Skip to content

Commit

Permalink
.
Browse files Browse the repository at this point in the history
  • Loading branch information
@Springstone
Springstone committed Dec 9, 2024
1 parent a65e24c commit 5c9c058
Showing 1 changed file with 178 additions and 176 deletions.
354 changes: 178 additions & 176 deletions eslzArm/prerequisites/deployPrerequisites1.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,186 +42,188 @@
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2022-09-01",
"name": "[parameters('resourceGroupName')]",
"location": "[parameters('location')]"
{
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2022-09-01",
"name": "[parameters('resourceGroupName')]",
"location": "[parameters('location')]"
}
]
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2022-09-01",
"name": "alz-prerequisites-uai",
"subscriptionId": "[parameters('managementSubscriptionId')]",
"resourceGroup": "[parameters('resourceGroupName')]",
"properties": {
"expressionEvaluationOptions": {
"scope": "inner"
},
"mode": "Incremental",
"parameters": {
"location": {
"value": "[parameters('location')]"
},
"eslzRootName": {
"value": "[parameters('eslzRootName')]"
}
},
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string"
},
"eslzRootName": {
"type": "string"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.ManagedIdentity/userAssignedIdentities",
"apiVersion": "2022-01-31-preview",
"name": "[format('uai-prereq-{0}', parameters('location'))]",
"location": "[parameters('location')]",
"metadata": {
"description": "This user assigned identity is used by the Deployment Script resource to interact with Azure resources."
}
},
{
"type": "Microsoft.Authorization/roleAssignments",
"apiVersion": "2022-04-01",
"name": "[guid(resourceGroup().id, format('uai-prereq-{0}', parameters('location')))]",
"properties": {
"roleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c')]",
"principalId": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', format('uai-prereq-{0}', parameters('location'))), '2022-01-31-preview').principalId]",
"principalType": "ServicePrincipal"
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2022-09-01",
"name": "alz-prerequisites-uai",
"resourceGroup": "[parameters('resourceGroupName')]",
"properties": {
"expressionEvaluationOptions": {
"scope": "inner"
},
"mode": "Incremental",
"parameters": {
"location": {
"value": "[parameters('location')]"
},
"eslzRootName": {
"value": "[parameters('eslzRootName')]"
}
},
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string"
},
"eslzRootName": {
"type": "string"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.ManagedIdentity/userAssignedIdentities",
"apiVersion": "2022-01-31-preview",
"name": "[format('uai-prereq-{0}', parameters('location'))]",
"location": "[parameters('location')]",
"metadata": {
"description": "This user assigned identity is used by the Deployment Script resource to interact with Azure resources."
}
},
{
"type": "Microsoft.Authorization/roleAssignments",
"apiVersion": "2022-04-01",
"name": "[guid(resourceGroup().id, format('uai-prereq-{0}', parameters('location')))]",
"properties": {
"roleDefinitionId": "[subscriptionResourceId('Microsoft.Authorization/roleDefinitions', 'b24988ac-6180-42a0-ab88-20f7382dd24c')]",
"principalId": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', format('uai-prereq-{0}', parameters('location'))), '2022-01-31-preview').principalId]",
"principalType": "ServicePrincipal"
},
"dependsOn": [
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', format('uai-prereq-{0}', parameters('location')))]"
],
"metadata": {
"description": "This role assignment grants the user assigned identity the Contributor role on the resource group."
}
}
],
"outputs": {
"userAssignedIdentityId": {
"type": "string",
"value": "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', format('uai-prereq-{0}', parameters('location')))]"
}
}
}
},
"dependsOn": [
"[subscriptionResourceId('Microsoft.Resources/resourceGroups', parameters('resourceGroupName'))]",
"alz-prerequisites-createRG"
]
"dependsOn": [
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', format('uai-prereq-{0}', parameters('location')))]"
],
"metadata": {
"description": "This role assignment grants the user assigned identity the Contributor role on the resource group."
}
}
],
"outputs": {
"userAssignedIdentityId": {
"type": "string",
"value": "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', format('uai-prereq-{0}', parameters('location')))]"
}
}
}
},
"dependsOn": [
"[subscriptionResourceId('Microsoft.Resources/resourceGroups', parameters('resourceGroupName'))]",
"alz-prerequisites-createRG"
]
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2022-09-01",
"name": "[format('ds-{0}-prereqs', parameters('location'))]",
"subscriptionId": "[parameters('managementSubscriptionId')]",
"resourceGroup": "[parameters('resourceGroupName')]",
"properties": {
"expressionEvaluationOptions": {
"scope": "inner"
},
"mode": "Incremental",
"parameters": {
"location": {
"value": "[parameters('location')]"
},
"userAssignedIdentityId": {
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', 'alz-prerequisites-uai'), '2022-09-01').outputs.userAssignedIdentityId.value]"
},
"eslzRootName": {
"value": "[parameters('eslzRootName')]"
}
},
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string"
},
"eslzRootName":{
"type": "string"
},
"userAssignedIdentityId": {
"type": "string"
}
},
"resources": [
{
"type": "Microsoft.Resources/deploymentScripts",
"apiVersion": "2020-10-01",
"name": "alz-prereq-deploymentscript",
"location": "[parameters('location')]",
"kind": "AzurePowerShell",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"[format('{0}', parameters('userAssignedIdentityId'))]": {}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2022-09-01",
"name": "[format('ds-{0}-prereqs', parameters('location'))]",
"resourceGroup": "[parameters('resourceGroupName')]",
"properties": {
"expressionEvaluationOptions": {
"scope": "inner"
},
"mode": "Incremental",
"parameters": {
"location": {
"value": "[parameters('location')]"
},
"userAssignedIdentityId": {
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', 'alz-prerequisites-uai'), '2022-09-01').outputs.userAssignedIdentityId.value]"
},
"eslzRootName": {
"value": "[parameters('eslzRootName')]"
}
},
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string"
},
"eslzRootName":{
"type": "string"
},
"userAssignedIdentityId": {
"type": "string"
}
},
"resources": [
{
"type": "Microsoft.Resources/deploymentScripts",
"apiVersion": "2020-10-01",
"name": "alz-prereq-deploymentscript",
"location": "[parameters('location')]",
"kind": "AzurePowerShell",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"[format('{0}', parameters('userAssignedIdentityId'))]": {}
}
},
"properties": {
"azPowerShellVersion": "12.3",
"retentionInterval": "PT1H",
"timeout": "PT2H",
"arguments": "[format('-eslzRootName \"{0}\"', parameters('eslzRootName'))]",
"scriptContent": "
param(
[Parameter(Mandatory=$true, HelpMessage=\"Enter the ESLZ root name.\")]
[string]
$eslzRootName
)

#API call to register the Microsoft.Network provider against intermediate resource group for AVNM
Invoke-AzRestMethod -Method POST -Uri \"https://management.azure.com/providers/Microsoft.Management/managementGroups/$eslzRootName/providers/Microsoft.Network/register?api-version=2021-04-01\"

#Sleep for XX minutes to wait for Management Groups to load to cache before assignments
Start-Sleep -Duration (New-TimeSpan -Minutes 10)

$result = \"\"
$count = 0

do {
$result = Invoke-AzRestMethod -Method POST -Uri \"https://management.azure.com/providers/Microsoft.Management/managementGroups/$eslzRootName/providers/Microsoft.Network/register?api-version=2021-04-01\"
$count++
Start-Sleep -Seconds 30
Write-Host 'MG RP Register - Status Code: ' $result.StatusCode ' Count: ' $count
} while ($result.StatusCode -ne 200 -and $count -lt 10)

#Register all resource providers
$subs = Search-AzGraph -Query \"ResourceContainers | where type =~ 'microsoft.resources/subscriptions'\" -ManagementGroup $eslzRootName
$rps = @('Microsoft.Insights','Microsoft.AlertsManagement','Microsoft.OperationalInsights','Microsoft.OperationsManagement','Microsoft.Automation','Microsoft.AlertsManagement','Microsoft.Security','Microsoft.Network','Microsoft.EventGrid','Microsoft.ManagedIdentity','Microsoft.GuestConfiguration','Microsoft.Advisor','Microsoft.PolicyInsights')

foreach ($sub in $subs) {
Select-AzSubscription -SubscriptionId $sub.id
Write-Host 'Registering resource providers for subscription: ' $sub.id
Get-AzResourceProvider -ProviderNamespace $rps | where {$_.RegistrationState -ne \"Registered\"} | Register-AzResourceProvider
}
"
},
"metadata": {
"description": "Create a Deployment Script resource to perform the prerequisites."
}
}
],
"outputs": {}
}
},
"dependsOn": [
"[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', 'alz-prerequisites-uai')]",
"[subscriptionResourceId('Microsoft.Resources/resourceGroups', parameters('resourceGroupName'))]",
"alz-prerequisites-createRG"
]
"properties": {
"azPowerShellVersion": "12.3",
"retentionInterval": "PT1H",
"timeout": "PT2H",
"arguments": "[format('-eslzRootName \"{0}\"', parameters('eslzRootName'))]",
"scriptContent": "
param(
[Parameter(Mandatory=$true, HelpMessage=\"Enter the ESLZ root name.\")]
[string]
$eslzRootName
)

#API call to register the Microsoft.Network provider against intermediate resource group for AVNM
Invoke-AzRestMethod -Method POST -Uri \"https://management.azure.com/providers/Microsoft.Management/managementGroups/$eslzRootName/providers/Microsoft.Network/register?api-version=2021-04-01\"

#Sleep for XX minutes to wait for Management Groups to load to cache before assignments
Start-Sleep -Duration (New-TimeSpan -Minutes 10)

$result = \"\"
$count = 0

do {
$result = Invoke-AzRestMethod -Method POST -Uri \"https://management.azure.com/providers/Microsoft.Management/managementGroups/$eslzRootName/providers/Microsoft.Network/register?api-version=2021-04-01\"
$count++
Start-Sleep -Seconds 30
Write-Host 'MG RP Register - Status Code: ' $result.StatusCode ' Count: ' $count
} while ($result.StatusCode -ne 200 -and $count -lt 10)

#Register all resource providers
$subs = Search-AzGraph -Query \"ResourceContainers | where type =~ 'microsoft.resources/subscriptions'\" -ManagementGroup $eslzRootName
$rps = @('Microsoft.Insights','Microsoft.AlertsManagement','Microsoft.OperationalInsights','Microsoft.OperationsManagement','Microsoft.Automation','Microsoft.AlertsManagement','Microsoft.Security','Microsoft.Network','Microsoft.EventGrid','Microsoft.ManagedIdentity','Microsoft.GuestConfiguration','Microsoft.Advisor','Microsoft.PolicyInsights')

foreach ($sub in $subs) {
Select-AzSubscription -SubscriptionId $sub.id
Write-Host 'Registering resource providers for subscription: ' $sub.id
Get-AzResourceProvider -ProviderNamespace $rps | where {$_.RegistrationState -ne \"Registered\"} | Register-AzResourceProvider
}
"
},
"metadata": {
"description": "Create a Deployment Script resource to perform the prerequisites."
}
]
}
],
"outputs": {}
}
}
},
"dependsOn": [
"[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', subscription().subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', 'alz-prerequisites-uai')]",
"[subscriptionResourceId('Microsoft.Resources/resourceGroups', parameters('resourceGroupName'))]",
"alz-prerequisites-createRG"
]
}
],
"outputs": {}
Expand Down

0 comments on commit 5c9c058

Please sign in to comment.