From 1110c743b7a8178142040e5dc69e5230202c4ce2 Mon Sep 17 00:00:00 2001 From: Wanpeng <97911035+wanpengyang@users.noreply.github.com> Date: Wed, 20 Mar 2024 13:30:43 +0000 Subject: [PATCH] Squashed commit of the following: commit b8a9bc91168f5afe9cb4c6ea35148714c11b4761 Author: Steve Keeler Date: Thu Sep 1 15:31:28 2022 -0400 Version August 2022 schema changes (#342) commit 5851a09acff454df0bb8bbb2d6406fcd9a8efb6d Author: Senthuran Sivananthan Date: Wed Aug 17 18:50:15 2022 -0400 Revised Event Hub Diagnostic Settings policy (#339) commit e5fe39930e55ae9cb62745499d1a520a098693df Author: Senthuran Sivananthan Date: Wed Aug 17 18:37:43 2022 -0400 Update diagnostic settings profile name (#337) commit db52627fe3769b7430c99be757f9761238b27adc Author: Senthuran Sivananthan Date: Wed Aug 17 18:17:12 2022 -0400 Suppress false positive linter warning: secure-secrets-in-params (#335) commit 2a6042d38ccd04844d9cc445e0a95ead182e5a6b Author: Senthuran Sivananthan Date: Wed Aug 17 17:59:13 2022 -0400 Network security group support for private endpoints subnet (#333) commit e069a4b6ac4f5be8d7614eeb5a67d0cfb3534e52 Author: Senthuran Sivananthan Date: Wed Aug 17 17:28:39 2022 -0400 Support data collection rule (#331) commit c2afa0d99717c56bacc211cfb5ed13234880d9a1 Author: Senthuran Sivananthan Date: Mon Aug 8 15:42:22 2022 -0400 Support azkms.core.windows.net and IPs in firewall allow list (#329) commit a7f521dcf919114a9441296407fc4dd06be46927 Author: Senthuran Sivananthan Date: Tue Jul 19 23:31:56 2022 -0400 Add missing log categories in diagnostic settings for Azure Firewall (#324) commit 60198bc19eb4d87d0bbebc24d4c2fe240d2297ab Author: Senthuran Sivananthan Date: Tue Jul 19 23:11:10 2022 -0400 Resolve linter warning: prefer-unquoted-property-names (#322) commit a4e53fffe4b1f2a2fdbf25ec92a181ef625dd240 Author: Sabyasachi Dasgupta Date: Mon Jul 18 16:44:01 2022 -0400 Update machinelearning.md (#327) commit 8fc587a6bf2e53e516ded633d96c652874ab5875 Author: Ifyagolu <55541295+Ifyagolu@users.noreply.github.com> Date: Fri Jun 24 17:05:28 2022 -0400 Fix typo in onboarding guidance (#320) commit e9a0962b7db12c5438782d2597afd494de5354b2 Author: Islam Gomaa Date: Fri May 27 16:13:52 2022 -0400 Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (#313) commit 2b11801386654f6b3f68bd63c887d74ec7a4fdb8 Author: Senthuran Sivananthan Date: Thu May 19 10:38:55 2022 -0400 Add service health notification info (#310) commit bce747c9fdc96c2be78881a4dc9276351ff40b64 Author: Senthuran Sivananthan Date: Wed May 18 09:29:03 2022 -0400 Update resource group names for Logging & Networking (#309) Remove `-rg` suffix commit 6765c48680e47ccc380ab0df929e3cd1af4f8a5b Author: Senthuran Sivananthan Date: Tue May 17 15:14:33 2022 -0400 Serial defender plan deployments & revised resource/resource group names (#307) commit 62adb00d6a8561030b39272f1d710c2a4e0cfcba Author: Senthuran Sivananthan Date: Mon May 16 13:53:37 2022 -0400 Log Analytics solutions for SQL servers on machines (#303) commit c1a3b99c969f802d8325245387b617f21bc0c921 Author: Senthuran Sivananthan Date: Mon May 16 09:26:47 2022 -0400 Flexible policy deployment using PowerShell & GitHub Actions (#300) commit 0ce5c1ac9ef8ff728a19e608bf8bd3654b453cbb Author: Senthuran Sivananthan Date: Sun May 15 12:19:01 2022 -0400 Disable fail fast for matrix deployments (#297) commit c078a797d9be10bf1b2dc7bed01957637ddb73ea Author: Senthuran Sivananthan Date: Sun May 15 11:19:43 2022 -0400 Concurrent role deployment with PowerShell & GitHub Actions (#299) commit 31a214abbf65c10b106962b1493a1830e37f9702 Author: Senthuran Sivananthan Date: Sun May 15 10:39:08 2022 -0400 Disable metrics in diagnostic settings for AKS through Policy (#295) commit 6a90a2fe9d881730a32303fe6a10d1bbcc22f943 Author: Senthuran Sivananthan Date: Wed May 11 10:56:26 2022 -0400 Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (#289) commit c4133077e1d97a6beaa6e4811588236912d5c768 Author: Senthuran Sivananthan Date: Tue May 10 16:46:06 2022 -0400 Ensure multiple subscriptions can be moved to a management in parallel (#288) Ensure deployment name for moving subscription is unique commit 93d2f13847d56c195e2c170d314a3bbc5cfe5c63 Author: Senthuran Sivananthan Date: Tue May 10 14:53:18 2022 -0400 Support jobs in GitHub Actions (#286) commit 31e8d0ab602bfcf856c9134666eb4814817d6964 Author: Steve Keeler Date: Tue May 10 12:30:36 2022 -0400 Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (#285) commit 229b14466384252ba034546095f5c21a932cb6fc Author: Steve Keeler Date: Mon May 9 20:41:06 2022 -0400 Fix DeploySubscriptionIds parameter type casting (#282) commit 799ad52d778ebbc4fc4ed53d56c872d56ab2fc29 Author: Senthuran Sivananthan Date: Mon May 9 20:10:33 2022 -0400 Pass-thru secure strings as-is until ready for use (#281) commit a9c941948d51c59c758d07bce702bcb36aee70ec Author: Steve Keeler Date: Mon May 9 17:11:12 2022 -0400 Add environment configuration override and protect sensitive parameters (#280) commit ce6c27f4e02cf194b3b13574c2caf4b60f8e8205 Author: Senthuran Sivananthan Date: Mon May 9 11:23:57 2022 -0400 Support schema validation (#277) commit 1d8dbd7bafc62b402719fb187698cfd950e8e3df Author: Steve Keeler Date: Mon May 9 08:07:26 2022 -0400 GitHub workflow implementation (#276) Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector commit 08d8f9256aaf3236a6920abe67e7d58b95887a0c Author: Senthuran Sivananthan Date: Mon May 2 16:03:02 2022 -0400 Deployment flow diagram (#274) commit db098e17a13f111c18aa3af33c81f1cb54979cd1 Author: Senthuran Sivananthan Date: Fri Apr 29 22:37:58 2022 -0400 Powershell deployment script for archetypes (#273) Support for deploying subscriptions commit 15c2847a4255108680937da0192d54ccc2d7f16c Author: Senthuran Sivananthan Date: Fri Apr 29 16:29:22 2022 -0400 PowerShell deployment scripts (#271) commit 352257187e7d03bf5abade4a18302bdd310ab82c Author: Senthuran Sivananthan Date: Wed Apr 27 18:10:23 2022 -0400 Snapshot ARM parameters JSON schemas (#268) commit 60f3b59013e27c549e2d57bd16fba2ea26bf12b5 Author: Senthuran Sivananthan Date: Wed Apr 27 17:29:58 2022 -0400 Organize deployment parameters for Hub Networking with NVA (#266) commit 926521a1c01ab420ccaa319d47516a2870cf3a15 Author: ghostme Date: Wed Apr 27 15:20:08 2022 -0400 Updated documentation (#267) commit d68824a2eed32c62cc199f374ba15ea732025241 Author: Senthuran Sivananthan Date: Mon Apr 25 14:32:25 2022 -0400 Organize deployment parameters for Hub Networking with Azure Firewall (#265) commit 2bc196a0960bfecb9c545226000c5c34dbbabec8 Author: Senthuran Sivananthan Date: Mon Apr 25 14:03:31 2022 -0400 Support for optional subnets in Machine Learning & Healthcare archetypes (#264) commit b33cd36261fd797834cdcbeebe53ce1262ef21ac Author: Senthuran Sivananthan Date: Thu Apr 21 09:32:43 2022 -0400 Update common.yml example (#262) commit 300835322afd2d85f34aa8b8ff5921d3839c2e6c Author: Senthuran Sivananthan Date: Wed Apr 20 12:44:45 2022 -0400 Removed extra configuration files (#260) commit 1ee5b9e736feca7270c4ad62d27c4366751f1cab Author: Senthuran Sivananthan Date: Wed Apr 20 11:56:14 2022 -0400 Revise subnet configuration for Healthcare archetype (#256) commit 72fe50db665710eabc8e6edffae5d658d0497822 Author: Senthuran Sivananthan Date: Wed Apr 20 11:43:09 2022 -0400 Revise subnet configuration for Machine Learning archetype (#254) commit 70833771ac433d5de7950423dd8085777bfb03be Author: Senthuran Sivananthan Date: Wed Apr 20 11:38:07 2022 -0400 Revise subnet configuration for Generic Subscription archetype (#252) commit 3d9c60d251a98b2ebc400aadb2c452f3f6262712 Author: Senthuran Sivananthan Date: Wed Apr 20 11:30:10 2022 -0400 Migrate Networking configuration to JSON parameters file (#250) commit 38fc344508cd6b4707aac0fca2e0cf3e8609a882 Author: Mohamed Sharaf Date: Wed Apr 20 10:29:52 2022 -0400 Azure Active Directory support for Synapse (#259) commit 89613dbc876831f543f2749cbe6f804278a65612 Author: Senthuran Sivananthan Date: Tue Apr 12 21:31:06 2022 -0400 Include new Databricks' log categories for diagnostic settings (#248) Add new databricks' log categories for diagnostic settings commit 700eb9645cbde1435bdda80b28faa03a52dee671 Author: Senthuran Sivananthan Date: Tue Apr 12 17:33:12 2022 -0400 Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (#246) Update Private DNS Zone policy to support multiple dnsZoneConfigs commit 1c3727990cc12a401c0ecebdbf31234d71c472ab Author: Senthuran Sivananthan Date: Mon Apr 11 11:24:00 2022 -0400 Support logging infrastructure for multiple regions in same subscription (#244) Ensure subscription scoped deployments are unique per region commit 0e258f96cd99c622665d382d73aeba1e78f52319 Author: Steve Keeler Date: Sat Apr 9 13:50:50 2022 -0400 Update azure-devops-pipelines.md (#242) commit bfe1f588adc59922145fcf9a47c19173130cf321 Author: Senthuran Sivananthan Date: Fri Apr 8 11:31:52 2022 -0400 Migrate Logging configuration to JSON parameters file (#236) commit cc5f017b01e06331d4246d5fc0286cf50d525470 Author: Senthuran Sivananthan Date: Fri Apr 8 10:26:12 2022 -0400 PBMM & HITRUST/HIPAA policy update (#238) commit 3259994f47c482153368a9fb115ce60b9e3488fb Author: Steve Keeler Date: Tue Apr 5 14:41:17 2022 -0400 Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script #233 (#234) commit cb96311bf94224c1cf94470320c9c8fec029e165 Author: ccmsft <98336965+ccmsft@users.noreply.github.com> Date: Mon Apr 4 09:39:17 2022 -0400 Updating recommendations to reflect licensing reqs (#229) commit 3ce2cf875b5d6c9464a0262f183a37f40399f8dd Author: Senthuran Sivananthan Date: Fri Apr 1 22:49:44 2022 -0400 Use built-in policy for Cosmos DB for Defender Plan (#232) * Use built-in policy for Cosmos DB for Defender Plan * Add branch config * Remove branch config commit d2f959a2550b694d79fb0aa6d1a9d2b8166090c8 Author: ghostme Date: Fri Apr 1 10:05:21 2022 -0400 Update networking