Remove invalid changes
This commit is contained in:
zedy
@@ -1,48 +0,0 @@
|
||||
param name string
|
||||
param location string = resourceGroup().location
|
||||
param tags object = {}
|
||||
|
||||
param connectionStringKey string = 'AZURE-COSMOS-CONNECTION-STRING'
|
||||
param keyVaultName string
|
||||
|
||||
@allowed([ 'GlobalDocumentDB', 'MongoDB', 'Parse' ])
|
||||
param kind string
|
||||
|
||||
resource cosmos 'Microsoft.DocumentDB/databaseAccounts@2022-08-15' = {
|
||||
name: name
|
||||
kind: kind
|
||||
location: location
|
||||
tags: tags
|
||||
properties: {
|
||||
consistencyPolicy: { defaultConsistencyLevel: 'Session' }
|
||||
locations: [
|
||||
{
|
||||
locationName: location
|
||||
failoverPriority: 0
|
||||
isZoneRedundant: false
|
||||
}
|
||||
]
|
||||
databaseAccountOfferType: 'Standard'
|
||||
enableAutomaticFailover: false
|
||||
enableMultipleWriteLocations: false
|
||||
apiProperties: (kind == 'MongoDB') ? { serverVersion: '4.0' } : {}
|
||||
capabilities: [ { name: 'EnableServerless' } ]
|
||||
}
|
||||
}
|
||||
|
||||
resource cosmosConnectionString 'Microsoft.KeyVault/vaults/secrets@2022-07-01' = {
|
||||
parent: keyVault
|
||||
name: connectionStringKey
|
||||
properties: {
|
||||
value: cosmos.listConnectionStrings().connectionStrings[0].connectionString
|
||||
}
|
||||
}
|
||||
|
||||
resource keyVault 'Microsoft.KeyVault/vaults@2022-07-01' existing = {
|
||||
name: keyVaultName
|
||||
}
|
||||
|
||||
output connectionStringKey string = connectionStringKey
|
||||
output endpoint string = cosmos.properties.documentEndpoint
|
||||
output id string = cosmos.id
|
||||
output name string = cosmos.name
|
||||
@@ -1,22 +0,0 @@
|
||||
param name string
|
||||
param location string = resourceGroup().location
|
||||
param tags object = {}
|
||||
|
||||
param keyVaultName string
|
||||
param connectionStringKey string = 'AZURE-COSMOS-CONNECTION-STRING'
|
||||
|
||||
module cosmos '../../cosmos/cosmos-account.bicep' = {
|
||||
name: 'cosmos-account'
|
||||
params: {
|
||||
name: name
|
||||
location: location
|
||||
connectionStringKey: connectionStringKey
|
||||
keyVaultName: keyVaultName
|
||||
kind: 'MongoDB'
|
||||
tags: tags
|
||||
}
|
||||
}
|
||||
|
||||
output connectionStringKey string = cosmos.outputs.connectionStringKey
|
||||
output endpoint string = cosmos.outputs.endpoint
|
||||
output id string = cosmos.outputs.id
|
||||
@@ -1,46 +0,0 @@
|
||||
param accountName string
|
||||
param databaseName string
|
||||
param location string = resourceGroup().location
|
||||
param tags object = {}
|
||||
|
||||
param collections array = []
|
||||
param connectionStringKey string = 'AZURE-COSMOS-CONNECTION-STRING'
|
||||
param keyVaultName string
|
||||
|
||||
module cosmos 'cosmos-mongo-account.bicep' = {
|
||||
name: 'cosmos-mongo-account'
|
||||
params: {
|
||||
name: accountName
|
||||
location: location
|
||||
keyVaultName: keyVaultName
|
||||
tags: tags
|
||||
connectionStringKey: connectionStringKey
|
||||
}
|
||||
}
|
||||
|
||||
resource database 'Microsoft.DocumentDB/databaseAccounts/mongodbDatabases@2022-08-15' = {
|
||||
name: '${accountName}/${databaseName}'
|
||||
tags: tags
|
||||
properties: {
|
||||
resource: { id: databaseName }
|
||||
}
|
||||
|
||||
resource list 'collections' = [for collection in collections: {
|
||||
name: collection.name
|
||||
properties: {
|
||||
resource: {
|
||||
id: collection.id
|
||||
shardKey: { _id: collection.shardKey }
|
||||
indexes: [ { key: { keys: [ collection.indexKey ] } } ]
|
||||
}
|
||||
}
|
||||
}]
|
||||
|
||||
dependsOn: [
|
||||
cosmos
|
||||
]
|
||||
}
|
||||
|
||||
output connectionStringKey string = connectionStringKey
|
||||
output databaseName string = databaseName
|
||||
output endpoint string = cosmos.outputs.endpoint
|
||||
@@ -1,21 +0,0 @@
|
||||
param name string
|
||||
param location string = resourceGroup().location
|
||||
param tags object = {}
|
||||
|
||||
param keyVaultName string
|
||||
|
||||
module cosmos '../../cosmos/cosmos-account.bicep' = {
|
||||
name: 'cosmos-account'
|
||||
