Resolve Department Number to a Department Name and Log to Log Analytics (#226)
* add department name * add valid dept num to test pipeline * update add-tenantinfo * departmentNumber setup.md
This commit is contained in:
Matthew Bratschun
GitHub
Родитель
7183a0f4c0
Коммит
239a838406
|
|
@ -238,7 +238,7 @@ steps:
|
|||
"SecondBreakGlassAccountUPN": "breakglass2@$(testTenantDomain)",
|
||||
"PBMMPolicyID": "4c4a5f27-de81-430b-b4e5-9cbd50595a87",
|
||||
"AllowedLocationPolicyId": "e56962a6-4747-49cd-b67b-bf8b01975c4c",
|
||||
"DepartmentNumber": "",
|
||||
"DepartmentNumber": "190",
|
||||
"CBSSubscriptionName": "$(CBSSubscriptionName)",
|
||||
"SecurityLAWResourceId": "/subscriptions/$(testSubscriptionId)/resourceGroups/rg-core/providers/Microsoft.OperationalInsights/workspaces/mtb-law01",
|
||||
"HealthLAWResourceId": "/subscriptions/$(testSubscriptionId)/resourceGroups/rg-core/providers/Microsoft.OperationalInsights/workspaces/mtb-law01",
|
||||
|
|
@ -292,7 +292,7 @@ steps:
|
|||
"SecondBreakGlassAccountUPN": "breakglass2@$(testTenantDomain)",
|
||||
"PBMMPolicyID": "4c4a5f27-de81-430b-b4e5-9cbd50595a87",
|
||||
"AllowedLocationPolicyId": "e56962a6-4747-49cd-b67b-bf8b01975c4c",
|
||||
"DepartmentNumber": "",
|
||||
"DepartmentNumber": "190",
|
||||
"CBSSubscriptionName": "$(CBSSubscriptionName)",
|
||||
"SecurityLAWResourceId": "/subscriptions/$(testSubscriptionId)/resourceGroups/rg-core/providers/Microsoft.OperationalInsights/workspaces/mtb-law01",
|
||||
"HealthLAWResourceId": "/subscriptions/$(testSubscriptionId)/resourceGroups/rg-core/providers/Microsoft.OperationalInsights/workspaces/mtb-law01",
|
||||
|
|
|
|||
|
|
@ -63,7 +63,7 @@ All named resources will have the first 6 characters of the tenant Id appended t
|
|||
|SecondBreakGlassAccountUPN| UPN for the second break glass account|
|
||||
|PBMMPolicyID|Guid of the PBMM applied policy. 4c4a5f27-de81-430b-b4e5-9cbd50595a87 is the default Id but a customized version may have been used.|
|
||||
|AllowedLocationPolicyId|Guid for the Allowed Location policy. e56962a6-4747-49cd-b67b-bf8b01975c4c is the default|
|
||||
|DepartmentNumber| a number to be used by module 4 when looking for the existence of the monitoring account in Azure AD|
|
||||
|DepartmentNumber| The office Government of Canada department number - see: https://open.canada.ca/data/en/dataset/22090865-f8a6-4b83-9bad-e9d61f26a821 |
|
||||
|CBSSubscriptionName|Subscription Name containing the CBS solution. This subscription will be used to find the required components. **This subscription will also be excluded from checks.**|
|
||||
|SecurityLAWResourceId|Full resource Id of the Log analytics workspace used for Security (/subscriptions/...)|
|
||||
|HealthLAWResourceId|Full resource Id of the Log analytics workspace used for resource Health (/subscriptions/...)|
|
||||
|
|
|
|||
|
|
@ -1,30 +1,31 @@
|
|||
//Scope
|
||||
targetScope = 'resourceGroup'
|
||||
//Parameters and variables
|
||||
param storageAccountName string
|
||||
param subscriptionId string
|
||||
param location string = 'canadacentral'
|
||||
param kvName string = 'guardrails-kv'
|
||||
param automationAccountName string = 'guardrails-AC'
|
||||
param logAnalyticsWorkspaceName string = 'guardrails-LAW'
|
||||
param PBMMPolicyID string = '4c4a5f27-de81-430b-b4e5-9cbd50595a87'
|
||||
param AllowedLocationPolicyId string = 'e56962a6-4747-49cd-b67b-bf8b01975c4c'
|
||||
param automationAccountName string = 'guardrails-AC'
|
||||
param CBSSubscriptionName string
|
||||
param CustomModulesBaseURL string = 'https://github.com/Azure/GuardrailsSolutionAccelerator/raw/main/psmodules'
|
||||
param DepartmentNumber string
|
||||
param DepartmentName string
|
||||
param deployKV bool = true
|
||||
param deployLAW bool = true
|
||||
param CBSSubscriptionName string
|
||||
param SecurityLAWResourceId string
|
||||
param HealthLAWResourceId string
|
||||
param CustomModulesBaseURL string = 'https://github.com/Azure/GuardrailsSolutionAccelerator/raw/main/psmodules'
|
||||
param DeployTelemetry bool = true
|
||||
param Locale string = 'EN'
|
||||
param releaseVersion string
|
||||
param releaseDate string
|
||||
param TenantDomainUPN string
|
||||
param HealthLAWResourceId string
|
||||
param kvName string = 'guardrails-kv'
|
||||
param lighthouseTargetManagementGroupID string
|
||||
param Locale string = 'EN'
|
||||
param location string = 'canadacentral'
|
||||
param logAnalyticsWorkspaceName string = 'guardrails-LAW'
|
||||
param newDeployment bool = true
|
||||
param updateWorkbook bool = false
|
||||
param PBMMPolicyID string = '4c4a5f27-de81-430b-b4e5-9cbd50595a87'
|
||||
param releaseDate string
|
||||
param releaseVersion string
|
||||
param SecurityLAWResourceId string
|
||||
param storageAccountName string
|
||||
param subscriptionId string
|
||||
param TenantDomainUPN string
|
||||
param updatePSModules bool = false
|
||||
param updateWorkbook bool = false
|
||||
var containername = 'guardrailsstorage'
|
||||
var GRDocsBaseUrl='https://github.com/Azure/GuardrailsSolutionAccelerator/docs/'
|
||||
var vaultUri = 'https://${kvName}.vault.azure.net/'
|
||||
|
|
@ -38,25 +39,26 @@ module telemetry './nested_telemetry.bicep' = if (DeployTelemetry) {
|
|||
module aa 'modules/automationaccount.bicep' = if (newDeployment || updatePSModules) {
|
||||
name: 'guardrails-automationaccount'
|
||||
params: {
|
||||
automationAccountName: automationAccountName
|
||||
location: location
|
||||
containername: containername
|
||||
PBMMPolicyID: PBMMPolicyID
|
||||
AllowedLocationPolicyId: AllowedLocationPolicyId
|
||||
DepartmentNumber: DepartmentNumber
|
||||
automationAccountName: automationAccountName
|
||||
CBSSubscriptionName: CBSSubscriptionName
|
||||
SecurityLAWResourceId: SecurityLAWResourceId
|
||||
HealthLAWResourceId: HealthLAWResourceId
|
||||
containername: containername
|
||||
CustomModulesBaseURL: CustomModulesBaseURL
|
||||
Locale: Locale
|
||||
DepartmentNumber: DepartmentNumber
|
||||
DepartmentName: DepartmentName
|
||||
guardrailsKVname: kvName
|
||||
guardrailsLogAnalyticscustomerId: LAW.outputs.logAnalyticsWorkspaceId
|
||||
guardrailsStoragename: storageAccountName
|
||||
releaseVersion: releaseVersion
|
||||
releaseDate: releaseDate
|
||||
TenantDomainUPN: TenantDomainUPN
|
||||
HealthLAWResourceId: HealthLAWResourceId
|
||||
lighthouseTargetManagementGroupID: lighthouseTargetManagementGroupID
|
||||
Locale: Locale
|
||||
location: location
|
||||
newDeployment: newDeployment
|
||||
PBMMPolicyID: PBMMPolicyID
|
||||
releaseDate: releaseDate
|
||||
releaseVersion: releaseVersion
|
||||
SecurityLAWResourceId: SecurityLAWResourceId
|
||||
TenantDomainUPN: TenantDomainUPN
|
||||
updatePSModules: updatePSModules
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,22 +1,23 @@
|
|||
param automationAccountName string
|
||||
param location string
|
||||
param releaseVersion string
|
||||
param releaseDate string
|
||||
param CustomModulesBaseURL string
|
||||
param guardrailsLogAnalyticscustomerId string
|
||||
param guardrailsKVname string
|
||||
param guardrailsStoragename string
|
||||
param PBMMPolicyID string
|
||||
param containername string
|
||||
param AllowedLocationPolicyId string
|
||||
param DepartmentNumber string
|
||||
param automationAccountName string
|
||||
param CBSSubscriptionName string
|
||||
param SecurityLAWResourceId string
|
||||
param containername string
|
||||
param CustomModulesBaseURL string
|
||||
param DepartmentNumber string
|
||||
param DepartmentName string
|
||||
param guardrailsKVname string
|
||||
param guardrailsLogAnalyticscustomerId string
|
||||
param guardrailsStoragename string
|
||||
param HealthLAWResourceId string
|
||||
param TenantDomainUPN string
|
||||
param Locale string
|
||||
param lighthouseTargetManagementGroupID string
|
||||
param Locale string
|
||||
param location string
|
||||
param newDeployment bool = true
|
||||
param PBMMPolicyID string
|
||||
param releaseDate string
|
||||
param releaseVersion string
|
||||
param SecurityLAWResourceId string
|
||||
param TenantDomainUPN string
|
||||
param updatePSModules bool = false
|
||||
|
||||
resource guardrailsAC 'Microsoft.Automation/automationAccounts@2021-06-22' = if (newDeployment || updatePSModules) {
|
||||
|
|
@ -353,5 +354,13 @@ resource module14 'modules' = if (newDeployment || updatePSModules) {
|
|||
'value': '"${lighthouseTargetManagementGroupID}"'
|
||||
}
|
||||
}
|
||||
|
||||
resource variable17 'variables' = if (newDeployment) {
|
||||
name: 'DepartmentName'
|
||||
'properties': {
|
||||
'isEncrypted': true
|
||||
'value': '"${DepartmentName}"'
|
||||
}
|
||||
}
|
||||
}
|
||||
output guardrailsAutomationAccountMSI string = guardrailsAC.identity.principalId
|
||||
|
|
|
|||
|
|
@ -10,6 +10,8 @@ $ReportTime=(get-date).tostring("yyyy-MM-dd HH:mm:ss")
|
|||
#$StorageAccountName=Get-AutomationVariable -Name "StorageAccountName"
|
||||
$Locale=Get-AutomationVariable -Name "GuardRailsLocale"
|
||||
$lighthouseTargetManagementGroupID = Get-AutomationVariable -Name lighthouseTargetManagementGroupID -ErrorAction SilentlyContinue
|
||||
$DepartmentName = Get-AutomationVariable -Name "DepartmentName"
|
||||
$DepartmentNumber = Get-AutomationVariable -Name "DepartmentNumber"
|
||||
|
||||
# Connects to Azure using the Automation Account's managed identity
|
||||
try {
|
||||
|
|
@ -36,7 +38,7 @@ get-itsgdata -URL $itsgURL -WorkSpaceID $WorkSpaceID -workspaceKey $WorkspaceKey
|
|||
Check-UpdateAvailable -WorkSpaceID $WorkSpaceID -WorkspaceKey $WorkspaceKey -ReportTime $ReportTime
|
||||
|
||||
# Updates Tenant info.
|
||||
Add-TenantInfo -WorkSpaceID $WorkSpaceID -WorkspaceKey $WorkspaceKey -ReportTime $ReportTime -TenantId $tenantID
|
||||
Add-TenantInfo -WorkSpaceID $WorkSpaceID -WorkspaceKey $WorkspaceKey -ReportTime $ReportTime -TenantId $tenantID -DepartmentName $DepartmentName -DepartmentNumber $DepartmentNumber
|
||||
|
||||
# Ensure the 'Microsoft.ManagedServices' resource provider is registered under each subscription at the delegated management group
|
||||
If ($lighthouseTargetManagementGroupID) {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,107 @@
|
|||
Department_number-Ministère_numéro,Department-name_English-Ministère_nom_anglais,Department_name_French-Ministère_nom_français
|
||||
"001","Agriculture and Agri-Food (Department of)","Agriculture et de l'Agroalimentaire (Ministère de l')"
|
||||
"002","Office of the Auditor General","Bureau du vérificateur général"
|
||||
"004","Public Service Commission","Commission de la fonction publique"
|
||||
"005","Foreign Affairs, Trade and Development (Department of)","Affaires étrangères, du Commerce et du Développement (Ministère des)"
|
||||
"006","Finance (Department of)","Finances (Ministère des)"
|
||||
"007","Environment (Department of the)","Environnement (Ministère de l')"
|
||||
"008","Office of the Governor General's Secretary","Bureau du secrétaire du gouverneur général"
|
||||
"009","Senate","Sénat"
|
||||
"011","Office of the Superintendent of Financial Institutions","Bureau du surintendant des institutions financières"
|
||||
"012","Economic Development Agency of Canada for the Regions of Quebec","Agence de développement économique du Canada pour les régions du Québec"
|
||||
"013","Justice (Department of)","Justice (Ministère de la)"
|
||||
"014","Employment and Social Development (Department of)","Emploi et du Développement social (Ministère de l')"
|
||||
"015","Office of the Chief Electoral Officer","Bureau du directeur général des élections"
|
||||
"016","Canadian Radio-television and Telecommunications Commission","Conseil de la radiodiffusion et des télécommunications canadiennes"
|
||||
"017","Library of Parliament","Bibliothèque du Parlement"
|
||||
"018","National Defence (Department of)","Défense nationale (Ministère de la)"
|
||||
"019","Office of the Director of Public Prosecutions","Bureau du directeur des poursuites pénales"
|
||||
"021","Veterans Affairs (Department of)","Anciens Combattants (Ministère des)"
|
||||
"022","Health (Department of)","Santé (Ministère de la)"
|
||||
"023","Atlantic Canada Opportunities Agency","Agence de promotion économique du Canada atlantique"
|
||||
"024","International Joint Commission (Canadian Section)","Commission mixte internationale (section canadienne)"
|
||||
"025","Privy Council Office","Bureau du Conseil privé"
|
||||
"027","Natural Sciences and Engineering Research Council","Conseil de recherches en sciences naturelles et en génie"
|
||||
"030","Royal Canadian Mounted Police","Gendarmerie royale du Canada"
|
||||
"032","Immigration and Refugee Board","Commission de l'immigration et du statut de réfugié"
|
||||
"033","Industry (Department of)","Industrie (Ministère de l')"
|
||||
"034","Transport (Department of)","Transports (Ministère des)"
|
||||
"035","National Research Council of Canada","Conseil national de recherches du Canada"
|
||||
"037","Telefilm Canada","Téléfilm Canada"
|
||||
"038","Canada Border Services Agency - (Administered Activities)","Agence des services frontaliers du Canada - (activités administrées)"
|
||||
"039","National Film Board","Office national du film"
|
||||
"040","Canadian Transportation Agency","Office des transports du Canada"
|
||||
"041","Natural Resources (Department of)","Ressources naturelles (Ministère des)"
|
||||
"042","Department of Crown-Indigenous Relations and Northern Affairs","Ministère des Relations Couronne-Autochtones et des Affaires du Nord"
|
||||
"043","Canadian Intergovernmental Conference Secretariat","Secrétariat des conférences intergouvernementales canadiennes"
|
||||
"044","Western Economic Diversification (Department of)","Diversification de l'économie de l'Ouest canadien (Ministère de la)"
|
||||
"046","Office of the Public Sector Integrity Commissioner","Commissariat à l'intégrité du secteur public"
|
||||
"047","Canadian Nuclear Safety Commission","Commission canadienne de sûreté nucléaire"
|
||||
