зеркало из https://github.com/Azure/missionlz.git
1111 mlz add ons update component order in naming convention (#1118)
* issue 1111 * naming convention and prefix count * GitHub Action: Build Bicep to JSON * Fixed max length in regex * Alphabetized params * GitHub Action: Build Bicep to JSON * Alphabetized params & var value * GitHub Action: Build Bicep to JSON * Alphabetized param, Removed empty line * GitHub Action: Build Bicep to JSON --------- Co-authored-by: github-actions <github-actions@github.com> Co-authored-by: Jason Masten <jamasten@microsoft.com>
This commit is contained in:
tsweatman1
GitHub
Родитель
87450b7d8d
Коммит
cb012dfd09
|
|
@ -229,13 +229,13 @@
|
|||
"label": "Resource Naming Prefix",
|
||||
"type": "Microsoft.Common.TextBox",
|
||||
"defaultValue": "",
|
||||
"toolTip": "Specify a prefix (min 3 and max 6 lowercase characters and numbers) to prepend to all resources.",
|
||||
"toolTip": "Specify a prefix (min 1 and max 6 lowercase characters and numbers) to prepend to all resources.",
|
||||
"constraints": {
|
||||
"required": true,
|
||||
"validations": [
|
||||
{
|
||||
"regex": "^[a-z][a-z0-9]{1,5}$",
|
||||
"message": "The prefix must contain alphanumeric characters, begin with a letter, letters must be lowercase, and the length must be between 3 to 6 characters."
|
||||
"regex": "^[a-z0-9]{1,6}$",
|
||||
"message": "The prefix must contain alphanumeric characters, letters must be lowercase, and the length must be between 1 to 6 characters."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,9 +7,9 @@ targetScope = 'subscription'
|
|||
|
||||
// REQUIRED PARAMETERS
|
||||
|
||||
@minLength(3)
|
||||
@minLength(1)
|
||||
@maxLength(6)
|
||||
@description('A prefix, 3-6 alphanumeric characters without whitespace, used to prefix resources and generate uniqueness for resources with globally unique naming requirements like Storage Accounts and Log Analytics Workspaces')
|
||||
@description('A prefix, 1-6 alphanumeric characters without whitespace, used to prefix resources and generate uniqueness for resources with globally unique naming requirements like Storage Accounts and Log Analytics Workspaces')
|
||||
param resourcePrefix string
|
||||
|
||||
@allowed([
|
||||
|
|
@ -725,10 +725,12 @@ module storage 'modules/storage.bicep' = {
|
|||
blobsPrivateDnsZoneResourceId: networking.outputs.privateDnsZoneResourceIds.blob
|
||||
//deployIdentity: deployIdentity
|
||||
deploymentNameSuffix: deploymentNameSuffix
|
||||
filesPrivateDnsZoneResourceId: networking.outputs.privateDnsZoneResourceIds.file
|
||||
keyVaultUri: customerManagedKeys.outputs.keyVaultUri
|
||||
location: location
|
||||
logStorageSkuName: logStorageSkuName
|
||||
mlzTags: logic.outputs.mlzTags
|
||||
queuesPrivateDnsZoneResourceId: networking.outputs.privateDnsZoneResourceIds.queue
|
||||
resourceGroupNames: resourceGroups.outputs.names
|
||||
serviceToken: logic.outputs.tokens.service
|
||||
storageEncryptionKeyName: customerManagedKeys.outputs.storageKeyName
|
||||
|
|
|
|||
|
|
@ -5,16 +5,16 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.30.23.60470",
|
||||
"templateHash": "12938630250141528569"
|
||||
"templateHash": "16541325671879840467"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
"resourcePrefix": {
|
||||
"type": "string",
|
||||
"minLength": 3,
|
||||
"minLength": 1,
|
||||
"maxLength": 6,
|
||||
"metadata": {
|
||||
"description": "A prefix, 3-6 alphanumeric characters without whitespace, used to prefix resources and generate uniqueness for resources with globally unique naming requirements like Storage Accounts and Log Analytics Workspaces"
