Skip to content

Latest commit

 

History

History
62 lines (41 loc) · 4.64 KB

README.md

File metadata and controls

62 lines (41 loc) · 4.64 KB

Examples

In this directory are examples of how to add and extend functionality on-top of MissionLZ.

You must first deploy MissionLZ, then you can deploy these examples. Since most examples re-use outputs from the base deployment of MLZ, we make use of the shared variable file pattern to make it easier to share common variables across all of the examples.

Example Explanations

Example Description
appServicePlan Deploys an App Service Plan (AKA: Web Server Cluster) to support simple web accessible linux docker containers with optional dynamic auto scaling.
Automation Account Deploys an Azure Automation account that can be used to execute runbooks.
Container Registry Deploys an Azure Container Registry for holding and deploying docker containers.
Inherit Tags Adds or replaces a specified tag and value from the parent resource group when any resource is created or updated.
KeyVault Deploys a premium Azure Key Vault with RBAC enabled to support secret, key, and certificate management.
New Workload Adds a new Spoke Network and peers it to the Hub Network routing all traffic to the Azure Firewall.
Remote Access Adds a Bastion Host and a virtual machine to serve as a jumpbox into the network.
Azure Sentinel A Terraform module that adds an Azure Sentinel solution to a Log Analytics Workspace. Sentinel can also be deployed via bicep and the base deployment of mlz.bicep by using the boolean param '-deploySentinel'.
Zero Trust (TIC3.0) Workbook Deploys an Azure Sentinel Zero Trust (TIC3.0) Workbook

Shared Variable File Pattern (deploymentVariables.json)

The shared variable file pattern reduced the repeition of shared values in a library of bicep files. This pattern is utilized for all examples modules though in almost all cases you can over-ride the shared variable value by supplying custom parameter values at run time.

Shown below are two ways by which the shared variable file (deploymentVariables.json) can be generated. The first utilizing PowerShell Core and the second using the Azure CLI. A deployment of mlz.bicep is required, please make note of the name and region of the deployment.

PowerShell Core

Shown below are step by step instructions for generated the needed deploymentVariables.json file utilizing PowerShell Core and the Auzre PowerShell module. PowerShell and the Azure PowerShell module are open-source and avaliable for all major operating systems.

Execute the following commands from '.\src\bicep\examples'

Connect-AzAccount
(Get-AzSubscriptionDeployment -Name MLZDeploymentName).outputs | ConvertTo-Json | Out-File -FilePath .\deploymentVariables.json

Replace "MLZDeploymentName" with your deployment name. If you do not know your deployment name then log into the Azure management portal, browse to 'Subscriptions', select the subscription MLZ was deployed into, and then look at 'Deployments' to obtain the deployment name.

Place the 'deploymentVariables.json' file '.\src\bicep\examples' folder.

Azure CLI

Shown below are step by step instructions for generated the needed deploymentVariables.json file utilizing the Azure CLI. The Azure CLI is open-source and avaliable for all major operating systems.

Execute the following commands from '.\src\bicep\examples'

az login
az deployment sub show -n MLZDeploymentName --query properties.outputs > ./deploymentVariables.json

Replace "MLZDeploymentName" with your deployment name. If you do not know your deployment name then log into the Azure management portal, browse to 'Subscriptions', select the subscription MLZ was deployed into, and then look at 'Deployments' to obtain the deployment name.

Place the 'deploymentVariables.json' file '.\src\bicep\examples' folder. For a specific example of a Bicep template utilizing 'deploymentVariables.json', take a look at .\appServicePlan\appService.bicep