зеркало из https://github.com/Azure/missionlz.git
Name & Scope Fixes across MLZ, Tier3, & Add-Ons (#1039)
* Fixed names * Fixed names for RSVs * Fixed dns servers * Fixed sub ID for identity tier * Updated AVD agents to latest * Fixed output * Fixed names & formatting * Fixed deployment names for simultaneous tier3 deployments * Fixed deployment names * Fixed deployment name * Fixed tier3 deployment locations * Added an extra param for deploying network watcher * Fixed condition & names for availability sets * Fixed workspace validation * Fixed workspace name * GitHub Action: Build Bicep to JSON * Fixed URLs --------- Co-authored-by: github-actions <github-actions@github.com>
This commit is contained in:
Jason Masten
GitHub
Родитель
9bf2712316
Коммит
13af5e7429
|
|
@ -30,6 +30,7 @@ param roleDefinitions object
|
|||
param securityPrincipalObjectIds array
|
||||
param serviceToken string
|
||||
param sessionHostNamePrefix string
|
||||
param stampIndex string
|
||||
param subnetResourceId string
|
||||
param tags object
|
||||
param validationEnvironment bool
|
||||
|
|
@ -119,11 +120,11 @@ module workspace 'workspace.bicep' = {
|
|||
subnetResourceId: subnetResourceId
|
||||
tags: tags
|
||||
virtualMachineName: managementVirtualMachineName
|
||||
workspaceFeedDiagnoticSettingName: replace(namingConvention.workspaceFeedDiagnosticSetting, serviceToken, 'feed')
|
||||
workspaceFeedName: replace(namingConvention.workspaceFeed, serviceToken, 'feed')
|
||||
workspaceFeedNetworkInterfaceName: replace(namingConvention.workspaceFeedNetworkInterface, serviceToken, 'feed')
|
||||
workspaceFeedPrivateEndpointName: replace(namingConvention.workspaceFeedPrivateEndpoint, serviceToken, 'feed')
|
||||
workspaceFriendlyName: empty(workspaceFriendlyName) ? replace(namingConvention.workspaceFeed, serviceToken, '') : '${workspaceFriendlyName} (${locationControlPlane})'
|
||||
workspaceFeedDiagnoticSettingName: replace(replace(namingConvention.workspaceFeedDiagnosticSetting, serviceToken, 'feed'), '-${stampIndex}', '')
|
||||
workspaceFeedName: replace(replace(namingConvention.workspaceFeed, serviceToken, 'feed'), '-${stampIndex}', '')
|
||||
workspaceFeedNetworkInterfaceName: replace(replace(namingConvention.workspaceFeedNetworkInterface, serviceToken, 'feed'), '-${stampIndex}', '')
|
||||
workspaceFeedPrivateEndpointName: replace(replace(namingConvention.workspaceFeedPrivateEndpoint, serviceToken, 'feed'), '-${stampIndex}', '')
|
||||
workspaceFriendlyName: empty(workspaceFriendlyName) ? replace(replace(namingConvention.workspaceFeed, '-${serviceToken}', ''), '-${stampIndex}', '') : '${workspaceFriendlyName} (${locationControlPlane})'
|
||||
workspacePublicNetworkAccess: workspacePublicNetworkAccess
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -37,6 +37,7 @@ param roleDefinitions object
|
|||
param scalingTool bool
|
||||
param serviceToken string
|
||||
param sessionHostCount int
|
||||
param stampIndex int
|
||||
param storageService string
|
||||
param subnetResourceId string
|
||||
param tags object
|
||||
|
|
@ -46,12 +47,11 @@ param virtualMachineMonitoringAgent string
|
|||
param virtualMachinePassword string
|
||||
param virtualMachineUsername string
|
||||
param virtualMachineSize string
|
||||
param workspaceFeedNamingConvention string
|
||||
|
||||
var cpuCountMax = contains(hostPoolType, 'Pooled') ? 32 : 128
|
||||
var cpuCountMin = contains(hostPoolType, 'Pooled') ? 4 : 2
|
||||
var hostPoolName = namingConvention.hostPool
|
||||
var userAssignedIdentityNamePrefix = namingConvention.userAssignedIdentity
|
||||
|
||||
var CpuCountMax = contains(hostPoolType, 'Pooled') ? 32 : 128
|
||||
var CpuCountMin = contains(hostPoolType, 'Pooled') ? 4 : 2
|
||||
var roleAssignments = union([
|
||||
{
|
||||
roleDefinitionId: 'f353d9bd-d4a6-484e-a77a-8050b599b867' // Automation Contributor (Purpose: adds runbook to automation account)
|
||||
|
|
@ -90,8 +90,10 @@ var roleAssignments = union([
|
|||
subscription: subscription().subscriptionId
|
||||
}
|
||||
] : [])
|
||||
var VirtualNetworkName = split(subnetResourceId, '/')[8]
|
||||
var VirtualNetworkResourceGroupName = split(subnetResourceId, '/')[4]
|
||||
var userAssignedIdentityNamePrefix = namingConvention.userAssignedIdentity
|
||||
var virtualNetworkName = split(subnetResourceId, '/')[8]
|
||||
var virtualNetworkResourceGroupName = split(subnetResourceId, '/')[4]
|
||||
var workspaceFeedName = replace(replace(workspaceFeedNamingConvention, serviceToken, 'feed'), '-${stampIndex}', '')
|
||||
|
||||
// Disabling the deployment below until Enhanced Policies in Recovery Services support managed disks with private link
|
||||
/* module diskAccess 'diskAccess.bicep' = {
|
||||
|
|
@ -197,8 +199,8 @@ module virtualMachine 'virtualMachine.bicep' = {
|
|||
virtualMachineName: replace(namingConvention.virtualMachine, serviceToken, 'mgt')
|
||||
virtualMachinePassword: virtualMachinePassword
|
||||
virtualMachineUsername: virtualMachineUsername
|
||||
virtualNetwork: VirtualNetworkName
|
||||
virtualNetworkResourceGroup: VirtualNetworkResourceGroupName
|
||||
virtualNetwork: virtualNetworkName
|
||||
virtualNetworkResourceGroup: virtualNetworkResourceGroupName
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -212,7 +214,7 @@ module validations '../common/customScriptExtensions.bicep' = {
|
|||
'${artifactsUri}Get-Validations.ps1'
|
||||
]
|
||||
location: locationVirtualMachines
|
||||
parameters: '-ActiveDirectorySolution ${activeDirectorySolution} -CpuCountMax ${CpuCountMax} -CpuCountMin ${CpuCountMin} -DomainName ${empty(domainName) ? 'NotApplicable' : domainName} -Environment ${environment().name} -imageVersionResourceId ${empty(imageVersionResourceId) ? 'NotApplicable' : imageVersionResourceId} -Location ${locationVirtualMachines} -SessionHostCount ${sessionHostCount} -StorageService ${storageService} -SubscriptionId ${subscription().subscriptionId} -TenantId ${tenant().tenantId} -UserAssignedIdentityClientId ${deploymentUserAssignedIdentity.outputs.clientId} -VirtualMachineSize ${virtualMachineSize} -VirtualNetworkName ${VirtualNetworkName} -VirtualNetworkResourceGroupName ${VirtualNetworkResourceGroupName} -WorkspaceFeedName ${namingConvention.workspaceFeed} -WorkspaceResourceGroupName ${resourceGroupFeedWorkspace}'
|
||||
parameters: '-ActiveDirectorySolution ${activeDirectorySolution} -CpuCountMax ${cpuCountMax} -CpuCountMin ${cpuCountMin} -DomainName ${empty(domainName) ? 'NotApplicable' : domainName} -Environment ${environment().name} -imageVersionResourceId ${empty(imageVersionResourceId) ? 'NotApplicable' : imageVersionResourceId} -Location ${locationVirtualMachines} -SessionHostCount ${sessionHostCount} -StorageService ${storageService} -SubscriptionId ${subscription().subscriptionId} -TenantId ${tenant().tenantId} -UserAssignedIdentityClientId ${deploymentUserAssignedIdentity.outputs.clientId} -VirtualMachineSize ${virtualMachineSize} -VirtualNetworkName ${virtualNetworkName} -VirtualNetworkResourceGroupName ${virtualNetworkResourceGroupName} -WorkspaceFeedName ${workspaceFeedName} -WorkspaceResourceGroupName ${resourceGroupFeedWorkspace}'
|
||||
scriptFileName: 'Get-Validations.ps1'
|
||||
tags: union({
|
||||
'cm-resource-parent': '${subscription().id}}/resourceGroups/${resourceGroupControlPlane}/providers/Microsoft.DesktopVirtualization/hostpools/${hostPoolName}'
|
||||
|
|
@ -297,7 +299,7 @@ module recoveryServicesVault 'recoveryServicesVault.bicep' = if (recoveryService
|
|||
output artifactsUserAssignedIdentityClientId string = artifacts.outputs.userAssignedIdentityClientId
|
||||
output artifactsUserAssignedIdentityPrincipalId string = artifacts.outputs.userAssignedIdentityPrincipalId
|
||||
output artifactsUserAssignedIdentityResourceId string = artifacts.outputs.userAssignedIdentityResourceId
|
||||
output automationAccountName string = automationAccount.outputs.name
|
||||
output automationAccountName string = scalingTool || fslogixStorageService == 'AzureFiles Premium' ? automationAccount.outputs.name : ''
|
||||
output dataCollectionRuleResourceId string = enableMonitoring ? monitoring.outputs.dataCollectionRuleResourceId : ''
|
||||
output deploymentUserAssignedIdentityClientId string = deploymentUserAssignedIdentity.outputs.clientId
|
||||
output deploymentUserAssignedIdentityPrincipalId string = deploymentUserAssignedIdentity.outputs.principalId
|
||||
|
|
|
|||
|
|
@ -1,120 +0,0 @@
|
|||
targetScope = 'subscription'
|
||||
|
||||
param environmentAbbreviation string
|
||||
param identifier string
|
||||
param locationControlPlane string
|
||||
param locationVirtualMachines string
|
||||
param stampIndex int
|
||||
|
||||
// NAMING CONVENTIONS
|
||||
// All the resources are named using the following variables
|
||||
// Modify the components of the naming convention to suit your needs
|
||||
var resourceAbbreviation = 'resourceAbbreviation'
|
||||
var serviceName = 'serviceName'
|
||||
var networkName = 'avd'
|
||||
var locationAbbreviation = 'locationAbbreviation'
|
||||
var namingConvention = '${identifier}-${stampIndex}-${resourceAbbreviation}-${serviceName}-${networkName}-${environmentAbbreviation}-${locationAbbreviation}'
|
||||
var namingConvention_Global = '${resourceAbbreviation}-${serviceName}-${networkName}-${environmentAbbreviation}-${locationAbbreviation}'
|
||||
var namingConvention_Shared = '${identifier}-${resourceAbbreviation}-${serviceName}-${networkName}-${environmentAbbreviation}-${locationAbbreviation}'
|
||||
|
||||
// SUPPORTING DATA
|
||||
var cloudEndpointSuffix = replace(replace(environment().resourceManager, 'https://management.', ''), '/', '')
|
||||
var privateDnsZoneSuffixes_AzureAutomation = {
|
||||
AzureCloud: 'net'
|
||||
AzureUSGovernment: 'us'
|
||||
}
|
||||
var privateDnsZoneSuffixes_AzureVirtualDesktop = {
|
||||
AzureCloud: 'microsoft.com'
|
||||
AzureUSGovernment: 'azure.us'
|
||||
}
|
||||
var privateDnsZoneSuffixes_Backup = {
|
||||
AzureCloud: 'windowsazure.com'
|
||||
AzureUSGovernment: 'windowsazure.us'
|
||||
}
|
||||
var privateDnsZoneSuffixes_Monitor = {
|
||||
AzureCloud: 'azure.com'
|
||||
AzureUSGovernment: 'azure.us'
|
||||
}
|
||||
var locations = (loadJsonContent('../../../data/locations.json'))[environment().name]
|
||||
var resourceAbbreviations = loadJsonContent('../../../data/resourceAbbreviations.json')
|
||||
|
||||
// RESOURCE NAMES AND PREFIXES
|
||||
var resources = {
|
||||
agentSvcPrivateDnsZoneName: 'privatelink.agentsvc.azure-automation.${privateDnsZoneSuffixes_AzureAutomation[environment().name] ?? cloudEndpointSuffix}'
|
||||
automationAccountDiagnosticSettingName: replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.diagnosticSettings), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
automationAccountName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.automationAccounts), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
automationAccountNetworkInterfaceName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, 'DSCAndHybridWorker-${resourceAbbreviations.automationAccounts}' ), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
automationAccountPrivateEndpointName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, 'DSCAndHybridWorker-${resourceAbbreviations.automationAccounts}' ), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
availabilitySetNamePrefix: '${replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.availabilitySets), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)}-'
|
||||
avdGlobalPrivateDnsZoneName: 'privatelink-global.wvd.${privateDnsZoneSuffixes_AzureVirtualDesktop[environment().name] ?? cloudEndpointSuffix}'
|
||||
avdPrivateDnsZoneName: 'privatelink.wvd.${privateDnsZoneSuffixes_AzureVirtualDesktop[environment().name] ?? cloudEndpointSuffix}'
|
||||
azureAutomationPrivateDnsZoneName: 'privatelink.azure-automation.${privateDnsZoneSuffixes_AzureAutomation[environment().name] ?? cloudEndpointSuffix}'
|
||||
backupPrivateDnsZoneName: 'privatelink.${locations[locationVirtualMachines].recoveryServicesGeo}.backup.${privateDnsZoneSuffixes_Backup[environment().name] ?? cloudEndpointSuffix}'
|
||||
blobPrivateDnsZoneName: 'privatelink.blob.${environment().suffixes.storage}'
|
||||
dataCollectionRuleAssociationName: '${replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.dataCollectionRuleAssociations), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)}-avdi'
|
||||
dataCollectionRuleName: 'microsoft-avdi-${locations[locationVirtualMachines].abbreviation}'
|
||||
desktopApplicationGroupName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.desktopApplicationGroups), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
diskAccessName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.diskAccesses), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
diskEncryptionSetName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.diskEncryptionSets), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
diskNamePrefix: replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.disks), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
filePrivateDnsZoneName: 'privatelink.file.${environment().suffixes.storage}'
|
||||
hostPoolDiagnosticSettingName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.diagnosticSettings), serviceName, resourceAbbreviations.hostPools), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
hostPoolName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.hostPools), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
hostPoolNetworkInterfaceName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, resourceAbbreviations.hostPools), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
hostPoolPrivateEndpointName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, resourceAbbreviations.hostPools), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
keyVaultName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.keyVaults), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
keyVaultNetworkInterfaceName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, resourceAbbreviations.keyVaults), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
keyVaultPrivateDnsZoneName: replace('privatelink${environment().suffixes.keyvaultDns}', 'vault', 'vaultcore')
|
||||
keyVaultPrivateEndpointName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, resourceAbbreviations.keyVaults), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
logAnalyticsWorkspaceName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.logAnalyticsWorkspaces), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
netAppAccountName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.netAppAccounts), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
netAppCapacityPoolName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.netAppCapacityPools), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
networkInterfaceNamePrefix: replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkInterfaces), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
networkSecurityGroupNames: [
|
||||
replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkSecurityGroups), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkSecurityGroups), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
]
|
||||
monitorPrivateDnsZoneName: 'privatelink.monitor.${privateDnsZoneSuffixes_Monitor[environment().name] ?? cloudEndpointSuffix}'
|
||||
odsOpinsightsPrivateDnsZoneName: 'privatelink.ods.opinsights.${privateDnsZoneSuffixes_Monitor[environment().name] ?? cloudEndpointSuffix}'
|
||||
omsOpinsightsPrivateDnsZoneName: 'privatelink.oms.opinsights.${privateDnsZoneSuffixes_Monitor[environment().name] ?? cloudEndpointSuffix}'
|
||||
queuePrivateDnsZoneName: 'privatelink.queue.${environment().suffixes.storage}'
|
||||
recoveryServicesVaultName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.recoveryServicesVaults), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
recoveryServicesVaultNetworkInterfaceName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, resourceAbbreviations.recoveryServicesVaults), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
recoveryServicesVaultPrivateEndpointName: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, resourceAbbreviations.recoveryServicesVaults), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
resourceGroupControlPlane: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'controlPlane'), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
resourceGroupFeedWorkspace: replace(replace(replace(namingConvention_Shared, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'feedWorkspace'), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
resourceGroupGlobalWorkspace: replace(replace(replace(namingConvention_Global, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'globalWorkspace'), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
resourceGroupHosts: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'sessionHosts'), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
resourceGroupManagement: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'management'), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
resourceGroupsNetwork: [
|
||||
replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'network'), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'network'), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
]
|
||||
resourceGroupStorage: replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.resourceGroups), serviceName, 'profileStorage'), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
routeTableNames: [
|
||||
replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.routeTables), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.routeTables), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
]
|
||||
storageAccountNamePrefix: replace(replace(replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.storageAccounts), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation), environmentAbbreviation, first(environmentAbbreviation)), '-', '')
|
||||
storageAccountNetworkInterfaceNamePrefix: replace(replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, resourceAbbreviations.storageAccounts), locationAbbreviation, locations[locationVirtualMachines].abbreviation), environmentAbbreviation, first(environmentAbbreviation))
|
||||
storageAccountPrivateEndpointNamePrefix: replace(replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, resourceAbbreviations.storageAccounts), locationAbbreviation, locations[locationVirtualMachines].abbreviation), environmentAbbreviation, first(environmentAbbreviation))
|
||||
userAssignedIdentityNamePrefix: replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.userAssignedIdentities), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
virtualMachineNamePrefix: replace(replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.virtualMachines), locationAbbreviation, locations[locationVirtualMachines].abbreviation), environmentAbbreviation, first(environmentAbbreviation)), '-', '')
|
||||
virtualNetworkNames: [
|
||||
replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.virtualNetworks), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
replace(replace(replace(namingConvention, resourceAbbreviation, resourceAbbreviations.virtualNetworks), '-${serviceName}', ''), locationAbbreviation, locations[locationVirtualMachines].abbreviation)
|
||||
]
|
||||
workspaceFeedDiagnosticSettingName: replace(replace(replace(namingConvention_Shared, resourceAbbreviation, resourceAbbreviations.diagnosticSettings), serviceName, 'feed-${resourceAbbreviations.workspaces}'), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
workspaceFeedName: replace(replace(replace(namingConvention_Shared, resourceAbbreviation, 'feed-${resourceAbbreviations.workspaces}'), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
workspaceFeedNetworkInterfaceName: replace(replace(replace(namingConvention_Shared, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, 'feed-${resourceAbbreviations.workspaces}'), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
workspaceFeedPrivateEndpointName: replace(replace(replace(namingConvention_Shared, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, 'feed-${resourceAbbreviations.workspaces}'), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
workspaceFriendlyName: replace(replace(replace(namingConvention_Shared, resourceAbbreviation, resourceAbbreviations.workspaces), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
workspaceGlobalName: replace(replace(replace(namingConvention_Global, resourceAbbreviation, 'global-${resourceAbbreviations.workspaces}'), '-${serviceName}', ''), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
workspaceGlobalNetworkInterfaceName: replace(replace(replace(namingConvention_Global, resourceAbbreviation, resourceAbbreviations.networkInterfaces), serviceName, 'global-${resourceAbbreviations.workspaces}'), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
workspaceGlobalPrivateEndpointName: replace(replace(replace(namingConvention_Global, resourceAbbreviation, resourceAbbreviations.privateEndpoints), serviceName, 'global-${resourceAbbreviations.workspaces}'), locationAbbreviation, locations[locationControlPlane].abbreviation)
|
||||
}
|
||||
|
||||
output locations object = locations
|
||||
output networkName string = networkName
|
||||
output resources object = resources
|
||||
output serviceName string = serviceName
|
||||
|
|
@ -5,7 +5,7 @@ param location string
|
|||
param tagsAvailabilitySets object
|
||||
|
||||
resource availabilitySets 'Microsoft.Compute/availabilitySets@2019-07-01' = [for i in range(0, availabilitySetsCount): {
|
||||
name: '${availabilitySetNamePrefix}${padLeft((i + availabilitySetsIndex), 2, '0')}'
|
||||
name: '${availabilitySetNamePrefix}-${padLeft((i + availabilitySetsIndex), 2, '0')}'
|
||||
location: location
|
||||
tags: tagsAvailabilitySets
|
||||
sku: {
|
||||
|
|
|
|||
|
|
@ -83,7 +83,7 @@ var tagsVirtualMachines = union({'cm-resource-parent': '${subscription().id}}/re
|
|||
var uniqueToken = uniqueString(identifier, environmentAbbreviation, subscription().subscriptionId)
|
||||
var virtualMachineNamePrefix = replace(namingConvention.virtualMachine, serviceToken, '')
|
||||
|
||||
module availabilitySets 'availabilitySets.bicep' = if (pooledHostPool && availability == 'availabilitySets') {
|
||||
module availabilitySets 'availabilitySets.bicep' = if (pooledHostPool && availability == 'AvailabilitySets') {
|
||||
name: 'deploy-avail-${deploymentNameSuffix}'
|
||||
scope: resourceGroup(resourceGroupHosts)
|
||||
params: {
|
||||
|
|
|
|||
|
|
@ -141,7 +141,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2021-03-01' = [for i
|
|||
}
|
||||
properties: {
|
||||
availabilitySet: availability == 'AvailabilitySets' ? {
|
||||
id: resourceId('Microsoft.Compute/availabilitySets', '${availabilitySetNamePrefix}${padLeft((i + sessionHostIndex) / 200, 2, '0')}')
|
||||
id: resourceId('Microsoft.Compute/availabilitySets', '${availabilitySetNamePrefix}-${padLeft((i + sessionHostIndex) / 200, 2, '0')}')
|
||||
} : null
|
||||
hardwareProfile: {
|
||||
vmSize: virtualMachineSize
|
||||
|
|
|
|||
|
|
@ -47,8 +47,11 @@ param deployActivityLogDiagnosticSetting bool
|
|||
@description('Choose whether to deploy Defender for Cloud.')
|
||||
param deployDefender bool
|
||||
|
||||
@description('Choose whether to deploy Network Watcher for the deployment location.')
|
||||
param deployNetworkWatcher bool
|
||||
@description('Choose whether to deploy Network Watcher for the AVD control plane location.')
|
||||
param deployNetworkWatcherControlPlane bool
|
||||
|
||||
@description('Choose whether to deploy Network Watcher for the AVD session hosts location. This is necessary when the control plane and session hosts are in different locations.')
|
||||
param deployNetworkWatcherVirtualMachines bool
|
||||
|
||||
@description('Choose whether to deploy a policy assignment.')
|
||||
param deployPolicy bool
|
||||
|
|
@ -156,7 +159,7 @@ param imageSku string = 'win11-22h2-avd-m365'
|
|||
@description('The deployment location for the AVD management resources.')
|
||||
param locationControlPlane string = deployment().location
|
||||
|
||||
@description('The deployment location for the AVD sessions hosts.')
|
||||
@description('The deployment location for the AVD sessions hosts. This is necessary when the users are closer to a different location than the control plane location.')
|
||||
param locationVirtualMachines string = deployment().location
|
||||
|
||||
@maxValue(730)
|
||||
|
|
@ -308,24 +311,20 @@ var endAvSetRange = (sessionHostCount + sessionHostIndex) / maxAvSetMembers // T
|
|||
var availabilitySetsCount = length(range(beginAvSetRange, (endAvSetRange - beginAvSetRange) + 1))
|
||||
|
||||
// OTHER LOGIC & COMPUTED VALUES
|
||||
var customImageId = empty(imageVersionResourceId) ? 'null' : '"${imageVersionResourceId}"'
|
||||
var fileShares = fileShareNames[fslogixContainerType]
|
||||
var deployFslogix = fslogixStorageService == 'None' || !contains(activeDirectorySolution, 'DomainServices') ? false : true
|
||||
var netbios = split(domainName, '.')[0]
|
||||
var pooledHostPool = split(hostPoolType, ' ')[0] == 'Pooled' ? true : false
|
||||
var roleDefinitions = {
|
||||
DesktopVirtualizationPowerOnContributor: '489581de-a3bd-480d-9518-53dea7416b33'
|
||||
DesktopVirtualizationUser: '1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63'
|
||||
Reader: 'acdd72a7-3385-48ef-bd42-f606fba81ae7'
|
||||
VirtualMachineUserLogin: 'fb879df8-f326-4884-b1cf-06f3ad86be52'
|
||||
}
|
||||
var storageSku = fslogixStorageService == 'None' ? 'None' : split(fslogixStorageService, ' ')[1]
|
||||
var storageService = split(fslogixStorageService, ' ')[0]
|
||||
var storageSuffix = environment().suffixes.storage
|
||||
|
||||
|
||||
var artifactsUri = 'https://${artifactsStorageAccountName}.blob.${environment().suffixes.storage}/${artifactsContainerName}/'
|
||||
var artifactsStorageAccountName = split(artifactsStorageAccountResourceId, '/')[8]
|
||||
var customImageId = empty(imageVersionResourceId) ? 'null' : '"${imageVersionResourceId}"'
|
||||
var deployFslogix = fslogixStorageService == 'None' || !contains(activeDirectorySolution, 'DomainServices')
|
||||
? false
|
||||
: true
|
||||
var deploymentLocations = union(
|
||||
[
|
||||
locationControlPlane
|
||||
],
|
||||
[
|
||||
locationVirtualMachines
|
||||
]
|
||||
)
|
||||
var fileShareNames = {
|
||||
CloudCacheProfileContainer: [
|
||||
'profile-containers'
|
||||
|
|
@ -342,39 +341,55 @@ var fileShareNames = {
|
|||
'profile-containers'
|
||||
]
|
||||
}
|
||||
var fileShares = fileShareNames[fslogixContainerType]
|
||||
var netbios = split(domainName, '.')[0]
|
||||
var pooledHostPool = split(hostPoolType, ' ')[0] == 'Pooled' ? true : false
|
||||
var privateDnsZoneResourceIdPrefix = '/subscriptions/${split(hubVirtualNetworkResourceId, '/')[2]}/resourceGroups/${split(hubVirtualNetworkResourceId, '/')[4]}/providers/Microsoft.Network/privateDnsZones/'
|
||||
var deploymentLocations = union([
|
||||
locationControlPlane
|
||||
], [
|
||||
locationVirtualMachines
|
||||
])
|
||||
var resourceGroupServices = union([
|
||||
'controlPlane'
|
||||
'feedWorkspace'
|
||||
'hosts'
|
||||
'management'
|
||||
], deployFslogix ? [
|
||||
'storage'
|
||||
] : [])
|
||||
var resourceGroupServices = union(
|
||||
[
|
||||
'controlPlane'
|
||||
'feedWorkspace'
|
||||
'hosts'
|
||||
'management'
|
||||
],
|
||||
deployFslogix
|
||||
? [
|
||||
'storage'
|
||||
]
|
||||
: []
|
||||
)
|
||||
var roleDefinitions = {
|
||||
DesktopVirtualizationPowerOnContributor: '489581de-a3bd-480d-9518-53dea7416b33'
|
||||
DesktopVirtualizationUser: '1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63'
|
||||
Reader: 'acdd72a7-3385-48ef-bd42-f606fba81ae7'
|
||||
VirtualMachineUserLogin: 'fb879df8-f326-4884-b1cf-06f3ad86be52'
|
||||
}
|
||||
var storageSku = fslogixStorageService == 'None' ? 'None' : split(fslogixStorageService, ' ')[1]
|
||||
var storageService = split(fslogixStorageService, ' ')[0]
|
||||
var storageSuffix = environment().suffixes.storage
|
||||
|
||||
module tier3_controlPlane '../tier3/solution.bicep' = {
|
||||
name: 'deploy-tier3-control-plane-${deploymentNameSuffix}'
|
||||
name: 'deploy-tier3-avd-cp-${deploymentNameSuffix}'
|
||||
params: {
|
||||
additionalSubnets: contains(fslogixStorageService, 'AzureNetAppFiles') && !empty(azureNetAppFilesSubnetAddressPrefix) && length(deploymentLocations) == 1 ? [
|
||||
{
|
||||
name: 'AzureNetAppFiles'
|
||||
addressPrefix: azureNetAppFilesSubnetAddressPrefix
|
||||
}
|
||||
] : []
|
||||
additionalSubnets: contains(fslogixStorageService, 'AzureNetAppFiles') && !empty(azureNetAppFilesSubnetAddressPrefix) && length(deploymentLocations) == 1
|
||||
? [
|
||||
{
|
||||
name: 'AzureNetAppFiles'
|
||||
addressPrefix: azureNetAppFilesSubnetAddressPrefix
|
||||
}
|
||||
]
|
||||
: []
|
||||
deployActivityLogDiagnosticSetting: deployActivityLogDiagnosticSetting
|
||||
deployDefender: deployDefender
|
||||
deployNetworkWatcher: deployNetworkWatcher
|
||||
deploymentNameSuffix: 'cp-${deploymentNameSuffix}'
|
||||
deployNetworkWatcher: deployNetworkWatcherControlPlane
|
||||
deployPolicy: deployPolicy
|
||||
emailSecurityContact: emailSecurityContact
|
||||
environmentAbbreviation: environmentAbbreviation
|
||||
firewallResourceId: hubAzureFirewallResourceId
|
||||
hubVirtualNetworkResourceId: hubVirtualNetworkResourceId
|
||||
identifier: identifier
|
||||
location: locationControlPlane
|
||||
logAnalyticsWorkspaceResourceId: operationsLogAnalyticsWorkspaceResourceId
|
||||
policy: policy
|
||||
stampIndex: string(stampIndex)
|
||||
|
|
@ -387,23 +402,27 @@ module tier3_controlPlane '../tier3/solution.bicep' = {
|
|||
}
|
||||
|
||||
module tier3_hosts '../tier3/solution.bicep' = if (length(deploymentLocations) == 2) {
|
||||
name: 'deploy-tier3-session-hosts-${deploymentNameSuffix}'
|
||||
name: 'deploy-tier3-avd-hosts-${deploymentNameSuffix}'
|
||||
params: {
|
||||
additionalSubnets: contains(fslogixStorageService, 'AzureNetAppFiles') && !empty(azureNetAppFilesSubnetAddressPrefix) && length(deploymentLocations) == 2 ? [
|
||||
{
|
||||
name: 'AzureNetAppFiles'
|
||||
addressPrefix: azureNetAppFilesSubnetAddressPrefix
|
||||
}
|
||||
] : []
|
||||
deployActivityLogDiagnosticSetting: deployActivityLogDiagnosticSetting
|
||||
deployDefender: deployDefender
|
||||
deployNetworkWatcher: deployNetworkWatcher
|
||||
additionalSubnets: contains(fslogixStorageService, 'AzureNetAppFiles') && !empty(azureNetAppFilesSubnetAddressPrefix) && length(deploymentLocations) == 2
|
||||
? [
|
||||
{
|
||||
name: 'AzureNetAppFiles'
|
||||
addressPrefix: azureNetAppFilesSubnetAddressPrefix
|
||||
}
|
||||
]
|
||||
: []
|
||||
deployActivityLogDiagnosticSetting: false
|
||||
deployDefender: false
|
||||
deploymentNameSuffix: 'hosts-${deploymentNameSuffix}'
|
||||
deployNetworkWatcher: deployNetworkWatcherVirtualMachines
|
||||
deployPolicy: deployPolicy
|
||||
emailSecurityContact: emailSecurityContact
|
||||
environmentAbbreviation: environmentAbbreviation
|
||||
firewallResourceId: hubAzureFirewallResourceId
|
||||
hubVirtualNetworkResourceId: hubVirtualNetworkResourceId
|
||||
identifier: identifier
|
||||
location: locationVirtualMachines
|
||||
logAnalyticsWorkspaceResourceId: operationsLogAnalyticsWorkspaceResourceId
|
||||
policy: policy
|
||||
stampIndex: string(stampIndex)
|
||||
|
|
@ -416,15 +435,37 @@ module tier3_hosts '../tier3/solution.bicep' = if (length(deploymentLocations) =
|
|||
}
|
||||
|
||||
// Resource Groups
|
||||
module rgs '../../modules/resource-group.bicep' = [for service in resourceGroupServices: {
|
||||
name: 'deploy-rg-${service}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
location: service == 'controlPlane' || service == 'feedWorkspace' ? locationControlPlane : locationVirtualMachines
|
||||
mlzTags: tier3_controlPlane.outputs.mlzTags
|
||||
name: length(deploymentLocations) == 2 && (service == 'controlPlane' || service == 'feedWorkspace') ? replace(tier3_hosts.outputs.namingConvention.resourceGroup, tier3_hosts.outputs.tokens.service, service) : service == 'globalWorkspace'? replace(tier3_hosts.outputs.namingConvention.resourceGroup, tier3_hosts.outputs.tokens.service, service) : replace(tier3_controlPlane.outputs.namingConvention.resourceGroup, tier3_controlPlane.outputs.tokens.service, service)
|
||||
tags: tags
|
||||
module rgs '../../modules/resource-group.bicep' = [
|
||||
for service in resourceGroupServices: {
|
||||
name: 'deploy-rg-${service}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
location: service == 'controlPlane' || service == 'feedWorkspace' ? locationControlPlane : locationVirtualMachines
|
||||
mlzTags: tier3_controlPlane.outputs.mlzTags
|
||||
name: length(deploymentLocations) == 2 && (service == 'hosts' || service == 'management' || service == 'storage')
|
||||
? replace(
|
||||
tier3_hosts.outputs.namingConvention.resourceGroup,
|
||||
tier3_hosts.outputs.tokens.service,
|
||||
service
|
||||
)
|
||||
: service == 'feedWorkspace'
|
||||
? replace(
|
||||
replace(
|
||||
tier3_controlPlane.outputs.namingConvention.resourceGroup,
|
||||
tier3_controlPlane.outputs.tokens.service,
|
||||
service
|
||||
),
|
||||
'-${stampIndex}',
|
||||
''
|
||||
)
|
||||
: replace(
|
||||
tier3_controlPlane.outputs.namingConvention.resourceGroup,
|
||||
tier3_controlPlane.outputs.tokens.service,
|
||||
service
|
||||
)
|
||||
tags: tags
|
||||
}
|
||||
}
|
||||
}]
|
||||
]
|
||||
|
||||
// Management Services: AVD Insights, File Share Scaling, Scaling Tool
|
||||
module management 'modules/management/management.bicep' = {
|
||||
|
|
@ -435,10 +476,12 @@ module management 'modules/management/management.bicep' = {
|
|||
artifactsUri: artifactsUri
|
||||
availability: availability
|
||||
avdObjectId: avdObjectId
|
||||
azurePowerShellModuleMsiName: azurePowerShellModuleMsiName
|
||||
azurePowerShellModuleMsiName: azurePowerShellModuleMsiName
|
||||
deployFslogix: deployFslogix
|
||||
deploymentNameSuffix: deploymentNameSuffix
|
||||
diskEncryptionSetResourceId: length(deploymentLocations) == 2 ? tier3_hosts.outputs.diskEncryptionSetResourceId : tier3_controlPlane.outputs.diskEncryptionSetResourceId
|
||||
diskEncryptionSetResourceId: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.diskEncryptionSetResourceId
|
||||
: tier3_controlPlane.outputs.diskEncryptionSetResourceId
|
||||
diskSku: diskSku
|
||||
domainJoinPassword: domainJoinPassword
|
||||
domainJoinUserPrincipalName: domainJoinUserPrincipalName
|
||||
|
|
@ -451,12 +494,16 @@ module management 'modules/management/management.bicep' = {
|
|||
logAnalyticsWorkspaceRetention: logAnalyticsWorkspaceRetention
|
||||
logAnalyticsWorkspaceSku: logAnalyticsWorkspaceSku
|
||||
mlzTags: tier3_controlPlane.outputs.mlzTags
|
||||
namingConvention: length(deploymentLocations) == 2 ? tier3_hosts.outputs.namingConvention : tier3_controlPlane.outputs.namingConvention
|
||||
namingConvention: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.namingConvention
|
||||
: tier3_controlPlane.outputs.namingConvention
|
||||
organizationalUnitPath: organizationalUnitPath
|
||||
privateDnsZoneResourceIdPrefix: privateDnsZoneResourceIdPrefix
|
||||
privateDnsZones: tier3_controlPlane.outputs.privateDnsZones
|
||||
recoveryServices: recoveryServices
|
||||
recoveryServicesGeo: length(deploymentLocations) == 2 ? tier3_hosts.outputs.locatonProperties.recoveryServicesGeo : tier3_controlPlane.outputs.locatonProperties.recoveryServicesGeo
|
||||
recoveryServicesGeo: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.locatonProperties.recoveryServicesGeo
|
||||
: tier3_controlPlane.outputs.locatonProperties.recoveryServicesGeo
|
||||
resourceGroupControlPlane: rgs[0].outputs.name
|
||||
resourceGroupFeedWorkspace: rgs[1].outputs.name
|
||||
resourceGroupHosts: rgs[2].outputs.name
|
||||
|
|
@ -466,14 +513,20 @@ module management 'modules/management/management.bicep' = {
|
|||
scalingTool: scalingTool
|
||||
serviceToken: tier3_controlPlane.outputs.tokens.service
|
||||
sessionHostCount: sessionHostCount
|
||||
stampIndex: stampIndex
|
||||
storageService: storageService
|
||||
subnetResourceId: length(deploymentLocations) == 2 ? tier3_hosts.outputs.subnetResourceId : tier3_controlPlane.outputs.subnetResourceId
|
||||
subnetResourceId: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.subnetResourceId
|
||||
: tier3_controlPlane.outputs.subnetResourceId
|
||||
tags: tags
|
||||
timeZone: length(deploymentLocations) == 2 ? tier3_hosts.outputs.locatonProperties.timeZone : tier3_controlPlane.outputs.locatonProperties.timeZone
|
||||
timeZone: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.locatonProperties.timeZone
|
||||
: tier3_controlPlane.outputs.locatonProperties.timeZone
|
||||
virtualMachineMonitoringAgent: virtualMachineMonitoringAgent
|
||||
virtualMachinePassword: virtualMachinePassword
|
||||
virtualMachineSize: virtualMachineSize
|
||||
virtualMachineUsername: virtualMachineUsername
|
||||
workspaceFeedNamingConvention: tier3_controlPlane.outputs.namingConvention.workspaceFeed
|
||||
}
|
||||
dependsOn: [
|
||||
rgs
|
||||
|
|
@ -491,10 +544,58 @@ module workspace_global 'modules/sharedServices/sharedServices.bicep' = {
|
|||
globalWorkspacePrivateDnsZoneResourceId: '${privateDnsZoneResourceIdPrefix}${filter(tier3_controlPlane.outputs.privateDnsZones, name => startsWith(name, 'privatelink-global.wvd'))[0]}'
|
||||
sharedServicesSubnetResourceId: sharedServicesSubnetResourceId
|
||||
mlzTags: tier3_controlPlane.outputs.mlzTags
|
||||
resourceGroupName: replace(tier3_controlPlane.outputs.namingConvention.resourceGroup, tier3_controlPlane.outputs.tokens.service, 'globalWorkspace')
|
||||
workspaceGlobalName: replace(tier3_controlPlane.outputs.namingConvention.workspaceGlobal, tier3_controlPlane.outputs.tokens.service, 'global')
|
||||
workspaceGlobalNetworkInterfaceName: replace(tier3_controlPlane.outputs.namingConvention.workspaceGlobalNetworkInterface, tier3_controlPlane.outputs.tokens.service, 'global')
|
||||
workspaceGlobalPrivateEndpointName: replace(tier3_controlPlane.outputs.namingConvention.workspaceGlobalPrivateEndpoint, tier3_controlPlane.outputs.tokens.service, 'global')
|
||||
resourceGroupName: replace(
|
||||
replace(
|
||||
replace(
|
||||
tier3_controlPlane.outputs.namingConvention.resourceGroup,
|
||||
tier3_controlPlane.outputs.tokens.service,
|
||||
'globalWorkspace'
|
||||
),
|
||||
'-${stampIndex}',
|
||||
''
|
||||
),
|
||||
identifier,
|
||||
tier3_controlPlane.outputs.resourcePrefix
|
||||
)
|
||||
workspaceGlobalName: replace(
|
||||
replace(
|
||||
replace(
|
||||
tier3_controlPlane.outputs.namingConvention.workspaceGlobal,
|
||||
tier3_controlPlane.outputs.tokens.service,
|
||||
'global'
|
||||
),
|
||||
'-${stampIndex}',
|
||||
''
|
||||
),
|
||||
identifier,
|
||||
tier3_controlPlane.outputs.resourcePrefix
|
||||
)
|
||||
workspaceGlobalNetworkInterfaceName: replace(
|
||||
replace(
|
||||
replace(
|
||||
tier3_controlPlane.outputs.namingConvention.workspaceGlobalNetworkInterface,
|
||||
tier3_controlPlane.outputs.tokens.service,
|
||||
'global'
|
||||
),
|
||||
'-${stampIndex}',
|
||||
''
|
||||
),
|
||||
identifier,
|
||||
tier3_controlPlane.outputs.resourcePrefix
|
||||
)
|
||||
workspaceGlobalPrivateEndpointName: replace(
|
||||
replace(
|
||||
replace(
|
||||
tier3_controlPlane.outputs.namingConvention.workspaceGlobalPrivateEndpoint,
|
||||
tier3_controlPlane.outputs.tokens.service,
|
||||
'global'
|
||||
),
|
||||
'-${stampIndex}',
|
||||
''
|
||||
),
|
||||
identifier,
|
||||
tier3_controlPlane.outputs.resourcePrefix
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -528,21 +629,33 @@ module controlPlane 'modules/controlPlane/controlPlane.bicep' = {
|
|||
mlzTags: tier3_controlPlane.outputs.mlzTags
|
||||
monitoring: monitoring
|
||||
namingConvention: tier3_controlPlane.outputs.namingConvention
|
||||
resourceGroups: union([
|
||||
rgs[0].outputs.name // controlPlane
|
||||
rgs[1].outputs.name // feedWorkspace
|
||||
rgs[2].outputs.name // hosts
|
||||
rgs[3].outputs.name // management
|
||||
], deployFslogix ? [
|
||||
rgs[4].outputs.name // storage
|
||||
] : [])
|
||||
resourceGroups: union(
|
||||
[
|
||||
rgs[0].outputs.name // controlPlane
|
||||
rgs[1].outputs.name // feedWorkspace
|
||||
rgs[2].outputs.name // hosts
|
||||
rgs[3].outputs.name // management
|
||||
],
|
||||
deployFslogix
|
||||
? [
|
||||
rgs[4].outputs.name // storage
|
||||
]
|
||||
: []
|
||||
)
|
||||
roleDefinitions: roleDefinitions
|
||||
securityPrincipalObjectIds: map(securityPrincipals, item => item.objectId)
|
||||
serviceToken: tier3_controlPlane.outputs.tokens.service
|
||||
sessionHostNamePrefix: length(deploymentLocations) == 2 ? replace(tier3_hosts.outputs.namingConvention.virtualMachine, tier3_hosts.outputs.tokens.service, '') : replace(tier3_controlPlane.outputs.namingConvention.virtualMachine, tier3_controlPlane.outputs.tokens.service, '')
|
||||
sessionHostNamePrefix: length(deploymentLocations) == 2
|
||||
? replace(tier3_hosts.outputs.namingConvention.virtualMachine, tier3_hosts.outputs.tokens.service, '')
|
||||
: replace(
|
||||
tier3_controlPlane.outputs.namingConvention.virtualMachine,
|
||||
tier3_controlPlane.outputs.tokens.service,
|
||||
''
|
||||
)
|
||||
stampIndex: string(stampIndex)
|
||||
subnetResourceId: tier3_controlPlane.outputs.subnetResourceId
|
||||
tags: tags
|
||||
validationEnvironment: validationEnvironment
|
||||
tags: tags
|
||||
validationEnvironment: validationEnvironment
|
||||
virtualMachineSize: virtualMachineSize
|
||||
workspaceFriendlyName: workspaceFriendlyName
|
||||
workspacePublicNetworkAccess: workspacePublicNetworkAccess
|
||||
|
|
@ -567,7 +680,9 @@ module fslogix 'modules/fslogix/fslogix.bicep' = {
|
|||
domainJoinPassword: domainJoinPassword
|
||||
domainJoinUserPrincipalName: domainJoinUserPrincipalName
|
||||
domainName: domainName
|
||||
encryptionUserAssignedIdentityResourceId: length(deploymentLocations) == 2 ? tier3_hosts.outputs.userAssignedIdentityResourceId : tier3_controlPlane.outputs.userAssignedIdentityResourceId
|
||||
encryptionUserAssignedIdentityResourceId: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.userAssignedIdentityResourceId
|
||||
: tier3_controlPlane.outputs.userAssignedIdentityResourceId
|
||||
environmentAbbreviation: environmentAbbreviation
|
||||
fileShares: fileShares
|
||||
fslogixContainerType: fslogixContainerType
|
||||
|
|
@ -575,11 +690,15 @@ module fslogix 'modules/fslogix/fslogix.bicep' = {
|
|||
fslogixStorageService: fslogixStorageService
|
||||
hostPoolType: hostPoolType
|
||||
identifier: identifier
|
||||
keyVaultUri: length(deploymentLocations) == 2 ? tier3_hosts.outputs.keyVaultUri : tier3_controlPlane.outputs.keyVaultUri
|
||||
keyVaultUri: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.keyVaultUri
|
||||
: tier3_controlPlane.outputs.keyVaultUri
|
||||
location: locationVirtualMachines
|
||||
managementVirtualMachineName: management.outputs.virtualMachineName
|
||||
mlzTags: tier3_controlPlane.outputs.mlzTags
|
||||
namingConvention: length(deploymentLocations) == 2 ? tier3_hosts.outputs.namingConvention : tier3_controlPlane.outputs.namingConvention
|
||||
namingConvention: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.namingConvention
|
||||
: tier3_controlPlane.outputs.namingConvention
|
||||
netbios: netbios
|
||||
organizationalUnitPath: organizationalUnitPath
|
||||
recoveryServices: recoveryServices
|
||||
|
|
@ -589,15 +708,23 @@ module fslogix 'modules/fslogix/fslogix.bicep' = {
|
|||
securityPrincipalNames: map(securityPrincipals, item => item.name)
|
||||
securityPrincipalObjectIds: map(securityPrincipals, item => item.objectId)
|
||||
serviceToken: tier3_controlPlane.outputs.tokens.service
|
||||
smbServerLocation: length(deploymentLocations) == 2 ? tier3_hosts.outputs.locatonProperties.timeZone : tier3_controlPlane.outputs.locatonProperties.timeZone
|
||||
smbServerLocation: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.locatonProperties.timeZone
|
||||
: tier3_controlPlane.outputs.locatonProperties.timeZone
|
||||
storageCount: storageCount
|
||||
storageEncryptionKeyName: length(deploymentLocations) == 2 ? tier3_hosts.outputs.storageEncryptionKeyName : tier3_controlPlane.outputs.storageEncryptionKeyName
|
||||
storageEncryptionKeyName: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.storageEncryptionKeyName
|
||||
: tier3_controlPlane.outputs.storageEncryptionKeyName
|
||||
storageIndex: storageIndex
|
||||
storageService: storageService
|
||||
storageSku: storageSku
|
||||
subnetResourceId: length(deploymentLocations) == 2 ? tier3_hosts.outputs.subnetResourceId : tier3_controlPlane.outputs.subnetResourceId
|
||||
subnetResourceId: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.subnetResourceId
|
||||
: tier3_controlPlane.outputs.subnetResourceId
|
||||
tags: tags
|
||||
timeZone: length(deploymentLocations) == 2 ? tier3_hosts.outputs.locatonProperties.abbreviation : tier3_controlPlane.outputs.locatonProperties.abbreviation
|
||||
timeZone: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.locatonProperties.abbreviation
|
||||
: tier3_controlPlane.outputs.locatonProperties.abbreviation
|
||||
}
|
||||
dependsOn: [
|
||||
controlPlane
|
||||
|
|
@ -624,7 +751,9 @@ module sessionHosts 'modules/sessionHosts/sessionHosts.bicep' = {
|
|||
deployFslogix: deployFslogix
|
||||
deploymentNameSuffix: deploymentNameSuffix
|
||||
deploymentUserAssignedIdentityClientId: management.outputs.deploymentUserAssignedIdentityClientId
|
||||
diskEncryptionSetResourceId: length(deploymentLocations) == 2 ? tier3_hosts.outputs.diskEncryptionSetResourceId : tier3_controlPlane.outputs.diskEncryptionSetResourceId
|
||||
diskEncryptionSetResourceId: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.diskEncryptionSetResourceId
|
||||
: tier3_controlPlane.outputs.diskEncryptionSetResourceId
|
||||
diskSku: diskSku
|
||||
divisionRemainderValue: divisionRemainderValue
|
||||
domainJoinPassword: domainJoinPassword
|
||||
|
|
@ -649,10 +778,14 @@ module sessionHosts 'modules/sessionHosts/sessionHosts.bicep' = {
|
|||
maxResourcesPerTemplateDeployment: maxResourcesPerTemplateDeployment
|
||||
mlzTags: tier3_controlPlane.outputs.mlzTags
|
||||
monitoring: monitoring
|
||||
namingConvention: length(deploymentLocations) == 2 ? tier3_hosts.outputs.namingConvention : tier3_controlPlane.outputs.namingConvention
|
||||
netAppFileShares: deployFslogix ? fslogix.outputs.netAppShares : [
|
||||
'None'
|
||||
]
|
||||
namingConvention: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.namingConvention
|
||||
: tier3_controlPlane.outputs.namingConvention
|
||||
netAppFileShares: deployFslogix
|
||||
? fslogix.outputs.netAppShares
|
||||
: [
|
||||
'None'
|
||||
]
|
||||
organizationalUnitPath: organizationalUnitPath
|
||||
pooledHostPool: pooledHostPool
|
||||
recoveryServicesVaultName: management.outputs.recoveryServicesVaultName
|
||||
|
|
@ -673,10 +806,16 @@ module sessionHosts 'modules/sessionHosts/sessionHosts.bicep' = {
|
|||
storageIndex: storageIndex
|
||||
storageService: storageService
|
||||
storageSuffix: storageSuffix
|
||||
subnetResourceId: length(deploymentLocations) == 2 ? tier3_hosts.outputs.subnetResourceId : tier3_controlPlane.outputs.subnetResourceId
|
||||
subnetResourceId: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.subnetResourceId
|
||||
: tier3_controlPlane.outputs.subnetResourceId
|
||||
tags: tags
|
||||
timeDifference: length(deploymentLocations) == 2 ? tier3_hosts.outputs.locatonProperties.timeDifference : tier3_controlPlane.outputs.locatonProperties.timeDifference
|
||||
timeZone: length(deploymentLocations) == 2 ? tier3_hosts.outputs.locatonProperties.timeZone : tier3_controlPlane.outputs.locatonProperties.timeZone
|
||||
timeDifference: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.locatonProperties.timeDifference
|
||||
: tier3_controlPlane.outputs.locatonProperties.timeDifference
|
||||
timeZone: length(deploymentLocations) == 2
|
||||
? tier3_hosts.outputs.locatonProperties.timeZone
|
||||
: tier3_controlPlane.outputs.locatonProperties.timeZone
|
||||
virtualMachineMonitoringAgent: virtualMachineMonitoringAgent
|
||||
virtualMachinePassword: virtualMachinePassword
|
||||
virtualMachineSize: virtualMachineSize
|
||||
|
|
|
|||
Разница между файлами не показана из-за своего большого размера
Загрузить разницу
|
|
@ -1503,7 +1503,7 @@
|
|||
"name": "avdAgentMsiName",
|
||||
"type": "Microsoft.Common.TextBox",
|
||||
"label": "Azure Virtual Desktop Agent (.msi)",
|
||||
"defaultValue": "Microsoft.RDInfra.RDAgent.Installer-x64-1.0.8297.800.msi",
|
||||
"defaultValue": "Microsoft.RDInfra.RDAgent.Installer-x64-1.0.8431.2300.msi",
|
||||
"toolTip": "Input the file / blob name for the AVD Agent installer.",
|
||||
"placeholder": "",
|
||||
"multiLine": false,
|
||||
|
|
@ -1522,7 +1522,7 @@
|
|||
"name": "avdAgentBootLoaderMsiName",
|
||||
"type": "Microsoft.Common.TextBox",
|
||||
"label": "Azure Virtual Desktop Boot Loader (.msi)",
|
||||
"defaultValue": "Microsoft.RDInfra.RDAgentBootLoader.Installer-x64 (5).msi",
|
||||
"defaultValue": "Microsoft.RDInfra.RDAgentBootLoader.Installer-x64-1.0.8925.0.msi",
|
||||
"toolTip": "Input the file / blob name for the AVD Boot Loader installer.",
|
||||
"placeholder": "",
|
||||
"multiLine": false,
|
||||
|
|
@ -1770,7 +1770,8 @@
|
|||
"customRdpProperty": "[steps('controlPlane').hostPool.customRdpProperties]",
|
||||
"deployActivityLogDiagnosticSetting": "[empty(steps('compliance').diagnosticSettingsApi.value)]",
|
||||
"deployDefender": "[and(steps('compliance').defenderForCloud.deployDefender, empty(steps('compliance').defenderForCloud.workspaceSettingsApi.value))]",
|
||||
"deployNetworkWatcher": "[empty(filter(steps('basics').networkWatchersApi.value, (item) => equals(item.location, steps('basics').scope.location.name)))]",
|
||||
"deployNetworkWatcherControlPlane": "[empty(filter(steps('basics').networkWatchersApi.value, (item) => equals(item.location, steps('controlPlane').controlPlane.location)))]",
|
||||
"deployNetworkWatcherVirtualMachines": "[empty(filter(steps('basics').networkWatchersApi.value, (item) => equals(item.location, steps('basics').scope.location.name)))]",
|
||||
"deployPolicy": "[steps('compliance').policySection.deployPolicy]",
|
||||
"desktopFriendlyName": "[steps('controlPlane').friendlyNames.desktop]",
|
||||
"diskSku": "[if(equals(steps('basics').scenario.profile, 'arcGisPro'), 'Premium_LRS', steps('hosts').virtualMachine.diskSku)]",
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "17553070626031741998"
|
||||
"templateHash": "15739025302537884367"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -595,7 +595,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "6877974702104389401"
|
||||
"templateHash": "12613552117945428082"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -863,7 +863,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "11171233226932915639"
|
||||
"templateHash": "8363189288729066877"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -1419,7 +1419,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "13218155481958331255"
|
||||
"templateHash": "10432608483393344913"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -1497,11 +1497,11 @@
|
|||
"privateLinkScopeNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').networkInterfaces), parameters('tokens').service, parameters('resourceAbbreviations').privateLinkScopes)]",
|
||||
"privateLinkScopePrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').privateEndpoints), parameters('tokens').service, parameters('resourceAbbreviations').privateLinkScopes)]",
|
||||
"recoveryServicesVault": "[replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"recoveryServicesNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').networkInterfaces), parameters('tokens').service, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"recoveryServicesPrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').privateEndpoints), parameters('tokens').service, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"recoveryServicesVaultNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').networkInterfaces), parameters('tokens').service, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"recoveryServicesVaultPrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').privateEndpoints), parameters('tokens').service, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"resourceGroup": "[replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').resourceGroups)]",
|
||||
"routeTable": "[replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').routeTables)]",
|
||||
"storageAccount": "[toLower(take(format('{0}{1}', replace(replace(replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').storageAccounts), parameters('networkName'), parameters('networkShortName')), '-', ''), uniqueString(parameters('resourcePrefix'), parameters('environmentAbbreviation'), parameters('subscriptionId'))), 24))]",
|
||||
"storageAccount": "[toLower(replace(replace(replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').storageAccounts), parameters('networkName'), parameters('networkShortName')), '-', ''))]",
|
||||
"storageAccountNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').networkInterfaces), parameters('tokens').service, format('{0}-{1}', parameters('tokens').service, parameters('resourceAbbreviations').storageAccounts))]",
|
||||
"storageAccountPrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').privateEndpoints), parameters('tokens').service, format('{0}-{1}', parameters('tokens').service, parameters('resourceAbbreviations').storageAccounts))]",
|
||||
"subnet": "[replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').subnets)]",
|
||||
|
|
@ -1675,9 +1675,6 @@
|
|||
"deployNetworkWatcher": {
|
||||
"value": "[parameters('deployNetworkWatcher')]"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', split(parameters('firewallResourceId'), '/')[2], split(parameters('firewallResourceId'), '/')[4]), 'Microsoft.Network/azureFirewalls', split(parameters('firewallResourceId'), '/')[8]), '2020-11-01').sku.tier]"
|
||||
},
|
||||
"hubVirtualNetworkResourceId": {
|
||||
"value": "[parameters('hubVirtualNetworkResourceId')]"
|
||||
},
|
||||
|
|
@ -1724,9 +1721,7 @@
|
|||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('get-logic-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.tiers.value[0].namingConvention.virtualNetwork]"
|
||||
},
|
||||
"vNetDnsServers": {
|
||||
"value": [
|
||||
"[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', split(parameters('firewallResourceId'), '/')[2], split(parameters('firewallResourceId'), '/')[4]), 'Microsoft.Network/azureFirewalls', split(parameters('firewallResourceId'), '/')[8]), '2020-11-01').ipConfigurations[0].properties.privateIPAddress]"
|
||||
]
|
||||
"value": "[coalesce(tryGet(reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', split(parameters('hubVirtualNetworkResourceId'), '/')[2], split(parameters('hubVirtualNetworkResourceId'), '/')[4]), 'Microsoft.Network/virtualNetworks', split(parameters('hubVirtualNetworkResourceId'), '/')[8]), '2023-11-01'), 'dhcpOptions', 'dnsServers'), createArray())]"
|
||||
},
|
||||
"workloadName": {
|
||||
"value": "[toLower(parameters('workloadName'))]"
|
||||
|
|
@ -1742,7 +1737,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "3012486009507231873"
|
||||
"templateHash": "3177815773272746024"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -1755,9 +1750,6 @@
|
|||
"deployNetworkWatcher": {
|
||||
"type": "bool"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"type": "string"
|
||||
},
|
||||
"hubVirtualNetworkResourceId": {
|
||||
"type": "string"
|
||||
},
|
||||
|
|
@ -1831,9 +1823,6 @@
|
|||
"deployNetworkWatcher": {
|
||||
"value": "[parameters('deployNetworkWatcher')]"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"value": "[parameters('firewallSkuTier')]"
|
||||
},
|
||||
"location": {
|
||||
"value": "[parameters('location')]"
|
||||
},
|
||||
|
|
@ -1887,7 +1876,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "4742978871908330688"
|
||||
"templateHash": "17262762423710705329"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -1898,9 +1887,6 @@
|
|||
"deployNetworkWatcher": {
|
||||
"type": "bool"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"type": "string"
|
||||
},
|
||||
"location": {
|
||||
"type": "string"
|
||||
},
|
||||
|
|
@ -2252,9 +2238,6 @@
|
|||
},
|
||||
"vNetDnsServers": {
|
||||
"value": "[parameters('vNetDnsServers')]"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"value": "[parameters('firewallSkuTier')]"
|
||||
}
|
||||
},
|
||||
"template": {
|
||||
|
|
@ -2264,7 +2247,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "4325479931624604061"
|
||||
"templateHash": "2265853539539159849"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -2288,9 +2271,6 @@
|
|||
},
|
||||
"vNetDnsServers": {
|
||||
"type": "array"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"resources": [
|
||||
|
|
@ -2307,26 +2287,30 @@
|
|||
]
|
||||
},
|
||||
"subnets": "[parameters('subnets')]",
|
||||
"dhcpOptions": "[if(and(not(equals(parameters('vNetDnsServers'), null())), or(equals(parameters('firewallSkuTier'), 'Premium'), equals(parameters('firewallSkuTier'), 'Standard'))), createObject('dnsServers', parameters('vNetDnsServers')), null())]"
|
||||
"dhcpOptions": "[if(empty(parameters('vNetDnsServers')), null(), createObject('dnsServers', parameters('vNetDnsServers')))]"
|
||||
}
|
||||
}
|
||||
],
|
||||
"outputs": {
|
||||
"name": {
|
||||
"addressPrefix": {
|
||||
"type": "string",
|
||||
"value": "[parameters('name')]"
|
||||
"value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('name')), '2021-02-01').addressSpace.addressPrefixes[0]]"
|
||||
},
|
||||
"dnsServers": {
|
||||
"type": "array",
|
||||
"value": "[parameters('vNetDnsServers')]"
|
||||
},
|
||||
"id": {
|
||||
"type": "string",
|
||||
"value": "[resourceId('Microsoft.Network/virtualNetworks', parameters('name'))]"
|
||||
},
|
||||
"name": {
|
||||
"type": "string",
|
||||
"value": "[parameters('name')]"
|
||||
},
|
||||
"subnets": {
|
||||
"type": "array",
|
||||
"value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('name')), '2021-02-01').subnets]"
|
||||
},
|
||||
"addressPrefix": {
|
||||
"type": "string",
|
||||
"value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('name')), '2021-02-01').addressSpace.addressPrefixes[0]]"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ param virtualNetworkName string
|
|||
|
||||
module activityLogDiagnosticSettings '../../../modules/activity-log-diagnostic-settings.bicep' =
|
||||
if (deployActivityLogDiagnosticSetting) {
|
||||
name: 'deploy-activity-diags-${tier.name}-${deploymentNameSuffix}'
|
||||
name: 'deploy-activity-diags-${tier.shortName}-${deploymentNameSuffix}'
|
||||
scope: subscription(tier.subscriptionId)
|
||||
params: {
|
||||
logAnalyticsWorkspaceId: logAnalyticsWorkspaceResourceId
|
||||
|
|
@ -30,7 +30,7 @@ module activityLogDiagnosticSettings '../../../modules/activity-log-diagnostic-s
|
|||
}
|
||||
|
||||
module keyvaultDiagnostics '../../../modules/key-vault-diagnostics.bicep' = {
|
||||
name: 'deploy-kv-diags-${deploymentNameSuffix}'
|
||||
name: 'deploy-kv-diags-${tier.shortName}-${deploymentNameSuffix}'
|
||||
scope: resourceGroup(tier.subscriptionId, resourceGroupName)
|
||||
params: {
|
||||
keyVaultDiagnosticSettingName: tier.namingConvention.keyVaultDiagnosticSetting
|
||||
|
|
@ -42,7 +42,7 @@ module keyvaultDiagnostics '../../../modules/key-vault-diagnostics.bicep' = {
|
|||
}
|
||||
|
||||
module networkSecurityGroupDiagnostics '../../../modules/network-security-group-diagnostics.bicep' = {
|
||||
name: 'deploy-nsg-diags-${tier.name}-${deploymentNameSuffix}'
|
||||
name: 'deploy-nsg-diags-${tier.shortName}-${deploymentNameSuffix}'
|
||||
scope: resourceGroup(tier.subscriptionId, resourceGroupName)
|
||||
params: {
|
||||
logAnalyticsWorkspaceResourceId: logAnalyticsWorkspaceResourceId
|
||||
|
|
@ -55,7 +55,7 @@ module networkSecurityGroupDiagnostics '../../../modules/network-security-group-
|
|||
}
|
||||
|
||||
module virtualNetworkDiagnostics '../../../modules/virtual-network-diagnostics.bicep' = {
|
||||
name: 'deploy-vnet-diags-${tier.name}-${deploymentNameSuffix}'
|
||||
name: 'deploy-vnet-diags-${tier.shortName}-${deploymentNameSuffix}'
|
||||
scope: resourceGroup(tier.subscriptionId, resourceGroupName)
|
||||
params: {
|
||||
logAnalyticsWorkspaceResourceId: logAnalyticsWorkspaceResourceId
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@ targetScope = 'subscription'
|
|||
param additionalSubnets array
|
||||
param deploymentNameSuffix string
|
||||
param deployNetworkWatcher bool
|
||||
param firewallSkuTier string
|
||||
param hubVirtualNetworkResourceId string
|
||||
param location string
|
||||
param mlzTags object
|
||||
|
|
@ -25,15 +24,13 @@ param tags object
|
|||
param vNetDnsServers array
|
||||
param virtualNetworkAddressPrefix string
|
||||
param virtualNetworkName string
|
||||
param workloadName string
|
||||
param workloadShortName string
|
||||
|
||||
module spokeNetwork '../../../modules/spoke-network.bicep' = {
|
||||
name: 'spokeNetwork'
|
||||
name: 'deploy-spoke-${workloadShortName}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
additionalSubnets: additionalSubnets
|
||||
deployNetworkWatcher: deployNetworkWatcher
|
||||
firewallSkuTier: firewallSkuTier
|
||||
location: location
|
||||
mlzTags: mlzTags
|
||||
networkSecurityGroupName: networkSecurityGroupName
|
||||
|
|
@ -53,22 +50,24 @@ module spokeNetwork '../../../modules/spoke-network.bicep' = {
|
|||
}
|
||||
|
||||
module workloadVirtualNetworkPeerings '../../../modules/spoke-network-peering.bicep' = {
|
||||
name: 'deploy-vnet-peering-${workloadShortName}-${deploymentNameSuffix}'
|
||||
name: 'deploy-spoke-peering-${workloadShortName}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
deploymentNameSuffix: deploymentNameSuffix
|
||||
hubVirtualNetworkResourceId: hubVirtualNetworkResourceId
|
||||
resourceGroupName: resourceGroupName
|
||||
spokeName: workloadName
|
||||
spokeShortName: workloadShortName
|
||||
spokeVirtualNetworkName: spokeNetwork.outputs.virtualNetworkName
|
||||
subscriptionId: subscriptionId
|
||||
}
|
||||
}
|
||||
|
||||
module hubToWorkloadVirtualNetworkPeering '../../../modules/hub-network-peerings.bicep' = {
|
||||
name: 'deploy-vnet-peering-hub-${deploymentNameSuffix}'
|
||||
name: 'deploy-hub-peering-${workloadShortName}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
deploymentNameSuffix: deploymentNameSuffix
|
||||
hubVirtualNetworkName: split(hubVirtualNetworkResourceId, '/')[8]
|
||||
resourceGroupName: split(hubVirtualNetworkResourceId, '/')[4]
|
||||
spokeName: workloadName
|
||||
spokeShortName: workloadShortName
|
||||
spokeVirtualNetworkResourceId: spokeNetwork.outputs.virtualNetworkResourceId
|
||||
subscriptionId: split(hubVirtualNetworkResourceId, '/')[2]
|
||||
}
|
||||
|
|
|
|||
|
|
@ -123,6 +123,11 @@ resource azureFirewall 'Microsoft.Network/azureFirewalls@2020-11-01' existing =
|
|||
scope: resourceGroup(split(firewallResourceId, '/')[2], split(firewallResourceId, '/')[4])
|
||||
}
|
||||
|
||||
resource virtualNetwork 'Microsoft.Network/virtualNetworks@2023-11-01' existing = {
|
||||
name: split(hubVirtualNetworkResourceId, '/')[8]
|
||||
scope: resourceGroup(split(hubVirtualNetworkResourceId, '/')[2], split(hubVirtualNetworkResourceId, '/')[4])
|
||||
}
|
||||
|
||||
module logic '../../modules/logic.bicep' = {
|
||||
name: 'get-logic-${workloadShortName}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
|
|
@ -160,12 +165,11 @@ module rg '../../modules/resource-group.bicep' = {
|
|||
}
|
||||
|
||||
module networking 'modules/networking.bicep' = {
|
||||
name: 'deploy-networking-${workloadShortName}-${deploymentNameSuffix}'
|
||||
name: 'deploy-network-${workloadShortName}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
additionalSubnets: additionalSubnets
|
||||
deploymentNameSuffix: deploymentNameSuffix
|
||||
deployNetworkWatcher: deployNetworkWatcher
|
||||
firewallSkuTier: azureFirewall.properties.sku.tier
|
||||
hubVirtualNetworkResourceId: hubVirtualNetworkResourceId
|
||||
location: location
|
||||
mlzTags: logic.outputs.mlzTags
|
||||
|
|
@ -181,10 +185,7 @@ module networking 'modules/networking.bicep' = {
|
|||
tags: tags
|
||||
virtualNetworkAddressPrefix: virtualNetworkAddressPrefix
|
||||
virtualNetworkName: logic.outputs.tiers[0].namingConvention.virtualNetwork
|
||||
vNetDnsServers: [
|
||||
azureFirewall.properties.ipConfigurations[0].properties.privateIPAddress
|
||||
]
|
||||
workloadName: toLower(workloadName)
|
||||
vNetDnsServers: virtualNetwork.properties.?dhcpOptions.dnsServers ?? []
|
||||
workloadShortName: workloadShortName
|
||||
}
|
||||
dependsOn: [
|
||||
|
|
@ -209,6 +210,7 @@ module customerManagedKeys '../../modules/customer-managed-keys.bicep' = {
|
|||
tags: tags
|
||||
tier: logic.outputs.tiers[0]
|
||||
tokens: logic.outputs.tokens
|
||||
workloadShortName: workloadShortName
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -242,7 +244,7 @@ module storage 'modules/storage.bicep' = {
|
|||
}
|
||||
|
||||
module diagnostics 'modules/diagnostics.bicep' = {
|
||||
name: 'deploy-diagnostics-${workloadShortName}-${deploymentNameSuffix}'
|
||||
name: 'deploy-diag-${workloadShortName}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
deployActivityLogDiagnosticSetting: deployActivityLogDiagnosticSetting
|
||||
deploymentNameSuffix: deploymentNameSuffix
|
||||
|
|
@ -263,7 +265,7 @@ module diagnostics 'modules/diagnostics.bicep' = {
|
|||
|
||||
module policyAssignments '../../modules/policy-assignments.bicep' =
|
||||
if (deployPolicy) {
|
||||
name: 'assign-policy-${toLower(workloadName)}-${deploymentNameSuffix}'
|
||||
name: 'assign-policy-${workloadShortName}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
deploymentNameSuffix: deploymentNameSuffix
|
||||
location: location
|
||||
|
|
@ -281,7 +283,7 @@ module policyAssignments '../../modules/policy-assignments.bicep' =
|
|||
|
||||
module defenderForCloud '../../modules/defender-for-cloud.bicep' =
|
||||
if (deployDefender) {
|
||||
name: 'set-${toLower(workloadName)}-sub-defender'
|
||||
name: 'set-defender-${workloadShortName}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
emailSecurityContact: emailSecurityContact
|
||||
logAnalyticsWorkspaceId: logAnalyticsWorkspaceResourceId
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "6877974702104389401"
|
||||
"templateHash": "9708587224602662941"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -273,7 +273,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "11171233226932915639"
|
||||
"templateHash": "1283486214672349634"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -786,7 +786,7 @@
|
|||
},
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('naming-convention-{0}-{1}', parameters('networks')[copyIndex()].name, parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('naming-convention-{0}-{1}', parameters('networks')[copyIndex()].shortName, parameters('deploymentNameSuffix'))]",
|
||||
"location": "[deployment().location]",
|
||||
"properties": {
|
||||
"expressionEvaluationOptions": {
|
||||
|
|
@ -829,7 +829,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "13218155481958331255"
|
||||
"templateHash": "10432608483393344913"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -907,11 +907,11 @@
|
|||
"privateLinkScopeNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').networkInterfaces), parameters('tokens').service, parameters('resourceAbbreviations').privateLinkScopes)]",
|
||||
"privateLinkScopePrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').privateEndpoints), parameters('tokens').service, parameters('resourceAbbreviations').privateLinkScopes)]",
|
||||
"recoveryServicesVault": "[replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"recoveryServicesNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').networkInterfaces), parameters('tokens').service, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"recoveryServicesPrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').privateEndpoints), parameters('tokens').service, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"recoveryServicesVaultNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').networkInterfaces), parameters('tokens').service, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"recoveryServicesVaultPrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').privateEndpoints), parameters('tokens').service, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"resourceGroup": "[replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').resourceGroups)]",
|
||||
"routeTable": "[replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').routeTables)]",
|
||||
"storageAccount": "[toLower(take(format('{0}{1}', replace(replace(replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').storageAccounts), parameters('networkName'), parameters('networkShortName')), '-', ''), uniqueString(parameters('resourcePrefix'), parameters('environmentAbbreviation'), parameters('subscriptionId'))), 24))]",
|
||||
"storageAccount": "[toLower(replace(replace(replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').storageAccounts), parameters('networkName'), parameters('networkShortName')), '-', ''))]",
|
||||
"storageAccountNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').networkInterfaces), parameters('tokens').service, format('{0}-{1}', parameters('tokens').service, parameters('resourceAbbreviations').storageAccounts))]",
|
||||
"storageAccountPrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').privateEndpoints), parameters('tokens').service, format('{0}-{1}', parameters('tokens').service, parameters('resourceAbbreviations').storageAccounts))]",
|
||||
"subnet": "[replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').subnets)]",
|
||||
|
|
@ -971,7 +971,7 @@
|
|||
"vnetDiagLogs": "[parameters('networks')[copyIndex()].vnetDiagLogs]",
|
||||
"vnetDiagMetrics": "[parameters('networks')[copyIndex()].vnetDiagMetrics]",
|
||||
"subnetAddressPrefix": "[parameters('networks')[copyIndex()].subnetAddressPrefix]",
|
||||
"namingConvention": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('naming-convention-{0}-{1}', parameters('networks')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2022-09-01').outputs.names.value]"
|
||||
"namingConvention": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('naming-convention-{0}-{1}', parameters('networks')[copyIndex()].shortName, parameters('deploymentNameSuffix'))), '2022-09-01').outputs.names.value]"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
@ -1068,7 +1068,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-networking-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-network-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"location": "[deployment().location]",
|
||||
"properties": {
|
||||
"expressionEvaluationOptions": {
|
||||
|
|
@ -1085,9 +1085,6 @@
|
|||
"deployNetworkWatcher": {
|
||||
"value": "[parameters('deployNetworkWatcher')]"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', split(parameters('firewallResourceId'), '/')[2], split(parameters('firewallResourceId'), '/')[4]), 'Microsoft.Network/azureFirewalls', split(parameters('firewallResourceId'), '/')[8]), '2020-11-01').sku.tier]"
|
||||
},
|
||||
"hubVirtualNetworkResourceId": {
|
||||
"value": "[parameters('hubVirtualNetworkResourceId')]"
|
||||
},
|
||||
|
|
@ -1134,12 +1131,7 @@
|
|||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('get-logic-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.tiers.value[0].namingConvention.virtualNetwork]"
|
||||
},
|
||||
"vNetDnsServers": {
|
||||
"value": [
|
||||
"[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', split(parameters('firewallResourceId'), '/')[2], split(parameters('firewallResourceId'), '/')[4]), 'Microsoft.Network/azureFirewalls', split(parameters('firewallResourceId'), '/')[8]), '2020-11-01').ipConfigurations[0].properties.privateIPAddress]"
|
||||
]
|
||||
},
|
||||
"workloadName": {
|
||||
"value": "[toLower(parameters('workloadName'))]"
|
||||
"value": "[coalesce(tryGet(reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', split(parameters('hubVirtualNetworkResourceId'), '/')[2], split(parameters('hubVirtualNetworkResourceId'), '/')[4]), 'Microsoft.Network/virtualNetworks', split(parameters('hubVirtualNetworkResourceId'), '/')[8]), '2023-11-01'), 'dhcpOptions', 'dnsServers'), createArray())]"
|
||||
},
|
||||
"workloadShortName": {
|
||||
"value": "[parameters('workloadShortName')]"
|
||||
|
|
@ -1152,7 +1144,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "3012486009507231873"
|
||||
"templateHash": "7255054464077859150"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -1165,9 +1157,6 @@
|
|||
"deployNetworkWatcher": {
|
||||
"type": "bool"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"type": "string"
|
||||
},
|
||||
"hubVirtualNetworkResourceId": {
|
||||
"type": "string"
|
||||
},
|
||||
|
|
@ -1216,9 +1205,6 @@
|
|||
"virtualNetworkName": {
|
||||
"type": "string"
|
||||
},
|
||||
"workloadName": {
|
||||
"type": "string"
|
||||
},
|
||||
"workloadShortName": {
|
||||
"type": "string"
|
||||
}
|
||||
|
|
@ -1227,7 +1213,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "spokeNetwork",
|
||||
"name": "[format('deploy-spoke-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"location": "[deployment().location]",
|
||||
"properties": {
|
||||
"expressionEvaluationOptions": {
|
||||
|
|
@ -1241,9 +1227,6 @@
|
|||
"deployNetworkWatcher": {
|
||||
"value": "[parameters('deployNetworkWatcher')]"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"value": "[parameters('firewallSkuTier')]"
|
||||
},
|
||||
"location": {
|
||||
"value": "[parameters('location')]"
|
||||
},
|
||||
|
|
@ -1297,7 +1280,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "4742978871908330688"
|
||||
"templateHash": "17262762423710705329"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -1308,9 +1291,6 @@
|
|||
"deployNetworkWatcher": {
|
||||
"type": "bool"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"type": "string"
|
||||
},
|
||||
"location": {
|
||||
"type": "string"
|
||||
},
|
||||
|
|
@ -1662,9 +1642,6 @@
|
|||
},
|
||||
"vNetDnsServers": {
|
||||
"value": "[parameters('vNetDnsServers')]"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"value": "[parameters('firewallSkuTier')]"
|
||||
}
|
||||
},
|
||||
"template": {
|
||||
|
|
@ -1674,7 +1651,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "4325479931624604061"
|
||||
"templateHash": "2265853539539159849"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -1698,9 +1675,6 @@
|
|||
},
|
||||
"vNetDnsServers": {
|
||||
"type": "array"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"resources": [
|
||||
|
|
@ -1717,26 +1691,30 @@
|
|||
]
|
||||
},
|
||||
"subnets": "[parameters('subnets')]",
|
||||
"dhcpOptions": "[if(and(not(equals(parameters('vNetDnsServers'), null())), or(equals(parameters('firewallSkuTier'), 'Premium'), equals(parameters('firewallSkuTier'), 'Standard'))), createObject('dnsServers', parameters('vNetDnsServers')), null())]"
|
||||
"dhcpOptions": "[if(empty(parameters('vNetDnsServers')), null(), createObject('dnsServers', parameters('vNetDnsServers')))]"
|
||||
}
|
||||
}
|
||||
],
|
||||
"outputs": {
|
||||
"name": {
|
||||
"addressPrefix": {
|
||||
"type": "string",
|
||||
"value": "[parameters('name')]"
|
||||
"value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('name')), '2021-02-01').addressSpace.addressPrefixes[0]]"
|
||||
},
|
||||
"dnsServers": {
|
||||
"type": "array",
|
||||
"value": "[parameters('vNetDnsServers')]"
|
||||
},
|
||||
"id": {
|
||||
"type": "string",
|
||||
"value": "[resourceId('Microsoft.Network/virtualNetworks', parameters('name'))]"
|
||||
},
|
||||
"name": {
|
||||
"type": "string",
|
||||
"value": "[parameters('name')]"
|
||||
},
|
||||
"subnets": {
|
||||
"type": "array",
|
||||
"value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('name')), '2021-02-01').subnets]"
|
||||
},
|
||||
"addressPrefix": {
|
||||
"type": "string",
|
||||
"value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('name')), '2021-02-01').addressSpace.addressPrefixes[0]]"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -1788,7 +1766,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-vnet-peering-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-spoke-peering-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"location": "[deployment().location]",
|
||||
"properties": {
|
||||
"expressionEvaluationOptions": {
|
||||
|
|
@ -1796,17 +1774,20 @@
|
|||
},
|
||||
"mode": "Incremental",
|
||||
"parameters": {
|
||||
"deploymentNameSuffix": {
|
||||
"value": "[parameters('deploymentNameSuffix')]"
|
||||
},
|
||||
"hubVirtualNetworkResourceId": {
|
||||
"value": "[parameters('hubVirtualNetworkResourceId')]"
|
||||
},
|
||||
"resourceGroupName": {
|
||||
"value": "[parameters('resourceGroupName')]"
|
||||
},
|
||||
"spokeName": {
|
||||
"value": "[parameters('workloadName')]"
|
||||
"spokeShortName": {
|
||||
"value": "[parameters('workloadShortName')]"
|
||||
},
|
||||
"spokeVirtualNetworkName": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', 'spokeNetwork'), '2022-09-01').outputs.virtualNetworkName.value]"
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-spoke-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.virtualNetworkName.value]"
|
||||
},
|
||||
"subscriptionId": {
|
||||
"value": "[parameters('subscriptionId')]"
|
||||
|
|
@ -1819,17 +1800,20 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "1081420821337659529"
|
||||
"templateHash": "5158151637829725698"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
"deploymentNameSuffix": {
|
||||
"type": "string"
|
||||
},
|
||||
"hubVirtualNetworkResourceId": {
|
||||
"type": "string"
|
||||
},
|
||||
"resourceGroupName": {
|
||||
"type": "string"
|
||||
},
|
||||
"spokeName": {
|
||||
"spokeShortName": {
|
||||
"type": "string"
|
||||
},
|
||||
"spokeVirtualNetworkName": {
|
||||
|
|
@ -1843,7 +1827,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('{0}-to-hub-vnet-peering', parameters('spokeName'))]",
|
||||
"name": "[format('peer-{0}-to-hub-{1}', parameters('spokeShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('subscriptionId')]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -1903,13 +1887,13 @@
|
|||
}
|
||||
},
|
||||
"dependsOn": [
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', 'spokeNetwork')]"
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-spoke-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]"
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-vnet-peering-hub-{0}', parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-hub-peering-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"location": "[deployment().location]",
|
||||
"properties": {
|
||||
"expressionEvaluationOptions": {
|
||||
|
|
@ -1917,17 +1901,20 @@
|
|||
},
|
||||
"mode": "Incremental",
|
||||
"parameters": {
|
||||
"deploymentNameSuffix": {
|
||||
"value": "[parameters('deploymentNameSuffix')]"
|
||||
},
|
||||
"hubVirtualNetworkName": {
|
||||
"value": "[split(parameters('hubVirtualNetworkResourceId'), '/')[8]]"
|
||||
},
|
||||
"resourceGroupName": {
|
||||
"value": "[split(parameters('hubVirtualNetworkResourceId'), '/')[4]]"
|
||||
},
|
||||
"spokeName": {
|
||||
"value": "[parameters('workloadName')]"
|
||||
"spokeShortName": {
|
||||
"value": "[parameters('workloadShortName')]"
|
||||
},
|
||||
"spokeVirtualNetworkResourceId": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', 'spokeNetwork'), '2022-09-01').outputs.virtualNetworkResourceId.value]"
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-spoke-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.virtualNetworkResourceId.value]"
|
||||
},
|
||||
"subscriptionId": {
|
||||
"value": "[split(parameters('hubVirtualNetworkResourceId'), '/')[2]]"
|
||||
|
|
@ -1940,17 +1927,20 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "16991872399359859910"
|
||||
"templateHash": "15781764977326733963"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
"deploymentNameSuffix": {
|
||||
"type": "string"
|
||||
},
|
||||
"hubVirtualNetworkName": {
|
||||
"type": "string"
|
||||
},
|
||||
"resourceGroupName": {
|
||||
"type": "string"
|
||||
},
|
||||
"spokeName": {
|
||||
"spokeShortName": {
|
||||
"type": "string"
|
||||
},
|
||||
"spokeVirtualNetworkResourceId": {
|
||||
|
|
@ -1964,7 +1954,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('hub-to-{0}-vnet-peering', parameters('spokeName'))]",
|
||||
"name": "[format('peer-hub-to-{0}-{1}', parameters('spokeShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('subscriptionId')]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -2024,22 +2014,22 @@
|
|||
}
|
||||
},
|
||||
"dependsOn": [
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', 'spokeNetwork')]"
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-spoke-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]"
|
||||
]
|
||||
}
|
||||
],
|
||||
"outputs": {
|
||||
"networkSecurityGroupName": {
|
||||
"type": "string",
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', 'spokeNetwork'), '2022-09-01').outputs.networkSecurityGroupName.value]"
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-spoke-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.networkSecurityGroupName.value]"
|
||||
},
|
||||
"subnetResourceId": {
|
||||
"type": "string",
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', 'spokeNetwork'), '2022-09-01').outputs.subnetResourceId.value]"
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-spoke-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.subnetResourceId.value]"
|
||||
},
|
||||
"virtualNetworkName": {
|
||||
"type": "string",
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', 'spokeNetwork'), '2022-09-01').outputs.virtualNetworkName.value]"
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-spoke-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.virtualNetworkName.value]"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -2076,7 +2066,7 @@
|
|||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-rg-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.name.value]"
|
||||
},
|
||||
"subnetResourceId": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-networking-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.subnetResourceId.value]"
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-network-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.subnetResourceId.value]"
|
||||
},
|
||||
"tags": {
|
||||
"value": "[parameters('tags')]"
|
||||
|
|
@ -2086,6 +2076,9 @@
|
|||
},
|
||||
"tokens": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('get-logic-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.tokens.value]"
|
||||
},
|
||||
"workloadShortName": {
|
||||
"value": "[parameters('workloadShortName')]"
|
||||
}
|
||||
},
|
||||
"template": {
|
||||
|
|
@ -2095,7 +2088,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "7828233421610885078"
|
||||
"templateHash": "12584527779015666762"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -2125,13 +2118,16 @@
|
|||
},
|
||||
"tokens": {
|
||||
"type": "object"
|
||||
},
|
||||
"workloadShortName": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('tier').subscriptionId]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -2384,7 +2380,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-disk-encryption-set-{0}', parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-des-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('tier').subscriptionId]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -2400,10 +2396,10 @@
|
|||
"value": "[parameters('tier').namingConvention.diskEncryptionSet]"
|
||||
},
|
||||
"keyUrl": {
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyUriWithVersion.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyUriWithVersion.value]"
|
||||
},
|
||||
"keyVaultResourceId": {
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultResourceId.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultResourceId.value]"
|
||||
},
|
||||
"location": {
|
||||
"value": "[parameters('location')]"
|
||||
|
|
@ -2411,7 +2407,10 @@
|
|||
"mlzTags": {
|
||||
"value": "[parameters('mlzTags')]"
|
||||
},
|
||||
"tags": "[if(contains(parameters('tags'), 'Microsoft.Compute/diskEncryptionSets'), createObject('value', parameters('tags')['Microsoft.Compute/diskEncryptionSets']), createObject('value', createObject()))]"
|
||||
"tags": "[if(contains(parameters('tags'), 'Microsoft.Compute/diskEncryptionSets'), createObject('value', parameters('tags')['Microsoft.Compute/diskEncryptionSets']), createObject('value', createObject()))]",
|
||||
"workloadShortName": {
|
||||
"value": "[parameters('workloadShortName')]"
|
||||
}
|
||||
},
|
||||
"template": {
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
|
|
@ -2420,7 +2419,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "15986878026863280024"
|
||||
"templateHash": "16629693514867638495"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -2444,6 +2443,9 @@
