From e7471915f8b2663f4706e5997f618a8bf398a6da Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 20 Oct 2022 09:36:51 +0200 Subject: [PATCH 1/3] Updated API versions --- .../workspaces/.bicep/nested_roleAssignments.bicep | 2 +- .../workspaces/computes/deploy.bicep | 4 ++-- .../workspaces/computes/readme.md | 2 +- .../workspaces/deploy.bicep | 4 +++- .../Microsoft.MachineLearningServices/workspaces/readme.md | 6 +++--- 5 files changed, 10 insertions(+), 8 deletions(-) diff --git a/modules/Microsoft.MachineLearningServices/workspaces/.bicep/nested_roleAssignments.bicep b/modules/Microsoft.MachineLearningServices/workspaces/.bicep/nested_roleAssignments.bicep index e4dd88e38d..25f9275585 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/.bicep/nested_roleAssignments.bicep +++ b/modules/Microsoft.MachineLearningServices/workspaces/.bicep/nested_roleAssignments.bicep @@ -50,7 +50,7 @@ var builtInRoleNames = { 'User Access Administrator': subscriptionResourceId('Microsoft.Authorization/roleDefinitions', '18d7d88d-d35e-4fb5-a5c3-7773c20a72d9') } -resource workspace 'Microsoft.MachineLearningServices/workspaces@2021-04-01' existing = { +resource workspace 'Microsoft.MachineLearningServices/workspaces@2022-05-01' existing = { name: last(split(resourceId, '/')) } diff --git a/modules/Microsoft.MachineLearningServices/workspaces/computes/deploy.bicep b/modules/Microsoft.MachineLearningServices/workspaces/computes/deploy.bicep index 1c3be841af..4c27eed980 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/computes/deploy.bicep +++ b/modules/Microsoft.MachineLearningServices/workspaces/computes/deploy.bicep @@ -79,7 +79,7 @@ var identity = identityType != 'None' ? { // ============================= // // Existing resources references // // ============================= // -resource machineLearningWorkspace 'Microsoft.MachineLearningServices/workspaces@2021-04-01' existing = { +resource machineLearningWorkspace 'Microsoft.MachineLearningServices/workspaces@2022-05-01' existing = { name: machineLearningWorkspaceName } @@ -98,7 +98,7 @@ resource defaultTelemetry 'Microsoft.Resources/deployments@2021-04-01' = if (ena } } -resource machineLearningWorkspaceCompute 'Microsoft.MachineLearningServices/workspaces/computes@2022-01-01-preview' = if (deployCompute == true) { +resource machineLearningWorkspaceCompute 'Microsoft.MachineLearningServices/workspaces/computes@2022-05-01' = if (deployCompute == true) { name: name location: location tags: empty(resourceId) ? tags : any(null) diff --git a/modules/Microsoft.MachineLearningServices/workspaces/computes/readme.md b/modules/Microsoft.MachineLearningServices/workspaces/computes/readme.md index b5e14f3b8f..bd72e965f4 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/computes/readme.md +++ b/modules/Microsoft.MachineLearningServices/workspaces/computes/readme.md @@ -14,7 +14,7 @@ Attaching a compute is not idempotent and will fail in case you try to redeploy | Resource Type | API Version | | :-- | :-- | -| `Microsoft.MachineLearningServices/workspaces/computes` | [2022-01-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.MachineLearningServices/2022-01-01-preview/workspaces/computes) | +| `Microsoft.MachineLearningServices/workspaces/computes` | [2022-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.MachineLearningServices/2022-05-01/workspaces/computes) | ## Parameters diff --git a/modules/Microsoft.MachineLearningServices/workspaces/deploy.bicep b/modules/Microsoft.MachineLearningServices/workspaces/deploy.bicep index 7eeb19dbc4..16dd20cc6a 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/deploy.bicep +++ b/modules/Microsoft.MachineLearningServices/workspaces/deploy.bicep @@ -9,7 +9,9 @@ param location string = resourceGroup().location @sys.description('Required. Specifies the SKU, also referred as \'edition\' of the Azure Machine Learning workspace.') @allowed([ + 'Free' 'Basic' + 'Standard' 'Enterprise' ]) param sku string @@ -190,7 +192,7 @@ resource cMKKeyVaultKey 'Microsoft.KeyVault/vaults/keys@2021-10-01' existing = i scope: resourceGroup(split(cMKKeyVaultResourceId, '/')[2], split(cMKKeyVaultResourceId, '/')[4]) } -resource workspace 'Microsoft.MachineLearningServices/workspaces@2021-07-01' = { +resource workspace 'Microsoft.MachineLearningServices/workspaces@2022-05-01' = { name: name location: location tags: tags diff --git a/modules/Microsoft.MachineLearningServices/workspaces/readme.md b/modules/Microsoft.MachineLearningServices/workspaces/readme.md index 7d55ba6309..238c02eaac 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/readme.md +++ b/modules/Microsoft.MachineLearningServices/workspaces/readme.md @@ -17,8 +17,8 @@ This module deploys a Machine Learning Services Workspace. | `Microsoft.Authorization/locks` | [2017-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2017-04-01/locks) | | `Microsoft.Authorization/roleAssignments` | [2022-04-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Authorization/2022-04-01/roleAssignments) | | `Microsoft.Insights/diagnosticSettings` | [2021-05-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Insights/2021-05-01-preview/diagnosticSettings) | -| `Microsoft.MachineLearningServices/workspaces` | [2021-07-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.MachineLearningServices/2021-07-01/workspaces) | -| `Microsoft.MachineLearningServices/workspaces/computes` | [2022-01-01-preview](https://docs.microsoft.com/en-us/azure/templates/Microsoft.MachineLearningServices/2022-01-01-preview/workspaces/computes) | +| `Microsoft.MachineLearningServices/workspaces` | [2022-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.MachineLearningServices/2022-05-01/workspaces) | +| `Microsoft.MachineLearningServices/workspaces/computes` | [2022-05-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.MachineLearningServices/2022-05-01/workspaces/computes) | | `Microsoft.Network/privateEndpoints` | [2021-08-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-08-01/privateEndpoints) | | `Microsoft.Network/privateEndpoints/privateDnsZoneGroups` | [2021-08-01](https://docs.microsoft.com/en-us/azure/templates/Microsoft.Network/2021-08-01/privateEndpoints/privateDnsZoneGroups) | @@ -32,7 +32,7 @@ This module deploys a Machine Learning Services Workspace. | `associatedKeyVaultResourceId` | string | | The resource ID of the associated Key Vault. | | `associatedStorageAccountResourceId` | string | | The resource ID of the associated Storage Account. | | `name` | string | | The name of the machine learning workspace. | -| `sku` | string | `[Basic, Enterprise]` | Specifies the SKU, also referred as 'edition' of the Azure Machine Learning workspace. | +| `sku` | string | `[Basic, Enterprise, Free, Standard]` | Specifies the SKU, also referred as 'edition' of the Azure Machine Learning workspace. | **Conditional parameters** From df3fbefe81d20f3f012a804513c78c623028b2c3 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 20 Oct 2022 10:08:03 +0200 Subject: [PATCH 2/3] Added new param --- .../workspaces/deploy.bicep | 8 ++++++++ .../workspaces/readme.md | 2 ++ 2 files changed, 10 insertions(+) diff --git a/modules/Microsoft.MachineLearningServices/workspaces/deploy.bicep b/modules/Microsoft.MachineLearningServices/workspaces/deploy.bicep index 16dd20cc6a..c0d331732c 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/deploy.bicep +++ b/modules/Microsoft.MachineLearningServices/workspaces/deploy.bicep @@ -133,6 +133,12 @@ param imageBuildCompute string = '' @sys.description('Conditional. The user assigned identity resource ID that represents the workspace identity. Required if \'userAssignedIdentities\' is not empty and may not be used if \'systemAssignedIdentity\' is enabled.') param primaryUserAssignedIdentity string = '' +@sys.description('Optional. The service managed resource settings.') +param serviceManagedResourcesSettings object = {} + +@sys.description('Optional. The list of shared private link resources in this workspace.') +param sharedPrivateLinkResources array = [] + @sys.description('Optional. Whether or not public network access is allowed for this resource. For security reasons it should be disabled. If not specified, it will be disabled by default if private endpoints are set.') @allowed([ '' @@ -224,6 +230,8 @@ resource workspace 'Microsoft.MachineLearningServices/workspaces@2022-05-01' = { imageBuildCompute: imageBuildCompute primaryUserAssignedIdentity: primaryUserAssignedIdentity publicNetworkAccess: !empty(publicNetworkAccess) ? any(publicNetworkAccess) : (!empty(privateEndpoints) ? 'Disabled' : 'Enabled') + serviceManagedResourcesSettings: serviceManagedResourcesSettings + sharedPrivateLinkResources: sharedPrivateLinkResources } } diff --git a/modules/Microsoft.MachineLearningServices/workspaces/readme.md b/modules/Microsoft.MachineLearningServices/workspaces/readme.md index 238c02eaac..05874f0959 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/readme.md +++ b/modules/Microsoft.MachineLearningServices/workspaces/readme.md @@ -71,6 +71,8 @@ This module deploys a Machine Learning Services Workspace. | `privateEndpoints` | array | `[]` | | Configuration details for private endpoints. For security reasons, it is recommended to use private endpoints whenever possible. | | `publicNetworkAccess` | string | `''` | `['', Disabled, Enabled]` | Whether or not public network access is allowed for this resource. For security reasons it should be disabled. If not specified, it will be disabled by default if private endpoints are set. | | `roleAssignments` | array | `[]` | | Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | +| `serviceManagedResourcesSettings` | object | `{object}` | | The service managed resource settings. | +| `sharedPrivateLinkResources` | array | `[]` | | The list of shared private link resources in this workspace. | | `tags` | object | `{object}` | | Resource tags. | From 4e82a3fb4fdb76003e9c52e94997a685a7dbcc50 Mon Sep 17 00:00:00 2001 From: MrMCake Date: Thu, 20 Oct 2022 10:47:48 +0200 Subject: [PATCH 3/3] Shortened the name to account for length restrictions --- .../workspaces/.test/encr/dependencies.bicep | 2 ++ .../workspaces/.test/encr/deploy.test.bicep | 2 +- .../Microsoft.MachineLearningServices/workspaces/readme.md | 6 +++--- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/modules/Microsoft.MachineLearningServices/workspaces/.test/encr/dependencies.bicep b/modules/Microsoft.MachineLearningServices/workspaces/.test/encr/dependencies.bicep index 92da46f72a..3b36df5dc2 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/.test/encr/dependencies.bicep +++ b/modules/Microsoft.MachineLearningServices/workspaces/.test/encr/dependencies.bicep @@ -5,6 +5,8 @@ param location string = resourceGroup().location param virtualNetworkName string @description('Required. The name of the Key Vault to create.') +@minLength(3) +@maxLength(24) param keyVaultName string @description('Required. The name of the Managed Identity to create.') diff --git a/modules/Microsoft.MachineLearningServices/workspaces/.test/encr/deploy.test.bicep b/modules/Microsoft.MachineLearningServices/workspaces/.test/encr/deploy.test.bicep index 672f97ca0e..cb21191a44 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/.test/encr/deploy.test.bicep +++ b/modules/Microsoft.MachineLearningServices/workspaces/.test/encr/deploy.test.bicep @@ -11,7 +11,7 @@ param resourceGroupName string = 'ms.machinelearningservices.workspaces-${servic param location string = deployment().location @description('Optional. A short identifier for the kind of deployment. Should be kept short to not run into resource-name length-constraints.') -param serviceShort string = 'mlswencr' +param serviceShort string = 'mlswecr' @description('Generated. Used as a basis for unique resource names.') param baseTime string = utcNow('u') diff --git a/modules/Microsoft.MachineLearningServices/workspaces/readme.md b/modules/Microsoft.MachineLearningServices/workspaces/readme.md index 05874f0959..7bf9c4fa97 100644 --- a/modules/Microsoft.MachineLearningServices/workspaces/readme.md +++ b/modules/Microsoft.MachineLearningServices/workspaces/readme.md @@ -638,13 +638,13 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' ```bicep module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' = { - name: '${uniqueString(deployment().name)}-test-mlswencr' + name: '${uniqueString(deployment().name)}-test-mlswecr' params: { // Required parameters associatedApplicationInsightsResourceId: '' associatedKeyVaultResourceId: '' associatedStorageAccountResourceId: '' - name: '<>mlswencr001' + name: '<>mlswecr001' sku: 'Basic' // Non-required parameters cMKKeyName: '' @@ -693,7 +693,7 @@ module workspaces './Microsoft.MachineLearningServices/workspaces/deploy.bicep' "value": "" }, "name": { - "value": "<>mlswencr001" + "value": "<>mlswecr001" }, "sku": { "value": "Basic"