Azure
/
azure-quickstart-templates
зеркало из https://github.com/Azure/azure-quickstart-templates.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

update azuredeploy.json README.md for (demos\imagebuilder-windowsbaseline) ***NO_CI***

This commit is contained in:
Azure Quickstarts Pipeline 2023-05-18 15:34:49 +00:00
Родитель 176bd5be40
Коммит 1b6e20bf5d
3 изменённых файлов: 292 добавлений и 2 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
demos/imagebuilder-windowsbaseline/README.md
Просмотреть файл

@ -6,8 +6,8 @@ products:
- azure-resource-manager - azure-resource-manager
urlFragment: imagebuilder-windowsbaseline urlFragment: imagebuilder-windowsbaseline
languages: languages:
- json
- bicep - bicep
- json
--- ---
# Azure Image Builder with Azure Windows Baseline # Azure Image Builder with Azure Windows Baseline

290
demos/imagebuilder-windowsbaseline/azuredeploy.json Normal file
Просмотреть файл

@ -0,0 +1,290 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.17.1.54307",
"templateHash": "5091040178081578374"
}
},
"parameters": {
"_artifactsLocation": {
"type": "string",
"defaultValue": "[deployment().properties.templateLink.uri]",
"metadata": {
"description": "The base URI where artifacts required by this template are located including a trailing '/'"
}
},
"_artifactsLocationSasToken": {
"type": "securestring",
"defaultValue": "",
"metadata": {
"description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured."
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "The Azure region where resources in the template should be deployed."
}
},
"customizerScriptName": {
"type": "string",
"defaultValue": "scripts/runScript.ps1",
"metadata": {
"description": "The name of the customizer script which will be executed during image build."
}
},
"templateIdentityName": {
"type": "string",
"defaultValue": "[substring(format('ImageGallery_{0}', guid(resourceGroup().id)), 0, 21)]",
"metadata": {
"description": "Name of the user-assigned managed identity used by Azure Image Builder template, and for triggering the Azure Image Builder build at the end of the deployment"
}
},
"templateIdentityRoleDefinitionName": {
"type": "string",
"defaultValue": "[guid(resourceGroup().id)]",
"metadata": {
"description": "Permissions to allow for the user-assigned managed identity."
}
},
"imageGalleryName": {
"type": "string",
"defaultValue": "[substring(format('ImageGallery_{0}', guid(resourceGroup().id)), 0, 21)]",
"metadata": {
"description": "Name of the new Azure Image Gallery resource."
}
},
"imageDefinitionProperties": {
"type": "object",
"defaultValue": {
"name": "Win2022_AzureWindowsBaseline_Definition",
"publisher": "AzureWindowsBaseline",
"offer": "WindowsServer",
"sku": "2022-Datacenter"
},
"metadata": {
"description": "Detailed image information to set for the custom image produced by the Azure Image Builder build."
}
},
"vmSize": {
"type": "string",
"defaultValue": "Standard_D2_v3"
},
"imageTemplateName": {
"type": "string",
"defaultValue": "Win2022_AzureWindowsBaseline_Template",
"metadata": {
"description": "Name of the template to create in Azure Image Builder."
}
},
"runOutputName": {
"type": "string",
"defaultValue": "Win2022_AzureWindowsBaseline_CustomImage",
"metadata": {
"description": "Name of the custom iamge to create and distribute using Azure Image Builder."
}
},
"replicationRegions": {
"type": "array",
"defaultValue": [
"centralus",
"eastus2",
"westus2",
"northeurope",
"westeurope"
],
"metadata": {
"description": "List the regions in Azure where you would like to replicate the custom image after it is created."
}
},
"forceUpdateTag": {
"type": "string",
"defaultValue": "[newGuid()]",
"metadata": {
"description": "A unique string generated for each deployment, to make sure the script is always run."
}
}
},
"variables": {
"customizerScriptUri": "[uri(parameters('_artifactsLocation'), format('{0}{1}', parameters('customizerScriptName'), parameters('_artifactsLocationSasToken')))]",
"templateIdentityRoleAssignmentName": "[guid(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('templateIdentityName')), resourceGroup().id, resourceId('Microsoft.Authorization/roleDefinitions', parameters('templateIdentityRoleDefinitionName')))]"
},
"resources": [
{
"type": "Microsoft.ManagedIdentity/userAssignedIdentities",
"apiVersion": "2023-01-31",
"name": "[parameters('templateIdentityName')]",
"location": "[parameters('location')]"
},
{
"type": "Microsoft.Authorization/roleDefinitions",
"apiVersion": "2022-04-01",
"name": "[parameters('templateIdentityRoleDefinitionName')]",
"properties": {
"roleName": "[parameters('templateIdentityRoleDefinitionName')]",
"description": "Used for AIB template and ARM deployment script that runs AIB build",
"type": "customRole",
"permissions": [
{
"actions": [
"Microsoft.Compute/galleries/read",
"Microsoft.Compute/galleries/images/read",
"Microsoft.Compute/galleries/images/versions/read",
"Microsoft.Compute/galleries/images/versions/write",
"Microsoft.Compute/images/read",
"Microsoft.Compute/images/write",
"Microsoft.Compute/images/delete",
"Microsoft.Storage/storageAccounts/blobServices/containers/read",
"Microsoft.Storage/storageAccounts/blobServices/containers/write",
"Microsoft.ContainerInstance/containerGroups/read",
"Microsoft.ContainerInstance/containerGroups/write",
"Microsoft.ContainerInstance/containerGroups/start/action",
"Microsoft.Resources/deployments/read",
"Microsoft.Resources/deploymentScripts/read",
"Microsoft.Resources/deploymentScripts/write",
"Microsoft.VirtualMachineImages/imageTemplates/run/action"
]
}
],
"assignableScopes": [
"[resourceGroup().id]"
]
}
},
{
"type": "Microsoft.Authorization/roleAssignments",
"apiVersion": "2022-04-01",
"name": "[variables('templateIdentityRoleAssignmentName')]",
"properties": {
"roleDefinitionId": "[resourceId('Microsoft.Authorization/roleDefinitions', parameters('templateIdentityRoleDefinitionName'))]",
"principalId": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('templateIdentityName')), '2023-01-31').principalId]",
"principalType": "ServicePrincipal"
},
"dependsOn": [
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('templateIdentityName'))]",
"[resourceId('Microsoft.Authorization/roleDefinitions', parameters('templateIdentityRoleDefinitionName'))]"
]
},
{
"type": "Microsoft.Compute/galleries",
"apiVersion": "2022-03-03",
"name": "[parameters('imageGalleryName')]",
"location": "[parameters('location')]",
"properties": {}
},
{
"type": "Microsoft.Compute/galleries/images",
"apiVersion": "2022-03-03",
"name": "[format('{0}/{1}', parameters('imageGalleryName'), parameters('imageDefinitionProperties').name)]",
"location": "[parameters('location')]",
"properties": {
"osType": "Windows",
"osState": "Generalized",
"identifier": {
"publisher": "[parameters('imageDefinitionProperties').publisher]",
"offer": "[parameters('imageDefinitionProperties').offer]",
"sku": "[parameters('imageDefinitionProperties').sku]"
},
"recommended": {
"vCPUs": {
"min": 2,
"max": 8
},
"memory": {
"min": 16,
"max": 48
}
},
"hyperVGeneration": "V1"
},
"dependsOn": [
"[resourceId('Microsoft.Compute/galleries', parameters('imageGalleryName'))]"
]
},
{
"type": "Microsoft.VirtualMachineImages/imageTemplates",
"apiVersion": "2022-02-14",
"name": "[parameters('imageTemplateName')]",
"location": "[parameters('location')]",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"[format('{0}', resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('templateIdentityName')))]": {}
}
},
"properties": {
"buildTimeoutInMinutes": 60,
"vmProfile": {
"vmSize": "[parameters('vmSize')]",
"osDiskSizeGB": 127
},
"source": {
"type": "PlatformImage",
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "2022-Datacenter",
"version": "latest"
},
"customize": [
{
"type": "WindowsUpdate",
"searchCriteria": "IsInstalled=0",
"filters": [
"exclude:$_.Title -like '*Preview*'",
"include:$true"
],
"updateLimit": 40
},
{
"type": "PowerShell",
"name": "AzureWindowsBaseline",
"runElevated": true,
"scriptUri": "[variables('customizerScriptUri')]"
}
],
"distribute": [
{
"type": "SharedImage",
"galleryImageId": "[resourceId('Microsoft.Compute/galleries/images', parameters('imageGalleryName'), parameters('imageDefinitionProperties').name)]",
"runOutputName": "[parameters('runOutputName')]",
"replicationRegions": "[parameters('replicationRegions')]"
}
]
},
"dependsOn": [
"[resourceId('Microsoft.Compute/galleries/images', parameters('imageGalleryName'), parameters('imageDefinitionProperties').name)]",
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('templateIdentityName'))]"
]
},
{
"type": "Microsoft.Resources/deploymentScripts",
"apiVersion": "2020-10-01",
"name": "Image_template_build",
"location": "[parameters('location')]",
"kind": "AzurePowerShell",
"identity": {
"type": "UserAssigned",
"userAssignedIdentities": {
"[format('{0}', resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('templateIdentityName')))]": {}
}
},
"properties": {
"forceUpdateTag": "[parameters('forceUpdateTag')]",
"azPowerShellVersion": "6.2",
"scriptContent": "[format('Invoke-AzResourceAction -ResourceName \"{0}\" -ResourceGroupName \"{1}\" -ResourceType \"Microsoft.VirtualMachineImages/imageTemplates\" -ApiVersion \"2020-02-14\" -Action Run -Force', parameters('imageTemplateName'), resourceGroup().name)]",
"timeout": "PT1H",
"cleanupPreference": "OnSuccess",
"retentionInterval": "P1D"
},
"dependsOn": [
"[resourceId('Microsoft.VirtualMachineImages/imageTemplates', parameters('imageTemplateName'))]",
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('templateIdentityName'))]",
"[resourceId('Microsoft.Authorization/roleAssignments', variables('templateIdentityRoleAssignmentName'))]"
]
}
]
}

2
demos/imagebuilder-windowsbaseline/metadata.json
Просмотреть файл

@ -5,7 +5,7 @@
"description": "Creates an Azure Image Builder environment and builds a Windows Server image with the latest Windows Updates and Azure Windows Baseline applied.", "description": "Creates an Azure Image Builder environment and builds a Windows Server image with the latest Windows Updates and Azure Windows Baseline applied.",
"summary": "This template creates an Azure Image Builder environment and builds a custom image with updates and security settings.", "summary": "This template creates an Azure Image Builder environment and builds a custom image with updates and security settings.",
"githubUsername": "mgreenegit", "githubUsername": "mgreenegit",
"dateUpdated": "2021-08-27", "dateUpdated": "2023-05-18",
"environments": [ "environments": [
"AzureCloud" "AzureCloud"
] ]