diff --git a/templates/todo/common/infra/bicep/app/apim-api-settings.bicep b/templates/todo/common/infra/bicep/app/apim-api-settings.bicep index 3b3f342861c..c0e6da3a5ad 100644 --- a/templates/todo/common/infra/bicep/app/apim-api-settings.bicep +++ b/templates/todo/common/infra/bicep/app/apim-api-settings.bicep @@ -15,7 +15,7 @@ param applicationInsightsName string @description('Resource name for backend Web App or Function App') param apiAppName string = '' -// Necessary due to https://github.com/Azure/bicep/issues/9594 +// Necessary due to https://github.com/Azure/bicep/issues/3750 // placeholderName is never deployed, it is merely used to make the child name validation pass var appNameForBicep = !empty(apiAppName) ? apiAppName : 'placeholderName' diff --git a/templates/todo/projects/csharp-cosmos-sql/.repo/bicep/infra/main.bicep b/templates/todo/projects/csharp-cosmos-sql/.repo/bicep/infra/main.bicep index c2e2c275ea0..18271720fdc 100644 --- a/templates/todo/projects/csharp-cosmos-sql/.repo/bicep/infra/main.bicep +++ b/templates/todo/projects/csharp-cosmos-sql/.repo/bicep/infra/main.bicep @@ -29,6 +29,9 @@ param connectionStringKey string = 'AZURE-COSMOS-CONNECTION-STRING' @description('Flag to use Azure API Management to mediate the calls between the Web frontend and the backend API') param useAPIM bool = false +@description('API Management SKU to use if APIM is enabled') +param apimSku string = 'Consumption' + @description('Id of the user or app to assign application roles') param principalId string = '' @@ -37,6 +40,7 @@ var resourceToken = toLower(uniqueString(subscription().id, environmentName, loc var tags = { 'azd-env-name': environmentName } var webUri = 'https://${web.outputs.defaultHostname}' var apiUri = 'https://${api.outputs.defaultHostname}' +var apimApiUri = 'https://${apim.outputs.name}.azure-api.net/todo' // Organize resources in a resource group resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { @@ -89,7 +93,7 @@ module api 'br/public:avm/res/web/site:0.3.4' = { appSettingsKeyValuePairs: { AZURE_KEY_VAULT_ENDPOINT: keyVault.outputs.uri AZURE_COSMOS_CONNECTION_STRING_KEY: connectionStringKey - AZURE_COSMOS_DATABASE_NAME: !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' + AZURE_COSMOS_DATABASE_NAME: cosmos.outputs.databaseName AZURE_COSMOS_ENDPOINT: cosmos.outputs.endpoint API_ALLOW_ORIGINS: webUri SCM_DO_BUILD_DURING_DEPLOYMENT: 'False' @@ -99,7 +103,7 @@ module api 'br/public:avm/res/web/site:0.3.4' = { } // Give the API access to KeyVault -module accesskeyvault 'br/public:avm/res/key-vault/vault:0.5.1' = { +module accessKeyVault 'br/public:avm/res/key-vault/vault:0.5.1' = { name: 'accesskeyvault' scope: rg params: { @@ -134,7 +138,7 @@ module apiCosmosSqlRoleAssign '../../../../../../common/infra/bicep/core/databas } // Give the API the role to access Cosmos -module userComsosSqlRoleAssign '../../../../../../common/infra/bicep/core/database/cosmos/sql/cosmos-sql-role-assign.bicep' = if (principalId != '') { +module userCosmosSqlRoleAssign '../../../../../../common/infra/bicep/core/database/cosmos/sql/cosmos-sql-role-assign.bicep' = if (principalId != '') { name: 'user-cosmos-access' scope: rg params: { @@ -187,7 +191,7 @@ module keyVault 'br/public:avm/res/key-vault/vault:0.5.1' = { } // Monitor application with Azure loganalytics -module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { +module logAnalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { name: 'loganalytics' scope: rg params: { @@ -198,11 +202,11 @@ module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { // Monitor application with Azure applicationInsights module applicationInsights 'br/public:avm/res/insights/component:0.3.0' = { - name: 'applicationInsights' + name: 'applicationinsights' scope: rg params: { name: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}' - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId location: location } } @@ -219,7 +223,7 @@ module applicationInsightsDashboard '../../../../../common/infra/bicep/app/appli } // Creates Azure API Management (APIM) service to mediate the requests between the frontend and the backend API -module apim 'br/public:avm/res/api-management/service:0.1.6' = if (useAPIM) { +module apim 'br/public:avm/res/api-management/service:0.1.7' = if (useAPIM) { name: 'apim-deployment' scope: rg params: { @@ -228,6 +232,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.6' = if (useAPIM) { publisherName: 'n/a' location: location tags: tags + sku: apimSku + skuCount: 0 apis: [ { name: 'todo-api' @@ -236,6 +242,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.6' = if (useAPIM) { apiDescription: 'This is a simple Todo API' serviceUrl: apiUri subscriptionRequired: false + protocols: [ 'https' ] + type: 'http' value: loadTextContent('../../../../../api/common/openapi.yaml') policies: [ { @@ -249,7 +257,7 @@ module apim 'br/public:avm/res/api-management/service:0.1.6' = if (useAPIM) { } // Configures the API in the Azure API Management (APIM) service -module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { +module apimSettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { name: 'apim-api-settings' scope: rg params: { @@ -264,7 +272,7 @@ module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bic // Data outputs output AZURE_COSMOS_ENDPOINT string = cosmos.outputs.endpoint output AZURE_COSMOS_CONNECTION_STRING_KEY string = connectionStringKey -output AZURE_COSMOS_DATABASE_NAME string = !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' +output AZURE_COSMOS_DATABASE_NAME string = cosmos.outputs.databaseName // App outputs output APPLICATIONINSIGHTS_CONNECTION_STRING string = applicationInsights.outputs.connectionString @@ -272,7 +280,7 @@ output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.uri output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name output AZURE_LOCATION string = location output AZURE_TENANT_ID string = tenant().tenantId -output API_BASE_URL string = useAPIM ? 'https://${apim.outputs.name}.azure-api.net/todo' : apiUri +output API_BASE_URL string = useAPIM ? apimApiUri : apiUri output REACT_APP_WEB_BASE_URL string = webUri output USE_APIM bool = useAPIM -output SERVICE_API_ENDPOINTS array = useAPIM ? [ 'https://${apim.outputs.name}.azure-api.net/todo', apiUri ]: [] +output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApiUri, apiUri ]: [] diff --git a/templates/todo/projects/csharp-sql-swa-func/.repo/bicep/infra/main.bicep b/templates/todo/projects/csharp-sql-swa-func/.repo/bicep/infra/main.bicep index 8c4a0ca0b5e..a876ef85cd6 100644 --- a/templates/todo/projects/csharp-sql-swa-func/.repo/bicep/infra/main.bicep +++ b/templates/todo/projects/csharp-sql-swa-func/.repo/bicep/infra/main.bicep @@ -32,6 +32,9 @@ param connectionStringKey string = 'AZURE-SQL-CONNECTION-STRING' @description('Flag to use Azure API Management to mediate the calls between the Web frontend and the backend API') param useAPIM bool = false +@description('API Management SKU to use if APIM is enabled') +param apimSku string = 'Consumption' + @description('Id of the user or app to assign application roles') param principalId string = '' @@ -46,8 +49,11 @@ param appUserPassword string var abbrs = loadJsonContent('../../../../../../common/infra/bicep/abbreviations.json') var resourceToken = toLower(uniqueString(subscription().id, environmentName, location)) var tags = { 'azd-env-name': environmentName } +var defaultDatabaseName = 'Todo' +var actualDatabaseName = !empty(sqlDatabaseName) ? sqlDatabaseName : defaultDatabaseName var webUri = 'https://${web.outputs.defaultHostname}' var apiUri = 'https://${api.outputs.defaultHostname}' +var apimApiUri = 'https://${apim.outputs.name}.azure-api.net/todo' // Organize resources in a resource group resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { @@ -58,7 +64,7 @@ resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { // The application frontend module web 'br/public:avm/res/web/static-site:0.3.0' = { - name: 'staticWeb' + name: 'staticweb' scope: rg params: { name: !empty(webServiceName) ? webServiceName : '${abbrs.webStaticSites}web-${resourceToken}' @@ -104,7 +110,7 @@ module api 'br/public:avm/res/web/site:0.3.4' = { } // Give the API access to KeyVault -module accesskeyvault 'br/public:avm/res/key-vault/vault:0.5.1' = { +module accessKeyVault 'br/public:avm/res/key-vault/vault:0.5.1' = { name: 'accesskeyvault' scope: rg params: { @@ -136,7 +142,7 @@ module accesskeyvault 'br/public:avm/res/key-vault/vault:0.5.1' = { } { name: connectionStringKey - value: 'Server=${sqlService.outputs.name}${environment().suffixes.sqlServerHostname}; Database=${!empty(sqlDatabaseName) ? sqlDatabaseName : 'Todo'}; User=${appUser}; Password=${appUserPassword}' + value: 'Server=${sqlService.outputs.name}${environment().suffixes.sqlServerHostname}; Database=${actualDatabaseName}; User=${appUser}; Password=${appUserPassword}' } ] } @@ -156,7 +162,7 @@ module sqlService 'br/public:avm/res/sql/server:0.2.0' = { publicNetworkAccess: 'Enabled' databases: [ { - name: !empty(sqlDatabaseName) ? sqlDatabaseName : 'Todo' + name: actualDatabaseName } ] firewallRules:[ @@ -170,14 +176,14 @@ module sqlService 'br/public:avm/res/sql/server:0.2.0' = { } //Add appuser to database owner -module sqldeploymentscript '../../../../../common/infra/bicep/app/sql-deployment-script.bicep' = { +module sqlDeploymentScript '../../../../../common/infra/bicep/app/sql-deployment-script.bicep' = { name: 'sqldeploymentscript' scope: rg params: { location: location appUserPassword: appUserPassword sqlAdminPassword: sqlAdminPassword - sqlDatabaseName: !empty(sqlDatabaseName) ? sqlDatabaseName : 'Todo' + sqlDatabaseName: actualDatabaseName sqlServiceName: sqlService.outputs.name } } @@ -230,7 +236,7 @@ module keyVault 'br/public:avm/res/key-vault/vault:0.5.1' = { } // Monitor application with Azure loganalytics -module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { +module logAnalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { name: 'loganalytics' scope: rg params: { @@ -241,11 +247,11 @@ module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { // Monitor application with Azure applicationInsights module applicationInsights 'br/public:avm/res/insights/component:0.3.0' = { - name: 'applicationInsights' + name: 'applicationinsights' scope: rg params: { name: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}' - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId location: location } } @@ -262,7 +268,7 @@ module applicationInsightsDashboard '../../../../../common/infra/bicep/app/appli } // Creates Azure API Management (APIM) service to mediate the requests between the frontend and the backend API -module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { +module apim 'br/public:avm/res/api-management/service:0.1.7' = if (useAPIM) { name: 'apim-deployment' scope: rg params: { @@ -271,6 +277,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { publisherName: 'n/a' location: location tags: tags + sku: apimSku + skuCount: 0 apis: [ { name: 'todo-api' @@ -279,6 +287,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { apiDescription: 'This is a simple Todo API' serviceUrl: apiUri subscriptionRequired: false + protocols: [ 'https' ] + type: 'http' value: loadTextContent('../../../../../api/common/openapi.yaml') policies: [ { @@ -292,7 +302,7 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { } // Configures the API in the Azure API Management (APIM) service -module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { +module apimSettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { name: 'apim-api-settings' scope: rg params: { @@ -313,7 +323,7 @@ output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.uri output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name output AZURE_LOCATION string = location output AZURE_TENANT_ID string = tenant().tenantId -output API_BASE_URL string = useAPIM ? 'https://${apim.outputs.name}.azure-api.net/todo' : apiUri +output API_BASE_URL string = useAPIM ? apimApiUri : apiUri output REACT_APP_WEB_BASE_URL string = webUri output USE_APIM bool = useAPIM -output SERVICE_API_ENDPOINTS array = useAPIM ? [ 'https://${apim.outputs.name}.azure-api.net/todo', apiUri ]: [] +output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApiUri, apiUri ]: [] diff --git a/templates/todo/projects/csharp-sql/.repo/bicep/infra/main.bicep b/templates/todo/projects/csharp-sql/.repo/bicep/infra/main.bicep index 0790342f634..059f9127298 100644 --- a/templates/todo/projects/csharp-sql/.repo/bicep/infra/main.bicep +++ b/templates/todo/projects/csharp-sql/.repo/bicep/infra/main.bicep @@ -29,6 +29,9 @@ param connectionStringKey string = 'AZURE-SQL-CONNECTION-STRING' @description('Flag to use Azure API Management to mediate the calls between the Web frontend and the backend API') param useAPIM bool = false +@description('API Management SKU to use if APIM is enabled') +param apimSku string = 'Consumption' + @description('Id of the user or app to assign application roles') param principalId string = '' @@ -44,8 +47,11 @@ param sqlAdmin string = 'sqlAdmin' var abbrs = loadJsonContent('../../../../../../common/infra/bicep/abbreviations.json') var resourceToken = toLower(uniqueString(subscription().id, environmentName, location)) var tags = { 'azd-env-name': environmentName } +var defaultDatabaseName = 'Todo' +var actualDatabaseName = !empty(sqlDatabaseName) ? sqlDatabaseName : defaultDatabaseName var webUri = 'https://${web.outputs.defaultHostname}' var apiUri = 'https://${api.outputs.defaultHostname}' +var apimApiUri = 'https://${apim.outputs.name}.azure-api.net/todo' // Organize resources in a resource group resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { @@ -137,7 +143,7 @@ module accessKeyVault 'br/public:avm/res/key-vault/vault:0.3.5' = { } { name: connectionStringKey - value: 'Server=${sqlService.outputs.name}${environment().suffixes.sqlServerHostname}; Database=${!empty(sqlDatabaseName) ? sqlDatabaseName : 'Todo'}; User=${appUser}; Password=${appUserPassword}' + value: 'Server=${sqlService.outputs.name}${environment().suffixes.sqlServerHostname}; Database=${actualDatabaseName}; User=${appUser}; Password=${appUserPassword}' } ] } @@ -157,7 +163,7 @@ module sqlService 'br/public:avm/res/sql/server:0.2.0' = { publicNetworkAccess: 'Enabled' databases: [ { - name: !empty(sqlDatabaseName) ? sqlDatabaseName : 'Todo' + name: actualDatabaseName } ] firewallRules:[ @@ -171,14 +177,14 @@ module sqlService 'br/public:avm/res/sql/server:0.2.0' = { } //Add appuser to database owner -module sqldeploymentscript '../../../../../common/infra/bicep/app/sql-deployment-script.bicep' = { +module sqlDeploymentScript '../../../../../common/infra/bicep/app/sql-deployment-script.bicep' = { name: 'sqldeploymentscript' scope: rg params: { location: location appUserPassword: appUserPassword sqlAdminPassword: sqlAdminPassword - sqlDatabaseName: !empty(sqlDatabaseName) ? sqlDatabaseName : 'Todo' + sqlDatabaseName: actualDatabaseName sqlServiceName: sqlService.outputs.name } } @@ -213,7 +219,7 @@ module keyVault 'br/public:avm/res/key-vault/vault:0.3.5' = { } // Monitor application with Azure loganalytics -module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { +module logAnalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { name: 'loganalytics' scope: rg params: { @@ -224,11 +230,11 @@ module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { // Monitor application with Azure applicationInsights module applicationInsights 'br/public:avm/res/insights/component:0.3.0' = { - name: 'applicationInsights' + name: 'applicationinsights' scope: rg params: { name: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}' - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId location: location } } @@ -245,7 +251,7 @@ module applicationInsightsDashboard '../../../../../common/infra/bicep/app/appli } // Creates Azure API Management (APIM) service to mediate the requests between the frontend and the backend API -module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { +module apim 'br/public:avm/res/api-management/service:0.1.7' = if (useAPIM) { name: 'apim-deployment' scope: rg params: { @@ -254,6 +260,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { publisherName: 'n/a' location: location tags: tags + sku: apimSku + skuCount: 0 apis: [ { name: 'todo-api' @@ -262,6 +270,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { apiDescription: 'This is a simple Todo API' serviceUrl: apiUri subscriptionRequired: false + protocols: [ 'https' ] + type: 'http' value: loadTextContent('../../../../../api/common/openapi.yaml') policies: [ { @@ -275,7 +285,7 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { } // Configures the API in the Azure API Management (APIM) service -module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { +module apimSettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { name: 'apim-api-settings' scope: rg params: { @@ -296,7 +306,7 @@ output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.uri output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name output AZURE_LOCATION string = location output AZURE_TENANT_ID string = tenant().tenantId -output API_BASE_URL string = useAPIM ? 'https://${apim.outputs.name}.azure-api.net/todo' : apiUri +output API_BASE_URL string = useAPIM ? apimApiUri : apiUri output REACT_APP_WEB_BASE_URL string = webUri output USE_APIM bool = useAPIM -output SERVICE_API_ENDPOINTS array = useAPIM ? [ 'https://${apim.outputs.name}.azure-api.net/todo', apiUri ]: [] +output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApiUri, apiUri ]: [] diff --git a/templates/todo/projects/java-mongo-aca/.repo/bicep/infra/main.bicep b/templates/todo/projects/java-mongo-aca/.repo/bicep/infra/main.bicep index 29b8d8c2016..6a553a2c274 100644 --- a/templates/todo/projects/java-mongo-aca/.repo/bicep/infra/main.bicep +++ b/templates/todo/projects/java-mongo-aca/.repo/bicep/infra/main.bicep @@ -64,6 +64,9 @@ param collections array = [ @description('Flag to use Azure API Management to mediate the calls between the Web frontend and the backend API') param useAPIM bool = false +@description('API Management SKU to use if APIM is enabled') +param apimSku string = 'Consumption' + @description('Hostname suffix for container registry. Set when deploying to sovereign clouds') param containerRegistryHostSuffix string = 'azurecr.io' @@ -73,11 +76,14 @@ param principalId string = '' var abbrs = loadJsonContent('../../../../../../common/infra/bicep/abbreviations.json') var resourceToken = toLower(uniqueString(subscription().id, environmentName, location)) var tags = { 'azd-env-name': environmentName } +var defaultDatabaseName = 'Todo' +var actualDatabaseName = !empty(cosmosDatabaseName) ? cosmosDatabaseName : defaultDatabaseName var apiContainerAppNameOrDefault = '${abbrs.appContainerApps}web-${resourceToken}' var corsAcaUrl = 'https://${apiContainerAppNameOrDefault}.${containerAppsEnvironment.outputs.defaultDomain}' var acrPullRole = subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d') var webUri = 'https://${web.outputs.fqdn}' var apiUri = 'https://${api.outputs.fqdn}' +var apimApiUri = 'https://${apim.outputs.name}.azure-api.net/todo' // Organize resources in a resource group resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { @@ -113,10 +119,10 @@ module containerRegistry 'br/public:avm/res/container-registry/registry:0.1.1' = //Container apps environment module containerAppsEnvironment 'br/public:avm/res/app/managed-environment:0.4.5' = { - name: 'containerAppsEnvironment' + name: 'container-apps-environment' scope: rg params: { - logAnalyticsWorkspaceResourceId: loganalytics.outputs.resourceId + logAnalyticsWorkspaceResourceId: logAnalytics.outputs.resourceId name: !empty(containerAppsEnvironmentName) ? containerAppsEnvironmentName : '${abbrs.appManagedEnvironments}${resourceToken}' location: location zoneRedundant: false @@ -126,7 +132,7 @@ module containerAppsEnvironment 'br/public:avm/res/app/managed-environment:0.4.5 //the managed identity for web frontend module webIdentity 'br/public:avm/res/managed-identity/user-assigned-identity:0.2.1' = { - name: 'webIdentity' + name: 'webidentity' scope: rg params: { name: '${abbrs.managedIdentityUserAssignedIdentities}web-${resourceToken}' @@ -174,7 +180,7 @@ module web 'br/public:avm/res/app/container-app:0.2.0' = { //the managed identity for api backend module apiIdentity 'br/public:avm/res/managed-identity/user-assigned-identity:0.2.1' = { - name: 'apiIdentity' + name: 'apiidentity' scope: rg params: { name: '${abbrs.managedIdentityUserAssignedIdentities}api-${resourceToken}' @@ -249,7 +255,7 @@ module cosmos 'br/public:avm/res/document-db/database-account:0.4.0' = { location: location mongodbDatabases: [ { - name: 'Todo' + name: actualDatabaseName tags: tags collections: collections } @@ -288,7 +294,7 @@ module keyVault 'br/public:avm/res/key-vault/vault:0.5.1' = { } // Monitor application with Azure loganalytics -module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { +module logAnalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { name: 'loganalytics' scope: rg params: { @@ -299,11 +305,11 @@ module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { // Monitor application with Azure applicationInsights module applicationInsights 'br/public:avm/res/insights/component:0.3.0' = { - name: 'applicationInsights' + name: 'applicationinsights' scope: rg params: { name: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}' - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId location: location } } @@ -320,7 +326,7 @@ module applicationInsightsDashboard '../../../../../common/infra/bicep/app/appli } // Creates Azure API Management (APIM) service to mediate the requests between the frontend and the backend API -module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { +module apim 'br/public:avm/res/api-management/service:0.1.7' = if (useAPIM) { name: 'apim-deployment' scope: rg params: { @@ -329,6 +335,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { publisherName: 'n/a' location: location tags: tags + sku: apimSku + skuCount: 0 apis: [ { name: 'todo-api' @@ -337,6 +345,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { apiDescription: 'This is a simple Todo API' serviceUrl: apiUri subscriptionRequired: false + protocols: [ 'https' ] + type: 'http' value: loadTextContent('../../../../../api/common/openapi.yaml') policies: [ { @@ -350,7 +360,7 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { } // Configures the API in the Azure API Management (APIM) service -module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { +module apimSettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { name: 'apim-api-settings' scope: rg params: { @@ -363,7 +373,7 @@ module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bic // Data outputs output AZURE_COSMOS_CONNECTION_STRING_KEY string = connectionStringKey -output AZURE_COSMOS_DATABASE_NAME string = !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' +output AZURE_COSMOS_DATABASE_NAME string = actualDatabaseName // App outputs output API_CORS_ACA_URL string = corsAcaUrl @@ -376,9 +386,9 @@ output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.uri output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name output AZURE_LOCATION string = location output AZURE_TENANT_ID string = tenant().tenantId -output API_BASE_URL string = useAPIM ? 'https://${apim.outputs.name}.azure-api.net/todo' : apiUri +output API_BASE_URL string = useAPIM ? apimApiUri : apiUri output REACT_APP_WEB_BASE_URL string = webUri output SERVICE_API_NAME string = api.outputs.name output SERVICE_WEB_NAME string = web.outputs.name output USE_APIM bool = useAPIM -output SERVICE_API_ENDPOINTS array = useAPIM ? [ 'https://${apim.outputs.name}.azure-api.net/todo', apiUri ] : [] +output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApiUri, apiUri ] : [] diff --git a/templates/todo/projects/java-mongo/.repo/bicep/infra/main.bicep b/templates/todo/projects/java-mongo/.repo/bicep/infra/main.bicep index 2a9244e5063..c96427d7632 100644 --- a/templates/todo/projects/java-mongo/.repo/bicep/infra/main.bicep +++ b/templates/todo/projects/java-mongo/.repo/bicep/infra/main.bicep @@ -63,14 +63,20 @@ param collections array = [ @description('Flag to use Azure API Management to mediate the calls between the Web frontend and the backend API') param useAPIM bool = false +@description('API Management SKU to use if APIM is enabled') +param apimSku string = 'Consumption' + @description('Id of the user or app to assign application roles') param principalId string = '' var abbrs = loadJsonContent('../../../../../../common/infra/bicep/abbreviations.json') var resourceToken = toLower(uniqueString(subscription().id, environmentName, location)) var tags = { 'azd-env-name': environmentName } +var defaultDatabaseName = 'Todo' +var actualDatabaseName = !empty(cosmosDatabaseName) ? cosmosDatabaseName : defaultDatabaseName var webUri = 'https://${web.outputs.defaultHostname}' var apiUri = 'https://${api.outputs.defaultHostname}' +var apimApiUri = 'https://${apim.outputs.name}.azure-api.net/todo' // Organize resources in a resource group resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { @@ -123,7 +129,7 @@ module api 'br/public:avm/res/web/site:0.2.0' = { appSettingsKeyValuePairs: { AZURE_KEY_VAULT_ENDPOINT: keyVault.outputs.uri AZURE_COSMOS_CONNECTION_STRING_KEY: connectionStringKey - AZURE_COSMOS_DATABASE_NAME: !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' + AZURE_COSMOS_DATABASE_NAME: actualDatabaseName AZURE_COSMOS_ENDPOINT: 'https://${cosmos.outputs.name}.mongo.cosmos.azure.com:443/' API_ALLOW_ORIGINS: webUri SCM_DO_BUILD_DURING_DEPLOYMENT: 'True' @@ -138,7 +144,7 @@ module api 'br/public:avm/res/web/site:0.2.0' = { } // Give the API access to KeyVault -module accesskeyvault 'br/public:avm/res/key-vault/vault:0.3.5' = { +module accessKeyVault 'br/public:avm/res/key-vault/vault:0.3.5' = { name: 'accesskeyvault' scope: rg params: { @@ -177,7 +183,7 @@ module cosmos 'br/public:avm/res/document-db/database-account:0.4.0' = { location: location mongodbDatabases: [ { - name: 'Todo' + name: actualDatabaseName tags: tags collections: collections } @@ -219,7 +225,7 @@ module keyVault 'br/public:avm/res/key-vault/vault:0.3.5' = { } // Monitor application with Azure loganalytics -module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { +module logAnalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { name: 'loganalytics' scope: rg params: { @@ -230,11 +236,11 @@ module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { // Monitor application with Azure applicationInsights module applicationInsights 'br/public:avm/res/insights/component:0.3.0' = { - name: 'applicationInsights' + name: 'applicationinsights' scope: rg params: { name: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}' - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId location: location } } @@ -251,7 +257,7 @@ module applicationInsightsDashboard '../../../../../common/infra/bicep/app/appli } // Creates Azure API Management (APIM) service to mediate the requests between the frontend and the backend API -module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { +module apim 'br/public:avm/res/api-management/service:0.1.7' = if (useAPIM) { name: 'apim-deployment' scope: rg params: { @@ -260,6 +266,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { publisherName: 'n/a' location: location tags: tags + sku: apimSku + skuCount: 0 apis: [ { name: 'todo-api' @@ -268,6 +276,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { apiDescription: 'This is a simple Todo API' serviceUrl: apiUri subscriptionRequired: false + protocols: [ 'https' ] + type: 'http' value: loadTextContent('../../../../../api/common/openapi.yaml') policies: [ { @@ -281,7 +291,7 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { } // Configures the API in the Azure API Management (APIM) service -module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { +module apimSettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { name: 'apim-api-settings' scope: rg params: { @@ -295,7 +305,7 @@ module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bic // Data outputs output AZURE_COSMOS_CONNECTION_STRING_KEY string = connectionStringKey -output AZURE_COSMOS_DATABASE_NAME string = !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' +output AZURE_COSMOS_DATABASE_NAME string = actualDatabaseName // App outputs output APPLICATIONINSIGHTS_CONNECTION_STRING string = applicationInsights.outputs.connectionString @@ -303,7 +313,7 @@ output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.uri output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name output AZURE_LOCATION string = location output AZURE_TENANT_ID string = tenant().tenantId -output API_BASE_URL string = useAPIM ? 'https://${apim.outputs.name}.azure-api.net/todo' : apiUri +output API_BASE_URL string = useAPIM ? apimApiUri : apiUri output REACT_APP_WEB_BASE_URL string = webUri output USE_APIM bool = useAPIM -output SERVICE_API_ENDPOINTS array = useAPIM ? [ 'https://${apim.outputs.name}.azure-api.net/todo', apiUri ]: [] +output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApiUri, apiUri ]: [] diff --git a/templates/todo/projects/nodejs-mongo-aca/.repo/bicep/infra/main.bicep b/templates/todo/projects/nodejs-mongo-aca/.repo/bicep/infra/main.bicep index 29b8d8c2016..6a553a2c274 100644 --- a/templates/todo/projects/nodejs-mongo-aca/.repo/bicep/infra/main.bicep +++ b/templates/todo/projects/nodejs-mongo-aca/.repo/bicep/infra/main.bicep @@ -64,6 +64,9 @@ param collections array = [ @description('Flag to use Azure API Management to mediate the calls between the Web frontend and the backend API') param useAPIM bool = false +@description('API Management SKU to use if APIM is enabled') +param apimSku string = 'Consumption' + @description('Hostname suffix for container registry. Set when deploying to sovereign clouds') param containerRegistryHostSuffix string = 'azurecr.io' @@ -73,11 +76,14 @@ param principalId string = '' var abbrs = loadJsonContent('../../../../../../common/infra/bicep/abbreviations.json') var resourceToken = toLower(uniqueString(subscription().id, environmentName, location)) var tags = { 'azd-env-name': environmentName } +var defaultDatabaseName = 'Todo' +var actualDatabaseName = !empty(cosmosDatabaseName) ? cosmosDatabaseName : defaultDatabaseName var apiContainerAppNameOrDefault = '${abbrs.appContainerApps}web-${resourceToken}' var corsAcaUrl = 'https://${apiContainerAppNameOrDefault}.${containerAppsEnvironment.outputs.defaultDomain}' var acrPullRole = subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d') var webUri = 'https://${web.outputs.fqdn}' var apiUri = 'https://${api.outputs.fqdn}' +var apimApiUri = 'https://${apim.outputs.name}.azure-api.net/todo' // Organize resources in a resource group resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { @@ -113,10 +119,10 @@ module containerRegistry 'br/public:avm/res/container-registry/registry:0.1.1' = //Container apps environment module containerAppsEnvironment 'br/public:avm/res/app/managed-environment:0.4.5' = { - name: 'containerAppsEnvironment' + name: 'container-apps-environment' scope: rg params: { - logAnalyticsWorkspaceResourceId: loganalytics.outputs.resourceId + logAnalyticsWorkspaceResourceId: logAnalytics.outputs.resourceId name: !empty(containerAppsEnvironmentName) ? containerAppsEnvironmentName : '${abbrs.appManagedEnvironments}${resourceToken}' location: location zoneRedundant: false @@ -126,7 +132,7 @@ module containerAppsEnvironment 'br/public:avm/res/app/managed-environment:0.4.5 //the managed identity for web frontend module webIdentity 'br/public:avm/res/managed-identity/user-assigned-identity:0.2.1' = { - name: 'webIdentity' + name: 'webidentity' scope: rg params: { name: '${abbrs.managedIdentityUserAssignedIdentities}web-${resourceToken}' @@ -174,7 +180,7 @@ module web 'br/public:avm/res/app/container-app:0.2.0' = { //the managed identity for api backend module apiIdentity 'br/public:avm/res/managed-identity/user-assigned-identity:0.2.1' = { - name: 'apiIdentity' + name: 'apiidentity' scope: rg params: { name: '${abbrs.managedIdentityUserAssignedIdentities}api-${resourceToken}' @@ -249,7 +255,7 @@ module cosmos 'br/public:avm/res/document-db/database-account:0.4.0' = { location: location mongodbDatabases: [ { - name: 'Todo' + name: actualDatabaseName tags: tags collections: collections } @@ -288,7 +294,7 @@ module keyVault 'br/public:avm/res/key-vault/vault:0.5.1' = { } // Monitor application with Azure loganalytics -module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { +module logAnalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { name: 'loganalytics' scope: rg params: { @@ -299,11 +305,11 @@ module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { // Monitor application with Azure applicationInsights module applicationInsights 'br/public:avm/res/insights/component:0.3.0' = { - name: 'applicationInsights' + name: 'applicationinsights' scope: rg params: { name: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}' - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId location: location } } @@ -320,7 +326,7 @@ module applicationInsightsDashboard '../../../../../common/infra/bicep/app/appli } // Creates Azure API Management (APIM) service to mediate the requests between the frontend and the backend API -module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { +module apim 'br/public:avm/res/api-management/service:0.1.7' = if (useAPIM) { name: 'apim-deployment' scope: rg params: { @@ -329,6 +335,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { publisherName: 'n/a' location: location tags: tags + sku: apimSku + skuCount: 0 apis: [ { name: 'todo-api' @@ -337,6 +345,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { apiDescription: 'This is a simple Todo API' serviceUrl: apiUri subscriptionRequired: false + protocols: [ 'https' ] + type: 'http' value: loadTextContent('../../../../../api/common/openapi.yaml') policies: [ { @@ -350,7 +360,7 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { } // Configures the API in the Azure API Management (APIM) service -module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { +module apimSettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { name: 'apim-api-settings' scope: rg params: { @@ -363,7 +373,7 @@ module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bic // Data outputs output AZURE_COSMOS_CONNECTION_STRING_KEY string = connectionStringKey -output AZURE_COSMOS_DATABASE_NAME string = !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' +output AZURE_COSMOS_DATABASE_NAME string = actualDatabaseName // App outputs output API_CORS_ACA_URL string = corsAcaUrl @@ -376,9 +386,9 @@ output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.uri output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name output AZURE_LOCATION string = location output AZURE_TENANT_ID string = tenant().tenantId -output API_BASE_URL string = useAPIM ? 'https://${apim.outputs.name}.azure-api.net/todo' : apiUri +output API_BASE_URL string = useAPIM ? apimApiUri : apiUri output REACT_APP_WEB_BASE_URL string = webUri output SERVICE_API_NAME string = api.outputs.name output SERVICE_WEB_NAME string = web.outputs.name output USE_APIM bool = useAPIM -output SERVICE_API_ENDPOINTS array = useAPIM ? [ 'https://${apim.outputs.name}.azure-api.net/todo', apiUri ] : [] +output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApiUri, apiUri ] : [] diff --git a/templates/todo/projects/nodejs-mongo-aks/.repo/bicep/infra/main.bicep b/templates/todo/projects/nodejs-mongo-aks/.repo/bicep/infra/main.bicep index 595e13e2e53..14f9e43c29d 100644 --- a/templates/todo/projects/nodejs-mongo-aks/.repo/bicep/infra/main.bicep +++ b/templates/todo/projects/nodejs-mongo-aks/.repo/bicep/infra/main.bicep @@ -77,6 +77,8 @@ param systemPoolType string = 'CostOptimised' var abbrs = loadJsonContent('../../../../../../common/infra/bicep/abbreviations.json') var resourceToken = toLower(uniqueString(subscription().id, environmentName, location)) var tags = { 'azd-env-name': environmentName } +var defaultDatabaseName = 'Todo' +var actualDatabaseName = !empty(cosmosDatabaseName) ? cosmosDatabaseName : defaultDatabaseName var acrPullRole = subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d') var aksClusterAdminRole = subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b1ff04bb-8a4e-4dc4-8eb5-8693973ce19b') var systemPoolSpec = nodePoolPresets[systemPoolType] @@ -157,10 +159,10 @@ module managedCluster 'br/public:avm/res/container-service/managed-cluster:0.1.7 roleDefinitionIdOrName: aksClusterAdminRole } ] - monitoringWorkspaceId: loganalytics.outputs.resourceId + monitoringWorkspaceId: logAnalytics.outputs.resourceId diagnosticSettings: [ { - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId logCategoriesAndGroups: [ { category: 'cluster-autoscaler' @@ -214,7 +216,7 @@ module containerRegistry 'br/public:avm/res/container-registry/registry:0.1.1' = location: location diagnosticSettings: [ { - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId logCategoriesAndGroups: [ { category: 'ContainerRegistryRepositoryEvents' @@ -259,7 +261,7 @@ module cosmos 'br/public:avm/res/document-db/database-account:0.5.1' = { location: location mongodbDatabases: [ { - name: 'Todo' + name: actualDatabaseName tags: tags collections: collections } @@ -298,7 +300,7 @@ module keyVault 'br/public:avm/res/key-vault/vault:0.3.5' = { } // Monitor application with Azure loganalytics -module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { +module logAnalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { name: 'loganalytics' scope: rg params: { @@ -309,11 +311,11 @@ module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { // Monitor application with Azure applicationInsights module applicationInsights 'br/public:avm/res/insights/component:0.3.0' = { - name: 'applicationInsights' + name: 'applicationinsights' scope: rg params: { name: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}' - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId location: location } } @@ -331,7 +333,7 @@ module applicationInsightsDashboard '../../../../../common/infra/bicep/app/appli // Data outputs output AZURE_COSMOS_CONNECTION_STRING_KEY string = connectionStringKey -output AZURE_COSMOS_DATABASE_NAME string = !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' +output AZURE_COSMOS_DATABASE_NAME string = actualDatabaseName // App outputs output APPLICATIONINSIGHTS_CONNECTION_STRING string = applicationInsights.outputs.connectionString diff --git a/templates/todo/projects/nodejs-mongo-swa-func/.repo/bicep/infra/main.bicep b/templates/todo/projects/nodejs-mongo-swa-func/.repo/bicep/infra/main.bicep index 3b51ebff52b..ec84ab38c8c 100644 --- a/templates/todo/projects/nodejs-mongo-swa-func/.repo/bicep/infra/main.bicep +++ b/templates/todo/projects/nodejs-mongo-swa-func/.repo/bicep/infra/main.bicep @@ -64,14 +64,20 @@ param collections array = [ @description('Flag to use Azure API Management to mediate the calls between the Web frontend and the backend API') param useAPIM bool = false +@description('API Management SKU to use if APIM is enabled') +param apimSku string = 'Consumption' + @description('Id of the user or app to assign application roles') param principalId string = '' var abbrs = loadJsonContent('../../../../../../common/infra/bicep/abbreviations.json') var resourceToken = toLower(uniqueString(subscription().id, environmentName, location)) var tags = { 'azd-env-name': environmentName } +var defaultDatabaseName = 'Todo' +var actualDatabaseName = !empty(cosmosDatabaseName) ? cosmosDatabaseName : defaultDatabaseName var apiUri = 'https://${api.outputs.defaultHostname}' var webUri = 'https://${web.outputs.defaultHostname}' +var apimApiUri = 'https://${apim.outputs.name}.azure-api.net/todo' // Organize resources in a resource group resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { @@ -82,7 +88,7 @@ resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { // The application frontend module web 'br/public:avm/res/web/static-site:0.3.0' = { - name: 'web' + name: 'staticweb' scope: rg params: { name: !empty(webServiceName) ? webServiceName : '${abbrs.webStaticSites}web-${resourceToken}' @@ -117,7 +123,7 @@ module api 'br/public:avm/res/web/site:0.3.5' = { appSettingsKeyValuePairs: { API_ALLOW_ORIGINS: webUri AZURE_COSMOS_CONNECTION_STRING_KEY: connectionStringKey - AZURE_COSMOS_DATABASE_NAME: !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' + AZURE_COSMOS_DATABASE_NAME: actualDatabaseName AZURE_KEY_VAULT_ENDPOINT:keyVault.outputs.uri AZURE_COSMOS_ENDPOINT: 'https://${cosmos.outputs.name}.documents.azure.com:443/' FUNCTIONS_EXTENSION_VERSION: '~4' @@ -130,7 +136,7 @@ module api 'br/public:avm/res/web/site:0.3.5' = { } // Give the API access to KeyVault -module accesskeyvault 'br/public:avm/res/key-vault/vault:0.5.1' = { +module accessKeyVault 'br/public:avm/res/key-vault/vault:0.5.1' = { name: 'accesskeyvault' scope: rg params: { @@ -169,7 +175,7 @@ module cosmos 'br/public:avm/res/document-db/database-account:0.4.0' = { location: location mongodbDatabases: [ { - name: 'Todo' + name: actualDatabaseName tags: tags collections: collections } @@ -229,7 +235,7 @@ module keyVault 'br/public:avm/res/key-vault/vault:0.5.1' = { } // Monitor application with Azure loganalytics -module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { +module logAnalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { name: 'loganalytics' scope: rg params: { @@ -240,11 +246,11 @@ module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { // Monitor application with Azure applicationInsights module applicationInsights 'br/public:avm/res/insights/component:0.3.0' = { - name: 'applicationInsights' + name: 'applicationinsights' scope: rg params: { name: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}' - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId location: location } } @@ -261,7 +267,7 @@ module applicationInsightsDashboard '../../../../../common/infra/bicep/app/appli } // Creates Azure API Management (APIM) service to mediate the requests between the frontend and the backend API -module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { +module apim 'br/public:avm/res/api-management/service:0.1.7' = if (useAPIM) { name: 'apim-deployment' scope: rg params: { @@ -270,6 +276,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { publisherName: 'n/a' location: location tags: tags + sku: apimSku + skuCount: 0 apis: [ { name: 'todo-api' @@ -278,6 +286,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { apiDescription: 'This is a simple Todo API' serviceUrl: apiUri subscriptionRequired: false + protocols: [ 'https' ] + type: 'http' value: loadTextContent('../../../../../api/common/openapi.yaml') policies: [ { @@ -291,7 +301,7 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { } // Configures the API in the Azure API Management (APIM) service -module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { +module apimSettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { name: 'apim-api-settings' scope: rg params: { @@ -304,7 +314,7 @@ module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bic // Data outputs output AZURE_COSMOS_CONNECTION_STRING_KEY string = connectionStringKey -output AZURE_COSMOS_DATABASE_NAME string = !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' +output AZURE_COSMOS_DATABASE_NAME string = actualDatabaseName // App outputs output APPLICATIONINSIGHTS_CONNECTION_STRING string = applicationInsights.outputs.connectionString @@ -312,7 +322,7 @@ output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.uri output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name output AZURE_LOCATION string = location output AZURE_TENANT_ID string = tenant().tenantId -output API_BASE_URL string = useAPIM ? 'https://${apim.outputs.name}.azure-api.net/todo' : apiUri +output API_BASE_URL string = useAPIM ? apimApiUri : apiUri output REACT_APP_WEB_BASE_URL string = webUri output USE_APIM bool = useAPIM -output SERVICE_API_ENDPOINTS array = useAPIM ? [ 'https://${apim.outputs.name}.azure-api.net/todo', apiUri ]: [] +output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApiUri, apiUri ]: [] diff --git a/templates/todo/projects/nodejs-mongo/.repo/bicep/infra/main.bicep b/templates/todo/projects/nodejs-mongo/.repo/bicep/infra/main.bicep index bc6e76b0f15..9201337a159 100644 --- a/templates/todo/projects/nodejs-mongo/.repo/bicep/infra/main.bicep +++ b/templates/todo/projects/nodejs-mongo/.repo/bicep/infra/main.bicep @@ -63,14 +63,20 @@ param collections array = [ @description('Flag to use Azure API Management to mediate the calls between the Web frontend and the backend API') param useAPIM bool = false +@description('API Management SKU to use if APIM is enabled') +param apimSku string = 'Consumption' + @description('Id of the user or app to assign application roles') param principalId string = '' var abbrs = loadJsonContent('../../../../../../common/infra/bicep/abbreviations.json') var resourceToken = toLower(uniqueString(subscription().id, environmentName, location)) var tags = { 'azd-env-name': environmentName } +var defaultDatabaseName = 'Todo' +var actualDatabaseName = !empty(cosmosDatabaseName) ? cosmosDatabaseName : defaultDatabaseName var apiUri = 'https://${api.outputs.defaultHostname}' var webUri = 'https://${web.outputs.defaultHostname}' +var apimApiUri = 'https://${apim.outputs.name}.azure-api.net/todo' // Organize resources in a resource group resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { @@ -100,8 +106,8 @@ module web 'br/public:avm/res/web/site:0.2.0' = { // The application backend module api 'br/public:avm/res/web/site:0.2.0' = { - scope: rg name: 'api' + scope: rg params: { kind: 'app' name: !empty(apiServiceName) ? apiServiceName : '${abbrs.webSitesAppService}api-${resourceToken}' @@ -123,7 +129,7 @@ module api 'br/public:avm/res/web/site:0.2.0' = { appSettingsKeyValuePairs: { AZURE_KEY_VAULT_ENDPOINT: keyVault.outputs.uri AZURE_COSMOS_CONNECTION_STRING_KEY: connectionStringKey - AZURE_COSMOS_DATABASE_NAME: !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' + AZURE_COSMOS_DATABASE_NAME: actualDatabaseName AZURE_COSMOS_ENDPOINT: 'https://${cosmos.outputs.name}.documents.azure.com:443/' API_ALLOW_ORIGINS: webUri SCM_DO_BUILD_DURING_DEPLOYMENT: 'True' @@ -133,7 +139,7 @@ module api 'br/public:avm/res/web/site:0.2.0' = { } // Give the API access to KeyVault -module accesskeyvault 'br/public:avm/res/key-vault/vault:0.3.5' = { +module accessKeyVault 'br/public:avm/res/key-vault/vault:0.3.5' = { name: 'accesskeyvault' scope: rg params: { @@ -157,7 +163,7 @@ module accesskeyvault 'br/public:avm/res/key-vault/vault:0.3.5' = { } // The application database -module cosmos 'br/public:avm/res/document-db/database-account:0.4.0' = { +module cosmos 'br/public:avm/res/document-db/database-account:0.5.4' = { name: 'cosmos' scope: rg params: { @@ -172,7 +178,7 @@ module cosmos 'br/public:avm/res/document-db/database-account:0.4.0' = { location: location mongodbDatabases: [ { - name: 'Todo' + name: actualDatabaseName tags: tags collections: collections } @@ -214,7 +220,7 @@ module keyVault 'br/public:avm/res/key-vault/vault:0.3.5' = { } // Monitor application with Azure loganalytics -module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { +module logAnalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { name: 'loganalytics' scope: rg params: { @@ -225,11 +231,11 @@ module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { // Monitor application with Azure applicationInsights module applicationInsights 'br/public:avm/res/insights/component:0.3.0' = { - name: 'applicationInsights' + name: 'applicationinsights' scope: rg params: { name: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}' - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId location: location } } @@ -246,7 +252,7 @@ module applicationInsightsDashboard '../../../../../common/infra/bicep/app/appli } // Creates Azure API Management (APIM) service to mediate the requests between the frontend and the backend API -module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { +module apim 'br/public:avm/res/api-management/service:0.1.7' = if (useAPIM) { name: 'apim-deployment' scope: rg params: { @@ -255,6 +261,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { publisherName: 'n/a' location: location tags: tags + sku: apimSku + skuCount: 0 apis: [ { name: 'todo-api' @@ -263,6 +271,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { apiDescription: 'This is a simple Todo API' serviceUrl: apiUri subscriptionRequired: false + protocols: [ 'https' ] + type: 'http' value: loadTextContent('../../../../../api/common/openapi.yaml') policies: [ { @@ -276,7 +286,7 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { } // Configures the API in the Azure API Management (APIM) service -module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { +module apimSettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { name: 'apim-api-settings' scope: rg params: { @@ -290,7 +300,7 @@ module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bic // Data outputs output AZURE_COSMOS_CONNECTION_STRING_KEY string = connectionStringKey -output AZURE_COSMOS_DATABASE_NAME string = !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' +output AZURE_COSMOS_DATABASE_NAME string = actualDatabaseName // App outputs output APPLICATIONINSIGHTS_CONNECTION_STRING string = applicationInsights.outputs.connectionString @@ -298,7 +308,7 @@ output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.uri output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name output AZURE_LOCATION string = location output AZURE_TENANT_ID string = tenant().tenantId -output API_BASE_URL string = useAPIM ? 'https://${apim.outputs.name}.azure-api.net/todo' : apiUri +output API_BASE_URL string = useAPIM ? apimApiUri : apiUri output REACT_APP_WEB_BASE_URL string = webUri output USE_APIM bool = useAPIM -output SERVICE_API_ENDPOINTS array = useAPIM ? [ 'https://${apim.outputs.name}.azure-api.net/todo', apiUri ]: [] +output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApiUri, apiUri ]: [] diff --git a/templates/todo/projects/python-mongo-aca/.repo/bicep/infra/main.bicep b/templates/todo/projects/python-mongo-aca/.repo/bicep/infra/main.bicep index 29b8d8c2016..6a553a2c274 100644 --- a/templates/todo/projects/python-mongo-aca/.repo/bicep/infra/main.bicep +++ b/templates/todo/projects/python-mongo-aca/.repo/bicep/infra/main.bicep @@ -64,6 +64,9 @@ param collections array = [ @description('Flag to use Azure API Management to mediate the calls between the Web frontend and the backend API') param useAPIM bool = false +@description('API Management SKU to use if APIM is enabled') +param apimSku string = 'Consumption' + @description('Hostname suffix for container registry. Set when deploying to sovereign clouds') param containerRegistryHostSuffix string = 'azurecr.io' @@ -73,11 +76,14 @@ param principalId string = '' var abbrs = loadJsonContent('../../../../../../common/infra/bicep/abbreviations.json') var resourceToken = toLower(uniqueString(subscription().id, environmentName, location)) var tags = { 'azd-env-name': environmentName } +var defaultDatabaseName = 'Todo' +var actualDatabaseName = !empty(cosmosDatabaseName) ? cosmosDatabaseName : defaultDatabaseName var apiContainerAppNameOrDefault = '${abbrs.appContainerApps}web-${resourceToken}' var corsAcaUrl = 'https://${apiContainerAppNameOrDefault}.${containerAppsEnvironment.outputs.defaultDomain}' var acrPullRole = subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '7f951dda-4ed3-4680-a7ca-43fe172d538d') var webUri = 'https://${web.outputs.fqdn}' var apiUri = 'https://${api.outputs.fqdn}' +var apimApiUri = 'https://${apim.outputs.name}.azure-api.net/todo' // Organize resources in a resource group resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { @@ -113,10 +119,10 @@ module containerRegistry 'br/public:avm/res/container-registry/registry:0.1.1' = //Container apps environment module containerAppsEnvironment 'br/public:avm/res/app/managed-environment:0.4.5' = { - name: 'containerAppsEnvironment' + name: 'container-apps-environment' scope: rg params: { - logAnalyticsWorkspaceResourceId: loganalytics.outputs.resourceId + logAnalyticsWorkspaceResourceId: logAnalytics.outputs.resourceId name: !empty(containerAppsEnvironmentName) ? containerAppsEnvironmentName : '${abbrs.appManagedEnvironments}${resourceToken}' location: location zoneRedundant: false @@ -126,7 +132,7 @@ module containerAppsEnvironment 'br/public:avm/res/app/managed-environment:0.4.5 //the managed identity for web frontend module webIdentity 'br/public:avm/res/managed-identity/user-assigned-identity:0.2.1' = { - name: 'webIdentity' + name: 'webidentity' scope: rg params: { name: '${abbrs.managedIdentityUserAssignedIdentities}web-${resourceToken}' @@ -174,7 +180,7 @@ module web 'br/public:avm/res/app/container-app:0.2.0' = { //the managed identity for api backend module apiIdentity 'br/public:avm/res/managed-identity/user-assigned-identity:0.2.1' = { - name: 'apiIdentity' + name: 'apiidentity' scope: rg params: { name: '${abbrs.managedIdentityUserAssignedIdentities}api-${resourceToken}' @@ -249,7 +255,7 @@ module cosmos 'br/public:avm/res/document-db/database-account:0.4.0' = { location: location mongodbDatabases: [ { - name: 'Todo' + name: actualDatabaseName tags: tags collections: collections } @@ -288,7 +294,7 @@ module keyVault 'br/public:avm/res/key-vault/vault:0.5.1' = { } // Monitor application with Azure loganalytics -module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { +module logAnalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { name: 'loganalytics' scope: rg params: { @@ -299,11 +305,11 @@ module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { // Monitor application with Azure applicationInsights module applicationInsights 'br/public:avm/res/insights/component:0.3.0' = { - name: 'applicationInsights' + name: 'applicationinsights' scope: rg params: { name: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}' - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId location: location } } @@ -320,7 +326,7 @@ module applicationInsightsDashboard '../../../../../common/infra/bicep/app/appli } // Creates Azure API Management (APIM) service to mediate the requests between the frontend and the backend API -module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { +module apim 'br/public:avm/res/api-management/service:0.1.7' = if (useAPIM) { name: 'apim-deployment' scope: rg params: { @@ -329,6 +335,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { publisherName: 'n/a' location: location tags: tags + sku: apimSku + skuCount: 0 apis: [ { name: 'todo-api' @@ -337,6 +345,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { apiDescription: 'This is a simple Todo API' serviceUrl: apiUri subscriptionRequired: false + protocols: [ 'https' ] + type: 'http' value: loadTextContent('../../../../../api/common/openapi.yaml') policies: [ { @@ -350,7 +360,7 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { } // Configures the API in the Azure API Management (APIM) service -module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { +module apimSettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { name: 'apim-api-settings' scope: rg params: { @@ -363,7 +373,7 @@ module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bic // Data outputs output AZURE_COSMOS_CONNECTION_STRING_KEY string = connectionStringKey -output AZURE_COSMOS_DATABASE_NAME string = !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' +output AZURE_COSMOS_DATABASE_NAME string = actualDatabaseName // App outputs output API_CORS_ACA_URL string = corsAcaUrl @@ -376,9 +386,9 @@ output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.uri output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name output AZURE_LOCATION string = location output AZURE_TENANT_ID string = tenant().tenantId -output API_BASE_URL string = useAPIM ? 'https://${apim.outputs.name}.azure-api.net/todo' : apiUri +output API_BASE_URL string = useAPIM ? apimApiUri : apiUri output REACT_APP_WEB_BASE_URL string = webUri output SERVICE_API_NAME string = api.outputs.name output SERVICE_WEB_NAME string = web.outputs.name output USE_APIM bool = useAPIM -output SERVICE_API_ENDPOINTS array = useAPIM ? [ 'https://${apim.outputs.name}.azure-api.net/todo', apiUri ] : [] +output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApiUri, apiUri ] : [] diff --git a/templates/todo/projects/python-mongo-swa-func/.repo/bicep/infra/main.bicep b/templates/todo/projects/python-mongo-swa-func/.repo/bicep/infra/main.bicep index bd6423f7b50..6f0e09dac8a 100644 --- a/templates/todo/projects/python-mongo-swa-func/.repo/bicep/infra/main.bicep +++ b/templates/todo/projects/python-mongo-swa-func/.repo/bicep/infra/main.bicep @@ -64,14 +64,20 @@ param collections array = [ @description('Flag to use Azure API Management to mediate the calls between the Web frontend and the backend API') param useAPIM bool = false +@description('API Management SKU to use if APIM is enabled') +param apimSku string = 'Consumption' + @description('Id of the user or app to assign application roles') param principalId string = '' var abbrs = loadJsonContent('../../../../../../common/infra/bicep/abbreviations.json') var resourceToken = toLower(uniqueString(subscription().id, environmentName, location)) var tags = { 'azd-env-name': environmentName } +var defaultDatabaseName = 'Todo' +var actualDatabaseName = !empty(cosmosDatabaseName) ? cosmosDatabaseName : defaultDatabaseName var webUri = 'https://${web.outputs.defaultHostname}' var apiUri = 'https://${api.outputs.defaultHostname}' +var apimApiUri = 'https://${apim.outputs.name}.azure-api.net/todo' // Organize resources in a resource group resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { @@ -82,7 +88,7 @@ resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { // The application frontend module web 'br/public:avm/res/web/static-site:0.3.0' = { - name: 'web' + name: 'staticweb' scope: rg params: { name: !empty(webServiceName) ? webServiceName : '${abbrs.webStaticSites}web-${resourceToken}' @@ -117,7 +123,7 @@ module api 'br/public:avm/res/web/site:0.3.5' = { appSettingsKeyValuePairs: { API_ALLOW_ORIGINS: webUri AZURE_COSMOS_CONNECTION_STRING_KEY: connectionStringKey - AZURE_COSMOS_DATABASE_NAME: !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' + AZURE_COSMOS_DATABASE_NAME: actualDatabaseName AZURE_KEY_VAULT_ENDPOINT:keyVault.outputs.uri AZURE_COSMOS_ENDPOINT: 'https://${cosmos.outputs.name}.documents.azure.com:443/' FUNCTIONS_EXTENSION_VERSION: '~4' @@ -130,7 +136,7 @@ module api 'br/public:avm/res/web/site:0.3.5' = { } // Give the API access to KeyVault -module accesskeyvault 'br/public:avm/res/key-vault/vault:0.5.1' = { +module accessKeyVault 'br/public:avm/res/key-vault/vault:0.5.1' = { name: 'accesskeyvault' scope: rg params: { @@ -169,7 +175,7 @@ module cosmos 'br/public:avm/res/document-db/database-account:0.4.0' = { location: location mongodbDatabases: [ { - name: 'Todo' + name: actualDatabaseName tags: tags collections: collections } @@ -229,7 +235,7 @@ module keyVault 'br/public:avm/res/key-vault/vault:0.5.1' = { } // Monitor application with Azure loganalytics -module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { +module logAnalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { name: 'loganalytics' scope: rg params: { @@ -240,11 +246,11 @@ module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { // Monitor application with Azure applicationInsights module applicationInsights 'br/public:avm/res/insights/component:0.3.0' = { - name: 'applicationInsights' + name: 'applicationinsights' scope: rg params: { name: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}' - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId location: location } } @@ -261,7 +267,7 @@ module applicationInsightsDashboard '../../../../../common/infra/bicep/app/appli } // Creates Azure API Management (APIM) service to mediate the requests between the frontend and the backend API -module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { +module apim 'br/public:avm/res/api-management/service:0.1.7' = if (useAPIM) { name: 'apim-deployment' scope: rg params: { @@ -270,6 +276,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { publisherName: 'n/a' location: location tags: tags + sku: apimSku + skuCount: 0 apis: [ { name: 'todo-api' @@ -278,6 +286,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { apiDescription: 'This is a simple Todo API' serviceUrl: apiUri subscriptionRequired: false + protocols: [ 'https' ] + type: 'http' value: loadTextContent('../../../../../api/common/openapi.yaml') policies: [ { @@ -291,7 +301,7 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { } // Configures the API in the Azure API Management (APIM) service -module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { +module apimSettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { name: 'apim-api-settings' scope: rg params: { @@ -304,7 +314,7 @@ module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bic // Data outputs output AZURE_COSMOS_CONNECTION_STRING_KEY string = connectionStringKey -output AZURE_COSMOS_DATABASE_NAME string = !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' +output AZURE_COSMOS_DATABASE_NAME string = actualDatabaseName // App outputs output APPLICATIONINSIGHTS_CONNECTION_STRING string = applicationInsights.outputs.connectionString @@ -312,7 +322,7 @@ output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.uri output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name output AZURE_LOCATION string = location output AZURE_TENANT_ID string = tenant().tenantId -output API_BASE_URL string = useAPIM ? 'https://${apim.outputs.name}.azure-api.net/todo' : apiUri +output API_BASE_URL string = useAPIM ? apimApiUri : apiUri output REACT_APP_WEB_BASE_URL string = webUri output USE_APIM bool = useAPIM -output SERVICE_API_ENDPOINTS array = useAPIM ? [ 'https://${apim.outputs.name}.azure-api.net/todo', apiUri ]: [] +output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApiUri, apiUri ]: [] diff --git a/templates/todo/projects/python-mongo/.repo/bicep/infra/main.bicep b/templates/todo/projects/python-mongo/.repo/bicep/infra/main.bicep index 0bc3da3a61f..852e1cf3827 100644 --- a/templates/todo/projects/python-mongo/.repo/bicep/infra/main.bicep +++ b/templates/todo/projects/python-mongo/.repo/bicep/infra/main.bicep @@ -63,14 +63,20 @@ param collections array = [ @description('Flag to use Azure API Management to mediate the calls between the Web frontend and the backend API') param useAPIM bool = false +@description('API Management SKU to use if APIM is enabled') +param apimSku string = 'Consumption' + @description('Id of the user or app to assign application roles') param principalId string = '' var abbrs = loadJsonContent('../../../../../../common/infra/bicep/abbreviations.json') var resourceToken = toLower(uniqueString(subscription().id, environmentName, location)) var tags = { 'azd-env-name': environmentName } +var defaultDatabaseName = 'Todo' +var actualDatabaseName = !empty(cosmosDatabaseName) ? cosmosDatabaseName : defaultDatabaseName var webUri = 'https://${web.outputs.defaultHostname}' var apiUri = 'https://${api.outputs.defaultHostname}' +var apimApiUri = 'https://${apim.outputs.name}.azure-api.net/todo' // Organize resources in a resource group resource rg 'Microsoft.Resources/resourceGroups@2021-04-01' = { @@ -100,8 +106,8 @@ module web 'br/public:avm/res/web/site:0.2.0' = { // The application backend module api 'br/public:avm/res/web/site:0.2.0' = { - scope: rg name: 'api' + scope: rg params: { kind: 'app' name: !empty(apiServiceName) ? apiServiceName : '${abbrs.webSitesAppService}api-${resourceToken}' @@ -123,7 +129,7 @@ module api 'br/public:avm/res/web/site:0.2.0' = { appSettingsKeyValuePairs: { AZURE_KEY_VAULT_ENDPOINT: keyVault.outputs.uri AZURE_COSMOS_CONNECTION_STRING_KEY: connectionStringKey - AZURE_COSMOS_DATABASE_NAME: !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' + AZURE_COSMOS_DATABASE_NAME: actualDatabaseName AZURE_COSMOS_ENDPOINT: 'https://${cosmos.outputs.name}.documents.azure.com:443/' API_ALLOW_ORIGINS: webUri SCM_DO_BUILD_DURING_DEPLOYMENT: 'True' @@ -133,7 +139,7 @@ module api 'br/public:avm/res/web/site:0.2.0' = { } // Give the API access to KeyVault -module accesskeyvault 'br/public:avm/res/key-vault/vault:0.3.5' = { +module accessKeyVault 'br/public:avm/res/key-vault/vault:0.3.5' = { name: 'accesskeyvault' scope: rg params: { @@ -172,7 +178,7 @@ module cosmos 'br/public:avm/res/document-db/database-account:0.4.0' = { location: location mongodbDatabases: [ { - name: 'Todo' + name: actualDatabaseName tags: tags collections: collections } @@ -214,7 +220,7 @@ module keyVault 'br/public:avm/res/key-vault/vault:0.3.5' = { } // Monitor application with Azure loganalytics -module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { +module logAnalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { name: 'loganalytics' scope: rg params: { @@ -225,11 +231,11 @@ module loganalytics 'br/public:avm/res/operational-insights/workspace:0.3.4' = { // Monitor application with Azure applicationInsights module applicationInsights 'br/public:avm/res/insights/component:0.3.0' = { - name: 'applicationInsights' + name: 'applicationinsights' scope: rg params: { name: !empty(applicationInsightsName) ? applicationInsightsName : '${abbrs.insightsComponents}${resourceToken}' - workspaceResourceId: loganalytics.outputs.resourceId + workspaceResourceId: logAnalytics.outputs.resourceId location: location } } @@ -246,7 +252,7 @@ module applicationInsightsDashboard '../../../../../common/infra/bicep/app/appli } // Creates Azure API Management (APIM) service to mediate the requests between the frontend and the backend API -module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { +module apim 'br/public:avm/res/api-management/service:0.1.7' = if (useAPIM) { name: 'apim-deployment' scope: rg params: { @@ -255,6 +261,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { publisherName: 'n/a' location: location tags: tags + sku: apimSku + skuCount: 0 apis: [ { name: 'todo-api' @@ -263,6 +271,8 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { apiDescription: 'This is a simple Todo API' serviceUrl: apiUri subscriptionRequired: false + protocols: [ 'https' ] + type: 'http' value: loadTextContent('../../../../../api/common/openapi.yaml') policies: [ { @@ -276,9 +286,9 @@ module apim 'br/public:avm/res/api-management/service:0.1.3' = if (useAPIM) { } // Configures the API in the Azure API Management (APIM) service -module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { - scope: rg +module apimSettings '../../../../../common/infra/bicep/app/apim-api-settings.bicep' = if (useAPIM) { name: 'apim-api-settings' + scope: rg params: { apiAppName: api.outputs.name apiName: 'todo-api' @@ -290,7 +300,7 @@ module apimsettings '../../../../../common/infra/bicep/app/apim-api-settings.bic // Data outputs output AZURE_COSMOS_CONNECTION_STRING_KEY string = connectionStringKey -output AZURE_COSMOS_DATABASE_NAME string = !empty(cosmosDatabaseName) ? cosmosDatabaseName: 'Todo' +output AZURE_COSMOS_DATABASE_NAME string = actualDatabaseName // App outputs output APPLICATIONINSIGHTS_CONNECTION_STRING string = applicationInsights.outputs.connectionString @@ -298,7 +308,7 @@ output AZURE_KEY_VAULT_ENDPOINT string = keyVault.outputs.uri output AZURE_KEY_VAULT_NAME string = keyVault.outputs.name output AZURE_LOCATION string = location output AZURE_TENANT_ID string = tenant().tenantId -output API_BASE_URL string = useAPIM ? 'https://${apim.outputs.name}.azure-api.net/todo' : apiUri +output API_BASE_URL string = useAPIM ? apimApiUri : apiUri output REACT_APP_WEB_BASE_URL string = webUri output USE_APIM bool = useAPIM -output SERVICE_API_ENDPOINTS array = useAPIM ? [ 'https://${apim.outputs.name}.azure-api.net/todo', apiUri ]: [] +output SERVICE_API_ENDPOINTS array = useAPIM ? [ apimApiUri, apiUri ]: []