Skip to content

Releases: Azure/ALZ-Bicep

v0.9.0

09 Jun 18:40
@jtracey93 jtracey93
v0.9.0
48bb2d4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.9.0

Overview/Summary

A huge thanks to @rjygraham for all his efforts on this PR and to the rest of the ALZ-Bicep core team for testing and reviewing 👏

This release includes PR #227 which focuses on code/file hygiene and consistency across modules. This includes ensuring file names, parameters, outputs are camelCased and changes to readability of parameters and outputs to ensure ALZ-Bicep is user-friendly and approachable to new users.

NOTE: The likelihood of experiencing breaking changes is high since this release touches nearly every file. Please carefully review the Breaking Changes section below for details on what's changed and suggestions for migrating to this release.

Breaking Changes

The breaking changes fall into two categories:

  • File/module name changes/moves
  • Parameter/output name changes

Bicep Template File Name Changes

The following Bicep files/modules have had their names changed:

Module                 Old File Name                                           New File Name                                        
customRoleDefinitions definitions/caf-subscription-owner-role.bicep           definitions/cafSubscriptionOwnerRole.bicep          
customRoleDefinitions definitions/caf-application-owner-role.bicep             definitions/cafApplicationOwnerRole.bicep            
customRoleDefinitions definitions/caf-network-management-role.bicep           definitions/cafNetworkManagementRole.bicep          
customRoleDefinitions definitions/caf-security-operations-role.bicep           definitions/cafSecurityOperationsRole.bicep          
customRoleDefinitions definitions/china/mc-caf-network-management-role.bicep   definitions/china/mc-cafNetworkManagementRole.bicep  
customRoleDefinitions definitions/china/mc-caf-security-operations-role.bicep definitions/china/mc-cafSecurityOperationsRole.bicep
customPolicyDefinitions                definitions/custom-policy-definitions.bicep             definitions/customPolicyDefinitions.bicep            
customPolicyDefinitions                definitions/mc-custom-policy-definitions.bicep           definitions/mc-customPolicyDefinitions.bicep        
hubSpoke               orchestration/hubSpoke/orch-HubSpoke.bicep               orchestration/hubSpoke/orchHubSpoke.bicep            

Bicep Parameter File Name Changes

All modules have had their parameter files moved and names changed. Rather than detail each change individually, the guidance below illustrates how the parameter file names have changed and the changes made to the location of the parameter files for each module.

  • Each module has had its parameter files moved into a new /parameters sub-folder inside the module folder
  • Parameter files are now named according to the convention: <module>.<parameterSet>.parameters.<min|all>.json
      - <module> denotes the current module (and scope when necessary), for example: roleAssignmentManagementGroup
      - <parameterSet> denotes a set of parameters with similar characteristics, for example: securityGroup
      - parameters constant to denote file as a parameters file
      - <min|all>.json denotes whether a parameter file contains all possible parameters or only minimum necessary for deployment (more on min.json in What's Changed section below)

Examples of how parameter file locations and names have changed:

Module           Old File Name                                                             New File Name                                                                  
hubNetworking   hubNetworking.parameters.example.json                                     parameters/hubNetworking.parameters.all.json                                    
policyAssignment           assignments/policyAssignmentManagementGroup.parameters.example-deny.json assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json
roleAssignments roleAssignmentManagementGroup.securityGroup.parameters.all.json           parameters/roleAssignmentManagementGroup.securityGroup.parameters.all.json      

Bicep Parameter/Output Name Changes

Most modules have had changes to their parameter, variable, resource, module, and output symbolic names to ensure:

  • Strict camelCasing, for example: parDNSServerIPArray becomes parDnsServerIpArray
  • Readability: update to all par and out values in Bicep templates to include full product name instead of camelCased abbreviation:
      - parExpressRouteGwName instead of parErGwName
      - Services with "Azure" in the name are abbreviated "Az", for example: parBastionName becomes parAzBastionName
      - In the case of VPN, since it is not product name and instead a generally understood industry acronym, it remains: parVpnGatewayConfig
  • Except in instances where a switch aligns with an ARM property name, switches have been renamed with intended effect as last segment of the name
  • Since variable, resource, module constructs are not part of the "API" surface area (i.e. input/output), they were merely camelCased and not necessarily renamed per readability point above.

