Skip to content

Commit 5f2a43a

Browse files
authored
Minor module syntax updates (#40)
1 parent 6bc1b6e commit 5f2a43a

3 files changed

Lines changed: 20 additions & 15 deletions

File tree

bicep/modules/keyvault/v1/main.bicep

Lines changed: 11 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,19 +1,20 @@
11
// Copyright (c) Microsoft Corporation.
22
// Licensed under the MIT License.
33

4+
targetScope = 'resourceGroup'
5+
46
metadata name = 'Key Vault'
57
metadata description = 'Create or update an Azure Key Vault.'
68

79
@sys.description('The name of the Key Vault.')
810
param name string
911

10-
@sys.description('The Azure region to deploy to.')
1112
@metadata({
1213
strongType: 'location'
1314
})
15+
@sys.description('The Azure region to deploy to.')
1416
param location string = resourceGroup().location
1517

16-
@sys.description('The access policies defined for this vault.')
1718
@metadata({
1819
example: [
1920
{
@@ -29,6 +30,7 @@ param location string = resourceGroup().location
2930
}
3031
]
3132
})
33+
@sys.description('The access policies defined for this vault.')
3234
param accessPolicies array = []
3335

3436
@sys.description('Determines if Azure can deploy certificates from this Key Vault.')
@@ -46,9 +48,9 @@ param useSoftDelete bool = true
4648
@sys.description('Determine if purge protection is enabled on this Key Vault.')
4749
param usePurgeProtection bool = true
4850

49-
@sys.description('The number of days to retain soft deleted vaults and vault objects.')
5051
@minValue(7)
5152
@maxValue(90)
53+
@sys.description('The number of days to retain soft deleted vaults and vault objects.')
5254
param softDeleteDays int = 90
5355

5456
@sys.description('Determines if access to the objects granted using RBAC. When true, access policies are ignored.')
@@ -62,23 +64,23 @@ param networkAcls object = {
6264
virtualNetworkRules: []
6365
}
6466

65-
@sys.description('The workspace to store audit logs.')
6667
@metadata({
6768
strongType: 'Microsoft.OperationalInsights/workspaces'
6869
example: '/subscriptions/<subscription_id>/resourceGroups/<resource_group>/providers/Microsoft.OperationalInsights/workspaces/<workspace_name>'
6970
})
71+
@sys.description('The workspace to store audit logs.')
7072
param workspaceId string = ''
7173

72-
@sys.description('Tags to apply to the resource.')
7374
@metadata({
7475
example: {
7576
service: '<service_name>'
7677
env: 'prod'
7778
}
7879
})
80+
@sys.description('Tags to apply to the resource.')
7981
param tags object = resourceGroup().tags
8082

81-
// Define a Key Vault
83+
@sys.description('Create or update a Key Vault.')
8284
resource vault 'Microsoft.KeyVault/vaults@2019-09-01' = {
8385
name: name
8486
location: location
@@ -101,11 +103,10 @@ resource vault 'Microsoft.KeyVault/vaults@2019-09-01' = {
101103
tags: tags
102104
}
103105

104-
// Configure logging
105-
resource vaultName_Microsoft_Insights_service 'Microsoft.Insights/diagnosticSettings@2016-09-01' = if (!empty(workspaceId)) {
106+
@sys.description('Configure audit logs for the Key Vault.')
107+
resource logs 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (!empty(workspaceId)) {
106108
scope: vault
107-
name: 'service'
108-
location: location
109+
name: 'logs'
109110
properties: {
110111
workspaceId: workspaceId
111112
logs: [

bicep/modules/storage/v1/main.bicep

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,18 @@
11
// Copyright (c) Microsoft Corporation.
22
// Licensed under the MIT License.
33

4+
targetScope = 'resourceGroup'
5+
46
metadata name = 'Storage Account'
57
metadata description = 'Create or update an Storage Account.'
68

79
@sys.description('The name of the Storage Account.')
810
param name string
911

10-
@sys.description('The Azure region to deploy to.')
1112
@metadata({
1213
strongType: 'location'
1314
})
15+
@sys.description('The Azure region to deploy to.')
1416
param location string = resourceGroup().location
1517

1618
@allowed([
@@ -23,16 +25,16 @@ param sku string = 'Standard_GRS'
2325
@sys.description('Determines if any containers can be configured with the anonymous access types of blob or container.')
2426
param allowBlobPublicAccess bool = true
2527

26-
@sys.description('Tags to apply to the resource.')
2728
@metadata({
2829
example: {
2930
service: '<service_name>'
3031
env: 'prod'
3132
}
3233
})
34+
@sys.description('Tags to apply to the resource.')
3335
param tags object = resourceGroup().tags
3436

35-
// Define a Storage Account
37+
@sys.description('Create or update an Storage Account.')
3638
resource storageAccount 'Microsoft.Storage/storageAccounts@2019-06-01' = {
3739
name: name
3840
location: location
@@ -55,6 +57,7 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2019-06-01' = {
5557
tags: tags
5658
}
5759

60+
@sys.description('Configure Blob Services for a Storage Account.')
5861
resource blobServices 'Microsoft.Storage/storageAccounts/blobServices@2019-06-01' = {
5962
parent: storageAccount
6063
name: 'default'
@@ -73,6 +76,7 @@ resource blobServices 'Microsoft.Storage/storageAccounts/blobServices@2019-06-01
7376
}
7477
}
7578

79+
@sys.description('Configure File Services for a Storage Account.')
7680
resource fileServices 'Microsoft.Storage/storageAccounts/fileServices@2019-06-01' = {
7781
parent: storageAccount
7882
name: 'default'

ps-rule.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,8 +15,8 @@ binding:
1515

1616
# Require minimum versions of modules.
1717
requires:
18-
PSRule: '@pre >=2.8.1'
19-
PSRule.Rules.Azure: '@pre >=1.26.1'
18+
PSRule: '@pre >=2.9.0'
19+
PSRule.Rules.Azure: '@pre >=1.28.2'
2020

2121
# Use PSRule for Azure.
2222
include:

0 commit comments

Comments
 (0)