azure / bicep-types-az Goto Github PK
View Code? Open in Web Editor NEWBicep type definitions for ARM resources
License: MIT License
Bicep type definitions for ARM resources
License: MIT License
Bicep version
v0.4.1124
Describe the bug
Warning in VSC:
The property "retentionDays" is not allowed on objects of type "DatabaseVulnerabilityAssessmentProperties". Permissible properties include "storageContainerSasKey". If this is an inaccuracy in the documentation, please report it to the Bicep Team.
To Reproduce
Create the following vulnerabilityAssessment object in bicep. The warning will appear.
resource vulnerabilityAssessment 'Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments@2021-05-01-preview' = if (database.advancedThreatProtection.enabled && (!empty(database.advancedThreatProtection.vulnerabilityAssessmentScans.storageAccount.name))) {
name: '${sqlManagedInstance.name}/${databaseRes.name}/Default'
properties: {
recurringScans: {
isEnabled: database.advancedThreatProtection.vulnerabilityAssessmentScans.recurringScans
emailSubscriptionAdmins: database.advancedThreatProtection.vulnerabilityAssessmentScans.emailSubscriptionAdmins
emails: database.advancedThreatProtection.vulnerabilityAssessmentScans.emails
}
storageContainerPath: !empty(database.advancedThreatProtection.vulnerabilityAssessmentScans.storageAccount.name) ? container.name : ''
storageAccountAccessKey: !empty(database.advancedThreatProtection.vulnerabilityAssessmentScans.storageAccount.name) ? storageAccount.listKeys().keys[0].value : ''
retentionDays: !empty(database.advancedThreatProtection.vulnerabilityAssessmentScans.storageAccount.name) ? database.advancedThreatProtection.vulnerabilityAssessmentScans.retentionDays : 0
}
}
Additional context
Add any other context about the problem here.
This library has a lot of benefits an I can see cases were it could be used within other applications. The concern is about it been kept up to date, and new / updated Azure template items not been available via bicep on day 1 of release and until this is updated. The therefore propose the follow changes to remove this problem.
Additional logic could also be added that when this library does get updated it clears down the load side file
In doing this it will keep this library and Bicep automatically up t date with rest of Azure without having to keep republishing this library.
In ManagedClusterProperties (https://github.com/Azure/bicep-types-az/blob/7f9be56113ea442a042ebd37051d3bfe928f5107/generated/containerservice/microsoft.containerservice/2021-03-01/types.md#managedclusterproperties), identityProfile
appears to be defining a type of:
type incorrect = {[key: string]: {
error: CloudError,
}}
Whereas the correct definition (as per swagger) should be:
type correct = {[key: string]: {
clientId: string,
objectId: string,
resourceId: string,
}}
Autorest.Modelerfour appears to solve this issue (from the typescript
branch): https://github.com/Azure/bicep-types-az/blob/ba2d133751311243895a68a868dac04e488bd296/generated/containerservice/microsoft.containerservice/2021-03-01/types.md#componentsqit0etschemasmanagedclusterpropertiespropertiesidentityprofileadditionalproperties
Bicep version
0.4.63
Describe the bug
Property needs to be set on 'null' instead of empty string '', otherwise the pipeline crashes with a BadRequest error. At the same time, setting it to 'null' gives a warning in Vistual Studio Code:
The property "logAnalyticsWorkspaceResourceID" expected a value of type "string" but the provided value is of type "null | string".bicep(BCP036)
Relevant code:
resource aksClusterRes 'Microsoft.ContainerService/managedClusters@2020-09-01' = {
name: aksCluster.name
location: resourceGroup().location
tags: tags
sku: {
name: 'Basic'
tier: aksCluster.sla
}
properties: {
kubernetesVersion: aksCluster.kubernetesVersion
addonProfiles: {
omsAgent: {
enabled: aksCluster.logAnalyticsWorkspace.enableContainerMonitoring
config: {
//needs to be set to null, not '', otherwise badRequest error:
logAnalyticsWorkspaceResourceID: aksCluster.logAnalyticsWorkspace.enableContainerMonitoring ? logAnalyticsWorkspace.id : null
}
}
ingressApplicationGateway: {
enabled: !empty(aksCluster.network.ingressApplicationGateway.name)
config: {
//needs to be set to null, not '', otherwise badRequest error:
applicationGatewayId: !empty(aksCluster.network.ingressApplicationGateway.name) ? ingressApplicationGateway.id : null
}
}
}
agentPoolProfiles: [
agentPoolProfiles[0]
]
}
}
To Reproduce
Replace both the 'null'-s in code above to '' and pipeline crashes with BadRequest error.
Additional context
Add any other context about the problem here.