|
||||
"description": "A prefix, 1-6 alphanumeric characters without whitespace, used to prefix resources and generate uniqueness for resources with globally unique naming requirements like Storage Accounts and Log Analytics Workspaces"
|
||||
}
|
||||
},
|
||||
"environmentAbbreviation": {
|
||||
|
|
@ -888,7 +888,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.30.23.60470",
|
||||
"templateHash": "11424932506966599764"
|
||||
"templateHash": "16220429751656280628"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -968,7 +968,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.30.23.60470",
|
||||
"templateHash": "7616623366375139473"
|
||||
"templateHash": "3270228280505109788"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -994,6 +994,7 @@
|
|||
"tokens": {
|
||||
"type": "object",
|
||||
"defaultValue": {
|
||||
"purpose": "purpose_token",
|
||||
"resource": "resource_token",
|
||||
"service": "service_token"
|
||||
}
|
||||
|
|
@ -1429,8 +1430,8 @@
|
|||
"locations": "[variables('$fxv#0')[environment().name]]",
|
||||
"locationAbbreviation": "[variables('locations')[parameters('location')].abbreviation]",
|
||||
"resourceAbbreviations": "[variables('$fxv#1')]",
|
||||
"namingConvention": "[format('{0}-{1}{2}-{3}-{4}-{5}', toLower(parameters('resourcePrefix')), if(empty(parameters('stampIndex')), '', format('{0}-', parameters('stampIndex'))), parameters('tokens').resource, parameters('networkName'), parameters('environmentAbbreviation'), variables('locationAbbreviation'))]",
|
||||
"namingConvention_Service": "[format('{0}-{1}{2}-{3}-{4}-{5}-{6}', toLower(parameters('resourcePrefix')), if(empty(parameters('stampIndex')), '', format('{0}-', parameters('stampIndex'))), parameters('tokens').resource, parameters('tokens').service, parameters('networkName'), parameters('environmentAbbreviation'), variables('locationAbbreviation'))]",
|
||||
"namingConvention": "[format('{0}-{1}{2}-{3}-{4}-{5}', toLower(parameters('resourcePrefix')), if(empty(parameters('stampIndex')), '', format('{0}-', parameters('stampIndex'))), parameters('tokens').resource, parameters('networkName'), variables('locationAbbreviation'), parameters('environmentAbbreviation'))]",
|
||||
"namingConvention_Service": "[format('{0}-{1}{2}-{3}-{4}-{5}-{6}', toLower(parameters('resourcePrefix')), if(empty(parameters('stampIndex')), '', format('{0}-', parameters('stampIndex'))), parameters('tokens').resource, parameters('networkName'), parameters('tokens').service, variables('locationAbbreviation'), parameters('environmentAbbreviation'))]",
|
||||
"names": {
|
||||
"actionGroup": "[replace(variables('namingConvention'), parameters('tokens').resource, variables('resourceAbbreviations').actionGroups)]",
|
||||
"applicationGroup": "[replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').applicationGroups)]",
|
||||
|
|
@ -1489,8 +1490,14 @@
|
|||
"routeTable": "[replace(variables('namingConvention'), parameters('tokens').resource, variables('resourceAbbreviations').routeTables)]",
|
||||
"storageAccount": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').storageAccounts), parameters('networkName'), parameters('networkShortName'))]",
|
||||
"storageAccountDiagnosticSetting": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').diagnosticSettings), parameters('tokens').service, format('{0}-{1}', parameters('tokens').service, variables('resourceAbbreviations').storageAccounts))]",
|
||||
"storageAccountNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').networkInterfaces), parameters('tokens').service, format('{0}-{1}', parameters('tokens').service, variables('resourceAbbreviations').storageAccounts))]",
|
||||
"storageAccountPrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').privateEndpoints), parameters('tokens').service, format('{0}-{1}', parameters('tokens').service, variables('resourceAbbreviations').storageAccounts))]",
|
||||
"storageAccountBlobNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').networkInterfaces), parameters('tokens').service, format('{0}-blob', variables('resourceAbbreviations').storageAccounts))]",
|
||||
"storageAccountFileNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').networkInterfaces), parameters('tokens').service, format('{0}-file', variables('resourceAbbreviations').storageAccounts))]",
|
||||
"storageAccountQueueNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').networkInterfaces), parameters('tokens').service, format('{0}-queue', variables('resourceAbbreviations').storageAccounts))]",
|
||||
"storageAccountTableNetworkInterface": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').networkInterfaces), parameters('tokens').service, format('{0}-table', variables('resourceAbbreviations').storageAccounts))]",
|
||||
"storageAccountBlobPrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').privateEndpoints), parameters('tokens').service, format('{0}-blob', variables('resourceAbbreviations').storageAccounts))]",
|
||||
"storageAccountFilePrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').privateEndpoints), parameters('tokens').service, format('{0}-file', variables('resourceAbbreviations').storageAccounts))]",
|
||||
"storageAccountQueuePrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').privateEndpoints), parameters('tokens').service, format('{0}-queue', variables('resourceAbbreviations').storageAccounts))]",
|
||||
"storageAccountTablePrivateEndpoint": "[replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').privateEndpoints), parameters('tokens').service, format('{0}-table', variables('resourceAbbreviations').storageAccounts))]",
|
||||
"subnet": "[replace(variables('namingConvention'), parameters('tokens').resource, variables('resourceAbbreviations').subnets)]",
|
||||
"userAssignedIdentity": "[replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').userAssignedIdentities)]",
|
||||
"virtualMachine": "[replace(replace(replace(replace(variables('namingConvention_Service'), parameters('tokens').resource, variables('resourceAbbreviations').virtualMachines), parameters('environmentAbbreviation'), first(parameters('environmentAbbreviation'))), parameters('networkName'), ''), '-', '')]",
|
||||
|
|
@ -5703,7 +5710,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.30.23.60470",
|
||||
"templateHash": "5548269850951921678"
|
||||
"templateHash": "3503875367735395147"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -6040,7 +6047,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.30.23.60470",
|
||||
"templateHash": "15035921308988452197"
|
||||
"templateHash": "5686981733462823694"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -6195,7 +6202,7 @@
|
|||
},
|
||||
{
|
||||
"type": "Microsoft.Compute/virtualMachines/extensions",
|
||||
"apiVersion": "2021-03-01",
|
||||
"apiVersion": "2024-03-01",
|
||||
"name": "[format('{0}/{1}', parameters('name'), 'GuestAttestation')]",
|
||||
"location": "[parameters('location')]",
|
||||
"tags": "[union(if(contains(parameters('tags'), 'Microsoft.Compute/virtualMachines'), parameters('tags')['Microsoft.Compute/virtualMachines'], createObject()), parameters('mlzTags'))]",
