26294 - Feature - Accelerator Pipeline Adjustments (#483)

* Added initial accelerator pipelines and scripts

* Removed unused params from scripts

* Trim trailing whitespace

* Removed unused param

* Removed release fetcher script as another one is going to be used

* Added ALZ prefix to files

* Switched ALZ prefix location for all scripts

* Changed policy assignment to alzdefault

* Switched subscription placement to orchestration module

* Change default tags to Live and clean up formatting of same param files

* Diable role assignments deployment for accelerator until user is ready to enable

* Fixed path to template and incorrect deployment name

* Adjusted parameter path trigger for policy deployment workflow

* Adjusted new line formatting for linter

---------

Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>

accelerator/.github/workflows/alz-bicep-2.yml

@@ -5,8 +5,7 @@ on:
     branches:
       - "main"
     paths:
-      - "config/custom-parameters/roleAssignmentManagementGroupMany.servicePrincipal.parameters.all.json"
-      - "config/custom-parameters/policyAssignmentManagementGroup.dine.parameters.all.json"
+      - "config/custom-parameters/alzDefaultPolicyAssignments.parameters.all.json"
   workflow_dispatch:
 
 permissions:
@@ -36,12 +35,13 @@ jobs:
           subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
           enable-AzPSSession: true
 
-      - name: "Role Assignments Deployment"
-        uses: azure/powershell@v1
-        with:
-          inlineScript: |
-            .\pipeline-scripts\Deploy-ALZRoleAssignments.ps1
-          azPSVersion: "latest"
+      # Example: Modify Deploy-ALZRoleAssignments.ps1 with applicable pararameter file and uncomment lines below to enable Role Assignments Deployment.
+      # - name: "Role Assignments Deployment"
+      #   uses: azure/powershell@v1
+      #   with:
+      #     inlineScript: |
+      #       .\pipeline-scripts\Deploy-ALZRoleAssignments.ps1
+      #     azPSVersion: "latest"
 
       - name: "Built-in and Custom Policy Assignments Deployment"
         uses: azure/powershell@v1

accelerator/pipeline-scripts/Deploy-ALZPolicyAssignments.ps1

@@ -6,15 +6,15 @@ param (
   [String]$TopLevelMGPrefix = "$($env:TOP_LEVEL_MG_PREFIX)",
 
   [Parameter()]
-  [String]$TemplateFile = "upstream-releases\$($env:UPSTREAM_RELEASE_VERSION)\infra-as-code\bicep\modules\policy\assignments\policyAssignmentManagementGroup.bicep",
+  [String]$TemplateFile = "upstream-releases\$($env:UPSTREAM_RELEASE_VERSION)\infra-as-code\bicep\modules\policy\assignments\alzDefaults\alzDefaultPolicyAssignments.bicep",
 
   [Parameter()]
-  [String]$TemplateParameterFile = "config\custom-parameters\policyAssignmentManagementGroup.dine.parameters.all.json"
+  [String]$TemplateParameterFile = "config\custom-parameters\alzDefaultPolicyAssignments.parameters.all.json"
 )
 
 # Parameters necessary for deployment
 $inputObject = @{
-  DeploymentName        = 'alz-RoleAssignmentsDeployment-{0}' -f ( -join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])
+  DeploymentName        = 'alz-PolicyAssignmentsDeployment-{0}' -f ( -join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])
   Location              = $Location
   ManagementGroupId     = $TopLevelMGPrefix
   TemplateFile          = $TemplateFile

accelerator/pipeline-scripts/Deploy-ALZSubscriptionPlacement.ps1

@@ -6,10 +6,10 @@ param (
   [String]$TopLevelMGPrefix = "$($env:TOP_LEVEL_MG_PREFIX)",
 
   [Parameter()]
-  [String]$TemplateFile = "upstream-releases\$($env:UPSTREAM_RELEASE_VERSION)\infra-as-code\bicep\modules\subscriptionPlacement\subscriptionPlacement.bicep",
+  [String]$TemplateFile = "upstream-releases\$($env:UPSTREAM_RELEASE_VERSION)\infra-as-code\bicep\orchestration\subPlacementAll\subPlacementAll.bicep",
 
   [Parameter()]
-  [String]$TemplateParameterFile = "config\custom-parameters\subscriptionPlacement.parameters.all.json"
+  [String]$TemplateParameterFile = "config\custom-parameters\subPlacementAll.parameters.all.json"
 )
 
 # Parameters necessary for deployment

infra-as-code/bicep/CRML/containerRegistry/parameters/containerRegistry.parameters.all.json

@@ -8,9 +8,9 @@
     "parAcrSku": {
       "value": "Basic"
     },
-    "parTags":{
-      "value":{
-        "Environment": "POC"
+    "parTags": {
+      "value": {
+        "Environment": "Live"
       }
     }
   }

infra-as-code/bicep/CRML/subscriptionAlias/parameters/subscriptionAlias.parameters.all.json

@@ -10,7 +10,7 @@
     },
     "parTags": {
       "value": {
-        "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parManagementGroupId": {

infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.all.json

@@ -200,14 +200,17 @@
     },
     "parTags": {
       "value": {
-        "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parTelemetryOptOut": {
       "value": false
     },
     "parBastionOutboundSshRdpPorts": {
-      "value": ["22","3389"]
+      "value": [
+        "22",
+        "3389"
+      ]
     }
   }
 }

infra-as-code/bicep/modules/hubNetworking/parameters/mc-hubNetworking.parameters.all.json

@@ -162,14 +162,17 @@
     },
     "parTags": {
       "value": {
-        "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parTelemetryOptOut": {
       "value": false
     },
     "parBastionOutboundSshRdpPorts": {
-      "value": ["22","3389"]
+      "value": [
+        "22",
+        "3389"
+      ]
     }
   }
 }

infra-as-code/bicep/modules/logging/parameters/logging.parameters.all.json

@@ -40,7 +40,7 @@
     },
     "parTags": {
       "value": {
-        "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parTelemetryOptOut": {

infra-as-code/bicep/modules/logging/parameters/mc-logging.parameters.all.json

@@ -40,7 +40,7 @@
     },
     "parTags": {
       "value": {
-        "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parTelemetryOptOut": {

infra-as-code/bicep/modules/privateDnsZones/parameters/privateDnsZones.parameters.all.json

@@ -78,7 +78,7 @@
     },
     "parTags": {
       "value": {
-        "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parVirtualNetworkIdToLink": {

infra-as-code/bicep/modules/publicIp/parameters/publicIp.parameters.all.json

@@ -27,7 +27,7 @@
     },
     "parTags": {
       "value": {
-                "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parTelemetryOptOut": {

infra-as-code/bicep/modules/resourceGroup/parameters/resourceGroup.parameters.all.json

@@ -10,7 +10,7 @@
     },
     "parTags": {
       "value": {
-              "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parTelemetryOptOut": {

infra-as-code/bicep/modules/spokeNetworking/parameters/spokeNetworking.parameters.all.json

@@ -28,7 +28,7 @@
     },
     "parTags": {
       "value": {
-              "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parTelemetryOptOut": {

infra-as-code/bicep/modules/vwanConnectivity/parameters/mc-vwanConnectivity.parameters.all.json

@@ -104,7 +104,7 @@
     },
     "parTags": {
       "value": {
-        "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parTelemetryOptOut": {

infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.all.json

@@ -142,7 +142,7 @@
     },
     "parTags": {
       "value": {
-        "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parTelemetryOptOut": {

infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.parameters.all.json

@@ -49,7 +49,7 @@
     },
     "parTags": {
       "value": {
-        "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parTelemetryOptOut": {

infra-as-code/bicep/orchestration/hubPeeredSpoke/parameters/hubPeeredSpoke.vwan.parameters.all.json

@@ -49,7 +49,7 @@
     },
     "parTags": {
       "value": {
-        "Environment": "POC"
+        "Environment": "Live"
       }
     },
     "parTelemetryOptOut": {