Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Policy Library (automated) #400

Merged
merged 10 commits into from
Nov 28, 2022
Merged

Update Policy Library (automated) #400

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
e00ca83
Update Policy Library (automated)
actions-user Nov 28, 2022
4e79bc1
Update defs public module
jtracey93 Nov 28, 2022
ea08efb
fix 💡 Feature Request - Policy assignments for private DNS records #137
jtracey93 Nov 28, 2022
3404e5b
Generate Parameter Markdowns [jtracey93/3d9073b1]
github-actions[bot] Nov 28, 2022
73b6766
add path filter to docs action
jtracey93 Nov 28, 2022
446c5cb
update param files and tests
jtracey93 Nov 28, 2022
5e74c6a
update test
jtracey93 Nov 28, 2022
3d734a2
update script and test
jtracey93 Nov 28, 2022
f7afaf5
fix missing dns zone mappings
jtracey93 Nov 28, 2022
aa79fe9
fix IoT casing
jtracey93 Nov 28, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions .github/scripts/Set-AlzDefaultPolicyAssignment.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,16 @@ param (
[Parameter(Mandatory = $true)] [string] $parTopLevelManagementGroupPrefix,
[Parameter(Mandatory = $true)] [string] $parLogAnalyticsWorkSpaceAndAutomationAccountLocation,
[Parameter(Mandatory = $true)] [string] $parLogAnalyticsWorkspaceResourceID,
[Parameter(Mandatory = $true)] [string] $parDdosProtectionPlanId
[Parameter(Mandatory = $true)] [string] $parDdosProtectionPlanId,
[Parameter(Mandatory = $true)] [string] $parPrivateDnsResourceGroupId
)
$state = 'fail'
$i = 0
$err.clear
while ($i -lt 4 -and $state -eq 'fail') {
$ErrorActionPreference = "Stop"
Try {
New-AzManagementGroupDeployment -Managementgroupid $ManagementGroupId -Location $parLocation -TemplateFile $templateFile -TemplateParameterFile $parameterFile -parTopLevelManagementGroupPrefix $parTopLevelManagementGroupPrefix -parLogAnalyticsWorkSpaceAndAutomationAccountLocation $parLogAnalyticsWorkSpaceAndAutomationAccountLocation -parLogAnalyticsWorkspaceResourceID $parLogAnalyticsWorkspaceResourceID -parDdosProtectionPlanId $parDdosProtectionPlanId
New-AzManagementGroupDeployment -Managementgroupid $ManagementGroupId -Location $parLocation -TemplateFile $templateFile -TemplateParameterFile $parameterFile -parTopLevelManagementGroupPrefix $parTopLevelManagementGroupPrefix -parLogAnalyticsWorkSpaceAndAutomationAccountLocation $parLogAnalyticsWorkSpaceAndAutomationAccountLocation -parLogAnalyticsWorkspaceResourceID $parLogAnalyticsWorkspaceResourceID -parDdosProtectionPlanId $parDdosProtectionPlanId -parPrivateDnsResourceGroupId $parPrivateDnsResourceGroupId
$state = 'success'
}
Catch {
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/psdocs-mdtogit.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ on:
- opened
- reopened
- synchronize
paths:
- '**.bicep'

env:
github_user_name: 'github-actions'
Expand Down
16 changes: 16 additions & 0 deletions ...ep/modules/customRoleDefinitions/samples/generateddocs/baseline.sample.bicep.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# Azure template

## Snippets

### Parameter file

```json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"template": "infra-as-code/bicep/modules/customRoleDefinitions/samples/baseline.sample.json"
},
"parameters": {}
}
```
16 changes: 16 additions & 0 deletions ...cep/modules/customRoleDefinitions/samples/generateddocs/minimum.sample.bicep.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# Azure template

## Snippets

### Parameter file

```json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"template": "infra-as-code/bicep/modules/customRoleDefinitions/samples/minimum.sample.json"
},
"parameters": {}
}
```
97 changes: 55 additions & 42 deletions infra-as-code/bicep/modules/hubNetworking/generateddocs/hubNetworking.bicep.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ parAzBastionEnabled | No | Switch to enable/disable Azure Bastion deployme
parAzBastionName | No | Name Associated with Bastion Service: Default: {parCompanyPrefix}-bastion
parAzBastionSku | No | Azure Bastion SKU or Tier to deploy. Currently two options exist Basic and Standard. Default: Standard
parAzBastionNsgName | No | NSG Name for Azure Bastion Subnet NSG. Default: nsg-AzureBastionSubnet
parDdosEnabled | No | Switch to enable/disable DDoS Standard deployment. Default: true
parDdosEnabled | No | Switch to enable/disable DDoS Network Protection deployment. Default: true
parDdosPlanName | No | DDoS Plan Name. Default: {parCompanyPrefix}-ddos-plan
parAzFirewallEnabled | No | Switch to enable/disable Azure Firewall deployment. Default: true
parAzFirewallName | No | Azure Firewall Name. Default: {parCompanyPrefix}-azure-firewall
Expand Down Expand Up @@ -129,7 +129,7 @@ NSG Name for Azure Bastion Subnet NSG. Default: nsg-AzureBastionSubnet

![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)

Switch to enable/disable DDoS Standard deployment. Default: true
Switch to enable/disable DDoS Network Protection deployment. Default: true

- Default value: `True`

Expand Down Expand Up @@ -245,7 +245,7 @@ Resource Group Name for Private DNS Zones. Default: resourceGroup().name

Array of DNS Zones to provision in Hub Virtual Network. Default: All known Azure Private DNS Zones

- Default value: `privatelink.azure-automation.net privatelink.database.windows.net privatelink.sql.azuresynapse.net privatelink.dev.azuresynapse.net privatelink.azuresynapse.net privatelink.blob.core.windows.net privatelink.table.core.windows.net privatelink.queue.core.windows.net privatelink.file.core.windows.net privatelink.web.core.windows.net privatelink.dfs.core.windows.net privatelink.documents.azure.com privatelink.mongo.cosmos.azure.com privatelink.cassandra.cosmos.azure.com privatelink.gremlin.cosmos.azure.com privatelink.table.cosmos.azure.com [format('privatelink.{0}.batch.azure.com', toLower(parameters('parLocation')))] privatelink.postgres.database.azure.com privatelink.mysql.database.azure.com privatelink.mariadb.database.azure.com privatelink.vaultcore.azure.net privatelink.managedhsm.azure.net [format('privatelink.{0}.azmk8s.io', toLower(parameters('parLocation')))] privatelink.siterecovery.windowsazure.com privatelink.servicebus.windows.net privatelink.azure-devices.net privatelink.eventgrid.azure.net privatelink.azurewebsites.net privatelink.api.azureml.ms privatelink.notebooks.azure.net privatelink.service.signalr.net privatelink.monitor.azure.com privatelink.oms.opinsights.azure.com privatelink.ods.opinsights.azure.com privatelink.agentsvc.azure-automation.net privatelink.afs.azure.net privatelink.datafactory.azure.net privatelink.adf.azure.com privatelink.redis.cache.windows.net privatelink.redisenterprise.cache.azure.net privatelink.purview.azure.com privatelink.purviewstudio.azure.com privatelink.digitaltwins.azure.net privatelink.azconfig.io privatelink.cognitiveservices.azure.com privatelink.azurecr.io privatelink.search.windows.net privatelink.azurehdinsight.net privatelink.media.azure.net privatelink.his.arc.azure.com privatelink.guestconfiguration.azure.com`
- Default value: `[format('privatelink.{0}.azmk8s.io', toLower(parameters('parLocation')))] [format('privatelink.{0}.batch.azure.com', toLower(parameters('parLocation')))] [format('privatelink.{0}.kusto.windows.net', toLower(parameters('parLocation')))] privatelink.adf.azure.com privatelink.afs.azure.net privatelink.agentsvc.azure-automation.net privatelink.analysis.windows.net privatelink.api.azureml.ms privatelink.azconfig.io privatelink.azure-api.net privatelink.azure-automation.net privatelink.azurecr.io privatelink.azure-devices.net privatelink.azurehdinsight.net privatelink.azurehealthcareapis.com privatelink.azurestaticapps.net privatelink.azuresynapse.net privatelink.azurewebsites.net privatelink.batch.azure.com privatelink.blob.core.windows.net privatelink.cassandra.cosmos.azure.com privatelink.cognitiveservices.azure.com privatelink.database.windows.net privatelink.datafactory.azure.net privatelink.dev.azuresynapse.net privatelink.dfs.core.windows.net privatelink.dicom.azurehealthcareapis.com privatelink.digitaltwins.azure.net privatelink.directline.botframework.com privatelink.documents.azure.com privatelink.eventgrid.azure.net privatelink.file.core.windows.net privatelink.gremlin.cosmos.azure.com privatelink.guestconfiguration.azure.com privatelink.his.arc.azure.com privatelink.kubernetesconfiguration.azure.com privatelink.managedhsm.azure.net privatelink.mariadb.database.azure.com privatelink.media.azure.net privatelink.mongo.cosmos.azure.com privatelink.monitor.azure.com privatelink.mysql.database.azure.com privatelink.notebooks.azure.net privatelink.ods.opinsights.azure.com privatelink.oms.opinsights.azure.com privatelink.pbidedicated.windows.net privatelink.postgres.database.azure.com privatelink.prod.migration.windowsazure.com privatelink.purview.azure.com privatelink.purviewstudio.azure.com privatelink.queue.core.windows.net privatelink.redis.cache.windows.net privatelink.redisenterprise.cache.azure.net privatelink.search.windows.net privatelink.service.signalr.net privatelink.servicebus.windows.net privatelink.siterecovery.windowsazure.com privatelink.sql.azuresynapse.net privatelink.table.core.windows.net privatelink.table.cosmos.azure.com privatelink.tip1.powerquery.microsoft.com privatelink.token.botframework.com privatelink.vaultcore.azure.net privatelink.web.core.windows.net`

