From a41d24b95711f5a92eedaee2123728e0c0b690e7 Mon Sep 17 00:00:00 2001 From: JamJarchitect <53943045+JamJarchitect@users.noreply.github.com> Date: Tue, 23 Aug 2022 13:30:26 +0100 Subject: [PATCH 01/19] 1 --- .../bicep/modules/hubNetworking/README.md | 75 +++++++++++++++++-- 1 file changed, 67 insertions(+), 8 deletions(-) diff --git a/infra-as-code/bicep/modules/hubNetworking/README.md b/infra-as-code/bicep/modules/hubNetworking/README.md index 18831dc82..907dc58b0 100644 --- a/infra-as-code/bicep/modules/hubNetworking/README.md +++ b/infra-as-code/bicep/modules/hubNetworking/README.md @@ -93,13 +93,28 @@ There are two different sets of input parameters; one for deploying to Azure glo # For Azure global regions # Set Platform connectivity subscription ID as the the current subscription ConnectivitySubscriptionId="[your platform connectivity subscription ID]" + az account set --subscription $ConnectivitySubscriptionId +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +TopLevelMGPrefix="alz" + +# Set the Resource Group Name based on deployment type. ('prod' = Production, 'preprod' = Pre-Production, 'devtest' = Devtest etc.) +DeploymentType="prod" + +ResourceGroupName="rg-$TopLevelMGPrefix-hub-networking-$DeploymentType-001" + +# Creating unique string to add to deployment name +Date="$(date +%s%N)" +LastFourDigits=${Date: -4} +DeploymentName="hubNetworkingDeploy-$LastFourDigits" + az group create --location eastus \ - --name Hub_Networking_POC + --name $ResourceGroupName az deployment group create \ - --resource-group HUB_Networking_POC \ + --name $DeploymentName \ + --resource-group $ResourceGroupName \ --template-file infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep \ --parameters @infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json ``` @@ -110,11 +125,25 @@ OR ConnectivitySubscriptionId="[your platform connectivity subscription ID]" az account set --subscription $ConnectivitySubscriptionId +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +TopLevelMGPrefix="alz" + +# Set the Resource Group Name based on deployment type. ('prod' = Production, 'preprod' = Pre-Production, 'devtest' = Devtest etc.) +DeploymentType="prod" + +ResourceGroupName="rg-$TopLevelMGPrefix-hub-networking-$DeploymentType-001" + +# Creating unique string to add to deployment name +Date="$(date +%s%N)" +LastFourDigits=${Date: -4} +DeploymentName="hubNetworkingDeploy-$LastFourDigits" + az group create --location chinaeast2 \ - --name Hub_Networking_POC + --name $ResourceGroupName az deployment group create \ - --resource-group HUB_Networking_POC \ + --name $DeploymentName \ + --resource-group $ResourceGroupName \ --template-file infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep \ --parameters @infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json ``` @@ -126,15 +155,30 @@ az deployment group create \ # Set Platform connectivity subscription ID as the the current subscription $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +$TopLevelMGPrefix = "alz" + +# Set the Resource Group Name based on deployment type. ('prod' = Production, 'preprod' = Pre-Production, 'devtest' = Devtest etc.) +$DeploymentType = "prod" + +$ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-$DeploymentType-001" + +# Creating unique string to add to deployment name +$DateTime = Get-Date -UFormat %s +$LastFourDigits = $DateTime.substring($DateTime.Length - 4, 4) + +$DeploymentName = "hubNetworkingDeploy-$LastFourDigits" + Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId -New-AzResourceGroup -Name 'Hub_Networking_POC' ` +New-AzResourceGroup -Name $ResourceGroupName ` -Location 'eastus' New-AzResourceGroupDeployment ` + -Name $DeploymentName ` -TemplateFile infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep ` -TemplateParameterFile infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json ` - -ResourceGroupName 'Hub_Networking_POC' + -ResourceGroupName $ResourceGroupName ``` OR ```powershell @@ -142,15 +186,30 @@ OR # Set Platform connectivity subscription ID as the the current subscription $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +$TopLevelMGPrefix = "alz" + +# Set the Resource Group Name based on deployment type. ('prod' = Production, 'preprod' = Pre-Production, 'devtest' = Devtest etc.) +$DeploymentType = "prod" + +$ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-$DeploymentType-001" + +# Creating unique string to add to deployment name +$DateTime = Get-Date -UFormat %s +$LastFourDigits = $DateTime.substring($DateTime.Length - 4, 4) + +$DeploymentName = "hubNetworkingDeploy-$LastFourDigits" + Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId -New-AzResourceGroup -Name 'Hub_Networking_POC' ` +New-AzResourceGroup -Name $ResourceGroupName ` -Location 'chinaeast2' New-AzResourceGroupDeployment ` + -Name $DeploymentName ` -TemplateFile infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep ` -TemplateParameterFile infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json ` - -ResourceGroupName 'Hub_Networking_POC' + -ResourceGroupName $ResourceGroupName ``` ## Example Output in Azure global regions From 24bb1ead64ac3600bb018876dbde32542bdf2c21 Mon Sep 17 00:00:00 2001 From: JamJarchitect <53943045+JamJarchitect@users.noreply.github.com> Date: Thu, 25 Aug 2022 08:49:20 +0100 Subject: [PATCH 02/19] remove deployment type from naming convention --- .../bicep/modules/hubNetworking/README.md | 20 ++++--------------- 1 file changed, 4 insertions(+), 16 deletions(-) diff --git a/infra-as-code/bicep/modules/hubNetworking/README.md b/infra-as-code/bicep/modules/hubNetworking/README.md index 907dc58b0..f2afdd12f 100644 --- a/infra-as-code/bicep/modules/hubNetworking/README.md +++ b/infra-as-code/bicep/modules/hubNetworking/README.md @@ -99,10 +99,7 @@ az account set --subscription $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -# Set the Resource Group Name based on deployment type. ('prod' = Production, 'preprod' = Pre-Production, 'devtest' = Devtest etc.) -DeploymentType="prod" - -ResourceGroupName="rg-$TopLevelMGPrefix-hub-networking-$DeploymentType-001" +ResourceGroupName="rg-$TopLevelMGPrefix-hub-networking-001" # Creating unique string to add to deployment name Date="$(date +%s%N)" @@ -128,10 +125,7 @@ az account set --subscription $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -# Set the Resource Group Name based on deployment type. ('prod' = Production, 'preprod' = Pre-Production, 'devtest' = Devtest etc.) -DeploymentType="prod" - -ResourceGroupName="rg-$TopLevelMGPrefix-hub-networking-$DeploymentType-001" +ResourceGroupName="rg-$TopLevelMGPrefix-hub-networking-001" # Creating unique string to add to deployment name Date="$(date +%s%N)" @@ -158,10 +152,7 @@ $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -# Set the Resource Group Name based on deployment type. ('prod' = Production, 'preprod' = Pre-Production, 'devtest' = Devtest etc.) -$DeploymentType = "prod" - -$ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-$DeploymentType-001" +$ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-001" # Creating unique string to add to deployment name $DateTime = Get-Date -UFormat %s @@ -189,10 +180,7 @@ $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -# Set the Resource Group Name based on deployment type. ('prod' = Production, 'preprod' = Pre-Production, 'devtest' = Devtest etc.) -$DeploymentType = "prod" - -$ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-$DeploymentType-001" +$ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-001" # Creating unique string to add to deployment name $DateTime = Get-Date -UFormat %s From f79f1ef99386dde98f92c9449605f1dcaf9bf57d Mon Sep 17 00:00:00 2001 From: James Jones Date: Fri, 26 Aug 2022 15:57:11 +0100 Subject: [PATCH 03/19] example module 2 --- infra-as-code/bicep/modules/logging/README.md | 50 +++++++++++++++---- 1 file changed, 40 insertions(+), 10 deletions(-) diff --git a/infra-as-code/bicep/modules/logging/README.md b/infra-as-code/bicep/modules/logging/README.md index 095a7914e..2fdd20851 100644 --- a/infra-as-code/bicep/modules/logging/README.md +++ b/infra-as-code/bicep/modules/logging/README.md @@ -109,17 +109,32 @@ az deployment group create \ # Set Platform management subscripion ID as the the current subscription $ManagementSubscriptionId = "[your platform management subscription ID]" +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +$TopLevelMGPrefix = "alz" + +$ResourceGroupName = "rg-$TopLevelMGPrefix-logging-001" + +$DateTime = Get-Date -UFormat %s +$LastFourDigits = $DateTime.substring($DateTime.Length - 4, 4) + +$DeploymentName = "LoggingDeploy-$LastFourDigits" + +# Parameters necessary for deployment +$inputObject = @{ + DeploymentName = $DeploymentName + ResourceGroupName = $ResourceGroupName + TemplateParameterFile = "infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" + TemplateFile = "infra-as-code/bicep/modules/logging/logging.bicep" +} + Select-AzSubscription -SubscriptionId $ManagementSubscriptionId # Create Resource Group - optional when using an existing resource group New-AzResourceGroup ` - -Name alz-logging ` + -Name $ResourceGroupName ` -Location eastus -New-AzResourceGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/logging/logging.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json ` - -ResourceGroup alz-logging +New-AzResourceGroupDeployment @inputObject ``` OR ```powershell @@ -127,17 +142,32 @@ OR # Set Platform management subscripion ID as the the current subscription $ManagementSubscriptionId = "[your platform management subscription ID]" +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +$TopLevelMGPrefix = "alz" + +$ResourceGroupName = "rg-$TopLevelMGPrefix-logging-001" + +$DateTime = Get-Date -UFormat %s +$LastFourDigits = $DateTime.substring($DateTime.Length - 4, 4) + +$DeploymentName = "LoggingDeploy-$LastFourDigits" + +# Parameters necessary for deployment +$inputObject = @{ + DeploymentName = $DeploymentName + ResourceGroupName = $ResourceGroupName + TemplateParameterFile = "infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" + TemplateFile = "infra-as-code/bicep/modules/logging/logging.bicep" +} + Select-AzSubscription -SubscriptionId $ManagementSubscriptionId # Create Resource Group - optional when using an existing resource group New-AzResourceGroup ` - -Name alz-logging ` + -Name $ResourceGroupName ` -Location chinaeast2 -New-AzResourceGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/logging/logging.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/logging/parameters/mc-logging.parameters.all.json ` - -ResourceGroup alz-logging +New-AzResourceGroupDeployment @inputObject ``` ## Bicep Visualizer From 8aa066512f3f356f2cb48fef57d83d77d955bcdc Mon Sep 17 00:00:00 2001 From: James Jones Date: Tue, 30 Aug 2022 13:09:45 +0100 Subject: [PATCH 04/19] carml naming --- infra-as-code/bicep/modules/logging/README.md | 52 +++++++++++-------- 1 file changed, 30 insertions(+), 22 deletions(-) diff --git a/infra-as-code/bicep/modules/logging/README.md b/infra-as-code/bicep/modules/logging/README.md index 2fdd20851..b21dcb33f 100644 --- a/infra-as-code/bicep/modules/logging/README.md +++ b/infra-as-code/bicep/modules/logging/README.md @@ -72,16 +72,25 @@ There are separate input parameters files depending on which Azure cloud you are ManagementSubscriptionId="[your platform management subscription ID]" az account set --subscription $ManagementSubscriptionId +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +TopLevelMGPrefix="alz" + +ResourceGroupName="rg-$TopLevelMGPrefix-logging-001" + # Create Resource Group - optional when using an existing resource group az group create \ - --name alz-logging \ + --name $ResourceGroupName \ --location eastus + $inputObject = @( + '--name', ('LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--resource-group', $ResourceGroupName, + '--parameters', '@infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json', + '--template-file', "infra-as-code/bicep/modules/logging/logging.bicep" +) + # Deploy Module -az deployment group create \ - --template-file infra-as-code/bicep/modules/logging/logging.bicep \ - --parameters @infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json \ - --resource-group alz-logging +az deployment group create @inputObject ``` OR ```bash @@ -90,16 +99,25 @@ OR ManagementSubscriptionId="[your platform management subscription ID]" az account set --subscription $ManagementSubscriptionId +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +TopLevelMGPrefix="alz" + +ResourceGroupName="rg-$TopLevelMGPrefix-logging-001" + # Create Resource Group - optional when using an existing resource group az group create \ - --name alz-logging \ + --name $ResourceGroupName \ --location chinaeast2 + $inputObject = @( + '--name', 'ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]), + '--resource-group', $ResourceGroupName, + '--parameters', '@infra-as-code/bicep/modules/logging/parameters/mc-logging.parameters.all.json', + '--template-file', "infra-as-code/bicep/modules/logging/logging.bicep" +) + # Deploy Module -az deployment group create \ - --template-file infra-as-code/bicep/modules/logging/logging.bicep \ - --parameters @infra-as-code/bicep/modules/logging/parameters/mc-logging.parameters.all.json \ - --resource-group alz-logging +az deployment group create @inputObject ``` ### PowerShell @@ -114,14 +132,9 @@ $TopLevelMGPrefix = "alz" $ResourceGroupName = "rg-$TopLevelMGPrefix-logging-001" -$DateTime = Get-Date -UFormat %s -$LastFourDigits = $DateTime.substring($DateTime.Length - 4, 4) - -$DeploymentName = "LoggingDeploy-$LastFourDigits" - # Parameters necessary for deployment $inputObject = @{ - DeploymentName = $DeploymentName + DeploymentName = 'ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = $ResourceGroupName TemplateParameterFile = "infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" TemplateFile = "infra-as-code/bicep/modules/logging/logging.bicep" @@ -147,14 +160,9 @@ $TopLevelMGPrefix = "alz" $ResourceGroupName = "rg-$TopLevelMGPrefix-logging-001" -$DateTime = Get-Date -UFormat %s -$LastFourDigits = $DateTime.substring($DateTime.Length - 4, 4) - -$DeploymentName = "LoggingDeploy-$LastFourDigits" - # Parameters necessary for deployment $inputObject = @{ - DeploymentName = $DeploymentName + DeploymentName = 'ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = $ResourceGroupName TemplateParameterFile = "infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" TemplateFile = "infra-as-code/bicep/modules/logging/logging.bicep" From f2b9c9fa4aa46557f1f3494d4bfbff426ee6c0e1 Mon Sep 17 00:00:00 2001 From: James Jones Date: Tue, 30 Aug 2022 13:33:08 +0100 Subject: [PATCH 05/19] carml naming --- infra-as-code/bicep/modules/logging/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/infra-as-code/bicep/modules/logging/README.md b/infra-as-code/bicep/modules/logging/README.md index b21dcb33f..238408b47 100644 --- a/infra-as-code/bicep/modules/logging/README.md +++ b/infra-as-code/bicep/modules/logging/README.md @@ -110,7 +110,7 @@ az group create \ --location chinaeast2 $inputObject = @( - '--name', 'ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]), + '--name', 'LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]), '--resource-group', $ResourceGroupName, '--parameters', '@infra-as-code/bicep/modules/logging/parameters/mc-logging.parameters.all.json', '--template-file', "infra-as-code/bicep/modules/logging/logging.bicep" @@ -134,7 +134,7 @@ $ResourceGroupName = "rg-$TopLevelMGPrefix-logging-001" # Parameters necessary for deployment $inputObject = @{ - DeploymentName = 'ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = $ResourceGroupName TemplateParameterFile = "infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" TemplateFile = "infra-as-code/bicep/modules/logging/logging.bicep" @@ -162,7 +162,7 @@ $ResourceGroupName = "rg-$TopLevelMGPrefix-logging-001" # Parameters necessary for deployment $inputObject = @{ - DeploymentName = 'ExampleDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = $ResourceGroupName TemplateParameterFile = "infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" TemplateFile = "infra-as-code/bicep/modules/logging/logging.bicep" From 026d5c1e196cf770deba7c60ecdedbfbc315c7d6 Mon Sep 17 00:00:00 2001 From: James Jones Date: Thu, 1 Sep 2022 13:54:00 -0400 Subject: [PATCH 06/19] carml naming --- .../modules/customRoleDefinitions/README.md | 58 ++++++++---- .../bicep/modules/hubNetworking/README.md | 81 ++++++++--------- .../bicep/modules/managementGroups/README.md | 50 ++++++---- .../bicep/modules/roleAssignments/README.md | 60 ++++++++---- .../bicep/modules/spokeNetworking/README.md | 90 +++++++++++++----- .../modules/subscriptionPlacement/README.md | 57 ++++++++---- .../bicep/modules/vnetPeering/README.md | 91 +++++++++++++++---- .../bicep/modules/vnetPeeringVwan/README.md | 26 ++++-- 8 files changed, 347 insertions(+), 166 deletions(-) diff --git a/infra-as-code/bicep/modules/customRoleDefinitions/README.md b/infra-as-code/bicep/modules/customRoleDefinitions/README.md index 3aed7d069..70ec855ae 100644 --- a/infra-as-code/bicep/modules/customRoleDefinitions/README.md +++ b/infra-as-code/bicep/modules/customRoleDefinitions/README.md @@ -49,40 +49,58 @@ Input parameter file `parameters/customRoleDefinitions.parameters.all.json` defi ### Azure CLI ```bash # For Azure global regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/customRoleDefinitions/customRoleDefinitions.bicep \ - --parameters @infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json \ - --location eastus \ - --management-group-id alz + +$inputObject = @( + '--name', ('CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json', + '--location', 'eastus', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/modules/customRoleDefinitions/customRoleDefinitions.bicep" +) +az deployment mg create @inputObject ``` OR ```bash # For Azure China regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/customRoleDefinitions/mc-customRoleDefinitions.bicep \ - --parameters @infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json \ - --location chinaeast2 \ - --management-group-id alz + +$inputObject = @( + '--name', ('CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json', + '--location', 'chinaeast2', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/modules/customRoleDefinitions/mc-customRoleDefinitions.bicep" +) +az deployment mg create @inputObject ``` ### PowerShell ```powershell # For Azure global regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/customRoleDefinitions/customRoleDefinitions.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json ` - -Location eastus ` - -ManagementGroupId alz + +$inputObject = @{ + DeploymentName = 'CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'eastus' + TemplateParameterFile = 'infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/customRoleDefinitions/customRoleDefinitions.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` OR ```powershell # For Azure China regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/customRoleDefinitions/mc-customRoleDefinitions.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json ` - -Location chinaeast2 ` - -ManagementGroupId alz + +$inputObject = @{ + DeploymentName = 'CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'chinaeast2' + TemplateParameterFile = 'infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/customRoleDefinitions/mc-customRoleDefinitions.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` ![Example Deployment Output](media/exampleDeploymentOutput.png "Example Deployment Output") diff --git a/infra-as-code/bicep/modules/hubNetworking/README.md b/infra-as-code/bicep/modules/hubNetworking/README.md index f2afdd12f..6d0202f27 100644 --- a/infra-as-code/bicep/modules/hubNetworking/README.md +++ b/infra-as-code/bicep/modules/hubNetworking/README.md @@ -101,19 +101,17 @@ TopLevelMGPrefix="alz" ResourceGroupName="rg-$TopLevelMGPrefix-hub-networking-001" -# Creating unique string to add to deployment name -Date="$(date +%s%N)" -LastFourDigits=${Date: -4} -DeploymentName="hubNetworkingDeploy-$LastFourDigits" + $inputObject = @( + '--name', ('HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--resource-group', $ResourceGroupName, + '--parameters', '@infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json', + '--template-file', "infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" +) az group create --location eastus \ --name $ResourceGroupName -az deployment group create \ - --name $DeploymentName \ - --resource-group $ResourceGroupName \ - --template-file infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep \ - --parameters @infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json +az deployment group create @inputObject ``` OR ```bash @@ -127,19 +125,17 @@ TopLevelMGPrefix="alz" ResourceGroupName="rg-$TopLevelMGPrefix-hub-networking-001" -# Creating unique string to add to deployment name -Date="$(date +%s%N)" -LastFourDigits=${Date: -4} -DeploymentName="hubNetworkingDeploy-$LastFourDigits" + $inputObject = @( + '--name', ('HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--resource-group', $ResourceGroupName, + '--parameters', '@infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json', + '--template-file', "infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" +) az group create --location chinaeast2 \ --name $ResourceGroupName -az deployment group create \ - --name $DeploymentName \ - --resource-group $ResourceGroupName \ - --template-file infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep \ - --parameters @infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json +az deployment group create @inputObject ``` ### PowerShell @@ -149,27 +145,28 @@ az deployment group create \ # Set Platform connectivity subscription ID as the the current subscription $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" +Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId + +# Set Platform management subscripion ID as the the current subscription +$ManagementSubscriptionId = "[your platform management subscription ID]" + # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" $ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-001" -# Creating unique string to add to deployment name -$DateTime = Get-Date -UFormat %s -$LastFourDigits = $DateTime.substring($DateTime.Length - 4, 4) - -$DeploymentName = "hubNetworkingDeploy-$LastFourDigits" - -Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId +# Parameters necessary for deployment +$inputObject = @{ + DeploymentName = 'HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ResourceGroupName = $ResourceGroupName + TemplateParameterFile = "infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json" + TemplateFile = "infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" +} New-AzResourceGroup -Name $ResourceGroupName ` -Location 'eastus' -New-AzResourceGroupDeployment ` - -Name $DeploymentName ` - -TemplateFile infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json ` - -ResourceGroupName $ResourceGroupName +New-AzResourceGroupDeployment @inputObject ``` OR ```powershell @@ -177,27 +174,25 @@ OR # Set Platform connectivity subscription ID as the the current subscription $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" +Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId + # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" $ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-001" -# Creating unique string to add to deployment name -$DateTime = Get-Date -UFormat %s -$LastFourDigits = $DateTime.substring($DateTime.Length - 4, 4) - -$DeploymentName = "hubNetworkingDeploy-$LastFourDigits" - -Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId +# Parameters necessary for deployment +$inputObject = @{ + DeploymentName = 'HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ResourceGroupName = $ResourceGroupName + TemplateParameterFile = "infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json" + TemplateFile = "infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" +} New-AzResourceGroup -Name $ResourceGroupName ` -Location 'chinaeast2' - -New-AzResourceGroupDeployment ` - -Name $DeploymentName ` - -TemplateFile infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json ` - -ResourceGroupName $ResourceGroupName + +New-AzResourceGroupDeployment @inputObject ``` ## Example Output in Azure global regions diff --git a/infra-as-code/bicep/modules/managementGroups/README.md b/infra-as-code/bicep/modules/managementGroups/README.md index 2e5add383..949cf0096 100644 --- a/infra-as-code/bicep/modules/managementGroups/README.md +++ b/infra-as-code/bicep/modules/managementGroups/README.md @@ -120,36 +120,54 @@ In this example, the management groups are created at the `Tenant Root Group` th ### Azure CLI ```bash # For Azure global regions -az deployment tenant create \ - --template-file infra-as-code/bicep/modules/managementGroups/managementGroups.bicep \ - --parameters @infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json \ - --location eastus + +$inputObject = @( + '--name', ('MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json', + '--location', 'eastus', + '--template-file', "infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" +) + +az deployment tenant create @inputObject ``` OR ```bash # For Azure China regions -az deployment tenant create \ - --template-file infra-as-code/bicep/modules/managementGroups/managementGroups.bicep \ - --parameters @infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json \ - --location chinaeast2 + +$inputObject = @( + '--name', ('MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json', + '--location', 'chinaeast2', + '--template-file', "infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" +) + +az deployment tenant create @inputObject ``` ### PowerShell ```powershell # For Azure global regions -New-AzTenantDeployment ` - -TemplateFile infra-as-code/bicep/modules/managementGroups/managementGroups.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json ` - -Location eastus + +$inputObject = @{ + DeploymentName = 'MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + TemplateParameterFile = 'infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json' + Location = 'EastUS' + TemplateFile = "infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" +} +New-AzTenantDeployment @inputObject ``` OR ```powershell # For Azure China regions -New-AzTenantDeployment ` - -TemplateFile infra-as-code/bicep/modules/managementGroups/managementGroups.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json ` - -Location chinaeast2 + +$inputObject = @{ + DeploymentName = 'MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + TemplateParameterFile = 'infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json' + Location = 'chinaeast2' + TemplateFile = "infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" +} +New-AzTenantDeployment @inputObject ``` ![Example Deployment Output](media/exampleDeploymentOutput.png "Example Deployment Output") diff --git a/infra-as-code/bicep/modules/roleAssignments/README.md b/infra-as-code/bicep/modules/roleAssignments/README.md index e182e4975..50942b817 100644 --- a/infra-as-code/bicep/modules/roleAssignments/README.md +++ b/infra-as-code/bicep/modules/roleAssignments/README.md @@ -118,40 +118,60 @@ In this example, the built-in Reader role will be assigned to a Service Principa ```bash # For Azure global regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep \ - --parameters @infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json \ - --management-group-id alz-platform \ - --location eastus + +$inputObject = @( + '--name', ('RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json', + '--location', 'eastus', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep" +) + +az deployment mg create @inputObject ``` OR ```bash # For Azure China regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep \ - --parameters @infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json \ - --management-group-id alz-platform \ - --location chinaeast2 + +$inputObject = @( + '--name', ('RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json', + '--location', 'chinaeast2', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep" +) + +az deployment mg create @inputObject ``` ### PowerShell ```powershell # For Azure global regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json ` - -ManagementGroupId alz-platform ` - -Location eastus + +$inputObject = @{ + DeploymentName = 'RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'eastus' + TemplateParameterFile = 'infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` OR ```powershell # For Azure China regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json ` - -ManagementGroupId alz-platform ` - -Location chinaeast2 + +$inputObject = @{ + DeploymentName = 'RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'chinaeast2' + TemplateParameterFile = 'infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` ## Bicep Visualizer diff --git a/infra-as-code/bicep/modules/spokeNetworking/README.md b/infra-as-code/bicep/modules/spokeNetworking/README.md index ccfb75edf..6a517c2a7 100644 --- a/infra-as-code/bicep/modules/spokeNetworking/README.md +++ b/infra-as-code/bicep/modules/spokeNetworking/README.md @@ -48,30 +48,54 @@ In this example, the spoke resources will be deployed to the resource group spec # For Azure global regions # Set Azure Landing zone subscription ID as the the current subscription LandingZoneSubscriptionId="[your landing zone subscription ID]" + az account set --subscription $LandingZoneSubscriptionId -az group create --location eastus \ - --name Spoke_Networking_POC +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +TopLevelMGPrefix="alz" + +ResourceGroupName="rg-$TopLevelMGPrefix-spoke-networking-001" + +# Create Resource Group - optional when using an existing resource group +az group create \ + --name $ResourceGroupName \ + --location eastus + + $inputObject = @( + '--name', ('SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--resource-group', $ResourceGroupName, + '--parameters', '@infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json', + '--template-file', "infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" +) -az deployment group create \ - --resource-group Spoke_Networking_POC \ - --template-file infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep \ - --parameters @infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json +az deployment group create @inputObject ``` OR ```bash # For Azure China regions # Set Platform connectivity subscription ID as the the current subscription LandingZoneSubscriptionId="[your landing zone subscription ID]" + az account set --subscription $LandingZoneSubscriptionId -az group create --location chinaeast2 \ - --name Spoke_Networking_POC +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +TopLevelMGPrefix="alz" + +ResourceGroupName="rg-$TopLevelMGPrefix-spoke-networking-001" + +# Create Resource Group - optional when using an existing resource group +az group create \ + --name $ResourceGroupName \ + --location chinaeast2 -az deployment group create \ - --resource-group Spoke_Networking_POC \ - --template-file infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep \ - --parameters @infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json + $inputObject = @( + '--name', ('SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--resource-group', $ResourceGroupName, + '--parameters', '@infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json', + '--template-file', "infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" +) + +az deployment group create @inputObject ``` ### PowerShell @@ -83,13 +107,23 @@ $LandingZoneSubscriptionId = "[your landing zone subscription ID]" Select-AzSubscription -SubscriptionId $LandingZoneSubscriptionId -New-AzResourceGroup -Name 'Spoke_Networking_POC' ` - -Location 'EastUs2' +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +$TopLevelMGPrefix = "alz" + +$ResourceGroupName = "rg-$TopLevelMGPrefix-spoke-networking-001" + +# Parameters necessary for deployment +$inputObject = @{ + DeploymentName = 'SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ResourceGroupName = $ResourceGroupName + TemplateParameterFile = "infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json" + TemplateFile = "infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" +} + +New-AzResourceGroup -Name $ResourceGroupName ` + -Location 'eastus' -New-AzResourceGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json ` - -ResourceGroupName 'Spoke_Networking_POC' +New-AzResourceGroupDeployment @inputObject ``` OR ```powershell @@ -99,13 +133,23 @@ $LandingZoneSubscriptionId = "[your landing zone subscription ID]" Select-AzSubscription -SubscriptionId $LandingZoneSubscriptionId -New-AzResourceGroup -Name 'Spoke_Networking_POC' ` +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +$TopLevelMGPrefix = "alz" + +$ResourceGroupName = "rg-$TopLevelMGPrefix-spoke-networking-001" + +# Parameters necessary for deployment +$inputObject = @{ + DeploymentName = 'SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ResourceGroupName = $ResourceGroupName + TemplateParameterFile = "infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json" + TemplateFile = "infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" +} + +New-AzResourceGroup -Name $ResourceGroupName ` -Location 'chinaeast2' -New-AzResourceGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json ` - -ResourceGroupName 'Spoke_Networking_POC' +New-AzResourceGroupDeployment @inputObject ``` ## Example Output in Azure global regions diff --git a/infra-as-code/bicep/modules/subscriptionPlacement/README.md b/infra-as-code/bicep/modules/subscriptionPlacement/README.md index 178f7c4a0..647491efc 100644 --- a/infra-as-code/bicep/modules/subscriptionPlacement/README.md +++ b/infra-as-code/bicep/modules/subscriptionPlacement/README.md @@ -26,40 +26,57 @@ In this example, the subscriptions `34b63c8f-1782-42e6-8fb9-ba6ee8b99735` and `4 ### Azure CLI ```bash # For Azure global regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep \ - --parameters @infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json \ - --location eastus \ - --management-group-id alz + +$inputObject = @( + '--name', ('SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json', + '--location', 'eastus', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" +) +az deployment mg create @inputObject ``` OR ```bash # For Azure China regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep \ - --parameters @infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json \ - --location chinaeast2 \ - --management-group-id alz + +$inputObject = @( + '--name', ('SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json', + '--location', 'chinaeast2', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" +) +az deployment mg create @inputObject ``` ### PowerShell ```powershell # For Azure global regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json ` - -Location eastus ` - -ManagementGroupId alz + +$inputObject = @{ + DeploymentName = 'SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'eastus' + TemplateParameterFile = 'infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` OR ```powershell # For Azure China regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json ` - -Location chinaeast2 ` - -ManagementGroupId alz + +$inputObject = @{ + DeploymentName = 'SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'chinaeast2' + TemplateParameterFile = 'infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" +} +New-AzManagementGroupDeployment @inputObject ``` ## Bicep Visualizer diff --git a/infra-as-code/bicep/modules/vnetPeering/README.md b/infra-as-code/bicep/modules/vnetPeering/README.md index 237f9a33e..a0a6caec7 100644 --- a/infra-as-code/bicep/modules/vnetPeering/README.md +++ b/infra-as-code/bicep/modules/vnetPeering/README.md @@ -56,10 +56,25 @@ During the deployment step, we will take parameters provided in the example para LandingZoneSubscriptionId="[your Landing Zone subscription ID]" az account set --subscription $LandingZoneSubscriptionId -az deployment group create \ - --resource-group Spoke_Networking_POC \ - --template-file infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep \ - --parameters @infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +TopLevelMGPrefix="alz" + +ResourceGroupName="rg-$TopLevelMGPrefix-vnet-peering-001" + +# Create Resource Group - optional when using an existing resource group +az group create \ + --name $ResourceGroupName \ + --location eastus + + $inputObject = @( + '--name', ('vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--resource-group', $ResourceGroupName, + '--parameters', '@infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json', + '--template-file', "infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" +) + + +az deployment group create @inputObject ``` OR ```bash @@ -68,10 +83,24 @@ OR LandingZoneSubscriptionId="[your Landing Zone subscription ID]" az account set --subscription $LandingZoneSubscriptionId -az deployment group create \ - --resource-group Spoke_Networking_POC \ - --template-file infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep \ - --parameters @infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +TopLevelMGPrefix="alz" + +ResourceGroupName="rg-$TopLevelMGPrefix-logging-001" + +# Create Resource Group - optional when using an existing resource group +az group create \ + --name $ResourceGroupName \ + --location chinaeast2 + + $inputObject = @( + '--name', ('vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--resource-group', $ResourceGroupName, + '--parameters', '@infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json', + '--template-file', "infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" +) + +az deployment group create @inputObject ``` ### PowerShell @@ -83,10 +112,25 @@ $LandingZoneSubscriptionId = "[your Landing Zone subscription ID]" Select-AzSubscription -SubscriptionId $LandingZoneSubscriptionId -New-AzResourceGroupDeployment ` - -ResourceGroupName Spoke_Networking_POC ` - -TemplateFile infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +$TopLevelMGPrefix = "alz" + +$ResourceGroupName = "rg-$TopLevelMGPrefix-vnet-peering-001" + +# Create Resource Group - optional when using an existing resource group +New-AzResourceGroup ` + -Name $ResourceGroupName ` + -Location eastus + +# Parameters necessary for deployment +$inputObject = @{ + DeploymentName = 'vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ResourceGroupName = $ResourceGroupName + TemplateParameterFile = "infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" + TemplateFile = "ALZ-Bicep/infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" +} + +New-AzResourceGroupDeployment @inputObject ``` OR ```powershell @@ -96,10 +140,25 @@ $LandingZoneSubscriptionId = "[your Landing Zone subscription ID]" Select-AzSubscription -SubscriptionId $LandingZoneSubscriptionId -New-AzResourceGroupDeployment ` - -ResourceGroupName Spoke_Networking_POC ` - -TemplateFile infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json +# Create Resource Group - optional when using an existing resource group +New-AzResourceGroup ` + -Name $ResourceGroupName ` + -Location chinaeast2 + +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +$TopLevelMGPrefix = "alz" + +$ResourceGroupName = "rg-$TopLevelMGPrefix-vnet-peering-001" + +# Parameters necessary for deployment +$inputObject = @{ + DeploymentName = 'vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ResourceGroupName = $ResourceGroupName + TemplateParameterFile = "infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" + TemplateFile = "ALZ-Bicep/infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" +} + +New-AzResourceGroupDeployment @inputObject ``` ## Example output in Azure global regions diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md index b372e03fa..a315c2cc4 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md @@ -42,24 +42,34 @@ In this example, the remote spoke Vnet will be peered with the Vwan Virtual Hub # For Azure global regions # Set your Corp Connected Landing Zone subscription ID as the the current subscription $ConnectivitySubscriptionId="[your Landing Zone subscription ID]" + az account set --subscription $ConnectivitySubscriptionId -az deployment sub create \ - --template-file infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep \ - --parameters @infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json \ - --location eastus +$inputObject = @( + '--name', ('vnetPeeringVwanDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json', + '--location', 'eastus', + '--template-file', "infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" +) + +az deployment sub create @inputObject ``` OR ```bash # For Azure China regions # Set your Corp Connected Landing Zone subscription ID as the the current subscription $ConnectivitySubscriptionId="[your Landing Zone subscription ID]" + az account set --subscription $ConnectivitySubscriptionId -az deployment sub create \ - --template-file infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep \ - --parameters @infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json \ - --location chinaeast2 +$inputObject = @( + '--name', ('vnetPeeringVwanDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json', + '--location', 'chinaeast2', + '--template-file', "infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" +) + +az deployment sub create @inputObject ``` ### PowerShell From e55c4a772726583f9d34b4755964b81769f4439a Mon Sep 17 00:00:00 2001 From: James Jones Date: Thu, 1 Sep 2022 16:26:01 -0400 Subject: [PATCH 07/19] carml names --- .../modules/policy/assignments/README.md | 116 ++++++++++++------ .../policy/assignments/alzDefaults/README.md | 60 ++++++--- .../modules/policy/definitions/README.md | 57 ++++++--- 3 files changed, 153 insertions(+), 80 deletions(-) diff --git a/infra-as-code/bicep/modules/policy/assignments/README.md b/infra-as-code/bicep/modules/policy/assignments/README.md index 48ce053e0..f2811e640 100644 --- a/infra-as-code/bicep/modules/policy/assignments/README.md +++ b/infra-as-code/bicep/modules/policy/assignments/README.md @@ -47,40 +47,56 @@ In this example, the `Deny-PublicIP` custom policy definition will be deployed/a ```bash # For Azure global regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep \ - --parameters @infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json \ - --location eastus \ - --management-group-id alz-landingzones + +$inputObject = @( + '--name', ('PolicyDenyAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json', + '--location', 'eastus', + '--management-group-id', 'alz-landingzones', + '--template-file', "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" +) +az deployment mg create @inputObject ``` OR ```bash # For Azure China regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep \ - --parameters @infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json \ - --location chinaeast2 \ - --management-group-id alz-landingzones + +$inputObject = @( + '--name', ('PolicyDenyAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json', + '--location', 'chinaeast2', + '--management-group-id', 'alz-landingzones', + '--template-file', "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" +) +az deployment mg create @inputObject ``` #### PowerShell - Deny ```powershell # For Azure global regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json ` - -Location eastus ` - -ManagementGroupId 'alz-landingzones' + +$inputObject = @{ + DeploymentName = 'PolicyDenyAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz-landingzones' + Location = 'eastus' + TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" +} +New-AzManagementGroupDeployment @inputObject ``` OR ```powershell # For Azure China regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json ` - -Location chinaeast2 ` - -ManagementGroupId 'alz-landingzones' + +$inputObject = @{ + DeploymentName = 'PolicyDenyAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz-landingzones' + Location = 'chinaeast2' + TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" +} +New-AzManagementGroupDeployment @inputObject ``` ### DeployIfNotExists Effect @@ -98,40 +114,60 @@ In this example, the `Deploy-MDFC-Config` custom policy definition will be deplo ```bash # For Azure global regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep \ - --parameters @infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json \ - --location eastus \ - --management-group-id alz-landingzones + +$inputObject = @( + --name = 'PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + --management-group-id = 'alz-landingzones' + --location = 'eastus' + --parameters = '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json' + --template-file = "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" +) + +az deployment mg create @inputObject ``` OR ```bash # For Azure China regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep \ - --parameters @infra-as-code/bicep/modules/policy/assignments/parameters/mc-policyAssignmentManagementGroup.dine.parameters.all.json \ - --location chinaeast2 \ - --management-group-id alz-landingzones + +$inputObject = @( + --name = 'PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + --management-group-id = 'alz-landingzones' + --location = 'chinaeast2' + --parameters = '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json' + --template-file = "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" +) + +az deployment mg create @inputObject ``` #### PowerShell - DINE ```powershell # For Azure global regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json ` - -Location eastus ` - -ManagementGroupId 'alz-landingzones' + +$inputObject = @{ + DeploymentName = 'PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz-landingzones' + Location = 'eastus' + TemplateParameterFile = '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` OR ```powershell # For Azure China regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/policy/assignments/parameters/mc-policyAssignmentManagementGroup.dine.parameters.all.json ` - -Location chinaeast2 ` - -ManagementGroupId 'alz-landingzones' + +$inputObject = @{ + DeploymentName = 'PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz-landingzones' + Location = 'chinaeast2' + TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/parameters/mc-policyAssignmentManagementGroup.dine.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` ## Bicep Visualizer diff --git a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md index c4b1c8bf3..68a3460c8 100644 --- a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md +++ b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md @@ -37,40 +37,60 @@ The module does not generate any outputs. ### Azure CLI ```bash # For Azure global regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/policy/assignments/alzDefaults/alzDefaultPolicyAssignments.bicep \ - --parameters @infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json \ - --location eastus \ - --management-group-id alz + +$inputObject = @( + '--name', ('alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json', + '--location', 'eastus', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/modules/policy/assignments/alzDefaults/alzDefaultPolicyAssignments.bicep" +) + +az deployment mg create @inputObject ``` OR ```bash # For Azure China regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/policy/assignments/alzDefaults/mc-alzDefaultPolicyAssignments.bicep \ - --parameters @infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json \ - --location chinaeast2 \ - --management-group-id alz + +$inputObject = @( + '--name', ('alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json', + '--location', 'chinaeast2', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/modules/policy/assignments/alzDefaults/mc-alzDefaultPolicyAssignments.bicep" +) + +az deployment mg create @inputObject ``` ### PowerShell ```powershell # For Azure global regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/policy/assignments/alzDefaults/alzDefaultPolicyAssignments.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json ` - -Location eastus ` - -ManagementGroupId alz + +$inputObject = @{ + DeploymentName = 'alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'eastus' + TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/policy/assignments/alzDefaults/alzDefaultPolicyAssignments.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` OR ```powershell # For Azure China regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/policy/assignments/alzDefaults/mc-alzDefaultPolicyAssignments.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json ` - -Location chinaeast2 ` - -ManagementGroupId alz + +$inputObject = @{ + DeploymentName = 'alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'chinaeast2' + TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/mc-alzDefaultPolicyAssignments.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/policy/assignments/alzDefaults/alzDefaultPolicyAssignments.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` ## Bicep Visualizer diff --git a/infra-as-code/bicep/modules/policy/definitions/README.md b/infra-as-code/bicep/modules/policy/definitions/README.md index 17b50e1a0..859629e66 100644 --- a/infra-as-code/bicep/modules/policy/definitions/README.md +++ b/infra-as-code/bicep/modules/policy/definitions/README.md @@ -45,40 +45,57 @@ The input parameter file `parameters/customPolicyDefinitions.parameters.all.json ```bash # For Azure global regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/policy/definitions/customPolicyDefinitions.bicep \ - --parameters @infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json \ - --location eastus \ - --management-group-id alz + +$inputObject = @( + '--name', ('PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json', + '--location', 'eastus', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/modules/policy/definitions/customPolicyDefinitions.bicep" +) +az deployment mg create @inputObject ``` OR ```bash # For Azure China regions -az deployment mg create \ - --template-file infra-as-code/bicep/modules/policy/definitions/mc-customPolicyDefinitions.bicep \ - --parameters @infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json \ - --location chinaeast2 \ - --management-group-id alz + +$inputObject = @( + '--name', ('PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json', + '--location', 'chinaeast2', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/modules/policy/definitions/mc-customPolicyDefinitions.bicep" +) +az deployment mg create @inputObject ``` ### PowerShell ```powershell # For Azure global regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/policy/definitions/customPolicyDefinitions.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json ` - -Location eastus ` - -ManagementGroupId alz + +$inputObject = @{ + DeploymentName = 'PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'eastus' + TemplateParameterFile = 'infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/policy/definitions/customPolicyDefinitions.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` OR ```powershell # For Azure China regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/policy/definitions/mc-customPolicyDefinitions.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json ` - -Location chinaeast2 ` - -ManagementGroupId alz + +$inputObject = @{ + DeploymentName = 'PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'chinaeast2' + TemplateParameterFile = 'infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json' + TemplateFile = "infra-as-code/bicep/modules/policy/definitions/mc-customPolicyDefinitions.bicep" +} +New-AzManagementGroupDeployment @inputObject ``` ![Example Deployment Output](media/exampleDeploymentOutput.png "Example Deployment Output") From 7547419e6d21694628802cd0da042f1cfa8409f9 Mon Sep 17 00:00:00 2001 From: James Jones Date: Mon, 12 Sep 2022 11:09:34 +0200 Subject: [PATCH 08/19] CARML and orchestration --- .../bicep/CRML/containerRegistry/README.md | 29 +++++---- .../bicep/CRML/subscriptionAlias/README.md | 26 +++++--- .../orchestration/hubPeeredSpoke/README.md | 59 ++++++++++++------- .../orchestration/subPlacementAll/README.md | 59 ++++++++++++------- 4 files changed, 115 insertions(+), 58 deletions(-) diff --git a/infra-as-code/bicep/CRML/containerRegistry/README.md b/infra-as-code/bicep/CRML/containerRegistry/README.md index f363c1960..b657fed1c 100644 --- a/infra-as-code/bicep/CRML/containerRegistry/README.md +++ b/infra-as-code/bicep/CRML/containerRegistry/README.md @@ -36,24 +36,33 @@ We will take the default values and not pass any parameters. ### Azure CLI ```bash -az group create --location eastus2 \ +az group create --location eastus \ --name Bicep_ACR -az deployment group create \ - --resource-group Bicep_Acr \ - --template-file infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep \ - --parameters @infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json + $inputObject = @( + '--name', ('ContainerRegistry-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--resource-group', 'Bicep_ACR', + '--parameters', '@infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json', + '--template-file', "infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep", +) + +az deployment group create @inputObject ``` ### PowerShell ```powershell New-AzResourceGroup -Name 'Bicep_ACR' ` - -Location 'EastUs2' - -New-AzResourceGroupDeployment ` - -TemplateFile infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep ` - -TemplateParameterFile infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json + -Location 'EastUs' + + $inputObject = @{ + DeploymentName = 'ContainerRegistry-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ResourceGroupName = 'Bicep_ACR' + TemplateParameterFile = 'infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json' + TemplateFile = "infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep" +} + +New-AzResourceGroupDeployment @inputObject ``` ## Bicep Visualizer diff --git a/infra-as-code/bicep/CRML/subscriptionAlias/README.md b/infra-as-code/bicep/CRML/subscriptionAlias/README.md index 24200fca2..beb05d9af 100644 --- a/infra-as-code/bicep/CRML/subscriptionAlias/README.md +++ b/infra-as-code/bicep/CRML/subscriptionAlias/README.md @@ -39,19 +39,29 @@ In this example, the Subscription is created upon an EA Account through a tenant ### Azure CLI ```bash -az deployment tenant create \ - --template-file infra-as-code/bicep/CRML/subscriptionAlias/subscriptionAlias.bicep \ - --parameters @infra-as-code/bicep/CRML/subscriptionAlias/parameters/subscriptionAlias.parameters.all.json \ - --location eastus + +$inputObject = @( + '--name', ('SubscriptionAlias-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/CRML/subscriptionAlias/parameters/subscriptionAlias.parameters.all.json', + '--location', 'EastUS', + '--template-file', "infra-as-code/bicep/CRML/subscriptionAlias/subscriptionAlias.bicep" +) + +az deployment tenant create @inputObject ``` ### PowerShell ```powershell -New-AzTenantDeployment ` - -TemplateFile infra-as-code/bicep/CRML/subscriptionAlias/subscriptionAlias.bicep ` - -TemplateParameterFile infra-as-code/bicep/CRML/subscriptionAlias/parameters/subscriptionAlias.parameters.all.json ` - -Location eastus + +$inputObject = @{ + DeploymentName = 'SubscriptionAlias-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + TemplateParameterFile = 'infra-as-code/bicep/CRML/subscriptionAlias/parameters/subscriptionAlias.parameters.all.json' + Location = 'EastUS' + TemplateFile = "infra-as-code/bicep/CRML/subscriptionAlias/subscriptionAlias.bicep" +} + +New-AzTenantDeployment @inputObject ``` ### Output Screenshot diff --git a/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md b/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md index aecd7a56d..c6df35c50 100644 --- a/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md +++ b/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md @@ -63,41 +63,60 @@ In this example, the spoke resources will be deployed to the resource group spec ### Azure CLI ```bash # For Azure global regions -az deployment mg create \ - --template-file infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep \ - --parameters @infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json \ - --location eastus \ - --management-group-id alz + +$inputObject = @( + '--name', ('HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json', + '--location', 'EastUS', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" +) + +az deployment mg create @inputObject ``` OR ```bash # For Azure China regions -az deployment mg create \ - --template-file infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep \ - --parameters @infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json \ - --location chinaeast2 \ - --management-group-id alz + +$inputObject = @( + '--name', ('HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json', + '--location', 'chinaeast2', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" +) + +az deployment mg create @inputObject ``` ### PowerShell ```powershell # For Azure global regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep ` - -TemplateParameterFile infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json ` - -Location eastus ` - -ManagementGroupId alz + +$inputObject = @{ + DeploymentName = 'HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'EastUS' + TemplateParameterFile = 'infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json' + TemplateFile = "infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` OR ```powershell # For Azure China regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep ` - -TemplateParameterFile infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json ` - -Location chinaeast2 ` - -ManagementGroupId alz +$inputObject = @{ + DeploymentName = 'HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'chinaeast2' + TemplateParameterFile = 'infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json' + TemplateFile = "infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` ## Bicep Visualizer diff --git a/infra-as-code/bicep/orchestration/subPlacementAll/README.md b/infra-as-code/bicep/orchestration/subPlacementAll/README.md index cf7ebd70a..46c5a69d7 100644 --- a/infra-as-code/bicep/orchestration/subPlacementAll/README.md +++ b/infra-as-code/bicep/orchestration/subPlacementAll/README.md @@ -94,45 +94,64 @@ This however may be done as part of another process, for example upon Subscripti ```bash # For Azure global regions -az deployment mg create \ - --template-file infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep \ - --parameters @infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json \ - --location eastus \ - --management-group-id alz + +$inputObject = @( + '--name', ('SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json', + '--location', 'EastUS', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep" +) + +az deployment mg create @inputObject ``` OR ```bash # For Azure China regions -az deployment mg create \ - --template-file infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep \ - --parameters @infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json \ - --location chinaeast2 \ - --management-group-id alz + +$inputObject = @( + '--name', ('SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--parameters', '@infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json', + '--location', 'chinaeast2', + '--management-group-id', 'alz', + '--template-file', "infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep" +) + +az deployment mg create @inputObject ``` ### PowerShell ```powershell # For Azure global regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep ` - -TemplateParameterFile infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json ` - -Location eastus ` - -ManagementGroupId alz + +$inputObject = @{ + DeploymentName = 'SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'EastUS' + TemplateParameterFile = 'infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json' + TemplateFile = "infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` OR ```powershell # For Azure China regions -New-AzManagementGroupDeployment ` - -TemplateFile infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep ` - -TemplateParameterFile infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json ` - -Location chinaeast2 ` - -ManagementGroupId alz +$inputObject = @{ + DeploymentName = 'SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ManagementGroupId = 'alz' + Location = 'chinaeast2' + TemplateParameterFile = 'infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json' + TemplateFile = "infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep" +} + +New-AzManagementGroupDeployment @inputObject ``` ## Bicep Visualizer From 29b218e7680133798c3d12b64f3cc8c3776f8004 Mon Sep 17 00:00:00 2001 From: James Jones Date: Mon, 12 Sep 2022 11:15:16 +0200 Subject: [PATCH 09/19] formatting --- infra-as-code/bicep/CRML/containerRegistry/README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/infra-as-code/bicep/CRML/containerRegistry/README.md b/infra-as-code/bicep/CRML/containerRegistry/README.md index b657fed1c..1cc084100 100644 --- a/infra-as-code/bicep/CRML/containerRegistry/README.md +++ b/infra-as-code/bicep/CRML/containerRegistry/README.md @@ -39,11 +39,11 @@ We will take the default values and not pass any parameters. az group create --location eastus \ --name Bicep_ACR - $inputObject = @( - '--name', ('ContainerRegistry-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--resource-group', 'Bicep_ACR', - '--parameters', '@infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json', - '--template-file', "infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep", +$inputObject = @( +'--name', ('ContainerRegistry-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), +'--resource-group', 'Bicep_ACR', +'--parameters', '@infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json', +'--template-file', "infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep", ) az deployment group create @inputObject From f480aab5263ce2800fb61a7319886dff7ab12245 Mon Sep 17 00:00:00 2001 From: James Jones Date: Mon, 12 Sep 2022 15:55:12 +0200 Subject: [PATCH 10/19] prefix, pdnszone, conforming names --- .../bicep/CRML/containerRegistry/README.md | 5 +- .../bicep/CRML/subscriptionAlias/README.md | 5 +- .../modules/customRoleDefinitions/README.md | 10 ++- .../bicep/modules/hubNetworking/README.md | 9 +- infra-as-code/bicep/modules/logging/README.md | 9 +- .../bicep/modules/managementGroups/README.md | 9 +- .../modules/policy/assignments/README.md | 18 ++-- .../policy/assignments/alzDefaults/README.md | 7 +- .../modules/policy/definitions/README.md | 9 +- .../bicep/modules/privateDnsZones/README.md | 80 +++++++++++++---- .../bicep/modules/roleAssignments/README.md | 9 +- .../bicep/modules/spokeNetworking/README.md | 9 +- .../modules/subscriptionPlacement/README.md | 9 +- .../bicep/modules/vnetPeering/README.md | 9 +- .../bicep/modules/vnetPeeringVwan/README.md | 30 ++++--- .../bicep/modules/vwanConnectivity/README.md | 86 +++++++++++++++---- .../orchestration/hubPeeredSpoke/README.md | 9 +- .../orchestration/subPlacementAll/README.md | 9 +- 18 files changed, 227 insertions(+), 104 deletions(-) diff --git a/infra-as-code/bicep/CRML/containerRegistry/README.md b/infra-as-code/bicep/CRML/containerRegistry/README.md index 1cc084100..5cbf6775b 100644 --- a/infra-as-code/bicep/CRML/containerRegistry/README.md +++ b/infra-as-code/bicep/CRML/containerRegistry/README.md @@ -34,13 +34,14 @@ We will take the default values and not pass any parameters. > For the below examples we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash az group create --location eastus \ --name Bicep_ACR $inputObject = @( -'--name', ('ContainerRegistry-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), +'--name', ('alz-ContainerRegistry-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--resource-group', 'Bicep_ACR', '--parameters', '@infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json', '--template-file', "infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep", @@ -56,7 +57,7 @@ New-AzResourceGroup -Name 'Bicep_ACR' ` -Location 'EastUs' $inputObject = @{ - DeploymentName = 'ContainerRegistry-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-ContainerRegistry-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = 'Bicep_ACR' TemplateParameterFile = 'infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json' TemplateFile = "infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep" diff --git a/infra-as-code/bicep/CRML/subscriptionAlias/README.md b/infra-as-code/bicep/CRML/subscriptionAlias/README.md index beb05d9af..2e9c55ac9 100644 --- a/infra-as-code/bicep/CRML/subscriptionAlias/README.md +++ b/infra-as-code/bicep/CRML/subscriptionAlias/README.md @@ -38,10 +38,11 @@ In this example, the Subscription is created upon an EA Account through a tenant > For the below examples we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash $inputObject = @( - '--name', ('SubscriptionAlias-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-SubscriptionAlias-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/CRML/subscriptionAlias/parameters/subscriptionAlias.parameters.all.json', '--location', 'EastUS', '--template-file', "infra-as-code/bicep/CRML/subscriptionAlias/subscriptionAlias.bicep" @@ -55,7 +56,7 @@ az deployment tenant create @inputObject ```powershell $inputObject = @{ - DeploymentName = 'SubscriptionAlias-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-SubscriptionAlias-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) TemplateParameterFile = 'infra-as-code/bicep/CRML/subscriptionAlias/parameters/subscriptionAlias.parameters.all.json' Location = 'EastUS' TemplateFile = "infra-as-code/bicep/CRML/subscriptionAlias/subscriptionAlias.bicep" diff --git a/infra-as-code/bicep/modules/customRoleDefinitions/README.md b/infra-as-code/bicep/modules/customRoleDefinitions/README.md index 70ec855ae..b84b61e56 100644 --- a/infra-as-code/bicep/modules/customRoleDefinitions/README.md +++ b/infra-as-code/bicep/modules/customRoleDefinitions/README.md @@ -47,11 +47,13 @@ Input parameter file `parameters/customRoleDefinitions.parameters.all.json` defi > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** + ```bash # For Azure global regions $inputObject = @( - '--name', ('CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json', '--location', 'eastus', '--management-group-id', 'alz', @@ -64,7 +66,7 @@ OR # For Azure China regions $inputObject = @( - '--name', ('CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json', '--location', 'chinaeast2', '--management-group-id', 'alz', @@ -79,7 +81,7 @@ az deployment mg create @inputObject # For Azure global regions $inputObject = @{ - DeploymentName = 'CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'eastus' TemplateParameterFile = 'infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json' @@ -93,7 +95,7 @@ OR # For Azure China regions $inputObject = @{ - DeploymentName = 'CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'chinaeast2' TemplateParameterFile = 'infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json' diff --git a/infra-as-code/bicep/modules/hubNetworking/README.md b/infra-as-code/bicep/modules/hubNetworking/README.md index 6d0202f27..1218cc447 100644 --- a/infra-as-code/bicep/modules/hubNetworking/README.md +++ b/infra-as-code/bicep/modules/hubNetworking/README.md @@ -89,6 +89,7 @@ There are two different sets of input parameters; one for deploying to Azure glo > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions # Set Platform connectivity subscription ID as the the current subscription @@ -102,7 +103,7 @@ TopLevelMGPrefix="alz" ResourceGroupName="rg-$TopLevelMGPrefix-hub-networking-001" $inputObject = @( - '--name', ('HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--resource-group', $ResourceGroupName, '--parameters', '@infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json', '--template-file', "infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" @@ -126,7 +127,7 @@ TopLevelMGPrefix="alz" ResourceGroupName="rg-$TopLevelMGPrefix-hub-networking-001" $inputObject = @( - '--name', ('HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--resource-group', $ResourceGroupName, '--parameters', '@infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json', '--template-file', "infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" @@ -157,7 +158,7 @@ $ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-001" # Parameters necessary for deployment $inputObject = @{ - DeploymentName = 'HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = $ResourceGroupName TemplateParameterFile = "infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json" TemplateFile = "infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" @@ -183,7 +184,7 @@ $ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-001" # Parameters necessary for deployment $inputObject = @{ - DeploymentName = 'HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = $ResourceGroupName TemplateParameterFile = "infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json" TemplateFile = "infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" diff --git a/infra-as-code/bicep/modules/logging/README.md b/infra-as-code/bicep/modules/logging/README.md index 238408b47..6ec108beb 100644 --- a/infra-as-code/bicep/modules/logging/README.md +++ b/infra-as-code/bicep/modules/logging/README.md @@ -66,6 +66,7 @@ There are separate input parameters files depending on which Azure cloud you are > If the deployment failed due an error that your alz-log-analytics/Automation resource of type 'Microsoft.OperationalInsights/workspaces/linkedServices' was not found, please retry the deployment step and it would succeed. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure Global regions # Set Platform management subscripion ID as the the current subscription @@ -83,7 +84,7 @@ az group create \ --location eastus $inputObject = @( - '--name', ('LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--resource-group', $ResourceGroupName, '--parameters', '@infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json', '--template-file', "infra-as-code/bicep/modules/logging/logging.bicep" @@ -110,7 +111,7 @@ az group create \ --location chinaeast2 $inputObject = @( - '--name', 'LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]), + '--name', 'alz-LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]), '--resource-group', $ResourceGroupName, '--parameters', '@infra-as-code/bicep/modules/logging/parameters/mc-logging.parameters.all.json', '--template-file', "infra-as-code/bicep/modules/logging/logging.bicep" @@ -134,7 +135,7 @@ $ResourceGroupName = "rg-$TopLevelMGPrefix-logging-001" # Parameters necessary for deployment $inputObject = @{ - DeploymentName = 'LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = $ResourceGroupName TemplateParameterFile = "infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" TemplateFile = "infra-as-code/bicep/modules/logging/logging.bicep" @@ -162,7 +163,7 @@ $ResourceGroupName = "rg-$TopLevelMGPrefix-logging-001" # Parameters necessary for deployment $inputObject = @{ - DeploymentName = 'LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = $ResourceGroupName TemplateParameterFile = "infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" TemplateFile = "infra-as-code/bicep/modules/logging/logging.bicep" diff --git a/infra-as-code/bicep/modules/managementGroups/README.md b/infra-as-code/bicep/modules/managementGroups/README.md index 949cf0096..033bc32cb 100644 --- a/infra-as-code/bicep/modules/managementGroups/README.md +++ b/infra-as-code/bicep/modules/managementGroups/README.md @@ -118,11 +118,12 @@ In this example, the management groups are created at the `Tenant Root Group` th > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions $inputObject = @( - '--name', ('MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json', '--location', 'eastus', '--template-file', "infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" @@ -135,7 +136,7 @@ OR # For Azure China regions $inputObject = @( - '--name', ('MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json', '--location', 'chinaeast2', '--template-file', "infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" @@ -150,7 +151,7 @@ az deployment tenant create @inputObject # For Azure global regions $inputObject = @{ - DeploymentName = 'MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) TemplateParameterFile = 'infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json' Location = 'EastUS' TemplateFile = "infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" @@ -162,7 +163,7 @@ OR # For Azure China regions $inputObject = @{ - DeploymentName = 'MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) TemplateParameterFile = 'infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json' Location = 'chinaeast2' TemplateFile = "infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" diff --git a/infra-as-code/bicep/modules/policy/assignments/README.md b/infra-as-code/bicep/modules/policy/assignments/README.md index f2811e640..c582325d2 100644 --- a/infra-as-code/bicep/modules/policy/assignments/README.md +++ b/infra-as-code/bicep/modules/policy/assignments/README.md @@ -44,12 +44,13 @@ The module does not generate any outputs. In this example, the `Deny-PublicIP` custom policy definition will be deployed/assigned to the `alz-landingzones` management group. #### Azure CLI - Deny +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions $inputObject = @( - '--name', ('PolicyDenyAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-PolicyDenyAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json', '--location', 'eastus', '--management-group-id', 'alz-landingzones', @@ -62,7 +63,7 @@ OR # For Azure China regions $inputObject = @( - '--name', ('PolicyDenyAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-PolicyDenyAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json', '--location', 'chinaeast2', '--management-group-id', 'alz-landingzones', @@ -77,7 +78,7 @@ az deployment mg create @inputObject # For Azure global regions $inputObject = @{ - DeploymentName = 'PolicyDenyAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-PolicyDenyAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz-landingzones' Location = 'eastus' TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json' @@ -90,7 +91,7 @@ OR # For Azure China regions $inputObject = @{ - DeploymentName = 'PolicyDenyAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-PolicyDenyAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz-landingzones' Location = 'chinaeast2' TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json' @@ -111,12 +112,13 @@ There are two different sets of input parameters files; one for deploying to Azu In this example, the `Deploy-MDFC-Config` custom policy definition will be deployed/assigned to the `alz-landingzones` management group (intermediate root management group). And the managed identity associated with the policy will also be assigned to the `alz-platform` management group, as defined in the parameter file: `parameters/policyAssignmentManagementGroup.dine.parameters.all.json` or `parameters/mc-policyAssignmentManagementGroup.dine.parameters.all.json` #### Azure CLI - DINE +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions $inputObject = @( - --name = 'PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + --name = 'alz-PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) --management-group-id = 'alz-landingzones' --location = 'eastus' --parameters = '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json' @@ -130,7 +132,7 @@ OR # For Azure China regions $inputObject = @( - --name = 'PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + --name = 'alz-PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) --management-group-id = 'alz-landingzones' --location = 'chinaeast2' --parameters = '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json' @@ -146,7 +148,7 @@ az deployment mg create @inputObject # For Azure global regions $inputObject = @{ - DeploymentName = 'PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz-landingzones' Location = 'eastus' TemplateParameterFile = '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json' @@ -160,7 +162,7 @@ OR # For Azure China regions $inputObject = @{ - DeploymentName = 'PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz-landingzones' Location = 'chinaeast2' TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/parameters/mc-policyAssignmentManagementGroup.dine.parameters.all.json' diff --git a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md index 68a3460c8..72bfe8214 100644 --- a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md +++ b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md @@ -35,11 +35,12 @@ The module does not generate any outputs. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions $inputObject = @( - '--name', ('alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json', '--location', 'eastus', '--management-group-id', 'alz', @@ -53,7 +54,7 @@ OR # For Azure China regions $inputObject = @( - '--name', ('alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json', '--location', 'chinaeast2', '--management-group-id', 'alz', @@ -69,7 +70,7 @@ az deployment mg create @inputObject # For Azure global regions $inputObject = @{ - DeploymentName = 'alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'eastus' TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json' diff --git a/infra-as-code/bicep/modules/policy/definitions/README.md b/infra-as-code/bicep/modules/policy/definitions/README.md index 859629e66..8a52d1905 100644 --- a/infra-as-code/bicep/modules/policy/definitions/README.md +++ b/infra-as-code/bicep/modules/policy/definitions/README.md @@ -42,12 +42,13 @@ The input parameter file `parameters/customPolicyDefinitions.parameters.all.json > If the deployment provisioning state has failed due to policy definitions could not be found, this is often due to a known replication delay. Please re-run the deployment step below, and the deployment should succeed. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions $inputObject = @( - '--name', ('PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json', '--location', 'eastus', '--management-group-id', 'alz', @@ -60,7 +61,7 @@ OR # For Azure China regions $inputObject = @( - '--name', ('PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json', '--location', 'chinaeast2', '--management-group-id', 'alz', @@ -75,7 +76,7 @@ az deployment mg create @inputObject # For Azure global regions $inputObject = @{ - DeploymentName = 'PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'eastus' TemplateParameterFile = 'infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json' @@ -89,7 +90,7 @@ OR # For Azure China regions $inputObject = @{ - DeploymentName = 'PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'chinaeast2' TemplateParameterFile = 'infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json' diff --git a/infra-as-code/bicep/modules/privateDnsZones/README.md b/infra-as-code/bicep/modules/privateDnsZones/README.md index e2848eb02..39fc9ee8f 100644 --- a/infra-as-code/bicep/modules/privateDnsZones/README.md +++ b/infra-as-code/bicep/modules/privateDnsZones/README.md @@ -76,19 +76,33 @@ There are two different sets of input parameters; one for deploying to Azure glo > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions # Set Platform connectivity subscription ID as the the current subscription ConnectivitySubscriptionId="[your platform connectivity subscription ID]" az account set --subscription $ConnectivitySubscriptionId +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +TopLevelMGPrefix="alz" + +ResourceGroupName="rg-$TopLevelMGPrefix-private-dns-001" + az group create --location eastus \ - --name Hub_PrivateDNS_POC + --name Hub_$ResourceGroupName + +$inputObject = @( + '--name', ('alz-PrivateDnsZonesDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--resource-group', $ResourceGroupName, + '--parameters', '@infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json', + '--template-file', "infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep", +) + +az deployment group create @inputObject az deployment group create \ --resource-group Hub_PrivateDNS_POC \ --template-file infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep \ - --parameters @infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json ``` OR ```bash @@ -97,13 +111,22 @@ OR ConnectivitySubscriptionId="[your platform connectivity subscription ID]" az account set --subscription $ConnectivitySubscriptionId +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +TopLevelMGPrefix="alz" + +ResourceGroupName="rg-$TopLevelMGPrefix-private-dns-001" + az group create --location chinaeast2 \ - --name Hub_PrivateDNS_POC + --name Hub_$ResourceGroupName -az deployment group create \ - --resource-group Hub_PrivateDNS_POC \ - --template-file infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep \ - --parameters @infra-as-code/bicep/modules/privateDnsZones/parameters/mc-privateDnsZones.parameters.all.json +$inputObject = @( + '--name', ('alz-PrivateDnsZonesDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--resource-group', $ResourceGroupName, + '--parameters', '@infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json', + '--template-file', "infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep", +) + +az deployment group create @inputObject ``` ### PowerShell @@ -115,13 +138,25 @@ $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId -New-AzResourceGroup -Name 'Hub_PrivateDNS_POC' ` +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +$TopLevelMGPrefix = "alz" + +$ResourceGroupName = "rg-$TopLevelMGPrefix-private-dns-001" + + + +New-AzResourceGroup -Name $ResourceGroupName ` -Location 'eastus' + +$inputObject = @{ + DeploymentName = 'alz-PrivateDnsZonesDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ResourceGroupName = $ResourceGroupName + TemplateParameterFile = "infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json" + TemplateFile = "infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep" +} + +New-AzResourceGroupDeployment @inputObject -New-AzResourceGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json ` - -ResourceGroupName 'Hub_PrivateDNS_POC' ``` OR ```powershell @@ -131,13 +166,22 @@ $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId -New-AzResourceGroup -Name 'Hub_PrivateDNS_POC' ` +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +$TopLevelMGPrefix = "alz" + +$ResourceGroupName = "rg-$TopLevelMGPrefix-private-dns-001" + +New-AzResourceGroup -Name $ResourceGroupName ` -Location 'chinaeast2' - -New-AzResourceGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/privateDnsZones/parameters/mc-privateDnsZones.parameters.all.json - -ResourceGroupName 'Hub_PrivateDNS_POC' + +$inputObject = @{ + DeploymentName = 'alz-PrivateDnsZonesDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ResourceGroupName = $ResourceGroupName + TemplateParameterFile = "infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json" + TemplateFile = "infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep" +} + +New-AzResourceGroupDeployment @inputObject ``` ## Example Output in Azure global regions diff --git a/infra-as-code/bicep/modules/roleAssignments/README.md b/infra-as-code/bicep/modules/roleAssignments/README.md index 50942b817..8a432374f 100644 --- a/infra-as-code/bicep/modules/roleAssignments/README.md +++ b/infra-as-code/bicep/modules/roleAssignments/README.md @@ -115,12 +115,13 @@ In this example, the built-in Reader role will be assigned to a Service Principa > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions $inputObject = @( - '--name', ('RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json', '--location', 'eastus', '--management-group-id', 'alz', @@ -134,7 +135,7 @@ OR # For Azure China regions $inputObject = @( - '--name', ('RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json', '--location', 'chinaeast2', '--management-group-id', 'alz', @@ -150,7 +151,7 @@ az deployment mg create @inputObject # For Azure global regions $inputObject = @{ - DeploymentName = 'RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'eastus' TemplateParameterFile = 'infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json' @@ -164,7 +165,7 @@ OR # For Azure China regions $inputObject = @{ - DeploymentName = 'RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'chinaeast2' TemplateParameterFile = 'infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json' diff --git a/infra-as-code/bicep/modules/spokeNetworking/README.md b/infra-as-code/bicep/modules/spokeNetworking/README.md index 6a517c2a7..d2b89fcfa 100644 --- a/infra-as-code/bicep/modules/spokeNetworking/README.md +++ b/infra-as-code/bicep/modules/spokeNetworking/README.md @@ -44,6 +44,7 @@ In this example, the spoke resources will be deployed to the resource group spec > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions # Set Azure Landing zone subscription ID as the the current subscription @@ -62,7 +63,7 @@ az group create \ --location eastus $inputObject = @( - '--name', ('SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--resource-group', $ResourceGroupName, '--parameters', '@infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json', '--template-file', "infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" @@ -89,7 +90,7 @@ az group create \ --location chinaeast2 $inputObject = @( - '--name', ('SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--resource-group', $ResourceGroupName, '--parameters', '@infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json', '--template-file', "infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" @@ -114,7 +115,7 @@ $ResourceGroupName = "rg-$TopLevelMGPrefix-spoke-networking-001" # Parameters necessary for deployment $inputObject = @{ - DeploymentName = 'SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = $ResourceGroupName TemplateParameterFile = "infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json" TemplateFile = "infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" @@ -140,7 +141,7 @@ $ResourceGroupName = "rg-$TopLevelMGPrefix-spoke-networking-001" # Parameters necessary for deployment $inputObject = @{ - DeploymentName = 'SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = $ResourceGroupName TemplateParameterFile = "infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json" TemplateFile = "infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" diff --git a/infra-as-code/bicep/modules/subscriptionPlacement/README.md b/infra-as-code/bicep/modules/subscriptionPlacement/README.md index 647491efc..62c058029 100644 --- a/infra-as-code/bicep/modules/subscriptionPlacement/README.md +++ b/infra-as-code/bicep/modules/subscriptionPlacement/README.md @@ -24,11 +24,12 @@ In this example, the subscriptions `34b63c8f-1782-42e6-8fb9-ba6ee8b99735` and `4 > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions $inputObject = @( - '--name', ('SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json', '--location', 'eastus', '--management-group-id', 'alz', @@ -41,7 +42,7 @@ OR # For Azure China regions $inputObject = @( - '--name', ('SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json', '--location', 'chinaeast2', '--management-group-id', 'alz', @@ -56,7 +57,7 @@ az deployment mg create @inputObject # For Azure global regions $inputObject = @{ - DeploymentName = 'SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'eastus' TemplateParameterFile = 'infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json' @@ -70,7 +71,7 @@ OR # For Azure China regions $inputObject = @{ - DeploymentName = 'SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'chinaeast2' TemplateParameterFile = 'infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json' diff --git a/infra-as-code/bicep/modules/vnetPeering/README.md b/infra-as-code/bicep/modules/vnetPeering/README.md index a0a6caec7..e59e32cc0 100644 --- a/infra-as-code/bicep/modules/vnetPeering/README.md +++ b/infra-as-code/bicep/modules/vnetPeering/README.md @@ -50,6 +50,7 @@ During the deployment step, we will take parameters provided in the example para > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions # Set your Corp Connected Landing Zone subscription ID as the the current subscription @@ -67,7 +68,7 @@ az group create \ --location eastus $inputObject = @( - '--name', ('vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--resource-group', $ResourceGroupName, '--parameters', '@infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json', '--template-file', "infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" @@ -94,7 +95,7 @@ az group create \ --location chinaeast2 $inputObject = @( - '--name', ('vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--resource-group', $ResourceGroupName, '--parameters', '@infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json', '--template-file', "infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" @@ -124,7 +125,7 @@ New-AzResourceGroup ` # Parameters necessary for deployment $inputObject = @{ - DeploymentName = 'vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = $ResourceGroupName TemplateParameterFile = "infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" TemplateFile = "ALZ-Bicep/infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" @@ -152,7 +153,7 @@ $ResourceGroupName = "rg-$TopLevelMGPrefix-vnet-peering-001" # Parameters necessary for deployment $inputObject = @{ - DeploymentName = 'vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ResourceGroupName = $ResourceGroupName TemplateParameterFile = "infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" TemplateFile = "ALZ-Bicep/infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md index a315c2cc4..d43b2ef4f 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md @@ -38,6 +38,7 @@ In this example, the remote spoke Vnet will be peered with the Vwan Virtual Hub > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions # Set your Corp Connected Landing Zone subscription ID as the the current subscription @@ -46,7 +47,7 @@ $ConnectivitySubscriptionId="[your Landing Zone subscription ID]" az account set --subscription $ConnectivitySubscriptionId $inputObject = @( - '--name', ('vnetPeeringVwanDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-vnetPeeringVwanDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json', '--location', 'eastus', '--template-file', "infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" @@ -63,7 +64,7 @@ $ConnectivitySubscriptionId="[your Landing Zone subscription ID]" az account set --subscription $ConnectivitySubscriptionId $inputObject = @( - '--name', ('vnetPeeringVwanDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-vnetPeeringVwanDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json', '--location', 'chinaeast2', '--template-file', "infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" @@ -81,10 +82,15 @@ $ConnectivitySubscriptionId = "[your Landing Zone subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId -New-AzDeployment ` - -TemplateFile infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json ` - -Location 'eastus' +$inputObject = @{ + DeploymentName = 'alz-VnetPeeringWanDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + TemplateParameterFile = 'infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json' + Location = 'eastus' + TemplateFile = "infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" +} + +New-AzDeployment @inputObject + ``` OR ```powershell @@ -94,10 +100,14 @@ $ConnectivitySubscriptionId = "[your Landing Zone subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId -New-AzDeployment ` - -TemplateFile infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json ` - -Location 'chinaeast2' +$inputObject = @{ + DeploymentName = 'alz-VnetPeeringWanDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + TemplateParameterFile = 'infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json' + Location = 'chinaeast2' + TemplateFile = "infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" +} + +New-AzDeployment @inputObject ``` ## Example Output in Azure global regions diff --git a/infra-as-code/bicep/modules/vwanConnectivity/README.md b/infra-as-code/bicep/modules/vwanConnectivity/README.md index f5b60918e..6b6a3cf0c 100644 --- a/infra-as-code/bicep/modules/vwanConnectivity/README.md +++ b/infra-as-code/bicep/modules/vwanConnectivity/README.md @@ -81,19 +81,31 @@ In this example, the resources required for Virtual WAN connectivity will be dep > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions # Set Platform connectivity subscription ID as the the current subscription ConnectivitySubscriptionId="[your platform connectivity subscription ID]" az account set --subscription $ConnectivitySubscriptionId -az group create --location eastus \ - --name alz-vwan-eastus +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +TopLevelMGPrefix="alz" -az deployment group create \ - --resource-group alz-vwan-eastus \ - --template-file infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep \ - --parameters @infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json +ResourceGroupName="rg-$TopLevelMGPrefix-vwan-001" + +# Create Resource Group - optional when using an existing resource group +az group create \ + --name $ResourceGroupName \ + --location eastus + + $inputObject = @( + '--name', ('alz-vwanConnectivityDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--resource-group', $ResourceGroupName, + '--parameters', '@infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json', + '--template-file', "infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep" +) + +az deployment group create @inputObject ``` OR ```bash @@ -102,6 +114,25 @@ OR ConnectivitySubscriptionId="[your platform connectivity subscription ID]" az account set --subscription $ConnectivitySubscriptionId +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +TopLevelMGPrefix="alz" + +ResourceGroupName="rg-$TopLevelMGPrefix-vwan-001" + +# Create Resource Group - optional when using an existing resource group +az group create \ + --name $ResourceGroupName \ + --location chinaeast2 + + $inputObject = @( + '--name', ('alz-vwanConnectivityDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--resource-group', $ResourceGroupName, + '--parameters', '@infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json', + '--template-file', "infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep" +) + +az deployment group create @inputObject + az group create --location chinaeast2 \ --name alz-vwan-chinaeast2 @@ -120,13 +151,24 @@ $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId -New-AzResourceGroup -Name 'alz-vwan-eastus' ` +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +$TopLevelMGPrefix = "alz" + +$ResourceGroupName = "rg-$TopLevelMGPrefix-vwan-001" + +# Parameters necessary for deployment +$inputObject = @{ + DeploymentName = 'alz-vwanConnectivityDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ResourceGroupName = $ResourceGroupName + TemplateParameterFile = "infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json" + TemplateFile = "infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep" +} + + +New-AzResourceGroup -Name $ResourceGroupName ` -Location 'EastUs' -New-AzResourceGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json ` - -ResourceGroupName 'alz-vwan-eastus' +New-AzResourceGroupDeployment @inputObject ``` OR ```powershell @@ -136,14 +178,24 @@ $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId -New-AzResourceGroup -Name 'alz-vwan-chinaeast2' ` +# Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. +$TopLevelMGPrefix = "alz" + +$ResourceGroupName = "rg-$TopLevelMGPrefix-vwan-001" + +# Parameters necessary for deployment +$inputObject = @{ + DeploymentName = 'alz-vwanConnectivityDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + ResourceGroupName = $ResourceGroupName + TemplateParameterFile = "infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json" + TemplateFile = "infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep" +} + +New-AzResourceGroup -Name $ResourceGroupName ` -Location 'chinaeast2' -New-AzResourceGroupDeployment ` - -TemplateFile infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep ` - -TemplateParameterFile infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json ` - -ResourceGroupName 'alz-vwan-chinaeast2' -``` +New-AzResourceGroupDeployment @inputObject + ``` ## Example Output in Azure global regions ![Example Deployment Output](media/exampleDeploymentOutputConnectivity.png "Example Deployment Output in Azure global regions") diff --git a/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md b/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md index c6df35c50..c69aad017 100644 --- a/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md +++ b/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md @@ -61,11 +61,12 @@ In this example, the spoke resources will be deployed to the resource group spec > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions $inputObject = @( - '--name', ('HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json', '--location', 'EastUS', '--management-group-id', 'alz', @@ -79,7 +80,7 @@ OR # For Azure China regions $inputObject = @( - '--name', ('HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json', '--location', 'chinaeast2', '--management-group-id', 'alz', @@ -95,7 +96,7 @@ az deployment mg create @inputObject # For Azure global regions $inputObject = @{ - DeploymentName = 'HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'EastUS' TemplateParameterFile = 'infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json' @@ -109,7 +110,7 @@ OR # For Azure China regions $inputObject = @{ - DeploymentName = 'HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'chinaeast2' TemplateParameterFile = 'infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json' diff --git a/infra-as-code/bicep/orchestration/subPlacementAll/README.md b/infra-as-code/bicep/orchestration/subPlacementAll/README.md index 46c5a69d7..336b863c1 100644 --- a/infra-as-code/bicep/orchestration/subPlacementAll/README.md +++ b/infra-as-code/bicep/orchestration/subPlacementAll/README.md @@ -91,12 +91,13 @@ This however may be done as part of another process, for example upon Subscripti > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI +**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions $inputObject = @( - '--name', ('SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json', '--location', 'EastUS', '--management-group-id', 'alz', @@ -112,7 +113,7 @@ OR # For Azure China regions $inputObject = @( - '--name', ('SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), + '--name', ('alz-SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), '--parameters', '@infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json', '--location', 'chinaeast2', '--management-group-id', 'alz', @@ -128,7 +129,7 @@ az deployment mg create @inputObject # For Azure global regions $inputObject = @{ - DeploymentName = 'SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'EastUS' TemplateParameterFile = 'infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json' @@ -144,7 +145,7 @@ OR # For Azure China regions $inputObject = @{ - DeploymentName = 'SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) + DeploymentName = 'alz-SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) ManagementGroupId = 'alz' Location = 'chinaeast2' TemplateParameterFile = 'infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json' From 537de52cf34389a7ed6db0723ab5d914e041efbe Mon Sep 17 00:00:00 2001 From: JamJarchitect Date: Wed, 5 Oct 2022 16:55:48 +0100 Subject: [PATCH 11/19] formatting bash - one module test --- .../modules/customRoleDefinitions/README.md | 40 +++++++++++-------- 1 file changed, 24 insertions(+), 16 deletions(-) diff --git a/infra-as-code/bicep/modules/customRoleDefinitions/README.md b/infra-as-code/bicep/modules/customRoleDefinitions/README.md index b84b61e56..ffa2b621b 100644 --- a/infra-as-code/bicep/modules/customRoleDefinitions/README.md +++ b/infra-as-code/bicep/modules/customRoleDefinitions/README.md @@ -52,27 +52,35 @@ Input parameter file `parameters/customRoleDefinitions.parameters.all.json` defi ```bash # For Azure global regions -$inputObject = @( - '--name', ('alz-CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json', - '--location', 'eastus', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/modules/customRoleDefinitions/customRoleDefinitions.bicep" -) -az deployment mg create @inputObject +# Management Group ID +MGID="alz" + +# Chosen Azure Region +LOCATION="eastus" + +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-CustomRoleDefsDeployment-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/customRoleDefinitions/customRoleDefinitions.bicep" + +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` OR ```bash # For Azure China regions -$inputObject = @( - '--name', ('alz-CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json', - '--location', 'chinaeast2', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/modules/customRoleDefinitions/mc-customRoleDefinitions.bicep" -) -az deployment mg create @inputObject +# Management Group ID +MGID="alz" + +# Chosen Azure Region +LOCATION="chinaeast2" + +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-CustomRoleDefsDeployment-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/customRoleDefinitions/mc-customRoleDefinitions.bicep" + +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` ### PowerShell From c5e79b7f0caf9e9ecc3991688519d90d683ed0a4 Mon Sep 17 00:00:00 2001 From: JamJarchitect Date: Wed, 5 Oct 2022 16:57:47 +0100 Subject: [PATCH 12/19] remove warning from test module --- infra-as-code/bicep/modules/customRoleDefinitions/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/infra-as-code/bicep/modules/customRoleDefinitions/README.md b/infra-as-code/bicep/modules/customRoleDefinitions/README.md index ffa2b621b..226bc7efa 100644 --- a/infra-as-code/bicep/modules/customRoleDefinitions/README.md +++ b/infra-as-code/bicep/modules/customRoleDefinitions/README.md @@ -47,7 +47,6 @@ Input parameter file `parameters/customRoleDefinitions.parameters.all.json` defi > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions From 6d699199d46ffcdf505e79e657f35a41a46191a6 Mon Sep 17 00:00:00 2001 From: JamJarchitect Date: Wed, 5 Oct 2022 18:26:20 +0100 Subject: [PATCH 13/19] bash changes --- .../bicep/modules/hubNetworking/README.md | 35 ++++++------ infra-as-code/bicep/modules/logging/README.md | 38 ++++++------- .../bicep/modules/managementGroups/README.md | 28 +++++----- .../modules/policy/assignments/README.md | 54 ++++++++++++------- .../bicep/modules/privateDnsZones/README.md | 44 ++++++--------- .../bicep/modules/roleAssignments/README.md | 31 +++++------ .../bicep/modules/spokeNetworking/README.md | 36 ++++++------- .../modules/subscriptionPlacement/README.md | 32 +++++------ .../bicep/modules/vnetPeering/README.md | 35 +++++------- .../bicep/modules/vnetPeeringVwan/README.md | 28 +++++----- .../bicep/modules/vwanConnectivity/README.md | 42 +++++---------- 11 files changed, 183 insertions(+), 220 deletions(-) diff --git a/infra-as-code/bicep/modules/hubNetworking/README.md b/infra-as-code/bicep/modules/hubNetworking/README.md index 1218cc447..e29fce808 100644 --- a/infra-as-code/bicep/modules/hubNetworking/README.md +++ b/infra-as-code/bicep/modules/hubNetworking/README.md @@ -89,9 +89,9 @@ There are two different sets of input parameters; one for deploying to Azure glo > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions + # Set Platform connectivity subscription ID as the the current subscription ConnectivitySubscriptionId="[your platform connectivity subscription ID]" @@ -100,43 +100,40 @@ az account set --subscription $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -ResourceGroupName="rg-$TopLevelMGPrefix-hub-networking-001" - - $inputObject = @( - '--name', ('alz-HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--resource-group', $ResourceGroupName, - '--parameters', '@infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json', - '--template-file', "infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" -) +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-HubNetworkingDeploy-${dateYMD}" +GROUP="rg-$TopLevelMGPrefix-hub-networking-001" +PARAMETERS="@infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" az group create --location eastus \ --name $ResourceGroupName -az deployment group create @inputObject +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` OR ```bash # For Azure China regions + + # Set Platform connectivity subscription ID as the the current subscription ConnectivitySubscriptionId="[your platform connectivity subscription ID]" + az account set --subscription $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -ResourceGroupName="rg-$TopLevelMGPrefix-hub-networking-001" - - $inputObject = @( - '--name', ('alz-HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--resource-group', $ResourceGroupName, - '--parameters', '@infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json', - '--template-file', "infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" -) +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-HubNetworkingDeploy-${dateYMD}" +GROUP="rg-$TopLevelMGPrefix-hub-networking-001" +PARAMETERS="@infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" az group create --location chinaeast2 \ --name $ResourceGroupName -az deployment group create @inputObject +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` ### PowerShell diff --git a/infra-as-code/bicep/modules/logging/README.md b/infra-as-code/bicep/modules/logging/README.md index 6ec108beb..78c2b29d4 100644 --- a/infra-as-code/bicep/modules/logging/README.md +++ b/infra-as-code/bicep/modules/logging/README.md @@ -66,7 +66,7 @@ There are separate input parameters files depending on which Azure cloud you are > If the deployment failed due an error that your alz-log-analytics/Automation resource of type 'Microsoft.OperationalInsights/workspaces/linkedServices' was not found, please retry the deployment step and it would succeed. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** + ```bash # For Azure Global regions # Set Platform management subscripion ID as the the current subscription @@ -76,22 +76,20 @@ az account set --subscription $ManagementSubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -ResourceGroupName="rg-$TopLevelMGPrefix-logging-001" +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +GROUP="rg-$TopLevelMGPrefix-logging-001" +NAME="alz-loggingDeployment-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/logging/logging.bicep" + # Create Resource Group - optional when using an existing resource group az group create \ - --name $ResourceGroupName \ + --name $GROUP \ --location eastus - $inputObject = @( - '--name', ('alz-LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--resource-group', $ResourceGroupName, - '--parameters', '@infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json', - '--template-file', "infra-as-code/bicep/modules/logging/logging.bicep" -) - # Deploy Module -az deployment group create @inputObject +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` OR ```bash @@ -103,22 +101,20 @@ az account set --subscription $ManagementSubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -ResourceGroupName="rg-$TopLevelMGPrefix-logging-001" +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +GROUP="rg-$TopLevelMGPrefix-logging-001" +NAME="alz-loggingDeployment-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/logging/parameters/mc-logging.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/logging/logging.bicep" + # Create Resource Group - optional when using an existing resource group az group create \ - --name $ResourceGroupName \ + --name $GROUP \ --location chinaeast2 - $inputObject = @( - '--name', 'alz-LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]), - '--resource-group', $ResourceGroupName, - '--parameters', '@infra-as-code/bicep/modules/logging/parameters/mc-logging.parameters.all.json', - '--template-file', "infra-as-code/bicep/modules/logging/logging.bicep" -) - # Deploy Module -az deployment group create @inputObject +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` ### PowerShell diff --git a/infra-as-code/bicep/modules/managementGroups/README.md b/infra-as-code/bicep/modules/managementGroups/README.md index 033bc32cb..f6ded4a77 100644 --- a/infra-as-code/bicep/modules/managementGroups/README.md +++ b/infra-as-code/bicep/modules/managementGroups/README.md @@ -118,31 +118,29 @@ In this example, the management groups are created at the `Tenant Root Group` th > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** + ```bash # For Azure global regions -$inputObject = @( - '--name', ('alz-MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json', - '--location', 'eastus', - '--template-file', "infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" -) +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-MGDeployment-${dateYMD}" +LOCATION="eastus" +PARAMETERS="@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" -az deployment tenant create @inputObject +az deployment tenant create --name ${NAME:0:63} --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` OR ```bash # For Azure China regions -$inputObject = @( - '--name', ('alz-MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json', - '--location', 'chinaeast2', - '--template-file', "infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" -) +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-MGDeployment-${dateYMD}" +LOCATION="chinaeast2" +PARAMETERS="@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" -az deployment tenant create @inputObject +az deployment tenant create --name ${NAME:0:63} --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` ### PowerShell diff --git a/infra-as-code/bicep/modules/policy/assignments/README.md b/infra-as-code/bicep/modules/policy/assignments/README.md index c582325d2..7df0b40f5 100644 --- a/infra-as-code/bicep/modules/policy/assignments/README.md +++ b/infra-as-code/bicep/modules/policy/assignments/README.md @@ -49,27 +49,29 @@ In this example, the `Deny-PublicIP` custom policy definition will be deployed/a ```bash # For Azure global regions -$inputObject = @( - '--name', ('alz-PolicyDenyAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json', - '--location', 'eastus', - '--management-group-id', 'alz-landingzones', - '--template-file', "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" -) -az deployment mg create @inputObject +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-alz-PolicyDenyAssignmentsDeployment-${dateYMD}" + +PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json" +LOCATION="eastus" +MGID="alz-landingzones" +TEMPLATEFILE="infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" + +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` OR ```bash # For Azure China regions -$inputObject = @( - '--name', ('alz-PolicyDenyAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json', - '--location', 'chinaeast2', - '--management-group-id', 'alz-landingzones', - '--template-file', "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" -) -az deployment mg create @inputObject +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-alz-PolicyDenyAssignmentsDeployment-${dateYMD}" + +PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.deny.parameters.all.json" +LOCATION="chinaeast2" +MGID="alz-landingzones" +TEMPLATEFILE="infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" + +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` #### PowerShell - Deny @@ -117,6 +119,13 @@ In this example, the `Deploy-MDFC-Config` custom policy definition will be deplo ```bash # For Azure global regions +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-PolicyDineAssignments-${dateYMD}" +MGID="alz-landingzones" +LOCATION="eastus" +PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" + $inputObject = @( --name = 'alz-PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) --management-group-id = 'alz-landingzones' @@ -125,21 +134,28 @@ $inputObject = @( --template-file = "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" ) -az deployment mg create @inputObject +az deployment mg create --name $NAME --management-group-id $MGID --location $LOCATION --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` OR ```bash # For Azure China regions +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-PolicyDineAssignments-${dateYMD}" +MGID="alz-landingzones" +LOCATION="eastus" +PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" + $inputObject = @( --name = 'alz-PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) --management-group-id = 'alz-landingzones' --location = 'chinaeast2' - --parameters = '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json' + --parameters = '@infra-as-code/bicep/modules/policy/assignments/parameters/mc-policyAssignmentManagementGroup.dine.parameters.all.json' --template-file = "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" ) -az deployment mg create @inputObject +az deployment mg create --name $NAME --management-group-id $MGID --location $LOCATION --parameters $PARAMETERS --template-file $TEMPLATEFILEect ``` #### PowerShell - DINE diff --git a/infra-as-code/bicep/modules/privateDnsZones/README.md b/infra-as-code/bicep/modules/privateDnsZones/README.md index 39fc9ee8f..ea7f3a006 100644 --- a/infra-as-code/bicep/modules/privateDnsZones/README.md +++ b/infra-as-code/bicep/modules/privateDnsZones/README.md @@ -76,7 +76,7 @@ There are two different sets of input parameters; one for deploying to Azure glo > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** + ```bash # For Azure global regions # Set Platform connectivity subscription ID as the the current subscription @@ -86,23 +86,16 @@ az account set --subscription $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -ResourceGroupName="rg-$TopLevelMGPrefix-private-dns-001" +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-PrivateDnsZonesDeployment-${dateYMD}" +RESOURCEGROUP="rg-$TopLevelMGPrefix-private-dns-001" +PARAMETERS="@infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep" az group create --location eastus \ - --name Hub_$ResourceGroupName - -$inputObject = @( - '--name', ('alz-PrivateDnsZonesDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--resource-group', $ResourceGroupName, - '--parameters', '@infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json', - '--template-file', "infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep", -) + --name Hub_$RESOURCEGROUP -az deployment group create @inputObject - -az deployment group create \ - --resource-group Hub_PrivateDNS_POC \ - --template-file infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep \ +az deployment group create --name ${NAME:0:63} --resource-group $RESOURCEGROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` OR ```bash @@ -114,19 +107,16 @@ az account set --subscription $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -ResourceGroupName="rg-$TopLevelMGPrefix-private-dns-001" +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-PrivateDnsZonesDeployment-${dateYMD}" +RESOURCEGROUP="rg-$TopLevelMGPrefix-private-dns-001" +PARAMETERS="@infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep" az group create --location chinaeast2 \ - --name Hub_$ResourceGroupName - -$inputObject = @( - '--name', ('alz-PrivateDnsZonesDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--resource-group', $ResourceGroupName, - '--parameters', '@infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json', - '--template-file', "infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep", -) + --name Hub_$RESOURCEGROUP -az deployment group create @inputObject +az deployment group create --name ${NAME:0:63} --resource-group $RESOURCEGROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` ### PowerShell @@ -143,8 +133,6 @@ $TopLevelMGPrefix = "alz" $ResourceGroupName = "rg-$TopLevelMGPrefix-private-dns-001" - - New-AzResourceGroup -Name $ResourceGroupName ` -Location 'eastus' @@ -156,9 +144,9 @@ $inputObject = @{ } New-AzResourceGroupDeployment @inputObject - ``` OR + ```powershell # For Azure China regions # Set Platform connectivity subscription ID as the the current subscription diff --git a/infra-as-code/bicep/modules/roleAssignments/README.md b/infra-as-code/bicep/modules/roleAssignments/README.md index 8a432374f..1a5d038b1 100644 --- a/infra-as-code/bicep/modules/roleAssignments/README.md +++ b/infra-as-code/bicep/modules/roleAssignments/README.md @@ -115,34 +115,31 @@ In this example, the built-in Reader role will be assigned to a Service Principa > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions -$inputObject = @( - '--name', ('alz-RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json', - '--location', 'eastus', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep" -) +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-RoleAssignmentsDeployment-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json" +LOCATION="eastus" +MGID="alz" +TEMPLATEFILE="infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep" -az deployment mg create @inputObject +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` OR ```bash # For Azure China regions -$inputObject = @( - '--name', ('alz-RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json', - '--location', 'chinaeast2', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep" -) +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-RoleAssignmentsDeployment-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json" +LOCATION="chinaeast2" +MGID="alz" +TEMPLATEFILE="infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep" -az deployment mg create @inputObject +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` ### PowerShell diff --git a/infra-as-code/bicep/modules/spokeNetworking/README.md b/infra-as-code/bicep/modules/spokeNetworking/README.md index 8f7e8f191..10aace081 100644 --- a/infra-as-code/bicep/modules/spokeNetworking/README.md +++ b/infra-as-code/bicep/modules/spokeNetworking/README.md @@ -63,7 +63,7 @@ In this example, the spoke resources will be deployed to the resource group spec > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** + ```bash # For Azure global regions # Set Azure Landing zone subscription ID as the the current subscription @@ -74,21 +74,18 @@ az account set --subscription $LandingZoneSubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -ResourceGroupName="rg-$TopLevelMGPrefix-spoke-networking-001" +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-SpokeNetworkingDeployment-${dateYMD}" +GROUP="rg-$TopLevelMGPrefix-spoke-networking-001" +PARAMETERS="@infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" # Create Resource Group - optional when using an existing resource group az group create \ - --name $ResourceGroupName \ + --name $GROUP \ --location eastus - $inputObject = @( - '--name', ('alz-SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--resource-group', $ResourceGroupName, - '--parameters', '@infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json', - '--template-file', "infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" -) - -az deployment group create @inputObject +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` OR ```bash @@ -101,21 +98,18 @@ az account set --subscription $LandingZoneSubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -ResourceGroupName="rg-$TopLevelMGPrefix-spoke-networking-001" +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-SpokeNetworkingDeployment-${dateYMD}" +GROUP="rg-$TopLevelMGPrefix-spoke-networking-001" +PARAMETERS="@infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" # Create Resource Group - optional when using an existing resource group az group create \ - --name $ResourceGroupName \ + --name $GROUP \ --location chinaeast2 - $inputObject = @( - '--name', ('alz-SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--resource-group', $ResourceGroupName, - '--parameters', '@infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json', - '--template-file', "infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" -) - -az deployment group create @inputObject +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` ### PowerShell diff --git a/infra-as-code/bicep/modules/subscriptionPlacement/README.md b/infra-as-code/bicep/modules/subscriptionPlacement/README.md index 62c058029..b47689080 100644 --- a/infra-as-code/bicep/modules/subscriptionPlacement/README.md +++ b/infra-as-code/bicep/modules/subscriptionPlacement/README.md @@ -28,27 +28,27 @@ In this example, the subscriptions `34b63c8f-1782-42e6-8fb9-ba6ee8b99735` and `4 ```bash # For Azure global regions -$inputObject = @( - '--name', ('alz-SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json', - '--location', 'eastus', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" -) -az deployment mg create @inputObject +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-SubscriptionPlacementDeployment-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json" +LOCATION="eastus" +MGID="alz" +TEMPLATEFILE="infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" + +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` OR ```bash # For Azure China regions -$inputObject = @( - '--name', ('alz-SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json', - '--location', 'chinaeast2', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" -) -az deployment mg create @inputObject +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-SubscriptionPlacementDeployment-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json" +LOCATION="chinaeast2" +MGID="alz" +TEMPLATEFILE="infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" + +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` ### PowerShell diff --git a/infra-as-code/bicep/modules/vnetPeering/README.md b/infra-as-code/bicep/modules/vnetPeering/README.md index e59e32cc0..d7cef04bb 100644 --- a/infra-as-code/bicep/modules/vnetPeering/README.md +++ b/infra-as-code/bicep/modules/vnetPeering/README.md @@ -60,22 +60,18 @@ az account set --subscription $LandingZoneSubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -ResourceGroupName="rg-$TopLevelMGPrefix-vnet-peering-001" +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-vnetPeeringDeploy-${dateYMD}" +GROUP="rg-$TopLevelMGPrefix-vnet-peering-001" +PARAMETERS="@infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" # Create Resource Group - optional when using an existing resource group az group create \ - --name $ResourceGroupName \ + --name $GROUP \ --location eastus - $inputObject = @( - '--name', ('alz-vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--resource-group', $ResourceGroupName, - '--parameters', '@infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json', - '--template-file', "infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" -) - - -az deployment group create @inputObject +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` OR ```bash @@ -87,21 +83,18 @@ az account set --subscription $LandingZoneSubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -ResourceGroupName="rg-$TopLevelMGPrefix-logging-001" +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-vnetPeeringDeploy-${dateYMD}" +GROUP="rg-$TopLevelMGPrefix-vnet-peering-001" +PARAMETERS="@infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" # Create Resource Group - optional when using an existing resource group az group create \ - --name $ResourceGroupName \ + --name $GROUP \ --location chinaeast2 - $inputObject = @( - '--name', ('alz-vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--resource-group', $ResourceGroupName, - '--parameters', '@infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json', - '--template-file', "infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" -) - -az deployment group create @inputObject +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` ### PowerShell diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md index d43b2ef4f..4fe5321a4 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md @@ -38,7 +38,7 @@ In this example, the remote spoke Vnet will be peered with the Vwan Virtual Hub > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** + ```bash # For Azure global regions # Set your Corp Connected Landing Zone subscription ID as the the current subscription @@ -46,14 +46,13 @@ $ConnectivitySubscriptionId="[your Landing Zone subscription ID]" az account set --subscription $ConnectivitySubscriptionId -$inputObject = @( - '--name', ('alz-vnetPeeringVwanDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json', - '--location', 'eastus', - '--template-file', "infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" -) +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-vnetPeeringVwanDeployment-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json" +LOCATION="eastus" +TEMPLATEFILE="infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" -az deployment sub create @inputObject +az deployment sub create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --template-file $TEMPLATEFILE ``` OR ```bash @@ -63,14 +62,13 @@ $ConnectivitySubscriptionId="[your Landing Zone subscription ID]" az account set --subscription $ConnectivitySubscriptionId -$inputObject = @( - '--name', ('alz-vnetPeeringVwanDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json', - '--location', 'chinaeast2', - '--template-file', "infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" -) +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-vnetPeeringVwanDeployment-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json" +LOCATION="chinaeast2" +TEMPLATEFILE="infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" -az deployment sub create @inputObject +az deployment sub create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --template-file $TEMPLATEFILE ``` ### PowerShell diff --git a/infra-as-code/bicep/modules/vwanConnectivity/README.md b/infra-as-code/bicep/modules/vwanConnectivity/README.md index 6b6a3cf0c..60e0da792 100644 --- a/infra-as-code/bicep/modules/vwanConnectivity/README.md +++ b/infra-as-code/bicep/modules/vwanConnectivity/README.md @@ -91,21 +91,18 @@ az account set --subscription $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -ResourceGroupName="rg-$TopLevelMGPrefix-vwan-001" +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-vwanConnectivityDeploy-${dateYMD}" +GROUP="rg-$TopLevelMGPrefix-vwan-001" +PARAMETERS="@infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep" # Create Resource Group - optional when using an existing resource group az group create \ - --name $ResourceGroupName \ + --name $GROUP \ --location eastus - $inputObject = @( - '--name', ('alz-vwanConnectivityDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--resource-group', $ResourceGroupName, - '--parameters', '@infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json', - '--template-file', "infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep" -) - -az deployment group create @inputObject +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` OR ```bash @@ -117,29 +114,18 @@ az account set --subscription $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. TopLevelMGPrefix="alz" -ResourceGroupName="rg-$TopLevelMGPrefix-vwan-001" +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-vwanConnectivityDeploy-${dateYMD}" +GROUP="rg-$TopLevelMGPrefix-vwan-001" +PARAMETERS="@infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep" # Create Resource Group - optional when using an existing resource group az group create \ - --name $ResourceGroupName \ + --name $GROUP \ --location chinaeast2 - $inputObject = @( - '--name', ('alz-vwanConnectivityDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--resource-group', $ResourceGroupName, - '--parameters', '@infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json', - '--template-file', "infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep" -) - -az deployment group create @inputObject - -az group create --location chinaeast2 \ - --name alz-vwan-chinaeast2 - -az deployment group create \ - --resource-group alz-vwan-chinaeast2 \ - --template-file infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep \ - --parameters @infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` ### PowerShell From fc7f31ab98ead2be59ed686918b6bb1954e9b884 Mon Sep 17 00:00:00 2001 From: JamJarchitect Date: Thu, 6 Oct 2022 10:29:00 +0100 Subject: [PATCH 14/19] whitespaces --- .../bicep/modules/hubNetworking/README.md | 14 +++++++------- infra-as-code/bicep/modules/logging/README.md | 16 ++++++++-------- .../policy/assignments/alzDefaults/README.md | 2 +- .../bicep/modules/privateDnsZones/README.md | 10 +++++----- .../bicep/modules/spokeNetworking/README.md | 12 ++++++------ .../bicep/modules/vnetPeering/README.md | 10 +++++----- .../bicep/modules/vnetPeeringVwan/README.md | 8 ++++---- .../bicep/modules/vwanConnectivity/README.md | 12 ++++++------ .../bicep/orchestration/hubPeeredSpoke/README.md | 4 ++-- 9 files changed, 44 insertions(+), 44 deletions(-) diff --git a/infra-as-code/bicep/modules/hubNetworking/README.md b/infra-as-code/bicep/modules/hubNetworking/README.md index e29fce808..682846a57 100644 --- a/infra-as-code/bicep/modules/hubNetworking/README.md +++ b/infra-as-code/bicep/modules/hubNetworking/README.md @@ -1,6 +1,6 @@ # Module: Hub-Networking -This module defines hub networking based on the recommendations from the Azure Landing Zone Conceptual Architecture. +This module defines hub networking based on the recommendations from the Azure Landing Zone Conceptual Architecture. Module deploys the following resources: @@ -92,7 +92,7 @@ There are two different sets of input parameters; one for deploying to Azure glo ```bash # For Azure global regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription ConnectivitySubscriptionId="[your platform connectivity subscription ID]" az account set --subscription $ConnectivitySubscriptionId @@ -116,7 +116,7 @@ OR # For Azure China regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription ConnectivitySubscriptionId="[your platform connectivity subscription ID]" az account set --subscription $ConnectivitySubscriptionId @@ -140,12 +140,12 @@ az deployment group create --name ${NAME:0:63} --resource-group $GROUP --paramet ```powershell # For Azure global regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId -# Set Platform management subscripion ID as the the current subscription +# Set Platform management subscripion ID as the the current subscription $ManagementSubscriptionId = "[your platform management subscription ID]" # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. @@ -163,13 +163,13 @@ $inputObject = @{ New-AzResourceGroup -Name $ResourceGroupName ` -Location 'eastus' - + New-AzResourceGroupDeployment @inputObject ``` OR ```powershell # For Azure China regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId diff --git a/infra-as-code/bicep/modules/logging/README.md b/infra-as-code/bicep/modules/logging/README.md index 78c2b29d4..ad0941a5f 100644 --- a/infra-as-code/bicep/modules/logging/README.md +++ b/infra-as-code/bicep/modules/logging/README.md @@ -68,8 +68,8 @@ There are separate input parameters files depending on which Azure cloud you are ### Azure CLI ```bash -# For Azure Global regions -# Set Platform management subscripion ID as the the current subscription +# For Azure Global regions +# Set Platform management subscripion ID as the the current subscription ManagementSubscriptionId="[your platform management subscription ID]" az account set --subscription $ManagementSubscriptionId @@ -88,13 +88,13 @@ az group create \ --name $GROUP \ --location eastus -# Deploy Module +# Deploy Module az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` OR ```bash -# For Azure China regions -# Set Platform management subscripion ID as the the current subscription +# For Azure China regions +# Set Platform management subscripion ID as the the current subscription ManagementSubscriptionId="[your platform management subscription ID]" az account set --subscription $ManagementSubscriptionId @@ -113,7 +113,7 @@ az group create \ --name $GROUP \ --location chinaeast2 -# Deploy Module +# Deploy Module az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` @@ -121,7 +121,7 @@ az deployment group create --name ${NAME:0:63} --resource-group $GROUP --paramet ```powershell # For Azure Global regions -# Set Platform management subscripion ID as the the current subscription +# Set Platform management subscripion ID as the the current subscription $ManagementSubscriptionId = "[your platform management subscription ID]" # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. @@ -149,7 +149,7 @@ New-AzResourceGroupDeployment @inputObject OR ```powershell # For Azure China regions -# Set Platform management subscripion ID as the the current subscription +# Set Platform management subscripion ID as the the current subscription $ManagementSubscriptionId = "[your platform management subscription ID]" # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. diff --git a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md index 72bfe8214..5d3ba231a 100644 --- a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md +++ b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md @@ -30,7 +30,7 @@ The module does not generate any outputs. > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. > **Important:** If you decide to not use a DDoS Standard plan in your environment and therefore leave the parameter `parDdosProtectionPlanId` as an empty string (`''`) then the policy Enable-DDoS-VNET will not be assigned at connectivity or landing zone Management Groups to avoid VNET deployment issues. For deployment in Azure China, leave the parameter `parDdosProtectionPlanId` as an empty string (`''`) because the DDoS Protection feature is not available in Azure China. -> +> > However, if you later do decide to deploy an DDoS Standard Plan, you will need to remember to come back and update the parameter `parDdosProtectionPlanId` with the resource ID of the DDoS Standard Plan to ensure the policy is applied to the relevant Management Groups. You can then use a policy [remediation task](https://docs.microsoft.com/azure/governance/policy/how-to/remediate-resources) to bring all non-compliant VNETs back into compliance, once a [compliance scan](https://docs.microsoft.com/azure/governance/policy/how-to/get-compliance-data#evaluation-triggers) has taken place. diff --git a/infra-as-code/bicep/modules/privateDnsZones/README.md b/infra-as-code/bicep/modules/privateDnsZones/README.md index ea7f3a006..2e8a63aee 100644 --- a/infra-as-code/bicep/modules/privateDnsZones/README.md +++ b/infra-as-code/bicep/modules/privateDnsZones/README.md @@ -1,6 +1,6 @@ # Module: Private DNS Zones -This module deploys Private DNS Zones used for Private Link based on the recommendations from the Azure Landing Zone Conceptual Architecture. +This module deploys Private DNS Zones used for Private Link based on the recommendations from the Azure Landing Zone Conceptual Architecture. Module deploys the following resources: @@ -79,7 +79,7 @@ There are two different sets of input parameters; one for deploying to Azure glo ```bash # For Azure global regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription ConnectivitySubscriptionId="[your platform connectivity subscription ID]" az account set --subscription $ConnectivitySubscriptionId @@ -100,7 +100,7 @@ az deployment group create --name ${NAME:0:63} --resource-group $RESOURCEGROUP - OR ```bash # For Azure China regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription ConnectivitySubscriptionId="[your platform connectivity subscription ID]" az account set --subscription $ConnectivitySubscriptionId @@ -123,7 +123,7 @@ az deployment group create --name ${NAME:0:63} --resource-group $RESOURCEGROUP - ```powershell # For Azure global regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId @@ -149,7 +149,7 @@ OR ```powershell # For Azure China regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId diff --git a/infra-as-code/bicep/modules/spokeNetworking/README.md b/infra-as-code/bicep/modules/spokeNetworking/README.md index 10aace081..71966a700 100644 --- a/infra-as-code/bicep/modules/spokeNetworking/README.md +++ b/infra-as-code/bicep/modules/spokeNetworking/README.md @@ -66,7 +66,7 @@ In this example, the spoke resources will be deployed to the resource group spec ```bash # For Azure global regions -# Set Azure Landing zone subscription ID as the the current subscription +# Set Azure Landing zone subscription ID as the the current subscription LandingZoneSubscriptionId="[your landing zone subscription ID]" az account set --subscription $LandingZoneSubscriptionId @@ -90,7 +90,7 @@ az deployment group create --name ${NAME:0:63} --resource-group $GROUP --paramet OR ```bash # For Azure China regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription LandingZoneSubscriptionId="[your landing zone subscription ID]" az account set --subscription $LandingZoneSubscriptionId @@ -116,7 +116,7 @@ az deployment group create --name ${NAME:0:63} --resource-group $GROUP --paramet ```powershell # For Azure global regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription $LandingZoneSubscriptionId = "[your landing zone subscription ID]" Select-AzSubscription -SubscriptionId $LandingZoneSubscriptionId @@ -136,13 +136,13 @@ $inputObject = @{ New-AzResourceGroup -Name $ResourceGroupName ` -Location 'eastus' - + New-AzResourceGroupDeployment @inputObject ``` OR ```powershell # For Azure China regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription $LandingZoneSubscriptionId = "[your landing zone subscription ID]" Select-AzSubscription -SubscriptionId $LandingZoneSubscriptionId @@ -162,7 +162,7 @@ $inputObject = @{ New-AzResourceGroup -Name $ResourceGroupName ` -Location 'chinaeast2' - + New-AzResourceGroupDeployment @inputObject ``` ## Example Output in Azure global regions diff --git a/infra-as-code/bicep/modules/vnetPeering/README.md b/infra-as-code/bicep/modules/vnetPeering/README.md index d7cef04bb..9794d9a68 100644 --- a/infra-as-code/bicep/modules/vnetPeering/README.md +++ b/infra-as-code/bicep/modules/vnetPeering/README.md @@ -1,6 +1,6 @@ # Module: VNet Peering -This module creates a virtual network peering connection between two virtual networks and is to be utilized by other modules. Module will need to be called twice to create the completed peering. Each time with a peering direction. This allows for peering between different subscriptions. +This module creates a virtual network peering connection between two virtual networks and is to be utilized by other modules. Module will need to be called twice to create the completed peering. Each time with a peering direction. This allows for peering between different subscriptions. **Peering Options Documentation:** @@ -53,7 +53,7 @@ During the deployment step, we will take parameters provided in the example para **NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions -# Set your Corp Connected Landing Zone subscription ID as the the current subscription +# Set your Corp Connected Landing Zone subscription ID as the the current subscription LandingZoneSubscriptionId="[your Landing Zone subscription ID]" az account set --subscription $LandingZoneSubscriptionId @@ -76,7 +76,7 @@ az deployment group create --name ${NAME:0:63} --resource-group $GROUP --paramet OR ```bash # For Azure China regions -# Set your Corp Connected Landing Zone subscription ID as the the current subscription +# Set your Corp Connected Landing Zone subscription ID as the the current subscription LandingZoneSubscriptionId="[your Landing Zone subscription ID]" az account set --subscription $LandingZoneSubscriptionId @@ -101,7 +101,7 @@ az deployment group create --name ${NAME:0:63} --resource-group $GROUP --paramet ```powershell # For Azure global regions -# Set your Corp Connected Landing Zone subscription ID as the the current subscription +# Set your Corp Connected Landing Zone subscription ID as the the current subscription $LandingZoneSubscriptionId = "[your Landing Zone subscription ID]" Select-AzSubscription -SubscriptionId $LandingZoneSubscriptionId @@ -129,7 +129,7 @@ New-AzResourceGroupDeployment @inputObject OR ```powershell # For Azure China regions -# Set your Corp Connected Landing Zone subscription ID as the the current subscription +# Set your Corp Connected Landing Zone subscription ID as the the current subscription $LandingZoneSubscriptionId = "[your Landing Zone subscription ID]" Select-AzSubscription -SubscriptionId $LandingZoneSubscriptionId diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md index 4fe5321a4..477351de3 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md @@ -41,7 +41,7 @@ In this example, the remote spoke Vnet will be peered with the Vwan Virtual Hub ```bash # For Azure global regions -# Set your Corp Connected Landing Zone subscription ID as the the current subscription +# Set your Corp Connected Landing Zone subscription ID as the the current subscription $ConnectivitySubscriptionId="[your Landing Zone subscription ID]" az account set --subscription $ConnectivitySubscriptionId @@ -57,7 +57,7 @@ az deployment sub create --name ${NAME:0:63} --parameters $PARAMETERS --location OR ```bash # For Azure China regions -# Set your Corp Connected Landing Zone subscription ID as the the current subscription +# Set your Corp Connected Landing Zone subscription ID as the the current subscription $ConnectivitySubscriptionId="[your Landing Zone subscription ID]" az account set --subscription $ConnectivitySubscriptionId @@ -75,7 +75,7 @@ az deployment sub create --name ${NAME:0:63} --parameters $PARAMETERS --location ```powershell # For Azure global regions -# Set your Corp Connected Landing Zone subscription ID as the the current subscription +# Set your Corp Connected Landing Zone subscription ID as the the current subscription $ConnectivitySubscriptionId = "[your Landing Zone subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId @@ -93,7 +93,7 @@ New-AzDeployment @inputObject OR ```powershell # For Azure China regions -# Set your Corp Connected Landing Zone subscription ID as the the current subscription +# Set your Corp Connected Landing Zone subscription ID as the the current subscription $ConnectivitySubscriptionId = "[your Landing Zone subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId diff --git a/infra-as-code/bicep/modules/vwanConnectivity/README.md b/infra-as-code/bicep/modules/vwanConnectivity/README.md index 60e0da792..bf67b4109 100644 --- a/infra-as-code/bicep/modules/vwanConnectivity/README.md +++ b/infra-as-code/bicep/modules/vwanConnectivity/README.md @@ -84,7 +84,7 @@ In this example, the resources required for Virtual WAN connectivity will be dep **NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription ConnectivitySubscriptionId="[your platform connectivity subscription ID]" az account set --subscription $ConnectivitySubscriptionId @@ -107,7 +107,7 @@ az deployment group create --name ${NAME:0:63} --resource-group $GROUP --paramet OR ```bash # For Azure China regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription ConnectivitySubscriptionId="[your platform connectivity subscription ID]" az account set --subscription $ConnectivitySubscriptionId @@ -132,7 +132,7 @@ az deployment group create --name ${NAME:0:63} --resource-group $GROUP --paramet ```powershell # For Azure global regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId @@ -153,13 +153,13 @@ $inputObject = @{ New-AzResourceGroup -Name $ResourceGroupName ` -Location 'EastUs' - + New-AzResourceGroupDeployment @inputObject ``` OR ```powershell # For Azure China regions -# Set Platform connectivity subscription ID as the the current subscription +# Set Platform connectivity subscription ID as the the current subscription $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId @@ -179,7 +179,7 @@ $inputObject = @{ New-AzResourceGroup -Name $ResourceGroupName ` -Location 'chinaeast2' - + New-AzResourceGroupDeployment @inputObject ``` ## Example Output in Azure global regions diff --git a/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md b/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md index c69aad017..3096513d0 100644 --- a/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md +++ b/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md @@ -15,7 +15,7 @@ Note that only one peering type can be created with this module, so either tradi > You can use this module to enable Landing Zones (aka Subscriptions) with platform resources, as defined above, and also place them into the correct location in the hierarchy to meet governance requirements. For example, you can also use this module to deploy the Identity Landing Zone Subscription's vNet and peer it back to the hub vNet. -> +> > You could also use it in a [loop](https://docs.microsoft.com/azure/azure-resource-manager/bicep/loops) to enable multiple Landing Zone Subscriptions at a time in a single deployment. @@ -39,7 +39,7 @@ The module requires the following inputs: | parNextHopIpAddress | string | Empty string `''` | IP Address where network traffic should route to | None | `192.168.50.4` | | parDisableBgpRoutePropagation | bool | false | Switch to enable BGP Route Propagation on VNet Route Table | None | false | | parSpokeToHubRouteTableName | string | 'rtb-spoke-to-hub' | Name of Route table to create for the default route of Hub | None | `rtb-spoke-to-hub` | - | parHubVirtualNetworkId | string | Empty string `''` | Virtual Network ID of Hub Virtual Network, or Azure Virtuel WAN hub ID | None | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/Hub_Networking_POC/providers/Microsoft.Network/virtualNetworks/alz-vnet-hub-northeurope` + | parHubVirtualNetworkId | string | Empty string `''` | Virtual Network ID of Hub Virtual Network, or Azure Virtuel WAN hub ID | None | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/Hub_Networking_POC/providers/Microsoft.Network/virtualNetworks/alz-vnet-hub-northeurope` | parAllowSpokeForwardedTraffic | bool | false | Switch to enable/disable forwarded Traffic from outside spoke network | None | false | | parAllowHubVpnGatewayTransit | bool | false | Switch to enable/disable VPN Gateway for the hub network peering | None | false | From ea1c4b4ea21ceb76cf1bc24fe2079d9f9386649d Mon Sep 17 00:00:00 2001 From: JamJarchitect Date: Mon, 10 Oct 2022 12:57:59 +0100 Subject: [PATCH 15/19] bash snippet changes --- .../bicep/CRML/containerRegistry/README.md | 9 ++++-- .../bicep/modules/managementGroups/README.md | 2 +- .../policy/assignments/alzDefaults/README.md | 31 ++++++++---------- .../modules/policy/definitions/README.md | 32 +++++++++---------- .../orchestration/hubPeeredSpoke/README.md | 26 +++++++++------ .../orchestration/subPlacementAll/README.md | 32 +++++++++---------- 6 files changed, 69 insertions(+), 63 deletions(-) diff --git a/infra-as-code/bicep/CRML/containerRegistry/README.md b/infra-as-code/bicep/CRML/containerRegistry/README.md index 5cbf6775b..699d9115b 100644 --- a/infra-as-code/bicep/CRML/containerRegistry/README.md +++ b/infra-as-code/bicep/CRML/containerRegistry/README.md @@ -34,9 +34,14 @@ We will take the default values and not pass any parameters. > For the below examples we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-ContainerRegistry-${dateYMD}" +RESOURCEGROUP="Bicep_ACR" +PARAMETERS="@infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep" + az group create --location eastus \ --name Bicep_ACR @@ -47,7 +52,7 @@ $inputObject = @( '--template-file', "infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep", ) -az deployment group create @inputObject +az deployment group create --name ${NAME:0:63} --resource-group $RESOURCEGROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` ### PowerShell diff --git a/infra-as-code/bicep/modules/managementGroups/README.md b/infra-as-code/bicep/modules/managementGroups/README.md index f6ded4a77..b6447e311 100644 --- a/infra-as-code/bicep/modules/managementGroups/README.md +++ b/infra-as-code/bicep/modules/managementGroups/README.md @@ -128,7 +128,7 @@ LOCATION="eastus" PARAMETERS="@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" -az deployment tenant create --name ${NAME:0:63} --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment tenant create --name ${NAME:0:63} --location $LOCATION --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` OR ```bash diff --git a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md index 5d3ba231a..03d02862f 100644 --- a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md +++ b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md @@ -35,33 +35,30 @@ The module does not generate any outputs. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions -$inputObject = @( - '--name', ('alz-alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json', - '--location', 'eastus', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/modules/policy/assignments/alzDefaults/alzDefaultPolicyAssignments.bicep" -) +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-alzPolicyAssignmentDefaults-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json" +LOCATION="eastus" +MGID="alz" +TEMPLATEFILE="infra-as-code/bicep/modules/policy/assignments/alzDefaults/alzDefaultPolicyAssignments.bicep" -az deployment mg create @inputObject +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` OR ```bash # For Azure China regions -$inputObject = @( - '--name', ('alz-alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json', - '--location', 'chinaeast2', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/modules/policy/assignments/alzDefaults/mc-alzDefaultPolicyAssignments.bicep" -) +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-alzPolicyAssignmentDefaults-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json" +LOCATION="chinaeast2" +MGID="alz" +TEMPLATEFILE="infra-as-code/bicep/modules/policy/assignments/alzDefaults/alzDefaultPolicyAssignments.bicep" -az deployment mg create @inputObject +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` ### PowerShell diff --git a/infra-as-code/bicep/modules/policy/definitions/README.md b/infra-as-code/bicep/modules/policy/definitions/README.md index 8a52d1905..427d51f17 100644 --- a/infra-as-code/bicep/modules/policy/definitions/README.md +++ b/infra-as-code/bicep/modules/policy/definitions/README.md @@ -47,27 +47,27 @@ The input parameter file `parameters/customPolicyDefinitions.parameters.all.json ```bash # For Azure global regions -$inputObject = @( - '--name', ('alz-PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json', - '--location', 'eastus', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/modules/policy/definitions/customPolicyDefinitions.bicep" -) -az deployment mg create @inputObject +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-PolicyDefsDefaults-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json" +LOCATION="eastus" +MGID="alz" +TEMPLATEFILE="infra-as-code/bicep/modules/policy/definitions/customPolicyDefinitions.bicep" + +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` OR ```bash # For Azure China regions -$inputObject = @( - '--name', ('alz-PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json', - '--location', 'chinaeast2', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/modules/policy/definitions/mc-customPolicyDefinitions.bicep" -) -az deployment mg create @inputObject +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-PolicyDefsDefaults-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json" +LOCATION="chinaeast2" +MGID="alz" +TEMPLATEFILE="infra-as-code/bicep/modules/policy/definitions/mc-customPolicyDefinitions.bicep" + +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` ### PowerShell diff --git a/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md b/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md index 3096513d0..eb65e6832 100644 --- a/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md +++ b/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md @@ -61,7 +61,7 @@ In this example, the spoke resources will be deployed to the resource group spec > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** + ```bash # For Azure global regions @@ -73,21 +73,27 @@ $inputObject = @( '--template-file', "infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" ) -az deployment mg create @inputObject +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-HubPeeredSpoke-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json" +LOCATION="eastus" +MGID="alz" +TEMPLATEFILE="infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" + +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` OR ```bash # For Azure China regions -$inputObject = @( - '--name', ('alz-HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json', - '--location', 'chinaeast2', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" -) +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-HubPeeredSpoke-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json" +LOCATION="chinaeast2" +MGID="alz" +TEMPLATEFILE="infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" -az deployment mg create @inputObject +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` ### PowerShell diff --git a/infra-as-code/bicep/orchestration/subPlacementAll/README.md b/infra-as-code/bicep/orchestration/subPlacementAll/README.md index 336b863c1..7537d4307 100644 --- a/infra-as-code/bicep/orchestration/subPlacementAll/README.md +++ b/infra-as-code/bicep/orchestration/subPlacementAll/README.md @@ -96,15 +96,14 @@ This however may be done as part of another process, for example upon Subscripti ```bash # For Azure global regions -$inputObject = @( - '--name', ('alz-SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json', - '--location', 'EastUS', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep" -) - -az deployment mg create @inputObject +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-SubPlacementAll-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json" +LOCATION="eastus" +MGID="alz" +TEMPLATEFILE="infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep" + +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` OR @@ -112,15 +111,14 @@ OR ```bash # For Azure China regions -$inputObject = @( - '--name', ('alz-SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json', - '--location', 'chinaeast2', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep" -) +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-SubPlacementAll-${dateYMD}" +PARAMETERS="@infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json" +LOCATION="chinaeast2" +MGID="alz" +TEMPLATEFILE="infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep" -az