Azure
/
data-landing-zone
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

initial push

This commit is contained in:
Marvin Buss 2020-08-07 18:22:11 +02:00
Родитель 86ad4c7a80
Коммит 6be53d1e8c
13 изменённых файлов: 1096 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

63
.gitattributes поставляемый Normal file
Просмотреть файл

@ -0,0 +1,63 @@
###############################################################################
# Set default behavior to automatically normalize line endings.
###############################################################################
* text=auto
###############################################################################
# Set default behavior for command prompt diff.
#
# This is need for earlier builds of msysgit that does not have it on by
# default for csharp files.
# Note: This is only used by command line
###############################################################################
#*.cs diff=csharp
###############################################################################
# Set the merge driver for project and solution files
#
# Merging from the command prompt will add diff markers to the files if there
# are conflicts (Merging from VS is not affected by the settings below, in VS
# the diff markers are never inserted). Diff markers may cause the following
# file extensions to fail to load in VS. An alternative would be to treat
# these files as binary and thus will always conflict and require user
# intervention with every merge. To do so, just uncomment the entries below
###############################################################################
#*.sln merge=binary
#*.csproj merge=binary
#*.vbproj merge=binary
#*.vcxproj merge=binary
#*.vcproj merge=binary
#*.dbproj merge=binary
#*.fsproj merge=binary
#*.lsproj merge=binary
#*.wixproj merge=binary
#*.modelproj merge=binary
#*.sqlproj merge=binary
#*.wwaproj merge=binary
###############################################################################
# behavior for image files
#
# image files are treated as binary by default.
###############################################################################
#*.jpg binary
#*.png binary
#*.gif binary
###############################################################################
# diff behavior for common document formats
#
# Convert binary document formats to text before diffing them. This feature
# is only available from the command line. Turn it on by uncommenting the
# entries below.
###############################################################################
#*.doc diff=astextplain
#*.DOC diff=astextplain
#*.docx diff=astextplain
#*.DOCX diff=astextplain
#*.dot diff=astextplain
#*.DOT diff=astextplain
#*.pdf diff=astextplain
#*.PDF diff=astextplain
#*.rtf diff=astextplain
#*.RTF diff=astextplain

45
.github/workflows/vnetDeployment.yml поставляемый Normal file
Просмотреть файл

@ -0,0 +1,45 @@
name: Virtual Network Deployment
on:
push:
branches: [ main ]
paths:
- 'infra/VirtualNetwork/**'
- '.github/workflows/vnetDeployment.yml'
env:
AZURE_RESOURCE_GROUP: datanode001-network
AZURE_LOCATION: northeurope
jobs:
deployment:
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- name: Check Out Repository
id: checkout_repository
uses: actions/checkout@v2
# Login to Azure
- name: Azure Login
id: azure_login
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
# Deploys vnet
- name: Deploy vnet
uses: azure/CLI@v1
with:
azcliversion: latest
inlineScript: |
echo "Creating resource group ${{ env.AZURE_RESOURCE_GROUP }}"
az group create --location ${{ env.AZURE_LOCATION }} --name ${{ env.AZURE_RESOURCE_GROUP }}
echo "Creating deployment in resource group"
az deployment group create \
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
--template-file $GITHUB_WORKSPACE/infra/VirtualNetwork/deploy.vnet.json \
--parameters $GITHUB_WORKSPACE/infra/VirtualNetwork/params.vnet.json

340
.gitignore поставляемый Normal file
Просмотреть файл

@ -0,0 +1,340 @@
## Ignore Visual Studio temporary files, build results, and
## files generated by popular Visual Studio add-ons.
##
## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
# User-specific files
*.rsuser
*.suo
*.user
*.userosscache
*.sln.docstates
# User-specific files (MonoDevelop/Xamarin Studio)
*.userprefs
# Build results
[Dd]ebug/
[Dd]ebugPublic/
[Rr]elease/
[Rr]eleases/
x64/
x86/
[Aa][Rr][Mm]/
[Aa][Rr][Mm]64/
bld/
[Bb]in/
[Oo]bj/
[Ll]og/
# Visual Studio 2015/2017 cache/options directory
.vs/
# Uncomment if you have tasks that create the project's static files in wwwroot
#wwwroot/
# Visual Studio 2017 auto generated files
Generated\ Files/
# MSTest test Results
[Tt]est[Rr]esult*/
[Bb]uild[Ll]og.*
# NUNIT
*.VisualState.xml
TestResult.xml
# Build Results of an ATL Project
[Dd]ebugPS/
[Rr]eleasePS/
dlldata.c
# Benchmark Results
BenchmarkDotNet.Artifacts/
# .NET Core
project.lock.json
project.fragment.lock.json
artifacts/
# StyleCop
StyleCopReport.xml
# Files built by Visual Studio
*_i.c
*_p.c
*_h.h
*.ilk
*.meta
*.obj
*.iobj
*.pch
*.pdb
*.ipdb
*.pgc
*.pgd
*.rsp
*.sbr
*.tlb
*.tli
*.tlh
*.tmp
*.tmp_proj
*_wpftmp.csproj
*.log
*.vspscc
*.vssscc
.builds
*.pidb
*.svclog
*.scc
# Chutzpah Test files
_Chutzpah*
# Visual C++ cache files
ipch/
*.aps
*.ncb
*.opendb
*.opensdf
*.sdf
*.cachefile
*.VC.db
*.VC.VC.opendb
# Visual Studio profiler
*.psess
*.vsp
*.vspx
*.sap
# Visual Studio Trace Files
*.e2e
# TFS 2012 Local Workspace
$tf/
# Guidance Automation Toolkit
*.gpState
# ReSharper is a .NET coding add-in
_ReSharper*/
*.[Rr]e[Ss]harper
*.DotSettings.user
# JustCode is a .NET coding add-in
.JustCode
# TeamCity is a build add-in
_TeamCity*
# DotCover is a Code Coverage Tool
*.dotCover
# AxoCover is a Code Coverage Tool
.axoCover/*
!.axoCover/settings.json
# Visual Studio code coverage results
*.coverage
*.coveragexml
# NCrunch
_NCrunch_*
.*crunch*.local.xml
nCrunchTemp_*
# MightyMoose
*.mm.*
AutoTest.Net/
# Web workbench (sass)
.sass-cache/
# Installshield output folder
[Ee]xpress/
# DocProject is a documentation generator add-in
DocProject/buildhelp/
DocProject/Help/*.HxT
DocProject/Help/*.HxC
DocProject/Help/*.hhc
DocProject/Help/*.hhk
DocProject/Help/*.hhp
DocProject/Help/Html2
DocProject/Help/html
# Click-Once directory
publish/
# Publish Web Output
*.[Pp]ublish.xml
*.azurePubxml
# Note: Comment the next line if you want to checkin your web deploy settings,
# but database connection strings (with potential passwords) will be unencrypted
*.pubxml
*.publishproj
# Microsoft Azure Web App publish settings. Comment the next line if you want to
# checkin your Azure Web App publish settings, but sensitive information contained
# in these scripts will be unencrypted
PublishScripts/
# NuGet Packages
*.nupkg
# The packages folder can be ignored because of Package Restore
**/[Pp]ackages/*
# except build/, which is used as an MSBuild target.
!**/[Pp]ackages/build/
# Uncomment if necessary however generally it will be regenerated when needed
#!**/[Pp]ackages/repositories.config
# NuGet v3's project.json files produces more ignorable files
*.nuget.props
*.nuget.targets
# Microsoft Azure Build Output
csx/
*.build.csdef
# Microsoft Azure Emulator
ecf/
rcf/
# Windows Store app package directories and files
AppPackages/
BundleArtifacts/
Package.StoreAssociation.xml
_pkginfo.txt
*.appx
# Visual Studio cache files
# files ending in .cache can be ignored
*.[Cc]ache
# but keep track of directories ending in .cache
!?*.[Cc]ache/
# Others
ClientBin/
~$*
*~
*.dbmdl
*.dbproj.schemaview
*.jfm
*.pfx
*.publishsettings
orleans.codegen.cs
# Including strong name files can present a security risk
# (https://github.com/github/gitignore/pull/2483#issue-259490424)
#*.snk
# Since there are multiple workflows, uncomment next line to ignore bower_components
# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
#bower_components/
# RIA/Silverlight projects
Generated_Code/
# Backup & report files from converting an old project file
# to a newer Visual Studio version. Backup files are not needed,
# because we have git ;-)
_UpgradeReport_Files/
Backup*/
UpgradeLog*.XML
UpgradeLog*.htm
ServiceFabricBackup/
*.rptproj.bak
# SQL Server files
*.mdf
*.ldf
*.ndf
# Business Intelligence projects
*.rdl.data
*.bim.layout
*.bim_*.settings
*.rptproj.rsuser
*- Backup*.rdl
# Microsoft Fakes
FakesAssemblies/
# GhostDoc plugin setting file
*.GhostDoc.xml
# Node.js Tools for Visual Studio
.ntvs_analysis.dat
node_modules/
# Visual Studio 6 build log
*.plg
# Visual Studio 6 workspace options file
*.opt
# Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
*.vbw
# Visual Studio LightSwitch build output
**/*.HTMLClient/GeneratedArtifacts
**/*.DesktopClient/GeneratedArtifacts
**/*.DesktopClient/ModelManifest.xml
**/*.Server/GeneratedArtifacts
**/*.Server/ModelManifest.xml
_Pvt_Extensions
# Paket dependency manager
.paket/paket.exe
paket-files/
# FAKE - F# Make
.fake/
# JetBrains Rider
.idea/
*.sln.iml
# CodeRush personal settings
.cr/personal
# Python Tools for Visual Studio (PTVS)
__pycache__/
*.pyc
# Cake - Uncomment if you are using it
# tools/**
# !tools/packages.config
# Tabs Studio
*.tss
# Telerik's JustMock configuration file
*.jmconfig
# BizTalk build output
*.btp.cs
*.btm.cs
*.odx.cs
*.xsd.cs
# OpenCover UI analysis results
OpenCover/
# Azure Stream Analytics local run output
ASALocalRun/
# MSBuild Binary and Structured Log
*.binlog
# NVidia Nsight GPU debugger configuration file
*.nvuser
# MFractors (Xamarin productivity tool) working folder
.mfractor/
# Local History for Visual Studio
.localhistory/
# BeatPulse healthcheck temp database
healthchecksdb

107
infra/KeyVault/deploy.keyVault.json Normal file
Просмотреть файл

@ -0,0 +1,107 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Specifies the location for all resources."
}
},
"keyVaultName": {
"type": "string",
"metadata": {
"description": "Specifies the name of the key vault."
}
},
"subnetResourceId": {
"type": "string",
"metadata": {
"description": "Specifies the id of the subnet which the private endpoint uses."
}
},
"privateDnsZoneResourceGroupId": {
"type": "string",
"metadata": {
"description": "Specifies the ID of the resource group of the private dns zones."
}
}
},
"functions": [],
"variables": {
"location": "[parameters('location')]",
"keyVaultName": "[parameters('keyVaultName')]",
"subnetResourceId": "[parameters('subnetResourceId')]",
"privateDnsZoneResourceGroupId": "[parameters('privateDnsZoneResourceGroupId')]",
"privateDnsZoneResourceGroupName": "[last(split(variables('privateDnsZoneResourceGroupId'), '/'))]",
"templateUri": "https://raw.githubusercontent.com/marvinbuss/distributed-data-mesh/master/infra/PrivateEndpoint/deploy.privateEndpoint.json?token=AIHRGTTDXDUGYIFMB3UMCTK7GZTRW"
},
"resources": [
{
"name": "[variables('keyVaultName')]",
"type": "Microsoft.KeyVault/vaults",
"apiVersion": "2019-09-01",
"location": "[variables('location')]",
"properties": {
"enabledForDeployment": false,
"enabledForTemplateDeployment": false,
"enabledForDiskEncryption": false,
"enablePurgeProtection": true,
"enableSoftDelete": true,
"enableRbacAuthorization": false,
"tenantId": "[subscription().tenantId]",
"createMode": "default",
"accessPolicies": [
],
"sku": {
"name": "standard",
"family": "A"
},
"networkAcls": {
"bypass": "None",
"defaultAction": "Deny",
"ipRules": [
],
"virtualNetworkRules": [
]
}
}
},
{
"name": "KeyVaultPrivateEndpointDeployment",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2019-10-01",
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('keyVaultName'))]"
],
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "[variables('templateUri')]",
"contentVersion": "1.0.0.0"
},
"parameters": {
"privateEndpointName": {
"value": "[concat(variables('keyVaultName'), '-private-endpoint')]"
},
"privateEndpointLocation": {
"value": "[variables('location')]"
},
"privateLinkServiceResourceId": {
"value": "[resourceId('Microsoft.KeyVault/vaults', variables('keyVaultName'))]"
},
"privateLinkServiceGroupId": {
"value": "vault"
},
"subnetResourceId": {
"value": "[variables('subnetResourceId')]"
},
"privateDnsZoneId": {
"value": "[resourceId(reference(variables('privateDnsZoneResourceGroupId'), '2020-06-01', 'Full').subscriptionId, variables('privateDnsZoneResourceGroupName'), 'Microsoft.Network/privateDnsZones', 'privatelink.vaultcore.azure.net')]"
}
}
}
}
]
}

18
infra/KeyVault/params.keyVault001.json Normal file
Просмотреть файл

@ -0,0 +1,18 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"value": "northeurope"
},
"keyVaultName": {
"value": "datamesh001-keyvault"
},
"subnetResourceId": {
"value": "/subscriptions/4acba331-889b-4626-91a1-b64fc7dd884f/resourceGroups/data-mesh-network/providers/Microsoft.Network/virtualNetworks/data-mesh-vnet/subnets/private-endpoints-subnet"
},
"privateDnsZoneResourceGroupId": {
"value": "/subscriptions/4acba331-889b-4626-91a1-b64fc7dd884f/resourceGroups/buss-global-dns"
}
}
}

18
infra/KeyVault/params.keyVault002.json Normal file
Просмотреть файл

@ -0,0 +1,18 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"value": "northeurope"
},
"keyVaultName": {
"value": "datamesh002-keyvault"
},
"subnetResourceId": {
"value": "/subscriptions/4acba331-889b-4626-91a1-b64fc7dd884f/resourceGroups/data-mesh-network/providers/Microsoft.Network/virtualNetworks/data-mesh-vnet/subnets/private-endpoints-subnet"
},
"privateDnsZoneResourceGroupId": {
"value": "/subscriptions/4acba331-889b-4626-91a1-b64fc7dd884f/resourceGroups/buss-global-dns"
}
}
}

98
infra/PrivateEndpoint/deploy.privateEndpoint.json Normal file
Просмотреть файл

@ -0,0 +1,98 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"privateEndpointName": {
"type": "string",
"metadata": {
"description": "Specifies the name of your private endpoint."
}
},
"privateEndpointLocation": {
"type": "string",
"metadata": {
"description": "Specifies the location of your private endpoint."
}
},
"privateLinkServiceResourceId": {
"type": "string",
"metadata": {
"description": "Specifies the id of the resource to enable private endpoint for."
}
},
"privateLinkServiceGroupId": {
"type": "string",
"metadata": {
"description": "Specifies the id of the sub service to create a link for (e.g. sqlServer, blob, table)."
}
},
"subnetResourceId": {
"type": "string",
"metadata": {
"description": "Specifies the resource id of the subnet that should be used for the private endpoint."
}
},
"privateDnsZoneId": {
"type": "string",
"metadata": {
"description": "Specifies the resource id of the private DNS zone that should be used for the private endpoint."
}
}
},
"functions": [],
"variables": {
"privateEndpointName": "[parameters('privateEndpointName')]",
"privateEndpointLocation": "[parameters('privateEndpointLocation')]",
"privateLinkServiceResourceId": "[parameters('privateLinkServiceResourceId')]",
"privateLinkServiceGroupId": "[parameters('privateLinkServiceGroupId')]",
"subnetResourceId": "[parameters('subnetResourceId')]",
"privateDnsZoneId": "[parameters('privateDnsZoneId')]"
},
"resources": [
{
"type": "Microsoft.Network/privateEndpoints",
"apiVersion": "2020-05-01",
"name": "[variables('privateEndpointName')]",
"location": "[variables('privateEndpointLocation')]",
"properties": {
"privateLinkServiceConnections": [
{
"name": "[variables('privateEndpointName')]",
"properties": {
"privateLinkServiceId": "[variables('privateLinkServiceResourceId')]",
"groupIds": [
"[variables('privateLinkServiceGroupId')]"
]
}
}
],
"manualPrivateLinkServiceConnections": [
],
"subnet": {
"id": "[variables('subnetResourceId')]"
}
}
},
{
"name": "[concat(variables('privateEndpointName'), '/aRecord')]",
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
"apiVersion": "2020-05-01",
"dependsOn": [
"[resourceId('Microsoft.Network/privateEndpoints', variables('privateEndpointName'))]"
],
"location": "[variables('privateEndpointLocation')]",
"properties": {
"privateDnsZoneConfigs": [
{
"name": "[concat(variables('privateEndpointName'), '-aRecord')]",
"properties": {
"privateDnsZoneId": "[variables('privateDnsZoneId')]"
}
}
]
}
}
],
"outputs": {}
}

246
infra/Storage/deploy.storage.json Normal file
Просмотреть файл

@ -0,0 +1,246 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Specifies the location for all resources."
}
},
"storageAccountName": {
"type": "string",
"metadata": {
"description": "Specifies the name of the storage account."
}
},
"storageAccountType": {
"type": "string",
"defaultValue": "Standard_ZRS",
"allowedValues": [
"Standard_LRS",
"Standard_GRS",
"Standard_RAGRS",
"Standard_ZRS",
"Premium_LRS",
"Premium_ZRS",
"Standard_GZRS",
"Standard_RAGZRS"
],
"metadata": {
"description": "Specifies the SKU of the storage account."
}
},
"subnetResourceId": {
"type": "string",
"metadata": {
"description": "Specifies the id of the subnet which the private endpoint uses."
}
},
"privateDnsZoneResourceGroupId": {
"type": "string",
"metadata": {
"description": "Specifies the ID of the resource group of the private dns zones."
}
}
},
"variables": {
"location": "[parameters('location')]",
"storageAccountName": "[parameters('storageAccountName')]",
"storageAccountType": "[parameters('storageAccountType')]",
"subnetResourceId": "[parameters('subnetResourceId')]",
"privateDnsZoneResourceGroupId": "[parameters('privateDnsZoneResourceGroupId')]",
"privateDnsZoneResourceGroupName": "[last(split(variables('privateDnsZoneResourceGroupId'), '/'))]",
"templateUri": "https://raw.githubusercontent.com/marvinbuss/distributed-data-mesh/master/infra/PrivateEndpoint/deploy.privateEndpoint.json?token=AIHRGTTDXDUGYIFMB3UMCTK7GZTRW"
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2019-06-01",
"name": "[variables('storageAccountName')]",
"location": "[variables('location')]",
"identity": {
"type": "SystemAssigned"
},
"tags": {
},
"sku": {
"name": "[variables('storageAccountType')]"
},
"kind": "StorageV2",
"properties": {
"encryption": {
"services": {
"blob": {
"enabled": true,
"keyType": "Account"
},
"file": {
"enabled": true,
"keyType": "Account"
},
"table": {
"enabled": true,
"keyType": "Service"
},
"queue": {
"enabled": true,
"keyType": "Service"
}
},
"keySource": "Microsoft.Storage"
},
"networkAcls": {
"bypass": "Metrics",
"virtualNetworkRules": [
],
"ipRules": [
],
"defaultAction": "Deny"
},
"accessTier": "Hot",
"supportsHttpsTrafficOnly": true,
"isHnsEnabled": true,
"largeFileSharesState": "Disabled"
// "routingPreference": {
// "routingChoice": "MicrosoftRouting",
// "publishMicrosoftEndpoints": false,
// "publishInternetEndpoints": false
// }
},
"resources": [
{
"type": "managementPolicies",
"apiVersion": "2019-06-01",
"name": "default",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
],
"properties": {
"policy": {
"rules": [
{
"enabled": true,
"name": "default",
"type": "Lifecycle",
"definition": {
"actions": {
"baseBlob": {
"tierToCool": {
"daysAfterModificationGreaterThan": 90
}
// "tierToArchive": {
// "daysAfterModificationGreaterThan": 365
// }
}
// "snapshot": {
// "delete": {
// "daysAfterCreationGreaterThan": 90
// }
// }
},
"filters": {
"prefixMatch": [
],
"blobTypes": [
"blockBlob"
]
}
}
}
]
}
}
},
{
"type": "blobServices",
"apiVersion": "2019-06-01",
"name": "default",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
],
"properties": {
// "deleteRetentionPolicy": {
// "enabled": true,
// "days": 7
// }
// "isVersioningEnabled": true,
// "automaticSnapshotPolicyEnabled": true,
// "changeFeed": {
// "enabled": true
// }
}
},
{
"type": "blobServices/containers",
"apiVersion": "2019-06-01",
"name": "[concat('default/', 'dataproduct001')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
],
"properties": {
"publicAccess": "None"
}
},
{
"type": "blobServices/containers",
"apiVersion": "2019-06-01",
"name": "[concat('default/', 'dataproduct002')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
],
"properties": {
"publicAccess": "None"
}
},
{
"type": "blobServices/containers",
"apiVersion": "2019-06-01",
"name": "[concat('default/', 'dataproduct003')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
],
"properties": {
"publicAccess": "None"
}
}
]
},
{
"name": "BlobPrivateEndpointDeployment",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2019-10-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
],
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "[variables('templateUri')]",
"contentVersion": "1.0.0.0"
},
"parameters": {
"privateEndpointName": {
"value": "[concat(variables('storageAccountName'), '-private-endpoint')]"
},
"privateEndpointLocation": {
"value": "[variables('location')]"
},
"privateLinkServiceResourceId": {
"value": "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
},
"privateLinkServiceGroupId": {
"value": "blob"
},
"subnetResourceId": {
"value": "[variables('subnetResourceId')]"
},
"privateDnsZoneId": {
"value": "[resourceId(reference(variables('privateDnsZoneResourceGroupId'), '2020-06-01', 'Full').subscriptionId, variables('privateDnsZoneResourceGroupName'), 'Microsoft.Network/privateDnsZones', 'privatelink.blob.core.windows.net')]"
}
}
}
}
]
}

21
infra/Storage/params.storage001.json Normal file
Просмотреть файл

@ -0,0 +1,21 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"value": "northeurope"
},
"storageAccountName": {
"value": "datanode001-dev"
},
"storageAccountType": {
"value": "Standard_ZRS"
},
"subnetResourceId": {
"value": "/subscriptions/4acba331-889b-4626-91a1-b64fc7dd884f/resourceGroups/data-mesh-network/providers/Microsoft.Network/virtualNetworks/data-mesh-vnet/subnets/private-endpoints-subnet"
},
"privateDnsZoneResourceGroupId": {
"value": "/subscriptions/4acba331-889b-4626-91a1-b64fc7dd884f/resourceGroups/buss-global-dns"
}
}
}

21
infra/Storage/params.storage002.json Normal file
Просмотреть файл

@ -0,0 +1,21 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"value": "northeurope"
},
"storageAccountName": {
"value": "datanode001-test"
},
"storageAccountType": {
"value": "Standard_ZRS"
},
"subnetResourceId": {
"value": "/subscriptions/4acba331-889b-4626-91a1-b64fc7dd884f/resourceGroups/data-mesh-network/providers/Microsoft.Network/virtualNetworks/data-mesh-vnet/subnets/private-endpoints-subnet"
},
"privateDnsZoneResourceGroupId": {
"value": "/subscriptions/4acba331-889b-4626-91a1-b64fc7dd884f/resourceGroups/buss-global-dns"
}
}
}

21
infra/Storage/params.storage003.json Normal file
Просмотреть файл

@ -0,0 +1,21 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"value": "northeurope"
},
"storageAccountName": {
"value": "datanode001"
},
"storageAccountType": {
"value": "Standard_ZRS"
},
"subnetResourceId": {
"value": "/subscriptions/4acba331-889b-4626-91a1-b64fc7dd884f/resourceGroups/data-mesh-network/providers/Microsoft.Network/virtualNetworks/data-mesh-vnet/subnets/private-endpoints-subnet"
},
"privateDnsZoneResourceGroupId": {
"value": "/subscriptions/4acba331-889b-4626-91a1-b64fc7dd884f/resourceGroups/buss-global-dns"
}
}
}

83
infra/VirtualNetwork/deploy.vnet.json Normal file
Просмотреть файл

@ -0,0 +1,83 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Specifies the location for all resources."
}
},
"vnetName": {
"type": "string",
"metadata": {
"description": "Specifies the name of the vnet that gets created."
}
},
"peeredVirtualNetworkId": {
"type": "string",
"metadata": {
"description": "Specifies the id of the network that should be peered."
}
}
},
"variables": {
"location": "[parameters('location')]",
"vnetName": "[parameters('vnetName')]",
"peeredVirtualNetworkId": "[parameters('peeredVirtualNetworkId')]"
},
"resources": [
{
"name": "[variables('vnetName')]",
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2020-05-01",
"location": "[variables('location')]",
"dependsOn": [
],
"properties": {
"addressSpace": {
"addressPrefixes": [
"10.1.0.0/16"
]
},
"subnets": [
{
"name": "datanode-storage-subnet",
"properties": {
"addressPrefix": "10.0.0.0/27",
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Disabled"
}
}
],
"virtualNetworkPeerings": [
{
"name": "datahub-vnet",
"id": "[variables('peeredVirtualNetworkId')]",
"properties": {
"allowForwardedTraffic": true,
"allowGatewayTransit": true,
"allowVirtualNetworkAccess": true,
"peeringState": "Connected",
"remoteVirtualNetwork": {
"id": "[variables('peeredVirtualNetworkId')]"
},
"useRemoteGateways": true
}
}
]
}
}
// {
// "name": "datanode-storage-nsg",
// "type": "Microsoft.Network/networkSecurityGroups",
// "apiVersion": "2019-11-01",
// "location": "[variables('location')]",
// "properties": {
// "securityRules": [
// ]
// }
// }
]
}

15
infra/VirtualNetwork/params.vnet.json Normal file
Просмотреть файл

@ -0,0 +1,15 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"value": "northeurope"
},
"vnetName": {
"value": "datanode001-vnet"
},
"peeredVirtualNetworkId": {
"value": "/subscriptions/558bd446-4212-46a2-908c-9ab0a628705e/resourceGroups/datahub-network/providers/Microsoft.Network/virtualNetworks/datahub-vnet"
}
}
}