|
||||
|
|
@ -6204,7 +6211,6 @@
|
|||
"type": "GuestAttestation",
|
||||
"typeHandlerVersion": "1.0",
|
||||
"autoUpgradeMinorVersion": true,
|
||||
"enableAutomaticUpgrade": true,
|
||||
"settings": {
|
||||
"AttestationConfig": {
|
||||
"MaaSettings": {
|
||||
|
|
@ -6903,6 +6909,9 @@
|
|||
"deploymentNameSuffix": {
|
||||
"value": "[parameters('deploymentNameSuffix')]"
|
||||
},
|
||||
"filesPrivateDnsZoneResourceId": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-networking-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.privateDnsZoneResourceIds.value.file]"
|
||||
},
|
||||
"keyVaultUri": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-cmk-hub-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.keyVaultUri.value]"
|
||||
},
|
||||
|
|
@ -6915,6 +6924,9 @@
|
|||
"mlzTags": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('get-logic-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.mlzTags.value]"
|
||||
},
|
||||
"queuesPrivateDnsZoneResourceId": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-networking-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.privateDnsZoneResourceIds.value.queue]"
|
||||
},
|
||||
"resourceGroupNames": {
|
||||
"value": "[reference(subscriptionResourceId('Microsoft.Resources/deployments', format('deploy-resource-groups-{0}', parameters('deploymentNameSuffix'))), '2022-09-01').outputs.names.value]"
|
||||
},
|
||||
|
|
@ -6944,7 +6956,7 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.30.23.60470",
|
||||
"templateHash": "15851262372533796124"
|
||||
"templateHash": "11618493610681415173"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
|
|
@ -6954,6 +6966,9 @@
|
|||
"deploymentNameSuffix": {
|
||||
"type": "string"
|
||||
},
|
||||
"filesPrivateDnsZoneResourceId": {
|
||||
"type": "string"
|
||||
},
|
||||
"keyVaultUri": {
|
||||
"type": "string"
|
||||
},
|
||||
|
|
@ -6966,6 +6981,9 @@
|
|||
"mlzTags": {
|
||||
"type": "object"
|
||||
},
|
||||
"queuesPrivateDnsZoneResourceId": {
|
||||
"type": "string"
|
||||
},
|
||||
"resourceGroupNames": {
|
||||
"type": "array"
|
||||
},
|
||||
|
|
@ -7008,6 +7026,9 @@
|
|||
"blobsPrivateDnsZoneResourceId": {
|
||||
"value": "[parameters('blobsPrivateDnsZoneResourceId')]"
|
||||
},
|
||||
"filesPrivateDnsZoneResourceId": {
|
||||
"value": "[parameters('filesPrivateDnsZoneResourceId')]"
|
||||
},
|
||||
"keyVaultUri": {
|
||||
"value": "[parameters('keyVaultUri')]"
|
||||
},
|
||||
|
|
@ -7017,6 +7038,9 @@
|
|||
"mlzTags": {
|
||||
"value": "[parameters('mlzTags')]"
|
||||
},
|
||||
"queuesPrivateDnsZoneResourceId": {
|
||||
"value": "[parameters('queuesPrivateDnsZoneResourceId')]"
|
||||
},
|
||||
"serviceToken": {
|
||||
"value": "[parameters('serviceToken')]"
|
||||
},
|
||||
|
|
@ -7049,13 +7073,16 @@
|
|||
"_generator": {
|
||||
"name": "bicep",
|
||||
"version": "0.30.23.60470",
|
||||
"templateHash": "10231061264498799420"
|
||||
"templateHash": "13359240625570837130"
|
||||
}
|
||||
},
|
||||
"parameters": {
|
||||
"blobsPrivateDnsZoneResourceId": {
|
||||
"type": "string"
|
||||
},
|
||||
"filesPrivateDnsZoneResourceId": {
|
||||
"type": "string"
|
||||
},
|
||||
"keyVaultUri": {
|
||||
"type": "string"
|
||||
},
|
||||
|
|
@ -7065,6 +7092,9 @@
|
|||
"mlzTags": {
|
||||
"type": "object"
|
||||
},
|
||||
"queuesPrivateDnsZoneResourceId": {
|
||||
"type": "string"
|
||||
},
|
||||
"serviceToken": {
|
||||
"type": "string"
|
||||
},
|
||||
|
|
@ -7091,9 +7121,27 @@
|
|||
}
|
||||
},
|
||||
"variables": {
|
||||
"zones": [
|
||||
