|
6 | 6 | "_generator": { |
7 | 7 | "name": "bicep", |
8 | 8 | "version": "0.36.1.42791", |
9 | | - "templateHash": "12587990285876720392" |
| 9 | + "templateHash": "961802883849358046" |
10 | 10 | }, |
11 | 11 | "name": "Content Processing Solution Accelerator", |
12 | 12 | "description": "Bicep template to deploy the Content Processing Solution Accelerator with AVM compliance." |
|
119 | 119 | }, |
120 | 120 | "enablePrivateNetworking": { |
121 | 121 | "type": "bool", |
122 | | - "defaultValue": true, |
123 | 122 | "metadata": { |
124 | 123 | "description": "Optional. Enable WAF for the deployment." |
125 | 124 | } |
@@ -15893,21 +15892,108 @@ |
15893 | 15892 | "zoneRedundancy": { |
15894 | 15893 | "value": "Disabled" |
15895 | 15894 | }, |
| 15895 | + "roleAssignments": { |
| 15896 | + "value": [ |
| 15897 | + { |
| 15898 | + "principalId": "[reference('avmContainerRegistryReader').outputs.principalId.value]", |
| 15899 | + "roleDefinitionIdOrName": "AcrPull", |
| 15900 | + "principalType": "ServicePrincipal" |
| 15901 | + } |
| 15902 | + ] |
| 15903 | + }, |
15896 | 15904 | "tags": { |
15897 | 15905 | "value": "[parameters('tags')]" |
15898 | 15906 | } |
15899 | 15907 | }, |
15900 | 15908 | "template": { |
15901 | 15909 | "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", |
| 15910 | + "languageVersion": "2.0", |
15902 | 15911 | "contentVersion": "1.0.0.0", |
15903 | 15912 | "metadata": { |
15904 | 15913 | "_generator": { |
15905 | 15914 | "name": "bicep", |
15906 | 15915 | "version": "0.36.1.42791", |
15907 | | - "templateHash": "8441318505264724450" |
| 15916 | + "templateHash": "11910096117865508081" |
15908 | 15917 | }, |
15909 | 15918 | "name": "Container Registry Module" |
15910 | 15919 | }, |
| 15920 | + "definitions": { |
| 15921 | + "roleAssignmentType": { |
| 15922 | + "type": "object", |
| 15923 | + "properties": { |
| 15924 | + "name": { |
| 15925 | + "type": "string", |
| 15926 | + "nullable": true, |
| 15927 | + "metadata": { |
| 15928 | + "description": "Optional. The name (as GUID) of the role assignment. If not provided, a GUID will be generated." |
| 15929 | + } |
| 15930 | + }, |
| 15931 | + "roleDefinitionIdOrName": { |
| 15932 | + "type": "string", |
| 15933 | + "metadata": { |
| 15934 | + "description": "Required. The role to assign. You can provide either the display name of the role definition, the role definition GUID, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'." |
| 15935 | + } |
| 15936 | + }, |
| 15937 | + "principalId": { |
| 15938 | + "type": "string", |
| 15939 | + "metadata": { |
| 15940 | + "description": "Required. The principal ID of the principal (user/group/identity) to assign the role to." |
| 15941 | + } |
| 15942 | + }, |
| 15943 | + "principalType": { |
| 15944 | + "type": "string", |
| 15945 | + "allowedValues": [ |
| 15946 | + "Device", |
| 15947 | + "ForeignGroup", |
| 15948 | + "Group", |
| 15949 | + "ServicePrincipal", |
| 15950 | + "User" |
| 15951 | + ], |
| 15952 | + "nullable": true, |
| 15953 | + "metadata": { |
| 15954 | + "description": "Optional. The principal type of the assigned principal ID." |
| 15955 | + } |
| 15956 | + }, |
| 15957 | + "description": { |
| 15958 | + "type": "string", |
| 15959 | + "nullable": true, |
| 15960 | + "metadata": { |
| 15961 | + "description": "Optional. The description of the role assignment." |
| 15962 | + } |
| 15963 | + }, |
| 15964 | + "condition": { |
| 15965 | + "type": "string", |
| 15966 | + "nullable": true, |
| 15967 | + "metadata": { |
| 15968 | + "description": "Optional. The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase \"foo_storage_container\"." |
| 15969 | + } |
| 15970 | + }, |
| 15971 | + "conditionVersion": { |
| 15972 | + "type": "string", |
| 15973 | + "allowedValues": [ |
| 15974 | + "2.0" |
| 15975 | + ], |
| 15976 | + "nullable": true, |
| 15977 | + "metadata": { |
| 15978 | + "description": "Optional. Version of the condition." |
| 15979 | + } |
| 15980 | + }, |
| 15981 | + "delegatedManagedIdentityResourceId": { |
| 15982 | + "type": "string", |
| 15983 | + "nullable": true, |
| 15984 | + "metadata": { |
| 15985 | + "description": "Optional. The Resource Id of the delegated managed identity resource." |
| 15986 | + } |
| 15987 | + } |
| 15988 | + }, |
| 15989 | + "metadata": { |
| 15990 | + "description": "An AVM-aligned type for a role assignment.", |
| 15991 | + "__bicep_imported_from!": { |
| 15992 | + "sourceTemplate": "br:mcr.microsoft.com/bicep/avm/utl/types/avm-common-types:0.5.1" |
| 15993 | + } |
| 15994 | + } |
| 15995 | + } |
| 15996 | + }, |
15911 | 15997 | "parameters": { |
15912 | 15998 | "acrName": { |
15913 | 15999 | "type": "string", |
|
15942 | 16028 | "description": "Zone redundancy setting for the Azure Container Registry" |
15943 | 16029 | } |
15944 | 16030 | }, |
| 16031 | + "roleAssignments": { |
| 16032 | + "type": "array", |
| 16033 | + "items": { |
| 16034 | + "$ref": "#/definitions/roleAssignmentType" |
| 16035 | + }, |
| 16036 | + "nullable": true, |
| 16037 | + "metadata": { |
| 16038 | + "description": "Optional. Array of role assignments to create." |
| 16039 | + } |
| 16040 | + }, |
15945 | 16041 | "tags": { |
15946 | 16042 | "type": "object", |
15947 | 16043 | "defaultValue": {}, |
|
15950 | 16046 | } |
15951 | 16047 | } |
15952 | 16048 | }, |
15953 | | - "resources": [ |
15954 | | - { |
| 16049 | + "resources": { |
| 16050 | + "avmContainerRegistry": { |
15955 | 16051 | "type": "Microsoft.Resources/deployments", |
15956 | 16052 | "apiVersion": "2022-09-01", |
15957 | 16053 | "name": "[parameters('acrName')]", |
|
15976 | 16072 | "zoneRedundancy": { |
15977 | 16073 | "value": "[parameters('zoneRedundancy')]" |
15978 | 16074 | }, |
| 16075 | + "roleAssignments": { |
| 16076 | + "value": "[parameters('roleAssignments')]" |
| 16077 | + }, |
15979 | 16078 | "tags": { |
15980 | 16079 | "value": "[parameters('tags')]" |
15981 | 16080 | } |
@@ -18996,19 +19095,26 @@ |
18996 | 19095 | } |
18997 | 19096 | } |
18998 | 19097 | } |
18999 | | - ], |
| 19098 | + }, |
19000 | 19099 | "outputs": { |
| 19100 | + "name": { |
| 19101 | + "type": "string", |
| 19102 | + "value": "[reference('avmContainerRegistry').outputs.name.value]" |
| 19103 | + }, |
19001 | 19104 | "resourceId": { |
19002 | 19105 | "type": "string", |
19003 | | - "value": "[reference(resourceId('Microsoft.Resources/deployments', parameters('acrName')), '2022-09-01').outputs.resourceId.value]" |
| 19106 | + "value": "[reference('avmContainerRegistry').outputs.resourceId.value]" |
19004 | 19107 | }, |
19005 | 19108 | "loginServer": { |
19006 | 19109 | "type": "string", |
19007 | | - "value": "[reference(resourceId('Microsoft.Resources/deployments', parameters('acrName')), '2022-09-01').outputs.loginServer.value]" |
| 19110 | + "value": "[reference('avmContainerRegistry').outputs.loginServer.value]" |
19008 | 19111 | } |
19009 | 19112 | } |
19010 | 19113 | } |
19011 | | - } |
| 19114 | + }, |
| 19115 | + "dependsOn": [ |
| 19116 | + "avmContainerRegistryReader" |
| 19117 | + ] |
19012 | 19118 | }, |
19013 | 19119 | "avmStorageAccount": { |
19014 | 19120 | "type": "Microsoft.Resources/deployments", |
@@ -30527,10 +30633,10 @@ |
30527 | 30633 | "dependsOn": [ |
30528 | 30634 | "avmContainerApp", |
30529 | 30635 | "avmManagedIdentity", |
30530 | | - "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').aiServices)]", |
30531 | | - "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').contentUnderstanding)]", |
30532 | 30636 | "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').openAI)]", |
| 30637 | + "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').contentUnderstanding)]", |
30533 | 30638 | "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').cognitiveServices)]", |
| 30639 | + "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').aiServices)]", |
30534 | 30640 | "avmVirtualNetwork", |
30535 | 30641 | "logAnalyticsWorkspace" |
30536 | 30642 | ] |
|
32868 | 32974 | "dependsOn": [ |
32869 | 32975 | "avmContainerApp", |
32870 | 32976 | "avmManagedIdentity", |
32871 | | - "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').cognitiveServices)]", |
32872 | 32977 | "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').contentUnderstanding)]", |
| 32978 | + "[format('avmPrivateDnsZones[{0}]', variables('dnsZoneIndex').cognitiveServices)]", |
32873 | 32979 | "avmVirtualNetwork" |
32874 | 32980 | ] |
32875 | 32981 | }, |
@@ -49999,31 +50105,66 @@ |
49999 | 50105 | "CONTAINER_WEB_APP_NAME": { |
50000 | 50106 | "type": "string", |
50001 | 50107 | "metadata": { |
50002 | | - "description": "The resource ID of the Container App Environment." |
| 50108 | + "description": "The name of the Container App used for Web App." |
50003 | 50109 | }, |
50004 | 50110 | "value": "[reference('avmContainerApp_Web').outputs.name.value]" |
50005 | 50111 | }, |
50006 | 50112 | "CONTAINER_API_APP_NAME": { |
50007 | 50113 | "type": "string", |
50008 | 50114 | "metadata": { |
50009 | | - "description": "The resource ID of the Container App API." |
| 50115 | + "description": "The name of the Container App used for API." |
50010 | 50116 | }, |
50011 | 50117 | "value": "[reference('avmContainerApp_API').outputs.name.value]" |
50012 | 50118 | }, |
50013 | 50119 | "CONTAINER_WEB_APP_FQDN": { |
50014 | 50120 | "type": "string", |
50015 | 50121 | "metadata": { |
50016 | | - "description": "The resource ID of the Container App Environment." |
| 50122 | + "description": "The FQDN of the Container App." |
50017 | 50123 | }, |
50018 | 50124 | "value": "[reference('avmContainerApp_Web').outputs.fqdn.value]" |
50019 | 50125 | }, |
50020 | 50126 | "CONTAINER_API_APP_FQDN": { |
50021 | 50127 | "type": "string", |
50022 | 50128 | "metadata": { |
50023 | | - "description": "The resource ID of the Container App API." |
| 50129 | + "description": "The FQDN of the Container App API." |
50024 | 50130 | }, |
50025 | 50131 | "value": "[reference('avmContainerApp_API').outputs.fqdn.value]" |
50026 | 50132 | }, |
| 50133 | + "CONTAINER_APP_NAME": { |
| 50134 | + "type": "string", |
| 50135 | + "metadata": { |
| 50136 | + "description": "The name of the Container App used for APP." |
| 50137 | + }, |
| 50138 | + "value": "[reference('avmContainerApp').outputs.name.value]" |
| 50139 | + }, |
| 50140 | + "CONTAINER_APP_USER_IDENTITY_ID": { |
| 50141 | + "type": "string", |
| 50142 | + "metadata": { |
| 50143 | + "description": "The user identity resource ID used fot the Container APP." |
| 50144 | + }, |
| 50145 | + "value": "[reference('avmContainerRegistryReader').outputs.resourceId.value]" |
| 50146 | + }, |
| 50147 | + "CONTAINER_APP_USER_PRINCIPAL_ID": { |
| 50148 | + "type": "string", |
| 50149 | + "metadata": { |
| 50150 | + "description": "The user identity Principal ID used fot the Container APP." |
| 50151 | + }, |
| 50152 | + "value": "[reference('avmContainerRegistryReader').outputs.principalId.value]" |
| 50153 | + }, |
| 50154 | + "CONTAINER_REGISTRY_NAME": { |
| 50155 | + "type": "string", |
| 50156 | + "metadata": { |
| 50157 | + "description": "The name of the Azure Container Registry." |
| 50158 | + }, |
| 50159 | + "value": "[reference('avmContainerRegistry').outputs.name.value]" |
| 50160 | + }, |
| 50161 | + "CONTAINER_REGISTRY_LOGIN_SERVER": { |
| 50162 | + "type": "string", |
| 50163 | + "metadata": { |
| 50164 | + "description": "The login server of the Azure Container Registry." |
| 50165 | + }, |
| 50166 | + "value": "[reference('avmContainerRegistry').outputs.loginServer.value]" |
| 50167 | + }, |
50027 | 50168 | "resourceGroupName": { |
50028 | 50169 | "type": "string", |
50029 | 50170 | "metadata": { |
|
0 commit comments