Skip to content

Commit

Permalink
Merge branch 'main' into main
Browse files Browse the repository at this point in the history
  • Loading branch information
Springstone authored Jul 2, 2024
2 parents 83b97af + f775451 commit dc71bc0
Show file tree
Hide file tree
Showing 4 changed files with 23 additions and 30 deletions.
14 changes: 1 addition & 13 deletions .github/workflows/test-portal.yml
Original file line number Diff line number Diff line change
Expand Up @@ -81,24 +81,12 @@ jobs:
azPSVersion: "latest"

- name: Azure login (OIDC)
uses: azure/login@v1
if: ${{ success() && env.AZURE_CLIENT_SECRET == '' }}
uses: azure/login@v2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
enable-AzPSSession: true
env:
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}

- name: Azure login (Client Secret)
uses: azure/login@v1
if: ${{ success() && env.AZURE_CLIENT_SECRET != '' }}
with:
creds: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
enable-AzPSSession: true
env:
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}

- name: Register subscriptions
uses: azure/powershell@v1
Expand Down
22 changes: 12 additions & 10 deletions eslzArm/eslzArm.json
Original file line number Diff line number Diff line change
Expand Up @@ -1892,6 +1892,7 @@
"ddosName": "[concat(parameters('enterpriseScaleCompanyPrefix'), '-ddos-', parameters('connectivityLocation'))]",
"azFwPolicyName": "[concat(parameters('enterpriseScaleCompanyPrefix'), '-azfwpolicy-', parameters('connectivityLocation'))]",
"azFwName": "[concat(parameters('enterpriseScaleCompanyPrefix'), '-fw-', parameters('connectivityLocation'))]",
"azFwNameSecondary": "[concat(parameters('enterpriseScaleCompanyPrefix'), '-fw-', parameters('connectivityLocationSecondary'))]",
"azErGwIpName": "[concat(parameters('enterpriseScaleCompanyPrefix'), '-erpip-', parameters('connectivityLocation'))]",
"hubName": "[concat(parameters('enterpriseScaleCompanyPrefix'), '-hub-', parameters('connectivityLocation'))]",
"hubNameSecondary": "[concat(parameters('enterpriseScaleCompanyPrefix'), '-hub-', parameters('connectivityLocationSecondary'))]",
Expand All @@ -1918,6 +1919,7 @@
"vWanHubResourceIdSecondary": "[concat('/subscriptions/', variables('singleVsDedicatedConnectivitySub'), '/resourceGroups/', variables('platformRgNames').connectivityRg, '/providers/Microsoft.Network/virtualHubs/', variables('platformResourceNames').hubNameSecondary)]",
"privateDnsRgResourceId": "[concat('/subscriptions/', variables('singleVsDedicatedConnectivitySub'), '/resourceGroups/', variables('platformRgNames').privateDnsRg)]",
"azFirewallResourceId": "[concat('/subscriptions/', variables('singleVsDedicatedConnectivitySub'), '/resourceGroups/', variables('platformRgNames').connectivityRg, '/providers/Microsoft.Network/azureFirewalls/', variables('platformResourceNames').azFwName)]",
"azFirewallResourceIdSecondary": "[concat('/subscriptions/', variables('singleVsDedicatedConnectivitySub'), '/resourceGroups/', variables('platformRgNames').connectivityRgSecondary, '/providers/Microsoft.Network/azureFirewalls/', variables('platformResourceNames').azFwNameSecondary)]",
"userAssignedIdentityResourceId": "[concat('/subscriptions/', variables('singleVsDedicatedMgmtSub'), '/resourceGroups/', variables('platformRgNames').mgmtRg, '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', variables('platformResourceNames').userAssignedIdentity)]"
},
// Declaring deterministic resourceId's for ES Lite platform resources (as they will be consolidated into a single platform subscription)
Expand Down Expand Up @@ -4700,7 +4702,7 @@
},
{
// Creating the virtual network hub (hub and spoke)
"condition": "[and(not(empty(parameters('connectivitySubscriptionId'))),equals(parameters('enableHub'), 'vhub'))]",
"condition": "[and(not(empty(parameters('connectivitySubscriptionId'))), equals(parameters('enableHub'), 'vhub'))]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-10-01",
"scope": "[variables('scopes').connectivityManagementGroup]",
Expand Down Expand Up @@ -4951,7 +4953,7 @@
"value": "[parameters('vWANHubCapacity')]"
},
"enableHubSecondary": {
"value": "[parameters('enableHubSecondary')]"
"value": "[parameters('enableSecondaryRegion')]"
},
"enableAzFwSecondary": {
"value": "[parameters('enableAzFwSecondary')]"
Expand Down Expand Up @@ -5078,7 +5080,7 @@
"value": "[parameters('enablePrivateDnsZonesSecondary')]"
},
"enableHubSecondary": {
"value": "[parameters('enableHubSecondary')]"
"value": "[parameters('enableSecondaryRegion')]"
}
}
}
Expand Down Expand Up @@ -5168,7 +5170,7 @@
*/
{
// Creating the virtual network hub (hub and spoke) in a secondary region
"condition": "[and(not(empty(parameters('connectivitySubscriptionId'))),equals(parameters('enableHubSecondary'), 'vhub'))]",
"condition": "[and(not(empty(parameters('connectivitySubscriptionId'))), equals(parameters('enableSecondaryRegion'), 'Yes'), equals(parameters('enableHubSecondary'), 'vhub'))]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-10-01",
"scope": "[variables('scopes').connectivityManagementGroup]",
Expand Down Expand Up @@ -5264,7 +5266,7 @@
},
{
// Creating the virtual network hub (with NVA) in a secondary region
"condition": "[and(not(empty(parameters('connectivitySubscriptionId'))),equals(parameters('enableHubSecondary'), 'nva'))]",
"condition": "[and(not(empty(parameters('connectivitySubscriptionId'))),equals(parameters('enableSecondaryRegion'), 'Yes'), equals(parameters('enableHubSecondary'), 'nva'))]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-10-01",
"scope": "[variables('scopes').connectivityManagementGroup]",
Expand Down Expand Up @@ -5342,7 +5344,7 @@
},
{
// Peering the primary hub and the secondary hub (when nva or vhub is selected)
"condition": "[and(not(empty(parameters('connectivitySubscriptionId'))), or(equals(parameters('enableHub'), 'nva'), equals(parameters('enableHub'), 'vhub')), or(equals(parameters('enableHubSecondary'), 'nva'), equals(parameters('enableHubSecondary'), 'vhub')))]",
"condition": "[and(not(empty(parameters('connectivitySubscriptionId'))), or(equals(parameters('enableHub'), 'nva'), equals(parameters('enableHub'), 'vhub')), or(equals(parameters('enableHubSecondary'), 'nva'), equals(parameters('enableHubSecondary'), 'vhub')), equals(parameters('enableSecondaryRegion'), 'Yes'))]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "[variables('deploymentNames').hubPeeringDeploymentName]",
Expand Down Expand Up @@ -7087,7 +7089,7 @@
},
{
// Peer vnet in identity subscription to connectivity hub in a secondary region if vhub or nva condition is true
"condition": "[and(or(equals(parameters('enableHubSecondary'), 'nva'), equals(parameters('enableHubSecondary'), 'vhub')), not(empty(parameters('identityAddressPrefix'))))]",
"condition": "[and(or(equals(parameters('enableHubSecondary'), 'nva'), equals(parameters('enableHub'), 'vhub')), not(empty(parameters('identityAddressPrefixSecondary'))))]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "[variables('deploymentNames').identityPeering2DeploymentName]",
Expand Down Expand Up @@ -8240,7 +8242,7 @@
*/
{
// Configuring and deploying the connectivity hub (hub and spoke) in a secondary region
"condition": "[and(not(empty(parameters('singlePlatformSubscriptionId'))),equals(parameters('enableHubSecondary'), 'vhub'))]",
"condition": "[and(not(empty(parameters('singlePlatformSubscriptionId'))), equals(parameters('enableSecondaryRegion'), 'Yes'), equals(parameters('enableHubSecondary'), 'vhub'))]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2019-05-01",
"scope": "[variables('scopes').platformManagementGroup]",
Expand Down Expand Up @@ -8337,7 +8339,7 @@
*/
{
// Configuring and deploying the connectivity hub (NVA) in a secondary region
"condition": "[and(not(empty(parameters('singlePlatformSubscriptionId'))),equals(parameters('enableHubSecondary'), 'nva'))]",
"condition": "[and(not(empty(parameters('singlePlatformSubscriptionId'))), equals(parameters('enableSecondaryRegion'), 'Yes'), equals(parameters('enableHubSecondary'), 'nva'))]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2019-05-01",
"scope": "[variables('scopes').platformManagementGroup]",
Expand Down Expand Up @@ -8416,7 +8418,7 @@
*/
{
// Peering the primary hub and the secondary hub (when nva or vhub is selected)
"condition": "[and(not(empty(parameters('singlePlatformSubscriptionId'))), or(equals(parameters('enableHub'), 'nva'), equals(parameters('enableHub'), 'vhub')), or(equals(parameters('enableHubSecondary'), 'nva'), equals(parameters('enableHubSecondary'), 'vhub')))]",
"condition": "[and(not(empty(parameters('singlePlatformSubscriptionId'))), or(equals(parameters('enableHub'), 'nva'), equals(parameters('enableHub'), 'vhub')), or(equals(parameters('enableHubSecondary'), 'nva'), equals(parameters('enableHubSecondary'), 'vhub')), equals(parameters('enableSecondaryRegion'), 'Yes'))]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "[variables('esLitedeploymentNames').hubPeeringDeploymentName]",
Expand Down
9 changes: 6 additions & 3 deletions eslzArm/subscriptionTemplates/hubspoke-connectivity.json
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,7 @@
"azErGwIpName": "[concat(variables('erGwName'), '-pip')]",
"azVpnGwPipId": "[concat('/subscriptions/', parameters('connectivitySubscriptionId'), '/resourceGroups/', variables('rgName'), '/providers/Microsoft.Network/publicIPAddresses/', variables('azVpnGwIpName'))]",
"azVpnGwAAPipId": "[concat('/subscriptions/', parameters('connectivitySubscriptionId'), '/resourceGroups/', variables('rgName'), '/providers/Microsoft.Network/publicIPAddresses/', variables('azVpnGwAAIpName'))]",
"azVpnPIPZones": "[split('1,2,3', ',')]",
"azFwIpName": "[concat(variables('azFwName'), '-pip')]",
"azFwMgmtIpName": "[concat(variables('azFwName'), '-mgmtpip')]",
"azErGwSubnetId": "[concat('/subscriptions/', parameters('connectivitySubscriptionId'), '/resourceGroups/', variables('rgName'),'/providers/Microsoft.Network/virtualNetworks/', variables('hubname'), '/subnets/GatewaySubnet')]",
Expand Down Expand Up @@ -298,10 +299,11 @@
},
{
"condition": "[and(equals(parameters('enableVpnGw'), 'Yes'), not(empty(parameters('subnetMaskForGw'))))]",
"apiVersion": "2020-05-01",
"apiVersion": "2023-11-01",
"type": "Microsoft.Network/publicIpAddresses",
"location": "[parameters('location')]",
"name": "[variables('azVpnGwIpName')]",
"zones": "[if(equals(parameters('gwRegionalOrAz'), 'Zone'), variables('azVpnPIPZones'), json('null'))]",
"sku": {
"name": "Standard"
},
Expand All @@ -311,10 +313,11 @@
},
{
"condition": "[and(equals(parameters('enableVpnGw'), 'Yes'), equals(parameters('enableVpnActiveActive'),'Yes'), not(empty(parameters('subnetMaskForGw'))))]",
"apiVersion": "2020-05-01",
"apiVersion": "2023-11-01",
"type": "Microsoft.Network/publicIpAddresses",
"location": "[parameters('location')]",
"name": "[variables('azVpnGwAAIpName')]",
"zones": "[if(equals(parameters('gwRegionalOrAz'), 'Zone'), variables('azVpnPIPZones'), json('null'))]",
"sku": {
"name": "Standard"
},
Expand All @@ -324,7 +327,7 @@
},
{
"condition": "[and(equals(parameters('enableVpnGw'), 'Yes'), equals(parameters('enableVpnActiveActive'),'No'), not(empty(parameters('subnetMaskForGw'))))]",
"apiVersion": "2020-05-01",
"apiVersion": "2023-11-01",
"name": "[variables('vpngwname')]",
"type": "Microsoft.Network/virtualNetworkGateways",
"location": "[parameters('location')]",
Expand Down
8 changes: 4 additions & 4 deletions eslzArm/subscriptionTemplates/vwan-connectivity.json
Original file line number Diff line number Diff line change
Expand Up @@ -157,7 +157,7 @@
"enableHubSecondary": {
"type": "string",
"allowedValues": [
"vwan",
"Yes",
"No"
],
"defaultValue": "No"
Expand Down Expand Up @@ -477,7 +477,7 @@
},
//Begin Secondary vhub Deployment
{
"condition": "[and(equals(parameters('enableHubSecondary'), 'vwan'), not(empty(parameters('addressPrefixSecondary'))))]",
"condition": "[and(equals(parameters('enableHubSecondary'), 'Yes'), not(empty(parameters('addressPrefixSecondary'))))]",
"type": "Microsoft.Network/virtualHubs",
"apiVersion": "2023-04-01",
"location": "[parameters('locationSecondary')]",
Expand All @@ -498,7 +498,7 @@
}
},
{
"condition": "[and(equals(parameters('enableHubSecondary'), 'vwan'), equals(parameters('enableVpnGwSecondary'), 'Yes'))]",
"condition": "[and(equals(parameters('enableHubSecondary'), 'Yes'), equals(parameters('enableVpnGwSecondary'), 'Yes'))]",
"type": "Microsoft.Network/vpnGateways",
"apiVersion": "2020-05-01",
"location": "[parameters('locationSecondary')]",
Expand All @@ -517,7 +517,7 @@
}
},
{
"condition": "[and(equals(parameters('enableHubSecondary'), 'vwan'), equals(parameters('enableErGwSecondary'), 'Yes'))]",
"condition": "[and(equals(parameters('enableHubSecondary'), 'Yes'), equals(parameters('enableErGwSecondary'), 'Yes'))]",
"type": "Microsoft.Network/expressRouteGateways",
"apiVersion": "2020-05-01",
"location": "[parameters('locationSecondary')]",
Expand Down

0 comments on commit dc71bc0

Please sign in to comment.