Merge branch 'main' of https://github.com/Azure/bicep into alfran/mis…

…cDocUpdates
Azure · Jan 5, 2021 · 745ccdc · 745ccdc
2 parents 0a1f5c4 + 7b1da15
commit 745ccdc
Show file tree

Hide file tree

Showing 41 changed files with 9,060 additions and 2,076 deletions.
diff --git a/docs/examples/201/shared-image-gallery-with-image-defintition-and-role-assignment/main.bicep b/docs/examples/201/shared-image-gallery-with-image-defintition-and-role-assignment/main.bicep
@@ -0,0 +1,69 @@
+param azureSubscriptionID string
+param sigName string
+param sigLocation string
+param imagePublisher string
+param imageDefinitionName string
+param imageOffer string
+param imageSKU string
+param imageLocation string
+param roleNameGalleryImage string
+param principalId string
+param templateImageResourceGroup string
+
+var templateImageResourceGroupId = '/subscriptions/${azureSubscriptionID}/resourcegroups/${templateImageResourceGroup}'
+var imageDefinitionFullName = '${sigName}/${imageDefinitionName}'
+
+//Create Shard Image Gallery
+resource wvdsig 'Microsoft.Compute/galleries@2020-09-30' = {
+  name: sigName
+  location: sigLocation
+}
+
+//Create Image definitation
+resource wvdid 'Microsoft.Compute/galleries/images@2020-09-30' = {
+  name: imageDefinitionFullName
+  location: imageLocation
+  properties: {
+    osState: 'Generalized'
+    osType: 'Windows'
+    identifier: {
+      publisher: imagePublisher
+      offer: imageOffer
+      sku: imageSKU
+    }
+  }
+}
+
+//create role definition
+resource gallerydef 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' = {
+  name: guid(roleNameGalleryImage)
+  properties: {
+    roleName: roleNameGalleryImage
+    description: 'Custom role for network read'
+    permissions: [
+      {
+        actions: [
+          'Microsoft.Compute/galleries/read'
+          'Microsoft.Compute/galleries/images/read'
+          'Microsoft.Compute/galleries/images/versions/read'
+          'Microsoft.Compute/galleries/images/versions/write'
+          'Microsoft.Compute/images/write'
+          'Microsoft.Compute/images/read'
+          'Microsoft.Compute/images/delete'
+        ]
+      }
+    ]
+    assignableScopes: [
+      templateImageResourceGroupId
+    ]
+  }
+}
+
+//create role assignment
+resource galleryass 'Microsoft.Authorization/roleAssignments@2020-04-01-preview' = {
+  name: guid(resourceGroup().id, gallerydef.id, principalId)
+  properties: {
+    roleDefinitionId: gallerydef.id
+    principalId: principalId
+  }
+}
diff --git a/docs/examples/201/shared-image-gallery-with-image-defintition-and-role-assignment/main.json b/docs/examples/201/shared-image-gallery-with-image-defintition-and-role-assignment/main.json
@@ -0,0 +1,104 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "azureSubscriptionID": {
+      "type": "string"
+    },
+    "sigName": {
+      "type": "string"
+    },
+    "sigLocation": {
+      "type": "string"
+    },
+    "imagePublisher": {
+      "type": "string"
+    },
+    "imageDefinitionName": {
+      "type": "string"
+    },
+    "imageOffer": {
+      "type": "string"
+    },
+    "imageSKU": {
+      "type": "string"
+    },
+    "imageLocation": {
+      "type": "string"
+    },
+    "roleNameGalleryImage": {
+      "type": "string"
+    },
+    "principalId": {
+      "type": "string"
+    },
+    "templateImageResourceGroup": {
+      "type": "string"
+    }
+  },
+  "functions": [],
+  "variables": {
+    "templateImageResourceGroupId": "[format('/subscriptions/{0}/resourcegroups/{1}', parameters('azureSubscriptionID'), parameters('templateImageResourceGroup'))]",
+    "imageDefinitionFullName": "[format('{0}/{1}', parameters('sigName'), parameters('imageDefinitionName'))]"
