From 79d2cff528e147372fcda99628febf200b443411 Mon Sep 17 00:00:00 2001 From: Jon Gallant <2163001+jongio@users.noreply.github.com> Date: Wed, 1 Nov 2023 16:56:06 -0700 Subject: [PATCH 1/3] avm1 --- infra/main.bicep | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/infra/main.bicep b/infra/main.bicep index 9c08bbd..3846f8b 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -126,14 +126,31 @@ module appServicePlan './core/host/appserviceplan.bicep' = { } // Store secrets in a keyvault -module keyVault './core/security/keyvault.bicep' = { +// module keyVault './core/security/keyvault.bicep' = { +// name: 'keyvault' +// scope: rg +// params: { +// name: !empty(keyVaultName) ? keyVaultName : '${abbrs.keyVaultVaults}${resourceToken}' +// location: location +// tags: tags +// principalId: principalId +// } +// } + +module keyVault 'br/public:avm-res-keyvault-vault:1.0.0' = { name: 'keyvault' scope: rg params: { name: !empty(keyVaultName) ? keyVaultName : '${abbrs.keyVaultVaults}${resourceToken}' location: location tags: tags - principalId: principalId + rolesAssignments: !empty(principalId) ? [ + { + principalId: principalId + principalType: 'User' + roleDefinitionIdOrName: '4633458b-17de-408a-b874-0445c86b69e6' + } + ] : [] } } @@ -184,7 +201,7 @@ output AZURE_COSMOS_DATABASE_NAME string = cosmos.outputs.databaseName // App outputs output APPLICATIONINSIGHTS_CONNECTION_STRING string = monitoring.outputs.applicationInsightsConnectionString -output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.endpoint +output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.uri output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name output AZURE_LOCATION string = location output AZURE_TENANT_ID string = tenant().tenantId @@ -192,4 +209,4 @@ output REACT_APP_API_BASE_URL string = useAPIM ? apimApi.outputs.SERVICE_API_URI output REACT_APP_APPLICATIONINSIGHTS_CONNECTION_STRING string = monitoring.outputs.applicationInsightsConnectionString output REACT_APP_WEB_BASE_URL string = web.outputs.SERVICE_WEB_URI output USE_APIM bool = useAPIM -output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApi.outputs.SERVICE_API_URI, api.outputs.SERVICE_API_URI ]: [] +output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApi.outputs.SERVICE_API_URI, api.outputs.SERVICE_API_URI ] : [] From 706b8ed69652ba73f906e2ed99f821d81d5d7fb0 Mon Sep 17 00:00:00 2001 From: Jon Gallant <2163001+jongio@users.noreply.github.com> Date: Thu, 2 Nov 2023 11:48:18 -0700 Subject: [PATCH 2/3] version --- infra/main.bicep | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infra/main.bicep b/infra/main.bicep index 3846f8b..015b955 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -137,14 +137,14 @@ module appServicePlan './core/host/appserviceplan.bicep' = { // } // } -module keyVault 'br/public:avm-res-keyvault-vault:1.0.0' = { +module keyVault 'br/public:avm-res-keyvault-vault:0.1.0' = { name: 'keyvault' scope: rg params: { name: !empty(keyVaultName) ? keyVaultName : '${abbrs.keyVaultVaults}${resourceToken}' location: location tags: tags - rolesAssignments: !empty(principalId) ? [ + roleAssignments: !empty(principalId) ? [ { principalId: principalId principalType: 'User' From 7a33929153797e5ce6f181064e3f3ab33b05c66f Mon Sep 17 00:00:00 2001 From: Jon Gallant <2163001+jongio@users.noreply.github.com> Date: Mon, 13 Nov 2023 12:21:50 -0800 Subject: [PATCH 3/3] More avm updates --- infra/main.bicep | 76 ++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 70 insertions(+), 6 deletions(-) diff --git a/infra/main.bicep b/infra/main.bicep index 015b955..d24fc95 100644 --- a/infra/main.bicep +++ b/infra/main.bicep @@ -18,7 +18,7 @@ param applicationInsightsDashboardName string = '' param applicationInsightsName string = '' param appServicePlanName string = '' param cosmosAccountName string = '' -param cosmosDatabaseName string = '' +param cosmosDatabaseName string = 'Todo' param keyVaultName string = '' param logAnalyticsName string = '' param resourceGroupName string = '' @@ -42,6 +42,8 @@ resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { tags: tags } +// TODO: AVM resource group. Don't exist in CARML + // The application frontend module web './app/web.bicep' = { name: 'web' @@ -99,18 +101,80 @@ module apiKeyVaultAccess './core/security/keyvault-access.bicep' = { } // The application database -module cosmos './app/db.bicep' = { - name: 'cosmos' +// module cosmos './app/db.bicep' = { +// name: 'cosmos' +// scope: rg +// params: { +// accountName: !empty(cosmosAccountName) ? cosmosAccountName : '${abbrs.documentDBDatabaseAccounts}${resourceToken}' +// databaseName: cosmosDatabaseName +// location: location +// tags: tags +// keyVaultName: keyVault.outputs.name +// } +// } + +module cosmos 'br/public:storage/cosmos-db:3.0.2' = { scope: rg + name: 'cosmos' params: { - accountName: !empty(cosmosAccountName) ? cosmosAccountName : '${abbrs.documentDBDatabaseAccounts}${resourceToken}' - databaseName: cosmosDatabaseName + backendApi: 'mongodb' + name: !empty(cosmosAccountName) ? cosmosAccountName : '${abbrs.documentDBDatabaseAccounts}${resourceToken}' location: location tags: tags - keyVaultName: keyVault.outputs.name + enableServerless: true + consistencyPolicy: { + defaultConsistencyLevel: 'Session' + } + isZoneRedundant: false + mongoDBServerVersion: '4.2' + + mongodbDatabases: [ + { + name: cosmosDatabaseName + collections: [ + { + name: 'TodoList' + indexes: [ + { + key: { + keys: [ + '_id' + ] + } + options: { + unique: true + } + } + ] + shardKey: { + _id: 'Hash' + } + } + { + name: 'TodoItem' + indexes: [ + { + key: { + keys: [ + '_id' + ] + } + options: { + unique: true + } + } + ] + shardKey: { + _id: 'Hash' + } + } + ] + } + ] } } + // Create an App Service Plan to group applications under the same payment plan and SKU module appServicePlan './core/host/appserviceplan.bicep' = { name: 'appserviceplan'