Bicep version
0.4.613 (latest)
Describe the bug
When setting up a template for an existing virtualNetwork resource with subnets as a child resource and a virtualNetworkGateway, deployment wants to delete my existing subnets
"message": "Subnet GatewaySubnet is in use by /subscriptions/XXXX/resourceGroups/XXX-TestRelease/providers/Microsoft.Network/virtualNetworkGateways/VPN-C2C-TestRelease/ipConfigurations/vnetGatewayConfig and cannot be deleted. In order to delete the subnet, delete all the resources within the subnet. See aka.ms/deletesubnet.",
Template
resource vnet 'Microsoft.Network/virtualNetworks@2021-02-01' = {
name: vnetName
location: resourceGroup().location
properties: {
addressSpace: {
addressPrefixes: [
vnetAddressPefix
]
}
subnets:[
{
name: subnetName
properties: {
addressPrefix: vnetSubnetPrefix
privateEndpointNetworkPolicies: 'Enabled'
privateLinkServiceNetworkPolicies: 'Enabled'
}
}
]
dhcpOptions: {
dnsServers: vNetDnsServers
}
}
}
resource vnetGatewaysubnet 'Microsoft.Network/virtualNetworks/subnets@2021-02-01' = {
parent: vnet
name: 'GatewaySubnet'
properties: {
addressPrefix: vnetGatewaySubnetPrefix
privateEndpointNetworkPolicies: 'Enabled'
privateLinkServiceNetworkPolicies: 'Enabled'
}
}
resource virtualNetworkGateway 'Microsoft.Network/virtualNetworkGateways@2021-02-01' = {
name: gatewayName
location: resourceGroup().location
properties: {
ipConfigurations: [
{
name: 'vnetGatewayConfig'
properties: {
privateIPAllocationMethod: 'Dynamic'
subnet: {
id: vnetGatewaysubnet.id
}
publicIPAddress: {
id: publicIP.id
}
}
}
]
sku: {
name: gatewaySku
tier: gatewaySku
}
vpnClientConfiguration: {
vpnClientAddressPool: {
addressPrefixes: [
PointToSiteAddressSpace
]
}
vpnClientProtocols: [
'SSTP'
]
}
gatewayType: 'Vpn'
vpnType: 'RouteBased'
enableBgp: false
}
dependsOn: [
vnet
]
}
To Reproduce
Additional context
Is it possible to retain the property description from the specification when a property is marked as "any"? Right now, they get a description of "Any object" but it might be more helpful to pass on the original description. For example, the mainTemplate property on Microsoft.Resources/templateSpecs/versions would get "The main Azure Resource Manager template content."
Bicep version
0.4.1008
Describe the bug
Resource type 'Microsoft.Web/serverfarms/firstPartyApps/settings' doesn't have types available
To Reproduce
I need define Geneva configs as below, but get type unavailable. Looks like bicep has no support to Geneva configs
resource antMDSConfigXML 'Microsoft.Web/serverfarms/firstPartyApps/settings@2019-08-01' = {
name: '${aspName}/AntMDS/MdsConfigXml'
location: location
properties: {
firstPartyId: 'AntMDS'
settingName: 'MdsConfigXml'
settingValue: genevaConfig.configXml
}
}
Bicep version
Bicep CLI version 0.5.6 (5f2f88f0f0)
Describe the bug
property CustomMetricsOptedInType can be set in Microsoft.Insights/components@2020-02-02 but it is not documented. Possible values for the property are 'WithDimensions' or 'NoDimensions'.
To Reproduce
Steps to reproduce the behavior:
Additional context
Add any other context about the problem here.
Bicep version
Bicep CLI version 0.4.1008 (223b8d227a)
Describe the bug
Creating a storage account file share and then setting role assignment on the file share (not the storage account) does not target correct "scope". Expected role assignment to scope to the file share
To Reproduce
Bicep file: fileshare-and-permissions.bicep
param storageAccount string
param fileshareName string
@allowed([
'Cool'
'Hot'
'TransactionOptimized'
'Premium'
])
param storageTier string
param quotaInGB int
param permissionRoleGuid string
param groupsOid array
resource stg 'Microsoft.Storage/storageAccounts@2021-08-01' existing = {
name: storageAccount
}
resource fileshare 'Microsoft.Storage/storageAccounts/fileServices/shares@2021-08-01' = {
name: '${stg.name}/default/${fileshareName}'
properties: {
accessTier: storageTier
enabledProtocols:'SMB'
shareQuota: quotaInGB
}
}
resource roleDef 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' existing = {
scope: subscription()
name: permissionRoleGuid
}
resource perms 'Microsoft.Authorization/roleAssignments@2020-08-01-preview' = [for group in groupsOid: {
name: guid(subscription().id,resourceGroup().id, stg.name, fileshareName, group)
scope: fileshare
properties:{
roleDefinitionId: roleDef.id
principalId: group
}
}]
$Props = @{
Name = 'File-Share'
ResourceGroupName = "my-rg"
TemplateFile = ".\fileshare-and-permissions.bicep"
storageAccount = "mystorageacc"
fileshareName = "test"
storageTier = "Hot"
quotaInGB = 5
permissionRoleGuid = "0c867c2a-1d8c-454a-a3db-ab2ea1bdc8bb" # SMB Contributor
groupsOid = ("48477e2b-7ae7-46da-97c0-6690a03c2ce4")
}
New-AzResourceGroupDeployment @Props
Verifying the role assignment in the portal does not show the just added role/assignment.
Running pwsh:
Get-AzRoleAssignment | select displayname, scope | sort scope
Where the green /fileshares/fxprofiles
(created by another ARM template) works as expected.
And the red /shares/test
are created by the above bicep template and does not work.
From this comment: #146 (comment)
Now that we're onboarded to the latest autorest, we have the ability to distinguish between 'closed' & 'open' enums. We should consider supporting this in our type system.