"050","Citizenship and Immigration (Department of)","Citoyenneté et de l'Immigration (Ministère de la)"
|
||||
"051","Office of the Commissioner for Federal Judicial Affairs","Bureau du commissaire à la magistrature fédérale"
|
||||
"052","Canada School of Public Service","Ãcole de la fonction publique du Canada"
|
||||
"053","Correctional Service of Canada","Service correctionnel du Canada"
|
||||
"054","Statistics Canada","Statistique Canada"
|
||||
"056","Treasury Board Secretariat","Secrétariat du Conseil du Trésor"
|
||||
"057","Parole Board of Canada","Commission des libérations conditionnelles du Canada"
|
||||
"061","Canadian Institutes of Health Research","Instituts de recherche en santé du Canada"
|
||||
"062","Federal Economic Development Agency for Southern Ontario","Agence fédérale de développement économique pour le Sud de l'Ontario"
|
||||
"063","Social Sciences and Humanities Research Council","Conseil de recherches en sciences humaines"
|
||||
"066","Northern Pipeline Agency","Administration du pipe-line du Nord"
|
||||
"067","House of Commons","Chambre des communes"
|
||||
"075","Canadian Human Rights Commission","Commission canadienne des droits de la personne"
|
||||
"076","Office of the Commissioner of Official Languages","Commissariat aux langues officielles"
|
||||
"078","Canadian Northern Economic Development Agency","Agence canadienne de développement économique du Nord"
|
||||
"079","Payroll System General Ledger","Grand livre général du système de la paye"
|
||||
"080","Registrar of the Supreme Court of Canada","Registraire de la Cour suprême du Canada"
|
||||
"085","Canada Border Services Agency","Agence des services frontaliers du Canada"
|
||||
"086","Fisheries and Oceans (Department of)","Pêches et des Océans (Ministère des)"
|
||||
"087","Public Service Superannuation","Pension de retraite de la fonction publique"
|
||||
"088","Public Safety and Emergency Preparedness (Department of)","Sécurité publique et de la Protection civile (Ministère de la)"
|
||||
"091","Canada Mortgage and Housing Corporation (Crown Corporation)","Société canadienne d'hypothèques et de logement (Société d'Ãtat)"
|
||||
"095","Canadian Security Intelligence Service","Service canadien du renseignement de sécurité"
|
||||
"096","Offices of the Information and Privacy Commissioners of Canada","Commissariats à l'information et à la protection de la vie privée au Canada"
|
||||
"097","Receiver General","Receveur général"
|
||||
"100","Canadian Centre for Occupational Health and Safety","Centre canadien d'hygiène et de sécurité au travail"
|
||||
"101","Canadian Transportation Accident Investigation and Safety Board","Bureau canadien d'enquête sur les accidents de transport et de la sécurité des transports"
|
||||
"102","The National Battlefields Commission","Commission des champs de bataille nationaux"
|
||||
"109","Patented Medicine Prices Review Board","Conseil d'examen du prix des médicaments brevetés"
|
||||
"116","Copyright Board","Commission du droit d'auteur"
|
||||
"119","Canadian Space Agency","Agence spatiale canadienne"
|
||||
"122","Canada Revenue Agency - (Administered Activities)","Agence du revenu du Canada - (activités administrées)"
|
||||
"123","Export Development Canada (Crown Corporation)","Exportation et développement Canada (Société d'Ãtat)"
|
||||
"124","Parks Canada Agency","Agence Parcs Canada"
|
||||
"127","Public Works and Government Services (Department of)","Travaux publics et des Services gouvernementaux (Ministère des)"
|
||||
"130","Canada Revenue Agency","Agence du revenu du Canada"
|
||||
"131","Law Commission of Canada","Commission du droit du Canada"
|
||||
"133","Canadian Grain Commission","Commission canadienne des grains"
|
||||
"134","Canadian Dairy Commission","Commission canadienne du lait"
|
||||
"135","Canadian Heritage (Department of)","Patrimoine canadien (Ministère du)"
|
||||
"136","Canadian Food Inspection Agency","Agence canadienne d'inspection des aliments"
|
||||
"137","Military Police Complaints Commission","Commission d'examen des plaintes concernant la police militaire"
|
||||
"138","Military Grievances External Review Committee","Comité externe d'examen des griefs militaires"
|
||||
"139","Financial Transactions and Reports Analysis Centre of Canada","Centre d'analyse des opérations et déclarations financières du Canada"
|
||||
"141","Financial Consumer Agency of Canada","Agence de la consommation en matière financière du Canada"
|
||||
"142","Office of Infrastructure of Canada","Bureau de l'infrastructure du Canada"
|
||||
"144","Courts Administration Service","Service administratif des tribunaux judiciaires"
|
||||
"145","Library and Archives of Canada","Bibliothèque et Archives du Canada"
|
||||
"147","Office of the Conflict of Interest and Ethics Commissioner","Bureau du commissaire aux conflits d'intérêts et à l'éthique"
|
||||
"148","Public Health Agency of Canada","Agence de la santé publique du Canada"
|
||||
"151","Office of the Senate Ethics Officer","Bureau du conseiller sénatorial en éthique"
|
||||
"154","Office of the Commissioner of Lobbying","Commissariat au lobbying"
|
||||
"163","Shared Services Canada","Services partagés Canada"
|
||||
"165","Communications Security Establishment","Centre de la sécurité des télécommunications"
|
||||
"170","Administrative Tribunals Support Service of Canada","Service canadien d'appui aux tribunaux administratifs"
|
||||
"171","Canadian High Arctic Research Station","Station canadienne de recherche dans l'Extrême-Arctique"
|
||||
"176","Parliamentary Protective Service","Service de protection parlementaire"
|
||||
"180","Invest in Canada Hub","Investir au Canada"
|
||||
"183","Office of the Parliamentary Budget Officer","Bureau du directeur parlementaire du budget"
|
||||
"190","Department for Women and Gender Equality","Ministère des Femmes et de l'Ãgalité des genres"
|
||||
"191","Department of Indigenous Services","Ministère des Services aux Autochtones"
|
||||
"192","Secretariat of the National Security and Intelligence Committee of Parliamentarians","Secrétariat du Comité des parlementaires sur la sécurité nationale et le renseignement"
|
||||
"193","Leaders' Debates Commission","Commission des débats des chefs"
|
||||
"195","Canadian Energy Regulator","Régie canadienne de l'énergie"
|
||||
"196","National Security and Intelligence Review Agency Secretariat","Secrétariat de l'Office de surveillance des activités en matière de sécurité nationale et de renseignement"
|
||||
"197","Office of the Intelligence Commissioner","Bureau du commissaire au renseignement"
|
||||
"199","Canadian Accessibility Standards Development Organization","Organisation canadienne d'élaboration de normes d'accessibilité"
|
||||
"200","Federal Economic Development Agency for Northern Ontario","Agence fédérale de développement économique pour le Nord de l'Ontario"
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
RootModule = '.\gr-common.psm1'
|
||||
|
||||
# Version number of this module.
|
||||
ModuleVersion = '1.1.4'
|
||||
ModuleVersion = '1.1.5'
|
||||
|
||||
# Supported PSEditions
|
||||
# CompatiblePSEditions = @()
|
||||
|
|
|
|||
|
|
@ -233,13 +233,21 @@ Function Add-TenantInfo {
|
|||
$ReportTime,
|
||||
[Parameter(Mandatory=$true)]
|
||||
[string]
|
||||
$TenantId
|
||||
$TenantId,
|
||||
[Parameter(Mandatory=$true)]
|
||||
[string]
|
||||
$DepartmentName,
|
||||
[Parameter(Mandatory=$true)]
|
||||
[string]
|
||||
$DepartmentNumber
|
||||
)
|
||||
$tenantInfo=Get-AutomationVariable("tenantDomainUPN")
|
||||
$object = [PSCustomObject]@{
|
||||
TenantDomain = $tenantInfo
|
||||
DepartmentTenantID = $TenantId
|
||||
ReportTime = $ReportTime
|
||||
DepartmentName = $DepartmentName
|
||||
DepartmentNumber = $DepartmentNumber
|
||||
}
|
||||
Write-Output $tenantInfo
|
||||
$JSON= ConvertTo-Json -inputObject $object
|
||||
|
|
|
|||
|
|
@ -139,6 +139,34 @@ Function Confirm-GSAConfigurationParameters {
|
|||
Break
|
||||
}
|
||||
|
||||
# verify that Department Number has an associated Department Name, get name value for AA variable
|
||||
try {
|
||||
$uri = 'https://donnees-data.tpsgc-pwgsc.gc.ca/ba1/min-dept/min-dept.csv'
|
||||
$response = Invoke-RestMethod -Method GET -Uri $uri -StatusCodeVariable statusCode -ErrorAction Stop -ResponseHeadersVariable h
|
||||
}
|
||||
catch {
|
||||
Write-Error "Error retrieving department list from '$uri'. Verify that you have access to the internet. Falling back to local department list, which may be outdated."
|
||||
|
||||
$departmentList = Import-Csv -Path "$PSScriptRoot/../../../../setup/departmentList.csv"
|
||||
}
|
||||
If ($statusCode -eq 200) {
|
||||
try {
|
||||
$departmentList = $response | ConvertFrom-CSV -ErrorAction Stop
|
||||
}
|
||||
catch {
|
||||
Write-Error "Error converting department list from CSV to hashtable. Verify that the CSV format and response is valid!"
