26294 - Feature - Accelerator Pipeline Adjustments (#483)

* Added initial accelerator pipelines and scripts

* Removed unused params from scripts

* Trim trailing whitespace

* Removed unused param

* Removed release fetcher script as another one is going to be used

* Added ALZ prefix to files

* Switched ALZ prefix location for all scripts

* Changed policy assignment to alzdefault

* Switched subscription placement to orchestration module

* Change default tags to Live and clean up formatting of same param files

* Diable role assignments deployment for accelerator until user is ready to enable

* Fixed path to template and incorrect deployment name

* Adjusted parameter path trigger for policy deployment workflow

* Adjusted new line formatting for linter

---------

Co-authored-by: Jack Tracey <41163455+jtracey93@users.noreply.github.com>
This commit is contained in:
Zach Trocinski 2023-03-28 03:27:09 -05:00 коммит произвёл GitHub
Родитель e8aa861751
Коммит ef1466e175
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
17 изменённых файлов: 127 добавлений и 121 удалений

16
accelerator/.github/workflows/alz-bicep-2.yml поставляемый
Просмотреть файл

@ -5,8 +5,7 @@ on:
branches:
- "main"
paths:
- "config/custom-parameters/roleAssignmentManagementGroupMany.servicePrincipal.parameters.all.json"
- "config/custom-parameters/policyAssignmentManagementGroup.dine.parameters.all.json"
- "config/custom-parameters/alzDefaultPolicyAssignments.parameters.all.json"
workflow_dispatch:
permissions:
@ -36,12 +35,13 @@ jobs:
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
enable-AzPSSession: true
- name: "Role Assignments Deployment"
uses: azure/powershell@v1
with:
inlineScript: |
.\pipeline-scripts\Deploy-ALZRoleAssignments.ps1
azPSVersion: "latest"
# Example: Modify Deploy-ALZRoleAssignments.ps1 with applicable pararameter file and uncomment lines below to enable Role Assignments Deployment.
# - name: "Role Assignments Deployment"
# uses: azure/powershell@v1
# with:
# inlineScript: |
# .\pipeline-scripts\Deploy-ALZRoleAssignments.ps1
# azPSVersion: "latest"
- name: "Built-in and Custom Policy Assignments Deployment"
uses: azure/powershell@v1

Просмотреть файл

@ -6,15 +6,15 @@ param (
[String]$TopLevelMGPrefix = "$($env:TOP_LEVEL_MG_PREFIX)",
[Parameter()]
[String]$TemplateFile = "upstream-releases\$($env:UPSTREAM_RELEASE_VERSION)\infra-as-code\bicep\modules\policy\assignments\policyAssignmentManagementGroup.bicep",
[String]$TemplateFile = "upstream-releases\$($env:UPSTREAM_RELEASE_VERSION)\infra-as-code\bicep\modules\policy\assignments\alzDefaults\alzDefaultPolicyAssignments.bicep",
[Parameter()]
[String]$TemplateParameterFile = "config\custom-parameters\policyAssignmentManagementGroup.dine.parameters.all.json"
[String]$TemplateParameterFile = "config\custom-parameters\alzDefaultPolicyAssignments.parameters.all.json"
)
# Parameters necessary for deployment
$inputObject = @{
DeploymentName = 'alz-RoleAssignmentsDeployment-{0}' -f ( -join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])
DeploymentName = 'alz-PolicyAssignmentsDeployment-{0}' -f ( -join (Get-Date -Format 'yyyyMMddTHHMMssffffZ')[0..63])
Location = $Location
ManagementGroupId = $TopLevelMGPrefix
TemplateFile = $TemplateFile

Просмотреть файл

@ -6,10 +6,10 @@ param (
[String]$TopLevelMGPrefix = "$($env:TOP_LEVEL_MG_PREFIX)",
[Parameter()]
[String]$TemplateFile = "upstream-releases\$($env:UPSTREAM_RELEASE_VERSION)\infra-as-code\bicep\modules\subscriptionPlacement\subscriptionPlacement.bicep",
[String]$TemplateFile = "upstream-releases\$($env:UPSTREAM_RELEASE_VERSION)\infra-as-code\bicep\orchestration\subPlacementAll\subPlacementAll.bicep",
[Parameter()]
[String]$TemplateParameterFile = "config\custom-parameters\subscriptionPlacement.parameters.all.json"
[String]$TemplateParameterFile = "config\custom-parameters\subPlacementAll.parameters.all.json"
)
# Parameters necessary for deployment

Просмотреть файл

@ -8,9 +8,9 @@
"parAcrSku": {
"value": "Basic"
},
"parTags":{
"value":{
"Environment": "POC"
"parTags": {
"value": {
"Environment": "Live"
}
}
}

Просмотреть файл

@ -10,7 +10,7 @@
},
"parTags": {
"value": {
"Environment": "POC"
"Environment": "Live"
}
},
"parManagementGroupId": {

Просмотреть файл

@ -200,14 +200,17 @@
},
"parTags": {
"value": {
"Environment": "POC"
"Environment": "Live"
}
},
"parTelemetryOptOut": {
"value": false
},
"parBastionOutboundSshRdpPorts": {
"value": ["22","3389"]
"value": [
"22",
"3389"
]
}
}
}

Просмотреть файл

@ -162,14 +162,17 @@
},
"parTags": {
"value": {
"Environment": "POC"
"Environment": "Live"
}
},
"parTelemetryOptOut": {
"value": false
},
"parBastionOutboundSshRdpPorts": {
"value": ["22","3389"]
"value": [
"22",
"3389"
]
}
}
}

Просмотреть файл

@ -40,7 +40,7 @@
},
"parTags": {
"value": {
"Environment": "POC"
"Environment": "Live"
}
},
"parTelemetryOptOut": {

Просмотреть файл

@ -40,7 +40,7 @@
},
"parTags": {
"value": {
"Environment": "POC"
"Environment": "Live"
}
},
"parTelemetryOptOut": {

Просмотреть файл

@ -78,7 +78,7 @@
},
"parTags": {
"value": {
"Environment": "POC"
"Environment": "Live"
}
},
"parVirtualNetworkIdToLink": {

Просмотреть файл

@ -1,37 +1,37 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"parLocation": {
"value": "eastus"
},
"parPublicIpName": {
"value": "alz"
},
"parPublicIpSku": {
"value": {
"name": "Standard",
"tier": "Regional"
}
},
"parPublicIpProperties": {
"value": {
"publicIpAddressVersion": "IPv4",
"publicIpAllocationMethod": "Dynamic",
"deleteOption": "Delete",
"idleTimeoutInMinutes": 4
}
},
"parAvailabilityZones": {
"value": []
},
"parTags": {
"value": {
"Environment": "POC"
}
},
"parTelemetryOptOut": {
"value": false
}
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"parLocation": {
"value": "eastus"
},
"parPublicIpName": {
"value": "alz"
},
"parPublicIpSku": {
"value": {
"name": "Standard",
"tier": "Regional"
}
},
"parPublicIpProperties": {
"value": {
"publicIpAddressVersion": "IPv4",
"publicIpAllocationMethod": "Dynamic",
"deleteOption": "Delete",
"idleTimeoutInMinutes": 4
}
},
"parAvailabilityZones": {
"value": []
},
"parTags": {
"value": {
"Environment": "Live"
}
},
"parTelemetryOptOut": {
"value": false
}
}
}

Просмотреть файл

@ -1,20 +1,20 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"parLocation": {
"value": "eastus"
},
"parResourceGroupName": {
"value": "alz-rg"
},
"parTags": {
"value": {
"Environment": "POC"
}
},
"parTelemetryOptOut": {
"value": false
}
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"parLocation": {
"value": "eastus"
},
"parResourceGroupName": {
"value": "alz-rg"
},
"parTags": {
"value": {
"Environment": "Live"
}
},
"parTelemetryOptOut": {
"value": false
}
}
}

Просмотреть файл

@ -1,38 +1,38 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"parLocation": {
"value": "eastus"
},
"parDisableBgpRoutePropagation": {
"value": false
},
"parDdosProtectionPlanId": {
"value": ""
},
"parSpokeNetworkAddressPrefix": {
"value": "10.11.0.0/16"
},
"parSpokeNetworkName": {
"value": "vnet-spoke"
},
"parDnsServerIps": {
"value": []
},
"parNextHopIpAddress": {
"value": ""
},
"parSpokeToHubRouteTableName": {
"value": "rtb-spoke-to-hub"
},
"parTags": {
"value": {
"Environment": "POC"
}
},
"parTelemetryOptOut": {
"value": false
}
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"parLocation": {
"value": "eastus"
},
"parDisableBgpRoutePropagation": {
"value": false
},
"parDdosProtectionPlanId": {
"value": ""
},
"parSpokeNetworkAddressPrefix": {
"value": "10.11.0.0/16"
},
"parSpokeNetworkName": {
"value": "vnet-spoke"
},
"parDnsServerIps": {
"value": []
},
"parNextHopIpAddress": {
"value": ""
},
"parSpokeToHubRouteTableName": {
"value": "rtb-spoke-to-hub"
},
"parTags": {
"value": {
"Environment": "Live"
}
},
"parTelemetryOptOut": {
"value": false
}
}
}

Просмотреть файл

@ -50,7 +50,7 @@
"parVirtualRouterAutoScaleConfiguration": 2
}
]
},
},
"parVpnGatewayScaleUnit": {
"value": 1
},
@ -104,7 +104,7 @@
},
"parTags": {
"value": {
"Environment": "POC"
"Environment": "Live"
}
},
"parTelemetryOptOut": {

Просмотреть файл

@ -50,7 +50,7 @@
"parVirtualRouterAutoScaleConfiguration": 2
}
]
},
},
"parVpnGatewayScaleUnit": {
"value": 1
},
@ -142,7 +142,7 @@
},
"parTags": {
"value": {
"Environment": "POC"
"Environment": "Live"
}
},
"parTelemetryOptOut": {

Просмотреть файл

@ -49,7 +49,7 @@
},
"parTags": {
"value": {
"Environment": "POC"
"Environment": "Live"
}
},
"parTelemetryOptOut": {

Просмотреть файл

@ -49,7 +49,7 @@
},
"parTags": {
"value": {
"Environment": "POC"
"Environment": "Live"
}
},
"parTelemetryOptOut": {