* revmoing version from orchestration files
* removed logic for module subpath
* removed examples using "2.0" folder
* removing the '2.0' folder from modules
* Completed the initial implementation.
* Finalized the changes and tested
* Changes based on feedback from today's review
* Changes post running tested.
* Changes to optimize the code.
* Changes based on feedback. First round of corrections.
* Fix added for multi-subscription deployment
* Added Debug argument for troubleshooting pipeline
* Reset the context change after storage setup
* Minor update to fix type
* Added Debug flag
* Minor update
* Update to avoid switching subscription when in validation mode
* Debugging consolidation script
* More debugging
* Debugging continued
* Debugging continued 2
* Removed extra Cmdlet that pollutes the outputs
* Logging to troubleshoot invalid cache in pipeline added
* Applied a fix for AzureDevOps Cache implementation to cache objects arrays and object
* Convert cache string to object when possible
* More logging added
* Test-Json logic may be flawed. Debugging it.
* Debug
* Pipeline bootstrap var added
* Debugging failed module - AKS
* Merged the rootcert.ps1 and rootcert.sh
* Debugging On-Prem Archetype
* Debugging On-Prem
* Feedback based on recent changes.
* Changes based on PR feedback
* Changed based on PR feedback
* Added Debug for storage accounts
* Preserving the context after bootstrap.
* Added the missing parameter
* Initialize and Teardown of Validation Resource Group logic added
* Excluding the dependency on the SetupValidationResourceGroup job because it was removed.
* Removed orphaned dependencies
* Added missing mode parameter
* Fixed invalid function name
* Validation Resource Group default location set
* Passing the validation resource group created based on archetype instance name
* Missing variable fixed
* Missing parameter is passed to the method
* ResourceGroupName for validation RG is reset
* Minor change to validation group name
* Minor updates
* Removed the constrain to switch subscription on deploy mode only
* Setup and Teardown testing in the same job
* Resource Group name being reset on delete
* Commented out the write-host used for debugging
* Destroy the validation resource group at the end
* Setup of validation resource group is now merged with deployment resource group setup logic.
* Typo in function name
* typo in function name fixed
* Added debug lines
* Removed the extra condition that prevented the creation of rg in validation mode
* Fix for teardown of rg
* Running SecurityCenter module in debug mode
* Fix for UpdateAzureFirewall added
* Storing outputs as objects instead of hashtables.
* Avoiding ConvertTo-Json due to serialization problem
* Fix applied for Output conversion
* Comments added.
* Cleaned up comments.
* Cleaned up based on feedback item
* Change to AzureFirewall Id to reference the output
* Fixed the incorrect token
* Running storage module in debug mode
* Empty string values need to evaluate to false
* Modified cache key retrieval logic
* Validation of resource group moved inside InvokeARMOperation method
* Minor var name fix
* Debugging UpdateAzFw module
* Teardown should also create the validation resource group
* Using different secrets group
* Updated the service conn. profile
* Updated the CreateRootCertificate module
* Pipeline will now use test var group
* OnPremises pipeline's sc updated
* Updated the path after on-premises folder name change
* Added isOutput=true to bootstrap initialize
* Updated Shared Services Pipeline yaml for testing
* Shared Services OnPrem Extension updated
* Adding Debug to Azfw for troubleshooting
* P2S root certificate generation script fixed
* Debug added for vgw
* Updated the deployment name for Shared Services without OnPremises extension for testing
* Debug added for OnPremises extension for storage account
* Debug added to all modules
* Fixed indention and Null Guid issue
* Location updated
* Debugging all modules
* Minor fix
* Removed isOutput from the PowerShell script
* Fixed Test-JsonContent
* Enabled artifacts storage account
* Reverted the changes to pipeline yaml files
* Reverted changes to pipeline yaml
* Revert the change to deployment name in Shared Services
* Reverted the artifacts storage account name
* Removed comments in Test-JsonContent
* Merging the changes from AKS & OnPremises (#121)
* Continuing Shared Services deployment
* Updated the order of execution of the components
* Updated location of the Shared Services Archetype
* Modified the code to use the location from the parameters file or module configuration and not subscription
* Removed additional logic for location of the resource group and reusing the existing location var
* Updated the parameters value being passed for Disk Encryption module
* Accounting for output of simple data types
* Using Test Var Group
* Updated the SC
* Debugging EventHub
* Changed the order of execution of AKS LandingZone in pipeline
* Reordering the modules
* AKS deployment
* Fix
* Added a new rule to the firewall
* Reverted changes before PR submission
* Removed the additional Debug flag during invocation
* Reverting the ArtifactsStorageAccount and making it disabled
* Reverting the changes to Parameters.json for OnPremises Extended version
* Reverting Artifacts Storage Account Name.
* Reverting the parameters file in Shared Service Non-Extended Version
* Added RBAC to AKS
* Merging deltas / updates to AKS-OnPrem-Feedback Branch (#129)
* Updated the pipeline to run in MS Subscription
* Fixed the name of the var group
* Updated the region.
* Minor changes as per discussion
* Added NSG flow module to the archetypes - AKS and OnPremises
* Adding the enable.flow.logs under NetworkSecurityGroups module. This will be added again after merge vnext post jcotillo/governance-stage branch merge to vnext.
* Reverted back the secret group name and service connection name
* Added the Enable NSG Flow Logs module to pipeline yaml file.
* Split the AKS into three stage deployment - included ApplyGovernance stage
* Minor updates to stage names
* Updates from today's discussion
* Corrected the DeployEnvironment Stage
* Minor update
* Added the missing switch for TearDownValidationResourceGroup
* Shared Services non extended version updated
* Updates to add diagnostic settings to EventHub
* PR finalized.
* created new pipeline stage
* updated artifacts storage account reference
* updated location reference on all archetypes
* rolled back to West US region
* moved domain admin information to shared services object
* removed comments and updated kv name
* Enabled Service Map and diag strg connection
* added diagnostic and logging to resources
* enabled monitoring on PaaS services
* enable service endpoint on diagnostics
* updated adds asg
* enable accelerated networking by default
* fixed vmss template and added nsg flow logs script
* updated pipelines to match orchestration.json
* fixed onpremises pipeline reference name
* renamed environment folder
* fixed stage name
* fixed path name
* removed landing zone from shared services pipeline
* added governance
* added custom task to upload scripts to SA
* updated Linux VM SKU
* updated availability set default name
* fixed unit tests
* removed dependency
* removed log analytics dependency
* fixed NSG flow logs relative path
* updated ntier iaas archetype stage name
* fixed module name
* updated diagnostic storage account name
* updated default config
* added missing parameter
* fixed shared services parameter reference
* moved parameter files into test folder
* updated diagnostic settings
* added missing parameters to sample parameter file
* updated base on feedback
* updated test context names
* Initial logic for preserve arguments order for a script module added
* Changes made based on feedback
* Added new bash script
* Removing debug statements for clean up prior to PR submission
* Updates made as per feedback.
* fixed bugs: 7105, 7107, implemented task: 7088
* enabled public ip on dc, updated hard coded onprem organization name
* Disabled certificate creation in onprem. added blob upload inline script
* Updated artifacts reference, included onprem deployment instance name
* AKS Archetype - Initial Commit
* Change in pipeline variable group for testing
* Corrected dependency to the teardown of validation resource group
* Corrected the dependsOn for TearDownValidationResourceGroup
* Changed the Azure Subscription
* Changed from SharedServices to AKS in pipeline.yml
* Added missing Tests folder
* Removing duplicate task
* Updates to new modules
* Separate module for application rule
* Update to application rule module
* Clean up
* Cleaned up security center module
* Multiple var groups
* Added var groups for AKS
* Added env vars for User group IDs
* Updated the Packer agent file to include the az cli installation
* Splitting into Archetype and LandingZone
* Updated the paths in pipeline.yml after restructuring folders
* More updates to file paths
* AzureSecurityCenter correction
* Separate module for updating Azure Firewall
* Code fix for prevention of resource group while executing scripts
* Corrections to the orchestration and parameters file
* Added the Azure Firewall update section to the pipeline yml file
* Fixed json parameters file for AKS module that was formatted incorrectly
* Minor fixes to Virtual Network
* Updated the subscription GUIDs and added a subscription info for AKS
* Changed vNet to VirtualNetwork. Also, added dependsOn for AKS Archetype in Orchestration file.
* Changed the KeyVault behavior to enable Service EndPoint after Landing Zone deployment.
* Orchestration and Pipeline updates for AKS Archetype
* AKS Archetype pipeline / orchestration update
* Fixed unsupported versions for aks
* Changes based on feedback from AKS Archetype review
* Minor changes - feedback work continued
* Pipeline changes specific to AKS LandingZone
* AKS Archetype - Initial Commit
* Change in pipeline variable group for testing
* Corrected dependency to the teardown of validation resource group
* Corrected the dependsOn for TearDownValidationResourceGroup
* Changed the Azure Subscription
* Changed from SharedServices to AKS in pipeline.yml
* Added missing Tests folder
* Removing duplicate task
* Updates to new modules
* Separate module for application rule
* Update to application rule module
* Clean up
* Cleaned up security center module
* Multiple var groups
* Added var groups for AKS
* Added env vars for User group IDs
* Updated the Packer agent file to include the az cli installation
* Splitting into Archetype and LandingZone
* Updated the paths in pipeline.yml after restructuring folders
* More updates to file paths
* AzureSecurityCenter correction
* Separate module for updating Azure Firewall
* Code fix for prevention of resource group while executing scripts
* Corrections to the orchestration and parameters file
* Added the Azure Firewall update section to the pipeline yml file
* Fixed json parameters file for AKS module that was formatted incorrectly
* Minor fixes to Virtual Network
* Updated the subscription GUIDs and added a subscription info for AKS
* Changed vNet to VirtualNetwork. Also, added dependsOn for AKS Archetype in Orchestration file.
* Changed the KeyVault behavior to enable Service EndPoint after Landing Zone deployment.
* Orchestration and Pipeline updates for AKS Archetype
* AKS Archetype pipeline / orchestration update
* Fixed unsupported versions for aks
* Changes based on feedback from AKS Archetype review
* Minor changes - feedback work continued
* Pipeline changes specific to AKS LandingZone
* Changes based on testing firewall rules update logic
* Pipeline yml file updated
* Minor update
* Minor update
* Minor update
* Minor correction to file path
* Minor file path correction
* Minor correction
* Debug statements added
* Fix for Azure Firewall scripts
* Updated
* Updated
* Minor update
* Pipeline jobs rearranged.
* File path fixed
* Fixes to chmod script
* Minor fixes
* Updated the dependencies
* Corrected the bootstrap var in pipeline
* Live updates from feedback review
* Fixes based on today's review
* initial push of ntier iaas modules
* added azure bastion subnet
* updated landing zone dependencies, added topological sort
* added topological sort implementation
* added project file
* added newtonsoft package
* added todo comment
* added circular reference verification on topological sort
* moved landing zone to its own folder. added domain join extension to vm template
* added joined to domain extension on VMSS
* renamed sql server always on template and added join domain extension in vmss
* fixed unit test
* fixed all unit tests
* added IIS template
* added parameters to ntier-iaas archetype
* finished orchestration of ntier-iaas
* fixed unit test
* added missing files
* updated parameter values
* fix access token retrieval
* added missing module definitions
* Initial commit for On-Premise Archetype
* Corrected depends-on for pipeline
* Moving ArtifactsStorageAccount module to the top and adding a ADO task for uploading scripts required for AD module
* Added a dependency to upload scripts for AD module
* Added a separate stage for uploading artifacts.
* Invalid dependency removed
* Importing Az.Storage Module before executing other commands.
* Printing out modules path
* Remove Artifacts storage from test
* Minor change to UploadScripts module
* Minor change
* Minor Change to update PSModulePath
* Testing
* Minor path fix
* Minor changes to file path regex to be non-greedy
* Pipeline fixed with reorder Artifacts storage and scripts upload to Artifacts storage
* Minor updates
* Moved the Installation of the PowerShell modules one folder up
* Point-to-Site VPN added to On-Premise Archetype
* Cleaned up the scripts for VPN Root Cert creation
* Finalized Script
* Modularization of Virtual Machine templates (#101)
* initial commit
* moved parameters file outside of the module
* initial commit of new Jumpbox design
* added encryption task
* removed unnecessary parameters
* initial implementation of encryption using kek
* fixed output storage from custom script
* Added format data disks DSC
* added adds dsc that excludes disk formatting
* removed dsc folder
* added policy and rbac tests
* removed 0 file
* updated template static test
* updated ad and adds templates
* updated non-extended shared services environment
* updated display names
* added enable key vault service endpoint task
* fix validate dependency
* fixed task name
* fixed module definition reference
* fixed azure firewall api version
* fixed pipeline and added new environment variable
* updated azure firewall api version
* fixed key vault access policy
* updated parameters comment
* updated zones copy loop
* updated zones condition
* fixed parameters.json error
* removed double quote encoding
* added string array to zones
* updated description name
* updated output reference to lowercase
* enabled debug on AD encryption
* enabled debug on AD encryption
* moved enabling service endpoint of Key Vault after VM deployment
* disabled validation stage
* enabled pipelines
* added SQL Analytics solution
* removed uneeded parameter
* added disk verification before formatting a disk
* updated DSC code
* removed data jumpbox datadisk
* added drive letter parameter to adds
* added workaround to prevent storage initialization multiple times
* added get public IP ps1
* removed finally block
* updated get ip ps1 path
* updated network rules copy loop:
* removed networkacls from initial key vault deployment
* explicit set of ps1 argument
* updated initialize file
* fixed return type
* fixed return type from getSasToken function
* added ashashtable to convert from json cmdlet
* added networkAcls with IP whitelisting
* added test-jsoncontent to helper
* added debug
* updated storage account details cache value
* removed debug flag
* updated set variable syntax
* fixed variable name
* added -Compress to JSON string creation
* updated default action on kv networkacls
* added global variable
* updated variable name
* Update pipeline.yml for Azure Pipelines
* moved org name as env variable
* update pipeline
* Update pipeline.yml for Azure Pipelines
* added additional logging info
* temp reduced validation tasks
* fixed dependency
* removed global variable from pipeline
* enabled debug on deployment
* enabled debug
* moved similar tasks into same job
* updated shared services extended pipeline
* removed write-host
* enabled multi-stage jobs
* added env variables
* updated variable set
* removed comments from inline script
* updated pipeline, pass variable between jobs
* added missing environment variable retrieval
* removed unnecessary write-host
* added vnet dependency
* updated job output dependency name
* added multi-job variable
* updated modules path of shared services onprem extension
* fixed parameters
* removed active directory reference
* added Virtual Network dependency
* added spn access policy
* moved dns server as a separate task
* removed additional api calls
* removed duplicate
* added logic for more than one resource ids
* Added exponential backoff logic (#103)
* output az graph query
* Update pipeline.yml for Azure Pipelines
* Restore pipeline stages
* added exponential backoff
* added exponential backoff
* added debug function
* Exception handling functions added to Helper (#102)
* Applied the changes
* Minor changes to the exception
* Cleanup
* Cleaned up one of the function
* minor change
* Merged the Exponential backoff logic with Get exception
* Fix for excluding resource ids from file path parse logic
* fixed - expression syntax
* updated required parameter
* removed dns server task
* enhanced error message details
* updated adds vm name
* added exception analyzer to ARM REST API call
* fixed Get-Exception cmdlet invocation
* added comments to set-context cmdlet
* Added KeyVault service point
* Updated the Archetype to include the new Active Directory Module and new Virtual Machine Module.
* Updated the On-Premise Pipeline
* Minor updates to the pipeline yml file
* Added missing dependency
* Minor update
* More updates to dependencies
* enable pip only if sepcified
* Minor update to enable Pip in VGW
* Minor update to VGW
* CHanged casing on labvm files (#106)
* Error parser logic fixed (#108)
* Initial commit for On-Premise Archetype
* Corrected depends-on for pipeline
* Moving ArtifactsStorageAccount module to the top and adding a ADO task for uploading scripts required for AD module
* Added a dependency to upload scripts for AD module
* Added a separate stage for uploading artifacts.
* Invalid dependency removed
* Importing Az.Storage Module before executing other commands.
* Printing out modules path
* Remove Artifacts storage from test
* Minor change to UploadScripts module
* Minor change
* Minor Change to update PSModulePath
* Testing
* Minor path fix
* Minor changes to file path regex to be non-greedy
* Pipeline fixed with reorder Artifacts storage and scripts upload to Artifacts storage
* Minor updates
* Moved the Installation of the PowerShell modules one folder up
* Point-to-Site VPN added to On-Premise Archetype
* Cleaned up the scripts for VPN Root Cert creation
* Finalized Script
* Added KeyVault service point
* Updated the Archetype to include the new Active Directory Module and new Virtual Machine Module.
* Updated the On-Premise Pipeline
* Minor updates to the pipeline yml file
* Added missing dependency
* Minor update
* More updates to dependencies
* enable pip only if sepcified
* Minor update to enable Pip in VGW
* Minor update to VGW
* Pipeline yml fixes
* Typo fix
* Access policies added to KeyVault to App and User.
* Pipeline yml updated with feedback from today's review
* Applied the changes
* Minor changes to the exception
* Cleanup
* Cleaned up one of the function
* minor change
* Merged the Exponential backoff logic with Get exception
* initial commit
* updated orchestration and pipeline for shared services that doesn't extends onprem
* removed onpremises references
* fixed cyclic reference
* added missing parameters
* added missing parameters
* added debug on get access token
* fixed if condition
* Update pipeline.yml for Azure Pipelines
* Update pipeline.yml for Azure Pipelines
* Update pipeline.yml for Azure Pipelines
* removed break condition
* added ActiveDirectory module deployment
* Update pipeline.yml for Azure Pipelines
* added dns server
* moved vnet before jumpbox
* fixed DNS Server IPs
* removed invalid dependency
* removed invalid dns server
* moved sas token to part of uri
* added back all resources
* Update pipeline.yml for Azure Pipelines
* updated route table module
* added jobs to shared services pipeline
* removed repeated job name
* moved upload task into artifacts storage
* fixed dependency
* moved hardcoded parameters to reference tokens
* updated org name
* added missing location
* downgrade api versions - adds
* updated adds vm name
* Update pipeline.yml for Azure Pipelines
* Update pipeline.yml for Azure Pipelines
* temp update of self hosted agent name
* restablish self hosted agent name
* updated organization name
* added dependsOn to landing zone pipeline
* fixed module configuration names
* fixed missing pipeline property
* fixed yaml syntax
* fixed dependson
* fixed path
* fixed deployment name
* fixed parameter format
* set diagnostic storage access key as secured string
* removed service endpoint on storage account
* fixed output references
* fixed parameter name
* Moved phased wait log to write-debug
* fixed travis path
* set fontoso as testing org
* fixed adds api version
* updated adds vm name
* set context regardless if is validation or not
* return empty guid
* relax state information required parameters
* set resource states as optional parameter
* added validation parameter
* removed remote vnet peering
* fixed landing zone dependencies
* fixed key vault name
* initial commit that creates the new archetype
* added infra baseline to ASE/SQL deployment
* added vnet peering module configurations
* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype
* Fixes to pester tests applied
* added baseline archetype
* added Nist controls
* added new NIST policies
* update settings
* fixed repeated policy display name
* Update Archetype Instance Json with Script Output (#65)
* Completed the implementation of the archetype instance update with script outpout
* Created script to create / use a subscription and associate it to a new / existing management group
* SQL database (#64)
* Add files via upload
* Delete _README.md
* Add files via upload
* Delete sql.database.deploy.json
* Delete sql.database.parameters.json
* Add files via upload
* Delete sql.database.azuredevops.ci.yaml
* Add files via upload
* Add files via upload
* Delete git_placeholder.md
* Update module.tests.ps1
* Update module.tests.ps1
* added new NIST policies
* initial commit that creates the new archetype
* added infra baseline to ASE/SQL deployment
* added vnet peering module configurations
* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype
* Fixes to pester tests applied
* added baseline archetype
* Completed the implementation of the archetype instance update with script outpout
* Created script to create / use a subscription and associate it to a new / existing management group
* update settings
* fixed repeated policy display name
* initial commit that creates the new archetype
* added infra baseline to ASE/SQL deployment
* added vnet peering module configurations
* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype
* Fixes to pester tests applied
* added baseline archetype
* Completed the implementation of the archetype instance update with script outpout
* Created script to create / use a subscription and associate it to a new / existing management group
* initial commit that creates the new archetype
* added infra baseline to ASE/SQL deployment
* added vnet peering module configurations
* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype
* Completed the implementation of the archetype instance update with script outpout
* Completed the implementation of the archetype instance update with script outpout
* Created script to create / use a subscription and associate it to a new / existing management group
* initial commit that creates the new archetype
* added infra baseline to ASE/SQL deployment
* added vnet peering module configurations
* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype
* added baseline archetype
* Completed the implementation of the archetype instance update with script outpout
* initial commit that creates the new archetype
* added infra baseline to ASE/SQL deployment
* added vnet peering module configurations
* initial commit that creates the new archetype
* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype
* added infra baseline to ASE/SQL deployment
* added vnet peering module configurations
* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype
* Completed the implementation of the archetype instance update with script outpout
* Resolved a conflict
* removed subscription verification
* running custom script
* cleaned up variables
* Tested custom script execution
* Updated the subscription name for testing
* Check for null subscript and tenant id added
* Added debug for pipeline failures
* Updated Add-SubscriptionAndTenantIds to run only for archetype configuration
* Throw more information when script execution fails
* Throw more information when script execution fails
* Throw more information when script execution fails
* Throw more information when script execution fails
* Throw more information when script execution fails
* Throw more information when script execution fails
* Throw more information when script execution fails
* Throw more information when script execution fails
* finished NIST Controls
* moved baseline configuration to ASE-SQL
* fixed common file path reference
* updated Shared Services pipeline
* updated file name - case sensitive issue
* updated validation rg creation
* Changed the tenant id and subscription id in New-AzureResourceManagerDeployment to string
* added workload baseline pipeline
* added ase sql pipeline
* fixed invalid subscription id saved to resource state
* updated variable name
* Reference Functions scope changed to Module Configuration Object (#66)
* Initial changes
* Completed the implementation
* Cleaned up prior to PR submission
* adding LandingZone
* updated pipeline paths
* updated pipeline paths
* updated parameters file
* correcting case
* removed folders
* placing files back
* delete files
* put files back
* Fix to resolving reference functions
* fixed casing
* fixed casing in code
* updated modules to Modules in pipeline.yml
* Updated config folder name
* Updated config folder name
* fixed casing
* added vpn shared key
* finished ASE SQLDB landing zone
* added ASE-SQL archetype
* replaced hardcoded resource group name
* fixed relative path
* fixed automation account alias
* fixed relative paths
* renamed ADDS to ActiveDirectoryDomainServices
* fixed onprem vgw name
* fixed artifacts storage account name
* fixed custom extensions casing
* enabled adds deployment
* updated on-premises AD information
* updated Key Vault name to pass deployment error
* fixed bug on resource group creation
* updated adds vm name and set pipeline timeout to 0
* updated ADDS address start
* updated ADDS name
* updated dockerignore
* Fixed the pester test failure