-
-via JSON Parameter file
-
-```json
-{
- "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
- "contentVersion": "1.0.0.0",
- "parameters": {
- // Required parameters
- "groupIds": {
- "value": [
- "vault"
- ]
- },
- "name": {
- "value": "npemin001"
- },
- "serviceResourceId": {
- "value": "
-
-### Example 2: _Using large parameter set_
-
-This instance deploys the module with most of its features enabled.
-
-
-via Bicep module
-
-```bicep
-module privateEndpoint 'br:bicep/modules/network.private-endpoint:1.0.0' = {
- name: '${uniqueString(deployment().name, location)}-test-npemax'
- params: {
- // Required parameters
- groupIds: [
- 'vault'
- ]
- name: 'npemax001'
- serviceResourceId: '
-
-via JSON Parameter file
-
-```json
-{
- "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
- "contentVersion": "1.0.0.0",
- "parameters": {
- // Required parameters
- "groupIds": {
- "value": [
- "vault"
- ]
- },
- "name": {
- "value": "npemax001"
- },
- "serviceResourceId": {
- "value": "
-
-### Example 3: _WAF-aligned_
-
-This instance deploys the module in alignment with the best-practices of the Azure Well-Architected Framework.
-
-
-via Bicep module
-
-```bicep
-module privateEndpoint 'br:bicep/modules/network.private-endpoint:1.0.0' = {
- name: '${uniqueString(deployment().name, location)}-test-npewaf'
- params: {
- // Required parameters
- groupIds: [
- 'vault'
- ]
- name: 'npewaf001'
- serviceResourceId: '
-
-via JSON Parameter file
-
-```json
-{
- "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
- "contentVersion": "1.0.0.0",
- "parameters": {
- // Required parameters
- "groupIds": {
- "value": [
- "vault"
- ]
- },
- "name": {
- "value": "npewaf001"
- },
- "serviceResourceId": {
- "value": "
- - -## Parameters - -**Required parameters** - -| Parameter | Type | Description | -| :-- | :-- | :-- | -| [`groupIds`](#parameter-groupids) | array | Subtype(s) of the connection to be created. The allowed values depend on the type serviceResourceId refers to. | -| [`name`](#parameter-name) | string | Name of the private endpoint resource to create. | -| [`serviceResourceId`](#parameter-serviceresourceid) | string | Resource ID of the resource that needs to be connected to the network. | -| [`subnetResourceId`](#parameter-subnetresourceid) | string | Resource ID of the subnet where the endpoint needs to be created. | - -**Optional parameters** - -| Parameter | Type | Description | -| :-- | :-- | :-- | -| [`applicationSecurityGroupResourceIds`](#parameter-applicationsecuritygroupresourceids) | array | Application security groups in which the private endpoint IP configuration is included. | -| [`customDnsConfigs`](#parameter-customdnsconfigs) | array | Custom DNS configurations. | -| [`customNetworkInterfaceName`](#parameter-customnetworkinterfacename) | string | The custom name of the network interface attached to the private endpoint. | -| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable/Disable usage telemetry for module. | -| [`ipConfigurations`](#parameter-ipconfigurations) | array | A list of IP configurations of the private endpoint. This will be used to map to the First Party Service endpoints. | -| [`location`](#parameter-location) | string | Location for all Resources. | -| [`lock`](#parameter-lock) | object | The lock settings of the service. | -| [`manualPrivateLinkServiceConnections`](#parameter-manualprivatelinkserviceconnections) | array | Manual PrivateLink Service Connections. | -| [`privateDnsZoneGroupName`](#parameter-privatednszonegroupname) | string | The name of the private DNS zone group to create if `privateDnsZoneResourceIds` were provided. | -| [`privateDnsZoneResourceIds`](#parameter-privatednszoneresourceids) | array | The private DNS zone groups to associate the private endpoint. A DNS zone group can support up to 5 DNS zones. | -| [`roleAssignments`](#parameter-roleassignments) | array | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | -| [`tags`](#parameter-tags) | object | Tags to be applied on all resources/resource groups in this deployment. | - -### Parameter: `groupIds` - -Subtype(s) of the connection to be created. The allowed values depend on the type serviceResourceId refers to. - -- Required: Yes -- Type: array - -### Parameter: `name` - -Name of the private endpoint resource to create. - -- Required: Yes -- Type: string - -### Parameter: `serviceResourceId` - -Resource ID of the resource that needs to be connected to the network. - -- Required: Yes -- Type: string - -### Parameter: `subnetResourceId` - -Resource ID of the subnet where the endpoint needs to be created. - -- Required: Yes -- Type: string - -### Parameter: `applicationSecurityGroupResourceIds` - -Application security groups in which the private endpoint IP configuration is included. - -- Required: No -- Type: array - -### Parameter: `customDnsConfigs` - -Custom DNS configurations. - -- Required: No -- Type: array - -**Required parameters** - -| Parameter | Type | Description | -| :-- | :-- | :-- | -| [`fqdn`](#parameter-customdnsconfigsfqdn) | string | Fqdn that resolves to private endpoint ip address. | -| [`ipAddresses`](#parameter-customdnsconfigsipaddresses) | array | A list of private ip addresses of the private endpoint. | - -### Parameter: `customDnsConfigs.fqdn` - -Fqdn that resolves to private endpoint ip address. - -- Required: Yes -- Type: string - -### Parameter: `customDnsConfigs.ipAddresses` - -A list of private ip addresses of the private endpoint. - -- Required: Yes -- Type: array - -### Parameter: `customNetworkInterfaceName` - -The custom name of the network interface attached to the private endpoint. - -- Required: No -- Type: string - -### Parameter: `enableDefaultTelemetry` - -Enable/Disable usage telemetry for module. - -- Required: No -- Type: bool -- Default: `True` - -### Parameter: `ipConfigurations` - -A list of IP configurations of the private endpoint. This will be used to map to the First Party Service endpoints. - -- Required: No -- Type: array - -**Required parameters** - -| Parameter | Type | Description | -| :-- | :-- | :-- | -| [`name`](#parameter-ipconfigurationsname) | string | The name of the resource that is unique within a resource group. | -| [`properties`](#parameter-ipconfigurationsproperties) | object | Properties of private endpoint IP configurations. | - -### Parameter: `ipConfigurations.name` - -The name of the resource that is unique within a resource group. - -- Required: Yes -- Type: string - -### Parameter: `ipConfigurations.properties` - -Properties of private endpoint IP configurations. - -- Required: Yes -- Type: object - -### Parameter: `location` - -Location for all Resources. - -- Required: No -- Type: string -- Default: `[resourceGroup().location]` - -### Parameter: `lock` - -The lock settings of the service. - -- Required: No -- Type: object - -**Optional parameters** - -| Parameter | Type | Description | -| :-- | :-- | :-- | -| [`kind`](#parameter-lockkind) | string | Specify the type of lock. | -| [`name`](#parameter-lockname) | string | Specify the name of lock. | - -### Parameter: `lock.kind` - -Specify the type of lock. - -- Required: No -- Type: string -- Allowed: - ```Bicep - [ - 'CanNotDelete' - 'None' - 'ReadOnly' - ] - ``` - -### Parameter: `lock.name` - -Specify the name of lock. - -- Required: No -- Type: string - -### Parameter: `manualPrivateLinkServiceConnections` - -Manual PrivateLink Service Connections. - -- Required: No -- Type: array - -### Parameter: `privateDnsZoneGroupName` - -The name of the private DNS zone group to create if `privateDnsZoneResourceIds` were provided. - -- Required: No -- Type: string - -### Parameter: `privateDnsZoneResourceIds` - -The private DNS zone groups to associate the private endpoint. A DNS zone group can support up to 5 DNS zones. - -- Required: No -- Type: array - -### Parameter: `roleAssignments` - -Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. - -- Required: No -- Type: array - -**Required parameters** - -| Parameter | Type | Description | -| :-- | :-- | :-- | -| [`principalId`](#parameter-roleassignmentsprincipalid) | string | The principal ID of the principal (user/group/identity) to assign the role to. | -| [`roleDefinitionIdOrName`](#parameter-roleassignmentsroledefinitionidorname) | string | The name of the role to assign. If it cannot be found you can specify the role definition ID instead. | - -**Optional parameters** - -| Parameter | Type | Description | -| :-- | :-- | :-- | -| [`condition`](#parameter-roleassignmentscondition) | string | The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase "foo_storage_container" | -| [`conditionVersion`](#parameter-roleassignmentsconditionversion) | string | Version of the condition. | -| [`delegatedManagedIdentityResourceId`](#parameter-roleassignmentsdelegatedmanagedidentityresourceid) | string | The Resource Id of the delegated managed identity resource. | -| [`description`](#parameter-roleassignmentsdescription) | string | The description of the role assignment. | -| [`principalType`](#parameter-roleassignmentsprincipaltype) | string | The principal type of the assigned principal ID. | - -### Parameter: `roleAssignments.principalId` - -The principal ID of the principal (user/group/identity) to assign the role to. - -- Required: Yes -- Type: string - -### Parameter: `roleAssignments.roleDefinitionIdOrName` - -The name of the role to assign. If it cannot be found you can specify the role definition ID instead. - -- Required: Yes -- Type: string - -### Parameter: `roleAssignments.condition` - -The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase "foo_storage_container" - -- Required: No -- Type: string - -### Parameter: `roleAssignments.conditionVersion` - -Version of the condition. - -- Required: No -- Type: string -- Allowed: - ```Bicep - [ - '2.0' - ] - ``` - -### Parameter: `roleAssignments.delegatedManagedIdentityResourceId` - -The Resource Id of the delegated managed identity resource. - -- Required: No -- Type: string - -### Parameter: `roleAssignments.description` - -The description of the role assignment. - -- Required: No -- Type: string - -### Parameter: `roleAssignments.principalType` - -The principal type of the assigned principal ID. - -- Required: No -- Type: string -- Allowed: - ```Bicep - [ - 'Device' - 'ForeignGroup' - 'Group' - 'ServicePrincipal' - 'User' - ] - ``` - -### Parameter: `tags` - -Tags to be applied on all resources/resource groups in this deployment. - -- Required: No -- Type: object - - -## Outputs - -| Output | Type | Description | -| :-- | :-- | :-- | -| `location` | string | The location the resource was deployed into. | -| `name` | string | The name of the private endpoint. | -| `resourceGroupName` | string | The resource group the private endpoint was deployed into. | -| `resourceId` | string | The resource ID of the private endpoint. | - -## Cross-referenced modules - -_None_ diff --git a/src/carml/v0.6.0/Microsoft.Network/private-endpoint/deploy.bicep b/src/carml/v0.6.0/Microsoft.Network/private-endpoint/deploy.bicep deleted file mode 100644 index 515f6194..00000000 --- a/src/carml/v0.6.0/Microsoft.Network/private-endpoint/deploy.bicep +++ /dev/null @@ -1,210 +0,0 @@ -metadata name = 'Private Endpoints' -metadata description = 'This module deploys a Private Endpoint.' -metadata owner = 'Azure/module-maintainers' - -@description('Required. Name of the private endpoint resource to create.') -param name string - -@description('Required. Resource ID of the subnet where the endpoint needs to be created.') -param subnetResourceId string - -@description('Required. Resource ID of the resource that needs to be connected to the network.') -param serviceResourceId string - -@description('Optional. Application security groups in which the private endpoint IP configuration is included.') -param applicationSecurityGroupResourceIds array? - -@description('Optional. The custom name of the network interface attached to the private endpoint.') -param customNetworkInterfaceName string? - -@description('Optional. A list of IP configurations of the private endpoint. This will be used to map to the First Party Service endpoints.') -param ipConfigurations ipConfigurationsType? - -@description('Required. Subtype(s) of the connection to be created. The allowed values depend on the type serviceResourceId refers to.') -param groupIds array - -@description('Optional. The name of the private DNS zone group to create if `privateDnsZoneResourceIds` were