From b0de252a9e1759bd35cdf87d5ca08301f82327f8 Mon Sep 17 00:00:00 2001
From: Marvin Buss <marvin.buss@gmail.com>
Date: Wed, 2 Feb 2022 18:17:15 +0100
Subject: [PATCH] Updated Key Vault

---
 .github/linters/.arm-ttk.psd1         | 2 ++
 infra/main.json                       | 7 ++++---
 infra/modules/services/keyvault.bicep | 3 ++-
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/.github/linters/.arm-ttk.psd1 b/.github/linters/.arm-ttk.psd1
index c2388e1..d94f410 100644
--- a/.github/linters/.arm-ttk.psd1
+++ b/.github/linters/.arm-ttk.psd1
@@ -12,5 +12,7 @@
         'apiVersions Should Be Recent'
         'Parameters Must Be Referenced'
         'Variables Must Be Referenced'
+        'URIs Should Be Properly Constructed'
+        'apiVersions Should Be Recent In Reference Functions'
     )
 }
diff --git a/infra/main.json b/infra/main.json
index 0de4b2c..40a0402 100644
--- a/infra/main.json
+++ b/infra/main.json
@@ -5,7 +5,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.4.1124.51302",
-      "templateHash": "8152636657952711514"
+      "templateHash": "17816107773045577765"
     }
   },
   "parameters": {
@@ -224,7 +224,7 @@
             "_generator": {
               "name": "bicep",
               "version": "0.4.1124.51302",
-              "templateHash": "12660131753967436973"
+              "templateHash": "13895317050613293148"
             }
           },
           "parameters": {
@@ -251,7 +251,7 @@
           "resources": [
             {
               "type": "Microsoft.KeyVault/vaults",
-              "apiVersion": "2021-04-01-preview",
+              "apiVersion": "2021-06-01-preview",
               "name": "[parameters('keyvaultName')]",
               "location": "[parameters('location')]",
               "tags": "[parameters('tags')]",
@@ -264,6 +264,7 @@
                 "enablePurgeProtection": true,
                 "enableRbacAuthorization": true,
                 "enableSoftDelete": true,
+                "publicNetworkAccess": "Disabled",
                 "networkAcls": {
                   "bypass": "AzureServices",
                   "defaultAction": "Deny",
diff --git a/infra/modules/services/keyvault.bicep b/infra/modules/services/keyvault.bicep
index daeaa10..aa90ab4 100644
--- a/infra/modules/services/keyvault.bicep
+++ b/infra/modules/services/keyvault.bicep
@@ -15,7 +15,7 @@ param privateDnsZoneIdKeyVault string = ''
 var keyVaultPrivateEndpointName = '${keyVault.name}-private-endpoint'
 
 // Resources
-resource keyVault 'Microsoft.KeyVault/vaults@2021-04-01-preview' = {
+resource keyVault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = {
   name: keyvaultName
   location: location
   tags: tags
@@ -28,6 +28,7 @@ resource keyVault 'Microsoft.KeyVault/vaults@2021-04-01-preview' = {
     enablePurgeProtection: true
     enableRbacAuthorization: true
     enableSoftDelete: true
+    publicNetworkAccess: 'Disabled'
     networkAcls: {
       bypass: 'AzureServices'
       defaultAction: 'Deny'