|
||||
break
|
||||
}
|
||||
|
||||
If ($departmentList.'Department_number-Ministère_numéro' -notcontains $config.DepartmentNumber) {
|
||||
Write-Error "Department Number '$($config.DepartmentNumber)' is not a valid department number or is not found in this GOC-published list: $uri. Verify that the department number is correct and that the published list is accurate."
|
||||
$departmentName = 'Department_Name_Unknown'
|
||||
}
|
||||
Else {
|
||||
$departmentName = $departmentList | Where-Object { $_.'Department_number-Ministère_numéro' -eq $config.DepartmentNumber } | Select-Object -ExpandProperty 'Department-name_English-Ministère_nom_anglais'
|
||||
}
|
||||
}
|
||||
|
||||
# get tenant id from curent context
|
||||
$context = Get-AzContext
|
||||
$tenantId = $context.Tenant.Id
|
||||
|
|
@ -171,6 +199,9 @@ Function Confirm-GSAConfigurationParameters {
|
|||
# generate run-time config parameters
|
||||
$config['runtime'] = @{}
|
||||
|
||||
## add department name
|
||||
$config['runtime']['DepartmentName'] = $departmentName
|
||||
|
||||
## confirm subscription selection
|
||||
Confirm-GSASubscriptionSelection -config $config
|
||||
|
||||
|
|
|
|||
|
|
@ -48,25 +48,26 @@ Function New-GSACoreResourceDeploymentParamObject {
|
|||
|
||||
Write-Verbose "Creating bicep parameters file for this deployment."
|
||||
$templateParameterObject = @{
|
||||
'kvName' = $config['runtime']['keyVaultName']
|
||||
'location' = $config.region
|
||||
'storageAccountName' = $config['runtime']['storageaccountName']
|
||||
'logAnalyticsWorkspaceName' = $config['runtime']['logAnalyticsworkspaceName']
|
||||
'AllowedLocationPolicyId' = $config.AllowedLocationPolicyId
|
||||
'automationAccountName' = $config['runtime']['autoMationAccountName']
|
||||
'subscriptionId' = (Get-AzContext).Subscription.Id
|
||||
'PBMMPolicyID' = $config.PBMMPolicyID
|
||||
'CBSSubscriptionName' = $config.CBSSubscriptionName
|
||||
'DepartmentNumber' = $config.DepartmentNumber
|
||||
'DepartmentName' = $config['runtime']['departmentName']
|
||||
'deployKV' = $config['runtime']['deployKV']
|
||||
'deployLAW' = $config['runtime']['deployLAW']
|
||||
'AllowedLocationPolicyId' = $config.AllowedLocationPolicyId
|
||||
'DepartmentNumber' = $config.DepartmentNumber
|
||||
'CBSSubscriptionName' = $config.CBSSubscriptionName
|
||||
'SecurityLAWResourceId' = $config.SecurityLAWResourceId
|
||||
'HealthLAWResourceId' = $config.HealthLAWResourceId
|
||||
'releaseVersion' = $config['runtime']['tagsTable'].ReleaseVersion
|
||||
'releasedate' = $config['runtime']['tagsTable'].ReleaseDate
|
||||
'Locale' = $config.Locale
|
||||
'tenantDomainUPN' = $config['runtime']['tenantDomainUPN']
|
||||
'kvName' = $config['runtime']['keyVaultName']
|
||||
'lighthouseTargetManagementGroupID' = $config.lighthouseTargetManagementGroupID
|
||||
'Locale' = $config.Locale
|
||||
'location' = $config.region
|
||||
'logAnalyticsWorkspaceName' = $config['runtime']['logAnalyticsworkspaceName']
|
||||
'PBMMPolicyID' = $config.PBMMPolicyID
|
||||
'releasedate' = $config['runtime']['tagsTable'].ReleaseDate
|
||||
'releaseVersion' = $config['runtime']['tagsTable'].ReleaseVersion
|
||||
'SecurityLAWResourceId' = $config.SecurityLAWResourceId
|
||||
'storageAccountName' = $config['runtime']['storageaccountName']
|
||||
'subscriptionId' = (Get-AzContext).Subscription.Id
|
||||
'tenantDomainUPN' = $config['runtime']['tenantDomainUPN']
|
||||
}
|
||||
# Adding URL parameter if specified
|
||||
[regex]$alternateURIRegex = '(https://github.com/.+?/(raw|archive)/.*?/psmodules)|(https://.+?\.blob\.core\.windows\.net/psmodules)'
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче