diff --git a/sdk/provisioning/Azure.Provisioning/api/Azure.Provisioning.net6.0.cs b/sdk/provisioning/Azure.Provisioning/api/Azure.Provisioning.net6.0.cs index 865194e020b2..584053aa2395 100644 --- a/sdk/provisioning/Azure.Provisioning/api/Azure.Provisioning.net6.0.cs +++ b/sdk/provisioning/Azure.Provisioning/api/Azure.Provisioning.net6.0.cs @@ -150,7 +150,7 @@ namespace Azure.Provisioning.KeyVaults { public partial class KeyVault : Azure.Provisioning.Resource { - public KeyVault(Azure.Provisioning.IConstruct scope, string name = "kv", string version = "2023-02-01", Azure.Core.AzureLocation? location = default(Azure.Core.AzureLocation?), Azure.Provisioning.ResourceManager.ResourceGroup? resourceGroup = null) : base (default(Azure.Provisioning.IConstruct), default(Azure.Provisioning.Resource), default(string), default(Azure.Core.ResourceType), default(string), default(System.Func)) { } + public KeyVault(Azure.Provisioning.IConstruct scope, Azure.Provisioning.ResourceManager.ResourceGroup? parent = null, string name = "kv", string version = "2023-02-01", Azure.Core.AzureLocation? location = default(Azure.Core.AzureLocation?)) : base (default(Azure.Provisioning.IConstruct), default(Azure.Provisioning.Resource), default(string), default(Azure.Core.ResourceType), default(string), default(System.Func)) { } public void AddAccessPolicy(Azure.Provisioning.Output output) { } protected override Azure.Provisioning.Resource? FindParentInScope(Azure.Provisioning.IConstruct scope) { throw null; } } diff --git a/sdk/provisioning/Azure.Provisioning/api/Azure.Provisioning.netstandard2.0.cs b/sdk/provisioning/Azure.Provisioning/api/Azure.Provisioning.netstandard2.0.cs index 865194e020b2..584053aa2395 100644 --- a/sdk/provisioning/Azure.Provisioning/api/Azure.Provisioning.netstandard2.0.cs +++ b/sdk/provisioning/Azure.Provisioning/api/Azure.Provisioning.netstandard2.0.cs @@ -150,7 +150,7 @@ namespace Azure.Provisioning.KeyVaults { public partial class KeyVault : Azure.Provisioning.Resource { - public KeyVault(Azure.Provisioning.IConstruct scope, string name = "kv", string version = "2023-02-01", Azure.Core.AzureLocation? location = default(Azure.Core.AzureLocation?), Azure.Provisioning.ResourceManager.ResourceGroup? resourceGroup = null) : base (default(Azure.Provisioning.IConstruct), default(Azure.Provisioning.Resource), default(string), default(Azure.Core.ResourceType), default(string), default(System.Func)) { } + public KeyVault(Azure.Provisioning.IConstruct scope, Azure.Provisioning.ResourceManager.ResourceGroup? parent = null, string name = "kv", string version = "2023-02-01", Azure.Core.AzureLocation? location = default(Azure.Core.AzureLocation?)) : base (default(Azure.Provisioning.IConstruct), default(Azure.Provisioning.Resource), default(string), default(Azure.Core.ResourceType), default(string), default(System.Func)) { } public void AddAccessPolicy(Azure.Provisioning.Output output) { } protected override Azure.Provisioning.Resource? FindParentInScope(Azure.Provisioning.IConstruct scope) { throw null; } } diff --git a/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVault.cs b/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVault.cs index b9636402c17e..df064976fc25 100644 --- a/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVault.cs +++ b/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVault.cs @@ -24,9 +24,9 @@ public class KeyVault : Resource /// The name. /// The version. /// The location. - /// - public KeyVault(IConstruct scope, string name = "kv", string version = "2023-02-01", AzureLocation? location = default, ResourceGroup? resourceGroup = default) - : base(scope, resourceGroup, name, ResourceTypeName, version, (name) => ArmKeyVaultModelFactory.KeyVaultData( + /// + public KeyVault(IConstruct scope, ResourceGroup? parent = default, string name = "kv", string version = "2023-02-01", AzureLocation? location = default) + : base(scope, parent, name, ResourceTypeName, version, (name) => ArmKeyVaultModelFactory.KeyVaultData( name: name, resourceType: ResourceTypeName, location: location ?? Environment.GetEnvironmentVariable("AZURE_LOCATION") ?? AzureLocation.WestUS, @@ -43,8 +43,10 @@ public KeyVault(IConstruct scope, string name = "kv", string version = "2023-02- IdentityAccessSecretPermission.List } }) - } : default))) + } : default, + enableRbacAuthorization: true))) { + AddOutput(kv => kv.Properties.VaultUri, "vaultUri"); } /// diff --git a/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVaultAddAccessPolicy.cs b/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVaultAddAccessPolicy.cs index 4c0365c4938d..025626b98525 100644 --- a/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVaultAddAccessPolicy.cs +++ b/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVaultAddAccessPolicy.cs @@ -51,7 +51,7 @@ private static string GetParamValue(Parameter principalIdParameter, IConstruct s var result = base.FindParentInScope(scope); if (result is null) { - result = scope.GetSingleResource() ?? new KeyVault(scope, "kv"); + result = scope.GetSingleResource() ?? new KeyVault(scope, name: "kv"); } return result; } diff --git a/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVaultExtensions.cs b/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVaultExtensions.cs index ddb6582902af..dc7a06127e1a 100644 --- a/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVaultExtensions.cs +++ b/sdk/provisioning/Azure.Provisioning/src/keyvault/KeyVaultExtensions.cs @@ -20,7 +20,7 @@ public static class KeyVaultExtensions /// public static KeyVault AddKeyVault(this IConstruct construct, ResourceGroup? resourceGroup = null, string name = "kv") { - return new KeyVault(construct, name, resourceGroup: resourceGroup); + return new KeyVault(construct, name: name, parent: resourceGroup); } /// diff --git a/sdk/provisioning/Azure.Provisioning/tests/ConstructTests.cs b/sdk/provisioning/Azure.Provisioning/tests/ConstructTests.cs index 98c60fa52751..c1080b395e84 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/ConstructTests.cs +++ b/sdk/provisioning/Azure.Provisioning/tests/ConstructTests.cs @@ -144,7 +144,7 @@ public void GetOutputsChildConstructs(bool recursive) rg2.AddOutput(r => r.Location, "location"); // front end website has an output - var expected = recursive ? 3 : 1; + var expected = recursive ? 4 : 2; var outputs = infra.GetOutputs(recursive); Assert.AreEqual(expected, outputs.Count()); diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/main.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/main.bicep index 48ade1109ae9..b76d08995425 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/main.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/main.bicep @@ -49,4 +49,5 @@ module rg3_TEST './resources/rg3_TEST/rg3_TEST.bicep' = { output STORAGE_PRINCIPAL_ID string = rg1_TEST.outputs.STORAGE_PRINCIPAL_ID output LOCATION string = rg1_TEST.outputs.LOCATION +output vaultUri string = rg1_TEST.outputs.vaultUri output SERVICE_API_IDENTITY_PRINCIPAL_ID string = rg3_TEST.outputs.SERVICE_API_IDENTITY_PRINCIPAL_ID diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/resources/rg1_TEST/rg1_TEST.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/resources/rg1_TEST/rg1_TEST.bicep index 666e4f7726ab..ae23b3196cc3 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/resources/rg1_TEST/rg1_TEST.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/OutputsSpanningModules/resources/rg1_TEST/rg1_TEST.bicep @@ -55,6 +55,7 @@ resource keyVault_BRsYQF4qT 'Microsoft.KeyVault/vaults@2023-02-01' = { name: 'standard' family: 'A' } + enableRbacAuthorization: true } } @@ -79,3 +80,4 @@ resource keyVaultAddAccessPolicy_lQ2z7dHpX 'Microsoft.KeyVault/vaults/accessPoli output STORAGE_PRINCIPAL_ID string = webSite_dOTaZfna6.identity.principalId output LOCATION string = webSite_dOTaZfna6.location +output vaultUri string = keyVault_BRsYQF4qT.properties.vaultUri diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL1/main.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL1/main.bicep index 8ab036a1810a..de707f7ec8ff 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL1/main.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL1/main.bicep @@ -28,3 +28,4 @@ module rg_TEST './resources/rg_TEST/rg_TEST.bicep' = { } output SERVICE_API_IDENTITY_PRINCIPAL_ID string = rg_TEST.outputs.SERVICE_API_IDENTITY_PRINCIPAL_ID +output vaultUri string = rg_TEST.outputs.vaultUri diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL1/resources/rg_TEST/rg_TEST.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL1/resources/rg_TEST/rg_TEST.bicep index 5ba5df6c13cc..21d1f5466603 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL1/resources/rg_TEST/rg_TEST.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL1/resources/rg_TEST/rg_TEST.bicep @@ -84,6 +84,7 @@ resource keyVault_CRoMbemLF 'Microsoft.KeyVault/vaults@2023-02-01' = { name: 'standard' family: 'A' } + enableRbacAuthorization: true } } @@ -246,3 +247,4 @@ resource applicationSettingsResource_vEe46o8Zn 'Microsoft.Web/sites/config@2021- } output SERVICE_API_IDENTITY_PRINCIPAL_ID string = webSite_W5EweSXEq.identity.principalId +output vaultUri string = keyVault_CRoMbemLF.properties.vaultUri diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL2/main.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL2/main.bicep index 8ab036a1810a..de707f7ec8ff 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL2/main.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL2/main.bicep @@ -28,3 +28,4 @@ module rg_TEST './resources/rg_TEST/rg_TEST.bicep' = { } output SERVICE_API_IDENTITY_PRINCIPAL_ID string = rg_TEST.outputs.SERVICE_API_IDENTITY_PRINCIPAL_ID +output vaultUri string = rg_TEST.outputs.vaultUri diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL2/resources/rg_TEST/rg_TEST.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL2/resources/rg_TEST/rg_TEST.bicep index c18ad56f0451..29dc24c21827 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL2/resources/rg_TEST/rg_TEST.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL2/resources/rg_TEST/rg_TEST.bicep @@ -27,6 +27,7 @@ resource keyVault_CRoMbemLF 'Microsoft.KeyVault/vaults@2023-02-01' = { name: 'standard' family: 'A' } + enableRbacAuthorization: true } } @@ -246,3 +247,4 @@ resource applicationSettingsResource_vEe46o8Zn 'Microsoft.Web/sites/config@2021- } output SERVICE_API_IDENTITY_PRINCIPAL_ID string = webSite_W5EweSXEq.identity.principalId +output vaultUri string = keyVault_CRoMbemLF.properties.vaultUri diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL3/main.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL3/main.bicep index c7f95043cdce..a8f278cf6fca 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL3/main.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL3/main.bicep @@ -43,4 +43,5 @@ module rg_TEST './resources/rg_TEST/rg_TEST.bicep' = { } } +output vaultUri string = rg_TEST.outputs.vaultUri output SERVICE_API_IDENTITY_PRINCIPAL_ID string = rg_TEST.outputs.SERVICE_API_IDENTITY_PRINCIPAL_ID diff --git a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL3/resources/rg_TEST/rg_TEST.bicep b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL3/resources/rg_TEST/rg_TEST.bicep index f681dcfea36d..733cfc456e6a 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL3/resources/rg_TEST/rg_TEST.bicep +++ b/sdk/provisioning/Azure.Provisioning/tests/Infrastructure/WebSiteUsingL3/resources/rg_TEST/rg_TEST.bicep @@ -30,6 +30,7 @@ resource keyVault_CRoMbemLF 'Microsoft.KeyVault/vaults@2023-02-01' = { name: 'standard' family: 'A' } + enableRbacAuthorization: true } } @@ -133,4 +134,5 @@ resource webSiteConfigLogs_giqxapQs0 'Microsoft.Web/sites/config@2021-02-01' = { } } +output vaultUri string = keyVault_CRoMbemLF.properties.vaultUri output SERVICE_API_IDENTITY_PRINCIPAL_ID string = webSite_W5EweSXEq.identity.principalId diff --git a/sdk/provisioning/Azure.Provisioning/tests/ProvisioningTests.cs b/sdk/provisioning/Azure.Provisioning/tests/ProvisioningTests.cs index 0728b91faee7..f4e239e3e14e 100644 --- a/sdk/provisioning/Azure.Provisioning/tests/ProvisioningTests.cs +++ b/sdk/provisioning/Azure.Provisioning/tests/ProvisioningTests.cs @@ -170,7 +170,7 @@ public void OutputsSpanningModules() infra.Build(GetOutputPath()); Assert.AreEqual(4, infra.GetParameters().Count()); - Assert.AreEqual(3, infra.GetOutputs().Count()); + Assert.AreEqual(4, infra.GetOutputs().Count()); Assert.AreEqual(0, testFrontEndWebSite.GetParameters().Count()); Assert.AreEqual(1, testFrontEndWebSite.GetOutputs().Count());