documentation for generic subscription archetype (#230) commit 575440e4c629b1c00686ba62e5911749375832ff Author: ccmsft <98336965+ccmsft@users.noreply.github.com> Date: Wed Mar 30 23:36:35 2022 -0400 Initial GC 30-day cloud guardrails compliance/guidance (#226) Initial GC 30-day cloud guardrails doc commit 6b36096f2356255a967a7d9cd14dd04a5dc3b6ce Author: Senthuran Sivananthan Date: Wed Mar 30 22:40:17 2022 -0400 Externalize Log Analytics Workspace parameters when loading pipeline variables (#220) Externalize the log analytics parameters to load arbitary LAW variables commit 0210df4fd3a11dfcaee3a82f2da1e2315bf70400 Author: Senthuran Sivananthan Date: Wed Mar 30 21:51:30 2022 -0400 Flexible policy assignment parameters JSON files (#222) commit f25f95781d6f9f3c2169bbe4b148c3b748a6ac93 Author: Senthuran Sivananthan Date: Wed Mar 30 20:57:07 2022 -0400 Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (#228) * Change Cosmos DB namespace to Microsoft.DocumentDB * Add branch config * Remove branch config commit 453a0f8bc78dbf7a78c46d01f0cde28b3ab2bbaa Author: Steve Keeler Date: Wed Mar 30 19:00:07 2022 -0400 Improve `delete-management-groups.bat` script (#224) commit 2e5a56b04fd25149da78e77f396073945ba785f5 Author: Senthuran Sivananthan Date: Thu Mar 24 09:02:36 2022 -0400 Fix formatting (#218) commit bf5e94bcdee854db8fde7a8eb60d7886bc2c2191 Author: Senthuran Sivananthan Date: Wed Mar 23 23:01:02 2022 -0400 Add instructions for customizing policy set assignments (#215) commit 0538d4d7d8765fcd558c99fdbf7aa7d6655c8b95 Author: Senthuran Sivananthan Date: Wed Mar 23 22:57:00 2022 -0400 Document delete lock usage (#216) Document when and where delete locks are used commit 789b18a888290ada72d8fe2328097429ee9823d6 Author: Senthuran Sivananthan Date: Wed Mar 23 22:49:24 2022 -0400 Update OZ subnet name to App Management Zone (#217) commit 97c2904a773f94adf26cd52924f0dfccab985cdf Author: Senthuran Sivananthan Date: Fri Mar 11 21:59:40 2022 -0500 Backward compatibility when setting pipeline variables from management group hierarchy (#213) commit 30b9cc2060e96dd99b12743bb4c959181a403e91 Author: Adil Ha Date: Fri Mar 11 11:26:31 2022 -0500 fixing doc typo in hubnetwork-azfw (#211) Co-authored-by: Adil Ha commit 27363b730f34536fbf7f9994e08da7aa5af3c58e Author: Senthuran Sivananthan Date: Sat Mar 5 13:04:13 2022 -0500 Support Defender Plan for Cosmos DB (#200) Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB commit 81eccd1d54956f7c7addb2a969ebb3e62e99b588 Author: Senthuran Sivananthan Date: Sat Mar 5 12:48:45 2022 -0500 Delete Lock for Log Analytics Workspace resource group (#205) Add delete lock for LAW RG commit 678355f149698ecfdab6d10669e631702f1d9d49 Author: Steve Keeler Date: Sat Mar 5 11:03:46 2022 -0500 Fix pipeline scripts reference to `subscription-ci` (#207) commit 5753cf0e35a9f921c4cb59ec90db787e26d6d400 Author: Senthuran Sivananthan Date: Thu Mar 3 14:44:31 2022 -0500 Ensure values from multiline variables are properly logged (#202) Print multi-line environment variables (typically JSON objects) in Show Variables step commit d6b1c08fec1a96c332cf5abb758b16cd8bfede87 Author: Senthuran Sivananthan Date: Thu Mar 3 14:09:47 2022 -0500 Revise subscription deployment instructions (#201) * Redirect subscriptoin configuration