Added Parameters

The following module parameters were added:

Module                 File Name                               New Parameter Name
customRoleDefinitions mc-customRoleDefinitions.bicep           parTelemetryOptOut
customPolicyDefinitions mc-customPolicyDefinitions.bicep           parTelemetryOptOut
roleAssignments       roleAssignmentManagementGroupMany.bicep parTelemetryOptOut
roleAssignments       roleAssignmentSubscriptionMany.bicep     parTelemetryOptOut

Changed Parameters

The following module parameter names have changed:

Please use the scroll bar at the bottom of the table

Module           File Name                                                 Old Parameter Name                                       New Parameter Name                                      
hubNetworking     hubNetworking.bicep                                       parDNSServerIPArray                                     parDnsServerIps                                    
hubNetworking     hubNetworking.bicep                                       parPublicIPSku                                           parPublicIpSku                                          
hubNetworking     hubNetworking.bicep                                       parBastionEnabled                                       parAzBastionEnabled                                    
hubNetworking     hubNetworking.bicep                                       parBastionName                                           parAzBastionName                                        
hubNetworking     hubNetworking.bicep                                       parBastionSku                                           parAzBastionSku                                        
hubNetworking     hubNetworking.bicep                                       parAzureFirewallEnabled                                 parAzFirewallEnabled                                    
hubNetworking     hubNetworking.bicep                                       parAzureFirewallName                                     parAzFirewallName                                      
hubNetworking     hubNetworking.bicep                                       parFirewallPoliciesName                                 parAzFirewallPoliciesName                              
hubNetworking     hubNetworking.bicep                                       parAzureFirewallTier                                     parAzFirewallTier                                      
hubNetworking     hubNetworking.bicep                                       parAzureFirewallAvailabilityZones                       parAzFirewallAvailabilityZones                          
hubNetworking     hubNetworking.bicep                                       parNetworkDNSEnableProxy                                 parAzFirewallDnsProxyEnabled                            
hubNetworking     hubNetworking.bicep                                       parDisableBGPRoutePropagation                           parDisableBgpRoutePropagation                          
policy           assignments/alzDefaults/alzDefaultPolicyAssignments.bicep parPolicyAssignmentDefinitionID                         parPolicyAssignmentDefinitionId                        
policy           assignments/alzDefaults/alzDefaultPolicyAssignments.bicep parPolicyAssignmentIdentityRoleAssignmentsAdditionalMGs parPolicyAssignmentIdentityRoleAssignmentsAdditionalMgs
policy           assignments/alzDefaults/alzDefaultPolicyAssignments.bicep parPolicyAssignmentIdentityRoleDefinitionIDs             parPolicyAssignmentIdentityRoleDefinitionIds            
policy           assignments/policyAssignmentManagementGroup.bicep         parPolicyAssignmentDefinitionID                         parPolicyAssignmentDefinitionId                        
policy           assignments/policyAssignmentManagementGroup.bicep         parPolicyAssignmentI...
Read more

Contributors

rjygraham and jtracey93
Assets 2
Loading

v0.8.1

24 May 12:08
@jtracey93 jtracey93
v0.8.1
140cb36
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.8.1

Please note this is still a public preview so the code base is likely to change based on issues, bugs, etc. reported to this repository.

Breaking Changes

  • In PR #239 we added a parameter called parLogAnalyticsWorkspaceSkuName to the logging module and defaulted it to PerGB2018
    • Previously this was not a parameter and its value was hardcoded to PerNode

This however is not a "breaking change" as such as any existing workspaces deployed will just have its pricing tier updated to PerGB2018. But you can set the value for the parameter parLogAnalyticsWorkspaceSkuName to PerNode if you wish to keep it as-is, however we advise to update to the PerGB2018 model as the PerNode is a legacy SKU.

See here for more info Azure Monitor Logs pricing details & Change pricing tier for Log Analytics workspace

This is actually what it should have been from the start so good catch @olljanat with your PR. 👍

What's Changed

  • Add microsoft.com exclusion and increase timeout for Markdown Link Checker by @jtracey93 in #235
  • Add v1.x.x Q&A to FAQ by @jtracey93 in #238
  • logging: parametrize workspace sku and resource specific tags by @olljanat in #239

Full Changelog: v0.8.0...v0.8.1

Contributors

olljanat and jtracey93
Assets 2
Loading

v0.8.0

13 May 08:28
@jtracey93 jtracey93
v0.8.0
4c6254b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.8.0

Please note this is still a public preview so the code base is likely to change based on issues, bugs, etc. reported to this repository.

Breaking Changes

  • In PR #232 the parameter of parDestinationVirtualNetworkID was renamed (casing only) to parDestinationVirtualNetworkId
    • This impacts the vnetPeering & hubPeeredSpoke modules only

What's Changed

  • Description updates, consistency usage of camelCasing (vnetPeering) by @johnlokerse in #232

Full Changelog: v0.7.1...v0.8.0

Contributors

johnlokerse
Assets 2
Loading

v0.7.1

10 May 15:00
@jtracey93 jtracey93
v0.7.1
b3f675e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.7.1

Please note this is still a public preview so the code base is likely to change based on issues, bugs, etc. reported to this repository.

Breaking Changes

None 👍

What's Changed

  • SPN Guidance and Elevation - Feedback Issue 145 by @JamJarchitect in #230
  • Added tag property for virtualNetworks resource by @johnlokerse in #231
  • New Mini-Orchestration Module - hubPeeredSpoke by @KiZach in #223
    • Single module to deploy to do the following to a Landing Zone Subscription using existing modules in ALZ-Bicep:
      • Move to target Management Group
      • Create spoke VNET and Resource Group
      • Create VNET Peering or VWAN Hub Connection to Hub

Full Changelog: v0.7.0...v0.7.1

Contributors

johnlokerse, KiZach, and 4pplied
Assets 2
Loading

v0.7.0

05 May 15:13
@jtracey93 jtracey93
v0.7.0
d9411ec
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.7.0

Please note this is still a public preview so the code base is likely to change based on issues, bugs, etc. reported to this repository.

Breaking Changes

A few breaking changes in the networking based modules:

spokeNetworking.bicep

Some parameter renames/re-casing:

  • parDNSServerIPArray to parDnsServerIPs
  • parSpoketoHubRouteTableName to parSpokeToHubRouteTableName

privateDnsZones.bicep

Some parameter renames:

  • parHubVirtualNetworkId to parVirtualNetworkIdToLink

What's Changed

  • remove deprecated extension from Contributing guide - Backlog Item 110091 by @JamJarchitect in #221
  • Update vnetPeering documentation and samples by @jfaurskov in #220
  • Fix markdown link check github docs 403 by @jtracey93 in #222
  • Update Policy Library (automated) by @github-actions in #228
  • Add Various Features & Fix Various Bugs to VWAN & Hub Networking by @jtracey93 in #226
    • Fixes #205 for both VWAN & Hub/Spoke model
    • Fixes Azure Firewall with Virtual Hub deployment fails as unable to set Public IP #219
    • Fixes 💡 Feature Request - VWAN Route Table Missing In VWAN If Deploy Azure Firewall in Secure Hub Model #225
    • Add Firewall Policy to Hub/Spoke model
    • Added AZ support to publicIp module
    • Updated bicepconfig.json for vwanConnectivity.bicep as added DNS zones
    • Add Private DNS Zones to vwanConnectivity.bicep
    • Add DDoS Std Plan to vwanConnectivity.bicep
  • Corrected some typo's, camelCasing inconsistency fixes and added defaults by @johnlokerse in #229

Full Changelog: v0.6.1...v0.7.0

Contributors

johnlokerse, jfaurskov, and 2 other contributors
Assets 2
Loading

v0.6.1

28 Apr 18:22
@jtracey93 jtracey93
v0.6.1
43d963b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.6.1

Please note this is still a public preview so the code base is likely to change based on issues, bugs, etc. reported to this repository.

Breaking Changes

None

What's Changed

  • Remove comment blocks from module - Backlog Item 83064 by @JamJarchitect in #218
    • Just removing the synopsis pieces from the top of every module as Git tracks this for us anyway 👍

Full Changelog: v0.6.0...v0.6.1

Contributors

4pplied
Assets 2
Loading

v0.6.0

26 Apr 17:44
@jtracey93 jtracey93
v0.6.0
efa2529
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.6.0

Please note this is still a public preview so the code base is likely to change based on issues, bugs, etc. reported to this repository.

Breaking Changes

  • As part of PR #214 the virtualNetworkPeering module was renamed to vnetPeering
    • If you are using this module you will need to update any references to the new name of the module
    • The code itself in the module remains unchanged

What's Changed

New Contributors

  • @JamJarchitect made their first contribution in #214 🥳

Full Changelog: v0.5.0...v0.6.0

Contributors

jfaurskov, jtracey93, and 4pplied
Assets 2
Loading

v0.5.0

19 Apr 18:10
@jtracey93 jtracey93
v0.5.0
93a21b9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.5.0

Please note this is still a public preview so the code base is likely to change based on issues, bugs, etc. reported to this repository.

Breaking Changes

None

What's Changed

  • Implementing the option for Private DNS Zones in a separate Resource Group in hubNetworking module by @cloudchristoph in #165
  • Add tracking PID to wiki docs for new privateDnsZones module by @jtracey93 in #208

New Contributors

Full Changelog: v0.4.2...v0.5.0

Contributors

cloudchristoph and jtracey93
Assets 2
Loading

v0.4.2

12 Apr 08:18
@jtracey93 jtracey93
v0.4.2
7f35807
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.4.2

Please note this is still a public preview so the code base is likely to change based on issues, bugs, etc. reported to this repository.

Breaking Changes

None

What's Changed

  • Update Policy Library (automated) by @github-actions in #204
    • Adds new Deny-VNET-Peering-To-Non-Approved-VNETs policy definition

Full Changelog: v0.4.1...v0.4.2

Assets 2
Loading

v0.4.1

06 Apr 18:11
@jtracey93 jtracey93
v0.4.1
ff088e3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.4.1

Please note this is still a public preview so the code base is likely to change based on issues, bugs, etc. reported to this repository.

Breaking Changes

None

What's Changed

Full Changelog: v0.4.0...v0.4.1

Contributors

johnlokerse
Assets 2
Loading