Bicep version
Bicep CLI version 0.4.1124 (66c84c8ee5)
Describe the bug
The schema to save a kusto query as a function can not work. A working payload would look like this:
/sub/123/rg/abc/providers/Microsoft.Insights/components/insights_name/analyticsItems/item
{
"Name": "query",
"Content": "dependencies",
"Properties": {
"functionAlias": "query_alias"
},
"Scope": "Shared",
"Type": "Function"
}
Issue 1: "item" is the hardcoded required name. This prevents it from working in a loop in bicep, because the name property MUST reference the copyIndex() loop. )
Issue 2
The Type and Name properties conflict with name and type. Bicep will request Name to be of correct length: "name/subname", but that is not applicable for "Name"; only for "name".
"Type" is impossible to pass as well; it does not match any schema, etc. When I omit "Type" property, the request fails as well:
The request content was invalid and could not be deserialized: 'Could not find member 'Content' on object of type 'TemplateResource'. Path 'properties.template.resources[0].Content
To Reproduce
resource appInsights 'Microsoft.Insights/components@2020-02-02' = {
name: 'app_insights_for_app'
location: resourceGroup().location
kind: 'web'
properties: {
Application_Type: 'web'
publicNetworkAccessForIngestion: 'Enabled'
publicNetworkAccessForQuery: 'Enabled'
IngestionMode: 'LogAnalytics'
RetentionInDays: 90
Flow_Type: 'Bluefield'
WorkspaceResourceId: '/subscriptions/123/resourcegroups/123/providers/microsoft.operationalinsights/workspaces/log_analytics_workspace_name'
}
resource insights_query_function 'analyticsItems@2015-05-01' = {
name: 'item' // hardcoded, must be "item"; this is the ARM resource name
Name: 'important_function' // This is the user-defined name of the item;
// Intellisense error after bicep build: a member with the name "Name" already exists;
// Additionally: I got error with Name property because "Name" needs equal parts to the type, as in: name/subname.
Content: 'dependencies' // For some reason "Content" also yields intellisense errors after build.
// Template validation failed: Could not find member 'Content' on object of type 'TemplateResource'. Path 'resources[0].Content', line 17, position 16.arm-template (validation)
// This is strange because Content is explicitly mentioned as required in the schema for both arm and bicep: https://docs.microsoft.com/en-us/azure/templates/microsoft.insights/components/analyticsitems?tabs=json
Scope: 'shared'
Properties: {
functionAlias: 'important_function'
}
}
}
// {
// "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
// "contentVersion": "1.0.0.0",
// "metadata": {
// "_generator": {
// "name": "bicep",
// "version": "0.4.1124.51302",
// "templateHash": "6262658167201736790"
// }
// },
// "resources": [
// {
// "type": "microsoft.insights/components/analyticsItems",
// "apiVersion": "2015-05-01",
// "name": "[format('{0}/{1}', 'app_insights_for_app', 'item')]",
// "Name": "important_function",
// "Content": "dependencies",
// "Scope": "shared",
// "Properties": {
// "functionAlias": "important_function"
// },
// "dependsOn": [
// "[resourceId('Microsoft.Insights/components', 'app_insights_for_app')]"
// ]
// },
// {
// "type": "Microsoft.Insights/components",
// "apiVersion": "2020-02-02",
// "name": "app_insights_for_app",
// "location": "[resourceGroup().location]",
// "kind": "web",
// "properties": {
// "Application_Type": "web",
// "publicNetworkAccessForIngestion": "Enabled",
// "publicNetworkAccessForQuery": "Enabled",
// "IngestionMode": "LogAnalytics",
// "RetentionInDays": 90,
// "Flow_Type": "Bluefield",
// "WorkspaceResourceId": "/subscriptions/123/resourcegroups/123/providers/microsoft.operationalinsights/workspaces/log_analytics_workspace_name"
// }
// }
// ]
// }
Additional context
Add any other context about the problem here.
I would love the ability to consume resource types that are in private preview. This would help test this experience before types move to public preview.
https://github.com/Azure/bicep-types-az/blob/main/generated/web/log.out
WARNING: Skipping path '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/host/default/{keyType}/{keyName}': Parameter reference {keyType} is not defined as an enum
WARNING: Skipping path '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/migrate': Found mismatch betwen type segments (2) and name segments (1)
WARNING: Skipping path '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/slots/{slot}/host/default/{keyType}/{keyName}': Parameter reference {keyType} is not defined as an enum
WARNING: Skipping resource type Microsoft.Web/sites/basicPublishingCredentialsPolicies under path '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/basicPublishingCredentialsPolicies/ftp': Found multiple definitions for the same type
WARNING: Skipping resource type Microsoft.Web/sites/config under path '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/config/appsettings': Found multiple definitions for the same type
WARNING: Skipping resource type Microsoft.Web/sites/siteextensions under path '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/siteextensions/{siteExtensionId}': No resource body defined
WARNING: Skipping resource type Microsoft.Web/sites/slots/config under path '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/slots/{slot}/config/appsettings': Found multiple definitions for the same type
WARNING: Skipping resource type Microsoft.Web/sites/slots/siteextensions under path '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/slots/{slot}/siteextensions/{siteExtensionId}': No resource body defined
WARNING: Skipping resource type Microsoft.Web/staticSites/customDomains under path '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/staticSites/{name}/customDomains/{domainName}': No resource body defined
I was going through the types for an unrelated reason and noticed that some of the types are sometimes duplicated even though the summary is identical.
For example in the file https://github.com/Azure/bicep-types-az/blob/235fdc3343b678a8f2b1d9da60ea7af16c8f2f41/generated/web/microsoft.web/2015-08-01-preview/types.md, you can see the Dictionary<string, String> type several times in the summary:
Bicep version
Bicep CLI version 0.3.255
Describe the bug
I'm trying to create an automation account + runbook + schedules + link runbook and schedules. Every thing goes well but when I add automationAccounts/jobSchedules resource, I get a 404 error:
Here is the bicep file, that works perfect except when I add the jobSchedules resource:
https://raw.githubusercontent.com/joanteixi/az-bicep/master/start-stop-vm/automation.bicep
Thanks!
There are a few swagger resources with no body defined - for example:
bicep-types-az/generated/managementgroups/log.out
Lines 10 to 21 in 23e7ac5
We should generate Bicep types for these resources with just id
, name
, type
& apiVersion
defined, and continue to raise a warning.
Type generation for models under the web
path has failed for a couple months:
The error message indicates that multiple operations accept both form-encoded and JSON requests, which autorest/modelerfour considers incompatible as of Azure/autorest#4405.
https://github.com/Azure/bicep-types-az/runs/2587399850?check_suite_focus=true
Error message:
Error [ERR_REQUIRE_ESM]: Must use import to load ES Module: /home/runner/work/bicep-types-az/bicep-types-az/src/generator/node_modules/strip-ansi/index.js
require() of ES modules is not supported.
require() of /home/runner/work/bicep-types-az/bicep-types-az/src/generator/node_modules/strip-ansi/index.js from /home/runner/work/bicep-types-az/bicep-types-az/src/generator/cmd/generate.ts is an ES module file as it is a .js file whose nearest parent package.json contains "type": "module" which defines all .js files in that package scope as ES modules.
Instead rename index.js to end in .cjs, change the requiring code to use import(), or remove "type": "module" from /home/runner/work/bicep-types-az/bicep-types-az/src/generator/node_modules/strip-ansi/package.json.
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1080:13)
at Module.load (internal/modules/cjs/loader.js:928:32)
at Function.Module._load (internal/modules/cjs/loader.js:769:14)
at Module.require (internal/modules/cjs/loader.js:952:19)
at require (internal/modules/cjs/helpers.js:88:18)
at Object.<anonymous> (/home/runner/work/bicep-types-az/bicep-types-az/src/generator/cmd/generate.ts:8:1)
at Module._compile (internal/modules/cjs/loader.js:1063:30)
at Module.m._compile (/home/runner/work/bicep-types-az/bicep-types-az/src/generator/node_modules/ts-node/src/index.ts:1056:23)
at Module._extensions..js (internal/modules/cjs/loader.js:1092:10)
at Object.require.extensions.<computed> [as .ts] (/home/runner/work/bicep-types-az/bicep-types-az/src/generator/node_modules/ts-node/src/index.ts:1059:12)
It would be nice to ensure that a given type change won't regress diagnostics - to be able to take a snapshot of diagnostics using the quickstarts repo comparing the 'existing' and 'new' behavior on any PR which changes the generated types.
There's no straightforward way to review the logs written during type generation, because versioning and timing is logged, causing a diff in every file (example screenshot below).
We should write the logs in a structured manner - to display the following, so that the PR can be assessed for impact:
We should then be able to generate a summary description for each PR.
x-ms-identifiers
Indicates the identifying property for objects in arrays
"myArrayProperty":โฏ{
"type":"array",
"items":โฏ{
"$ref":"#/definitions/Example"
},
"x-ms-identifiers":โฏ["itemName"]
}
Bicep version
Bicep CLI version 0.4.1318 (ee0d808f35)
Describe the bug
The API is not idempotent. You can create the resource the first time but when trying to reapply you get:
Status Message: Etag value required for update operation of report: test1.Please get the latest to avoid overwrite. (Request ID: 37dfcd1f-b755-45a0-bcd4-80eb27347b73) (Code:400)
if you try to add
etag: '*'
at the same level as name you will get error:
To Reproduce
Steps to reproduce the behavior:
targetScope = 'subscription'
resource export 'Microsoft.CostManagement/exports@2021-10-01' = {
name: 'test1'
properties: {
format: 'Csv'
partitionData: false
definition: {
type: 'Usage'
timeframe: 'TheLastBillingMonth'
dataSet: {
granularity: 'Daily'
configuration: null
}
timePeriod: null
}
deliveryInfo: {
destination: {
resourceId: '/subscriptions/<sub id>/resourceGroups/<rg name>/providers/Microsoft.Storage/storageAccounts/<str account name>'
container: 'test'
rootFolderPath: 'test2'
sasToken: null
storageAccount: null
}
}
schedule: {
status: 'Active'
recurrence: 'Monthly'
recurrencePeriod: {
from: '2022-04-06T00:00:00Z'
to: '2022-05-01T00:00:00Z'
}
}
}
}
Additional context
Add any other context about the problem here.
Bicep version
0.4.1
Describe the bug
The property "metadata" is not allowed on objects of type "SiteConfig".
To Reproduce
resource site 'Microsoft.Web/sites@2021-01-01' = {
name: 'site'
location: 'west europe'
kind: 'app'
properties: {
enabled: true
siteConfig: {
metadata: [
{
name: 'CURRENT_STACK'
value: 'dotnetcore'
}
]
}
}
}
It compiles and works but it does give a warning: Warning BCP037
Message when deploying to Azure: "Parameter publicCertificateEnv is null or empty."
When adding property to resource in Bicep file I get the following error: "The property "publicCertificateEnv" is not allowed on objects of type "Microsoft.Web/sites/publicCertificates"
Bicep version
Bicep CLI version 0.4.1124 (66c84c8ee5)
Describe the bug
I'm creating log analytics schedulded query rules (Log Alerts V2) in a for loop. I've made a template for this and are providing the necessary parameters through a json datafile. All query rules are defined there. There are 72 items in there. When I run the for loop, nothing happens. No deployment starts in Azure, I only get there errors:
To Reproduce
Create 'Microsoft.Insights/scheduledQueryRules@2021-08-01' in a loop with more then 66 items and the deployment will fail.
There no parent loops or anything like that, this code is only being run ONCE.
Additional context
Log Alert V2 definition:
resource logAlerts 'Microsoft.Insights/scheduledQueryRules@2021-08-01' = [for logAlert in logAlertsArray: {
name: logAlert.alertName
location: resourceGroup().location
kind: 'LogAlert'
properties:{
displayName: logAlert.alertName
description: logAlert.alertDescription
severity: logAlert.alertSeverity
enabled: logAlert.isEnabled
evaluationFrequency: logAlert.frequencyInMinutes
windowSize: logAlert.timeWindowInMinutes
autoMitigate: logAlert.autoMitigate
criteria:{
allOf:[
{
metricName: logAlert.alertName
operator: logAlert.operator
threshold: logAlert.threshold
timeAggregation: logAlert.timeAggregation
metricMeasureColumn: logAlert.metricMeasureColumn
dimensions: [
{
name: logAlert.dimensionsName
operator: logAlert.dimensionsOperator
values: logAlert.dimensionsValues
}
]
query: logAlert.query
failingPeriods:{
numberOfEvaluationPeriods: logAlert.numberOfEvaluationPeriods
minFailingPeriodsToAlert: logAlert.minFailingPeriodsToAlert
}
}
]
}
scopes:[
loganalyticsworkspace.id
]
actions:{
actionGroups:[
actiongroup.id
]
}
}
}]
One of my data items (of which I have 72)
{
"alertName": "IIS_Server_Services",
"alertDescription": "IIS_Server_Service_Stopped",
"query": "let Windows_Service_Names = dynamic(['IISADMIN','W3svc']); ConfigurationData | where SvcName in (Windows_Service_Names) and SvcState == \"Stopped\" and SvcStartupType == \"Auto\"",
"frequencyInMinutes": "PT5M",
"timeWindowInMinutes": "PT5M",
"operator": "GreaterThan",
"threshold": 0,
"alertSeverity": 2,
"autoMitigate": true,
"numberOfEvaluationPeriods": 1,
"minFailingPeriodsToAlert": 1,
"timeAggregation": "Count",
"metricMeasureColumn": "",
"dimensionsName": "Computer",
"dimensionsOperator": "Include",
"dimensionsValues" : ["*"],
"isEnabled": false
},
Created from comment on #436.
Bicep version
v0.4.1124
Describe the bug
Warning in VSC:
The property "retentionDays" is not allowed on objects of type "ManagedInstanceVulnerabilityAssessmentProperties". Permissible properties include "storageContainerSasKey". If this is an inaccuracy in the documentation, please report it to the Bicep Team.
To Reproduce
Create the following vulnerabilityAssessment object in bicep. The warning will appear.
// Vulnerability Assessments at SQL Server Level
resource vulnerabilityAssessment 'Microsoft.Sql/managedInstances/vulnerabilityAssessments@2021-05-01-preview' = if (sqlManagedInstance.advancedThreatProtection.enabled && (!empty(sqlManagedInstance.advancedThreatProtection.vulnerabilityAssessmentScans.storageAccount.name))) {
name: '${sqlManagedInstanceRes.name}/Default'
properties: {
recurringScans: {
isEnabled: sqlManagedInstance.advancedThreatProtection.vulnerabilityAssessmentScans.recurringScans
emailSubscriptionAdmins: sqlManagedInstance.advancedThreatProtection.vulnerabilityAssessmentScans.emailSubscriptionAdmins
emails: sqlManagedInstance.advancedThreatProtection.vulnerabilityAssessmentScans.emails
}
storageContainerPath: !empty(sqlManagedInstance.advancedThreatProtection.vulnerabilityAssessmentScans.storageAccount.name) ? container.name : ''
storageAccountAccessKey: !empty(sqlManagedInstance.advancedThreatProtection.vulnerabilityAssessmentScans.storageAccount.name) ? storageAccount.listKeys().keys[0].value : ''
retentionDays: !empty(sqlManagedInstance.advancedThreatProtection.vulnerabilityAssessmentScans.storageAccount.name) ? sqlManagedInstance.advancedThreatProtection.vulnerabilityAssessmentScans.retentionDays : 0
}
}
Additional context
N/A
No idea and bit of a shot in the dark but was working on a PR for bicep examples referencing a quickstart web app loganalytics and am getting errors on missing types. Specifically Microsoft.Web/sites/config@2020-06-01 and Microsoft.Web/sites/siteextensions@2020-06-01. See the errors when compiling on bicep but noticed it is pulling the module definitions from this repo so not sure if this is the right spot or not.
bicep-types-az/generated/storage/log.out
Line 12 in b609d7d
Reported under Azure/bicep#784 (comment)
Bicep Code
resource hPool 'Microsoft.DesktopVirtualization/hostPools@2021-07-12' existing = {
name: hostPoolName
}
output token string = hPool.properties.registrationInfo.token
Affected Resource
Microsoft.DesktopVirtualization/hostPools@2021-07-12
Expected Behaviour
The value of hPool.properties.registrationinfo.token should be a valid registration token.
Actual Behaviour
New-AzResourceGroupDeployment : 1:00:13 PM - The deployment 'test' failed with error(s). Showing 1 out of 1 error(s).
Status Message: The template output 'token' is not valid: The language expression property 'token' can't be evaluated..
(Code:DeploymentOutputEvaluationFailed)
CorrelationId: 458cdda3-72f6-4200-8023-ddf21a786c4b
At line:1 char:1
+ CategoryInfo : NotSpecified: (:) [New-AzResourceGroupDeployment], Exception
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
Steps to reproduce
New-AzResourceGroupDeployment -ResourceGroupName <> -TemplateFile main.bicep
The token is no longer accessible. Without the token, we can't add hosts to the host pool.
I'm just looking at the ObjectPropertyFlags
on various types and I feel like most of them are relatively self-explanatory (although if you've got time I'd love a description of all of them), but I'm curious about DeployTimeConstant
-- what does that signify?
For reference I'm talking about this enum:
bicep-types-az/src/Bicep.SerializedTypes/Concrete/ObjectType.cs
Lines 17 to 29 in 4148b8d
Bicep version
Bicep CLI version 0.4.1008 (223b8d227a)
Describe the bug
Portal uses PATCH https://management.azure.com/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.RecoveryServices/vaults/xxx/monitoringConfigurations/notificationConfiguration?api-version=2017-07-01-preview
to update Azure backup notification settings. That type is missing from Bicep resources, API documentation, and even on azure-rest-api-specs
To Reproduce
Here we have some descriptions with value set to ""
(empty string), meaning Bicep displays them as empty lines. We should normalize these to null
so that Bicep does not display them:
bicep-types-az/generated/cosmos-db/log.out
Lines 1 to 18 in ac67411
From Azure/bicep#1936 (comment)
Something strange has happened during type generation for this property - I'll need to look into that in more detail:
Microsoft.ContainerService/managedClusters@2021-02-01 -> properties -> identityProfile -> dictionary of this strangely-named type
Seems like object types are somehow getting mixed up during generation
Some examples of types we're missing as they are non-PUTable:
I want to be able to export a dashboard from the azure portal, run bicep decompile
on it.
Right now decompile doesn't map the lenses
array to proper bicep:
Input:
"resources": [
{
"properties": {
"lenses": {
"0": {
"order": 0,
"parts": {
"0": {
"position": {
"x": 0,
"y": 0,
"rowSpan": 2,
"colSpan": 3
},
"metadata": {
"inputs": [],
"type": "Extension[azure]/HubsExtension/PartType/MarkdownPart",
"settings": {
"content": {
"settings": {
"content": "## Azure Virtual Machines Overview\r\nNew team members should watch this video to get familiar with Azure Virtual Machines.",
"title": "",
"subtitle": ""
}
}
}
}
},
Output
properties: {
lenses: {
'0': {
order: 0
parts: {
'0': {
position: {
x: 0
y: 0
rowSpan: 2
colSpan: 3
}
metadata: {
inputs: []
type: 'Extension[azure]/HubsExtension/PartType/MarkdownPart'
settings: {
content: {
settings: {
content: '## Azure Virtual Machines Overview\r\nNew team members should watch this video to get familiar with Azure Virtual Machines.'
title: ''
subtitle: ''
}
}
}
}
}
'1': {
Which isnt valid bicep.
Bicep version
Bicep CLI version 0.4.613 (d826ce8411)
Describe the bug
After running the command "az bicep decompile" I am running into this issue for the Microsoft.Web/serverfarms
To Reproduce
Here is the section of ARM template that fails (Gives a warning).
{
"type": "Microsoft.Web/serverfarms/firstPartyApps/settings",
"name": "[concat(parameters('appServicePlanName'), 'blah')]",
"apiVersion": "2020-12-01",
"location": "[variables('siteLocation')]",
"dependsOn": [
"[resourceId('Microsoft.Web/serverfarms', parameters('appServicePlanName'))]"
]
}
Type generation has failed for models under the securityinsights
path for the past several months:
Generation fails with the error, TypeError: Cannot set properties of undefined (setting 'indicator')
. Debugging indicates that this error is thrown from https://github.com/Azure/bicep-types-az/blob/main/src/autorest.bicep/src/type-generator.ts#L410 when processing the ThreatIntelligenceInformation
shape.
Bicep version
Bicep CLI version 0.5.6 (5f2f88f0f0)
Describe the bug
The property IgnoreHttpsStatusCode documented here https://docs.microsoft.com/en-us/azure/templates/microsoft.insights/2018-05-01-preview/webtests?tabs=bicep has typo. The actual property is IgnoreHttpStatusCode instead of IgnoreHttpsStatusCode. There is extra character s after Http. So when you use it in Bicep template the actual property value will not be applied as such property does not exists and you have to add the property as IgnoreHttpStatusCode in order to apply it.
This might be a duplicate of #203.
I am noticing that any properties marked as WriteOnly are missing the description. You can notice it in Machine Learning Services.
Bicep version
v0.4.1008
Describe the bug
When using the etag property in a savedSearch Bicep Template, the following message appears:
The property "etag" is not allowed on objects of type "SavedSearchProperties".
Permissible properties include "functionAlias", "functionParameters", "tags", "version".
If this is an inaccuracy in the documentation, please report it to the Bicep Team.
The etag property shouldn't produce this response when used under properties of a savedSearch Bicep Template.
To Reproduce
Steps to reproduce the behavior:
Attempt to use the etag property in a savedSearch Bicep Template (in Visual Studio Code) as shown in the example below:
/*
Template: logAnalyticsSavedSearches.bicep
*/
// Standard Parameters.
param logSavedSearchName string
param logWorkspaceName string
param logSavedSearchCategory string
param logSavedSearchDisplayName string
param logSavedSearchQuery string
// Log Analytics Saved Search Template.
resource logAnalyticsSavedSearch 'Microsoft.OperationalInsights/workspaces/savedSearches@2020-08-01' = {
name: '${logWorkspaceName}/${logSavedSearchName}'
properties: {
etag: '*'
category: logSavedSearchCategory
displayName: logSavedSearchDisplayName
query: logSavedSearchQuery
}
}
Additional context
The Template will deploy successfully, but will return the following warning:
Warning BCP037: The property "etag" is not allowed on objects of type "SavedSearchProperties".
Permissible properties include "functionAlias", "functionParameters", "tags", "version".
Additionally, the Official Documentation in the link below reflects incorrectly the location of where to use the etag property. It has it shown in use in the root of the resource instead of under properties.
Bicep version
Bicep CLI version 0.4.613 (d826ce8411)
Describe the bug
My project is having below structure.
Modules/
publicipPrefix.bicep
publicip.bicep
aks.bicep
Main.bicep
All the modules returns the resourceId
In the Main.bicep file, I use publicipPrefix Module to create a publicipPrefix.
Then From the main.bicep file, Module aks is invoked with publicipPrefix as one parameter.
Then in the AKS Module, PublicIp.bicep module is invoked by passing the publicipPrefix as the parameter again. The publicip Module returns the Id of the created PublicIp
Then when the Output of this publicip Module is used in aks resource( as the Outbound IP) deploy Fails with a Bad Request from the Azure API.
To Reproduce
Steps to reproduce the behavior:
publicipPrefix.bicep
resource pipPrefix 'Microsoft.Network/publicIPPrefixes@2021-02-01' = {
..
..
..
}
output id string = pipPrefix.id
publicp.bicep
param pipPrefixId string
resource pip 'Microsoft.Network/publicIPAddresses@2021-02-01' = {
..
properties:{
publicIPPrefix:{
id: pipPrefixId
}
..
}
}
output id string = pip.id
AKS.bicep
param pipPrefixId string
..
// Call pip Module to create PIP
module publicIp 'pip.bicep' ={
..
params: {
..
pipPrefixId: pipPrefixId
..
}
}
resource aksCluster 'Microsoft.ContainerService/managedClusters@2021-03-01' = {
..
..
..
..
networkProfile:{
networkPlugin: 'azure'
networkPolicy: 'calico'
loadBalancerProfile:{
idleTimeoutInMinutes: 5
outboundIPs:{
publicIPs:[
{
id: publicIp.outputs.id
}
]
}
effectiveOutboundIPs:[
{
id: publicIp.outputs.id
}
]
..
..
..
..
}
Main.bicep
module pipPrefix 'modules/pipPrefix.bicep' = {
..
..
..
..
}
module aks 'modules/akscluster.bicep' = {
scope: rg
name: clusterName
params: {
..
pipPrefixId: pipPrefix.outputs.id
..
}
..
}
If we deploy the main.bicep, Works without any error. But the following error occurs.
{"status":"Failed","error":{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"BadRequest","message":"{\r\n \"error\": {\r\n \"code\": \"InvalidTemplateDeployment\",\r\n \"message\": \"The template deployment 'midhun-dev-aks' is not valid according to the validation procedure. The tracking id is '7e29d41f-8596-44a0-bfbe-83f790082850'. See inner errors for details.\",\r\n \"details\": [\r\n {\r\n \"code\": \"IPParseError\",\r\n \"message\": \"Provisioning of resource(s) for container service midhun-dev-aks in resource group midhun-m-dev-rg failed. Message: {\\n \\\"code\\\": \\\"IPParseError\\\",\\n \\\"message\\\": \\\"Error parsing provided IP of [reference(resourceId('Microsoft.Resources/deployments', format('{0}-pip', parameters('name'))), '2019-10-01').outputs.id.value]. Error parsing failed for [reference(resourceId('Microsoft.Resources/deployments', format('{0}-pip', parameters('name'))), '2019-10-01').outputs.id.value]. Invalid resource Id format\\\",\\n \\\"target\\\": \\\"networkProfile.loadBalancerProfile.outboundIPs\\\"\\n }. Details: \"\r\n }\r\n ]\r\n }\r\n}"}]}}
Ran bicep build on the Main file.
The problematic part looks as below in the JSON.
"loadBalancerProfile": {
"idleTimeoutInMinutes": 5,
"outboundIPs": {
"publicIPs": [
{
"id": "[reference(resourceId('Microsoft.Resources/deployments', format('{0}-pip', parameters('name'))), '2019-10-01').outputs.id.value]"
}
]
}
},
Additional context
Tried Hardcoding the resourceId of publicIp in aks outboundips.publicips section and that worked perfectly.
I have created Migration Project and Migration ServiceTask through bicep and i am able to see the Migration Project in Azure portal after creation but not able to see Migration ServiceTask after creation, but data migration is taking place for MySQL, so is there any way to see the created Migration ServiceTask in Azure Portal?
I'm trying to create a resource of type Microsoft.Web/sites/config@2021-02-01
with the name 'appsettings'
The problem is that for properties i need to send them with the type StringDictionaryProperties.
How can i build a variable using that type? I cannot find that documentation anywhere.
Copying text from Azure/bicep#784 (comment).
in resource 'Microsoft.DataFactory/factories/pipelines@2018-06-01', when making an activity, Bicep doesn't recognize type: 'DatabricksSparkJar'.
Thanks for reporting! I think this is an issue with the type generation.
Some notes for myself for later:
TheDatabricksSparkJar
swagger definition has two base classes,Execution
->Activity
. Bicep's type system has no way of representing this, so we'd need to copy the properties fromExecution
onto theDatabricksSparkJar
definition when generating types. This happens here in the code (can stick a breakpoint oncombinedSubType.discriminatorValue == 'DatabricksSparkJar'
.
Bicep version
Bicep CLI version 0.4.1124 (66c84c8ee5)
Describe the bug
According to https://docs.microsoft.com/en-us/azure/logic-apps/create-managed-service-identity?tabs=consumption#arm-template-for-managed-connections-and-managed-identities-consumption, I should be able to set parameterValueType to Alternative. So IMO following code should work:
param api_connection_sql_name string = 'sql'
param api_connection_sql_name_suffix string = '1'
param azure_sql_database string = 'cost-management'
param azure_subscription string = 'xxxxx-xxxx-xxxx-xxxx-xxxx'
param azure_region string = 'westeurope'
resource ApiConnectionSQL 'Microsoft.Web/connections@2016-06-01' = {
name: '${api_connection_sql_name}-${api_connection_sql_name_suffix}'
location: resourceGroup().location
properties: {
displayName: '${azure_sql_database}-${api_connection_sql_name}-db'
api: {
name: api_connection_sql_name
displayName: 'SQL Server'
iconUri: 'https://connectoricons-prod.azureedge.net/laborbol/patches/1520/${api_connection_sql_name}-mi/1.0.1520.2572/${api_connection_sql_name}/icon.png'
brandColor: '#ba141a'
id: '/subscriptions/${azure_subscription}/providers/Microsoft.Web/locations/${azure_region}/managedApis/${api_connection_sql_name}'
type: 'Microsoft.Web/locations/managedApis'
}
**parameterValueType: 'Alternative'**
customParameterValues: {}
}
}
However, Intellisense (in VS Code) shows yellow squiggly and if I try to deploy template, I get following:
C:\repos\ApiConnectionSQL.bicep(20,5) : Warning BCP037: The property "parameterValueType" is not allowed on objects of type "ApiConnectionDefinitionProperties". Permissible properties include "changedTime", "createdTime", "nonSecretParameterValues", "parameterValues", "statuses", "testLinks". If this is an inaccuracy in the documentation, please report it to the Bicep Team. [https://aka.ms/bicep-type-issues]
{"status":"Failed","error":{"code":"DeploymentFailed","message":"At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.","details":[{"code":"BadRequest","message":"{\r\n \"error\": {\r\n \"code\": \"InvalidApiConnectionAlternativeParameters\",\r\n \"message\": \"The API connection 'sql-4' has invalid inputs. Parameter value type cannot be set to
'Alternative' because managed identity is not supported in the API definition's connection parameters.\"\r\n }\r\n}"}]}}
Warning implies that parameterValueType is not allowed property (contradicting URL from above). Interesting enough error msg implies that parameterValueType should work BUT can't be set to Alternative.
Looking at https://docs.microsoft.com/en-us/azure/templates/microsoft.web/connections?tabs=bicep, parameterValueType is not listed.
Note that if I create this manually (through Logic App), I can use managed identity and all is good. Now I am trying to build this same logic to Bicep template.
So I am a bit confused, where is the problem and how do I fix it?
To Reproduce
See above
Additional context
Add any other context about the problem here.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.