guidance to archetype authoring guide doc * Revise instructions for creating ARM parameter files & management group id selection commit 5e7322ee0b64ffa379e1ac546972796a76407db7 Author: Senthuran Sivananthan Date: Wed Mar 2 08:22:35 2022 -0500 Instructions for backfilling management group hierarchy (#197) * Add instructions for backfilling management group hierarchy * Update section titles, links and reference backfill instruction as part of MG setup * Instructions for installing AzCLI and jq * Clearfy that Tenant Root Group could have been renamed in the organization * Windows Shell example * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used * Note on YAML indentation commit 5d33909d70f821039df0deab2d26a5d180d7a16c Author: Preston K. Parsard Date: Tue Mar 1 10:46:04 2022 -0500 subscription(generic): add instructions for configuring parameters (#193) commit 17846c4959c5156dee905736e3631fa56193d9e7 Author: Steve Keeler Date: Sun Feb 27 20:30:20 2022 -0500 Show Variables fix (#191) commit c62dcfcd5862ae15196000e0fd481d214081c817 Author: Steve Keeler Date: Sun Feb 27 16:50:20 2022 -0500 Configurable management group hierarchy (#186) Implement configurable management group hierarchy commit 9a141f7e5bf238f21838898ff908b6fc7f6d8fcc Author: Preston K. Parsard Date: Sat Feb 26 19:45:35 2022 -0500 Update onboarding document Co-authored-by: Preston K. Parsard commit 6b6ef29fd266fe0b2c23fed5f1bf6cc3fdb5e4a8 Author: Senthuran Sivananthan Date: Sat Feb 26 18:22:48 2022 -0500 Snapshot JSON schemas to v0.4.0 (#182) commit 4dd1f4a901fbd44c54a32fdf9ac23f5ca5bed736 Author: Senthuran Sivananthan Date: Wed Feb 23 15:39:43 2022 -0500 Update onboarding doc for logging & networking management group settings (#177) * Fix markdown linter warnings * Add instruction for logging and networking MGs commit 5d7eec3a319524b5ded5f32e6db951566c365ffc Author: Steve Keeler Date: Wed Feb 23 12:51:20 2022 -0500 Update `create-pipelines.bat` onboarding script to auto-provision environment (#178) commit 488fc6e767639f3acd00a2dea11a8f2a6476379e Author: Senthuran Sivananthan Date: Tue Feb 22 09:05:20 2022 -0500 Instructions for Azure DevOps Environments (#175) * Instructions for creating ADO pipeline environments * Fix formatting commit edabd873d42a622fc5d1503c099c514bb4f2bd7f Author: Senthuran Sivananthan Date: Thu Feb 17 23:29:42 2022 -0500 Support for Tag inheritance from Subscription to Resource Group (#161) * Add policy and policy set to inherit tags from subscription to resource group * Add branch config for testing * Remove policy type as it's not built in * Updated resource type for resource group * Update policy assignment * Ensure assignment name is <= 24 chars * Revert resource group type * Setting mode to all * Update documentation * Add branch config * Add explicit dependsOn for subscription scaffolding to complete * Update test deployment parameters * Remove explicit dependsOn for subscription scaffolding to complete * Update doc to describe approaches for adding tags to RGs * Reduce the options for tagging resources given subscripton to RG tagging is available * Add example scenarios for tag inheritence * Fix typo * Remove branch configs * Resolve linter error: no-loc-expr-outside-params commit e71ed265f2267d35cd36d30bab217f9ecbb6891c