params: {
|
||||
name: name
|
||||
location: location
|
||||
tags: tags
|
||||
keyVaultName: keyVaultName
|
||||
kind: 'GlobalDocumentDB'
|
||||
}
|
||||
}
|
||||
|
||||
output connectionStringKey string = cosmos.outputs.connectionStringKey
|
||||
output endpoint string = cosmos.outputs.endpoint
|
||||
output id string = cosmos.outputs.id
|
||||
output name string = cosmos.outputs.name
|
||||
@@ -1,73 +0,0 @@
|
||||
param accountName string
|
||||
param databaseName string
|
||||
param location string = resourceGroup().location
|
||||
param tags object = {}
|
||||
|
||||
param containers array = []
|
||||
param keyVaultName string
|
||||
param principalIds array = []
|
||||
|
||||
module cosmos 'cosmos-sql-account.bicep' = {
|
||||
name: 'cosmos-sql-account'
|
||||
params: {
|
||||
name: accountName
|
||||
location: location
|
||||
tags: tags
|
||||
keyVaultName: keyVaultName
|
||||
}
|
||||
}
|
||||
|
||||
resource database 'Microsoft.DocumentDB/databaseAccounts/sqlDatabases@2022-05-15' = {
|
||||
name: '${accountName}/${databaseName}'
|
||||
properties: {
|
||||
resource: { id: databaseName }
|
||||
}
|
||||
|
||||
resource list 'containers' = [for container in containers: {
|
||||
name: container.name
|
||||
properties: {
|
||||
resource: {
|
||||
id: container.id
|
||||
partitionKey: { paths: [ container.partitionKey ] }
|
||||
}
|
||||
options: {}
|
||||
}
|
||||
}]
|
||||
|
||||
dependsOn: [
|
||||
cosmos
|
||||
]
|
||||
}
|
||||
|
||||
module roleDefintion 'cosmos-sql-role-def.bicep' = {
|
||||
name: 'cosmos-sql-role-definition'
|
||||
params: {
|
||||
accountName: accountName
|
||||
}
|
||||
dependsOn: [
|
||||
cosmos
|
||||
database
|
||||
]
|
||||
}
|
||||
|
||||
// We need batchSize(1) here because sql role assignments have to be done sequentially
|
||||
@batchSize(1)
|
||||
module userRole 'cosmos-sql-role-assign.bicep' = [for principalId in principalIds: if (!empty(principalId)) {
|
||||
name: 'cosmos-sql-user-role-${uniqueString(principalId)}'
|
||||
params: {
|
||||
accountName: accountName
|
||||
roleDefinitionId: roleDefintion.outputs.id
|
||||
principalId: principalId
|
||||
}
|
||||
dependsOn: [
|
||||
cosmos
|
||||
database
|
||||
]
|
||||
}]
|
||||
|
||||
output accountId string = cosmos.outputs.id
|
||||
output accountName string = cosmos.outputs.name
|
||||
output connectionStringKey string = cosmos.outputs.connectionStringKey
|
||||
output databaseName string = databaseName
|
||||
output endpoint string = cosmos.outputs.endpoint
|
||||
output roleDefinitionId string = roleDefintion.outputs.id
|
||||
@@ -1,18 +0,0 @@
|
||||
param accountName string
|
||||
|
||||
param roleDefinitionId string
|
||||
param principalId string = ''
|
||||
|
||||
resource role 'Microsoft.DocumentDB/databaseAccounts/sqlRoleAssignments@2022-05-15' = {
|
||||
parent: cosmos
|
||||
name: guid(roleDefinitionId, principalId, cosmos.id)
|
||||
properties: {
|
||||
principalId: principalId
|
||||
roleDefinitionId: roleDefinitionId
|
||||
scope: cosmos.id
|
||||
}
|
||||
}
|
||||
|
||||
resource cosmos 'Microsoft.DocumentDB/databaseAccounts@2022-08-15' existing = {
|
||||
name: accountName
|
||||
}
|
||||
@@ -1,29 +0,0 @@
|
||||
param accountName string
|
||||
|
||||
resource roleDefinition 'Microsoft.DocumentDB/databaseAccounts/sqlRoleDefinitions@2022-08-15' = {
|
||||
parent: cosmos
|
||||
name: guid(cosmos.id, accountName, 'sql-role')
|
||||
properties: {
|
||||
assignableScopes: [
|
||||
cosmos.id
|
||||
]
|
||||
permissions: [
|
||||
{
|
||||
dataActions: [
|
||||
'Microsoft.DocumentDB/databaseAccounts/readMetadata'
|
||||
'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/items/*'
|
||||
'Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers/*'
|
||||
]
|
||||
notDataActions: []
|
||||
}
|
||||
]
|
||||
roleName: 'Reader Writer'
|
||||
type: 'CustomRole'
|
||||
}
|
||||
}
|
||||
|
||||
resource cosmos 'Microsoft.DocumentDB/databaseAccounts@2022-08-15' existing = {
|
||||
name: accountName
|
||||
}
|
||||
|
||||
output id string = roleDefinition.id
|
||||
Reference in New Issue
Block a user