1618d0f490
Adjust permission scopes ( #898 )
2024-11-11 21:46:43 -06:00
3712548faf
Bump github/codeql-action from 3.27.0 to 3.27.1 ( #900 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.27.0 to 3.27.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](662472033e...4f3212b617
2024-11-11 21:35:20 -06:00
301891f0de
fix: Resolve a variety of bugs and update api version of private dns zone links resource ( #896 )
...
* Added tags to AMA resources
* Update API version of private dns virtual link
* Add additional logic to default to at least 2 zones for pip in case not specified
* Add additional role assignments
* Add additional management group scopes for ama policies
* Add secondary location references
* Adding pattern to skip checking for any email
2024-11-07 13:37:08 -06:00
c282211ea0
fix: Private DNS Zones Bug ( #695 ) ( #891 )
...
* accelerator files
* updates to v0.2.0 of ptn
* docs update
* add output for names
* fmt
* bump to pdns 0.2.1
* hub MR changes
* add rel notes draft
* remove pdns module
* doc updates
* update params
* fix psrule
* readme updates
* remove
2024-11-05 22:51:28 -06:00
d1edb92c16
feat: Update Policy Library (automated) ( #894 )
...
Co-authored-by: github-actions <action@github.com>
2024-11-05 14:33:16 +00:00
7a404921f8
Bump actions/dependency-review-action from 4.3.4 to 4.4.0 ( #892 )
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.3.4 to 4.4.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](5a2ce3f5b9...4081bf99e2
2024-11-04 12:35:20 -06:00
6be370f219
Bump actions/checkout from 4.2.1 to 4.2.2 ( #889 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](eef61447b9...11bd71901b
2024-11-04 12:27:25 -06:00
acc9e70949
Bump github/codeql-action from 3.26.13 to 3.27.0 ( #887 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.13 to 3.27.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f779452ac5...662472033e
2024-11-04 12:27:02 -06:00
379fc24b65
Bump softprops/action-gh-release from 2.0.8 to 2.0.9 ( #893 )
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.0.8 to 2.0.9.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](c062e08bd5...e7a8f85e1c
2024-11-04 12:26:40 -06:00
3f3d38f24c
feat: Policy Refresh Q1 FY25 ( #806 )
...
* Update Policy Library (automated)
* Update Policy Library (automated)
* Change monitor policy names to avoid confusion
* Update Policy Library (automated)
* feat: Update Policy Library (automated)
* feat: Update Policy Library (automated)
* Updated json values for custompolicydefinitions
* Remove duplicate AKS Assignment and create subnet private assignment
* Added param and logic for category of resource logs
* Generate Parameter Markdowns [oZakari/c375e413]
* feat: Update Policy Library (automated)
---------
Co-authored-by: github-actions <action@github.com>
Co-authored-by: Zach Trocinski <ztrocinski@outlook.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2024-10-24 17:38:38 -05:00
c375e41332
Bump actions/upload-artifact from 4.4.0 to 4.4.3 ( #880 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.4.0 to 4.4.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v4.4.0...b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-18 20:58:42 -05:00
d02b0d3a6a
Bump actions/checkout from 4.1.1 to 4.2.1 ( #881 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4.1.1...eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-18 20:58:33 -05:00
97d5a59a24
Bump github/codeql-action from 3.26.10 to 3.26.13 ( #879 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.10 to 3.26.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e2b3eafc8d...f779452ac5
2024-10-18 20:58:23 -05:00
546b9fd1b2
[StepSecurity] Apply security best practices ( #876 )
...
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-10-07 18:19:45 -05:00
16cc056096
artifact workflow trigger fix ( #872 )
2024-10-02 18:57:36 +01:00
d456e0956a
Bump github/codeql-action from 3.26.9 to 3.26.10 ( #870 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.9 to 3.26.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](461ef6c76d...e2b3eafc8d
2024-10-02 00:11:41 -05:00
9366ab9a2e
refactor: remove ui support and other hygiene ( #869 )
...
* Update config to remove UI components
* Update config for calculated and process
* Add default for secondary AZ
* Fix linting
* Add wiki known issues
* Add deprecation notice for amba guidance
* Add clarity for accelerator changes
* Update dependabot settings
* Update pr titles for policy update workflows
* Fix table
---------
Co-authored-by: Zach Trocinski <ztrocinski@outlook.com>
2024-10-02 00:08:13 -05:00
2b7ee23da0
feat: Multi region support for accelerator ( #857 )
...
* feat: Add minimum sample bicep file for hubNetworking module
* added secondarylocation params and resources
* Refactor parameter names and values for secondary location in hubNetworking module
* Remove duplicate DNS zones
* Fix module references
* Clean up uneeded references
* Remove uneeded parameter replacements for secondary location
* Add peering module to multi region module
* Add condition for peering
* Adjust multi region samples
* Add active-active support for vpn gateway
* Added VWAN changes
* Add changes from final testing
* Finalize changes for multi-region module
* Generate Parameter Markdowns [oZakari/2642d626]
---------
Co-authored-by: Zach Trocinski <ztrocinski@outlook.com>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-26 23:35:35 -05:00
26a2ac73d1
Bump github/codeql-action from 3.26.8 to 3.26.9 ( #864 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.8 to 3.26.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](294a9d9291...461ef6c76d
2024-09-26 23:23:19 -05:00
2642d62619
fix: General networking fixes and add active-active capability for vnet gateway ( #863 )
...
* Add condition for ddos output
* Add capability for active-active vnet gateway
* Update API versions
2024-09-24 14:47:55 -05:00
4cb81c7b1a
Add role connectedMachineResourceAdministrator to Deploy-vmHybr-Monitoring ( #862 )
2024-09-23 12:27:57 -05:00
44ce89af29
Bump github/codeql-action from 3.26.6 to 3.26.8 ( #858 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.6 to 3.26.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4dd16135b6...294a9d9291
2024-09-23 12:20:32 -05:00
b5f811d041
Fix hubNetworking module output when DDoS is disabled ( #861 )
...
When disabling DDoS in hubNetworking the module fails because the DDoS plan is not actually provisioned and the output always requires it.
2024-09-23 12:18:39 -05:00
79b1fbbc20
feat: Add SNAT property to firewall resources ( #854 )
...
* Add SNAT property to firewall policies
* Generate Parameter Markdowns [oZakari/3ab7cc22]
---------
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-06 13:02:07 -05:00
3ab7cc22d6
fix: Reduce descriptions further ( #853 )
...
* Reduce descriptions further
* Generate Parameter Markdowns [oZakari/ec4f4b8c]
---------
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-05 20:41:48 -05:00
ec4f4b8cfe
Bump actions/upload-artifact from 4.3.6 to 4.4.0 ( #848 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.6 to 4.4.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v4.3.6...v4.4.0 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-04 14:03:24 -05:00
d829601550
Add semantic versioning ( #849 )
2024-09-04 14:02:47 -05:00
dbffb1945f
Bump github/super-linter from 6 to 7 ( #846 )
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 6 to 7.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/super-linter/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: github/super-linter
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-01 21:23:34 -05:00
24dc140960
Condensed descriptions and add known issue ( #831 )
...
* Condensed descriptions and add known issue
* Update known issues
* Generate Parameter Markdowns [oZakari/73ae4a23]
* Add a note for referencing older param descriptions when applicable
* Generate Parameter Markdowns [oZakari/3ab93bf1]
* Fix makrkdown
---------
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2024-09-01 21:20:48 -05:00
962e289a0a
Adding a link to RBAC constrained delegation limitations ( #847 )
...
* Add availability zones support and configure default parameters
* Remove availability zone support check and configuration
* Add support for various Azure regions and their zones
* chore: Add note about limitations when delegating role assignment management with conditions
2024-09-01 21:19:50 -05:00
143b256b44
Bump a11smiles/GitSync from 1.1.4 to 1.2.3 ( #843 )
...
Bumps [a11smiles/GitSync](https://github.com/a11smiles/gitsync ) from 1.1.4 to 1.2.3.
- [Release notes](https://github.com/a11smiles/gitsync/releases )
- [Commits](https://github.com/a11smiles/gitsync/compare/v1.1.4...v1.2.3 )
---
updated-dependencies:
- dependency-name: a11smiles/GitSync
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-29 22:52:54 -05:00
3163aa14e5
Bump github/codeql-action from 3.26.5 to 3.26.6 ( #844 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.5 to 3.26.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2c779ab0d0...4dd16135b6
2024-08-29 22:52:46 -05:00
eeab4937b5
Bump ossf/scorecard-action from 2.3.1 to 2.4.0 ( #842 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.3.1 to 2.4.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](0864cf1902...62b2cac7ed
2024-08-29 22:52:37 -05:00
3ab93bf1c0
Bump azure/powershell from 1 to 2 ( #837 )
...