### parVpnGatewayConfig

Expand Down Expand Up @@ -396,57 +396,70 @@ outHubVirtualNetworkId | string |
},
"parPrivateDnsZones": {
"value": [
"[format('privatelink.{0}.azmk8s.io', toLower(parameters('parLocation')))]",
"[format('privatelink.{0}.batch.azure.com', toLower(parameters('parLocation')))]",
"[format('privatelink.{0}.kusto.windows.net', toLower(parameters('parLocation')))]",
"privatelink.adf.azure.com",
"privatelink.afs.azure.net",
"privatelink.agentsvc.azure-automation.net",
"privatelink.analysis.windows.net",
"privatelink.api.azureml.ms",
"privatelink.azconfig.io",
"privatelink.azure-api.net",
"privatelink.azure-automation.net",
"privatelink.database.windows.net",
"privatelink.sql.azuresynapse.net",
"privatelink.dev.azuresynapse.net",
"privatelink.azurecr.io",
"privatelink.azure-devices.net",
"privatelink.azurehdinsight.net",
"privatelink.azurehealthcareapis.com",
"privatelink.azurestaticapps.net",
"privatelink.azuresynapse.net",
"privatelink.azurewebsites.net",
"privatelink.batch.azure.com",
"privatelink.blob.core.windows.net",
"privatelink.table.core.windows.net",
"privatelink.queue.core.windows.net",
"privatelink.file.core.windows.net",
"privatelink.web.core.windows.net",
"privatelink.cassandra.cosmos.azure.com",
"privatelink.cognitiveservices.azure.com",
"privatelink.database.windows.net",
"privatelink.datafactory.azure.net",
"privatelink.dev.azuresynapse.net",
"privatelink.dfs.core.windows.net",
"privatelink.dicom.azurehealthcareapis.com",
"privatelink.digitaltwins.azure.net",
"privatelink.directline.botframework.com",
"privatelink.documents.azure.com",
"privatelink.mongo.cosmos.azure.com",
"privatelink.cassandra.cosmos.azure.com",
"privatelink.eventgrid.azure.net",
"privatelink.file.core.windows.net",
"privatelink.gremlin.cosmos.azure.com",
"privatelink.table.cosmos.azure.com",
"[format('privatelink.{0}.batch.azure.com', toLower(parameters('parLocation')))]",
"privatelink.postgres.database.azure.com",
"privatelink.mysql.database.azure.com",
"privatelink.mariadb.database.azure.com",
"privatelink.vaultcore.azure.net",
"privatelink.guestconfiguration.azure.com",
"privatelink.his.arc.azure.com",
"privatelink.kubernetesconfiguration.azure.com",
"privatelink.managedhsm.azure.net",
"[format('privatelink.{0}.azmk8s.io', toLower(parameters('parLocation')))]",
"privatelink.siterecovery.windowsazure.com",
"privatelink.servicebus.windows.net",
"privatelink.azure-devices.net",
"privatelink.eventgrid.azure.net",
"privatelink.azurewebsites.net",
"privatelink.api.azureml.ms",
"privatelink.notebooks.azure.net",
"privatelink.service.signalr.net",
"privatelink.mariadb.database.azure.com",
"privatelink.media.azure.net",
"privatelink.mongo.cosmos.azure.com",
"privatelink.monitor.azure.com",
"privatelink.oms.opinsights.azure.com",
"privatelink.mysql.database.azure.com",
"privatelink.notebooks.azure.net",
"privatelink.ods.opinsights.azure.com",
"privatelink.agentsvc.azure-automation.net",
"privatelink.afs.azure.net",
"privatelink.datafactory.azure.net",
"privatelink.adf.azure.com",
"privatelink.redis.cache.windows.net",
"privatelink.redisenterprise.cache.azure.net",
"privatelink.oms.opinsights.azure.com",
"privatelink.pbidedicated.windows.net",
"privatelink.postgres.database.azure.com",
"privatelink.prod.migration.windowsazure.com",
"privatelink.purview.azure.com",
"privatelink.purviewstudio.azure.com",
"privatelink.digitaltwins.azure.net",
"privatelink.azconfig.io",
"privatelink.cognitiveservices.azure.com",
"privatelink.azurecr.io",
"privatelink.queue.core.windows.net",
"privatelink.redis.cache.windows.net",
"privatelink.redisenterprise.cache.azure.net",
"privatelink.search.windows.net",
"privatelink.azurehdinsight.net",
"privatelink.media.azure.net",
"privatelink.his.arc.azure.com",
"privatelink.guestconfiguration.azure.com"
"privatelink.service.signalr.net",
"privatelink.servicebus.windows.net",
"privatelink.siterecovery.windowsazure.com",
"privatelink.sql.azuresynapse.net",
"privatelink.table.core.windows.net",
"privatelink.table.cosmos.azure.com",
"privatelink.tip1.powerquery.microsoft.com",
"privatelink.token.botframework.com",
"privatelink.vaultcore.azure.net",
"privatelink.web.core.windows.net"
]
},
"parVpnGatewayConfig": {
Expand Down
34 changes: 34 additions & 0 deletions infra-as-code/bicep/modules/logging/samples/generateddocs/baseline.sample.bicep.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Azure template

## Parameters

Parameter name | Required | Description
-------------- | -------- | -----------
location | No | The Azure location to deploy to.

### location

![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)

The Azure location to deploy to.

- Default value: `[resourceGroup().location]`

## Snippets

### Parameter file

```json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"template": "infra-as-code/bicep/modules/logging/samples/baseline.sample.json"
},
"parameters": {
"location": {
"value": "[resourceGroup().location]"
}
}
}
```
34 changes: 34 additions & 0 deletions infra-as-code/bicep/modules/logging/samples/generateddocs/minimum.sample.bicep.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Azure template

## Parameters

Parameter name | Required | Description
-------------- | -------- | -----------
location | No | The Azure location to deploy to.

### location

![Parameter Setting](https://img.shields.io/badge/parameter-optional-green?style=flat-square)

The Azure location to deploy to.

- Default value: `[resourceGroup().location]`

## Snippets

### Parameter file

```json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"template": "infra-as-code/bicep/modules/logging/samples/minimum.sample.json"
},
"parameters": {
"location": {
"value": "[resourceGroup().location]"
}
}
}
```
16 changes: 16 additions & 0 deletions ...e/bicep/modules/managementGroups/samples/generateddocs/baseline.sample.bicep.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# Azure template

## Snippets

### Parameter file

```json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"template": "infra-as-code/bicep/modules/managementGroups/samples/baseline.sample.json"
},
"parameters": {}
}
```
16 changes: 16 additions & 0 deletions ...de/bicep/modules/managementGroups/samples/generateddocs/minimum.sample.bicep.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# Azure template

## Snippets

### Parameter file

```json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"template": "infra-as-code/bicep/modules/managementGroups/samples/minimum.sample.json"
},
"parameters": {}
}
```
Loading