3 Коммитов
| Автор | SHA1 | Сообщение | Дата |
|---|---|---|---|
Kevin Rowlandson
|
4b0c135159
|
Add Firewall Policy (#331)
* Add `azurerm_firewall_policy` resources * Integrate `enable_dns_proxy` setting * Add dependency for Firewall Policy * Add DNS servers and align SKU settings * Update baseline to include Firewall Policy updates * Update debug output * Add `dns_servers` and `sku_tier` to azfw config * Update for `azure_firewall.config.dns_servers` * Add zones to vwan fw to fix #336 * Update policy naming * Update to reflect zones and updated policy names * Enable custom names for public ips and fw policies * Fix issue introduced by replacing `try()` with `lookup()` * Add pip name locals to debug * Additional Firewall Policy settings |
|
|
Kevin Rowlandson
|
739a3f9053
|
Add VWAN deployment capability (#287)
* Add VWAN capabilities to upstream branch (#250) * Initial MVP for virtual wan and hub resources * Update resource dependencies * Refactor to create dedicated resources for vwan * Refactor to simplify for management resources * Replace `try()` with `lookup()` * Update custom settings for Virtual WAN * Add DNS links for spokes connected to Virtual Hubs * Add virtual hub connections * Fix incorrect VPN gateway name (#251) * Fix incorrect VPN gateway name * Refactor test framework for VWAN additions (#265) * Refactor test deployments * Update minimum supported provider version * Fix linting error * Update root_name * Update unit test pipeline * Fix certificate path error * Rename job display names * Update e2e test pipeline * Update location variable * Remove unused TF_PLAN_OUT variable * Update parallelism environment variable * Update path for terraform destroy * Increase job timeouts for e2e * Update OPA value generator for pwsh * Add `planned_values.json` for each test case * Remove trailing whitespace * Update OPA tests script for new framework * Add OPA tasks to Unit Tests job * Remove `.sh` script (to be unified with `.ps1` version) * Refactor OPA installation scripts * Update execution bit * Update task names * Add readme to test framework * Add VWAN config to connectivity settings * Remove unsupported tags object from config * Update minimum supported version to fix #271 * Fix #271 error deleting firewall * Updates to fix #272 * Fix formatting error on fix for #273 * Fix to prevent lock file versions error * Update rego files to reflect changes for #272 * Updated for latest test framework plans * Update conftest baseline * Add opt-out for `terraform destroy` * Update for remote backend configuration * Update dependsOn for test jobs * Update execution bit on script file * Output variables to pipeline * Update auth config for backend * Update backend config for SPN auth * Update comment * Move random `root_id` generation to strategy job * Add SPN credentials to backend configuration * Do not try to overwrite readonly variable * Rename function for linting error * Remove `use_microsoft_graph` due to error * Add `az logout` step * Troubleshoot `terraform init` error * Map dependent variables * Add `az cli` login to init step * Troubleshoot auth issue for `terraform init` * Add `ARM_CLIENT_SECRET` to `terraform init` steps * Add dependent variables to e2e test jobs * Split e2e tests into multiple jobs * Update condition in test loop * Rename jobs * Update timeout on clean-up * Update condition format * Update dependencies * Update conditions * Update conditions * Update timeout and conditions for e2e tests * Rename tasks * Update logic for `terraform destroy` * Update logic for `terraform destroy` * Update condition * Rename e2e clean-up job |
|
|
Kevin Rowlandson
|
e4019d8f89
|
Add connectivity and identity capabilities, plus fixes (#142)
* Add Policy Assignment for Deny-Public-IP * Update archetype definition for identity * Update description on management module variable * Add identity child module * Update order of values * Integrate identity module * Add root_id to identity module Fix missing integration for parameters Fix missing integration for enforcement_mode * Add dependency to fix #109 * Update comments for solutions depends_on block * Add super-linter outputs to gitignore * Update to latest version of github/super-linter * Add initial connectivity-hub-spoke logic * Improve coverage for custom settings * Fix resource type for virtualNetworkGateways * Update for future Virtual WAN support * Add initial connectivity support to module * Add Azure Firewall to connectivity resources * Update Azure logo * Add diagrams for connectivity and identity * Add workflow dispatch to Wiki Sync * Add connectivity and identity info * Initial connectivity and identity content for wiki * Fix linting errors * Enable running Wiki Sync in forks * Update env values * Update module descriptions * Remove logo from readme * Update module version references and root IDs * Refine wiki examples * Update default resource count * Update default values and formatting * Rename management and connectivity resources * Add connectivity resources to outputs * Linting fix for outputs * Add multi-provider support to module * Add multi-provider support to test framework * Update OPA test baseline * Fix linting error * Update provider aliases * Remove configuration_aliases * Update provider config * Update terraform.tf * Remove provider declarations * Update test matrix strategy * Initial wiki update for release v0.4.0 * Fix link for upgrade guide * Initial readme update for release v0.4.0 * Update resource changes * Update provider configuration details in wiki * Update provider configuration details in readme * Add DNS resources to connectivity * adding variables page * Add outbound virtual network peering from hubs * Rename enable_ddos_protection_standard flag * Update variables doc in Wiki * Resolve linting errors * Seperate role assignments by type for #90 This update will create separation between Role Assignments created for Policy vs. user-defined. * Simplify regex pattern * Update policy assignment resource to latest type * Use default location when no private_link_locations * Add dependency for virtual network links * Add new resources to outputs * Update test framework for new connectivity resources * Improve logic to generate outputs * Further improve logic to generate outputs * Remove old comments * Improve custom settings consistency * Add single platform subscription support * Update description in comments * Add new policy source to library tools * Add utility to update ProviderApiVersions.zip * Add WhatIf support * Fix incorrect scope on DNS links * Add logic to handle standard resources for policy imports * Major policy refresh from ES * Update Deploy-Log-Analytics Policy Assignment * Add Corp, Online and SAP landing zones * Fix sku error on Deploy-Log-Analytics policy * Update Policy Assignment Deploy-ASC-Defender Rename to Deploy-ASC-Configuration * removed duplicate "management" key in custom name for management resource group (#140) Co-authored-by: wuest01 <jonas.wueste@bertelsmann.de> * Update Policy Assignments and Archetypes * Fix incorrect casing on pricingTierVMs parameter * Add archetype_config_overrides for connectivity * Add connectivity and identity to parameters and enforcement_mode * Add base tags and update corresponding wiki pages * Add language to fenced code blocks * Add disable_base_module_tags * Fix incorrect whitespace character * Update planned_values.json to reflect latest tests * Update variables documentation * Updating mgmt pages, sidebar, and upgrade to 0.4.0 links (#137) Add management documentation to wiki * Update examples * Fix linting errors * Update to fix #104 * Add latest release information Co-authored-by: sblair01 <cerruleancity@gmail.com> Co-authored-by: jwueste <37145409+jwueste@users.noreply.github.com> Co-authored-by: wuest01 <jonas.wueste@bertelsmann.de> |