provided.') -param privateDnsZoneGroupName string? - -@description('Optional. The private DNS zone groups to associate the private endpoint. A DNS zone group can support up to 5 DNS zones.') -param privateDnsZoneResourceIds array? - -@description('Optional. Location for all Resources.') -param location string = resourceGroup().location - -@description('Optional. The lock settings of the service.') -param lock lockType - -@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.') -param roleAssignments roleAssignmentType - -@description('Optional. Tags to be applied on all resources/resource groups in this deployment.') -param tags object? - -@description('Optional. Custom DNS configurations.') -param customDnsConfigs customDnsConfigType? - -@description('Optional. Manual PrivateLink Service Connections.') -param manualPrivateLinkServiceConnections array? - -@description('Optional. Enable/Disable usage telemetry for module.') -param enableDefaultTelemetry bool = true - -var enableReferencedModulesTelemetry = false - -var builtInRoleNames = { - Contributor: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c') - 'DNS Resolver Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '0f2ebee7-ffd4-4fc0-b3b7-664099fdad5d') - 'DNS Zone Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'befefa01-2a29-4197-83a8-272ff33ce314') - 'Domain Services Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'eeaeda52-9324-47f6-8069-5d5bade478b2') - 'Domain Services Reader': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '361898ef-9ed1-48c2-849c-a832951106bb') - 'Network Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '4d97b98b-1d4f-4787-a291-c67834d212e7') - Owner: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '8e3af657-a8ff-443c-a75c-2fe8c4bcb635') - 'Private DNS Zone Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b12aa53e-6015-4669-85d0-8515ebb3ae7f') - Reader: subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'acdd72a7-3385-48ef-bd42-f606fba81ae7') - 'Role Based Access Control Administrator (Preview)': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'f58310d9-a9f6-439a-9e8d-f62e7b41a168') -} - -resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { - name: 'pid-47ed15a6-730a-4827-bcb4-0fd963ffbd82-${uniqueString(deployment().name, location)}' - properties: { - mode: 'Incremental' - template: { - '$schema': 'https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#' - contentVersion: '1.0.0.0' - resources: [] - } - } -} - -resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-04-01' = { - name: name - location: location - tags: tags - properties: { - applicationSecurityGroups: [for applicationSecurityGroupResourceId in (applicationSecurityGroupResourceIds ?? []): { - id: applicationSecurityGroupResourceId - }] - customDnsConfigs: customDnsConfigs - customNetworkInterfaceName: customNetworkInterfaceName ?? '' - ipConfigurations: ipConfigurations ?? [] - manualPrivateLinkServiceConnections: manualPrivateLinkServiceConnections ?? [] - privateLinkServiceConnections: [ - { - name: name - properties: { - privateLinkServiceId: serviceResourceId - groupIds: groupIds - } - } - ] - subnet: { - id: subnetResourceId - } - } -} - -module privateEndpoint_privateDnsZoneGroup 'private-dns-zone-group/deploy.bicep' = if (!empty(privateDnsZoneResourceIds)) { - name: '${uniqueString(deployment().name)}-PrivateEndpoint-PrivateDnsZoneGroup' - params: { - name: privateDnsZoneGroupName ?? 'default' - privateDNSResourceIds: privateDnsZoneResourceIds ?? [] - privateEndpointName: privateEndpoint.name - enableDefaultTelemetry: enableReferencedModulesTelemetry - } -} - -resource privateEndpoint_lock 'Microsoft.Authorization/locks@2020-05-01' = if (!empty(lock ?? {}) && lock.?kind != 'None') { - name: lock.?name ?? 'lock-${name}' - properties: { - level: lock.?kind ?? '' - notes: lock.?kind == 'CanNotDelete' ? 'Cannot delete resource or child resources.' : 'Cannot delete or modify the resource or child resources.' - } - scope: privateEndpoint -} - -resource privateEndpoint_roleAssignments 'Microsoft.Authorization/roleAssignments@2022-04-01' = [for (roleAssignment, index) in (roleAssignments ?? []): { - name: guid(privateEndpoint.id, roleAssignment.principalId, roleAssignment.roleDefinitionIdOrName) - properties: { - roleDefinitionId: contains(builtInRoleNames, roleAssignment.roleDefinitionIdOrName) ? builtInRoleNames[roleAssignment.roleDefinitionIdOrName] : roleAssignment.roleDefinitionIdOrName - principalId: roleAssignment.principalId - description: roleAssignment.?description - principalType: roleAssignment.?principalType - condition: roleAssignment.?condition - conditionVersion: !empty(roleAssignment.?condition) ? (roleAssignment.?conditionVersion ?? '2.0') : null // Must only be set if condtion is set - delegatedManagedIdentityResourceId: roleAssignment.?delegatedManagedIdentityResourceId - } - scope: privateEndpoint -}] - -@description('The resource group the private endpoint was deployed into.') -output resourceGroupName string = resourceGroup().name - -@description('The resource ID of the private endpoint.') -output resourceId string = privateEndpoint.id - -@description('The name of the private endpoint.') -output name string = privateEndpoint.name - -@description('The location the resource was deployed into.') -output location string = privateEndpoint.location - -// ================ // -// Definitions // -// ================ // - -type roleAssignmentType = { - @description('Required. The name of the role to assign. If it cannot be found you can specify the role definition ID instead.') - roleDefinitionIdOrName: string - - @description('Required. The principal ID of the principal (user/group/identity) to assign the role to.') - principalId: string - - @description('Optional. The principal type of the assigned principal ID.') - principalType: ('ServicePrincipal' | 'Group' | 'User' | 'ForeignGroup' | 'Device')? - - @description('Optional. The description of the role assignment.') - description: string? - - @description('Optional. The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase "foo_storage_container"') - condition: string? - - @description('Optional. Version of the condition.') - conditionVersion: '2.0'? - - @description('Optional. The Resource Id of the delegated managed identity resource.') - delegatedManagedIdentityResourceId: string? -}[]? - -type lockType = { - @description('Optional. Specify the name of lock.') - name: string? - - @description('Optional. Specify the type of lock.') - kind: ('CanNotDelete' | 'ReadOnly' | 'None')? -}? - -type ipConfigurationsType = { - @description('Required. The name of the resource that is unique within a resource group.') - name: string - - @description('Required. Properties of private endpoint IP configurations.') - properties: { - @description('Required. The ID of a group obtained from the remote resource that this private endpoint should connect to.') - groupId: string - - @description('Required. The member name of a group obtained from the remote resource that this private endpoint should connect to.') - memberName: string - - @description('Required. A private ip address obtained from the private endpoint\'s subnet.') - privateIPAddress: string - } -}[]? - -type customDnsConfigType = { - @description('Required. Fqdn that resolves to private endpoint ip address.') - fqdn: string - - @description('Required. A list of private ip addresses of the private endpoint.') - ipAddresses: string[] -}[]? diff --git a/src/carml/v0.6.0/Microsoft.Network/private-endpoint/private-dns-zone-group/README.md b/src/carml/v0.6.0/Microsoft.Network/private-endpoint/private-dns-zone-group/README.md deleted file mode 100644 index f262fc8a..00000000 --- a/src/carml/v0.6.0/Microsoft.Network/private-endpoint/private-dns-zone-group/README.md +++ /dev/null @@ -1,80 +0,0 @@ -# Private Endpoint Private DNS Zone Groups `[Microsoft.Network/privateEndpoints/privateDnsZoneGroups]` - -This module deploys a Private Endpoint Private DNS Zone Group. - -## Navigation - -- [Resource Types](#resource-types) -- [Parameters](#parameters) -- [Outputs](#outputs) -- [Cross-referenced modules](#cross-referenced-modules) - -## Resource Types - -| Resource Type | API Version | -| :-- | :-- | -| `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2023-04-01](https://learn.microsoft.com/en-us/azure/templates/Microsoft.Network/2023-04-01/privateEndpoints/privateDnsZoneGroups) | - -## Parameters - -**Required parameters** - -| Parameter | Type | Description | -| :-- | :-- | :-- | -| [`privateDNSResourceIds`](#parameter-privatednsresourceids) | array | Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones. | - -**Conditional parameters** - -| Parameter | Type | Description | -| :-- | :-- | :-- | -| [`privateEndpointName`](#parameter-privateendpointname) | string | The name of the parent private endpoint. Required if the template is used in a standalone deployment. | - -**Optional parameters** - -| Parameter | Type | Description | -| :-- | :-- | :-- | -| [`enableDefaultTelemetry`](#parameter-enabledefaulttelemetry) | bool | Enable/Disable usage telemetry for module. | -| [`name`](#parameter-name) | string | The name of the private DNS zone group. | - -### Parameter: `privateDNSResourceIds` - -Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones. - -- Required: Yes -- Type: array - -### Parameter: `privateEndpointName` - -The name of the parent private endpoint. Required if the template is used in a standalone deployment. - -- Required: Yes -- Type: string - -### Parameter: `enableDefaultTelemetry` - -Enable/Disable usage telemetry for module. - -- Required: No -- Type: bool -- Default: `True` - -### Parameter: `name` - -The name of the private DNS zone group. - -- Required: No -- Type: string -- Default: `'default'` - - -## Outputs - -| Output | Type | Description | -| :-- | :-- | :-- | -| `name` | string | The name of the private endpoint DNS zone group. | -| `resourceGroupName` | string | The resource group the private endpoint DNS zone group was deployed into. | -| `resourceId` | string | The resource ID of the private endpoint DNS zone group. | - -## Cross-referenced modules - -_None_ diff --git a/src/carml/v0.6.0/Microsoft.Network/private-endpoint/private-dns-zone-group/deploy.bicep b/src/carml/v0.6.0/Microsoft.Network/private-endpoint/private-dns-zone-group/deploy.bicep deleted file mode 100644 index 49a089a7..00000000 --- a/src/carml/v0.6.0/Microsoft.Network/private-endpoint/private-dns-zone-group/deploy.bicep +++ /dev/null @@ -1,57 +0,0 @@ -metadata name = 'Private Endpoint Private DNS Zone Groups' -metadata description = 'This module deploys a Private Endpoint Private DNS Zone Group.' -metadata owner = 'Azure/module-maintainers' - -@description('Conditional. The name of the parent private endpoint. Required if the template is used in a standalone deployment.') -param privateEndpointName string - -@description('Required. Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones.') -@minLength(1) -@maxLength(5) -param privateDNSResourceIds array - -@description('Optional. The name of the private DNS zone group.') -param name string = 'default' - -@description('Optional. Enable/Disable usage telemetry for module.') -param enableDefaultTelemetry bool = true - -var privateDnsZoneConfigs = [for privateDNSResourceId in privateDNSResourceIds: { - name: last(split(privateDNSResourceId, '/'))! - properties: { - privateDnsZoneId: privateDNSResourceId - } -}] - -resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (enableDefaultTelemetry) { - name: 'pid-47ed15a6-730a-4827-bcb4-0fd963ffbd82-${uniqueString(deployment().name)}' - properties: { - mode: 'Incremental' - template: { - '$schema': 'https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#' - contentVersion: '1.0.0.0' - resources: [] - } - } -} - -resource privateEndpoint 'Microsoft.Network/privateEndpoints@2023-04-01' existing = { - name: privateEndpointName -} - -resource privateDnsZoneGroup 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2023-04-01' = { - name: name - parent: privateEndpoint - properties: { - privateDnsZoneConfigs: privateDnsZoneConfigs - } -} - -@description('The name of the private endpoint DNS zone group.') -output name string = privateDnsZoneGroup.name - -@description('The resource ID of the private endpoint DNS zone group.') -output resourceId string = privateDnsZoneGroup.id - -@description('The resource group the private endpoint DNS zone group was deployed into.') -output resourceGroupName string = resourceGroup().name diff --git a/src/carml/v0.6.0/Microsoft.Network/private-endpoint/private-dns-zone-group/main.json b/src/carml/v0.6.0/Microsoft.Network/private-endpoint/private-dns-zone-group/main.json deleted file mode 100644 index 4216fc24..00000000 --- a/src/carml/v0.6.0/Microsoft.Network/private-endpoint/private-dns-zone-group/main.json +++ /dev/null @@ -1,105 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "metadata": { - "_generator": { - "name": "bicep", - "version": "0.22.6.54827", - "templateHash": "16391702514342252839" - }, - "name": "Private Endpoint Private DNS Zone Groups", - "description": "This module deploys a Private Endpoint Private DNS Zone Group.", - "owner": "Azure/module-maintainers" - }, - "parameters": { - "privateEndpointName": { - "type": "string", - "metadata": { - "description": "Conditional. The name of the parent private endpoint. Required if the template is used in a standalone deployment." - } - }, - "privateDNSResourceIds": { - "type": "array", - "minLength": 1, - "maxLength": 5, - "metadata": { - "description": "Required. Array of private DNS zone resource IDs. A DNS zone group can support up to 5 DNS zones." - } - }, - "name": { - "type": "string", - "defaultValue": "default", - "metadata": { - "description": "Optional. The name of the private DNS zone group." - } - }, - "enableDefaultTelemetry": { - "type": "bool", - "defaultValue": true, - "metadata": { - "description": "Optional. Enable/Disable usage telemetry for module." - } - } - }, - "variables": { - "copy": [ - { - "name": "privateDnsZoneConfigs", - "count": "[length(parameters('privateDNSResourceIds'))]", - "input": { - "name": "[last(split(parameters('privateDNSResourceIds')[copyIndex('privateDnsZoneConfigs')], '/'))]", - "properties": { - "privateDnsZoneId": "[parameters('privateDNSResourceIds')[copyIndex('privateDnsZoneConfigs')]]" - } - } - } - ] - }, - "resources": [ - { - "condition": "[parameters('enableDefaultTelemetry')]", - "type": "Microsoft.Resources/deployments", - "apiVersion": "2021-04-01", - "name": "[format('pid-47ed15a6-730a-4827-bcb4-0fd963ffbd82-{0}', uniqueString(deployment().name))]", - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [] - } - } - }, - { - "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", - "apiVersion": "2023-04-01", - "name": "[format('{0}/{1}', parameters('privateEndpointName'), parameters('name'))]", - "properties": { - "privateDnsZoneConfigs": "[variables('privateDnsZoneConfigs')]" - } - } - ], - "outputs": { - "name": { - "type": "string", - "metadata": { - "description": "The name of the private endpoint DNS zone group." - }, - "value": "[parameters('name')]" - }, - "resourceId": { - "type": "string", - "metadata": { - "description": "The resource ID of the private endpoint DNS zone group." - }, - "value": "[resourceId('Microsoft.Network/privateEndpoints/privateDnsZoneGroups', parameters('privateEndpointName'), parameters('name'))]" - }, - "resourceGroupName": { - "type": "string", - "metadata": { - "description": "The resource group the private endpoint DNS zone group was deployed into." - }, - "value": "[resourceGroup().name]" - } - } -} \ No newline at end of file diff --git a/src/carml/v0.6.0/Microsoft.Network/private-endpoint/private-dns-zone-group/version.json b/src/carml/v0.6.0/Microsoft.Network/private-endpoint/private-dns-zone-group/version.json deleted file mode 100644 index 04a0dd1a..00000000 --- a/src/carml/v0.6.0/Microsoft.Network/private-endpoint/private-dns-zone-group/version.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "$schema": "https://aka.ms/bicep-registry-module-version-file-schema#", - "version": "0.5", - "pathFilters": [ - "./main.json" - ] -} diff --git a/src/carml/v0.6.0/Microsoft.Network/private-endpoint/version.json b/src/carml/v0.6.0/Microsoft.Network/private-endpoint/version.json deleted file mode 100644 index 7fa401bd..00000000 --- a/src/carml/v0.6.0/Microsoft.Network/private-endpoint/version.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "$schema": "https://aka.ms/bicep-registry-module-version-file-schema#", - "version": "0.1", - "pathFilters": [ - "./main.json" - ] -}