' - 'Microsoft.SecurityInsights' - 'Microsoft.ServiceBus' - 'Microsoft.ServiceFabric' - 'Microsoft.Sql' - 'Microsoft.Storage' - 'Microsoft.StreamAnalytics' - 'Microsoft.TimeSeriesInsights' - 'Microsoft.Web' -] +param resourceProviders array =[] + +@sys.description('Supply an array of resource providers features to register.') +param resourceProvidersFeatures array =[] @sys.description('The name of the user managed identity for the resource providers registration deployment script.') param deploymentScriptManagedIdentityName string @@ -217,6 +154,8 @@ var enableTelemetryForCarml = !disableTelemetry var resourceProvidersFormatted = replace(string(resourceProviders), '"', '\\"') +var resourceProvidersFeaturesFormatted = replace(string(resourceProvidersFeatures), '"', '\\"') + // RESOURCES & MODULES module moveSubscriptionToManagementGroup '../Microsoft.Management/managementGroups/subscriptions/deploy.bicep' = if (subscriptionManagementGroupAssociationEnabled && !empty(subscriptionManagementGroupId)) { @@ -413,41 +352,13 @@ module registerResourceProviders '../../carml/v0.6.0/Microsoft.Resources/deploym userAssignedIdentities: { '${createDeploymentScriptManagedIdentity.outputs.resourceId}': {} } - arguments: '-resourceProviders \'${resourceProvidersFormatted}\' -subscriptionId ${subscriptionId}' - scriptContent: ''' - param( - [string]$subscriptionId, - [string]$resourceProviders - ) - - Select-AzSubscription -SubscriptionId $subscriptionId - $providers = $resourceProviders | ConvertFrom-Json - $failedProviders = "" - $DeploymentScriptOutputs = @{} - foreach ($provider in $providers ) { - $providerStatus = (Get-AzResourceProvider -ListAvailable | Where-Object ProviderNamespace -eq $provider).registrationState - if ($providerStatus -ne 'Registered') { - Write-Output "`n Registering the '$provider' provider" - if (Register-AzResourceProvider -ProviderNamespace $provider -ErrorAction SilentlyContinue) { - Write-Output "`n The '$provider' has been registered successfully" - } - else { - Write-Output "`n The '$provider' has not been registered successfully" - $failedProviders += ",$provider" - } - } - if($failedProviders.length -gt 0){ - $output = $failedProviders.substring(1) - } - else{ - $output = "N/A" - } - $DeploymentScriptOutputs["failedRegistrations"] = $output - } - ''' + arguments: '-resourceProviders \'${resourceProvidersFormatted}\' -resourceProvidersFeatures \'${resourceProvidersFeaturesFormatted}\' -subscriptionId ${subscriptionId}' + scriptContent: loadTextContent('../../../.github/scripts/Register-SubResourceProviders.ps1') } } // OUTPUTS -output failedProviders string = registerResourceProviders.outputs.outputs['failedRegistrations'] +output failedProviders string = registerResourceProviders.outputs.outputs['failedProviderRegistrations'] +output failedFeatures string = registerResourceProviders.outputs.outputs['failedFeaturesRegistrations'] +