Merge branch 'ghactions-managedidentity' of https://github.com/Fallen…

…Hoot/bicep-registry-modules into ghactions-managedidentity

avm/res/compute/virtual-machine-scale-set/README.md

@@ -291,7 +291,7 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s
     availabilityZones: [
       '2'
     ]
-    bootDiagnosticStorageAccountName: '<bootDiagnosticStorageAccountName>'
+    bootDiagnosticEnabled: false
     dataDisks: [
       {
         caching: 'ReadOnly'
@@ -478,8 +478,8 @@ module virtualMachineScaleSet 'br/public:avm/res/compute/virtual-machine-scale-s
         "2"
       ]
     },
-    "bootDiagnosticStorageAccountName": {
-      "value": "<bootDiagnosticStorageAccountName>"
+    "bootDiagnosticEnabled": {
+      "value": false
     },
     "dataDisks": {
       "value": [
@@ -689,7 +689,7 @@ param skuName = 'Standard_B12ms'
 param availabilityZones = [
   '2'
 ]
-param bootDiagnosticStorageAccountName = '<bootDiagnosticStorageAccountName>'
+param bootDiagnosticEnabled = false
 param dataDisks = [
   {
     caching: 'ReadOnly'
@@ -2313,7 +2313,8 @@ param vmPriority = 'Regular'
 | [`adminPassword`](#parameter-adminpassword) | securestring | When specifying a Windows Virtual Machine, this value should be passed. |
 | [`automaticRepairsPolicyEnabled`](#parameter-automaticrepairspolicyenabled) | bool | Specifies whether automatic repairs should be enabled on the virtual machine scale set. |
 | [`availabilityZones`](#parameter-availabilityzones) | array | The virtual machine scale set zones. NOTE: Availability zones can only be set when you create the scale set. |
-| [`bootDiagnosticStorageAccountName`](#parameter-bootdiagnosticstorageaccountname) | string | Storage account used to store boot diagnostic information. Boot diagnostics will be disabled if no value is provided. |
+| [`bootDiagnosticEnabled`](#parameter-bootDiagnosticEnabled) | string | Enable boot diagnostics to use default managed or secure storage. Defaults to false. |
+| [`bootDiagnosticStorageAccountName`](#parameter-bootdiagnosticstorageaccountname) | string | The name of the boot diagnostic storage account. Provide this if you want to use your own storage account for security reasons instead of the recommended Microsoft Managed Storage Account..|
 | [`bootDiagnosticStorageAccountUri`](#parameter-bootdiagnosticstorageaccounturi) | string | Storage account boot diagnostic base URI. |
 | [`bypassPlatformSafetyChecksOnUserSchedule`](#parameter-bypassplatformsafetychecksonuserschedule) | bool | Enables customer to schedule patching without accidental upgrades. |
 | [`customData`](#parameter-customdata) | string | Custom data associated to the VM, this value will be automatically converted into base64 to account for the expected VM format. |
@@ -2482,9 +2483,17 @@ The virtual machine scale set zones. NOTE: Availability zones can only be set wh
   ]
   ```
 
+### Parameter: `bootDiagnosticEnabled`
+
+Enable boot diagnostics to use default managed or secure storage.
+
+- Required: No
+- Type: boolen
+- Default: false
+
 ### Parameter: `bootDiagnosticStorageAccountName`
 
-Storage account used to store boot diagnostic information. Boot diagnostics will be disabled if no value is provided.
+The name of the boot diagnostic storage account. Provide this if you want to use your own storage account for security reasons instead of the recommended Microsoft Managed Storage Account.
 
 - Required: No
 - Type: string

avm/res/compute/virtual-machine-scale-set/main.bicep

@@ -143,9 +143,12 @@ param extensionCustomScriptConfig object = {
 @description('Optional. Storage account boot diagnostic base URI.')
 param bootDiagnosticStorageAccountUri string = '.blob.${environment().suffixes.storage}/'
 
-@description('Optional. Storage account used to store boot diagnostic information. Boot diagnostics will be disabled if no value is provided.')