|
|||
},
|
||||
"tags": {
|
||||
"type": "object"
|
||||
},
|
||||
"workloadShortName": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"resources": [
|
||||
|
|
@ -2470,7 +2472,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('assign-role-disk-encryption-set-ops-{0}', parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('assign-role-des-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"properties": {
|
||||
"expressionEvaluationOptions": {
|
||||
"scope": "inner"
|
||||
|
|
@ -2554,13 +2556,13 @@
|
|||
}
|
||||
},
|
||||
"dependsOn": [
|
||||
"[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix')))]"
|
||||
"[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]"
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-user-assigned-identity-{0}', parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-id-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('tier').subscriptionId]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -2570,7 +2572,7 @@
|
|||
"mode": "Incremental",
|
||||
"parameters": {
|
||||
"keyVaultName": {
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultName.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultName.value]"
|
||||
},
|
||||
"location": {
|
||||
"value": "[parameters('location')]"
|
||||
|
|
@ -2644,41 +2646,41 @@
|
|||
}
|
||||
},
|
||||
"dependsOn": [
|
||||
"[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix')))]"
|
||||
"[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]"
|
||||
]
|
||||
}
|
||||
],
|
||||
"outputs": {
|
||||
"diskEncryptionSetResourceId": {
|
||||
"type": "string",
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-disk-encryption-set-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.resourceId.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-des-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.resourceId.value]"
|
||||
},
|
||||
"keyVaultName": {
|
||||
"type": "string",
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultName.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultName.value]"
|
||||
},
|
||||
"keyVaultUri": {
|
||||
"type": "string",
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultUri.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultUri.value]"
|
||||
},
|
||||
"keyVaultResourceId": {
|
||||
"type": "string",
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultResourceId.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultResourceId.value]"
|
||||
},
|
||||
"storageKeyName": {
|
||||
"type": "string",
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.storageKeyName.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.storageKeyName.value]"
|
||||
},
|
||||
"userAssignedIdentityResourceId": {
|
||||
"type": "string",
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-user-assigned-identity-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.resourceId.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-id-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.resourceId.value]"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"dependsOn": [
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('get-logic-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]",
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-networking-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]",
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-network-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]",
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-rg-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]"
|
||||
]
|
||||
},
|
||||
|
|
@ -2721,7 +2723,7 @@
|
|||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-cmk-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.storageKeyName.value]"
|
||||
},
|
||||
"subnetResourceId": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-networking-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.subnetResourceId.value]"
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-network-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.subnetResourceId.value]"
|
||||
},
|
||||
"tablesPrivateDnsZoneResourceId": {
|
||||
"value": "[resourceId(variables('hubSubscriptionId'), variables('hubResourceGroupName'), 'Microsoft.Network/privateDnsZones', format('privatelink.table.{0}', environment().suffixes.storage))]"
|
||||
|
|
@ -3040,14 +3042,14 @@
|
|||
"dependsOn": [
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-cmk-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]",
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('get-logic-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]",
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-networking-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]",
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-network-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]",
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-rg-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]"
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-diagnostics-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-diag-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"location": "[deployment().location]",
|
||||
"properties": {
|
||||
"expressionEvaluationOptions": {
|
||||
|
|
@ -3077,7 +3079,7 @@
|
|||
"value": "[parameters('networkSecurityGroupDiagnosticsMetrics')]"
|
||||
},
|
||||
"networkSecurityGroupName": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-networking-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.networkSecurityGroupName.value]"
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-network-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.networkSecurityGroupName.value]"
|
||||
},
|
||||
"resourceGroupName": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-rg-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.name.value]"
|
||||
|
|
@ -3095,7 +3097,7 @@
|
|||
"value": "[parameters('virtualNetworkDiagnosticsMetrics')]"
|
||||
},
|
||||
"virtualNetworkName": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-networking-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.virtualNetworkName.value]"
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-network-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.virtualNetworkName.value]"
|
||||
}
|
||||
},
|
||||
"template": {
|
||||
|
|
@ -3105,7 +3107,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "738419494311113164"
|
||||
"templateHash": "11049517654822149634"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -3157,7 +3159,7 @@
|
|||
"condition": "[parameters('deployActivityLogDiagnosticSetting')]",
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-activity-diags-{0}-{1}', parameters('tier').name, parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-activity-diags-{0}-{1}', parameters('tier').shortName, parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('tier').subscriptionId]",
|
||||
"location": "[deployment().location]",
|
||||
"properties": {
|
||||
|
|
@ -3235,7 +3237,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-kv-diags-{0}', parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-kv-diags-{0}-{1}', parameters('tier').shortName, parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('tier').subscriptionId]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -3306,7 +3308,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-nsg-diags-{0}-{1}', parameters('tier').name, parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-nsg-diags-{0}-{1}', parameters('tier').shortName, parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('tier').subscriptionId]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -3384,7 +3386,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-vnet-diags-{0}-{1}', parameters('tier').name, parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-vnet-diags-{0}-{1}', parameters('tier').shortName, parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('tier').subscriptionId]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -3465,7 +3467,7 @@
|
|||
"dependsOn": [
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-cmk-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]",
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('get-logic-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]",
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-networking-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]",
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-network-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]",
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-rg-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]",
|
||||
"[subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-storage-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]"
|
||||
]
|
||||
|
|
@ -3474,7 +3476,7 @@
|
|||
"condition": "[parameters('deployPolicy')]",
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('assign-policy-{0}-{1}', toLower(parameters('workloadName')), parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('assign-policy-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"location": "[deployment().location]",
|
||||
"properties": {
|
||||
"expressionEvaluationOptions": {
|
||||
|
|
@ -3806,7 +3808,7 @@
|
|||
"condition": "[parameters('deployDefender')]",
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('set-{0}-sub-defender', toLower(parameters('workloadName')))]",
|
||||
"name": "[format('set-defender-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"location": "[deployment().location]",
|
||||
"properties": {
|
||||
"expressionEvaluationOptions": {
|
||||
|
|
@ -4089,7 +4091,7 @@
|
|||
},
|
||||
"subnetResourceId": {
|
||||
"type": "string",
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-networking-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.subnetResourceId.value]"
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-network-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.subnetResourceId.value]"
|
||||
},
|
||||
"tier": {
|
||||
"type": "object",
|
||||
|
|
|
|||
|
|
@ -131,15 +131,15 @@ do {
|
|||
$urls = @(
|
||||
"https://github.com/Azure/azure-powershell/releases/download/v10.2.0-August2023/Az-Cmdlets-10.2.0.37547-x64.msi"
|
||||
"https://raw.githubusercontent.com/Azure/missionlz/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Get-Validations.ps1"
|
||||
"https://github.com/Azure/missionlz/blob/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Install-AzurePowerShellAzModule.ps1"
|
||||
"https://github.com/Azure/missionlz/blob/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-AutomationRunbook.ps1"
|
||||
"https://github.com/Azure/missionlz/blob/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-AvdDrainMode.ps1"
|
||||
"https://github.com/Azure/missionlz/blob/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-FileShareScaling.ps1"
|
||||
"https://github.com/Azure/missionlz/blob/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-HostPoolScaling.ps1"
|
||||
"https://github.com/Azure/missionlz/blob/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-NtfsPermissions.ps1"
|
||||
"https://github.com/Azure/missionlz/blob/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-SessionHostConfiguration.ps1"
|
||||
"https://github.com/Azure/missionlz/blob/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Update-AvdDesktop.ps1"
|
||||
"https://github.com/Azure/missionlz/blob/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Update-AvdWorkspace.ps1"
|
||||
"https://raw.githubusercontent.com/Azure/missionlz/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Install-AzurePowerShellAzModule.ps1"
|
||||
"https://raw.githubusercontent.com/Azure/missionlz/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-AutomationRunbook.ps1"
|
||||
"https://raw.githubusercontent.com/Azure/missionlz/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-AvdDrainMode.ps1"
|
||||
"https://raw.githubusercontent.com/Azure/missionlz/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-FileShareScaling.ps1"
|
||||
"https://raw.githubusercontent.com/Azure/missionlz/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-HostPoolScaling.ps1"
|
||||
"https://raw.githubusercontent.com/Azure/missionlz/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-NtfsPermissions.ps1"
|
||||
"https://raw.githubusercontent.com/Azure/missionlz/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Set-SessionHostConfiguration.ps1"
|
||||
"https://raw.githubusercontent.com/Azure/missionlz/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Update-AvdDesktop.ps1"
|
||||
"https://raw.githubusercontent.com/Azure/missionlz/main/src/bicep/add-ons/azure-virtual-desktop/artifacts/Update-AvdWorkspace.ps1"
|
||||
"https://www.powershellgallery.com/api/v2/package/az.accounts/2.12.1"
|
||||
"https://www.powershellgallery.com/api/v2/package/az.automation/1.9.0"
|
||||
"https://www.powershellgallery.com/api/v2/package/az.compute/5.7.0"
|
||||
|
|
|
|||
|
|
@ -528,7 +528,7 @@ var networks = union([
|
|||
name: 'identity'
|
||||
shortName: 'id'
|
||||
deployUniqueResources: contains([ hubSubscriptionId, operationsSubscriptionId, sharedServicesSubscriptionId ], identitySubscriptionId) ? false : true
|
||||
subscriptionId: sharedServicesSubscriptionId
|
||||
subscriptionId: identitySubscriptionId
|
||||
nsgDiagLogs: identityNetworkSecurityGroupDiagnosticsLogs
|
||||
nsgDiagMetrics: identityNetworkSecurityGroupDiagnosticsMetrics
|
||||
nsgRules: identityNetworkSecurityGroupRules
|
||||
|
|
@ -612,6 +612,7 @@ module customerManagedKeys 'modules/customer-managed-keys.bicep' = {
|
|||
subnetResourceId: networking.outputs.hubSubnetResourceId
|
||||
tags: tags
|
||||
tokens: logic.outputs.tokens
|
||||
workloadShortName: 'ops'
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "9272074813136712214"
|
||||
"templateHash": "9695028398199357369"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -831,7 +831,7 @@
|
|||
],
|
||||
"firewallClientPrivateIpAddress": "[variables('firewallClientUsableIpAddresses')[3]]",
|
||||
"logAnalyticsWorkspaceRetentionInDays": "[if(parameters('deploySentinel'), parameters('logAnalyticsSentinelWorkspaceRetentionInDays'), parameters('logAnalyticsWorkspaceNoSentinelRetentionInDays'))]",
|
||||
"networks": "[union(createArray(createObject('name', 'hub', 'shortName', 'hub', 'deployUniqueResources', true(), 'subscriptionId', parameters('hubSubscriptionId'), 'nsgDiagLogs', parameters('hubNetworkSecurityGroupDiagnosticsLogs'), 'nsgDiagMetrics', parameters('hubNetworkSecurityGroupDiagnosticsMetrics'), 'nsgRules', parameters('hubNetworkSecurityGroupRules'), 'vnetAddressPrefix', parameters('hubVirtualNetworkAddressPrefix'), 'vnetDiagLogs', parameters('hubVirtualNetworkDiagnosticsLogs'), 'vnetDiagMetrics', parameters('hubVirtualNetworkDiagnosticsMetrics'), 'subnetAddressPrefix', parameters('hubSubnetAddressPrefix')), createObject('name', 'operations', 'shortName', 'ops', 'deployUniqueResources', if(contains(createArray(parameters('hubSubscriptionId')), parameters('operationsSubscriptionId')), false(), true()), 'subscriptionId', parameters('operationsSubscriptionId'), 'nsgDiagLogs', parameters('operationsNetworkSecurityGroupDiagnosticsLogs'), 'nsgDiagMetrics', parameters('operationsNetworkSecurityGroupDiagnosticsMetrics'), 'nsgRules', parameters('operationsNetworkSecurityGroupRules'), 'vnetAddressPrefix', parameters('operationsVirtualNetworkAddressPrefix'), 'vnetDiagLogs', parameters('operationsVirtualNetworkDiagnosticsLogs'), 'vnetDiagMetrics', parameters('operationsVirtualNetworkDiagnosticsMetrics'), 'subnetAddressPrefix', parameters('operationsSubnetAddressPrefix')), createObject('name', 'sharedServices', 'shortName', 'svcs', 'deployUniqueResources', if(contains(createArray(parameters('hubSubscriptionId'), parameters('operationsSubscriptionId')), parameters('sharedServicesSubscriptionId')), false(), true()), 'subscriptionId', parameters('sharedServicesSubscriptionId'), 'nsgDiagLogs', parameters('sharedServicesNetworkSecurityGroupDiagnosticsLogs'), 'nsgDiagMetrics', parameters('sharedServicesNetworkSecurityGroupDiagnosticsMetrics'), 'nsgRules', parameters('sharedServicesNetworkSecurityGroupRules'), 'vnetAddressPrefix', parameters('sharedServicesVirtualNetworkAddressPrefix'), 'vnetDiagLogs', parameters('sharedServicesVirtualNetworkDiagnosticsLogs'), 'vnetDiagMetrics', parameters('sharedServicesVirtualNetworkDiagnosticsMetrics'), 'subnetAddressPrefix', parameters('sharedServicesSubnetAddressPrefix'))), if(parameters('deployIdentity'), createArray(createObject('name', 'identity', 'shortName', 'id', 'deployUniqueResources', if(contains(createArray(parameters('hubSubscriptionId'), parameters('operationsSubscriptionId'), parameters('sharedServicesSubscriptionId')), parameters('identitySubscriptionId')), false(), true()), 'subscriptionId', parameters('sharedServicesSubscriptionId'), 'nsgDiagLogs', parameters('identityNetworkSecurityGroupDiagnosticsLogs'), 'nsgDiagMetrics', parameters('identityNetworkSecurityGroupDiagnosticsMetrics'), 'nsgRules', parameters('identityNetworkSecurityGroupRules'), 'vnetAddressPrefix', parameters('identityVirtualNetworkAddressPrefix'), 'vnetDiagLogs', parameters('identityVirtualNetworkDiagnosticsLogs'), 'vnetDiagMetrics', parameters('identityVirtualNetworkDiagnosticsMetrics'), 'subnetAddressPrefix', parameters('identitySubnetAddressPrefix'))), createArray()))]"
|
||||
"networks": "[union(createArray(createObject('name', 'hub', 'shortName', 'hub', 'deployUniqueResources', true(), 'subscriptionId', parameters('hubSubscriptionId'), 'nsgDiagLogs', parameters('hubNetworkSecurityGroupDiagnosticsLogs'), 'nsgDiagMetrics', parameters('hubNetworkSecurityGroupDiagnosticsMetrics'), 'nsgRules', parameters('hubNetworkSecurityGroupRules'), 'vnetAddressPrefix', parameters('hubVirtualNetworkAddressPrefix'), 'vnetDiagLogs', parameters('hubVirtualNetworkDiagnosticsLogs'), 'vnetDiagMetrics', parameters('hubVirtualNetworkDiagnosticsMetrics'), 'subnetAddressPrefix', parameters('hubSubnetAddressPrefix')), createObject('name', 'operations', 'shortName', 'ops', 'deployUniqueResources', if(contains(createArray(parameters('hubSubscriptionId')), parameters('operationsSubscriptionId')), false(), true()), 'subscriptionId', parameters('operationsSubscriptionId'), 'nsgDiagLogs', parameters('operationsNetworkSecurityGroupDiagnosticsLogs'), 'nsgDiagMetrics', parameters('operationsNetworkSecurityGroupDiagnosticsMetrics'), 'nsgRules', parameters('operationsNetworkSecurityGroupRules'), 'vnetAddressPrefix', parameters('operationsVirtualNetworkAddressPrefix'), 'vnetDiagLogs', parameters('operationsVirtualNetworkDiagnosticsLogs'), 'vnetDiagMetrics', parameters('operationsVirtualNetworkDiagnosticsMetrics'), 'subnetAddressPrefix', parameters('operationsSubnetAddressPrefix')), createObject('name', 'sharedServices', 'shortName', 'svcs', 'deployUniqueResources', if(contains(createArray(parameters('hubSubscriptionId'), parameters('operationsSubscriptionId')), parameters('sharedServicesSubscriptionId')), false(), true()), 'subscriptionId', parameters('sharedServicesSubscriptionId'), 'nsgDiagLogs', parameters('sharedServicesNetworkSecurityGroupDiagnosticsLogs'), 'nsgDiagMetrics', parameters('sharedServicesNetworkSecurityGroupDiagnosticsMetrics'), 'nsgRules', parameters('sharedServicesNetworkSecurityGroupRules'), 'vnetAddressPrefix', parameters('sharedServicesVirtualNetworkAddressPrefix'), 'vnetDiagLogs', parameters('sharedServicesVirtualNetworkDiagnosticsLogs'), 'vnetDiagMetrics', parameters('sharedServicesVirtualNetworkDiagnosticsMetrics'), 'subnetAddressPrefix', parameters('sharedServicesSubnetAddressPrefix'))), if(parameters('deployIdentity'), createArray(createObject('name', 'identity', 'shortName', 'id', 'deployUniqueResources', if(contains(createArray(parameters('hubSubscriptionId'), parameters('operationsSubscriptionId'), parameters('sharedServicesSubscriptionId')), parameters('identitySubscriptionId')), false(), true()), 'subscriptionId', parameters('identitySubscriptionId'), 'nsgDiagLogs', parameters('identityNetworkSecurityGroupDiagnosticsLogs'), 'nsgDiagMetrics', parameters('identityNetworkSecurityGroupDiagnosticsMetrics'), 'nsgRules', parameters('identityNetworkSecurityGroupRules'), 'vnetAddressPrefix', parameters('identityVirtualNetworkAddressPrefix'), 'vnetDiagLogs', parameters('identityVirtualNetworkDiagnosticsLogs'), 'vnetDiagMetrics', parameters('identityVirtualNetworkDiagnosticsMetrics'), 'subnetAddressPrefix', parameters('identitySubnetAddressPrefix'))), createArray()))]"
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
|
|
@ -868,7 +868,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "16881625523433024595"
|
||||
"templateHash": "1283486214672349634"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -1381,7 +1381,7 @@
|
|||
},
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('naming-convention-{0}-{1}', parameters('networks')[copyIndex()].name, parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('naming-convention-{0}-{1}', parameters('networks')[copyIndex()].shortName, parameters('deploymentNameSuffix'))]",
|
||||
"location": "[deployment().location]",
|
||||
"properties": {
|
||||
"expressionEvaluationOptions": {
|
||||
|
|
@ -1424,7 +1424,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "2390405762046931912"
|
||||
"templateHash": "10432608483393344913"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -1502,8 +1502,8 @@
|
|||
"privateLinkScopeNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').networkInterfaces), parameters('tokens').service, parameters('resourceAbbreviations').privateLinkScopes)]",
|
||||
"privateLinkScopePrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').privateEndpoints), parameters('tokens').service, parameters('resourceAbbreviations').privateLinkScopes)]",
|
||||
"recoveryServicesVault": "[replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"recoveryServicesNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').networkInterfaces), parameters('tokens').service, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"recoveryServicesPrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').privateEndpoints), parameters('tokens').service, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"recoveryServicesVaultNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').networkInterfaces), parameters('tokens').service, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"recoveryServicesVaultPrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').privateEndpoints), parameters('tokens').service, parameters('resourceAbbreviations').recoveryServicesVaults)]",
|
||||
"resourceGroup": "[replace(variables('namingConvention_Service'), parameters('tokens').resource, parameters('resourceAbbreviations').resourceGroups)]",
|
||||
"routeTable": "[replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').routeTables)]",
|
||||
"storageAccount": "[toLower(replace(replace(replace(variables('namingConvention'), parameters('tokens').resource, parameters('resourceAbbreviations').storageAccounts), parameters('networkName'), parameters('networkShortName')), '-', ''))]",
|
||||
|
|
@ -1566,7 +1566,7 @@
|
|||
"vnetDiagLogs": "[parameters('networks')[copyIndex()].vnetDiagLogs]",
|
||||
"vnetDiagMetrics": "[parameters('networks')[copyIndex()].vnetDiagMetrics]",
|
||||
"subnetAddressPrefix": "[parameters('networks')[copyIndex()].subnetAddressPrefix]",
|
||||
"namingConvention": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('naming-convention-{0}-{1}', parameters('networks')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2022-09-01').outputs.names.value]"
|
||||
"namingConvention": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('naming-convention-{0}-{1}', parameters('networks')[copyIndex()].shortName, parameters('deploymentNameSuffix'))), '2022-09-01').outputs.names.value]"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
@ -1810,7 +1810,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "893825226169234564"
|
||||
"templateHash": "9031150019440566013"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -1963,11 +1963,7 @@
|
|||
"virtualNetworkName": {
|
||||
"value": "[variables('hub').namingConvention.virtualNetwork]"
|
||||
},
|
||||
"vNetDnsServers": {
|
||||
"value": [
|
||||
"[parameters('firewallSettings').clientPrivateIpAddress]"
|
||||
]
|
||||
}
|
||||
"vNetDnsServers": "[if(or(equals(parameters('firewallSettings').skuTier, 'Premium'), equals(parameters('firewallSettings').skuTier, 'Standard')), createObject('value', createArray(parameters('firewallSettings').clientPrivateIpAddress)), createObject('value', createArray()))]"
|
||||
},
|
||||
"template": {
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
|
|
@ -1976,7 +1972,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "16727244682030781582"
|
||||
"templateHash": "592655120704499159"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -2357,9 +2353,6 @@
|
|||
},
|
||||
"vNetDnsServers": {
|
||||
"value": "[parameters('vNetDnsServers')]"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"value": "[parameters('firewallSkuTier')]"
|
||||
}
|
||||
},
|
||||
"template": {
|
||||
|
|
@ -2369,7 +2362,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "4325479931624604061"
|
||||
"templateHash": "2265853539539159849"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -2393,9 +2386,6 @@
|
|||
},
|
||||
"vNetDnsServers": {
|
||||
"type": "array"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"resources": [
|
||||
|
|
@ -2412,26 +2402,30 @@
|
|||
]
|
||||
},
|
||||
"subnets": "[parameters('subnets')]",
|
||||
"dhcpOptions": "[if(and(not(equals(parameters('vNetDnsServers'), null())), or(equals(parameters('firewallSkuTier'), 'Premium'), equals(parameters('firewallSkuTier'), 'Standard'))), createObject('dnsServers', parameters('vNetDnsServers')), null())]"
|
||||
"dhcpOptions": "[if(empty(parameters('vNetDnsServers')), null(), createObject('dnsServers', parameters('vNetDnsServers')))]"
|
||||
}
|
||||
}
|
||||
],
|
||||
"outputs": {
|
||||
"name": {
|
||||
"addressPrefix": {
|
||||
"type": "string",
|
||||
"value": "[parameters('name')]"
|
||||
"value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('name')), '2021-02-01').addressSpace.addressPrefixes[0]]"
|
||||
},
|
||||
"dnsServers": {
|
||||
"type": "array",
|
||||
"value": "[parameters('vNetDnsServers')]"
|
||||
},
|
||||
"id": {
|
||||
"type": "string",
|
||||
"value": "[resourceId('Microsoft.Network/virtualNetworks', parameters('name'))]"
|
||||
},
|
||||
"name": {
|
||||
"type": "string",
|
||||
"value": "[parameters('name')]"
|
||||
},
|
||||
"subnets": {
|
||||
"type": "array",
|
||||
"value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('name')), '2021-02-01').subnets]"
|
||||
},
|
||||
"addressPrefix": {
|
||||
"type": "string",
|
||||
"value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('name')), '2021-02-01').addressSpace.addressPrefixes[0]]"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -2967,6 +2961,10 @@
|
|||
"type": "string",
|
||||
"value": "[if(parameters('deployBastion'), reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2022-09-01').outputs.subnets.value[3].id, '')]"
|
||||
},
|
||||
"dnsServers": {
|
||||
"type": "array",
|
||||
"value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2022-09-01').outputs.dnsServers.value]"
|
||||
},
|
||||
"firewallName": {
|
||||
"type": "string",
|
||||
"value": "[reference(resourceId('Microsoft.Resources/deployments', 'firewall'), '2022-09-01').outputs.name.value]"
|
||||
|
|
@ -3029,9 +3027,6 @@
|
|||
"deployNetworkWatcher": {
|
||||
"value": "[and(parameters('deployNetworkWatcher'), variables('spokes')[copyIndex()].deployUniqueResources)]"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"value": "[parameters('firewallSettings').skuTier]"
|
||||
},
|
||||
"location": {
|
||||
"value": "[parameters('location')]"
|
||||
},
|
||||
|
|
@ -3075,9 +3070,7 @@
|
|||
"value": "[variables('spokes')[copyIndex()].namingConvention.virtualNetwork]"
|
||||
},
|
||||
"vNetDnsServers": {
|
||||
"value": [
|
||||
"[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('hub').subscriptionId, variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.firewallPrivateIPAddress.value]"
|
||||
]
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('hub').subscriptionId, variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.dnsServers.value]"
|
||||
}
|
||||
},
|
||||
"template": {
|
||||
|
|
@ -3087,7 +3080,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "4742978871908330688"
|
||||
"templateHash": "17262762423710705329"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -3098,9 +3091,6 @@
|
|||
"deployNetworkWatcher": {
|
||||
"type": "bool"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"type": "string"
|
||||
},
|
||||
"location": {
|
||||
"type": "string"
|
||||
},
|
||||
|
|
@ -3452,9 +3442,6 @@
|
|||
},
|
||||
"vNetDnsServers": {
|
||||
"value": "[parameters('vNetDnsServers')]"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"value": "[parameters('firewallSkuTier')]"
|
||||
}
|
||||
},
|
||||
"template": {
|
||||
|
|
@ -3464,7 +3451,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "4325479931624604061"
|
||||
"templateHash": "2265853539539159849"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -3488,9 +3475,6 @@
|
|||
},
|
||||
"vNetDnsServers": {
|
||||
"type": "array"
|
||||
},
|
||||
"firewallSkuTier": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"resources": [
|
||||
|
|
@ -3507,26 +3491,30 @@
|
|||
]
|
||||
},
|
||||
"subnets": "[parameters('subnets')]",
|
||||
"dhcpOptions": "[if(and(not(equals(parameters('vNetDnsServers'), null())), or(equals(parameters('firewallSkuTier'), 'Premium'), equals(parameters('firewallSkuTier'), 'Standard'))), createObject('dnsServers', parameters('vNetDnsServers')), null())]"
|
||||
"dhcpOptions": "[if(empty(parameters('vNetDnsServers')), null(), createObject('dnsServers', parameters('vNetDnsServers')))]"
|
||||
}
|
||||
}
|
||||
],
|
||||
"outputs": {
|
||||
"name": {
|
||||
"addressPrefix": {
|
||||
"type": "string",
|
||||
"value": "[parameters('name')]"
|
||||
"value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('name')), '2021-02-01').addressSpace.addressPrefixes[0]]"
|
||||
},
|
||||
"dnsServers": {
|
||||
"type": "array",
|
||||
"value": "[parameters('vNetDnsServers')]"
|
||||
},
|
||||
"id": {
|
||||
"type": "string",
|
||||
"value": "[resourceId('Microsoft.Network/virtualNetworks', parameters('name'))]"
|
||||
},
|
||||
"name": {
|
||||
"type": "string",
|
||||
"value": "[parameters('name')]"
|
||||
},
|
||||
"subnets": {
|
||||
"type": "array",
|
||||
"value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('name')), '2021-02-01').subnets]"
|
||||
},
|
||||
"addressPrefix": {
|
||||
"type": "string",
|
||||
"value": "[reference(resourceId('Microsoft.Network/virtualNetworks', parameters('name')), '2021-02-01').addressSpace.addressPrefixes[0]]"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -3593,14 +3581,17 @@
|
|||
},
|
||||
"mode": "Incremental",
|
||||
"parameters": {
|
||||
"deploymentNameSuffix": {
|
||||
"value": "[parameters('deploymentNameSuffix')]"
|
||||
},
|
||||
"hubVirtualNetworkName": {
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('hub').subscriptionId, variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.virtualNetworkName.value]"
|
||||
},
|
||||
"resourceGroupName": {
|
||||
"value": "[variables('hubResourceGroupName')]"
|
||||
},
|
||||
"spokeName": {
|
||||
"value": "[variables('spokes')[copyIndex()].name]"
|
||||
"spokeShortName": {
|
||||
"value": "[variables('spokes')[copyIndex()].shortName]"
|
||||
},
|
||||
"spokeVirtualNetworkResourceId": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2022-09-01').outputs.virtualNetworkResourceId.value]"
|
||||
|
|
@ -3616,17 +3607,20 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "16991872399359859910"
|
||||
"templateHash": "15781764977326733963"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
"deploymentNameSuffix": {
|
||||
"type": "string"
|
||||
},
|
||||
"hubVirtualNetworkName": {
|
||||
"type": "string"
|
||||
},
|
||||
"resourceGroupName": {
|
||||
"type": "string"
|
||||
},
|
||||
"spokeName": {
|
||||
"spokeShortName": {
|
||||
"type": "string"
|
||||
},
|
||||
"spokeVirtualNetworkResourceId": {
|
||||
|
|
@ -3640,7 +3634,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('hub-to-{0}-vnet-peering', parameters('spokeName'))]",
|
||||
"name": "[format('peer-hub-to-{0}-{1}', parameters('spokeShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('subscriptionId')]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -3719,14 +3713,17 @@
|
|||
},
|
||||
"mode": "Incremental",
|
||||
"parameters": {
|
||||
"deploymentNameSuffix": {
|
||||
"value": "[parameters('deploymentNameSuffix')]"
|
||||
},
|
||||
"hubVirtualNetworkResourceId": {
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('hub').subscriptionId, variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.virtualNetworkResourceId.value]"
|
||||
},
|
||||
"resourceGroupName": {
|
||||
"value": "[variables('spokeResourceGroupNames')[copyIndex()]]"
|
||||
},
|
||||
"spokeName": {
|
||||
"value": "[variables('spokes')[copyIndex()].name]"
|
||||
"spokeShortName": {
|
||||
"value": "[variables('spokes')[copyIndex()].shortName]"
|
||||
},
|
||||
"spokeVirtualNetworkName": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2022-09-01').outputs.virtualNetworkName.value]"
|
||||
|
|
@ -3742,17 +3739,20 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "1081420821337659529"
|
||||
"templateHash": "5158151637829725698"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
"deploymentNameSuffix": {
|
||||
"type": "string"
|
||||
},
|
||||
"hubVirtualNetworkResourceId": {
|
||||
"type": "string"
|
||||
},
|
||||
"resourceGroupName": {
|
||||
"type": "string"
|
||||
},
|
||||
"spokeName": {
|
||||
"spokeShortName": {
|
||||
"type": "string"
|
||||
},
|
||||
"spokeVirtualNetworkName": {
|
||||
|
|
@ -3766,7 +3766,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('{0}-to-hub-vnet-peering', parameters('spokeName'))]",
|
||||
"name": "[format('peer-{0}-to-hub-{1}', parameters('spokeShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('subscriptionId')]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -4094,6 +4094,9 @@
|
|||
},
|
||||
"tokens": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('get-logic-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.tokens.value]"
|
||||
},
|
||||
"workloadShortName": {
|
||||
"value": "ops"
|
||||
}
|
||||
},
|
||||
"template": {
|
||||
|
|
@ -4103,7 +4106,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "7828233421610885078"
|
||||
"templateHash": "12584527779015666762"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -4133,13 +4136,16 @@
|
|||
},
|
||||
"tokens": {
|
||||
"type": "object"
|
||||
},
|
||||
"workloadShortName": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('tier').subscriptionId]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -4392,7 +4398,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-disk-encryption-set-{0}', parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-des-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('tier').subscriptionId]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -4408,10 +4414,10 @@
|
|||
"value": "[parameters('tier').namingConvention.diskEncryptionSet]"
|
||||
},
|
||||
"keyUrl": {
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyUriWithVersion.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyUriWithVersion.value]"
|
||||
},
|
||||
"keyVaultResourceId": {
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultResourceId.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultResourceId.value]"
|
||||
},
|
||||
"location": {
|
||||
"value": "[parameters('location')]"
|
||||
|
|
@ -4419,7 +4425,10 @@
|
|||
"mlzTags": {
|
||||
"value": "[parameters('mlzTags')]"
|
||||
},
|
||||
"tags": "[if(contains(parameters('tags'), 'Microsoft.Compute/diskEncryptionSets'), createObject('value', parameters('tags')['Microsoft.Compute/diskEncryptionSets']), createObject('value', createObject()))]"
|
||||
"tags": "[if(contains(parameters('tags'), 'Microsoft.Compute/diskEncryptionSets'), createObject('value', parameters('tags')['Microsoft.Compute/diskEncryptionSets']), createObject('value', createObject()))]",
|
||||
"workloadShortName": {
|
||||
"value": "[parameters('workloadShortName')]"
|
||||
}
|
||||
},
|
||||
"template": {
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
|
|
@ -4428,7 +4437,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.27.1.19265",
|
||||
"templateHash": "15986878026863280024"
|
||||
"templateHash": "16629693514867638495"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -4452,6 +4461,9 @@
|
|||
},
|
||||
"tags": {
|
||||
"type": "object"
|
||||
},
|
||||
"workloadShortName": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"resources": [
|
||||
|
|
@ -4478,7 +4490,7 @@
|
|||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('assign-role-disk-encryption-set-ops-{0}', parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('assign-role-des-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"properties": {
|
||||
"expressionEvaluationOptions": {
|
||||
"scope": "inner"
|
||||
|
|
@ -4562,13 +4574,13 @@
|
|||
}
|
||||
},
|
||||
"dependsOn": [
|
||||
"[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix')))]"
|
||||
"[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]"
|
||||
]
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Resources/deployments",
|
||||
"apiVersion": "2022-09-01",
|
||||
"name": "[format('deploy-user-assigned-identity-{0}', parameters('deploymentNameSuffix'))]",
|
||||
"name": "[format('deploy-id-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))]",
|
||||
"subscriptionId": "[parameters('tier').subscriptionId]",
|
||||
"resourceGroup": "[parameters('resourceGroupName')]",
|
||||
"properties": {
|
||||
|
|
@ -4578,7 +4590,7 @@
|
|||
"mode": "Incremental",
|
||||
"parameters": {
|
||||
"keyVaultName": {
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultName.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultName.value]"
|
||||
},
|
||||
"location": {
|
||||
"value": "[parameters('location')]"
|
||||
|
|
@ -4652,34 +4664,34 @@
|
|||
}
|
||||
},
|
||||
"dependsOn": [
|
||||
"[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix')))]"
|
||||
"[extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix')))]"
|
||||
]
|
||||
}
|
||||
],
|
||||
"outputs": {
|
||||
"diskEncryptionSetResourceId": {
|
||||
"type": "string",
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-disk-encryption-set-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.resourceId.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-des-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.resourceId.value]"
|
||||
},
|
||||
"keyVaultName": {
|
||||
"type": "string",
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultName.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultName.value]"
|
||||
},
|
||||
"keyVaultUri": {
|
||||
"type": "string",
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultUri.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultUri.value]"
|
||||
},
|
||||
"keyVaultResourceId": {
|
||||
"type": "string",
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultResourceId.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultResourceId.value]"
|
||||
},
|
||||
"storageKeyName": {
|
||||
"type": "string",
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-key-vault-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.storageKeyName.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-kv-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.storageKeyName.value]"
|
||||
},
|
||||
"userAssignedIdentityResourceId": {
|
||||
"type": "string",
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-user-assigned-identity-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.resourceId.value]"
|
||||
"value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('tier').subscriptionId, parameters('resourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-id-{0}-{1}', parameters('workloadShortName'), parameters('deploymentNameSuffix'))), '2022-09-01').outputs.resourceId.value]"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,9 +14,10 @@ param subnetResourceId string
|
|||
param tags object
|
||||
param tier object
|
||||
param tokens object
|
||||
param workloadShortName string
|
||||
|
||||
module keyVault 'key-vault.bicep' = {
|
||||
name: 'deploy-key-vault-${deploymentNameSuffix}'
|
||||
name: 'deploy-kv-${workloadShortName}-${deploymentNameSuffix}'
|
||||
scope: resourceGroup(tier.subscriptionId, resourceGroupName)
|
||||
params: {
|
||||
keyVaultName: take(replace(tier.namingConvention.keyVault, tokens.service, ''), 24)
|
||||
|
|
@ -31,7 +32,7 @@ module keyVault 'key-vault.bicep' = {
|
|||
}
|
||||
|
||||
module diskEncryptionSet 'disk-encryption-set.bicep' = {
|
||||
name: 'deploy-disk-encryption-set-${deploymentNameSuffix}'
|
||||
name: 'deploy-des-${workloadShortName}-${deploymentNameSuffix}'
|
||||
scope: resourceGroup(tier.subscriptionId, resourceGroupName)
|
||||
params: {
|
||||
deploymentNameSuffix: deploymentNameSuffix
|
||||
|
|
@ -41,11 +42,12 @@ module diskEncryptionSet 'disk-encryption-set.bicep' = {
|
|||
location: location
|
||||
mlzTags: mlzTags
|
||||
tags: contains(tags, 'Microsoft.Compute/diskEncryptionSets') ? tags['Microsoft.Compute/diskEncryptionSets'] : {}
|
||||
workloadShortName: workloadShortName
|
||||
}
|
||||
}
|
||||
|
||||
module userAssignedIdentity 'user-assigned-identity.bicep' = {
|
||||
name: 'deploy-user-assigned-identity-${deploymentNameSuffix}'
|
||||
name: 'deploy-id-${workloadShortName}-${deploymentNameSuffix}'
|
||||
scope: resourceGroup(tier.subscriptionId, resourceGroupName)
|
||||
params: {
|
||||
keyVaultName: keyVault.outputs.keyVaultName
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ param keyVaultResourceId string
|
|||
param location string
|
||||
param mlzTags object
|
||||
param tags object
|
||||
param workloadShortName string
|
||||
|
||||
resource diskEncryptionSet 'Microsoft.Compute/diskEncryptionSets@2023-04-02' = {
|
||||
name: diskEncryptionSetName
|
||||
|
|
@ -31,7 +32,7 @@ resource diskEncryptionSet 'Microsoft.Compute/diskEncryptionSets@2023-04-02' = {
|
|||
}
|
||||
|
||||
module roleAssignment 'role-assignment.bicep' = {
|
||||
name: 'assign-role-disk-encryption-set-ops-${deploymentNameSuffix}'
|
||||
name: 'assign-role-des-${workloadShortName}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
principalId: diskEncryptionSet.identity.principalId
|
||||
principalType: 'ServicePrincipal'
|
||||
|
|
|
|||
|
|
@ -5,14 +5,15 @@ Licensed under the MIT License.
|
|||
|
||||
targetScope = 'subscription'
|
||||
|
||||
param deploymentNameSuffix string
|
||||
param hubVirtualNetworkName string
|
||||
param resourceGroupName string
|
||||
param spokeName string
|
||||
param spokeShortName string
|
||||
param spokeVirtualNetworkResourceId string
|
||||
param subscriptionId string
|
||||
|
||||
module hubToSpokePeering '../modules/virtual-network-peering.bicep' = {
|
||||
name: 'hub-to-${spokeName}-vnet-peering'
|
||||
name: 'peer-hub-to-${spokeShortName}-${deploymentNameSuffix}'
|
||||
scope: resourceGroup(subscriptionId, resourceGroupName)
|
||||
params: {
|
||||
remoteVirtualNetworkResourceId: spokeVirtualNetworkResourceId
|
||||
|
|
|
|||
|
|
@ -123,7 +123,6 @@ module virtualNetwork '../modules/virtual-network.bicep' = {
|
|||
subnets: subnets
|
||||
tags: tags
|
||||
vNetDnsServers: vNetDnsServers
|
||||
firewallSkuTier: firewallSkuTier
|
||||
}
|
||||
dependsOn: [
|
||||
networkWatcher
|
||||
|
|
@ -178,6 +177,7 @@ module firewall '../modules/firewall.bicep' = {
|
|||
}
|
||||
|
||||
output bastionHostSubnetResourceId string = deployBastion ? virtualNetwork.outputs.subnets[3].id : ''
|
||||
output dnsServers array = virtualNetwork.outputs.dnsServers
|
||||
output firewallName string = firewall.outputs.name
|
||||
output firewallPrivateIPAddress string = firewall.outputs.privateIPAddress
|
||||
output firewallResourceId string = firewall.outputs.resourceId
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ var tokens = {
|
|||
*/
|
||||
|
||||
module namingConventions 'naming-convention.bicep' = [for network in networks: {
|
||||
name: 'naming-convention-${network.name}-${deploymentNameSuffix}'
|
||||
name: 'naming-convention-${network.shortName}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
locationAbbreviation: locations[location].abbreviation
|
||||
environmentAbbreviation: environmentAbbreviation
|
||||
|
|
|
|||
|
|
@ -85,8 +85,8 @@ var names = {
|
|||
privateLinkScopeNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, resourceAbbreviations.privateLinkScopes)
|
||||
privateLinkScopePrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, resourceAbbreviations.privateLinkScopes)
|
||||
recoveryServicesVault: replace(namingConvention, tokens.resource, resourceAbbreviations.recoveryServicesVaults)
|
||||
recoveryServicesNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, resourceAbbreviations.recoveryServicesVaults)
|
||||
recoveryServicesPrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, resourceAbbreviations.recoveryServicesVaults)
|
||||
recoveryServicesVaultNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, resourceAbbreviations.recoveryServicesVaults)
|
||||
recoveryServicesVaultPrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, resourceAbbreviations.recoveryServicesVaults)
|
||||
resourceGroup: replace(namingConvention_Service, tokens.resource, resourceAbbreviations.resourceGroups)
|
||||
routeTable: replace(namingConvention, tokens.resource, resourceAbbreviations.routeTables)
|
||||
storageAccount: toLower(replace(replace(replace(namingConvention, tokens.resource, resourceAbbreviations.storageAccounts), networkName, networkShortName), '-', ''))
|
||||
|
|
|
|||
|
|
@ -58,9 +58,9 @@ module hubNetwork 'hub-network.bicep' = {
|
|||
tags: tags
|
||||
virtualNetworkAddressPrefix: hub.vnetAddressPrefix
|
||||
virtualNetworkName: hub.namingConvention.virtualNetwork
|
||||
vNetDnsServers: [
|
||||
vNetDnsServers: firewallSettings.skuTier == 'Premium' || firewallSettings.skuTier == 'Standard' ? [
|
||||
firewallSettings.clientPrivateIpAddress
|
||||
]
|
||||
] : []
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -68,7 +68,6 @@ module spokeNetworks 'spoke-network.bicep' = [for (spoke, i) in spokes: {
|
|||
name: 'deploy-vnet-${spoke.name}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
deployNetworkWatcher: deployNetworkWatcher && spoke.deployUniqueResources
|
||||
firewallSkuTier: firewallSettings.skuTier
|
||||
location: location
|
||||
mlzTags: mlzTags
|
||||
networkSecurityGroupName: spoke.namingConvention.networkSecurityGroup
|
||||
|
|
@ -83,7 +82,7 @@ module spokeNetworks 'spoke-network.bicep' = [for (spoke, i) in spokes: {
|
|||
tags: tags
|
||||
virtualNetworkAddressPrefix: spoke.vnetAddressPrefix
|
||||
virtualNetworkName: spoke.namingConvention.virtualNetwork
|
||||
vNetDnsServers: [ hubNetwork.outputs.firewallPrivateIPAddress ]
|
||||
vNetDnsServers: hubNetwork.outputs.dnsServers
|
||||
}
|
||||
}]
|
||||
|
||||
|
|
@ -92,9 +91,10 @@ module spokeNetworks 'spoke-network.bicep' = [for (spoke, i) in spokes: {
|
|||
module hubVirtualNetworkPeerings 'hub-network-peerings.bicep' = [for (spoke, i) in spokes: {
|
||||
name: 'deploy-vnet-peerings-hub-${i}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
deploymentNameSuffix: deploymentNameSuffix
|
||||
hubVirtualNetworkName: hubNetwork.outputs.virtualNetworkName
|
||||
resourceGroupName: hubResourceGroupName
|
||||
spokeName: spoke.name
|
||||
spokeShortName: spoke.shortName
|
||||
spokeVirtualNetworkResourceId: spokeNetworks[i].outputs.virtualNetworkResourceId
|
||||
subscriptionId: hub.subscriptionId
|
||||
}
|
||||
|
|
@ -103,9 +103,10 @@ module hubVirtualNetworkPeerings 'hub-network-peerings.bicep' = [for (spoke, i)
|
|||
module spokeVirtualNetworkPeerings 'spoke-network-peering.bicep' = [for (spoke, i) in spokes: {
|
||||
name: 'deploy-vnet-peerings-${spoke.name}-${deploymentNameSuffix}'
|
||||
params: {
|
||||
deploymentNameSuffix: deploymentNameSuffix
|
||||
hubVirtualNetworkResourceId: hubNetwork.outputs.virtualNetworkResourceId
|
||||
resourceGroupName: spokeResourceGroupNames[i]
|
||||
spokeName: spoke.name
|
||||
spokeShortName: spoke.shortName
|
||||
spokeVirtualNetworkName: spokeNetworks[i].outputs.virtualNetworkName
|
||||
subscriptionId: spoke.subscriptionId
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,14 +5,15 @@ Licensed under the MIT License.
|
|||
|
||||
targetScope = 'subscription'
|
||||
|
||||
param deploymentNameSuffix string
|
||||
param hubVirtualNetworkResourceId string
|
||||
param resourceGroupName string
|
||||
param spokeName string
|
||||
param spokeShortName string
|
||||
param spokeVirtualNetworkName string
|
||||
param subscriptionId string
|
||||
|
||||
module spokeNetworkPeering '../modules/virtual-network-peering.bicep' = {
|
||||
name: '${spokeName}-to-hub-vnet-peering'
|
||||
name: 'peer-${spokeShortName}-to-hub-${deploymentNameSuffix}'
|
||||
scope: resourceGroup(subscriptionId, resourceGroupName)
|
||||
params: {
|
||||
remoteVirtualNetworkResourceId: hubVirtualNetworkResourceId
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@ targetScope = 'subscription'
|
|||
|
||||
param additionalSubnets array = []
|
||||
param deployNetworkWatcher bool
|
||||
param firewallSkuTier string
|
||||
param location string
|
||||
param mlzTags object
|
||||
param networkSecurityGroupName string
|
||||
|
|
@ -106,7 +105,6 @@ module virtualNetwork '../modules/virtual-network.bicep' = {
|
|||
}]
|
||||
tags: tags
|
||||
vNetDnsServers: vNetDnsServers
|
||||
firewallSkuTier: firewallSkuTier
|
||||
}
|
||||
dependsOn: [
|
||||
networkWatcher
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@ param name string
|
|||
param subnets array
|
||||
param tags object
|
||||
param vNetDnsServers array
|
||||
param firewallSkuTier string
|
||||
|
||||
resource virtualNetwork 'Microsoft.Network/virtualNetworks@2021-02-01' = {
|
||||
name: name
|
||||
|
|
@ -23,13 +22,14 @@ resource virtualNetwork 'Microsoft.Network/virtualNetworks@2021-02-01' = {
|
|||
]
|
||||
}
|
||||
subnets: subnets
|
||||
dhcpOptions: (vNetDnsServers != null && (firewallSkuTier == 'Premium' || firewallSkuTier == 'Standard')) ? {
|
||||
dhcpOptions: empty(vNetDnsServers) ? null : {
|
||||
dnsServers: vNetDnsServers
|
||||
} : null
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
output name string = virtualNetwork.name
|
||||
output id string = virtualNetwork.id
|
||||
output subnets array = virtualNetwork.properties.subnets
|
||||
output addressPrefix string = virtualNetwork.properties.addressSpace.addressPrefixes[0]
|
||||
output dnsServers array = vNetDnsServers
|
||||
output id string = virtualNetwork.id
|
||||
output name string = virtualNetwork.name
|
||||
output subnets array = virtualNetwork.properties.subnets
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче