[Modules] Updated Synapse Privatelink Hubs (Azure Synapse Analytics) …

…to new dependencies approach (#2228) * log analytics workspace new dependencies * removed parameters.json * readme update * description param update * Update modules/Microsoft.OperationalInsights/workspaces/.test/common/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> * Update modules/Microsoft.OperationalInsights/workspaces/.test/common/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> * Update modules/Microsoft.OperationalInsights/workspaces/.test/common/deploy.test.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> * Update modules/Microsoft.OperationalInsights/workspaces/.test/common/deploy.test.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> * Update modules/Microsoft.OperationalInsights/workspaces/.test/common/deploy.test.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> * Update modules/Microsoft.OperationalInsights/workspaces/.test/min/deploy.test.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> * Update modules/Microsoft.OperationalInsights/workspaces/.test/min/deploy.test.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> * Update modules/Microsoft.OperationalInsights/workspaces/.test/min/deploy.test.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> * Update modules/Microsoft.OperationalInsights/workspaces/.test/common/deploy.test.bicep Co-authored-by: Alexander Sehr <ASehr@hotmail.de> * synapse analytics draft * shortname update for common test module * hardcoded 'privatelink.azuresynapse.net' * Update modules/Microsoft.Synapse/privateLinkHubs/.test/common/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> * Update modules/Microsoft.Synapse/privateLinkHubs/.test/common/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> * Update modules/Microsoft.Synapse/privateLinkHubs/.test/common/dependencies.bicep Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> * removed workspace change * replaced opinsight Co-authored-by: Erika Gressi <56914614+eriqua@users.noreply.github.com> Co-authored-by: Alexander Sehr <ASehr@hotmail.de>
Azure · Oct 18, 2022 · f06faee · f06faee
1 parent 0a1b414
commit f06faee
Show file tree

Hide file tree

Showing 7 changed files with 233 additions and 101 deletions.
diff --git a/.github/workflows/ms.synapse.privatelinkhubs.yml b/.github/workflows/ms.synapse.privatelinkhubs.yml
@@ -106,8 +106,7 @@ jobs:
       - name: 'Using test file [${{ matrix.moduleTestFilePaths }}]'
         uses: ./.github/actions/templates/validateModuleDeployment
         with:
-          templateFilePath: '${{ env.modulePath }}/deploy.bicep'
-          parameterFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
+          templateFilePath: '${{ env.modulePath }}/${{ matrix.moduleTestFilePaths }}'
           location: '${{ env.location }}'
           resourceGroupName: '${{ env.resourceGroupName }}'
           subscriptionId: '${{ secrets.ARM_SUBSCRIPTION_ID }}'

diff --git a/modules/Microsoft.Synapse/privateLinkHubs/.test/common/dependencies.bicep b/modules/Microsoft.Synapse/privateLinkHubs/.test/common/dependencies.bicep
@@ -0,0 +1,73 @@
+@description('Optional. The location to deploy to.')
+param location string = resourceGroup().location
+
+@description('Required. The name of the Network Security Group to create.')
+param networkSecurityGroupName string
+
+@description('Required. The name of the Virtual Network to create.')
+param virtualNetworkName string
+
+@description('Required. The name of the Managed Identity to create.')
+param managedIdentityName string
+
+resource networkSecurityGroup 'Microsoft.Network/networkSecurityGroups@2021-08-01' = {
+  name: networkSecurityGroupName
+  location: location
+  properties: {
+  }
+}
+
+resource virtualNetwork 'Microsoft.Network/virtualNetworks@2022-01-01' = {
+    name: virtualNetworkName
+    location: location
+    properties: {
+        addressSpace: {
+            addressPrefixes: [
+                '10.0.0.0/16'
+            ]
+        }
+        subnets: [
+            {
+                name: 'defaultSubnet'
+                properties: {
+                    addressPrefix: '10.0.0.0/24'
+                    networkSecurityGroup: {
+                        id: networkSecurityGroup.id
+                    }
+                    privateEndpointNetworkPolicies: 'Disabled'
+                    privateLinkServiceNetworkPolicies: 'Enabled'
+                }
+            }
+        ]
+    }
+}
+
+resource privateDNSZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
+    name:  'privatelink.azuresynapse.net'
+    location: 'global'
+
+    resource virtualNetworkLinks 'virtualNetworkLinks@2020-06-01' = {
+        name: '${virtualNetwork.name}-vnetlink'
+        location: 'global'
+        properties: {
+            virtualNetwork: {
+                id: virtualNetwork.id
+            }
+            registrationEnabled: false
+        }
+    }
+}
+
+resource managedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2018-11-30' = {
+    name: managedIdentityName
+    location: location
+}
+
+@description('The resource ID of the created Virtual Network Subnet.')
+output subnetResourceId string = virtualNetwork.properties.subnets[0].id
+
+@description('The resource ID of the created Private DNS Zone.')
+output privateDNSResourceId string = privateDNSZone.id
+
+@description('The principal ID of the created Managed Identity.')
+output managedIdentityPrincipalId string = managedIdentity.properties.principalId
diff --git a/modules/Microsoft.Synapse/privateLinkHubs/.test/common/deploy.test.bicep b/modules/Microsoft.Synapse/privateLinkHubs/.test/common/deploy.test.bicep
@@ -0,0 +1,73 @@
+targetScope = 'subscription'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string = 'ms.synapse.privatelinkhubs-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
+param serviceShort string = 'splhcom'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+module resourceGroupResources 'dependencies.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name, location)}-paramNested'
+  params: {
+    networkSecurityGroupName: 'dep-<<namePrefix>>-nsg-${serviceShort}'
+    virtualNetworkName: 'dep-<<namePrefix>>-vnet-${serviceShort}'
+    managedIdentityName: 'dep-<<namePrefix>>-msi-${serviceShort}'
+  }
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../deploy.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    name: '<<namePrefix>>${serviceShort}001'
+    lock: 'CanNotDelete'
+    privateEndpoints: [
+      {
+        privateDnsZoneGroup: {
+          privateDNSResourceIds: [
+            resourceGroupResources.outputs.privateDNSResourceId
+          ]
+        }
+        service: 'Web'
+        subnetResourceId: resourceGroupResources.outputs.subnetResourceId
+      }
+    ]
+    roleAssignments: [
+      {
+        principalIds: [
+          resourceGroupResources.outputs.managedIdentityPrincipalId
+        ]
+        roleDefinitionIdOrName: 'Reader'
+      }
+      {
+        principalIds: [
+          resourceGroupResources.outputs.managedIdentityPrincipalId
+        ]
+        roleDefinitionIdOrName: '/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c'
+      }
+    ]
+  }
+}
diff --git a/modules/Microsoft.Synapse/privateLinkHubs/.test/min.parameters.json b/modules/Microsoft.Synapse/privateLinkHubs/.test/min.parameters.json
diff --git a/modules/Microsoft.Synapse/privateLinkHubs/.test/min/deploy.test.bicep b/modules/Microsoft.Synapse/privateLinkHubs/.test/min/deploy.test.bicep
@@ -0,0 +1,37 @@
+targetScope = 'subscription'
+
+// ========== //
+// Parameters //
+// ========== //
+@description('Optional. The name of the resource group to deploy for testing purposes.')
+@maxLength(90)
+param resourceGroupName string = 'ms.synapse.privatelinkhubs-${serviceShort}-rg'
+
+@description('Optional. The location to deploy resources to.')
+param location string = deployment().location
+
+@description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.')
+param serviceShort string = 'splhmin'
+
+// =========== //
+// Deployments //
+// =========== //
+
+// General resources
+// =================
+resource resourceGroup 'Microsoft.Resources/resourceGroups@2021-04-01' = {
+  name: resourceGroupName
+  location: location
+}
+
+// ============== //
+// Test Execution //
+// ============== //
+
+module testDeployment '../../deploy.bicep' = {
+  scope: resourceGroup
+  name: '${uniqueString(deployment().name)}-test-${serviceShort}'
+  params: {
+    name: '<<namePrefix>>${serviceShort}001'
+  }
+}
diff --git a/modules/Microsoft.Synapse/privateLinkHubs/.test/parameters.json b/modules/Microsoft.Synapse/privateLinkHubs/.test/parameters.json