+@description('Optional. The name of the boot diagnostic storage account. Provide this if you want to use your own storage account for security reasons instead of the recommended Microsoft Managed Storage Account.')
 param bootDiagnosticStorageAccountName string = ''
 
+@description('Optional. Enable boot diagnostics to use default managed or secure storage. Defaults set to false.')
+param bootDiagnosticEnabled bool = false
+
 @description('Optional. The diagnostic settings of the service.')
 param diagnosticSettings diagnosticSettingType
 
@@ -604,7 +607,7 @@ resource vmss 'Microsoft.Compute/virtualMachineScaleSets@2023-09-01' = {
       }
       diagnosticsProfile: {
         bootDiagnostics: {
-          enabled: !empty(bootDiagnosticStorageAccountName)
+          enabled: !empty(bootDiagnosticStorageAccountName) ? true : bootDiagnosticEnabled
           storageUri: !empty(bootDiagnosticStorageAccountName)
             ? 'https://${bootDiagnosticStorageAccountName}${bootDiagnosticStorageAccountUri}'
             : null

avm/res/compute/virtual-machine-scale-set/main.json

@@ -482,6 +482,13 @@
         "description": "Optional. The configuration for the [Custom Script] extension. Must at least contain the [\"enabled\": true] property to be executed."
       }
     },
+    "bootDiagnosticEnabled": {
+      "type": "bool",
+      "defaultValue": false,
+      "metadata": {
+        "description": "Optional. Whether boot diagnostics should be enabled on the Virtual Machine. Boot diagnostics will be enabled with a managed storage account if no bootDiagnosticsStorageAccountName value is provided. If bootDiagnostics and bootDiagnosticsStorageAccountName values are not provided, boot diagnostics will be disabled."
+      }
+    },
     "bootDiagnosticStorageAccountUri": {
       "type": "string",
       "defaultValue": "[format('.blob.{0}/', environment().suffixes.storage)]",
@@ -1017,7 +1024,7 @@
           },
           "diagnosticsProfile": {
             "bootDiagnostics": {
-              "enabled": "[not(empty(parameters('bootDiagnosticStorageAccountName')))]",
+              "enabled": "[if(not(empty(parameters('bootDiagnosticStorageAccountName'))), true(), parameters('bootDiagnosticEnabled'))]",
               "storageUri": "[if(not(empty(parameters('bootDiagnosticStorageAccountName'))), format('https://{0}{1}', parameters('bootDiagnosticStorageAccountName'), parameters('bootDiagnosticStorageAccountUri')), null())]"
             }
           },
@@ -2467,4 +2474,4 @@
       "value": "[reference('vmss', '2023-09-01', 'full').location]"
     }
   }
-}
+}

avm/res/compute/virtual-machine-scale-set/version.json

@@ -1,7 +1,7 @@
 {
     "$schema": "https://aka.ms/bicep-registry-module-version-file-schema#",
-    "version": "0.4",
+    "version": "0.5",
     "pathFilters": [
         "./main.json"
     ]
-}
+}

avm/res/db-for-postgre-sql/flexible-server/README.md

@@ -147,7 +147,7 @@ module flexibleServer 'br/public:avm/res/db-for-postgre-sql/flexible-server:<ver
   name: 'flexibleServerDeployment'
   params: {
     // Required parameters
-    name: 'dfpsfse001'
+    name: 'dfpsfsmax001'
     skuName: 'Standard_D2s_v3'
     tier: 'GeneralPurpose'
     // Non-required parameters
@@ -183,7 +183,7 @@ module flexibleServer 'br/public:avm/res/db-for-postgre-sql/flexible-server:<ver
   "parameters": {
     // Required parameters
     "name": {
-      "value": "dfpsfse001"
+      "value": "dfpsfsmax001"
     },
     "skuName": {
       "value": "Standard_D2s_v3"
@@ -233,7 +233,7 @@ module flexibleServer 'br/public:avm/res/db-for-postgre-sql/flexible-server:<ver
 using 'br/public:avm/res/db-for-postgre-sql/flexible-server:<version>'
 
 // Required parameters
-param name = 'dfpsfse001'
+param name = 'dfpsfsmax001'
 param skuName = 'Standard_D2s_v3'
 param tier = 'GeneralPurpose'
 // Non-required parameters
@@ -1867,15 +1867,13 @@ Custom DNS configurations.
 
 | Parameter | Type | Description |
 | :-- | :-- | :-- |
-| [`fqdn`](#parameter-privateendpointscustomdnsconfigsfqdn) | string | Fqdn that resolves to private endpoint IP address. |
 | [`ipAddresses`](#parameter-privateendpointscustomdnsconfigsipaddresses) | array | A list of private IP addresses of the private endpoint. |
 
-### Parameter: `privateEndpoints.customDnsConfigs.fqdn`
-
-Fqdn that resolves to private endpoint IP address.
+**Optional parameters**
 
-- Required: No
-- Type: string
+| Parameter | Type | Description |
+| :-- | :-- | :-- |
+| [`fqdn`](#parameter-privateendpointscustomdnsconfigsfqdn) | string | FQDN that resolves to private endpoint IP address. |
 
 ### Parameter: `privateEndpoints.customDnsConfigs.ipAddresses`
 
@@ -1884,6 +1882,13 @@ A list of private IP addresses of the private endpoint.
 - Required: Yes
 - Type: array
 
+### Parameter: `privateEndpoints.customDnsConfigs.fqdn`
+
+FQDN that resolves to private endpoint IP address.
+
+- Required: No
+- Type: string
+
 ### Parameter: `privateEndpoints.customNetworkInterfaceName`
 
 The custom name of the network interface attached to the Private Endpoint.
@@ -2390,7 +2395,7 @@ This section gives you an overview of all local-referenced module files (i.e., o
 | Reference | Type |
 | :-- | :-- |
 | `br/public:avm/res/network/private-endpoint:0.8.0` | Remote reference |
-| `br/public:avm/utl/types/avm-common-types:0.1.0` | Remote reference |
+| `br/public:avm/utl/types/avm-common-types:0.2.1` | Remote reference |
 
 ## Data Collection
 

avm/res/db-for-postgre-sql/flexible-server/administrator/main.json

@@ -4,8 +4,8 @@
   "metadata": {
     "_generator": {
       "name": "bicep",
-      "version": "0.30.23.60470",
-      "templateHash": "17167767529180811297"
+      "version": "0.31.34.60546",
+      "templateHash": "16481538210870485841"
     },
     "name": "DBforPostgreSQL Flexible Server Administrators",
     "description": "This module deploys a DBforPostgreSQL Flexible Server Administrator.",

avm/res/db-for-postgre-sql/flexible-server/configuration/main.json

@@ -5,8 +5,8 @@
   "metadata": {
     "_generator": {
       "name": "bicep",
-      "version": "0.30.23.60470",
-      "templateHash": "11184980891224869481"
+      "version": "0.31.34.60546",
+      "templateHash": "4744350024962623928"
     },
     "name": "DBforPostgreSQL Flexible Server Configurations",
     "description": "This module deploys a DBforPostgreSQL Flexible Server Configuration.",
@@ -54,10 +54,7 @@
       "properties": {
         "source": "[if(not(empty(parameters('source'))), parameters('source'), null())]",
         "value": "[if(not(empty(parameters('value'))), parameters('value'), null())]"
-      },
-      "dependsOn": [
-        "flexibleServer"
-      ]
+      }
     }
   },
   "outputs": {

avm/res/db-for-postgre-sql/flexible-server/database/main.json

@@ -5,8 +5,8 @@
   "metadata": {
     "_generator": {
       "name": "bicep",
-      "version": "0.30.23.60470",
-      "templateHash": "8538777017463575324"
+      "version": "0.31.34.60546",
+      "templateHash": "5925943942284222024"
     },
     "name": "DBforPostgreSQL Flexible Server Databases",
     "description": "This module deploys a DBforPostgreSQL Flexible Server Database.",
@@ -54,10 +54,7 @@