+  },
+  "resources": [
+    {
+      "type": "Microsoft.Compute/galleries",
+      "apiVersion": "2020-09-30",
+      "name": "[parameters('sigName')]",
+      "location": "[parameters('sigLocation')]"
+    },
+    {
+      "type": "Microsoft.Compute/galleries/images",
+      "apiVersion": "2020-09-30",
+      "name": "[variables('imageDefinitionFullName')]",
+      "location": "[parameters('imageLocation')]",
+      "properties": {
+        "osState": "Generalized",
+        "osType": "Windows",
+        "identifier": {
+          "publisher": "[parameters('imagePublisher')]",
+          "offer": "[parameters('imageOffer')]",
+          "sku": "[parameters('imageSKU')]"
+        }
+      }
+    },
+    {
+      "type": "Microsoft.Authorization/roleDefinitions",
+      "apiVersion": "2018-01-01-preview",
+      "name": "[guid(parameters('roleNameGalleryImage'))]",
+      "properties": {
+        "roleName": "[parameters('roleNameGalleryImage')]",
+        "description": "Custom role for network read",
+        "permissions": [
+          {
+            "actions": [
+              "Microsoft.Compute/galleries/read",
+              "Microsoft.Compute/galleries/images/read",
+              "Microsoft.Compute/galleries/images/versions/read",
+              "Microsoft.Compute/galleries/images/versions/write",
+              "Microsoft.Compute/images/write",
+              "Microsoft.Compute/images/read",
+              "Microsoft.Compute/images/delete"
+            ]
+          }
+        ],
+        "assignableScopes": [
+          "[variables('templateImageResourceGroupId')]"
+        ]
+      }
+    },
+    {
+      "type": "Microsoft.Authorization/roleAssignments",
+      "apiVersion": "2020-04-01-preview",
+      "name": "[guid(resourceGroup().id, resourceId('Microsoft.Authorization/roleDefinitions', guid(parameters('roleNameGalleryImage'))), parameters('principalId'))]",
+      "properties": {
+        "roleDefinitionId": "[resourceId('Microsoft.Authorization/roleDefinitions', guid(parameters('roleNameGalleryImage')))]",
+        "principalId": "[parameters('principalId')]"
+      },
+      "dependsOn": [
+        "[resourceId('Microsoft.Authorization/roleDefinitions', guid(parameters('roleNameGalleryImage')))]"
+      ]
+    }
+  ]
+}
diff --git a/docs/examples/201/vm-domain-join/main.bicep b/docs/examples/201/vm-domain-join/main.bicep
@@ -124,11 +124,8 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2020-06-01' = {
 }
 
 resource virtualMachineExtension 'Microsoft.Compute/virtualMachines/extensions@2020-06-01' = {
-  name: '${dnsLabelPrefix}/joindomain'
+  name: '${virtualMachine.name}/joindomain'
   location: location
-  dependsOn: [
-    virtualMachine
-  ]
   properties: {
     publisher: 'Microsoft.Compute'
     type: 'JsonADDomainExtension'

diff --git a/docs/examples/index.json b/docs/examples/index.json
@@ -375,6 +375,10 @@
         "filePath": "201/vm-windows10-with-nvidia-gpu-extension-and-condition/main.bicep",
         "description": "201/vm-windows10-with-nvidia-gpu-extension-and-condition"
     },
+    {
+        "filePath": "201/shared-image-gallery-with-image-defintition-and-role-assignment/main.bicep",
+        "description": "201/shared-image-gallery-with-image-defintition-and-role-assignment"
+    },    
     {
         "filePath": "301/function-app-with-custom-domain-managed-certificate/main.bicep",
         "description": "301/function-app-with-custom-domain-managed-certificate"

diff --git a/src/Bicep.Core.Samples/Files/InvalidModules_LF/main.bicep b/src/Bicep.Core.Samples/Files/InvalidModules_LF/main.bicep
@@ -184,4 +184,41 @@ module moduleWithInvalidScope2 './empty.bicep' = {
 module moduleWithBadScope './empty.bicep' = {
   name: 'moduleWithBadScope'
   scope: 'stringScope'
+}
+
+resource runtimeValidRes1 'Microsoft.Storage/storageAccounts@2019-06-01' = {
+  name: 'runtimeValidRes1Name'
+  location: 'westeurope'
+  kind: 'Storage'
+  sku: {
+    name: 'Standard_GRS'
+  }
+}
+
+module runtimeValidModule1 'empty.bicep' = {
+  name: concat(concat(runtimeValidRes1.id, runtimeValidRes1.name), runtimeValidRes1.type)
+}
+
+module runtimeInvalidModule1 'empty.bicep' = {
+  name: runtimeValidRes1.location
+}
+
+module runtimeInvalidModule2 'empty.bicep' = {
+  name: runtimeValidRes1['location']
+}
+
+module runtimeInvalidModule3 'empty.bicep' = {
+  name: runtimeValidRes1.sku.name
+}
+
+module runtimeInvalidModule4 'empty.bicep' = {
+  name: runtimeValidRes1.sku['name']
+}
+
+module runtimeInvalidModule5 'empty.bicep' = {
+  name: runtimeValidRes1['sku']['name']
+}
+
+module runtimeInvalidModule6 'empty.bicep' = {
+  name: runtimeValidRes1['sku'].name
 }
diff --git a/src/Bicep.Core.Samples/Files/InvalidModules_LF/main.diagnostics.bicep b/src/Bicep.Core.Samples/Files/InvalidModules_LF/main.diagnostics.bicep
@@ -247,3 +247,46 @@ module moduleWithBadScope './empty.bicep' = {
 //@[9:22) [BCP036 (Error)] The property "scope" expected a value of type "resourceGroup" but the provided value is of type "'stringScope'". |'stringScope'|
 //@[9:22) [BCP116 (Error)] Unsupported scope for module deployment in a "resourceGroup" target scope. Omit this property to inherit the current scope, or specify a valid scope. Permissible scopes include current resource group: resourceGroup(), named resource group in same subscription: resourceGroup(<name>), named resource group in a different subscription: resourceGroup(<subId>, <name>), or tenant: tenant(). |'stringScope'|
 }
+
+resource runtimeValidRes1 'Microsoft.Storage/storageAccounts@2019-06-01' = {
+  name: 'runtimeValidRes1Name'
+  location: 'westeurope'
+  kind: 'Storage'
+  sku: {
+    name: 'Standard_GRS'
+  }
+}
+
+module runtimeValidModule1 'empty.bicep' = {
+  name: concat(concat(runtimeValidRes1.id, runtimeValidRes1.name), runtimeValidRes1.type)
+}
+
+module runtimeInvalidModule1 'empty.bicep' = {
+  name: runtimeValidRes1.location
+//@[8:33) [BCP120 (Error)] The property "name" must be evaluable at the start of the deployment, and cannot depend on any values that have not yet been calculated. Accessible properties of runtimeValidRes1 are "apiVersion", "id", "name", "type". |runtimeValidRes1.location|
+}
+
+module runtimeInvalidModule2 'empty.bicep' = {
+  name: runtimeValidRes1['location']
+//@[8:36) [BCP120 (Error)] The property "name" must be evaluable at the start of the deployment, and cannot depend on any values that have not yet been calculated. Accessible properties of runtimeValidRes1 are "apiVersion", "id", "name", "type". |runtimeValidRes1['location']|
+}
+
+module runtimeInvalidModule3 'empty.bicep' = {
+  name: runtimeValidRes1.sku.name
+//@[8:33) [BCP120 (Error)] The property "name" must be evaluable at the start of the deployment, and cannot depend on any values that have not yet been calculated. Accessible properties of runtimeValidRes1 are "apiVersion", "id", "name", "type". |runtimeValidRes1.sku.name|
+}
+
+module runtimeInvalidModule4 'empty.bicep' = {
+  name: runtimeValidRes1.sku['name']
+//@[8:36) [BCP120 (Error)] The property "name" must be evaluable at the start of the deployment, and cannot depend on any values that have not yet been calculated. Accessible properties of runtimeValidRes1 are "apiVersion", "id", "name", "type". |runtimeValidRes1.sku['name']|
+}
+
+module runtimeInvalidModule5 'empty.bicep' = {
+  name: runtimeValidRes1['sku']['name']