deployment mg create @inputObject +az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE ``` ### PowerShell From bfe1d5f5ea6705f86bb888cbcf1a81a4b1841d19 Mon Sep 17 00:00:00 2001 From: JamJarchitect Date: Mon, 10 Oct 2022 13:19:50 +0100 Subject: [PATCH 16/19] editorconfig --- .../bicep/CRML/containerRegistry/README.md | 20 +++++++++---------- .../policy/assignments/alzDefaults/README.md | 4 ++-- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/infra-as-code/bicep/CRML/containerRegistry/README.md b/infra-as-code/bicep/CRML/containerRegistry/README.md index 699d9115b..0ad62c728 100644 --- a/infra-as-code/bicep/CRML/containerRegistry/README.md +++ b/infra-as-code/bicep/CRML/containerRegistry/README.md @@ -10,20 +10,20 @@ Module deploys the following resources: The module requires the following inputs: - Parameter | Type | Default | Description | Requirement | Example ------------ | ---- | ------- |----------- | ----------- | ------- - parAcrName | string | acr${uniqueString(resourceGroup().id)} | Name of Azure Container Registry to deploy | 5-50 char | acr5cix6w3rcizn - parACRSku | string | Basic | SKU of Azure Container Registry to deploy to Azure | Basic or Standard or Premium | Basic - parLocation | string | resourceGroup().location | Location where Public Azure Container Registry will be deployed | Valid Azure Region | eastus2 - parTags | object | none | Tags to be appended to resource | none | {"Environment" : "Development"} + | Parameter | Type | Default | Description | Requirement | Example | + | ----------- | ------ | -------------------------------------- | --------------------------------------------------------------- | ---------------------------- | ------------------------------- | + | parAcrName | string | acr${uniqueString(resourceGroup().id)} | Name of Azure Container Registry to deploy | 5-50 char | acr5cix6w3rcizn | + | parACRSku | string | Basic | SKU of Azure Container Registry to deploy to Azure | Basic or Standard or Premium | Basic | + | parLocation | string | resourceGroup().location | Location where Public Azure Container Registry will be deployed | Valid Azure Region | eastus2 | + | parTags | object | none | Tags to be appended to resource | none | {"Environment" : "Development"} | ## Outputs The module will generate the following outputs: -Output | Type | Example ------- | ---- | -------- -outLoginServer | string | acr5cix6w3rcizna.azurecr.io +| Output | Type | Example | +| -------------- | ------ | --------------------------- | +| outLoginServer | string | acr5cix6w3rcizna.azurecr.io | ## Deployment @@ -73,4 +73,4 @@ New-AzResourceGroupDeployment @inputObject ## Bicep Visualizer -![Bicep Visualizer](media/bicepVisualizer.png "Bicep Visualizer") \ No newline at end of file +![Bicep Visualizer](media/bicepVisualizer.png "Bicep Visualizer") diff --git a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md index 03d02862f..3384d3118 100644 --- a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md +++ b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md @@ -17,7 +17,7 @@ The module requires the following inputs: | parLogAnalyticsWorkspaceResourceId | Log Analytics Workspace Resource ID | Yes | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/alz-logging/providers/Microsoft.OperationalInsights/workspaces/alz-log-analytics` | None | | parLogAnalyticsWorkspaceLogRetentionInDays | Number of days of log retention for Log Analytics Workspace | Yes | `365` | `365` | | parAutomationAccountName | Automation Account name | Yes | `alz-automation-account` | `alz-automation-account` | - | parMsDefenderForCloudEmailSecurityContact | An e-mail address that you want Microsoft Defender for Cloud alerts to be sent to. | Yes | `security_contact@replace_me.com` | `security_contact@replace_me.com` | + | parMsDefenderForCloudEmailSecurityContact | An e-mail address that you want Microsoft Defender for Cloud alerts to be sent to. | Yes | `security_contact@replace_me.com` | `security_contact@replace_me.com` | | parDdosProtectionPlanId | ID of the DDoS Protection Plan which will be applied to the Virtual Networks. If left empty, the policy Enable-DDoS-VNET will not be assigned at connectivity or landing zone Management Groups to avoid VNET deployment issues. | Yes | `/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/Hub_Networking_POC/providers/Microsoft.Network/ddosProtectionPlans/alz-ddos-plan` | (empty string) | | parTelemetryOptOut | Set Parameter to true to Opt-out of deployment telemetry | Yes | `false` | `false` | @@ -93,4 +93,4 @@ New-AzManagementGroupDeployment @inputObject ## Bicep Visualizer -![Bicep Visualizer](media/bicepVisualizer.png "Bicep Visualizer") \ No newline at end of file +![Bicep Visualizer](media/bicepVisualizer.png "Bicep Visualizer") From 02715de3921d456447fcd1af02a3bbda8a1d17ca Mon Sep 17 00:00:00 2001 From: JamJarchitect <53943045+JamJarchitect@users.noreply.github.com> Date: Tue, 11 Oct 2022 11:08:21 +0100 Subject: [PATCH 17/19] prep for v0.10.5 release (#2) Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com> --- version.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/version.json b/version.json index 1f31ff036..88484bbcf 100644 --- a/version.json +++ b/version.json @@ -1,6 +1,6 @@ { - "version": "0.10.4", - "gitTag": "v0.10.4" - "releaseNotes": "https://github.com/Azure/ALZ-Bicep/releases/tag/v0.10.4", - "releaseDateTimeUTC": "20221009T1825143733Z" + "version": "0.10.5", + "gitTag": "v0.10.5" + "releaseNotes": "https://github.com/Azure/ALZ-Bicep/releases/tag/v0.10.5", + "releaseDateTimeUTC": "20221010T1634546210Z" } From 416f1d1825002a2e6b46f0ac39648ea44901fd29 Mon Sep 17 00:00:00 2001 From: JamJarchitect Date: Wed, 2 Nov 2022 12:09:54 +0000 Subject: [PATCH 18/19] amendments --- .../bicep/CRML/containerRegistry/README.md | 15 ++----- .../bicep/CRML/subscriptionAlias/README.md | 15 ++++--- .../modules/customRoleDefinitions/README.md | 16 +++---- .../bicep/modules/hubNetworking/README.md | 26 +++++------- infra-as-code/bicep/modules/logging/README.md | 22 ++++------ .../bicep/modules/managementGroups/README.md | 12 +++--- .../modules/policy/assignments/README.md | 42 ++++++------------- .../policy/assignments/alzDefaults/README.md | 16 +++---- .../modules/policy/definitions/README.md | 17 ++++---- .../bicep/modules/privateDnsZones/README.md | 20 ++++----- .../bicep/modules/roleAssignments/README.md | 16 +++---- .../bicep/modules/spokeNetworking/README.md | 16 +++---- .../modules/subscriptionPlacement/README.md | 18 ++++---- .../bicep/modules/vnetPeering/README.md | 20 ++++----- .../bicep/modules/vnetPeeringVwan/README.md | 12 +++--- .../bicep/modules/vwanConnectivity/README.md | 21 ++++------ .../orchestration/hubPeeredSpoke/README.md | 24 ++++------- .../orchestration/subPlacementAll/README.md | 18 ++++---- 18 files changed, 141 insertions(+), 205 deletions(-) diff --git a/infra-as-code/bicep/CRML/containerRegistry/README.md b/infra-as-code/bicep/CRML/containerRegistry/README.md index 0ad62c728..af7a854f9 100644 --- a/infra-as-code/bicep/CRML/containerRegistry/README.md +++ b/infra-as-code/bicep/CRML/containerRegistry/README.md @@ -38,19 +38,12 @@ We will take the default values and not pass any parameters. ```bash dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-ContainerRegistry-${dateYMD}" -RESOURCEGROUP="Bicep_ACR" +RESOURCEGROUP="rg-bicep-acr" PARAMETERS="@infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep" az group create --location eastus \ - --name Bicep_ACR - -$inputObject = @( -'--name', ('alz-ContainerRegistry-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), -'--resource-group', 'Bicep_ACR', -'--parameters', '@infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json', -'--template-file', "infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep", -) + --name rg-bicep-acr az deployment group create --name ${NAME:0:63} --resource-group $RESOURCEGROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` @@ -58,12 +51,12 @@ az deployment group create --name ${NAME:0:63} --resource-group $RESOURCEGROUP - ### PowerShell ```powershell -New-AzResourceGroup -Name 'Bicep_ACR' ` +New-AzResourceGroup -Name 'rg-bicep-acr' ` -Location 'EastUs' $inputObject = @{ DeploymentName = 'alz-ContainerRegistry-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = 'Bicep_ACR' + ResourceGroupName = 'rg-bicep-acr' TemplateParameterFile = 'infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json' TemplateFile = "infra-as-code/bicep/CRML/containerRegistry/containerRegistry.bicep" } diff --git a/infra-as-code/bicep/CRML/subscriptionAlias/README.md b/infra-as-code/bicep/CRML/subscriptionAlias/README.md index 2e9c55ac9..5e8332e0e 100644 --- a/infra-as-code/bicep/CRML/subscriptionAlias/README.md +++ b/infra-as-code/bicep/CRML/subscriptionAlias/README.md @@ -41,14 +41,13 @@ In this example, the Subscription is created upon an EA Account through a tenant **NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash -$inputObject = @( - '--name', ('alz-SubscriptionAlias-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/CRML/subscriptionAlias/parameters/subscriptionAlias.parameters.all.json', - '--location', 'EastUS', - '--template-file', "infra-as-code/bicep/CRML/subscriptionAlias/subscriptionAlias.bicep" -) - -az deployment tenant create @inputObject +dateYMD=$(date +%Y%m%dT%H%M%S%NZ) +NAME="alz-SubscriptionAlias-${dateYMD}" +LOCATION="eastus" +PARAMETERS="@infra-as-code/bicep/CRML/subscriptionAlias/parameters/subscriptionAlias.parameters.all.json" +TEMPLATEFILE="infra-as-code/bicep/CRML/subscriptionAlias/subscriptionAlias.bicep" + +az deployment tenant create --name ${NAME:0:63} --location $LOCATION --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell diff --git a/infra-as-code/bicep/modules/customRoleDefinitions/README.md b/infra-as-code/bicep/modules/customRoleDefinitions/README.md index 92a99543a..5320a2080 100644 --- a/infra-as-code/bicep/modules/customRoleDefinitions/README.md +++ b/infra-as-code/bicep/modules/customRoleDefinitions/README.md @@ -59,10 +59,10 @@ LOCATION="eastus" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-CustomRoleDefsDeployment-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/customRoleDefinitions/customRoleDefinitions.bicep" +PARAMETERS="@infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -76,10 +76,10 @@ LOCATION="chinaeast2" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-CustomRoleDefsDeployment-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/customRoleDefinitions/mc-customRoleDefinitions.bicep" +PARAMETERS="@infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -89,10 +89,10 @@ az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $inputObject = @{ DeploymentName = 'alz-CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'eastus' - TemplateParameterFile = 'infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/modules/customRoleDefinitions/customRoleDefinitions.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json' } New-AzManagementGroupDeployment @inputObject @@ -103,10 +103,10 @@ OR $inputObject = @{ DeploymentName = 'alz-CustomRoleDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'chinaeast2' - TemplateParameterFile = 'infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/modules/customRoleDefinitions/mc-customRoleDefinitions.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/customRoleDefinitions/parameters/customRoleDefinitions.parameters.all.json' } New-AzManagementGroupDeployment @inputObject diff --git a/infra-as-code/bicep/modules/hubNetworking/README.md b/infra-as-code/bicep/modules/hubNetworking/README.md index 649da3817..56316706c 100644 --- a/infra-as-code/bicep/modules/hubNetworking/README.md +++ b/infra-as-code/bicep/modules/hubNetworking/README.md @@ -109,13 +109,13 @@ TopLevelMGPrefix="alz" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-HubNetworkingDeploy-${dateYMD}" GROUP="rg-$TopLevelMGPrefix-hub-networking-001" -PARAMETERS="@infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" +PARAMETERS="@infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json" az group create --location eastus \ - --name $ResourceGroupName + --name $GROUP -az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -131,13 +131,13 @@ TopLevelMGPrefix="alz" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-HubNetworkingDeploy-${dateYMD}" GROUP="rg-$TopLevelMGPrefix-hub-networking-001" -PARAMETERS="@infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" +PARAMETERS="@infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json" az group create --location chinaeast2 \ - --name $ResourceGroupName + --name $GROUP -az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -149,20 +149,18 @@ $ConnectivitySubscriptionId = "[your platform connectivity subscription ID]" Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId -# Set Platform management subscripion ID as the the current subscription +# Set Platform management subscription ID as the the current subscription $ManagementSubscriptionId = "[your platform management subscription ID]" # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -$ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-001" - # Parameters necessary for deployment $inputObject = @{ DeploymentName = 'alz-HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = $ResourceGroupName - TemplateParameterFile = "infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json" + ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-001" TemplateFile = "infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" + TemplateParameterFile = "infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json" } New-AzResourceGroup -Name $ResourceGroupName ` @@ -181,14 +179,12 @@ Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -$ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-001" - # Parameters necessary for deployment $inputObject = @{ DeploymentName = 'alz-HubNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = $ResourceGroupName - TemplateParameterFile = "infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json" + ResourceGroupName = "rg-$TopLevelMGPrefix-hub-networking-001" TemplateFile = "infra-as-code/bicep/modules/hubNetworking/hubNetworking.bicep" + TemplateParameterFile = "infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json" } New-AzResourceGroup -Name $ResourceGroupName ` diff --git a/infra-as-code/bicep/modules/logging/README.md b/infra-as-code/bicep/modules/logging/README.md index 9ab6eae67..dde53cad6 100644 --- a/infra-as-code/bicep/modules/logging/README.md +++ b/infra-as-code/bicep/modules/logging/README.md @@ -79,9 +79,8 @@ TopLevelMGPrefix="alz" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) GROUP="rg-$TopLevelMGPrefix-logging-001" NAME="alz-loggingDeployment-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/logging/logging.bicep" - +PARAMETERS="@infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" # Create Resource Group - optional when using an existing resource group az group create \ @@ -89,7 +88,7 @@ az group create \ --location eastus # Deploy Module -az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -104,9 +103,8 @@ TopLevelMGPrefix="alz" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) GROUP="rg-$TopLevelMGPrefix-logging-001" NAME="alz-loggingDeployment-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/logging/parameters/mc-logging.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/logging/logging.bicep" - +PARAMETERS="@infra-as-code/bicep/modules/logging/parameters/mc-logging.parameters.all.json" # Create Resource Group - optional when using an existing resource group az group create \ @@ -114,7 +112,7 @@ az group create \ --location chinaeast2 # Deploy Module -az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -127,14 +125,12 @@ $ManagementSubscriptionId = "[your platform management subscription ID]" # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -$ResourceGroupName = "rg-$TopLevelMGPrefix-logging-001" - # Parameters necessary for deployment $inputObject = @{ DeploymentName = 'alz-LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = $ResourceGroupName - TemplateParameterFile = "infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" + ResourceGroupName = "rg-$TopLevelMGPrefix-logging-001" TemplateFile = "infra-as-code/bicep/modules/logging/logging.bicep" + TemplateParameterFile = "infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" } Select-AzSubscription -SubscriptionId $ManagementSubscriptionId @@ -155,14 +151,12 @@ $ManagementSubscriptionId = "[your platform management subscription ID]" # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -$ResourceGroupName = "rg-$TopLevelMGPrefix-logging-001" - # Parameters necessary for deployment $inputObject = @{ DeploymentName = 'alz-LoggingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = $ResourceGroupName - TemplateParameterFile = "infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" + ResourceGroupName = "rg-$TopLevelMGPrefix-logging-001" TemplateFile = "infra-as-code/bicep/modules/logging/logging.bicep" + TemplateParameterFile = "infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json" } Select-AzSubscription -SubscriptionId $ManagementSubscriptionId diff --git a/infra-as-code/bicep/modules/managementGroups/README.md b/infra-as-code/bicep/modules/managementGroups/README.md index 61f59a685..c94f7457e 100644 --- a/infra-as-code/bicep/modules/managementGroups/README.md +++ b/infra-as-code/bicep/modules/managementGroups/README.md @@ -125,10 +125,10 @@ In this example, the management groups are created at the `Tenant Root Group` th dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-MGDeployment-${dateYMD}" LOCATION="eastus" -PARAMETERS="@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" +PARAMETERS="@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json" -az deployment tenant create --name ${NAME:0:63} --location $LOCATION --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment tenant create --name ${NAME:0:63} --location $LOCATION --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -137,10 +137,10 @@ OR dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-MGDeployment-${dateYMD}" LOCATION="chinaeast2" -PARAMETERS="@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" +PARAMETERS="@infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json" -az deployment tenant create --name ${NAME:0:63} --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment tenant create --name ${NAME:0:63} --location $LOCATION --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -150,9 +150,9 @@ az deployment tenant create --name ${NAME:0:63} --parameters $PARAMETERS --templ $inputObject = @{ DeploymentName = 'alz-MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - TemplateParameterFile = 'infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json' Location = 'EastUS' TemplateFile = "infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json' } New-AzTenantDeployment @inputObject ``` @@ -162,9 +162,9 @@ OR $inputObject = @{ DeploymentName = 'alz-MGDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - TemplateParameterFile = 'infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json' Location = 'chinaeast2' TemplateFile = "infra-as-code/bicep/modules/managementGroups/managementGroups.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/managementGroups/parameters/managementGroups.parameters.all.json' } New-AzTenantDeployment @inputObject ``` diff --git a/infra-as-code/bicep/modules/policy/assignments/README.md b/infra-as-code/bicep/modules/policy/assignments/README.md index 2878dad1c..923b196be 100644 --- a/infra-as-code/bicep/modules/policy/assignments/README.md +++ b/infra-as-code/bicep/modules/policy/assignments/README.md @@ -44,7 +44,6 @@ The module does not generate any outputs. In this example, the `Deny-PublicIP` custom policy definition will be deployed/assigned to the `alz-landingzones` management group. #### Azure CLI - Deny -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions @@ -57,7 +56,7 @@ LOCATION="eastus" MGID="alz-landingzones" TEMPLATEFILE="infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -71,7 +70,7 @@ LOCATION="chinaeast2" MGID="alz-landingzones" TEMPLATEFILE="infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` #### PowerShell - Deny @@ -114,27 +113,18 @@ There are two different sets of input parameters files; one for deploying to Azu In this example, the `Deploy-MDFC-Config` custom policy definition will be deployed/assigned to the `alz-landingzones` management group (intermediate root management group). And the managed identity associated with the policy will also be assigned to the `alz-platform` management group, as defined in the parameter file: `parameters/policyAssignmentManagementGroup.dine.parameters.all.json` or `parameters/mc-policyAssignmentManagementGroup.dine.parameters.all.json` #### Azure CLI - DINE -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-PolicyDineAssignments-${dateYMD}" -MGID="alz-landingzones" LOCATION="eastus" -PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json" +MGID="alz-landingzones" TEMPLATEFILE="infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" +PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json" -$inputObject = @( - --name = 'alz-PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - --management-group-id = 'alz-landingzones' - --location = 'eastus' - --parameters = '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json' - --template-file = "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" -) - -az deployment mg create --name $NAME --management-group-id $MGID --location $LOCATION --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment mg create --name $NAME --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -142,20 +132,12 @@ OR dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-PolicyDineAssignments-${dateYMD}" -MGID="alz-landingzones" LOCATION="eastus" -PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json" +MGID="alz-landingzones" TEMPLATEFILE="infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" +PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json" -$inputObject = @( - --name = 'alz-PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - --management-group-id = 'alz-landingzones' - --location = 'chinaeast2' - --parameters = '@infra-as-code/bicep/modules/policy/assignments/parameters/mc-policyAssignmentManagementGroup.dine.parameters.all.json' - --template-file = "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" -) - -az deployment mg create --name $NAME --management-group-id $MGID --location $LOCATION --parameters $PARAMETERS --template-file $TEMPLATEFILEect +az deployment mg create --name $NAME --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` #### PowerShell - DINE @@ -165,10 +147,10 @@ az deployment mg create --name $NAME --management-group-id $MGID --location $LOC $inputObject = @{ DeploymentName = 'alz-PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz-landingzones' Location = 'eastus' - TemplateParameterFile = '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json' + ManagementGroupId = 'alz-landingzones' TemplateFile = "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" + TemplateParameterFile = '@infra-as-code/bicep/modules/policy/assignments/parameters/policyAssignmentManagementGroup.dine.parameters.all.json' } New-AzManagementGroupDeployment @inputObject @@ -179,10 +161,10 @@ OR $inputObject = @{ DeploymentName = 'alz-PolicyDineAssignments-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz-landingzones' Location = 'chinaeast2' - TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/parameters/mc-policyAssignmentManagementGroup.dine.parameters.all.json' + ManagementGroupId = 'alz-landingzones' TemplateFile = "infra-as-code/bicep/modules/policy/assignments/policyAssignmentManagementGroup.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/parameters/mc-policyAssignmentManagementGroup.dine.parameters.all.json' } New-AzManagementGroupDeployment @inputObject diff --git a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md index 3384d3118..21d362332 100644 --- a/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md +++ b/infra-as-code/bicep/modules/policy/assignments/alzDefaults/README.md @@ -40,12 +40,12 @@ The module does not generate any outputs. dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-alzPolicyAssignmentDefaults-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json" LOCATION="eastus" MGID="alz" TEMPLATEFILE="infra-as-code/bicep/modules/policy/assignments/alzDefaults/alzDefaultPolicyAssignments.bicep" +PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -53,12 +53,12 @@ OR dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-alzPolicyAssignmentDefaults-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json" LOCATION="chinaeast2" MGID="alz" TEMPLATEFILE="infra-as-code/bicep/modules/policy/assignments/alzDefaults/alzDefaultPolicyAssignments.bicep" +PARAMETERS="@infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -68,10 +68,10 @@ az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $inputObject = @{ DeploymentName = 'alz-alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'eastus' - TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/modules/policy/assignments/alzDefaults/alzDefaultPolicyAssignments.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/alzDefaultPolicyAssignments.parameters.all.json' } New-AzManagementGroupDeployment @inputObject @@ -82,10 +82,10 @@ OR $inputObject = @{ DeploymentName = 'alzPolicyAssignmentDefaultsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'chinaeast2' - TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/mc-alzDefaultPolicyAssignments.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/modules/policy/assignments/alzDefaults/alzDefaultPolicyAssignments.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/policy/assignments/alzDefaults/parameters/mc-alzDefaultPolicyAssignments.parameters.all.json' } New-AzManagementGroupDeployment @inputObject diff --git a/infra-as-code/bicep/modules/policy/definitions/README.md b/infra-as-code/bicep/modules/policy/definitions/README.md index 427d51f17..d735be68d 100644 --- a/infra-as-code/bicep/modules/policy/definitions/README.md +++ b/infra-as-code/bicep/modules/policy/definitions/README.md @@ -42,19 +42,18 @@ The input parameter file `parameters/customPolicyDefinitions.parameters.all.json > If the deployment provisioning state has failed due to policy definitions could not be found, this is often due to a known replication delay. Please re-run the deployment step below, and the deployment should succeed. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-PolicyDefsDefaults-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json" LOCATION="eastus" MGID="alz" TEMPLATEFILE="infra-as-code/bicep/modules/policy/definitions/customPolicyDefinitions.bicep" +PARAMETERS="@infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -62,12 +61,12 @@ OR dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-PolicyDefsDefaults-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json" LOCATION="chinaeast2" MGID="alz" TEMPLATEFILE="infra-as-code/bicep/modules/policy/definitions/mc-customPolicyDefinitions.bicep" +PARAMETERS="@infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -77,10 +76,10 @@ az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $inputObject = @{ DeploymentName = 'alz-PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'eastus' - TemplateParameterFile = 'infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/modules/policy/definitions/customPolicyDefinitions.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json' } New-AzManagementGroupDeployment @inputObject @@ -91,10 +90,10 @@ OR $inputObject = @{ DeploymentName = 'alz-PolicyDefsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'chinaeast2' - TemplateParameterFile = 'infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/modules/policy/definitions/mc-customPolicyDefinitions.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/policy/definitions/parameters/customPolicyDefinitions.parameters.all.json' } New-AzManagementGroupDeployment @inputObject ``` diff --git a/infra-as-code/bicep/modules/privateDnsZones/README.md b/infra-as-code/bicep/modules/privateDnsZones/README.md index 2e8a63aee..c858d8b2c 100644 --- a/infra-as-code/bicep/modules/privateDnsZones/README.md +++ b/infra-as-code/bicep/modules/privateDnsZones/README.md @@ -89,11 +89,11 @@ TopLevelMGPrefix="alz" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-PrivateDnsZonesDeployment-${dateYMD}" RESOURCEGROUP="rg-$TopLevelMGPrefix-private-dns-001" -PARAMETERS="@infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep" +PARAMETERS="@infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json" az group create --location eastus \ - --name Hub_$RESOURCEGROUP + --name $RESOURCEGROUP az deployment group create --name ${NAME:0:63} --resource-group $RESOURCEGROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` @@ -110,11 +110,11 @@ TopLevelMGPrefix="alz" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-PrivateDnsZonesDeployment-${dateYMD}" RESOURCEGROUP="rg-$TopLevelMGPrefix-private-dns-001" -PARAMETERS="@infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep" +PARAMETERS="@infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json" az group create --location chinaeast2 \ - --name Hub_$RESOURCEGROUP + --name $RESOURCEGROUP az deployment group create --name ${NAME:0:63} --resource-group $RESOURCEGROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE ``` @@ -131,16 +131,14 @@ Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -$ResourceGroupName = "rg-$TopLevelMGPrefix-private-dns-001" - New-AzResourceGroup -Name $ResourceGroupName ` -Location 'eastus' $inputObject = @{ DeploymentName = 'alz-PrivateDnsZonesDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = $ResourceGroupName - TemplateParameterFile = "infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json" + ResourceGroupName = "rg-$TopLevelMGPrefix-private-dns-001" TemplateFile = "infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep" + TemplateParameterFile = "infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json" } New-AzResourceGroupDeployment @inputObject @@ -157,16 +155,14 @@ Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -$ResourceGroupName = "rg-$TopLevelMGPrefix-private-dns-001" - New-AzResourceGroup -Name $ResourceGroupName ` -Location 'chinaeast2' $inputObject = @{ DeploymentName = 'alz-PrivateDnsZonesDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = $ResourceGroupName - TemplateParameterFile = "infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json" + ResourceGroupName = "rg-$TopLevelMGPrefix-private-dns-001" TemplateFile = "infra-as-code/bicep/modules/privateDnsZones/privateDnsZones.bicep" + TemplateParameterFile = "infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json" } New-AzResourceGroupDeployment @inputObject diff --git a/infra-as-code/bicep/modules/roleAssignments/README.md b/infra-as-code/bicep/modules/roleAssignments/README.md index ecc9b0e25..0c7fe4278 100644 --- a/infra-as-code/bicep/modules/roleAssignments/README.md +++ b/infra-as-code/bicep/modules/roleAssignments/README.md @@ -121,12 +121,12 @@ In this example, the built-in Reader role will be assigned to a Service Principa dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-RoleAssignmentsDeployment-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json" LOCATION="eastus" MGID="alz" TEMPLATEFILE="infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep" +PARAMETERS="@infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -134,12 +134,12 @@ OR dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-RoleAssignmentsDeployment-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json" LOCATION="chinaeast2" MGID="alz" TEMPLATEFILE="infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep" +PARAMETERS="@infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -149,10 +149,10 @@ az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $inputObject = @{ DeploymentName = 'alz-RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'eastus' - TemplateParameterFile = 'infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json' } New-AzManagementGroupDeployment @inputObject @@ -163,10 +163,10 @@ OR $inputObject = @{ DeploymentName = 'alz-RoleAssignmentsDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'chinaeast2' - TemplateParameterFile = 'infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/modules/roleAssignments/roleAssignmentManagementGroup.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/roleAssignments/parameters/roleAssignmentManagementGroup.servicePrincipal.parameters.all.json' } New-AzManagementGroupDeployment @inputObject diff --git a/infra-as-code/bicep/modules/spokeNetworking/README.md b/infra-as-code/bicep/modules/spokeNetworking/README.md index 9433140f5..15f90f707 100644 --- a/infra-as-code/bicep/modules/spokeNetworking/README.md +++ b/infra-as-code/bicep/modules/spokeNetworking/README.md @@ -77,15 +77,15 @@ TopLevelMGPrefix="alz" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-SpokeNetworkingDeployment-${dateYMD}" GROUP="rg-$TopLevelMGPrefix-spoke-networking-001" -PARAMETERS="@infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" +PARAMETERS="@infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json" # Create Resource Group - optional when using an existing resource group az group create \ --name $GROUP \ --location eastus -az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -101,15 +101,15 @@ TopLevelMGPrefix="alz" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-SpokeNetworkingDeployment-${dateYMD}" GROUP="rg-$TopLevelMGPrefix-spoke-networking-001" -PARAMETERS="@infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" +PARAMETERS="@infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json" # Create Resource Group - optional when using an existing resource group az group create \ --name $GROUP \ --location chinaeast2 -az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -124,12 +124,10 @@ Select-AzSubscription -SubscriptionId $LandingZoneSubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -$ResourceGroupName = "rg-$TopLevelMGPrefix-spoke-networking-001" - # Parameters necessary for deployment $inputObject = @{ DeploymentName = 'alz-SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = $ResourceGroupName + ResourceGroupName = "rg-$TopLevelMGPrefix-spoke-networking-001" TemplateParameterFile = "infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json" TemplateFile = "infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" } @@ -150,12 +148,10 @@ Select-AzSubscription -SubscriptionId $LandingZoneSubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -$ResourceGroupName = "rg-$TopLevelMGPrefix-spoke-networking-001" - # Parameters necessary for deployment $inputObject = @{ DeploymentName = 'alz-SpokeNetworkingDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = $ResourceGroupName + ResourceGroupName = "rg-$TopLevelMGPrefix-spoke-networking-001" TemplateParameterFile = "infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json" TemplateFile = "infra-as-code/bicep/modules/spokeNetworking/spokeNetworking.bicep" } diff --git a/infra-as-code/bicep/modules/subscriptionPlacement/README.md b/infra-as-code/bicep/modules/subscriptionPlacement/README.md index 1630c386b..ccae6efec 100644 --- a/infra-as-code/bicep/modules/subscriptionPlacement/README.md +++ b/infra-as-code/bicep/modules/subscriptionPlacement/README.md @@ -24,18 +24,18 @@ In this example, the subscription `xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx` will be > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** + ```bash # For Azure global regions dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-SubscriptionPlacementDeployment-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json" LOCATION="eastus" MGID="alz" TEMPLATEFILE="infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" +PARAMETERS="@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters ``` OR ```bash @@ -43,12 +43,12 @@ OR dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-SubscriptionPlacementDeployment-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json" LOCATION="chinaeast2" MGID="alz" TEMPLATEFILE="infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" +PARAMETERS="@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -58,10 +58,10 @@ az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $inputObject = @{ DeploymentName = 'alz-SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'eastus' - TemplateParameterFile = 'infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json' } New-AzManagementGroupDeployment @inputObject @@ -72,10 +72,10 @@ OR $inputObject = @{ DeploymentName = 'alz-SubscriptionPlacementDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'chinaeast2' - TemplateParameterFile = 'infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json' } New-AzManagementGroupDeployment @inputObject ``` diff --git a/infra-as-code/bicep/modules/vnetPeering/README.md b/infra-as-code/bicep/modules/vnetPeering/README.md index 9794d9a68..51fa6d327 100644 --- a/infra-as-code/bicep/modules/vnetPeering/README.md +++ b/infra-as-code/bicep/modules/vnetPeering/README.md @@ -63,15 +63,15 @@ TopLevelMGPrefix="alz" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-vnetPeeringDeploy-${dateYMD}" GROUP="rg-$TopLevelMGPrefix-vnet-peering-001" -PARAMETERS="@infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" +PARAMETERS="@infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" # Create Resource Group - optional when using an existing resource group az group create \ --name $GROUP \ --location eastus -az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -86,15 +86,15 @@ TopLevelMGPrefix="alz" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-vnetPeeringDeploy-${dateYMD}" GROUP="rg-$TopLevelMGPrefix-vnet-peering-001" -PARAMETERS="@infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" +PARAMETERS="@infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" # Create Resource Group - optional when using an existing resource group az group create \ --name $GROUP \ --location chinaeast2 -az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -109,8 +109,6 @@ Select-AzSubscription -SubscriptionId $LandingZoneSubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -$ResourceGroupName = "rg-$TopLevelMGPrefix-vnet-peering-001" - # Create Resource Group - optional when using an existing resource group New-AzResourceGroup ` -Name $ResourceGroupName ` @@ -119,9 +117,9 @@ New-AzResourceGroup ` # Parameters necessary for deployment $inputObject = @{ DeploymentName = 'alz-vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = $ResourceGroupName - TemplateParameterFile = "infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" + ResourceGroupName = "rg-$TopLevelMGPrefix-vnet-peering-001" TemplateFile = "ALZ-Bicep/infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" + TemplateParameterFile = "infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" } New-AzResourceGroupDeployment @inputObject @@ -142,14 +140,12 @@ New-AzResourceGroup ` # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -$ResourceGroupName = "rg-$TopLevelMGPrefix-vnet-peering-001" - # Parameters necessary for deployment $inputObject = @{ DeploymentName = 'alz-vnetPeeringDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = $ResourceGroupName - TemplateParameterFile = "infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" + ResourceGroupName = "rg-$TopLevelMGPrefix-vnet-peering-001" TemplateFile = "ALZ-Bicep/infra-as-code/bicep/modules/vnetPeering/vnetPeering.bicep" + TemplateParameterFile = "infra-as-code/bicep/modules/vnetPeering/parameters/vnetPeering.parameters.all.json" } New-AzResourceGroupDeployment @inputObject diff --git a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md index 6667d5e00..114a8d4a1 100644 --- a/infra-as-code/bicep/modules/vnetPeeringVwan/README.md +++ b/infra-as-code/bicep/modules/vnetPeeringVwan/README.md @@ -47,11 +47,11 @@ az account set --subscription $ConnectivitySubscriptionId dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-vnetPeeringVwanDeployment-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json" LOCATION="eastus" TEMPLATEFILE="infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" +PARAMETERS="@infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json" -az deployment sub create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --template-file $TEMPLATEFILE +az deployment sub create --name ${NAME:0:63} --location $LOCATION --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -62,11 +62,11 @@ az account set --subscription $ConnectivitySubscriptionId dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-vnetPeeringVwanDeployment-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json" LOCATION="chinaeast2" TEMPLATEFILE="infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" +PARAMETERS="@infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json" -az deployment sub create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --template-file $TEMPLATEFILE +az deployment sub create --name ${NAME:0:63} --location $LOCATION --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -80,9 +80,9 @@ Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId $inputObject = @{ DeploymentName = 'alz-VnetPeeringWanDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - TemplateParameterFile = 'infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json' Location = 'eastus' TemplateFile = "infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json' } New-AzDeployment @inputObject @@ -98,9 +98,9 @@ Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId $inputObject = @{ DeploymentName = 'alz-VnetPeeringWanDeployment-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - TemplateParameterFile = 'infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json' Location = 'chinaeast2' TemplateFile = "infra-as-code/bicep/modules/vnetPeeringVwan/vnetPeeringVwan.bicep" + TemplateParameterFile = 'infra-as-code/bicep/modules/vnetPeeringVwan/parameters/vnetPeeringVwan.parameters.all.json' } New-AzDeployment @inputObject diff --git a/infra-as-code/bicep/modules/vwanConnectivity/README.md b/infra-as-code/bicep/modules/vwanConnectivity/README.md index bf67b4109..624dd0272 100644 --- a/infra-as-code/bicep/modules/vwanConnectivity/README.md +++ b/infra-as-code/bicep/modules/vwanConnectivity/README.md @@ -81,7 +81,6 @@ In this example, the resources required for Virtual WAN connectivity will be dep > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash # For Azure global regions # Set Platform connectivity subscription ID as the the current subscription @@ -94,15 +93,15 @@ TopLevelMGPrefix="alz" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-vwanConnectivityDeploy-${dateYMD}" GROUP="rg-$TopLevelMGPrefix-vwan-001" -PARAMETERS="@infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep" +PARAMETERS="@infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json" # Create Resource Group - optional when using an existing resource group az group create \ --name $GROUP \ --location eastus -az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -117,15 +116,15 @@ TopLevelMGPrefix="alz" dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-vwanConnectivityDeploy-${dateYMD}" GROUP="rg-$TopLevelMGPrefix-vwan-001" -PARAMETERS="@infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json" TEMPLATEFILE="infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep" +PARAMETERS="@infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json" # Create Resource Group - optional when using an existing resource group az group create \ --name $GROUP \ --location chinaeast2 -az deployment group create --name ${NAME:0:63} --resource-group $GROUP --parameters $PARAMETERS --template-file $TEMPLATEFILE +az deployment group create --name ${NAME:0:63} --resource-group $GROUP --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -140,14 +139,12 @@ Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -$ResourceGroupName = "rg-$TopLevelMGPrefix-vwan-001" - # Parameters necessary for deployment $inputObject = @{ DeploymentName = 'alz-vwanConnectivityDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = $ResourceGroupName - TemplateParameterFile = "infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json" + ResourceGroupName = "rg-$TopLevelMGPrefix-vwan-001" TemplateFile = "infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep" + TemplateParameterFile = "infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json" } @@ -167,14 +164,12 @@ Select-AzSubscription -SubscriptionId $ConnectivitySubscriptionId # Set the top level MG Prefix in accordance to your environment. This example assumes default 'alz'. $TopLevelMGPrefix = "alz" -$ResourceGroupName = "rg-$TopLevelMGPrefix-vwan-001" - # Parameters necessary for deployment $inputObject = @{ DeploymentName = 'alz-vwanConnectivityDeploy-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ResourceGroupName = $ResourceGroupName - TemplateParameterFile = "infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json" + ResourceGroupName = "rg-$TopLevelMGPrefix-vwan-001" TemplateFile = "infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep" + TemplateParameterFile = "infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json" } New-AzResourceGroup -Name $ResourceGroupName ` diff --git a/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md b/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md index 6278cd2cb..203d6b467 100644 --- a/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md +++ b/infra-as-code/bicep/orchestration/hubPeeredSpoke/README.md @@ -66,22 +66,14 @@ In this example, the spoke resources will be deployed to the resource group spec ```bash # For Azure global regions -$inputObject = @( - '--name', ('alz-HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])), - '--parameters', '@infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json', - '--location', 'EastUS', - '--management-group-id', 'alz', - '--template-file', "infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" -) - dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-HubPeeredSpoke-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json" LOCATION="eastus" MGID="alz" TEMPLATEFILE="infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" +PARAMETERS="@infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash @@ -89,12 +81,12 @@ OR dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-HubPeeredSpoke-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json" LOCATION="chinaeast2" MGID="alz" TEMPLATEFILE="infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" +PARAMETERS="@infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -104,10 +96,10 @@ az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $inputObject = @{ DeploymentName = 'alz-HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'EastUS' - TemplateParameterFile = 'infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" + TemplateParameterFile = 'infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json' } New-AzManagementGroupDeployment @inputObject @@ -118,10 +110,10 @@ OR $inputObject = @{ DeploymentName = 'alz-HubPeeredSpoke-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'chinaeast2' - TemplateParameterFile = 'infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/orchestration/hubPeeredSpoke/hubPeeredSpoke.bicep" + TemplateParameterFile = 'infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json' } New-AzManagementGroupDeployment @inputObject diff --git a/infra-as-code/bicep/orchestration/subPlacementAll/README.md b/infra-as-code/bicep/orchestration/subPlacementAll/README.md index 349f4763a..3b1357262 100644 --- a/infra-as-code/bicep/orchestration/subPlacementAll/README.md +++ b/infra-as-code/bicep/orchestration/subPlacementAll/README.md @@ -91,19 +91,17 @@ This however may be done as part of another process, for example upon Subscripti > For the examples below we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** - ```bash # For Azure global regions dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-SubPlacementAll-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json" LOCATION="eastus" MGID="alz" TEMPLATEFILE="infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep" +PARAMETERS="@infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR @@ -113,12 +111,12 @@ OR dateYMD=$(date +%Y%m%dT%H%M%S%NZ) NAME="alz-SubPlacementAll-${dateYMD}" -PARAMETERS="@infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json" LOCATION="chinaeast2" MGID="alz" TEMPLATEFILE="infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep" +PARAMETERS="@infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json" -az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` ### PowerShell @@ -128,10 +126,10 @@ az deployment mg create --name ${NAME:0:63} --parameters $PARAMETERS --location $inputObject = @{ DeploymentName = 'alz-SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'EastUS' - TemplateParameterFile = 'infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep" + TemplateParameterFile = 'infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json' } New-AzManagementGroupDeployment @inputObject @@ -144,10 +142,10 @@ OR $inputObject = @{ DeploymentName = 'alz-SubPlacementAll-{0}' -f (-join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63]) - ManagementGroupId = 'alz' Location = 'chinaeast2' - TemplateParameterFile = 'infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json' + ManagementGroupId = 'alz' TemplateFile = "infra-as-code/bicep/orchestration/subPlacementAll/subPlacementAll.bicep" + TemplateParameterFile = 'infra-as-code/bicep/orchestration/subPlacementAll/parameters/subPlacementAll.parameters.all.json' } New-AzManagementGroupDeployment @inputObject From 8a4e2511e030eb3cd5a569afe48730339e707037 Mon Sep 17 00:00:00 2001 From: JamJarchitect Date: Wed, 2 Nov 2022 23:51:08 +0000 Subject: [PATCH 19/19] amendments --- infra-as-code/bicep/CRML/subscriptionAlias/README.md | 1 - infra-as-code/bicep/modules/subscriptionPlacement/README.md | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/infra-as-code/bicep/CRML/subscriptionAlias/README.md b/infra-as-code/bicep/CRML/subscriptionAlias/README.md index 5e8332e0e..21a8594dd 100644 --- a/infra-as-code/bicep/CRML/subscriptionAlias/README.md +++ b/infra-as-code/bicep/CRML/subscriptionAlias/README.md @@ -38,7 +38,6 @@ In this example, the Subscription is created upon an EA Account through a tenant > For the below examples we assume you have downloaded or cloned the Git repo as-is and are in the root of the repository as your selected directory in your terminal of choice. ### Azure CLI -**NOTE: As there is some PowerShell code within the CLI, there is a requirement to execute the deployments in a cross-platform terminal which has PowerShell installed.** ```bash dateYMD=$(date +%Y%m%dT%H%M%S%NZ) diff --git a/infra-as-code/bicep/modules/subscriptionPlacement/README.md b/infra-as-code/bicep/modules/subscriptionPlacement/README.md index ccae6efec..bb0a28f9c 100644 --- a/infra-as-code/bicep/modules/subscriptionPlacement/README.md +++ b/infra-as-code/bicep/modules/subscriptionPlacement/README.md @@ -35,7 +35,7 @@ MGID="alz" TEMPLATEFILE="infra-as-code/bicep/modules/subscriptionPlacement/subscriptionPlacement.bicep" PARAMETERS="@infra-as-code/bicep/modules/subscriptionPlacement/parameters/subscriptionPlacement.parameters.all.json" -az deployment mg create --name ${NAME:0:63} $PARAMETERS --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters +az deployment mg create --name ${NAME:0:63} --location $LOCATION --management-group-id $MGID --template-file $TEMPLATEFILE --parameters $PARAMETERS ``` OR ```bash