       "properties": {
         "collation": "[if(not(empty(parameters('collation'))), parameters('collation'), null())]",
         "charset": "[if(not(empty(parameters('charset'))), parameters('charset'), null())]"
-      },
-      "dependsOn": [
-        "flexibleServer"
-      ]
+      }
     }
   },
   "outputs": {

avm/res/db-for-postgre-sql/flexible-server/firewall-rule/main.json

@@ -4,8 +4,8 @@
   "metadata": {
     "_generator": {
       "name": "bicep",
-      "version": "0.30.23.60470",
-      "templateHash": "3950185975907365475"
+      "version": "0.31.34.60546",
+      "templateHash": "9983440066171652627"
     },
     "name": "DBforPostgreSQL Flexible Server Firewall Rules",
     "description": "This module deploys a DBforPostgreSQL Flexible Server Firewall Rule.",

avm/res/db-for-postgre-sql/flexible-server/main.bicep

@@ -98,11 +98,11 @@ param highAvailability string = 'ZoneRedundant'
 @description('Optional. The mode to create a new PostgreSQL server.')
 param createMode string = 'Default'
 
-import { managedIdentityOnlyUserAssignedType } from 'br/public:avm/utl/types/avm-common-types:0.1.0'
+import { managedIdentityOnlyUserAssignedType } from 'br/public:avm/utl/types/avm-common-types:0.2.1'
 @description('Conditional. The managed identity definition for this resource. Required if \'cMKKeyName\' is not empty.')
 param managedIdentities managedIdentityOnlyUserAssignedType?
 
-import { customerManagedKeyType } from 'br/public:avm/utl/types/avm-common-types:0.1.0'
+import { customerManagedKeyType } from 'br/public:avm/utl/types/avm-common-types:0.2.1'
 @description('Optional. The customer managed key definition.')
 param customerManagedKey customerManagedKeyType?
 
@@ -135,11 +135,11 @@ param databases array = []
 @description('Optional. The configurations to create in the server.')
 param configurations array = []
 
-import { lockType } from 'br/public:avm/utl/types/avm-common-types:0.1.0'
+import { lockType } from 'br/public:avm/utl/types/avm-common-types:0.2.1'
 @description('Optional. The lock settings of the service.')
 param lock lockType?
 
-import { roleAssignmentType } from 'br/public:avm/utl/types/avm-common-types:0.1.0'
+import { roleAssignmentType } from 'br/public:avm/utl/types/avm-common-types:0.2.1'
 @description('Optional. Array of role assignments to create.')
 param roleAssignments roleAssignmentType[]?
 
@@ -149,11 +149,11 @@ param tags object?
 @description('Optional. Enable/Disable usage telemetry for module.')
 param enableTelemetry bool = true
 
-import { diagnosticSettingFullType } from 'br/public:avm/utl/types/avm-common-types:0.1.0'
+import { diagnosticSettingFullType } from 'br/public:avm/utl/types/avm-common-types:0.2.1'
 @description('Optional. The diagnostic settings of the service.')
 param diagnosticSettings diagnosticSettingFullType[]?
 
-import { privateEndpointSingleServiceType } from 'br/public:avm/utl/types/avm-common-types:0.1.0'
+import { privateEndpointSingleServiceType } from 'br/public:avm/utl/types/avm-common-types:0.2.1'
 @description('Optional. Configuration details for private endpoints. Used when the desired connectivy mode is \'Public Access\' and \'delegatedSubnetResourceId\' is NOT used.')
 param privateEndpoints privateEndpointSingleServiceType[]?