+//@[8:39) [BCP120 (Error)] The property "name" must be evaluable at the start of the deployment, and cannot depend on any values that have not yet been calculated. Accessible properties of runtimeValidRes1 are "apiVersion", "id", "name", "type". |runtimeValidRes1['sku']['name']|
+}
+
+module runtimeInvalidModule6 'empty.bicep' = {
+  name: runtimeValidRes1['sku'].name
+//@[8:36) [BCP120 (Error)] The property "name" must be evaluable at the start of the deployment, and cannot depend on any values that have not yet been calculated. Accessible properties of runtimeValidRes1 are "apiVersion", "id", "name", "type". |runtimeValidRes1['sku'].name|
+}
diff --git a/src/Bicep.Core.Samples/Files/InvalidModules_LF/main.formatted.bicep b/src/Bicep.Core.Samples/Files/InvalidModules_LF/main.formatted.bicep
@@ -153,3 +153,40 @@ module moduleWithBadScope './empty.bicep' = {
   name: 'moduleWithBadScope'
   scope: 'stringScope'
 }
+
+resource runtimeValidRes1 'Microsoft.Storage/storageAccounts@2019-06-01' = {
+  name: 'runtimeValidRes1Name'
+  location: 'westeurope'
+  kind: 'Storage'
+  sku: {
+    name: 'Standard_GRS'
+  }
+}
+
+module runtimeValidModule1 'empty.bicep' = {
+  name: concat(concat(runtimeValidRes1.id, runtimeValidRes1.name), runtimeValidRes1.type)
+}
+
+module runtimeInvalidModule1 'empty.bicep' = {
+  name: runtimeValidRes1.location
+}
+
+module runtimeInvalidModule2 'empty.bicep' = {
+  name: runtimeValidRes1['location']
+}
+
+module runtimeInvalidModule3 'empty.bicep' = {
+  name: runtimeValidRes1.sku.name
+}
+
+module runtimeInvalidModule4 'empty.bicep' = {
+  name: runtimeValidRes1.sku['name']
+}
+
+module runtimeInvalidModule5 'empty.bicep' = {
+  name: runtimeValidRes1['sku']['name']
+}
+
+module runtimeInvalidModule6 'empty.bicep' = {
+  name: runtimeValidRes1['sku'].name
+}
diff --git a/src/Bicep.Core.Samples/Files/InvalidModules_LF/main.symbols.bicep b/src/Bicep.Core.Samples/Files/InvalidModules_LF/main.symbols.bicep
@@ -231,3 +231,48 @@ module moduleWithBadScope './empty.bicep' = {
   name: 'moduleWithBadScope'
   scope: 'stringScope'
 }
+
+resource runtimeValidRes1 'Microsoft.Storage/storageAccounts@2019-06-01' = {
+//@[9:25) Resource runtimeValidRes1. Type: Microsoft.Storage/storageAccounts@2019-06-01. Declaration start char: 0, length: 190
+  name: 'runtimeValidRes1Name'
+  location: 'westeurope'
+  kind: 'Storage'
+  sku: {
+    name: 'Standard_GRS'
+  }
+}
+
+module runtimeValidModule1 'empty.bicep' = {
+//@[7:26) Module runtimeValidModule1. Type: module. Declaration start char: 0, length: 136
+  name: concat(concat(runtimeValidRes1.id, runtimeValidRes1.name), runtimeValidRes1.type)
+}
+
+module runtimeInvalidModule1 'empty.bicep' = {
+//@[7:28) Module runtimeInvalidModule1. Type: module. Declaration start char: 0, length: 82
+  name: runtimeValidRes1.location
+}
+
+module runtimeInvalidModule2 'empty.bicep' = {
+//@[7:28) Module runtimeInvalidModule2. Type: module. Declaration start char: 0, length: 85
+  name: runtimeValidRes1['location']
+}
+
+module runtimeInvalidModule3 'empty.bicep' = {
+//@[7:28) Module runtimeInvalidModule3. Type: module. Declaration start char: 0, length: 82
+  name: runtimeValidRes1.sku.name
+}
+
+module runtimeInvalidModule4 'empty.bicep' = {
+//@[7:28) Module runtimeInvalidModule4. Type: module. Declaration start char: 0, length: 85
+  name: runtimeValidRes1.sku['name']
+}
+
+module runtimeInvalidModule5 'empty.bicep' = {
+//@[7:28) Module runtimeInvalidModule5. Type: module. Declaration start char: 0, length: 88
+  name: runtimeValidRes1['sku']['name']
+}
+
+module runtimeInvalidModule6 'empty.bicep' = {
+//@[7:28) Module runtimeInvalidModule6. Type: module. Declaration start char: 0, length: 85
+  name: runtimeValidRes1['sku'].name
+}