From e2b622ea04c166a7defd75f7372fc8ea9c26b2e0 Mon Sep 17 00:00:00 2001 From: Brian Moore Date: Tue, 29 Oct 2019 08:59:58 -0500 Subject: [PATCH] updates --- ARM Template/01 - Basics/Guide.md | 12 ++-- ARM Template/01 - Basics/blank.json | 10 +++ ARM Template/01 - Basics/final-01.json | 22 +++--- ARM Template/02 - Variables/Guide.md | 10 ++- ARM Template/02 - Variables/azuredeploy.json | 22 +++--- ARM Template/02 - Variables/blank.json | 10 +++ ARM Template/03 - Helpers/Guide.md | 64 +++++++++-------- ARM Template/03 - Helpers/azuredeploy.json | 75 ++++++++++---------- ARM Template/03 - Helpers/blank.json | 10 +++ ARM Template/04 - Security/Guide.md | 8 +-- ARM Template/04 - Security/blank.json | 10 +++ ARM Template/05 - Reusability/blank.json | 10 +++ 12 files changed, 159 insertions(+), 104 deletions(-) create mode 100644 ARM Template/01 - Basics/blank.json create mode 100644 ARM Template/02 - Variables/blank.json create mode 100644 ARM Template/03 - Helpers/blank.json create mode 100644 ARM Template/04 - Security/blank.json create mode 100644 ARM Template/05 - Reusability/blank.json diff --git a/ARM Template/01 - Basics/Guide.md b/ARM Template/01 - Basics/Guide.md index 75df8ea..d74da89 100644 --- a/ARM Template/01 - Basics/Guide.md +++ b/ARM Template/01 - Basics/Guide.md @@ -42,13 +42,13 @@ To deploy the template run the following command: PowerShell ```PowerShell -New-AzResourceGroupDeployment -ResourceGroupName IoC-03-000000 -TemplateFile azuredeploy.json -Verbose +New-AzResourceGroupDeployment -ResourceGroupName IoC-02-000000 -TemplateFile azuredeploy.json -Verbose ``` Azure CLI ```bash -az group deployment create --resource-group IoC-03-000000 --template-file azuredeploy.json --verbose +az group deployment create --resource-group IoC-02-000000 --template-file azuredeploy.json --verbose ``` You will see the status of the deployment in the command window. Since this template is empty, no resources are created and the deployment will finish quickly. @@ -99,13 +99,13 @@ To deploy the template run the following command: PowerShell ```PowerShell -New-AzResourceGroupDeployment -ResourceGroupName IoC-03-000000 -TemplateFile azuredeploy.json -Verbose +New-AzResourceGroupDeployment -ResourceGroupName IoC-02-000000 -TemplateFile azuredeploy.json -Verbose ``` Azure CLI ```bash -az group deployment create --resource-group IoC-03-000000 --template-file azuredeploy.json --verbose +az group deployment create --resource-group IoC-02-000000 --template-file azuredeploy.json --verbose ``` After the deployment go to the Azure Portal to see the virtual network created in the resource group. Find the virtual network and view the subnet created. You can also use the following commands: @@ -113,13 +113,13 @@ After the deployment go to the Azure Portal to see the virtual network created i PowerShell ```PowerShell -Get-AzVirtualNetwork -ResourceGroupName IoC-03-000000 +Get-AzVirtualNetwork -ResourceGroupName IoC-02-000000 ``` Azure CLI ```bash -az network vnet list -g IoC-03-000000 -o table +az network vnet list -g IoC-02-000000 -o table ``` Note that there is only one subnet in the virtual network. diff --git a/ARM Template/01 - Basics/blank.json b/ARM Template/01 - Basics/blank.json new file mode 100644 index 0000000..a617d0b --- /dev/null +++ b/ARM Template/01 - Basics/blank.json @@ -0,0 +1,10 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + }, + "variables": { + }, + "resources": [ + ] +} diff --git a/ARM Template/01 - Basics/final-01.json b/ARM Template/01 - Basics/final-01.json index fa14464..4c0e746 100644 --- a/ARM Template/01 - Basics/final-01.json +++ b/ARM Template/01 - Basics/final-01.json @@ -19,17 +19,6 @@ } }, "resources": [ - { - "type": "subnets", - "apiVersion": "2019-06-01", - "name": "subnet-1", - "dependsOn": [ - "virtualNetwork" - ], - "properties": { - "addressPrefix": "10.0.0.0/24" - } - }, { "type": "subnets", "apiVersion": "2019-06-01", @@ -40,6 +29,17 @@ "properties": { "addressPrefix": "10.0.1.0/24" } + }, + { + "type": "subnets", + "apiVersion": "2019-06-01", + "name": "subnet-1", + "dependsOn": [ + "virtualNetwork" + ], + "properties": { + "addressPrefix": "10.0.0.0/24" + } } ] } diff --git a/ARM Template/02 - Variables/Guide.md b/ARM Template/02 - Variables/Guide.md index afaec96..1647c41 100644 --- a/ARM Template/02 - Variables/Guide.md +++ b/ARM Template/02 - Variables/Guide.md @@ -140,20 +140,22 @@ A parameter for the location of resources was also defined. The virtual machine ## Deploy the Template -Before deploying the template, use VS Code to inspect your template for errors. Format the code if necessary using SHIFT+ALT+F in VS Code. Then in your command window, verify that your current directory is set to the directory used for this lab before running the following commands. +Before deploying the template, use VS Code to inspect your template for errors. Format the code if necessary using SHIFT+ALT+F in VS Code. + +- In the PowerShell command window, verify that your current directory is set to the directory used for this lab before running the following commands. > **NOTE:** When deploying the template, you will see a prompt for any parameter vaules that are not provided, for this lab, provide the same values each time you deploy. PowerShell ```PowerShell -New-AzResourceGroupDeployment -ResourceGroupName IoC-03-000000 -TemplateFile azuredeploy.json -Verbose +New-AzResourceGroupDeployment -ResourceGroupName IoC-02-000000 -TemplateFile azuredeploy.json -Verbose ``` Azure CLI ```bash -az group deployment create --resource-group IoC-03-000000 --template-file azuredeploy.json --verbose +az group deployment create --resource-group IoC-02-000000 --template-file azuredeploy.json --verbose ``` After the deployment completes, or while the deployment is in process, you can open the Azure Portal and see the resources deployed into your resource group. @@ -161,3 +163,5 @@ After the deployment completes, or while the deployment is in process, you can o ## Congratulations This is the end of this section of the lab. To see a finished solution, see the final.json file in this folder. + +TODO: delete the resources/vm diff --git a/ARM Template/02 - Variables/azuredeploy.json b/ARM Template/02 - Variables/azuredeploy.json index fa14464..4c0e746 100644 --- a/ARM Template/02 - Variables/azuredeploy.json +++ b/ARM Template/02 - Variables/azuredeploy.json @@ -19,17 +19,6 @@ } }, "resources": [ - { - "type": "subnets", - "apiVersion": "2019-06-01", - "name": "subnet-1", - "dependsOn": [ - "virtualNetwork" - ], - "properties": { - "addressPrefix": "10.0.0.0/24" - } - }, { "type": "subnets", "apiVersion": "2019-06-01", @@ -40,6 +29,17 @@ "properties": { "addressPrefix": "10.0.1.0/24" } + }, + { + "type": "subnets", + "apiVersion": "2019-06-01", + "name": "subnet-1", + "dependsOn": [ + "virtualNetwork" + ], + "properties": { + "addressPrefix": "10.0.0.0/24" + } } ] } diff --git a/ARM Template/02 - Variables/blank.json b/ARM Template/02 - Variables/blank.json new file mode 100644 index 0000000..a617d0b --- /dev/null +++ b/ARM Template/02 - Variables/blank.json @@ -0,0 +1,10 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + }, + "variables": { + }, + "resources": [ + ] +} diff --git a/ARM Template/03 - Helpers/Guide.md b/ARM Template/03 - Helpers/Guide.md index d2777ab..e833869 100644 --- a/ARM Template/03 - Helpers/Guide.md +++ b/ARM Template/03 - Helpers/Guide.md @@ -9,29 +9,29 @@ To begin this lab, start with the template from the previous lab or use the azur Next, add a Network Security Group to the template to help secure the resources deployed in the template. Copy and paste the code below at the top of the resources section of the template. ```json - { - "type": "Microsoft.Network/networkSecurityGroups", - "apiVersion": "2019-06-01", - "name": "nsg", - "location": "[parameters('location')]", - "properties": { - "securityRules": [ - { - "name": "default-allow-22", - "properties": { - "priority": 1000, - "sourceAddressPrefix": "*", - "protocol": "Tcp", - "destinationPortRange": "22", - "access": "Allow", - "direction": "Inbound", - "sourcePortRange": "*", - "destinationAddressPrefix": "*" + { + "type": "Microsoft.Network/networkSecurityGroups", + "apiVersion": "2019-06-01", + "name": "nsg", + "location": "[parameters('location')]", + "properties": { + "securityRules": [ + { + "name": "default-allow-22", + "properties": { + "priority": 1000, + "sourceAddressPrefix": "*", + "protocol": "Tcp", + "destinationPortRange": "22", + "access": "Allow", + "direction": "Inbound", + "sourcePortRange": "*", + "destinationAddressPrefix": "*" + } } - } - ] - } - }, + ] + } + }, ``` ## Create Variables @@ -50,12 +50,12 @@ Update the name property of the network security group to use the defined variab ## Assign the Network Security Group to a Subnet -Next the security group must be assigned to the network or network card. Placing the security group on a subnet will secure all resources in that subnet. Find the first subnet defined in the template, the subnet will be named "subnet-1". Copy and paste the following code at the top of the properties object of the subnet resource defintion: +The security group must be assigned to the network or network card. Placing the security group on a subnet will secure all resources in that subnet. Find the subnet named "subnet-1" in the template. Copy and paste the following code inside, and at the top of, the properties object of the subnet resource defintion above the addressPrefix: ```json "networkSecurityGroup": { "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('nsgName'))]" - } + }, ``` ### DependsOn @@ -68,18 +68,20 @@ Since the subnet requires the network security group, add a dependency between t ## Deploy the Template -Before deploying the template, use VS Code to inspect your template for errors. Then in your command window, verify that your current directory is set to the directory used for this lab before running the following commands. +Before deploying the template, format the code (SHIFT+ALT+F) and VS Code to inspect your template for errors. Then in your command window, verify that your current directory is set to the directory used for this lab before running the following commands. + +> **NOTE:** Set the current directory to the 03-Helpers folder for this lab PowerShell ```PowerShell -New-AzResourceGroupDeployment -ResourceGroupName IoC-03-000000 -TemplateFile azuredeploy.json -Verbose +New-AzResourceGroupDeployment -ResourceGroupName IoC-02-000000 -TemplateFile azuredeploy.json -Verbose ``` Azure CLI ```bash -az group deployment create --resource-group IoC-03-000000 --template-file azuredeploy.json --verbose +az group deployment create --resource-group IoC-02-000000 --template-file azuredeploy.json --verbose ``` After the deployment completes, or while the deployment is in process, you can open the Azure Portal and see the resources deployed into your resource group. @@ -133,7 +135,7 @@ Network Security Groups can contain multiple rules. The rules can be defined in ``` -You can see that this approach is verbose because some of the code is simply duplicated. Copy loops can be used in a number of ways in a template to reduce the duplication. Next, modify the template to create a copy loop for the security rules. +You can see that this approach is verbose because some of the code is duplicated which makes it harder to maintain. Copy loops can be used a number of ways in a template to reduce the duplication. Next, we'll modify the template to create a copy loop for the security rules. ### Modify the Network Security Group Definition @@ -155,7 +157,7 @@ Next add the following code to the top of the properties object on the network s "name": "securityRules", "count": "[length(parameters('nsgRules'))]", "input": { } - } + }, ``` This will create a copy loop for the property indicated by the name property of the copy loop - in this case the security rules property. The number of rules is determine by the count property, which in this case is determined by the size or length of the array parameter for the rules. @@ -239,13 +241,13 @@ Before deploying the template, use VS Code to inspect your template for errors. PowerShell ```PowerShell -New-AzResourceGroupDeployment -ResourceGroupName IoC-03-000000 -TemplateFile azuredeploy.json -Verbose +New-AzResourceGroupDeployment -ResourceGroupName IoC-02-000000 -TemplateFile azuredeploy.json -Verbose ``` Azure CLI ```bash -az group deployment create --resource-group IoC-03-000000 --template-file azuredeploy.json --verbose +az group deployment create --resource-group IoC-02-000000 --template-file azuredeploy.json --verbose ``` After the deployment completes, or while the deployment is in process, you can open the Azure Portal and see the resources deployed into your resource group. diff --git a/ARM Template/03 - Helpers/azuredeploy.json b/ARM Template/03 - Helpers/azuredeploy.json index 30670cb..ffe8fff 100644 --- a/ARM Template/03 - Helpers/azuredeploy.json +++ b/ARM Template/03 - Helpers/azuredeploy.json @@ -20,44 +20,6 @@ "subnetId": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworkName'), variables('subnet1Name'))]" }, "resources": [ - { - "type": "Microsoft.Network/virtualNetworks", - "apiVersion": "2019-06-01", - "name": "virtualNetwork", - "location": "[parameters('location')]", - "properties": { - "addressSpace": { - "addressPrefixes": [ - "10.0.0.0/16" - ] - } - }, - "resources": [ - { - "type": "subnets", - "apiVersion": "2019-06-01", - "name": "subnet-1", - "dependsOn": [ - "virtualNetwork" - ], - "properties": { - "addressPrefix": "10.0.0.0/24" - } - }, - { - "type": "subnets", - "apiVersion": "2019-06-01", - "name": "subnet-2", - "dependsOn": [ - "virtualNetwork", - "subnet-1" - ], - "properties": { - "addressPrefix": "10.0.1.0/24" - } - } - ] - }, { "type": "Microsoft.Network/networkInterfaces", "apiVersion": "2019-06-01", @@ -116,6 +78,43 @@ ] } } + }, + { + "type": "Microsoft.Network/virtualNetworks", + "apiVersion": "2019-06-01", + "name": "virtualNetwork", + "location": "[parameters('location')]", + "properties": { + "addressSpace": { + "addressPrefixes": [ + "10.0.0.0/16" + ] + } + }, + "resources": [ + { + "type": "subnets", + "apiVersion": "2019-06-01", + "name": "subnet-2", + "dependsOn": [ + "virtualNetwork" + ], + "properties": { + "addressPrefix": "10.0.1.0/24" + } + }, + { + "type": "subnets", + "apiVersion": "2019-06-01", + "name": "subnet-1", + "dependsOn": [ + "virtualNetwork" + ], + "properties": { + "addressPrefix": "10.0.0.0/24" + } + } + ] } ] } diff --git a/ARM Template/03 - Helpers/blank.json b/ARM Template/03 - Helpers/blank.json new file mode 100644 index 0000000..a617d0b --- /dev/null +++ b/ARM Template/03 - Helpers/blank.json @@ -0,0 +1,10 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + }, + "variables": { + }, + "resources": [ + ] +} diff --git a/ARM Template/04 - Security/Guide.md b/ARM Template/04 - Security/Guide.md index 03c13c1..3810d5c 100644 --- a/ARM Template/04 - Security/Guide.md +++ b/ARM Template/04 - Security/Guide.md @@ -26,13 +26,13 @@ Next, save the parameters file deploy the template using the file created. Befo PowerShell ```PowerShell -New-AzResourceGroupDeployment -ResourceGroupName IoC-03-000000 -TemplateFile azuredeploy.json -TemplateParametersFile azuredeploy.parameters.json -Verbose +New-AzResourceGroupDeployment -ResourceGroupName IoC-02-000000 -TemplateFile azuredeploy.json -TemplateParametersFile azuredeploy.parameters.json -Verbose ``` Azure CLI ```bash -az group deployment create --resource-group IoC-03-000000 --template-file azuredeploy.json --parameters @azuredeploy.parameters.json --verbose +az group deployment create --resource-group IoC-02-000000 --template-file azuredeploy.json --parameters @azuredeploy.parameters.json --verbose ``` After the deployment completes, or while the deployment is in process, you can open the Azure Portal and see the resources deployed into your resource group. @@ -83,13 +83,13 @@ Before deploying the template, use VS Code to inspect your template for errors. PowerShell ```PowerShell -New-AzResourceGroupDeployment -ResourceGroupName IoC-03-000000 -TemplateFile azuredeploy.json -Verbose +New-AzResourceGroupDeployment -ResourceGroupName IoC-02-000000 -TemplateFile azuredeploy.json -Verbose ``` Azure CLI ```bash -az group deployment create --resource-group IoC-03-000000 --template-file azuredeploy.json --verbose +az group deployment create --resource-group IoC-02-000000 --template-file azuredeploy.json --verbose ``` After the deployment completes, or while the deployment is in process, you can open the Azure Portal and see the resources deployed into your resource group. diff --git a/ARM Template/04 - Security/blank.json b/ARM Template/04 - Security/blank.json new file mode 100644 index 0000000..a617d0b --- /dev/null +++ b/ARM Template/04 - Security/blank.json @@ -0,0 +1,10 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + }, + "variables": { + }, + "resources": [ + ] +} diff --git a/ARM Template/05 - Reusability/blank.json b/ARM Template/05 - Reusability/blank.json new file mode 100644 index 0000000..a617d0b --- /dev/null +++ b/ARM Template/05 - Reusability/blank.json @@ -0,0 +1,10 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + }, + "variables": { + }, + "resources": [ + ] +}