Type to types

.github/CODEOWNERS

@@ -162,5 +162,5 @@
 /avm/res/web/serverfarm/ @Azure/avm-res-web-serverfarm-module-owners-bicep @Azure/avm-module-reviewers-bicep
 /avm/res/web/site/ @Azure/avm-res-web-site-module-owners-bicep @Azure/avm-module-reviewers-bicep
 /avm/res/web/static-site/ @Azure/avm-res-web-staticsite-module-owners-bicep @Azure/avm-module-reviewers-bicep
-/avm/utl/types/avm-common-type/ @Azure/avm-utl-types-avmcommontype-module-owners-bicep @Azure/avm-module-reviewers-bicep
+/avm/utl/types/avm-common-types/ @Azure/avm-utl-types-avmcommontypes-module-owners-bicep @Azure/avm-module-reviewers-bicep
 *avm.core.team.tests.ps1 @Azure/avm-core-team-technical-bicep

.github/ISSUE_TEMPLATE/avm_module_issue.yml

@@ -197,7 +197,7 @@ body:
  - "avm/res/web/serverfarm"
  - "avm/res/web/site"
  - "avm/res/web/static-site"
- - "avm/utl/types/avm-common-type"
+ - "avm/utl/types/avm-common-types"
  validations:
  required: true
  - type: input

.github/workflows/avm.utl.types.avm-common-type.yml → .github/workflows/avm.utl.types.avm-common-types.yml

@@ -1,4 +1,4 @@
-name: "avm.ptn.types.avm-common-type"
+name: "avm.ptn.types.avm-common-types"
 
 on:
  workflow_dispatch:
@@ -30,15 +30,15 @@ on:
  paths:
  - ".github/actions/templates/avm-**"
  - ".github/workflows/avm.template.module.yml"
- - ".github/workflows/avm.utl.types.avm-common-type.yml"
- - "avm/utl/types/avm-common-type/**"
+ - ".github/workflows/avm.utl.types.avm-common-types.yml"
+ - "avm/utl/types/avm-common-types/**"
  - "avm/utilities/pipelines/**"
  - "!avm/utilities/pipelines/platform/**"
  - "!*/**/README.md"
 
 env:
- modulePath: "avm/utl/types/avm-common-type"
- workflowPath: ".github/workflows/avm.utl.types.avm-common-type.yml"
+ modulePath: "avm/utl/types/avm-common-types"
+ workflowPath: ".github/workflows/avm.utl.types.avm-common-types.yml"
 
 concurrency:
  group: ${{ github.workflow }}

avm/res/key-vault/vault/README.md

@@ -1970,22 +1970,22 @@ Configuration details for private endpoints. For security reasons, it is recomme
 
 | Parameter | Type | Description |
 | :-- | :-- | :-- |
-| [`applicationSecurityGroupResourceIds`](#parameter-privateendpointsapplicationsecuritygroupresourceids) | array | Application security groups in which the Private Endpoint IP configuration is included. |
+| [`applicationSecurityGroupResourceIds`](#parameter-privateendpointsapplicationsecuritygroupresourceids) | array | Application security groups in which the private endpoint IP configuration is included. |
 | [`customDnsConfigs`](#parameter-privateendpointscustomdnsconfigs) | array | Custom DNS configurations. |
-| [`customNetworkInterfaceName`](#parameter-privateendpointscustomnetworkinterfacename) | string | The custom name of the network interface attached to the Private Endpoint. |
+| [`customNetworkInterfaceName`](#parameter-privateendpointscustomnetworkinterfacename) | string | The custom name of the network interface attached to the private endpoint. |
 | [`enableTelemetry`](#parameter-privateendpointsenabletelemetry) | bool | Enable/Disable usage telemetry for module. |
-| [`ipConfigurations`](#parameter-privateendpointsipconfigurations) | array | A list of IP configurations of the Private Endpoint. This will be used to map to the first-party Service endpoints. |
+| [`ipConfigurations`](#parameter-privateendpointsipconfigurations) | array | A list of IP configurations of the private endpoint. This will be used to map to the First Party Service endpoints. |
 | [`isManualConnection`](#parameter-privateendpointsismanualconnection) | bool | If Manual Private Link Connection is required. |
-| [`location`](#parameter-privateendpointslocation) | string | The location to deploy the Private Endpoint to. |
+| [`location`](#parameter-privateendpointslocation) | string | The location to deploy the private endpoint to. |
 | [`lock`](#parameter-privateendpointslock) | object | Specify the type of lock. |
 | [`manualConnectionRequestMessage`](#parameter-privateendpointsmanualconnectionrequestmessage) | string | A message passed to the owner of the remote resource with the manual connection request. |
-| [`name`](#parameter-privateendpointsname) | string | The name of the Private Endpoint. |
-| [`privateDnsZoneGroup`](#parameter-privateendpointsprivatednszonegroup) | object | The private DNS Zone Group to configure for the Private Endpoint. |
+| [`name`](#parameter-privateendpointsname) | string | The name of the private endpoint. |
+| [`privateDnsZoneGroup`](#parameter-privateendpointsprivatednszonegroup) | object | The private DNS zone group to configure for the private endpoint. |
 | [`privateLinkServiceConnectionName`](#parameter-privateendpointsprivatelinkserviceconnectionname) | string | The name of the private link connection to create. |
-| [`resourceGroupName`](#parameter-privateendpointsresourcegroupname) | string | Specify if you want to deploy the Private Endpoint into a different Resource Group than the main resource. |
+| [`resourceGroupName`](#parameter-privateendpointsresourcegroupname) | string | Specify if you want to deploy the Private Endpoint into a different resource group than the main resource. |
 | [`roleAssignments`](#parameter-privateendpointsroleassignments) | array | Array of role assignments to create. |
-| [`service`](#parameter-privateendpointsservice) | string | The subresource to deploy the Private Endpoint for. For example "vault" for a Key Vault Private Endpoint. |
-| [`tags`](#parameter-privateendpointstags) | object | Tags to be applied on all resources/Resource Groups in this deployment. |
+| [`service`](#parameter-privateendpointsservice) | string | The subresource to deploy the private endpoint for. For example "vault", "mysqlServer" or "dataFactory". |
+| [`tags`](#parameter-privateendpointstags) | object | Tags to be applied on all resources/resource groups in this deployment. |
 
 ### Parameter: `privateEndpoints.subnetResourceId`
 
@@ -1996,7 +1996,7 @@ Resource ID of the subnet where the endpoint needs to be created.
 
 ### Parameter: `privateEndpoints.applicationSecurityGroupResourceIds`
 
-Application security groups in which the Private Endpoint IP configuration is included.
+Application security groups in which the private endpoint IP configuration is included.
 
 - Required: No
 - Type: array
@@ -2031,7 +2031,7 @@ A list of private IP addresses of the private endpoint.
 
 ### Parameter: `privateEndpoints.customNetworkInterfaceName`
 
-The custom name of the network interface attached to the Private Endpoint.
+The custom name of the network interface attached to the private endpoint.
 
 - Required: No
 - Type: string
@@ -2045,7 +2045,7 @@ Enable/Disable usage telemetry for module.
 
 ### Parameter: `privateEndpoints.ipConfigurations`
 
-A list of IP configurations of the Private Endpoint. This will be used to map to the first-party Service endpoints.
+A list of IP configurations of the private endpoint. This will be used to map to the First Party Service endpoints.
 
 - Required: No
 - Type: array
@@ -2109,7 +2109,7 @@ If Manual Private Link Connection is required.
 
 ### Parameter: `privateEndpoints.location`
 
-The location to deploy the Private Endpoint to.
+The location to deploy the private endpoint to.
 
 - Required: No
 - Type: string
@@ -2159,14 +2159,14 @@ A message passed to the owner of the remote resource with the manual connection
 
 ### Parameter: `privateEndpoints.name`
 
-The name of the Private Endpoint.
+The name of the private endpoint.
 
 - Required: No
 - Type: string
 
 ### Parameter: `privateEndpoints.privateDnsZoneGroup`
 
-The private DNS Zone Group to configure for the Private Endpoint.
+The private DNS zone group to configure for the private endpoint.
 
 - Required: No
 - Type: object
@@ -2175,7 +2175,7 @@ The private DNS Zone Group to configure for the Private Endpoint.
 
 | Parameter | Type | Description |
 | :-- | :-- | :-- |
-| [`privateDnsZoneGroupConfigs`](#parameter-privateendpointsprivatednszonegroupprivatednszonegroupconfigs) | array | The private DNS Zone Groups to associate the Private Endpoint. A DNS Zone Group can support up to 5 DNS zones. |
+| [`privateDnsZoneGroupConfigs`](#parameter-privateendpointsprivatednszonegroupprivatednszonegroupconfigs) | array | The private DNS zone groups to associate the private endpoint. A DNS zone group can support up to 5 DNS zones. |
 
 **Optional parameters**
 
@@ -2185,7 +2185,7 @@ The private DNS Zone Group to configure for the Private Endpoint.
 
 ### Parameter: `privateEndpoints.privateDnsZoneGroup.privateDnsZoneGroupConfigs`
 
-The private DNS Zone Groups to associate the Private Endpoint. A DNS Zone Group can support up to 5 DNS zones.
+The private DNS zone groups to associate the private endpoint. A DNS zone group can support up to 5 DNS zones.
 
 - Required: Yes
 - Type: array
@@ -2200,7 +2200,7 @@ The private DNS Zone Groups to associate the Private Endpoint. A DNS Zone Group
 
 | Parameter | Type | Description |
 | :-- | :-- | :-- |
-| [`name`](#parameter-privateendpointsprivatednszonegroupprivatednszonegroupconfigsname) | string | The name of the private DNS Zone Group config. |
+| [`name`](#parameter-privateendpointsprivatednszonegroupprivatednszonegroupconfigsname) | string | The name of the private DNS zone group config. |
 
 ### Parameter: `privateEndpoints.privateDnsZoneGroup.privateDnsZoneGroupConfigs.privateDnsZoneResourceId`
 
@@ -2211,7 +2211,7 @@ The resource id of the private DNS zone.
 
 ### Parameter: `privateEndpoints.privateDnsZoneGroup.privateDnsZoneGroupConfigs.name`
 
-The name of the private DNS Zone Group config.
+The name of the private DNS zone group config.
 
 - Required: No
 - Type: string
@@ -2232,7 +2232,7 @@ The name of the private link connection to create.
 
 ### Parameter: `privateEndpoints.resourceGroupName`
 
-Specify if you want to deploy the Private Endpoint into a different Resource Group than the main resource.
+Specify if you want to deploy the Private Endpoint into a different resource group than the main resource.
 
 - Required: No
 - Type: string
@@ -2347,14 +2347,14 @@ The principal type of the assigned principal ID.
 
 ### Parameter: `privateEndpoints.service`
 
-The subresource to deploy the Private Endpoint for. For example "vault" for a Key Vault Private Endpoint.
+The subresource to deploy the private endpoint for. For example "vault", "mysqlServer" or "dataFactory".
 
 - Required: No
 - Type: string
 
 ### Parameter: `privateEndpoints.tags`
 
-Tags to be applied on all resources/Resource Groups in this deployment.
+Tags to be applied on all resources/resource groups in this deployment.
 
 - Required: No
 - Type: object

avm/res/key-vault/vault/key/main.bicep

@@ -57,7 +57,7 @@ param kty string = 'EC'
 param releasePolicy object?
 
 @description('Optional. Array of role assignments to create.')
-param roleAssignments roleAssignmentType[]?
+param roleAssignments roleAssignmentType
 
 @description('Optional. Key rotation policy properties object.')
 param rotationPolicy object?
@@ -163,4 +163,28 @@ output resourceGroupName string = resourceGroup().name
 // Definitions //
 // ================ //
 
-import { roleAssignmentType } from '../../../../utl/types/avm-common-type/main.bicep'
+type roleAssignmentType = {
+ @description('Optional. The name (as GUID) of the role assignment. If not provided, a GUID will be generated.')
+ name: string?
+
+ @description('Required. The role to assign. You can provide either the display name of the role definition, the role definition GUID, or its fully qualified ID in the following format: \'/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11\'.')
+ roleDefinitionIdOrName: string
+
+ @description('Required. The principal ID of the principal (user/group/identity) to assign the role to.')
+ principalId: string
+
+ @description('Optional. The principal type of the assigned principal ID.')
+ principalType: ('ServicePrincipal' | 'Group' | 'User' | 'ForeignGroup' | 'Device')?
+
+ @description('Optional. The description of the role assignment.')
+ description: string?
+
+ @description('Optional. The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase "foo_storage_container".')
+ condition: string?
+
+ @description('Optional. Version of the condition.')
+ conditionVersion: '2.0'?
+
+ @description('Optional. The Resource Id of the delegated managed identity resource.')
+ delegatedManagedIdentityResourceId: string?
+}[]?

avm/res/key-vault/vault/key/main.json

@@ -6,86 +6,85 @@
  "_generator": {
  "name": "bicep",
  "version": "0.30.23.60470",
- "templateHash": "15780338747744224269"
+ "templateHash": "1574167538812101372"
  },
  "name": "Key Vault Keys",
  "description": "This module deploys a Key Vault Key.",
  "owner": "Azure/module-maintainers"
  },
  "definitions": {
  "roleAssignmentType": {
- "type": "object",
- "properties": {
- "name": {
- "type": "string",
- "nullable": true,
- "metadata": {
- "description": "Optional. The name (as GUID) of the role assignment. If not provided, a GUID will be generated."
- }
- },
- "roleDefinitionIdOrName": {
- "type": "string",
- "metadata": {
- "description": "Required. The role to assign. You can provide either the display name of the role definition, the role definition GUID, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'."
- }
- },
- "principalId": {
- "type": "string",
- "metadata": {
- "description": "Required. The principal ID of the principal (user/group/identity) to assign the role to."
- }
- },
- "principalType": {
- "type": "string",
- "allowedValues": [
- "Device",
- "ForeignGroup",
- "Group",
- "ServicePrincipal",
- "User"
- ],
- "nullable": true,
- "metadata": {
- "description": "Optional. The principal type of the assigned principal ID."
- }
- },
- "description": {
- "type": "string",
- "nullable": true,
- "metadata": {
- "description": "Optional. The description of the role assignment."
- }
- },
- "condition": {
- "type": "string",
- "nullable": true,
- "metadata": {
- "description": "Optional. The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase \"foo_storage_container\"."
- }
- },
- "conditionVersion": {
- "type": "string",
- "allowedValues": [
- "2.0"
- ],
- "nullable": true,
- "metadata": {
- "description": "Optional. Version of the condition."
- }
- },
- "delegatedManagedIdentityResourceId": {
- "type": "string",
- "nullable": true,
- "metadata": {
- "description": "Optional. The Resource Id of the delegated managed identity resource."
+ "type": "array",
+ "items": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "nullable": true,
+ "metadata": {
+ "description": "Optional. The name (as GUID) of the role assignment. If not provided, a GUID will be generated."
+ }
+ },
+ "roleDefinitionIdOrName": {
+ "type": "string",
+ "metadata": {
+ "description": "Required. The role to assign. You can provide either the display name of the role definition, the role definition GUID, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'."
+ }
+ },
+ "principalId": {
+ "type": "string",
+ "metadata": {
+ "description": "Required. The principal ID of the principal (user/group/identity) to assign the role to."
+ }
+ },
+ "principalType": {
+ "type": "string",
+ "allowedValues": [
+ "Device",
+ "ForeignGroup",
+ "Group",
+ "ServicePrincipal",
+ "User"
+ ],
+ "nullable": true,
+ "metadata": {
+ "description": "Optional. The principal type of the assigned principal ID."
+ }
+ },
+ "description": {
+ "type": "string",
+ "nullable": true,
+ "metadata": {
+ "description": "Optional. The description of the role assignment."
+ }
+ },
+ "condition": {
+ "type": "string",
+ "nullable": true,
+ "metadata": {
+ "description": "Optional. The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase \"foo_storage_container\"."
+ }
+ },
+ "conditionVersion": {
+ "type": "string",
+ "allowedValues": [
+ "2.0"
+ ],
+ "nullable": true,
+ "metadata": {
+ "description": "Optional. Version of the condition."
+ }
+ },
+ "delegatedManagedIdentityResourceId": {
+ "type": "string",
+ "nullable": true,
+ "metadata": {
+ "description": "Optional. The Resource Id of the delegated managed identity resource."
+ }
  }
  }
  },
- "metadata": {
- "__bicep_imported_from!": {
- "sourceTemplate": "../../../../utl/types/avm-common-type/main.bicep"
- }
- }
+ "nullable": true
  }
  },
  "parameters": {
@@ -186,11 +185,7 @@
  }
  },
  "roleAssignments": {
- "type": "array",
- "items": {
- "$ref": "#/definitions/roleAssignmentType"
- },
- "nullable": true,
+ "$ref": "#/definitions/roleAssignmentType",
  "metadata": {
  "description": "Optional. Array of role assignments to create."
  }