Azure
/
data-management-zone
зеркало из https://github.com/Azure/data-management-zone.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bundle Bastion Host with Simple E2E Deployment (#166) 

* Bundle Bastion Host with Simple E2E Deployment

* merged main

* updated portal def

* updated portal UI

* streamlined esa name

* Updated bicep version for templates

* fixed minor bug in template
This commit is contained in:
Marvin Buss 2021-10-22 12:50:51 +02:00 коммит произвёл GitHub
Родитель 8ef39fd39d
Коммит 3ec03c8b4a
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
4 изменённых файлов: 883 добавлений и 26 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

32
docs/reference/bastionhost/main.json
Просмотреть файл

@ -4,8 +4,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.613.9944",
"templateHash": "16612088227531531207"
"version": "0.4.1008.15138",
"templateHash": "6987624965477586384"
}
},
"parameters": {
@ -121,7 +121,7 @@
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2019-10-01",
"apiVersion": "2020-06-01",
"name": "networkServices",
"subscriptionId": "[variables('vnetSubscriptionId')]",
"resourceGroup": "[variables('vnetResourceGroupName')]",
@ -162,8 +162,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.613.9944",
"templateHash": "13030817408545927700"
"version": "0.4.1008.15138",
"templateHash": "10187757659530357192"
}
},
"parameters": {
@ -421,7 +421,7 @@
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2019-10-01",
"apiVersion": "2020-06-01",
"name": "bastionServices",
"resourceGroup": "[format('{0}-bastion', variables('name'))]",
"properties": {
@ -443,10 +443,10 @@
"value": "[parameters('virtualMachineSku')]"
},
"bastionSubnetId": {
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('vnetSubscriptionId'), variables('vnetResourceGroupName')), 'Microsoft.Resources/deployments', 'networkServices'), '2019-10-01').outputs.bastionSubnetId.value]"
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('vnetSubscriptionId'), variables('vnetResourceGroupName')), 'Microsoft.Resources/deployments', 'networkServices'), '2020-06-01').outputs.bastionSubnetId.value]"
},
"jumpboxSubnetId": {
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('vnetSubscriptionId'), variables('vnetResourceGroupName')), 'Microsoft.Resources/deployments', 'networkServices'), '2019-10-01').outputs.jumpboxSubnetId.value]"
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('vnetSubscriptionId'), variables('vnetResourceGroupName')), 'Microsoft.Resources/deployments', 'networkServices'), '2020-06-01').outputs.jumpboxSubnetId.value]"
},
"administratorUsername": {
"value": "[parameters('administratorUsername')]"
@ -461,8 +461,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.613.9944",
"templateHash": "5974803606266919289"
"version": "0.4.1008.15138",
"templateHash": "4537990983907796400"
}
},
"parameters": {
@ -501,7 +501,7 @@
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2019-10-01",
"apiVersion": "2020-06-01",
"name": "bastion001",
"properties": {
"expressionEvaluationOptions": {
@ -528,8 +528,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.613.9944",
"templateHash": "11836717545045514781"
"version": "0.4.1008.15138",
"templateHash": "9194233898920649047"
}
},
"parameters": {
@ -602,7 +602,7 @@
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2019-10-01",
"apiVersion": "2020-06-01",
"name": "virtualMachine001",
"properties": {
"expressionEvaluationOptions": {
@ -638,8 +638,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.613.9944",
"templateHash": "223020605881141162"
"version": "0.4.1008.15138",
"templateHash": "14575974093809669092"
}
},
"parameters": {

15
docs/reference/enterpriseScaleAnalytics.bicep
Просмотреть файл

@ -29,6 +29,8 @@ param administratorPassword string
param dataLandingZoneDetails array
@description('Specifies the prefix of Data Landing Zones.')
param dataLandingZonePrefix string
@description('Specifies whether Azure Bastion will be deployed in the first Data Landing Zone.')
param enableBastionHostDeployment bool
// Variables
var dataManagementZoneTemplateLink = 'https://raw.githubusercontent.com/Azure/data-management-zone/main/infra/main.json'
@ -222,6 +224,19 @@ resource dataLandingZoneDeployment 'Microsoft.Resources/deployments@2021-04-01'
}
}]
module bastionHostDeployment 'bastionhost/main.bicep' = if (enableBastionHostDeployment) {
name: 'bastionHostDeployment-${deployment().location}'
scope: subscription(dataLandingZoneDetails[0].subscription)
params: {
location: dataLandingZoneDetails[0].location
prefix: '${dataLandingZonePrefix}${padLeft(1, 3, '0')}'
administratorPassword: administratorPassword
vnetId: reference(dataLandingZoneDeployment[0].name).outputs.vnetId.value
defaultNsgId: reference(dataLandingZoneDeployment[0].name).outputs.nsgId.value
defaultRouteTableId: reference(dataLandingZoneDeployment[0].name).outputs.routeTableId.value
}
}
module vnetPeeringDeployment 'modules/vnetPeeringOrchestration.bicep' = [for index1 in range(0, length(dataLandingZoneDetails)): {
name: 'vnetPeeringDeployment-${index1}-${deployment().location}'
scope: subscription()

825
docs/reference/enterpriseScaleAnalytics.json
Просмотреть файл

@ -4,8 +4,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.613.9944",
"templateHash": "4381084809339667590"
"version": "0.4.1008.15138",
"templateHash": "3381100486305273792"
}
},
"parameters": {
@ -62,6 +62,12 @@
"metadata": {
"description": "Specifies the prefix of Data Landing Zones."
}
},
"enableBastionHostDeployment": {
"type": "bool",
"metadata": {
"description": "Specifies whether Azure Bastion will be deployed in the first Data Landing Zone."
}
}
},
"functions": [],
@ -266,13 +272,816 @@
"[subscriptionResourceId('Microsoft.Resources/deployments', format('dataManagementZoneDeployment-{0}', deployment().location))]"
]
},
{
"condition": "[parameters('enableBastionHostDeployment')]",
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "[format('bastionHostDeployment-{0}', deployment().location)]",
"subscriptionId": "[parameters('dataLandingZoneDetails')[0].subscription]",
"location": "[deployment().location]",
"properties": {
"expressionEvaluationOptions": {
"scope": "inner"
},
"mode": "Incremental",
"parameters": {
"location": {
"value": "[parameters('dataLandingZoneDetails')[0].location]"
},
"prefix": {
"value": "[format('{0}{1}', parameters('dataLandingZonePrefix'), padLeft(1, 3, '0'))]"
},
"administratorPassword": {
"value": "[parameters('administratorPassword')]"
},
"vnetId": {
"value": "[reference(format('dataLandingZoneDeployment-{0}-{1}', 0, deployment().location)).outputs.vnetId.value]"
},
"defaultNsgId": {
"value": "[reference(format('dataLandingZoneDeployment-{0}-{1}', 0, deployment().location)).outputs.nsgId.value]"
},
"defaultRouteTableId": {
"value": "[reference(format('dataLandingZoneDeployment-{0}-{1}', 0, deployment().location)).outputs.routeTableId.value]"
}
},
"template": {
"$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.1008.15138",
"templateHash": "6987624965477586384"
}
},
"parameters": {
"location": {
"type": "string",
"metadata": {
"description": "Specifies the location of your Data Landing Zone or Data Management Zone."
}
},
"environment": {
"type": "string",
"defaultValue": "dev",
"metadata": {
"description": "Specifies the environment of your Data Landing Zone or Data Management Zone."
},
"allowedValues": [
"dev",
"tst",
"prd"
]
},
"prefix": {
"type": "string",
"metadata": {
"description": "Specifies the prefix of your Data Landing Zone or Data Management Zone."
},
"maxLength": 10,
"minLength": 2
},
"tags": {
"type": "object",
"defaultValue": {},
"metadata": {
"description": "Specifies the tags that you want to apply to all resources."
}
},
"vnetId": {
"type": "string",
"metadata": {
"description": "Specifies the resource Id of the vnet in your Data Landing Zone or Data Management Zone."
}
},
"defaultNsgId": {
"type": "string",
"metadata": {
"description": "Specifies the resource Id of the default network security group of your Data Landing Zone or Data Management Zone."
}
},
"defaultRouteTableId": {
"type": "string",
"metadata": {
"description": "Specifies the resource Id of the default route table of your Data Landing Zone or Data Management Zone."
}
},
"bastionSubnetAddressPrefix": {
"type": "string",
"defaultValue": "10.1.10.0/24",
"metadata": {
"description": "Specifies the address space of the subnet that is used for Azure Bastion."
}
},
"jumpboxSubnetAddressPrefix": {
"type": "string",
"defaultValue": "10.1.11.0/24",
"metadata": {
"description": "Specifies the address space of the subnet that is used for Jumboxes."
}
},
"virtualMachineSku": {
"type": "string",
"defaultValue": "Standard_DS2_v2",
"metadata": {
"description": "Specifies the SKU of the virtual machine that gets created."
}
},
"administratorUsername": {
"type": "string",
"defaultValue": "VmMainUser",
"metadata": {
"description": "Specifies the administrator username of the virtual machine."
}
},
"administratorPassword": {
"type": "secureString",
"metadata": {
"description": "Specifies the administrator password of the virtual machine."
}
}
},
"functions": [],
"variables": {
"name": "[toLower(format('{0}-{1}', parameters('prefix'), parameters('environment')))]",
"tagsDefault": {
"Owner": "Enterprise Scale Analytics",
"Project": "Enterprise Scale Analytics",
"Environment": "[parameters('environment')]",
"Toolkit": "bicep",
"Name": "[variables('name')]"
},
"tagsJoined": "[union(variables('tagsDefault'), parameters('tags'))]",
"vnetSubscriptionId": "[if(greaterOrEquals(length(split(parameters('vnetId'), '/')), 9), split(parameters('vnetId'), '/')[2], subscription().id)]",
"vnetResourceGroupName": "[if(greaterOrEquals(length(split(parameters('vnetId'), '/')), 9), split(parameters('vnetId'), '/')[4], 'incorrectSegmentLength')]",
"vnetName": "[if(greaterOrEquals(length(split(parameters('vnetId'), '/')), 9), last(split(parameters('vnetId'), '/')), 'incorrectSegmentLength')]"
},
"resources": [
{
"type": "Microsoft.Resources/resourceGroups",
"apiVersion": "2021-01-01",
"name": "[format('{0}-bastion', variables('name'))]",
"location": "[parameters('location')]",
"tags": "[variables('tagsJoined')]",
"properties": {}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "networkServices",
"subscriptionId": "[variables('vnetSubscriptionId')]",
"resourceGroup": "[variables('vnetResourceGroupName')]",
"properties": {
"expressionEvaluationOptions": {
"scope": "inner"
},
"mode": "Incremental",
"parameters": {
"location": {
"value": "[parameters('location')]"
},
"prefix": {
"value": "[variables('name')]"
},
"tags": {
"value": "[variables('tagsJoined')]"
},
"vnetName": {
"value": "[variables('vnetName')]"
},
"bastionSubnetAddressPrefix": {
"value": "[parameters('bastionSubnetAddressPrefix')]"
},
"jumpboxSubnetAddressPrefix": {
"value": "[parameters('jumpboxSubnetAddressPrefix')]"
},
"defaultNsgId": {
"value": "[parameters('defaultNsgId')]"
},
"defaultRouteTableId": {
"value": "[parameters('defaultRouteTableId')]"
}
},
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.1008.15138",
"templateHash": "10187757659530357192"
}
},
"parameters": {
"location": {
"type": "string"
},
"prefix": {
"type": "string"
},
"tags": {
"type": "object"
},
"vnetName": {
"type": "string"
},
"bastionSubnetAddressPrefix": {
"type": "string",
"defaultValue": "10.1.10.0/24"
},
"jumpboxSubnetAddressPrefix": {
"type": "string",
"defaultValue": "10.1.11.0/24"
},
"defaultNsgId": {
"type": "string"
},
"defaultRouteTableId": {
"type": "string"
}
},
"functions": [],
"resources": [
{
"type": "Microsoft.Network/networkSecurityGroups",
"apiVersion": "2020-11-01",
"name": "[format('{0}-bastion-nsg', parameters('prefix'))]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
"properties": {
"securityRules": [
{
"name": "AllowHttpsInbound",
"properties": {
"description": "Required for HTTPS inbound communication of connecting user.",
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "443",
"sourceAddressPrefix": "Internet",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 120,
"direction": "Inbound",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
},
{
"name": "AllowGatewayManagerInbound",
"properties": {
"description": "Required for the control plane, that is, Gateway Manager to be able to talk to Azure Bastion.",
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "443",
"sourceAddressPrefix": "GatewayManager",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 130,
"direction": "Inbound",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
},
{
"name": "AllowAzureLoadBalancerInbound",
"properties": {
"description": "Required for the control plane, that is, Gateway Manager to be able to talk to Azure Bastion.",
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "443",
"sourceAddressPrefix": "AzureLoadBalancer",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 140,
"direction": "Inbound",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
},
{
"name": "AllowBastionCommunicationInbound",
"properties": {
"description": "Required for data plane communication between the underlying components of Azure Bastion.",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "",
"sourceAddressPrefix": "VirtualNetwork",
"destinationAddressPrefix": "VirtualNetwork",
"access": "Allow",
"priority": 150,
"direction": "Inbound",
"sourcePortRanges": [],
"destinationPortRanges": [
"5701",
"8080"
],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
},
{
"name": "AllowSshRdpOutbound",
"properties": {
"description": "Required for SSH and RDP outbound connectivity.",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "VirtualNetwork",
"access": "Allow",
"priority": 100,
"direction": "Outbound",
"sourcePortRanges": [],
"destinationPortRanges": [
"22",
"3389"
],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
},
{
"name": "AllowAzureCloudOutbound",
"properties": {
"description": "Required for Azure Cloud outbound connectivity (Logs and Metrics).",
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "443",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "AzureCloud",
"access": "Allow",
"priority": 110,
"direction": "Outbound",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
},
{
"name": "AllowBastionCommunicationOutbound",
"properties": {
"description": "Required for data plane communication between the underlying components of Azure Bastion.",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "",
"sourceAddressPrefix": "VirtualNetwork",
"destinationAddressPrefix": "VirtualNetwork",
"access": "Allow",
"priority": 120,
"direction": "Outbound",
"sourcePortRanges": [],
"destinationPortRanges": [
"5701",
"8080"
],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
},
{
"name": "AllowGetSessionInformationOutbound",
"properties": {
"description": "Required for session and certificate validation..",
"protocol": "*",
"sourcePortRange": "*",
"destinationPortRange": "80",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "Internet",
"access": "Allow",
"priority": 130,
"direction": "Outbound",
"sourcePortRanges": [],
"destinationPortRanges": [],
"sourceAddressPrefixes": [],
"destinationAddressPrefixes": []
}
}
]
}
},
{
"type": "Microsoft.Network/virtualNetworks/subnets",
"apiVersion": "2021-02-01",
"name": "[format('{0}/{1}', parameters('vnetName'), 'AzureBastionSubnet')]",
"properties": {
"addressPrefix": "[parameters('bastionSubnetAddressPrefix')]",
"addressPrefixes": [],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', format('{0}-bastion-nsg', parameters('prefix')))]"
},
"delegations": [],
"ipAllocations": [],
"privateEndpointNetworkPolicies": "Enabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpointPolicies": [],
"serviceEndpoints": []
},
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', format('{0}-bastion-nsg', parameters('prefix')))]"
]
},
{
"type": "Microsoft.Network/virtualNetworks/subnets",
"apiVersion": "2021-02-01",
"name": "[format('{0}/{1}', parameters('vnetName'), 'JumpboxSubnet')]",
"properties": {
"addressPrefix": "[parameters('jumpboxSubnetAddressPrefix')]",
"addressPrefixes": [],
"networkSecurityGroup": {
"id": "[parameters('defaultNsgId')]"
},
"routeTable": {
"id": "[parameters('defaultRouteTableId')]"
},
"delegations": [],
"ipAllocations": [],
"privateEndpointNetworkPolicies": "Enabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpointPolicies": [],
"serviceEndpoints": []
},
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), 'AzureBastionSubnet')]"
]
}
],
"outputs": {
"bastionSubnetId": {
"type": "string",
"value": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), 'AzureBastionSubnet')]"
},
"jumpboxSubnetId": {
"type": "string",
"value": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), 'JumpboxSubnet')]"
}
}
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "bastionServices",
"resourceGroup": "[format('{0}-bastion', variables('name'))]",
"properties": {
"expressionEvaluationOptions": {
"scope": "inner"
},
"mode": "Incremental",
"parameters": {
"location": {
"value": "[parameters('location')]"
},
"prefix": {
"value": "[variables('name')]"
},
"tags": {
"value": "[variables('tagsJoined')]"
},
"virtualMachineSku": {
"value": "[parameters('virtualMachineSku')]"
},
"bastionSubnetId": {
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('vnetSubscriptionId'), variables('vnetResourceGroupName')), 'Microsoft.Resources/deployments', 'networkServices'), '2020-06-01').outputs.bastionSubnetId.value]"
},
"jumpboxSubnetId": {
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('vnetSubscriptionId'), variables('vnetResourceGroupName')), 'Microsoft.Resources/deployments', 'networkServices'), '2020-06-01').outputs.jumpboxSubnetId.value]"
},
"administratorUsername": {
"value": "[parameters('administratorUsername')]"
},
"administratorPassword": {
"value": "[parameters('administratorPassword')]"
}
},
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.1008.15138",
"templateHash": "4537990983907796400"
}
},
"parameters": {
"location": {
"type": "string"
},
"prefix": {
"type": "string"
},
"tags": {
"type": "object"
},
"bastionSubnetId": {
"type": "string"
},
"jumpboxSubnetId": {
"type": "string"
},
"virtualMachineSku": {
"type": "string",
"defaultValue": "Standard_DS2_v2"
},
"administratorUsername": {
"type": "string",
"defaultValue": "VmMainUser"
},
"administratorPassword": {
"type": "secureString"
}
},
"functions": [],
"variables": {
"bastion001Name": "[format('{0}-bastion001', parameters('prefix'))]",
"virtualMachine001Name": "[format('{0}-vm001', parameters('prefix'))]"
},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "bastion001",
"properties": {
"expressionEvaluationOptions": {
"scope": "inner"
},
"mode": "Incremental",
"parameters": {
"location": {
"value": "[parameters('location')]"
},
"tags": {
"value": "[parameters('tags')]"
},
"bastionName": {
"value": "[variables('bastion001Name')]"
},
"subnetId": {
"value": "[parameters('bastionSubnetId')]"
}
},
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.1008.15138",
"templateHash": "9194233898920649047"
}
},
"parameters": {
"location": {
"type": "string"
},
"tags": {
"type": "object"
},
"bastionName": {
"type": "string"
},
"subnetId": {
"type": "string"
}
},
"functions": [],
"variables": {
"publicIpName": "[format('{0}-pip', parameters('bastionName'))]"
},
"resources": [
{
"type": "Microsoft.Network/publicIPAddresses",
"apiVersion": "2021-02-01",
"name": "[variables('publicIpName')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
"sku": {
"name": "Standard",
"tier": "Regional"
},
"properties": {
"publicIPAddressVersion": "IPv4",
"publicIPAllocationMethod": "Static"
}
},
{
"type": "Microsoft.Network/bastionHosts",
"apiVersion": "2021-02-01",
"name": "[parameters('bastionName')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
"sku": {
"name": "Standard"
},
"properties": {
"dnsName": "[parameters('bastionName')]",
"ipConfigurations": [
{
"name": "ipConfiguration",
"properties": {
"subnet": {
"id": "[parameters('subnetId')]"
},
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIpName'))]"
},
"privateIPAllocationMethod": "Dynamic"
}
}
]
},
"dependsOn": [
"[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIpName'))]"
]
}
]
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "virtualMachine001",
"properties": {
"expressionEvaluationOptions": {
"scope": "inner"
},
"mode": "Incremental",
"parameters": {
"location": {
"value": "[parameters('location')]"
},
"tags": {
"value": "[parameters('tags')]"
},
"subnetId": {
"value": "[parameters('jumpboxSubnetId')]"
},
"virtualmachineName": {
"value": "[variables('virtualMachine001Name')]"
},
"virtualMachineSku": {
"value": "[parameters('virtualMachineSku')]"
},
"administratorUsername": {
"value": "[parameters('administratorUsername')]"
},
"administratorPassword": {
"value": "[parameters('administratorPassword')]"
}
},
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.1008.15138",
"templateHash": "14575974093809669092"
}
},
"parameters": {
"location": {
"type": "string"
},
"tags": {
"type": "object"
},
"virtualmachineName": {
"type": "string"
},
"virtualMachineSku": {
"type": "string",
"defaultValue": "Standard_DS2_v2"
},
"administratorUsername": {
"type": "string",
"defaultValue": "VmMainUser"
},
"administratorPassword": {
"type": "secureString"
},
"subnetId": {
"type": "string"
}
},
"functions": [],
"variables": {
"nicName": "[format('{0}-nic', parameters('virtualmachineName'))]",
"diskName": "[format('{0}-disk', parameters('virtualmachineName'))]"
},
"resources": [
{
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2021-02-01",
"name": "[variables('nicName')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
"properties": {
"enableAcceleratedNetworking": false,
"enableIPForwarding": false,
"ipConfigurations": [
{
"name": "ipConfig",
"properties": {
"primary": true,
"privateIPAddressVersion": "IPv4",
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[parameters('subnetId')]"
}
}
}
],
"nicType": "Standard"
}
},
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2021-04-01",
"name": "[parameters('virtualmachineName')]",
"location": "[parameters('location')]",
"tags": "[parameters('tags')]",
"identity": {
"type": "SystemAssigned"
},
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('virtualMachineSku')]"
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]"
}
]
},
"osProfile": {
"adminUsername": "[parameters('administratorUsername')]",
"adminPassword": "[parameters('administratorPassword')]",
"computerName": "[take(parameters('virtualmachineName'), 15)]",
"allowExtensionOperations": true,
"windowsConfiguration": {
"enableAutomaticUpdates": true
}
},
"priority": "Regular",
"storageProfile": {
"imageReference": {
"offer": "WindowsServer",
"publisher": "MicrosoftWindowsServer",
"sku": "2022-datacenter",
"version": "latest"
},
"osDisk": {
"name": "[variables('diskName')]",
"caching": "ReadWrite",
"createOption": "FromImage",
"osType": "Windows",
"writeAcceleratorEnabled": false
}
}
},
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]"
]
}
]
}
}
}
]
}
},
"dependsOn": [
"[subscriptionResourceId('Microsoft.Resources/resourceGroups', format('{0}-bastion', variables('name')))]",
"[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('vnetSubscriptionId'), variables('vnetResourceGroupName')), 'Microsoft.Resources/deployments', 'networkServices')]"
]
}
]
}
},
"dependsOn": [
"[subscriptionResourceId('Microsoft.Resources/deployments', format('dataLandingZoneDeployment-{0}-{1}', 0, deployment().location))]",
"[subscriptionResourceId('Microsoft.Resources/deployments', format('dataLandingZoneDeployment-{0}-{1}', 0, deployment().location))]",
"[subscriptionResourceId('Microsoft.Resources/deployments', format('dataLandingZoneDeployment-{0}-{1}', 0, deployment().location))]"
]
},
{
"copy": {
"name": "vnetPeeringDeployment",
"count": "[length(range(0, length(parameters('dataLandingZoneDetails'))))]"
},
"type": "Microsoft.Resources/deployments",
"apiVersion": "2019-10-01",
"apiVersion": "2020-06-01",
"name": "[format('vnetPeeringDeployment-{0}-{1}', range(0, length(parameters('dataLandingZoneDetails')))[copyIndex()], deployment().location)]",
"location": "[deployment().location]",
"properties": {
@ -300,8 +1109,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.613.9944",
"templateHash": "10661167090285460076"
"version": "0.4.1008.15138",
"templateHash": "1258334118365795592"
}
},
"parameters": {
@ -324,7 +1133,7 @@
"count": "[length(parameters('destinationVnetIds'))]"
},
"type": "Microsoft.Resources/deployments",
"apiVersion": "2019-10-01",
"apiVersion": "2020-06-01",
"name": "[format('vnetPeering{0}', copyIndex())]",
"subscriptionId": "[variables('sourceVnetSubscriptionId')]",
"resourceGroup": "[variables('sourceVnetResourceGroupName')]",
@ -347,8 +1156,8 @@
"metadata": {
"_generator": {
"name": "bicep",
"version": "0.4.613.9944",
"templateHash": "4315184311947954713"
"version": "0.4.1008.15138",
"templateHash": "10472092457843784458"
}
},
"parameters": {

37
docs/reference/portal.enterpriseScaleAnalytics.json
Просмотреть файл

@ -175,7 +175,7 @@
"type": "Microsoft.Common.InfoBox",
"visible": true,
"options": {
"text": "Since not all service features are available in all regions, Enterprise Scale Analytics is available in a subset of regions.",
"text": "Since not all service features are available in all regions, Enterprise-Scale Analytics is available in a subset of regions.",
"style": "Info"
}
},
@ -335,7 +335,7 @@
"type": "Microsoft.Common.InfoBox",
"visible": true,
"options": {
"text": "Since not all service features are available in all regions, Enterprise Scale Analytics is available in a subset of regions.",
"text": "Since not all service features are available in all regions, Enterprise-Scale Analytics is available in a subset of regions.",
"style": "Info"
}
},
@ -682,6 +682,38 @@
"osPlatform": "Windows"
}
]
},
{
"name": "azureBastionSettings",
"label": "Azure Bastion Settings",
"type": "Microsoft.Common.Section",
"visible": true,
"elements": [
{
"name": "azureBastionText",
"type": "Microsoft.Common.TextBlock",
"visible": true,
"options": {
"text": "Specify whether you want to deploy Azure Bastion in the first Data Landing Zone.",
"link": {
"label": "",
"uri": ""
}
}
},
{
"name": "azureBastionCheckbox",
"label": "Deploy Azure Bastion",
"type": "Microsoft.Common.CheckBox",
"visible": true,
"defaultValue": false,
"toolTip": "Enable the deployment of Azure Bastion and jumpbox in the first Data Landing Zone.",
"constraints": {
"required": false,
"validationMessage": "Enable deployment of Azure Bastion and jumpbox inside the first Data Landing Zone."
}
}
]
}
]
},
@ -720,6 +752,7 @@
"administratorPassword": "[steps('dataLandingZoneSettings').dataLandingZonesServicesSettings.administratorPassword.password]",
"dataLandingZoneDetails": "[steps('dataLandingZoneSettings').deploymentDetails.dataLandingZones]",
"dataLandingZonePrefix": "[steps('dataLandingZoneSettings').dataLandingZonesName.dataLandingZonesPrefix]",
"enableBastionHostDeployment": "[steps('dataLandingZoneSettings').azureBastionSettings.azureBastionCheckbox]",
"tags": "[if(not(contains(steps('tags').tagsByResource, 'EnterpriseScaleAnalytics')), parse('{}'), first(map(parse(concat('[', string(steps('tags').tagsByResource), ']')), (item) => item.EnterpriseScaleAnalytics)))]"
}
}