diff --git a/specification/app/resource-manager/Microsoft.App/preview/2024-10-02-preview/SessionPools.json b/specification/app/resource-manager/Microsoft.App/preview/2024-10-02-preview/SessionPools.json index 80068afa95a0..a38147164519 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2024-10-02-preview/SessionPools.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2024-10-02-preview/SessionPools.json @@ -404,7 +404,7 @@ "description": "Session pool private registry credentials.", "type": "object", "properties": { - "registryServer": { + "server": { "description": "Container registry server.", "type": "string" }, @@ -415,6 +415,10 @@ "passwordSecretRef": { "description": "The name of the secret that contains the registry login password", "type": "string" + }, + "identity": { + "description": "A Managed Identity to use to authenticate with Azure Container Registry. For user-assigned identities, use the full user-assigned identity Resource ID. For system-assigned identities, use 'system'", + "type": "string" } } }, @@ -537,6 +541,10 @@ } ], "properties": { + "identity": { + "description": "Managed identities needed by a session pool to interact with other Azure services to not maintain any secrets or credentials in code.", + "$ref": "../../../../../common-types/resource-management/v5/managedidentity.json#/definitions/ManagedServiceIdentity" + }, "properties": { "description": "Container App session pool resource specific properties", "type": "object", @@ -634,16 +642,56 @@ "name": "SessionPoolProvisioningState", "modelAsString": true } + }, + "managedIdentitySettings": { + "description": "Optional settings for a Managed Identity that is assigned to the Session pool.", + "type": "array", + "items": { + "$ref": "#/definitions/ManagedIdentitySetting" + }, + "x-ms-identifiers": [ + "identity" + ] } }, "x-ms-client-flatten": true } } }, + "ManagedIdentitySetting": { + "description": "Optional settings for a Managed Identity that is assigned to the Session pool.", + "type": "object", + "required": [ + "identity" + ], + "properties": { + "identity": { + "description": "The resource ID of a user-assigned managed identity that is assigned to the Session Pool, or 'system' for system-assigned identity.", + "type": "string" + }, + "lifecycle": { + "description": "Use to select the lifecycle stages of a Session Pool during which the Managed Identity should be available.", + "enum": [ + "None", + "Main" + ], + "type": "string", + "default": "None", + "x-ms-enum": { + "name": "IdentitySettingsLifeCycle", + "modelAsString": true + } + } + } + }, "SessionPoolUpdatableProperties": { "description": "Container App session pool updatable properties.", "type": "object", "properties": { + "identity": { + "description": "Managed identities needed by a session pool to interact with other Azure services to not maintain any secrets or credentials in code.", + "$ref": "../../../../../common-types/resource-management/v5/managedidentity.json#/definitions/ManagedServiceIdentity" + }, "properties": { "description": "Session pool resource specific updatable properties.", "type": "object", @@ -702,4 +750,3 @@ } } } - diff --git a/specification/app/resource-manager/Microsoft.App/preview/2024-10-02-preview/examples/SessionPools_CreateOrUpdate.json b/specification/app/resource-manager/Microsoft.App/preview/2024-10-02-preview/examples/SessionPools_CreateOrUpdate.json index d6b685a338dd..4cb24e91786a 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2024-10-02-preview/examples/SessionPools_CreateOrUpdate.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2024-10-02-preview/examples/SessionPools_CreateOrUpdate.json @@ -6,6 +6,9 @@ "api-version": "2024-10-02-preview", "sessionPoolEnvelope": { "location": "East US", + "identity": { + "type": "SystemAssigned" + }, "properties": { "environmentId": "/subscriptions/34adfa4f-cedf-4dc0-ba29-b6d1a69ab345/resourceGroups/rg/providers/Microsoft.App/managedEnvironments/demokube", "poolManagementType": "Dynamic", @@ -38,11 +41,21 @@ ], "ingress": { "targetPort": 80 + }, + "registryCredentials": { + "server": "test.azurecr.io", + "identity": "/subscriptions/7a497526-bb8d-4816-9795-db1418a1f977/resourcegroups/test/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testSP" } }, "sessionNetworkConfiguration": { "status": "EgressEnabled" - } + }, + "managedIdentitySettings": [ + { + "identity": "system", + "lifecycle": "Main" + } + ] } } }, @@ -88,12 +101,21 @@ ], "ingress": { "targetPort": 80 + }, + "registryCredentials": { + "server": "test.azurecr.io", + "identity": "/subscriptions/7a497526-bb8d-4816-9795-db1418a1f977/resourcegroups/test/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testSP" } }, "sessionNetworkConfiguration": { "status": "EgressEnabled" }, "poolManagementEndpoint": "https://testsessionpool.agreeableriver-3d30edf1.eastus.azurecontainerapps.io" + }, + "identity": { + "type": "SystemAssigned", + "principalId": "bce8c037-3d10-44a4-a970-25f799611fc6", + "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47" } } }, @@ -137,15 +159,29 @@ ], "ingress": { "targetPort": 80 + }, + "registryCredentials": { + "server": "test.azurecr.io", + "identity": "/subscriptions/7a497526-bb8d-4816-9795-db1418a1f977/resourcegroups/test/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testSP" } }, "sessionNetworkConfiguration": { "status": "EgressEnabled" }, - "poolManagementEndpoint": "https://testsessionpool.agreeableriver-3d30edf1.eastus.azurecontainerapps.io" + "poolManagementEndpoint": "https://testsessionpool.agreeableriver-3d30edf1.eastus.azurecontainerapps.io", + "managedIdentitySettings": [ + { + "identity": "system", + "lifecycle": "Main" + } + ] + }, + "identity": { + "type": "SystemAssigned", + "principalId": "bce8c037-3d10-44a4-a970-25f799611fc6", + "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47" } } } } } - diff --git a/specification/app/resource-manager/Microsoft.App/preview/2024-10-02-preview/examples/SessionPools_Get.json b/specification/app/resource-manager/Microsoft.App/preview/2024-10-02-preview/examples/SessionPools_Get.json index e2cb78fcef03..2ae1d79b3996 100644 --- a/specification/app/resource-manager/Microsoft.App/preview/2024-10-02-preview/examples/SessionPools_Get.json +++ b/specification/app/resource-manager/Microsoft.App/preview/2024-10-02-preview/examples/SessionPools_Get.json @@ -47,15 +47,29 @@ ], "ingress": { "targetPort": 80 + }, + "registryCredentials": { + "server": "test.azurecr.io", + "identity": "/subscriptions/7a497526-bb8d-4816-9795-db1418a1f977/resourcegroups/test/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testSP" } }, "sessionNetworkConfiguration": { "status": "EgressEnabled" }, + "managedIdentitySettings": [ + { + "identity": "system", + "lifecycle": "Main" + } + ], "poolManagementEndpoint": "https://testsessionpool.agreeableriver-3d30edf1.eastus.azurecontainerapps.io" + }, + "identity": { + "type": "SystemAssigned", + "principalId": "bce8c037-3d10-44a4-a970-25f799611fc6", + "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47" } } } } } - diff --git a/specification/app/resource-manager/readme.md b/specification/app/resource-manager/readme.md index 90a015794355..83bdad4cc06f 100644 --- a/specification/app/resource-manager/readme.md +++ b/specification/app/resource-manager/readme.md @@ -67,6 +67,11 @@ input-file: - Microsoft.App/preview/2024-10-02-preview/SourceControls.json - Microsoft.App/preview/2024-10-02-preview/Subscriptions.json - Microsoft.App/preview/2024-10-02-preview/Usages.json +directive: + - suppress: PatchBodyParametersSchema + from: SessionPools.json + reason: | + Session Pool is using componentType as the discriminator. While the discriminator is a required property, this rule prevent it being present in the patch request body. ``` ### Tag: package-preview-2024-08