Merge pull request #128 from Azure/topics/tb-126
MERGE: Enclave Parameters Incorrect for Deployment
This commit is contained in:
John Spinella
GitHub
Коммит
52ecaedb2e
|
|
@ -12,7 +12,7 @@
|
|||
"parTags": {
|
||||
"value": {
|
||||
"organization": "anoa",
|
||||
"region": "virginiagovus",
|
||||
"region": "<<region>>",
|
||||
"templateVersion": "v1.0",
|
||||
"deployEnvironment": "dev",
|
||||
"deploymentType": "NoOpsBicep"
|
||||
|
|
@ -23,6 +23,8 @@
|
|||
"subscriptionId": "<<subscriptionId>>",
|
||||
"virtualNetworkAddressPrefix": "10.0.100.0/24",
|
||||
"subnetAddressPrefix": "10.0.100.128/27",
|
||||
"peerToSpokeVirtualNetwork": true,
|
||||
"enablePrivateDnsZones": true,
|
||||
"subnets": [
|
||||
{
|
||||
"name": "AzureFirewallSubnet",
|
||||
|
|
@ -48,9 +50,9 @@
|
|||
}
|
||||
],
|
||||
"storageAccountAccess": {
|
||||
"enableRoleAssignmentForStorageAccount": true,
|
||||
"enableRoleAssignmentForStorageAccount": false,
|
||||
"principalIds": [
|
||||
"47c98c84-d2d0-41ed-b05a-fc5baa5cda78"
|
||||
"<<principalId>>"
|
||||
],
|
||||
"roleDefinitionIdOrName": "Contributor"
|
||||
}
|
||||
|
|
@ -61,6 +63,9 @@
|
|||
"subscriptionId": "<<subscriptionId>>",
|
||||
"virtualNetworkAddressPrefix": "10.0.110.0/26",
|
||||
"subnetAddressPrefix": "10.0.110.0/27",
|
||||
"peerToHubVirtualNetwork": true,
|
||||
"useRemoteGateway": false,
|
||||
"allowVirtualNetworkAccess": true,
|
||||
"sourceAddressPrefixes": [
|
||||
"10.0.115.0/26",
|
||||
"10.0.120.0/26"
|
||||
|
|
@ -120,6 +125,9 @@
|
|||
"subscriptionId": "<<subscriptionId>>",
|
||||
"virtualNetworkAddressPrefix": "10.0.115.0/26",
|
||||
"subnetAddressPrefix": "10.0.115.0/27",
|
||||
"peerToHubVirtualNetwork": true,
|
||||
"useRemoteGateway": false,
|
||||
"allowVirtualNetworkAccess": true,
|
||||
"sourceAddressPrefixes": [
|
||||
"10.0.110.0/26",
|
||||
"10.0.120.0/26"
|
||||
|
|
@ -179,6 +187,9 @@
|
|||
"subscriptionId": "<<subscriptionId>>",
|
||||
"virtualNetworkAddressPrefix": "10.0.120.0/26",
|
||||
"subnetAddressPrefix": "10.0.120.0/27",
|
||||
"peerToHubVirtualNetwork": true,
|
||||
"useRemoteGateway": false,
|
||||
"allowVirtualNetworkAccess": true,
|
||||
"sourceAddressPrefixes": [
|
||||
"10.0.115.0/26",
|
||||
"10.0.110.0/26"
|
||||
|
|
@ -237,11 +248,13 @@
|
|||
"value": {
|
||||
"name": "aks",
|
||||
"shortName": "aks",
|
||||
"subscriptionId": "896f5276-df9a-4317-a791-469396bef7fa",
|
||||
"subscriptionId": "<<subscriptionId>>",
|
||||
"enableDdosProtectionPlan": false,
|
||||
"network": {
|
||||
"virtualNetworkAddressPrefix": "10.0.125.0/26",
|
||||
"subnetAddressPrefix": "10.0.125.0/26",
|
||||
"allowVirtualNetworkAccess": true,
|
||||
"useRemoteGateway": false,
|
||||
"virtualNetworkDiagnosticsLogs": [],
|
||||
"virtualNetworkDiagnosticsMetrics": [],
|
||||
"networkSecurityGroupRules": [],
|
||||
|
|
@ -270,9 +283,9 @@
|
|||
}
|
||||
},
|
||||
"storageAccountAccess": {
|
||||
"enableRoleAssignmentForStorageAccount": true,
|
||||
"enableRoleAssignmentForStorageAccount": false,
|
||||
"principalIds": [
|
||||
"47c98c84-d2d0-41ed-b05a-fc5baa5cda78"
|
||||
"<<principalId>>"
|
||||
],
|
||||
"roleDefinitionIdOrName": "Contributor"
|
||||
}
|
||||
|
|
@ -293,6 +306,7 @@
|
|||
"enableRBAC": true,
|
||||
"enableResourceLock": false,
|
||||
"enablePodIdentity": false,
|
||||
"usePrivateDNSZone": true,
|
||||
"aksClusterSkuTier": "Free",
|
||||
"enableIngressApplicationGateway": false,
|
||||
"primaryAgentPoolProfile": {
|
||||
|
|
@ -321,9 +335,9 @@
|
|||
"enablePrivateClusterPublicFQDN": false
|
||||
},
|
||||
"aadProfile": {
|
||||
"aadProfileTenantId": "ded6b38d-d740-4564-ae25-2e3f041093be",
|
||||
"aadProfileTenantId": "<<tenantId>>",
|
||||
"aadProfileAdminGroupObjectIDs": [
|
||||
"47c98c84-d2d0-41ed-b05a-fc5baa5cda78"
|
||||
"<<objectId>>"
|
||||
],
|
||||
"enableAadProfileEnableAzureRBAC": true,
|
||||
"enableAadProfileManaged": true
|
||||
|
|
@ -332,7 +346,7 @@
|
|||
"omsagent": {
|
||||
"enable": true,
|
||||
"config": {
|
||||
"logAnalyticsWorkspaceResourceID": "/subscriptions/896f5276-df9a-4317-a791-469396bef7fa/resourcegroups/anoa-eastus-dev-logging-rg/providers/microsoft.operationalinsights/workspaces/anoa-eastus-dev-logging-log"
|
||||
"logAnalyticsWorkspaceResourceID": "/subscriptions/<<subscriptionId>>/resourcegroups/anoa-eastus-dev-logging-rg/providers/microsoft.operationalinsights/workspaces/anoa-eastus-dev-logging-log"
|
||||
}
|
||||
},
|
||||
"enableResourceLock": true,
|
||||
|
|
@ -340,17 +354,17 @@
|
|||
"azureKeyvaultSecretsProvider": true
|
||||
},
|
||||
"servicePrincipalProfile": {
|
||||
"clientId": "178979fa-74c1-46f2-b451-e8290b78fba3",
|
||||
"secret": "eEv8Q~PMmJpp-_rVruJqCGJHxcElAG0znC3eobxP"
|
||||
"clientId": "<<clientId>>",
|
||||
"secret": "<<secret>>"
|
||||
}
|
||||
}
|
||||
},
|
||||
"parNetworkArtifacts": {
|
||||
"value": {
|
||||
"enable": true,
|
||||
"enable": false,
|
||||
"artifactsKeyVault": {
|
||||
"keyVaultPolicies": {
|
||||
"objectId": "47c98c84-d2d0-41ed-b05a-fc5baa5cda78",
|
||||
"objectId": "<<objectId>>",
|
||||
"permissions": {
|
||||
"keys": [
|
||||
"get",
|
||||
|
|
@ -363,13 +377,13 @@
|
|||
"set"
|
||||
]
|
||||
},
|
||||
"tenantId": "ded6b38d-d740-4564-ae25-2e3f041093be"
|
||||
"tenantId": "<<tenantId>>"
|
||||
}
|
||||
},
|
||||
"storageAccountAccess": {
|
||||
"enableRoleAssignmentForStorageAccount": true,
|
||||
"enableRoleAssignmentForStorageAccount": false,
|
||||
"principalIds": [
|
||||
"47c98c84-d2d0-41ed-b05a-fc5baa5cda78"
|
||||
"<<principalId>>"
|
||||
],
|
||||
"roleDefinitionIdOrName": "Contributor"
|
||||
}
|
||||
|
|
@ -383,6 +397,7 @@
|
|||
"parAzureFirewall": {
|
||||
"value": {
|
||||
"enable": true,
|
||||
"disableBgpRoutePropagation": false,
|
||||
"clientPublicIPAddressAvailabilityZones": [],
|
||||
"managementPublicIPAddressAvailabilityZones": [],
|
||||
"supernetIPAddress": "10.0.96.0/19",
|
||||
|
|
@ -407,9 +422,9 @@
|
|||
],
|
||||
"storageAccountAccess": {
|
||||
"value": {
|
||||
"enableRoleAssignmentForStorageAccount": true,
|
||||
"enableRoleAssignmentForStorageAccount": false,
|
||||
"principalIds": [
|
||||
"47c98c84-d2d0-41ed-b05a-fc5baa5cda78"
|
||||
"<<principalId>>"
|
||||
],
|
||||
"roleDefinitionIdOrName": "Contributor"
|
||||
}
|
||||
|
|
@ -424,9 +439,9 @@
|
|||
"logAnalyticsWorkspaceSkuName": "PerGB2018",
|
||||
"logStorageSkuName": "Standard_GRS",
|
||||
"storageAccountAccess": {
|
||||
"enableRoleAssignmentForStorageAccount": true,
|
||||
"enableRoleAssignmentForStorageAccount": false,
|
||||
"principalIds": [
|
||||
"47c98c84-d2d0-41ed-b05a-fc5baa5cda78"
|
||||
"<<principalId>>"
|
||||
],
|
||||
"roleDefinitionIdOrName": "Contributor"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -930,6 +930,6 @@ output hub object = {
|
|||
|
||||
output logAnalyticsWorkspaceName string = modLogAnalyticsWorkspace.outputs.outLogAnalyticsWorkspaceName
|
||||
|
||||
output logAnalyticsWorkspaceResourceId string = modLogAnalyticsWorkspace.outputs.outLogAnalyticsWorkspaceId
|
||||
output logAnalyticsWorkspaceResourceId string = modLogAnalyticsWorkspace.outputs.outLogAnalyticsWorkspaceResourceId
|
||||
|
||||
output diagnosticStorageAccountName string = modOperationsNetwork.outputs.operationsLogStorageAccountName
|
||||
|
|
|
|||
|
|
@ -1053,6 +1053,6 @@ output hub object = {
|
|||
|
||||
output logAnalyticsWorkspaceName string = modLogAnalyticsWorkspace.outputs.outLogAnalyticsWorkspaceName
|
||||
|
||||
output logAnalyticsWorkspaceResourceId string = modLogAnalyticsWorkspace.outputs.outLogAnalyticsWorkspaceId
|
||||
output logAnalyticsWorkspaceResourceId string = modLogAnalyticsWorkspace.outputs.outLogAnalyticsWorkspaceResourceId
|
||||
|
||||
output diagnosticStorageAccountName string = modOperationsNetwork.outputs.operationsLogStorageAccountName
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@
|
|||
],
|
||||
"subnets": [],
|
||||
"routeTable": {
|
||||
"disableBgpRoutePropagation": false,
|
||||
"disableBgpRoutePropagation": true,
|
||||
"routes": [
|
||||
{
|
||||
"name": "wl-routetable",
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче