Azure · jtracey93 · May 22, 2022 · May 22, 2022
diff --git a/.github/workflows/bicep-build-to-validate.yml b/.github/workflows/bicep-build-to-validate.yml
@@ -53,7 +53,7 @@ jobs:
 
       # Add pipeline tests for Azure Well-Architected Framework
       - name: Run PSRule analysis
-        uses: Microsoft/ps-rule@v2.0.0
+        uses: Microsoft/ps-rule@v2.1.0
         with:
           modules: PSRule.Rules.Azure
           baseline: Azure.GA_2022_03

diff --git a/.ps-rule/Minimum.Rule.yaml b/.ps-rule/Minimum.Rule.yaml
@@ -0,0 +1,23 @@
+
+---
+# Synopsis: Ignore the minimum sample configuration.
+apiVersion: github.com/microsoft/PSRule/v1
+kind: SuppressionGroup
+metadata:
+  name: ALZ.MinimumSample
+spec:
+  rule:
+  - Azure.Firewall.Mode
+  - Azure.VNG.VPNAvailabilityZoneSKU
+  - Azure.PublicIP.AvailabilityZone
+  - Azure.VNG.VPNActiveActive
+  - Azure.PublicIP.StandardSKU
+  if:
+    allOf:
+    - type: '.'
+      in:
+      - Microsoft.Network/azureFirewalls
+      - Microsoft.Network/publicIPAddresses
+    - source: 'Template'
+      endsWith:
+      - 'minimum.sample.bicep'
diff --git a/.ps-rule/en/ALZ.MinimumSample.md b/.ps-rule/en/ALZ.MinimumSample.md
@@ -0,0 +1,15 @@
+# Ignore minimum sample
+
+## SYNOPSIS
+
+Ignore the minimum sample configuration that may not be WAF compliant.
+See https://github.com/Azuure/ALZ-Bicep/blob/main/.ps-rule/en/ALZ.MinimumSample.md.
+
+## DESCRIPTION
+
+The _minimum_ sample provides a basic configuration.
+It is typically less complex, and has requires fewer requirements.
+This make is most suitable for early development and testing.
+
+The basic configuration may not have all the features required for alignment to the Well-Architected Framework.
+Consider using the _baseline_ sample for enterprise environments.
diff --git a/.vscode/bicep.code-snippets b/.vscode/bicep.code-snippets
@@ -0,0 +1,54 @@
+{
+    "Bicep minimum sample": {
+        "scope": "bicep",
+        "prefix": "bicep-minimum-sample",
+        "description": "A minmum sample for testing and examples.",
+        "body": [
+            "//",
+            "// Minimum deployment sample",
+            "//",
+            "",
+            "// Use this sample to deploy the minimum resource configuration.",
+            "",
+            "targetScope = 'resourceGroup'",
+            "",
+            "@description('The Azure location to deploy to.')",
+            "param location string = resourceGroup().location",
+            "",
+            "@description('Minimum resource configuration')",
+            "module ${1} '../${2}}.bicep' = {",
+            "    name: '${1}'",
+            "    params: {",
+            "        parLocation: location",
+            "        parTags: {}",
+            "    }",
+            "}"
+        ]
+    },
+    "Bicep baseline sample": {
+        "scope": "bicep",
+        "prefix": "bicep-baseline-sample",
+        "description": "A sample that aligned to WAF recommendations.",
+        "body": [
+            "//",
+            "// Baseline deployment sample",
+            "//",
+            "",
+            "// Use this sample to deploy a Well-Architected aligned resource configuration.",
+            "",
+            "targetScope = 'resourceGroup'",
+            "",
+            "@description('The Azure location to deploy to.')",
+            "param location string = resourceGroup().location",
+            "",
+            "@description('Baseline resource configuration')",
+            "module ${1} '../${2}}.bicep' = {",
+            "    name: '${1}'",
+            "    params: {",
+            "        parLocation: location",
+            "        parTags: {}",
+            "    }",
+            "}"
+        ]
+    }
+}
diff --git a/.vscode/extensions.json b/.vscode/extensions.json
@@ -1,6 +1,9 @@
 {
     "recommendations": [
         "ms-azuretools.vscode-bicep",
+        "vsls-contrib.codetour",
+        "msazurermtools.azurerm-vscode-tools",
+        "bencoleman.armview",
         "bewhite.psrule-vscode"
     ]
 }
diff --git a/infra-as-code/bicep/modules/hubNetworking/samples/baseline.sample.bicep b/infra-as-code/bicep/modules/hubNetworking/samples/baseline.sample.bicep
@@ -0,0 +1,19 @@
+//
+// Baseline deployment sample
+//
+
+// Use this sample to deploy a Well-Architected aligned resource configuration.
+
+targetScope = 'resourceGroup'
+
+@description('The Azure location to deploy to.')
+param location string = resourceGroup().location
+
+@description('Baseline resource configuration')
+module baseline_hub_network '../hubNetworking.bicep' = {
+  name: 'baseline_hub_network'
+  params: {
+    parLocation: location
+    parPublicIPSku: 'Standard'
+  }
+}
diff --git a/infra-as-code/bicep/modules/hubNetworking/samples/minimum.sample.bicep b/infra-as-code/bicep/modules/hubNetworking/samples/minimum.sample.bicep
@@ -0,0 +1,18 @@
+//
+// Minimum deployment sample
+//
+
+// Use this sample to deploy the minimum resource configuration.
+
+targetScope = 'resourceGroup'
+
+@description('The Azure location to deploy to.')
+param location string = resourceGroup().location
+
+@description('Minimum resource configuration')
+module minimum_hub_network '../hubNetworking.bicep' = {
+  name: 'minimum_hub_network'
+  params: {
+    parLocation: location
+  }
+}
diff --git a/infra-as-code/bicep/modules/publicIp/samples/baseline.sample.bicep b/infra-as-code/bicep/modules/publicIp/samples/baseline.sample.bicep
@@ -0,0 +1,25 @@
+//
+// Baseline deployment sample
+//
+
+// Use this sample to deploy a Well-Architected aligned resource configuration.
+
+targetScope = 'resourceGroup'
+
+@description('The Azure location to deploy to.')
+param location string = resourceGroup().location
+
+@description('Baseline resource configuration')
+module baseline_public_ip '../publicIp.bicep' = {
+  name: 'baseline_public_ip'
+  params: {
+    parPublicIPName: 'pip-baseline-ip'
+    parLocation: location
+    parPublicIPProperties: { }
+    parPublicIPSku: {
+      name: 'Standard'
+      tier: 'Regional'
+    }
+    parTags: {}
+  }
+}
diff --git a/infra-as-code/bicep/modules/publicIp/samples/minimum.sample.bicep b/infra-as-code/bicep/modules/publicIp/samples/minimum.sample.bicep
@@ -0,0 +1,25 @@
+//
+// Minimum deployment sample
+//
+
+// Use this sample to deploy the minimum resource configuration.
+
+targetScope = 'resourceGroup'
+
+@description('The Azure location to deploy to.')
+param location string = resourceGroup().location
+
+@description('Minimum resource configuration')
+module minimum_public_ip '../publicIp.bicep' = {
+  name: 'minimum_public_ip'
+  params: {
+    parPublicIPName: 'pip-minimum-ip'
+    parLocation: location
+    parPublicIPProperties: { }
+    parPublicIPSku: {
+      name: 'Basic'
+      tier: 'Regional'
+    }
+    parTags: {}
+  }
+}
diff --git a/ps-rule.yaml b/ps-rule.yaml
@@ -12,7 +12,8 @@ include:
 
 # Require a minimum version of modules that include referenced baseline.
 requires:
-  PSRule.Rules.Azure: '@pre >=1.14.2'
+  PSRule: '@pre >=2.1.0'
+  PSRule.Rules.Azure: '@pre >=1.15.2'
 
 # Reference the repository in output.
 repository:
@@ -50,10 +51,19 @@ input:
   # Include samples/ test files from modules
   - '!infra-as-code/bicep/modules/**/samples/*.bicep'
 
+binding:
+  preferTargetInfo: true
+  targetType:
+  - resourceType
+  - type
+
 rule:
   exclude:
   # Ignore these recommendations for this repo.
   - Azure.Resource.UseTags
   - Azure.ACR.MinSku
   - Azure.ACR.ContentTrust
   - Azure.Policy.AssignmentAssignedBy
+
+  # Currently a bug as of v1.15.2. Review in the next release.
+  - Azure.PublicIP.Name