Author: Senthuran Sivananthan Date: Wed Feb 16 20:09:19 2022 -0500 Linter: no-loc-expr-outside-params - ensure compliance (#169) * Update linter rules for location parameter * Add location parameter with default value based on resourceGroup() or deployment() * Update archetype schema and docs for location * Add branch config for testing * Update AKS version * Update branch config * Remove branch configs commit 6061fa0b930200d73e906e0bedefafeb35e43296 Author: Senthuran Sivananthan Date: Thu Feb 10 16:49:42 2022 -0500 Repository clean up (#165) * Remove obsolete directory * Rotate resource group names for E2E deployments * Fix typo * Add branch config for testing * Fix typo * Remove branch configs * Remove timestamp from sample JSON templates. Timestamps are kept for E2E testing. * Remove date stamp commit 5104f393a618a0f0f7072100fd810df4534a3210 Author: Steve Keeler Date: Thu Feb 10 09:08:17 2022 -0500 Update DevOps Onboarding section of main readme (#162) commit 209f61cf72ac91555f8b2171dcf84c6daae6a7cc Author: Senthuran Sivananthan Date: Thu Feb 10 09:06:31 2022 -0500 Update Deployment Script's Azure CLI version to 2.32.0 (#164) Update Azure CLI version to 2.32.0 commit d7d52570c8dce3ed8bcc3b809191d1cd2ddf5e3f Author: Steve Keeler Date: Mon Feb 7 13:51:17 2022 -0500 Issue #157 - Update scripts documentation (#158) Update scripts documentation (Issue #157) Update docs/onboarding/azure-devops-scripts.md Co-authored-by: Senthuran Sivananthan commit b628c68ff84bb5b8796d6821161450010d19ce3b Author: Senthuran Sivananthan Date: Fri Feb 4 12:42:31 2022 -0500 Enhance PBMM policy assignment to disable diagnostic settings metrics (#156) Ensure diagnostic settings policy only checks for logs commit 61afd59bb6d7f6c2a37518d41c64ced985cafd92 Author: Senthuran Sivananthan Date: Mon Jan 31 12:52:09 2022 -0500 Snapshot landing zone schema to v0.3.0 (#152) commit 09f09ede5613cf600441616831f762595aecdbed Author: Steve Keeler Date: Mon Jan 31 09:20:20 2022 -0500 Automation scripts for Azure DevOps onboarding (#151) Implement #150, scripts and documentation commit 82dd82606059a6643d7de294cb1f15afab41cd94 Author: SlavaRoikhman <52217047+SlavaRoikhman@users.noreply.github.com> Date: Thu Jan 27 13:32:41 2022 -0500 Removed 'privatelink.monitor.azure.com' from Private DNS Zones (#149) commit 73ce2eb316175f1bf86135010d5f35ce9bbc6da7 Author: Senthuran Sivananthan Date: Fri Jan 21 23:23:45 2022 -0500 Flexible policy assignment scope (#147) * Add deployment scope for policy assignment * Add branch test config * Set new parameter for policy assignment scope: var-policyAssignmentManagementGroupId * Update pipeline for new var * Add separate scope for testing * Update pipeline parameter name * Ensure new temp file is created to populate the parameters. * Remove test job * Remove branch config * Update readme * Update authoring guide with new parameter commit c71051b21804f0b069acc02718ced57840863e86 Author: hudua <40040433+hudua@users.noreply.github.com> Date: Fri Jan 21 14:21:08 2022 -0500 Private Endpoint for App Service (#144) commit fff245db0c7f94221ce73404a2c5fb1a9ad44207 Author: Senthuran Sivananthan Date: Fri Jan 21 10:51:43 2022 -0500 Diagnostic Settings Policies for PaaS services (#143) * Add diagnostic settings policies for data services * Add branch config for testing * Add missing types for auditing * Add diagnostic setting policies for compute services * Add diagnostic setting policies for integration services * Add diagnostic setting policies for network services * Remove policy for ACI since it doesn't have logs to collect * Remove extra resource type * Set region to 'global' for edge services * Remove branch config. used for testing * Updated App Service log categories * Add branch config * Remove branch config --- docs/archetypes/logging.md | 16 ++++---- .../FullDeployment-With-Location.json | 2 +- .../lz-healthcare/Synapse-sqlAuth.json | 40 +++++++++++++++---- ...eLinuxContainerPrivateEndpointIsFalse.json | 29 ++++++-------- .../FullDeployment-With-Location.json | 2 +- .../FullDeployment-With-OptionalSubnets.json | 2 +- 6 files changed, 56 insertions(+), 35 deletions(-) diff --git a/docs/archetypes/logging.md b/docs/archetypes/logging.md index 0585d51f..35be9b2b 100644 --- a/docs/archetypes/logging.md +++ b/docs/archetypes/logging.md @@ -2,15 +2,13 @@ ## Table of Contents -- [Archetype: Logging](#archetype--logging) - - [Table of Contents](#table-of-contents) - - [Overview](#overview) - - [Schema Definition](#schema-definition) - - [Delete Locks](#delete-locks) - - [Service Health](#service-health) - - [Deployment Scenarios](#deployment-scenarios) - - [Example Deployment Parameters](#example-deployment-parameters) - - [Deployment Instructions](#deployment-instructions) +* [Overview](#overview) +* [Schema Definition](#schema-definition) +* [Delete Locks](#delete-locks) +* [Service Health](#service-health) +* [Deployment Scenarios](#deployment-scenarios) +* [Example Deployment Parameters](#example-deployment-parameters) +* [Deployment Instructions](#deployment-instructions) ## Overview diff --git a/tests/schemas/lz-generic-subscription/FullDeployment-With-Location.json b/tests/schemas/lz-generic-subscription/FullDeployment-With-Location.json index 0f9cab09..c26010e0 100644 --- a/tests/schemas/lz-generic-subscription/FullDeployment-With-Location.json +++ b/tests/schemas/lz-generic-subscription/FullDeployment-With-Location.json @@ -3,7 +3,7 @@ "contentVersion": "1.0.0.0", "parameters": { "location": { - "value": "canadacentral" + "value": "canada" }, "serviceHealthAlerts": { "value": { diff --git a/tests/schemas/lz-healthcare/Synapse-sqlAuth.json b/tests/schemas/lz-healthcare/Synapse-sqlAuth.json index cbe13567..9f0c7061 100644 --- a/tests/schemas/lz-healthcare/Synapse-sqlAuth.json +++ b/tests/schemas/lz-healthcare/Synapse-sqlAuth.json @@ -96,16 +96,16 @@ "sqldb": { "value": { "enabled": true, - "aadAuthenticationOnly": true, - "aadLoginName": "DBA Group", - "aadLoginObjectID": "4e4ea47c-ee21-4add-ad2f-a75d0d8014e0", - "aadLoginType": "Group" + "sqlAuthenticationUsername": "azadmin", + "aadAuthenticationOnly": false } }, "synapse": { "value": { - "aadAuthenticationOnly": false, - "sqlAuthenticationUsername": "synaseAdminUser" + "aadAuthenticationOnly": true, + "aadLoginName": "az.admins", + "aadLoginObjectID": "e0357d81-55d8-44e9-9d9c-ab09dc710785", + "aadLoginType": "Group" } }, "hubNetwork": { @@ -151,7 +151,33 @@ "name": "webapp", "addressPrefix": "10.5.8.0/25" }, - "optional": [] + "optional": [ + { + "comments": "Optional Subnet 1", + "name": "virtualMachines", + "addressPrefix": "10.5.9.0/25", + "nsg": { + "enabled": true + }, + "udr": { + "enabled": true + } + }, + { + "comments": "Optional Subnet 2 with delegation for NetApp Volumes", + "name": "NetappVolumes", + "addressPrefix": "10.5.10.0/25", + "nsg": { + "enabled": false + }, + "udr": { + "enabled": false + }, + "delegations": { + "serviceName": "Microsoft.NetApp/volumes" + } + } + ] } } } diff --git a/tests/schemas/lz-machinelearning/AppServiceLinuxContainerPrivateEndpointIsFalse.json b/tests/schemas/lz-machinelearning/AppServiceLinuxContainerPrivateEndpointIsFalse.json index 7d973272..ba8f8bba 100644 --- a/tests/schemas/lz-machinelearning/AppServiceLinuxContainerPrivateEndpointIsFalse.json +++ b/tests/schemas/lz-machinelearning/AppServiceLinuxContainerPrivateEndpointIsFalse.json @@ -71,13 +71,13 @@ }, "resourceGroups": { "value": { - "automation": "azml-automation", - "compute": "azml-compute", - "monitor": "azml-monitor", - "networking": "azml-networking", + "automation": "azmlcmk-automation", + "compute": "azmlcmk-compute", + "monitor": "azmlcmk-monitor", + "networking": "azmlcmk-networking", "networkWatcher": "NetworkWatcherRG", - "security": "azml-security", - "storage": "azml-storage" + "security": "azmlcmk-security", + "storage": "azmlcmk-storage" } }, "useCMK": { @@ -95,11 +95,11 @@ }, "aks": { "value": { - "version": "1.21.2", + "version": "1.22.6", "enabled": true, - "networkPlugin": "azure", - "networkPolicy": "azure", - "podCidr": "", + "networkPlugin": "kubenet", + "networkPolicy": "calico", + "podCidr": "11.0.0.0/16", "serviceCidr": "20.0.0.0/16", "dnsServiceIP": "20.0.0.10", "dockerBridgeCidr": "30.0.0.1/16" @@ -110,17 +110,14 @@ "enabled": true, "skuName": "P1V2", "skuTier": "Premium", - "enablePrivateEndpoint": false + "enablePrivateEndpoint": true } }, "sqldb": { "value": { "enabled": true, "sqlAuthenticationUsername": "azadmin", - "aadAuthenticationOnly": false, - "aadLoginName": "DBA Group", - "aadLoginObjectID": "4e4ea47c-ee21-4add-ad2f-a75d0d8014e0", - "aadLoginType": "Group" + "aadAuthenticationOnly": false } }, "sqlmi": { @@ -149,7 +146,7 @@ "value": { "peerToHubVirtualNetwork": true, "useRemoteGateway": false, - "name": "azml-vnet", + "name": "azmlcmk-vnet", "dnsServers": [ "10.18.1.4" ], diff --git a/tests/schemas/lz-machinelearning/FullDeployment-With-Location.json b/tests/schemas/lz-machinelearning/FullDeployment-With-Location.json index ca3ea89c..3b6e2524 100644 --- a/tests/schemas/lz-machinelearning/FullDeployment-With-Location.json +++ b/tests/schemas/lz-machinelearning/FullDeployment-With-Location.json @@ -101,7 +101,7 @@ }, "aks": { "value": { - "version": "1.22.6", + "version": "1.21.2", "enabled": true, "networkPlugin": "kubenet", "networkPolicy": "calico", diff --git a/tests/schemas/lz-machinelearning/FullDeployment-With-OptionalSubnets.json b/tests/schemas/lz-machinelearning/FullDeployment-With-OptionalSubnets.json index 5e1efdca..12b84573 100644 --- a/tests/schemas/lz-machinelearning/FullDeployment-With-OptionalSubnets.json +++ b/tests/schemas/lz-machinelearning/FullDeployment-With-OptionalSubnets.json @@ -98,7 +98,7 @@ }, "aks": { "value": { - "version": "1.22.6", + "version": "1.21.2", "enabled": true, "networkPlugin": "kubenet", "networkPolicy": "calico",