Bumps [azure/powershell](https://github.com/azure/powershell ) from 1 to 2.
- [Release notes](https://github.com/azure/powershell/releases )
- [Commits](https://github.com/azure/powershell/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: azure/powershell
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-29 10:45:29 +01:00
ddbeae7678
Bump github/super-linter from 4 to 6 ( #836 )
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4 to 6.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/super-linter/compare/v4...v6 )
---
updated-dependencies:
- dependency-name: github/super-linter
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-29 10:45:12 +01:00
dc8a444397
Bump actions/upload-artifact from 3.pre.node20 to 4.3.6 ( #838 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.pre.node20 to 4.3.6.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v3-node20...v4.3.6 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-29 10:44:30 +01:00
d405a7f50f
Bump gaurav-nelson/github-action-markdown-link-check from 1.0.13 to 1.0.15 ( #839 )
...
Bumps [gaurav-nelson/github-action-markdown-link-check](https://github.com/gaurav-nelson/github-action-markdown-link-check ) from 1.0.13 to 1.0.15.
- [Release notes](https://github.com/gaurav-nelson/github-action-markdown-link-check/releases )
- [Commits](https://github.com/gaurav-nelson/github-action-markdown-link-check/compare/1.0.13...1.0.15 )
---
updated-dependencies:
- dependency-name: gaurav-nelson/github-action-markdown-link-check
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-29 10:44:10 +01:00
68ea72af66
Bump github/codeql-action from 3.24.9 to 3.26.5 ( #840 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.9 to 3.26.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b1aada464...2c779ab0d0
2024-08-29 10:43:47 +01:00
9a49fb741a
Create dependabot.yml
2024-08-29 10:40:27 +01:00
73ae4a2330
Updated api version for automation account ( #829 )
...
* updated api versions to satisfy linter
* Revert due to bug with newer api versions
---------
Co-authored-by: Zach Trocinski <ztrocinski@outlook.com>
Co-authored-by: Zach Trocinski <30884663+oZakari@users.noreply.github.com>
2024-08-19 16:46:10 -05:00
d5a5c52e95
Added newer linter-rules ( #826 )
...
* Updated linter-rules in bicepconfig.json
* Change no-deployment-resources to error as related to security
---------
Co-authored-by: Zach Trocinski <ztrocinski@outlook.com>
Co-authored-by: Zach Trocinski <30884663+oZakari@users.noreply.github.com>
2024-08-19 15:52:41 -05:00
8f23c71189
fixed safe-access linter warnings ( #827 )
2024-08-19 15:33:49 -05:00
2a32d0b051
Adding RBAC constrained delegation parameters and guidance in the roleAssignment modules ( #816 )
...
* add rbac constrained delegation guidance
* Refactor role assignment condition code generation
* Generate Parameter Markdowns [sebassem/cfa6355d]
* update parameters files
* Refactor role assignment condition code generation
* Generate Parameter Markdowns [sebassem/cfa6355d]
* Refactor role assignment condition code generation
* reduce condition parameter description
* Generate Parameter Markdowns [sebassem/cfa6355d]
* Refactor role assignment condition code generation
* Generate Parameter Markdowns [sebassem/cfa6355d]
---------
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
2024-08-01 10:55:51 -05:00
cfa6355dee
fix: rename private DNS zone privatelink.dp.kubernetesconfiguration.azure.com ( #814 )
...
* fix: rename private DNS zone privatelink.dp.kubernetesconfiguration.azure.com
regarding documentation:
https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-dns#hybrid--multicloud
* Update readme.md
* Generate readmes
---------
Co-authored-by: Zach Trocinski <ztrocinski@outlook.com>
2024-07-23 13:43:12 -05:00
8dd8d53eea
Implement bicep bootstrap ( #799 )
...
* Update configuration to support bootstrap
* Add networking type option
* Latest updates for bootstrap
* Fix RG name
* Add manual whatif overrides
* Fix MG id
* Revert and add new config
* Update for viable what if
* Add destroy script
* Fix script
* Idempotent script
* Add groups to config file
* Add test starter module
* Simplify destroy script
* Add folders to retain into config
* Latest updates for test module
* Fix resource group deletion code
* Filter down more
* Only remove deployments created by this module
* Add PREFIX env var
* Add prefix param to avoid confusion
* Fix linting
* Update accelerator docs
* Remove china policies
* Fix PowerShell Typo
* skip delete on no mg
* Add on demand folder support
* Update version json
* Docs typo
* Update wiki for clarity
* Add header
* Support regional availability zones
* Fix incorrect link and misspelling
---------
Co-authored-by: Zach Trocinski <30884663+oZakari@users.noreply.github.com>
Co-authored-by: Zach Trocinski <ztrocinski@outlook.com>
2024-07-18 21:25:19 +01:00
b700ac453f
ALZ bicep modules multi-region guidance ( #804 )
...
* add initial multi-region readme for hub-spoke
* chore: Parameterize Route Table Entry Names in hubNetworking module
* chore: Update hubNetworking README with example parameters files for multiple regions
* chore: Update hubNetworking parameters for eastus and eastus2 regions
* chore: Update hubNetworking parameters for eastus and eastus2 regions
* chore: Update hubNetworking parameters and README for eastus and eastus2 regions
* chore: Update hubNetworking parameters and README for additional regions
* add multi-region vwan guidance
* updates
* Remove duplicate connectivity subscription variable
* Update regions to use paired regions
* Updated readme to switch to east us and west us paired regions
* Removed param file examples
* Correct link for png
* Update readme to switch to east us and west us paired regions
* update output
* updated screenshots
* Update deployment output image link for westus region
---------
Co-authored-by: Zach Trocinski <ztrocinski@outlook.com>
2024-07-17 11:32:06 -05:00
bf7a19b456
Enhancement: Remove secret references for login ( #793 )
...
* Remove secret references for login
* Login to Azure CLI
* Testing login
* Fix token misspelling
* Update remaining pipeline files
* Update display names of tasks
* Update azure/login github action to v2
---------
Co-authored-by: Sacha Narinx <Springstone@users.noreply.github.com>
2024-07-16 16:52:04 -05:00
b702fbeea0
[vwanConnectivity] Refactor to support multi-region hubs ( #805 )
...
* add logic for creating a policy per azFirewall
* addin fw settings to hub type
* update all parameters files
* chore: Update parAzFirewallCustomPublicIps' allowed list
* Generate Parameter Markdowns [sebassem/0a9a675f]
---------
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Zach Trocinski <30884663+oZakari@users.noreply.github.com>
2024-07-15 15:54:42 -05:00
9517fc24ad
Sentinel onboarding via OnboardingStates API ( #811 )
...
* Call to "onboardingStates" to enable Sentinel
* chore: Updated API versions to latest ones
* Reverted - chore: Updated API versions to latest ones
2024-07-11 16:02:32 -05:00
038090ce0b
bug: Fix deploymentnames in pipeline-scripts to max 64 char ( #801 )
...
* Update Deploy-ALZConnectivityResourceGroup.ps1
* Update Deploy-ALZCustomPolicyDefinitions.ps1
* Update Deploy-ALZCustomRoleDefinitions.ps1
* Update Deploy-ALZHub-HubAndSpoke.ps1
* Update Deploy-ALZHub-VWAN.ps1
* Update Deploy-ALZLoggingAndSentinel.ps1
* Update Deploy-ALZLoggingAndSentinelResourceGroup.ps1
* Update Deploy-ALZMGDiagnosticSettings.ps1
* Update Deploy-ALZManagementGroups.ps1
* Update Deploy-ALZPolicyAssignments.ps1
* Update Deploy-ALZRoleAssignments.ps1
* Update Deploy-ALZSubscriptionPlacement.ps1
* Correct remaining -join statements in readmes
* fixed extra closing parenthesis
---------
Co-authored-by: Zach Trocinski <ztrocinski@outlook.com>
Co-authored-by: Zach Trocinski <30884663+oZakari@users.noreply.github.com>
2024-07-09 12:23:02 -05:00
Zach Trocinski
dependabot[bot]
Jack Tracey
cae-pr-creator[bot]
StepSecurity Bot
Jared Holgate
Seif Bassem
Andy Brunner
Chris Constantin
Eskil Uhlving Larsen
Andy Brunner
Christoph Vollmann