"[parameters('blobsPrivateDnsZoneResourceId')]",
|
||||
"[parameters('tablesPrivateDnsZoneResourceId')]"
|
||||
"subResources": [
|
||||
{
|
||||
"id": "[parameters('blobsPrivateDnsZoneResourceId')]",
|
||||
"nic": "[parameters('tier').namingConvention.storageAccountBlobNetworkInterface]",
|
||||
"pe": "[parameters('tier').namingConvention.storageAccountBlobPrivateEndpoint]"
|
||||
},
|
||||
{
|
||||
"id": "[parameters('filesPrivateDnsZoneResourceId')]",
|
||||
"nic": "[parameters('tier').namingConvention.storageAccountFileNetworkInterface]",
|
||||
"pe": "[parameters('tier').namingConvention.storageAccountFilePrivateEndpoint]"
|
||||
},
|
||||
{
|
||||
"id": "[parameters('queuesPrivateDnsZoneResourceId')]",
|
||||
"nic": "[parameters('tier').namingConvention.storageAccountQueueNetworkInterface]",
|
||||
"pe": "[parameters('tier').namingConvention.storageAccountQueuePrivateEndpoint]"
|
||||
},
|
||||
{
|
||||
"id": "[parameters('tablesPrivateDnsZoneResourceId')]",
|
||||
"nic": "[parameters('tier').namingConvention.storageAccountTableNetworkInterface]",
|
||||
"pe": "[parameters('tier').namingConvention.storageAccountTablePrivateEndpoint]"
|
||||
}
|
||||
]
|
||||
},
|
||||
"resources": [
|
||||
|
|
@ -7164,22 +7212,22 @@
|
|||
{
|
||||
"copy": {
|
||||
"name": "privateEndpoints",
|
||||
"count": "[length(variables('zones'))]"
|
||||
"count": "[length(variables('subResources'))]"
|
||||
},
|
||||
"type": "Microsoft.Network/privateEndpoints",
|
||||
"apiVersion": "2023-04-01",
|
||||
"name": "[replace(parameters('tier').namingConvention.storageAccountPrivateEndpoint, parameters('serviceToken'), format('{0}-log', split(split(variables('zones')[copyIndex()], '/')[8], '.')[1]))]",
|
||||
"name": "[variables('subResources')[copyIndex()].pe]",
|
||||
"location": "[parameters('location')]",
|
||||
"tags": "[union(if(contains(parameters('tags'), 'Microsoft.Network/privateEndpoints'), parameters('tags')['Microsoft.Network/privateEndpoints'], createObject()), parameters('mlzTags'))]",
|
||||
"properties": {
|
||||
"customNetworkInterfaceName": "[replace(parameters('tier').namingConvention.storageAccountNetworkInterface, parameters('serviceToken'), format('{0}-log', split(split(variables('zones')[copyIndex()], '/')[8], '.')[1]))]",
|
||||
"customNetworkInterfaceName": "[variables('subResources')[copyIndex()].nic]",
|
||||
"privateLinkServiceConnections": [
|
||||
{
|
||||
"name": "[replace(parameters('tier').namingConvention.storageAccountPrivateEndpoint, parameters('serviceToken'), format('{0}-log', split(split(variables('zones')[copyIndex()], '/')[8], '.')[1]))]",
|
||||
"name": "[variables('subResources')[copyIndex()].pe]",
|
||||
"properties": {
|
||||
"privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts', uniqueString(replace(parameters('tier').namingConvention.storageAccount, parameters('serviceToken'), 'log'), resourceGroup().id))]",
|
||||
"groupIds": [
|
||||
"[split(split(variables('zones')[copyIndex()], '/')[8], '.')[1]]"
|
||||
"[split(split(variables('subResources')[copyIndex()].id, '/')[8], '.')[1]]"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
|
@ -7195,23 +7243,23 @@
|
|||
{
|
||||
"copy": {
|
||||
"name": "privateDnsZoneGroups",
|
||||
"count": "[length(variables('zones'))]"
|
||||
"count": "[length(variables('subResources'))]"
|
||||
},
|
||||
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups",
|
||||
"apiVersion": "2021-08-01",
|
||||
"name": "[format('{0}/{1}', replace(parameters('tier').namingConvention.storageAccountPrivateEndpoint, parameters('serviceToken'), format('{0}-log', split(split(variables('zones')[copyIndex()], '/')[8], '.')[1])), uniqueString(replace(parameters('tier').namingConvention.storageAccount, parameters('serviceToken'), 'log'), resourceGroup().id))]",
|
||||
"name": "[format('{0}/{1}', variables('subResources')[copyIndex()].pe, uniqueString(replace(parameters('tier').namingConvention.storageAccount, parameters('serviceToken'), 'log'), resourceGroup().id))]",
|
||||
"properties": {
|
||||
"privateDnsZoneConfigs": [
|
||||
{
|
||||
"name": "ipconfig1",
|
||||
"properties": {
|
||||
"privateDnsZoneId": "[variables('zones')[copyIndex()]]"
|
||||
"privateDnsZoneId": "[variables('subResources')[copyIndex()].id]"
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Network/privateEndpoints', replace(parameters('tier').namingConvention.storageAccountPrivateEndpoint, parameters('serviceToken'), format('{0}-log', split(split(variables('zones')[copyIndex()], '/')[8], '.')[1])))]",
|
||||
"[resourceId('Microsoft.Network/privateEndpoints', variables('subResources')[copyIndex()].pe)]",
|
||||
"[resourceId('Microsoft.Storage/storageAccounts', uniqueString(replace(parameters('tier').namingConvention.storageAccount, parameters('serviceToken'), 'log'), resourceGroup().id))]"
|
||||
]
|
||||
}
|
||||
|
|
|
|||
|
|
@ -118,7 +118,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2021-04-01' = {
|
|||
}
|
||||
}
|
||||
|
||||
resource guestAttestationExtension 'Microsoft.Compute/virtualMachines/extensions@2021-03-01' = {
|
||||
resource guestAttestationExtension 'Microsoft.Compute/virtualMachines/extensions@2024-03-01' = {
|
||||
parent: virtualMachine
|
||||
name: 'GuestAttestation'
|
||||
location: location
|
||||
|
|
@ -128,7 +128,6 @@ resource guestAttestationExtension 'Microsoft.Compute/virtualMachines/extensions
|
|||
type: 'GuestAttestation'
|
||||
typeHandlerVersion: '1.0'
|
||||
autoUpgradeMinorVersion: true
|
||||
enableAutomaticUpgrade: true
|
||||
settings: {
|
||||
AttestationConfig: {
|
||||
MaaSettings: {
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ param networkShortName string
|
|||
param resourcePrefix string
|
||||
param stampIndex string = '' // Optional: Added to support AVD deployments
|
||||
param tokens object = {
|
||||
purpose:'purpose_token'
|
||||
resource: 'resource_token'
|
||||
service: 'service_token'
|
||||
}
|
||||
|
|
@ -33,8 +34,8 @@ var resourceAbbreviations = loadJsonContent('../data/resourceAbbreviations.json'
|
|||
|
||||
*/
|
||||
|
||||
var namingConvention = '${toLower(resourcePrefix)}-${empty(stampIndex) ? '' : '${stampIndex}-'}${tokens.resource}-${networkName}-${environmentAbbreviation}-${locationAbbreviation}'
|
||||
var namingConvention_Service = '${toLower(resourcePrefix)}-${empty(stampIndex) ? '' : '${stampIndex}-'}${tokens.resource}-${tokens.service}-${networkName}-${environmentAbbreviation}-${locationAbbreviation}'
|
||||
var namingConvention = '${toLower(resourcePrefix)}-${empty(stampIndex) ? '' : '${stampIndex}-'}${tokens.resource}-${networkName}-${locationAbbreviation}-${environmentAbbreviation}'
|
||||
var namingConvention_Service = '${toLower(resourcePrefix)}-${empty(stampIndex) ? '' : '${stampIndex}-'}${tokens.resource}-${networkName}-${tokens.service}-${locationAbbreviation}-${environmentAbbreviation}'
|
||||
|
||||
/*
|
||||
|
||||
|
|
@ -106,8 +107,14 @@ var names = {
|
|||
routeTable: replace(namingConvention, tokens.resource, resourceAbbreviations.routeTables)
|
||||
storageAccount: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.storageAccounts), networkName, networkShortName)
|
||||
storageAccountDiagnosticSetting: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.diagnosticSettings), tokens.service, '${tokens.service}-${resourceAbbreviations.storageAccounts}')
|
||||
storageAccountNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${tokens.service}-${resourceAbbreviations.storageAccounts}')
|
||||
storageAccountPrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${tokens.service}-${resourceAbbreviations.storageAccounts}')
|
||||
storageAccountBlobNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${resourceAbbreviations.storageAccounts}-blob')
|
||||
storageAccountFileNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${resourceAbbreviations.storageAccounts}-file')
|
||||
storageAccountQueueNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${resourceAbbreviations.storageAccounts}-queue')
|
||||
storageAccountTableNetworkInterface: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.networkInterfaces), tokens.service, '${resourceAbbreviations.storageAccounts}-table')
|
||||
storageAccountBlobPrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${resourceAbbreviations.storageAccounts}-blob')
|
||||
storageAccountFilePrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${resourceAbbreviations.storageAccounts}-file')
|
||||
storageAccountQueuePrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${resourceAbbreviations.storageAccounts}-queue')
|
||||
storageAccountTablePrivateEndpoint: replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.privateEndpoints), tokens.service, '${resourceAbbreviations.storageAccounts}-table')
|
||||
subnet: replace(namingConvention, tokens.resource, resourceAbbreviations.subnets)
|
||||
userAssignedIdentity: replace(namingConvention_Service, tokens.resource, resourceAbbreviations.userAssignedIdentities)
|
||||
virtualMachine: replace(replace(replace(replace(namingConvention_Service, tokens.resource, resourceAbbreviations.virtualMachines), environmentAbbreviation, first(environmentAbbreviation)), networkName, ''), '-', '')
|
||||
|
|
|
|||
|
|
@ -4,9 +4,11 @@ Licensed under the MIT License.
|
|||
*/
|
||||
|
||||
param blobsPrivateDnsZoneResourceId string
|
||||
param filesPrivateDnsZoneResourceId string
|
||||
param keyVaultUri string
|
||||
param location string
|
||||
param mlzTags object
|
||||
param queuesPrivateDnsZoneResourceId string
|
||||
param serviceToken string
|
||||
param skuName string
|
||||
param storageEncryptionKeyName string
|
||||
|
|
@ -16,9 +18,27 @@ param tags object
|
|||
param tier object
|
||||
param userAssignedIdentityResourceId string
|
||||
|
||||
var zones = [
|
||||
blobsPrivateDnsZoneResourceId
|
||||
tablesPrivateDnsZoneResourceId
|
||||
var subResources = [
|
||||
{
|
||||
id: blobsPrivateDnsZoneResourceId
|
||||
nic: tier.namingConvention.storageAccountBlobNetworkInterface
|
||||
pe: tier.namingConvention.storageAccountBlobPrivateEndpoint
|
||||
}
|
||||
{
|
||||
id: filesPrivateDnsZoneResourceId
|
||||
nic: tier.namingConvention.storageAccountFileNetworkInterface
|
||||
pe: tier.namingConvention.storageAccountFilePrivateEndpoint
|
||||
}
|
||||
{
|
||||
id: queuesPrivateDnsZoneResourceId
|
||||
nic: tier.namingConvention.storageAccountQueueNetworkInterface
|
||||
pe: tier.namingConvention.storageAccountQueuePrivateEndpoint
|
||||
}
|
||||
{
|
||||
id: tablesPrivateDnsZoneResourceId
|
||||
nic: tier.namingConvention.storageAccountTableNetworkInterface
|
||||
pe: tier.namingConvention.storageAccountTablePrivateEndpoint
|
||||
}
|
||||
]
|
||||
|
||||
resource storageAccount 'Microsoft.Storage/storageAccounts@2023-01-01' = {
|
||||
|
|
@ -84,19 +104,19 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2023-01-01' = {
|
|||
}
|
||||
}
|
||||
|
||||
resource privateEndpoints 'Microsoft.Network/privateEndpoints@2023-04-01' = [for (zone, i) in zones: {
|
||||
name: replace(tier.namingConvention.storageAccountPrivateEndpoint, serviceToken, '${split(split(zone, '/')[8], '.')[1]}-log')
|
||||
resource privateEndpoints 'Microsoft.Network/privateEndpoints@2023-04-01' = [for (resource, i) in subResources: {
|
||||
name: resource.pe
|
||||
location: location
|
||||
tags: union(contains(tags, 'Microsoft.Network/privateEndpoints') ? tags['Microsoft.Network/privateEndpoints'] : {}, mlzTags)
|
||||
properties: {
|
||||
customNetworkInterfaceName: replace(tier.namingConvention.storageAccountNetworkInterface, serviceToken, '${split(split(zone, '/')[8], '.')[1]}-log')
|
||||
customNetworkInterfaceName: resource.nic
|
||||
privateLinkServiceConnections: [
|
||||
{
|
||||
name: replace(tier.namingConvention.storageAccountPrivateEndpoint, serviceToken, '${split(split(zone, '/')[8], '.')[1]}-log')
|
||||
name: resource.pe
|
||||
properties: {
|
||||
privateLinkServiceId: storageAccount.id
|
||||
groupIds: [
|
||||
split(split(zone, '/')[8], '.')[1]
|
||||
split(split(resource.id, '/')[8], '.')[1]
|
||||
]
|
||||
}
|
||||
}
|
||||
|
|
@ -107,7 +127,7 @@ resource privateEndpoints 'Microsoft.Network/privateEndpoints@2023-04-01' = [for
|
|||
}
|
||||
}]
|
||||
|
||||
resource privateDnsZoneGroups 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2021-08-01' = [for (zone, i) in zones: {
|
||||
resource privateDnsZoneGroups 'Microsoft.Network/privateEndpoints/privateDnsZoneGroups@2021-08-01' = [for (resource, i) in subResources: {
|
||||
parent: privateEndpoints[i]
|
||||
name: storageAccount.name
|
||||
properties: {
|
||||
|
|
@ -116,7 +136,7 @@ resource privateDnsZoneGroups 'Microsoft.Network/privateEndpoints/privateDnsZone
|
|||
name: 'ipconfig1'
|
||||
properties: {
|
||||
#disable-next-line use-resource-id-functions
|
||||
privateDnsZoneId: zone
|
||||
privateDnsZoneId: resource.id
|
||||
}
|
||||
}
|
||||
]
|
||||
|
|
|
|||
|
|
@ -8,10 +8,12 @@ targetScope = 'subscription'
|
|||
param blobsPrivateDnsZoneResourceId string
|
||||
//param deployIdentity bool
|
||||
param deploymentNameSuffix string
|
||||
param filesPrivateDnsZoneResourceId string
|
||||
param keyVaultUri string
|
||||
param location string
|
||||
param logStorageSkuName string
|
||||
param mlzTags object
|
||||
param queuesPrivateDnsZoneResourceId string
|
||||
param resourceGroupNames array
|
||||
param serviceToken string
|
||||
param storageEncryptionKeyName string
|
||||
|
|
@ -25,9 +27,11 @@ module storageAccount 'storage-account.bicep' = [for (tier, i) in tiers: {
|
|||
scope: resourceGroup(tier.subscriptionId, resourceGroupNames[i])
|
||||
params: {
|
||||
blobsPrivateDnsZoneResourceId: blobsPrivateDnsZoneResourceId
|
||||
filesPrivateDnsZoneResourceId: filesPrivateDnsZoneResourceId
|
||||
keyVaultUri: keyVaultUri
|
||||
location: location
|
||||
mlzTags: mlzTags
|
||||
queuesPrivateDnsZoneResourceId: queuesPrivateDnsZoneResourceId
|
||||
serviceToken: serviceToken
|
||||
skuName: logStorageSkuName
|
||||
storageEncryptionKeyName: storageEncryptionKeyName
|
||||
|
|
@ -40,5 +44,3 @@ module storageAccount 'storage-account.bicep' = [for (tier, i) in tiers: {
|
|||
}]
|
||||
|
||||
output storageAccountResourceIds array = [for (tier, i) in tiers: storageAccount[i].outputs.id]
|
||||
|
||||
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче