Created traffic manager profile bicep template(s)

.github/workflows/ms.network.trafficmanagerprofiles.yml

@@ -81,7 +81,7 @@ jobs:
       - name: "Test module"
         uses: ./.github/actions/templates/validateModuleDeploy
         with:
-          templateFilePath: '${{ env.modulePath }}/deploy.json'
+          templateFilePath: '${{ env.modulePath }}/deploy.bicep'
           parameterFilePath: '${{ env.modulePath }}/parameters/${{ matrix.parameterFilePaths }}'
           location: '${{ env.defaultLocation }}'
           resourceGroupName: '${{ env.resourceGroupName }}'
@@ -116,7 +116,7 @@ jobs:
         uses: ./.github/actions/templates/deployModule
         with:
           moduleName: '${{ env.moduleName }}'
-          templateFilePath: '${{ env.modulePath }}/deploy.json'
+          templateFilePath: '${{ env.modulePath }}/deploy.bicep'
           parameterFilePath: '${{ env.modulePath }}/parameters/${{ matrix.parameterFilePaths }}'
           location: '${{ env.defaultLocation }}'
           resourceGroupName: '${{ env.resourceGroupName }}'
@@ -146,7 +146,7 @@ jobs:
       - name: "Publish module"
         uses: ./.github/actions/templates/publishModule
         with:
-          templateFilePath: '${{ env.modulePath }}/deploy.json'
+          templateFilePath: '${{ env.modulePath }}/deploy.bicep'
           componentTemplateSpecRGName: '${{ env.componentTemplateSpecRGName }}'
           componentTemplateSpecRGLocation: '${{ env.componentTemplateSpecRGLocation }}'
           componentTemplateSpecName: '${{ env.moduleName }}'
@@ -178,5 +178,5 @@ jobs:
         uses: ./.github/actions/templates/removeModule
         with:
           moduleName: '${{ env.moduleName }}'
-          templateFilePath: '${{ env.modulePath }}/deploy.json'
+          templateFilePath: '${{ env.modulePath }}/deploy.bicep'
           resourceGroupName: '${{ env.resourceGroupName }}'

README.md

@@ -110,7 +110,7 @@ This repository includes a collection of advanced and curated Modules consisting
 | [SQL Managed Instances](https://github.com/Azure/ResourceModules/tree/main/arm/Microsoft.Sql/managedInstances) |  | [![Sql: Managedinstances](https://github.com/Azure/ResourceModules/actions/workflows/ms.sql.managedinstances.yml/badge.svg)](https://github.com/Azure/ResourceModules/actions/workflows/ms.sql.managedinstances.yml) | [![Deploy to Azure](/docs/media/deploytoazure.svg?sanitize=true)](<https://portal.azure.com/#create/Microsoft.Template/uri/https%3a%2f%2fraw.githubusercontent.com%2fAzure%2fResourceModules%2fmain%2farm%5cMicrosoft.Sql%5cmanagedInstances%2fdeploy.json>) |
 | [StorageAccounts](https://github.com/Azure/ResourceModules/tree/main/arm/Microsoft.Storage/storageAccounts) | :heavy_check_mark: | [![Storage Account](https://github.com/Azure/ResourceModules/actions/workflows/ms.storage.storageaccounts.yml/badge.svg)](https://github.com/Azure/ResourceModules/actions/workflows/ms.storage.storageaccounts.yml) | [![Deploy to Azure](/docs/media/deploytoazure.svg?sanitize=true)](<https://portal.azure.com/#create/Microsoft.Template/uri/https%3a%2f%2fraw.githubusercontent.com%2fAzure%2fResourceModules%2fmain%2farm%5cMicrosoft.Storage%5cstorageAccounts%2fdeploy.json>) |
 | [Subscription](https://github.com/Azure/ResourceModules/tree/main/arm/Microsoft.Subscription/aliases) |  | [![Subscription: Aliases](https://github.com/Azure/ResourceModules/actions/workflows/ms.subscription.aliases.yml/badge.svg)](https://github.com/Azure/ResourceModules/actions/workflows/ms.subscription.aliases.yml) | [![Deploy to Azure](/docs/media/deploytoazure.svg?sanitize=true)](<https://portal.azure.com/#create/Microsoft.Template/uri/https%3a%2f%2fraw.githubusercontent.com%2fAzure%2fResourceModules%2fmain%2farm%5cMicrosoft.Subscription%5caliases%2fdeploy.json>) |
-| [TrafficManager](https://github.com/Azure/ResourceModules/tree/main/arm/Microsoft.Network/trafficmanagerprofiles) |  | [![Network: Trafficmanagerprofiles](https://github.com/Azure/ResourceModules/actions/workflows/ms.network.trafficmanagerprofiles.yml/badge.svg)](https://github.com/Azure/ResourceModules/actions/workflows/ms.network.trafficmanagerprofiles.yml) | [![Deploy to Azure](/docs/media/deploytoazure.svg?sanitize=true)](<https://portal.azure.com/#create/Microsoft.Template/uri/https%3a%2f%2fraw.githubusercontent.com%2fAzure%2fResourceModules%2fmain%2farm%5cMicrosoft.Network%5ctrafficmanagerprofiles%2fdeploy.json>) |
+| [TrafficManager](https://github.com/Azure/ResourceModules/tree/main/arm/Microsoft.Network/trafficmanagerprofiles) | :heavy_check_mark: | [![Network: Trafficmanagerprofiles](https://github.com/Azure/ResourceModules/actions/workflows/ms.network.trafficmanagerprofiles.yml/badge.svg)](https://github.com/Azure/ResourceModules/actions/workflows/ms.network.trafficmanagerprofiles.yml) | [![Deploy to Azure](/docs/media/deploytoazure.svg?sanitize=true)](<https://portal.azure.com/#create/Microsoft.Template/uri/https%3a%2f%2fraw.githubusercontent.com%2fAzure%2fResourceModules%2fmain%2farm%5cMicrosoft.Network%5ctrafficmanagerprofiles%2fdeploy.json>) |
 | [User Assigned Identities](https://github.com/Azure/ResourceModules/tree/main/arm/Microsoft.ManagedIdentity/userAssignedIdentities) | :heavy_check_mark: | [![ManagedIdentity: Userassignedidentities](https://github.com/Azure/ResourceModules/actions/workflows/ms.managedidentity.userassignedidentities.yml/badge.svg)](https://github.com/Azure/ResourceModules/actions/workflows/ms.managedidentity.userassignedidentities.yml) | [![Deploy to Azure](/docs/media/deploytoazure.svg?sanitize=true)](<https://portal.azure.com/#create/Microsoft.Template/uri/https%3a%2f%2fraw.githubusercontent.com%2fAzure%2fResourceModules%2fmain%2farm%5cMicrosoft.ManagedIdentity%5cuserAssignedIdentities%2fdeploy.json>) |
 | [Virtual Machine Scale Sets](https://github.com/Azure/ResourceModules/tree/main/arm/Microsoft.Compute/virtualMachineScaleSets) | :heavy_check_mark: | [![Compute: Virtualmachinescalesets](https://github.com/Azure/ResourceModules/actions/workflows/ms.compute.virtualmachinescalesets.yml/badge.svg)](https://github.com/Azure/ResourceModules/actions/workflows/ms.compute.virtualmachinescalesets.yml) | [![Deploy to Azure](/docs/media/deploytoazure.svg?sanitize=true)](<https://portal.azure.com/#create/Microsoft.Template/uri/https%3a%2f%2fraw.githubusercontent.com%2fAzure%2fResourceModules%2fmain%2farm%5cMicrosoft.Compute%5cvirtualMachineScaleSets%2fdeploy.json>) |
 | [Virtual Machines](https://github.com/Azure/ResourceModules/tree/main/arm/Microsoft.Compute/virtualMachines) |  | [![Compute: Virtualmachines](https://github.com/Azure/ResourceModules/actions/workflows/ms.compute.virtualmachines.yml/badge.svg)](https://github.com/Azure/ResourceModules/actions/workflows/ms.compute.virtualmachines.yml) | [![Deploy to Azure](/docs/media/deploytoazure.svg?sanitize=true)](<https://portal.azure.com/#create/Microsoft.Template/uri/https%3a%2f%2fraw.githubusercontent.com%2fAzure%2fResourceModules%2fmain%2farm%5cMicrosoft.Compute%5cvirtualMachines%2fdeploy.json>) |

arm/.global/global.module.tests.ps1

@@ -712,7 +712,7 @@ Describe "Deployment template tests" -Tag Template {
             $Variable = ($Template.variables | Get-Member | Where-Object { $_.MemberType -eq "NoteProperty" }).Name
 
             foreach ($Variab in $Variable) {
-                if ($Variab.substring(0, 1) -cnotmatch '[a-z]' -or $Variab -match '-' -or $Variab -match '_') {
+                if ($Variab.substring(0, 1) -cnotmatch '[a-z]' -or $Variab -match '-') {
                     $CamelCasingFlag += $false
                 }
                 else {
@@ -832,6 +832,9 @@ Describe "Deployment template tests" -Tag Template {
                 elseif (($Locmand | Get-Member | Where-Object { $_.MemberType -eq "NoteProperty" }).Name -notcontains "Location") {
                     $LocationParamFlag += $true
                 }
+                elseif (($Locmand | Get-Member | Where-Object { $_.MemberType -eq "NoteProperty" }).Name -notcontains "resourceGroup") {
+                    $LocationParamFlag += $true    
+                }
                 else {
                     $LocationParamFlag += $false
                 }

arm/Microsoft.Network/trafficmanagerprofiles/.bicep/nested_rbac.bicep

@@ -0,0 +1,11 @@
+param roleAssignmentObj object
+param builtInRoleNames object
+param resourceName string
+
+resource roleAssigment 'Microsoft.Network/trafficmanagerprofiles/providers/roleAssignments@2020-04-01-preview' = [for principalId in roleAssignmentObj.principalIds: {
+  name: '${resourceName}/Microsoft.Authorization/${guid(resourceName, principalId, roleAssignmentObj.roleDefinitionIdOrName)}'
+  properties: {
+    roleDefinitionId: (contains(builtInRoleNames, roleAssignmentObj.roleDefinitionIdOrName) ? builtInRoleNames[roleAssignmentObj.roleDefinitionIdOrName] : roleAssignmentObj.roleDefinitionIdOrName)
+    principalId: principalId
+  }
+}]

arm/Microsoft.Network/trafficmanagerprofiles/deploy.bicep

@@ -0,0 +1,173 @@
+@description('Required. Name of the Traffic Manager')
+@minLength(1)
+param trafficManagerName string
+
+@description('Optional. The status of the Traffic Manager profile.')
+@allowed([
+  'Enabled'
+  'Disabled'
+])
+param profileStatus string = 'Enabled'
+
+@description('Optional. The traffic routing method of the Traffic Manager profile.')
+@allowed([
+  'Performance'
+  'Priority'
+  'Weighted'
+  'Geographic'
+  'MultiValue'
+  'Subnet'
+])
+param trafficRoutingMethod string = 'Performance'
+
+@description('Required. The relative DNS name provided by this Traffic Manager profile. This value is combined with the DNS domain name used by Azure Traffic Manager to form the fully-qualified domain name (FQDN) of the profile.')
+param relativeName string
+
+@description('Optional. The DNS Time-To-Live (TTL), in seconds. This informs the local DNS resolvers and DNS clients how long to cache DNS responses provided by this Traffic Manager profile.')
+param ttl int = 60
+
+@description('Optional. The endpoint monitoring settings of the Traffic Manager profile.')
+param monitorConfig object = {
+  protocol: 'http'
+  port: '80'
+  path: '/'
+}
+
+@description('Optional. The list of endpoints in the Traffic Manager profile.')
+param endpoints array = []
+
+@description('Optional. Indicates whether Traffic View is \'Enabled\' or \'Disabled\' for the Traffic Manager profile. Null, indicates \'Disabled\'. Enabling this feature will increase the cost of the Traffic Manage profile.')
+@allowed([
+  'Disabled'
+  'Enabled'
+])
+param trafficViewEnrollmentStatus string = 'Disabled'
+
+@description('Optional. Maximum number of endpoints to be returned for MultiValue routing type.')
+param maxReturn int = 1
+
+@description('Optional. Specifies the number of days that logs will be kept for; a value of 0 will retain data indefinitely.')
+@minValue(0)
+@maxValue(365)
+param diagnosticLogsRetentionInDays int = 365
+
+@description('Optional. Resource identifier of the Diagnostic Storage Account.')
+param diagnosticStorageAccountId string = ''
+
+@description('Optional. Resource identifier of Log Analytics.')
+param workspaceId string = ''
+
+@description('Optional. Resource ID of the event hub authorization rule for the Event Hubs namespace in which the event hub should be created or streamed to.')
+param eventHubAuthorizationRuleId string = ''
+
+@description('Optional. Name of the event hub within the namespace to which logs are streamed. Without this, an event hub is created for each log category.')
+param eventHubName string = ''
+
+@description('Optional. Switch to lock Traffic Manager from deletion.')
+param lockForDeletion bool = false
+
+@description('Optional. Array of role assignment objects that contain the \'roleDefinitionIdOrName\' and \'principalId\' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'')
+param roleAssignments array = []
+
+@description('Optional. Resource tags.')
+param tags object = {}
+
+@description('Optional. Customer Usage Attribution id (GUID). This GUID must be previously registered')
+param cuaId string = ''
+
+var diagnosticsMetrics = [
+  {
+    category: 'AllMetrics'
+    timeGrain: null
+    enabled: true
+    retentionPolicy: {
+      enabled: true
+      days: diagnosticLogsRetentionInDays
+    }
+  }
+]
+var diagnosticsLogs = [
+  {
+    category: 'ProbeHealthStatusEvents'
+    enabled: true
+    retentionPolicy: {
+      enabled: true
+      days: diagnosticLogsRetentionInDays
+    }
+  }
+]
+var builtInRoleNames = {
+  'Owner': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','8e3af657-a8ff-443c-a75c-2fe8c4bcb635')
+  'Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','b24988ac-6180-42a0-ab88-20f7382dd24c')
+  'Reader': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','acdd72a7-3385-48ef-bd42-f606fba81ae7')
+  'Avere Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','4f8fab4f-1852-4a58-a46a-8eaf358af14a')
+  'Log Analytics Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','92aaf0da-9dab-42b6-94a3-d43ce8d16293')
+  'Log Analytics Reader': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','73c42c96-874c-492b-b04d-ab87d138a893')
+  'Managed Application Contributor Role': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','641177b8-a67a-45b9-a033-47bc880bb21e')
+  'Managed Application Operator Role': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','c7393b34-138c-406f-901b-d8cf2b17e6ae')
+  'Managed Applications Reader': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','b9331d33-8a36-4f8c-b097-4f54124fdb44')
+  'Monitoring Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','749f88d5-cbae-40b8-bcfc-e573ddc772fa')
+  'Monitoring Metrics Publisher': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','3913510d-42f4-4e42-8a64-420c390055eb')
+  'Monitoring Reader': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','43d0d8ad-25c7-4714-9337-8ba259a9fe05')
+  'Network Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','4d97b98b-1d4f-4787-a291-c67834d212e7')
+  'Resource Policy Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','36243c78-bf99-498c-9df9-86d9f8d28608')
+  'Traffic Manager Contributor': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','a4b10055-b0c7-44c2-b00f-c7b5b3550cf7')
+  'User Access Administrator': subscriptionResourceId('Microsoft.Authorization/roleDefinitions','18d7d88d-d35e-4fb5-a5c3-7773c20a72d9')
+}
+
+module pid_cuaId './.bicep/nested_cuaId.bicep' = if (!empty(cuaId)) {
+  name: 'pid-${cuaId}'
+  params: {}
+}
+
+resource trafficmanagerprofile 'Microsoft.Network/trafficmanagerprofiles@2018-08-01' = {
+  name: trafficManagerName
+  tags: tags
+  location: 'global'
+  properties: {
+    profileStatus: profileStatus
+    trafficRoutingMethod: trafficRoutingMethod
+    dnsConfig: {
+      relativeName: relativeName
+      ttl: ttl
+    }
+    monitorConfig: monitorConfig
+    endpoints: endpoints
+    trafficViewEnrollmentStatus: trafficViewEnrollmentStatus
+    maxReturn: maxReturn
+  }
+}
+
+resource trafficmanagerprofile_lock 'Microsoft.Authorization/locks@2016-09-01' = if (lockForDeletion) {
+  name: '${trafficmanagerprofile.name}-doNotDelete'
+  properties: {
+    level: 'CanNotDelete'
+  }
+  scope: trafficmanagerprofile
+}
+
+resource trafficmanagerprofile_diagnosticSettings 'Microsoft.Insights/diagnosticsettings@2017-05-01-preview' = if ((!empty(diagnosticStorageAccountId)) || (!empty(workspaceId)) || (!empty(eventHubAuthorizationRuleId)) || (!empty(eventHubName))) {
+  name: '${trafficmanagerprofile.name}-diagnosticSettings'
+  properties: {
+    storageAccountId: (empty(diagnosticStorageAccountId) ? json('null') : diagnosticStorageAccountId)
+    workspaceId: (empty(workspaceId) ? json('null') : workspaceId)
+    eventHubAuthorizationRuleId: (empty(eventHubAuthorizationRuleId) ? json('null') : eventHubAuthorizationRuleId)
+    eventHubName: (empty(eventHubName) ? json('null') : eventHubName)
+    metrics: ((empty(diagnosticStorageAccountId) && empty(workspaceId) && empty(eventHubAuthorizationRuleId) && empty(eventHubName)) ? json('null') : diagnosticsMetrics)
+    logs: ((empty(diagnosticStorageAccountId) && empty(workspaceId) && empty(eventHubAuthorizationRuleId) && empty(eventHubName)) ? json('null') : diagnosticsLogs)
+  }
+  scope: trafficmanagerprofile
+}
+
+module trafficmanagerprofile_rbac './.bicep/nested_rbac.bicep' = [for (roleAssignment, index) in roleAssignments: {
+  name: 'rbac-${deployment().name}${index}'
+  params: {
+    roleAssignmentObj: roleAssignment
+    builtInRoleNames: builtInRoleNames
+    resourceName: trafficmanagerprofile.name
+  }
+}]
+
+output trafficManagerResourceId string = trafficmanagerprofile.id
+output trafficManagerResourceGroup string = resourceGroup().name
+output trafficManagerName string = trafficmanagerprofile.name