Azure
/
vdc
зеркало из https://github.com/Azure/vdc.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
202 коммитов 10 Ветки 5 Теги 7,5 MiB
Граф коммитов

6 Коммитов

Автор SHA1 Сообщение Дата
RKSelvi 8b8ecd33ef
Modified Shared Services environment & added new MS-VDI environment - In support for this new environment changes have been made to support all Azure environments (#163) 
* Update dockerimage.yml

* Removed build.yml file

* Run toolkit container

* update

* fix

* mm

* bb

* nn

* qq

* ww

* ee

* rr

* pp

* aa

* Added storageblobURL to resources

* Added StorageblobURL to resources and env variable

* added storageblobURL

* added storageblobURL

* Commented out the Azure Provider feature Bastion

* added condition for resources gov vs com

* changed old GUID for Az Policy

* New change for gov. But need to adjust for com

* changed linux agent version number

* 1

* 2

* 3

* 4

* added logic for the ethernet

* added the ADDS module back after fixing script

* Updated modules IIS, SQLServerAlwaysOn,VM Scale sets for storagebloburl

* 5

* 6

* 7

* aa

* jj

* Update

* ll

* ll

* mm

* vv

* cv

* df

* Added logic for the NSG flow logs com vs gov

* changes to merge conflicts

* fixed conflict merge

* ee

* bnm

* yh

* vv

* sd

* bn

* xx

* vb

* tt

* ss

* zz

* remove sub ids

* aa

* updates

* ff

* updates

* tt

* updates

* mm

* rr

* Added info Azure cli to remove legal hold & other misc updates

* Fix typos

* Moved env variables for toolkit & subscription in the code

* ss

* kk

* Adding Az.Accounts to dockerfile

* cc

* ii

* ll

* yy

* vv

* cc

* ee

* Added all azure regions to AzureBastion module

* nn

* gg

* tt

* dd

* Adding install module in the code itself

* jk

* Added condition to connect to azure & install modules for dev ops

* qaz

* wsx

* bb

* Commented env variables in debug

* ff

* HUB vnet module

* changed MSVDI to connect to shrd svcs hub

* dummy values for config files

* changed para for msvdi with shrd svcs

* do not need to lowercase regions so commented out

* added variables to file so don't need to input

* new prereq script. Not necessary to run

* readme for shared services

* updated readme

* Update

* edc

* Topological path for DevOps pipeline

* test

* Update

* Running individual modules

* Updates

* updated comments

* new modules

* Create dockflow.yml

* Updates to SharedServices & MS-VDI readme

* qq

* Added more info on password restrictions

* Update

* 56

* 985

* 12

* 67

* 45

* 12

* 678

* 12

* 456

* tt

* 12

* 12

* 1q23

* 125

* 343

* 25

* 345

* 2134

* 12

* 2

* 454

* 124

* 312

* 12

* 23

* 34

* mylife

* q3

* 12

* 24

* q1234

* 696

* qw23

* q12e4

* w5

* 213

* 2198

* qw

* 255

* 89876

* 447

* 3242

* 89

* 43234

* 2342342

* q4eq3214

* 87

* 323

* 2345

* 123456

* New version of code for github action

* updates to files

* updated av set infoo

* 789234

* 234143

* 24223412342

* Teardown test

* Copied workflow from Jack's branch

* new changes

* update to readme in shrdsvcs

* new document for github actions

* 234

* adding changes to script for cleanup

* update readme

* update readme

* sdf

* 235

* 123

* 2345

* new changes to readme

* new changes to readme

* readme

* readme

* readmeupdate

* readme

* red

* read

* readme

* 1234

* readme

* 7897894

* update readme shrd svcs

* 345

* new changes to readme

* removed the cleanup and added to different script

* new change to clean up script

* Updates to shared services readme

* update

* 234

* Added passing parameters for subscription & tenant to parameters.json for shared services

* update for networkwatcher

* removed statement in av sets

* Test GH Actions

* Test GH Actions

* Update

* Update

* Cleared values

* Update

* changes to dockerfile version.

* Update

* Update readme

* Update README.md

* Updates to docs - added SPN info

Co-authored-by: jvalley19 <52843322+jvalley19@users.noreply.github.com>
 2020-04-30 09:37:04 -04:00
Kungumaraj Nachimuthu 82ac6a2cca Added new script to windows folder (#144) 2019-10-04 14:02:37 -07:00
Kungumaraj Nachimuthu 2c83f220e1 AKS Archetype (#96) 
* AKS Archetype - Initial Commit

* Change in pipeline variable group for testing

* Corrected dependency to the teardown of validation resource group

* Corrected the dependsOn for TearDownValidationResourceGroup

* Changed the Azure Subscription

* Changed from SharedServices to AKS in pipeline.yml

* Added missing Tests folder

* Removing duplicate task

* Updates to new modules

* Separate module for application rule

* Update to application rule module

* Clean up

* Cleaned up security center module

* Multiple var groups

* Added var groups for AKS

* Added env vars for User group IDs

* Updated the Packer agent file to include the az cli installation

* Splitting into Archetype and LandingZone

* Updated the paths in pipeline.yml after restructuring folders

* More updates to file paths

* AzureSecurityCenter correction

* Separate module for updating Azure Firewall

* Code fix for prevention of resource group while executing scripts

* Corrections to the orchestration and parameters file

* Added the Azure Firewall update section to the pipeline yml file

* Fixed json parameters file for AKS module that was formatted incorrectly

* Minor fixes to Virtual Network

* Updated the subscription GUIDs and added a subscription info for AKS

* Changed vNet to VirtualNetwork. Also, added dependsOn for AKS Archetype in Orchestration file.

* Changed the KeyVault behavior to enable Service EndPoint after Landing Zone deployment.

* Orchestration and Pipeline updates for AKS Archetype

* AKS Archetype pipeline / orchestration update

* Fixed unsupported versions for aks

* Changes based on feedback from AKS Archetype review

* Minor changes - feedback work continued

* Pipeline changes specific to AKS LandingZone

* AKS Archetype - Initial Commit

* Change in pipeline variable group for testing

* Corrected dependency to the teardown of validation resource group

* Corrected the dependsOn for TearDownValidationResourceGroup

* Changed the Azure Subscription

* Changed from SharedServices to AKS in pipeline.yml

* Added missing Tests folder

* Removing duplicate task

* Updates to new modules

* Separate module for application rule

* Update to application rule module

* Clean up

* Cleaned up security center module

* Multiple var groups

* Added var groups for AKS

* Added env vars for User group IDs

* Updated the Packer agent file to include the az cli installation

* Splitting into Archetype and LandingZone

* Updated the paths in pipeline.yml after restructuring folders

* More updates to file paths

* AzureSecurityCenter correction

* Separate module for updating Azure Firewall

* Code fix for prevention of resource group while executing scripts

* Corrections to the orchestration and parameters file

* Added the Azure Firewall update section to the pipeline yml file

* Fixed json parameters file for AKS module that was formatted incorrectly

* Minor fixes to Virtual Network

* Updated the subscription GUIDs and added a subscription info for AKS

* Changed vNet to VirtualNetwork. Also, added dependsOn for AKS Archetype in Orchestration file.

* Changed the KeyVault behavior to enable Service EndPoint after Landing Zone deployment.

* Orchestration and Pipeline updates for AKS Archetype

* AKS Archetype pipeline / orchestration update

* Fixed unsupported versions for aks

* Changes based on feedback from AKS Archetype review

* Minor changes - feedback work continued

* Pipeline changes specific to AKS LandingZone

* Changes based on testing firewall rules update logic

* Pipeline yml file updated

* Minor update

* Minor update

* Minor update

* Minor correction to file path

* Minor file path correction

* Minor correction

* Debug statements added

* Fix for Azure Firewall scripts

* Updated

* Updated

* Minor update

* Pipeline jobs rearranged.

* File path fixed

* Fixes to chmod script

* Minor fixes

* Updated the dependencies

* Corrected the bootstrap var in pipeline

* Live updates from feedback review

* Fixes based on today's review
 2019-08-23 22:48:47 -07:00
Jorge Cotillo 735b05069b Modularization of Virtual Machine templates (#101) 
* initial commit

* moved parameters file outside of the module

* initial commit of new Jumpbox design

* added encryption task

* removed unnecessary parameters

* initial implementation of encryption using kek

* fixed output storage from custom script

* Added format data disks DSC

* added adds dsc that excludes disk formatting

* removed dsc folder

* added policy and rbac tests

* removed 0 file

* updated template static test

* updated ad and adds templates

* updated non-extended shared services environment

* updated display names

* added enable key vault service endpoint task

* fix validate dependency

* fixed task name

* fixed module definition reference

* fixed azure firewall api version

* fixed pipeline and added new environment variable

* updated azure firewall api version

* fixed key vault access policy

* updated parameters comment

* updated zones copy loop

* updated zones condition

* fixed parameters.json error

* removed double quote encoding

* added string array to zones

* updated description name

* updated output reference to lowercase

* enabled debug on AD encryption

* enabled debug on AD encryption

* moved enabling service endpoint of Key Vault after VM deployment

* disabled validation stage

* enabled pipelines

* added SQL Analytics solution

* removed uneeded parameter

* added disk verification before formatting a disk

* updated DSC code

* removed data jumpbox datadisk

* added drive letter parameter to adds

* added workaround to prevent storage initialization multiple times

* added get public IP ps1

* removed finally block

* updated get ip ps1 path

* updated network rules copy loop:

* removed networkacls from initial key vault deployment

* explicit set of ps1 argument

* updated initialize file

* fixed return type

* fixed return type from getSasToken function

* added ashashtable to convert from json cmdlet

* added networkAcls with IP whitelisting

* added test-jsoncontent to helper

* added debug

* updated storage account details cache value

* removed debug flag

* updated set variable syntax

* fixed variable name

* added -Compress to JSON string creation

* updated default action on kv networkacls

* added global variable

* updated variable name

* Update pipeline.yml for Azure Pipelines

* moved org name as env variable

* update pipeline

* Update pipeline.yml for Azure Pipelines

* added additional logging info

* temp reduced validation tasks

* fixed dependency

* removed global variable from pipeline

* enabled debug on deployment

* enabled debug

* moved similar tasks into same job

* updated shared services extended pipeline

* removed write-host

* enabled multi-stage jobs

* added env variables

* updated variable set

* removed comments from inline script

* updated pipeline, pass variable between jobs

* added missing environment variable retrieval

* removed unnecessary write-host

* added vnet dependency

* updated job output dependency name

* added multi-job variable

* updated modules path of shared services onprem extension

* fixed parameters

* removed active directory reference

* added Virtual Network dependency

* added spn access policy

* moved dns server as a separate task
 2019-08-15 22:40:53 -07:00
Jorge Cotillo 96606294b7 fixed shared services adds vm deployments by adding async reboot 2019-07-26 20:19:34 -07:00
Jorge Cotillo fc1327053c
ASE sql archetype (#71) 
* initial commit that creates the new archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* Fixes to pester tests applied

* added baseline archetype

* added Nist controls

* added new NIST policies

* update settings

* fixed repeated policy display name

* Update Archetype Instance Json with Script Output (#65)

* Completed the implementation of the archetype instance update with script outpout

* Created script to create / use a subscription and associate it to a new / existing management group

* SQL database  (#64)

* Add files via upload

* Delete _README.md

* Add files via upload

* Delete sql.database.deploy.json

* Delete sql.database.parameters.json

* Add files via upload

* Delete sql.database.azuredevops.ci.yaml

* Add files via upload

* Add files via upload

* Delete git_placeholder.md

* Update module.tests.ps1

* Update module.tests.ps1

* added new NIST policies

* initial commit that creates the new archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* Fixes to pester tests applied

* added baseline archetype

* Completed the implementation of the archetype instance update with script outpout

* Created script to create / use a subscription and associate it to a new / existing management group

* update settings

* fixed repeated policy display name

* initial commit that creates the new archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* Fixes to pester tests applied

* added baseline archetype

* Completed the implementation of the archetype instance update with script outpout

* Created script to create / use a subscription and associate it to a new / existing management group

* initial commit that creates the new archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* Completed the implementation of the archetype instance update with script outpout

* Completed the implementation of the archetype instance update with script outpout

* Created script to create / use a subscription and associate it to a new / existing management group

* initial commit that creates the new archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* added baseline archetype

* Completed the implementation of the archetype instance update with script outpout

* initial commit that creates the new archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* initial commit that creates the new archetype

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* Completed the implementation of the archetype instance update with script outpout

* Resolved a conflict

* removed subscription verification

* running custom script

* cleaned up variables

* Tested custom script execution

* Updated the subscription name for testing

* Check for null subscript and tenant id added

* Added debug for pipeline failures

* Updated Add-SubscriptionAndTenantIds to run only for archetype configuration

* Throw more information when script execution fails

* Throw more information when script execution fails

* Throw more information when script execution fails

* Throw more information when script execution fails

* Throw more information when script execution fails

* Throw more information when script execution fails

* Throw more information when script execution fails

* Throw more information when script execution fails

* finished NIST Controls

* moved baseline configuration to ASE-SQL

* fixed common file path reference

* updated Shared Services pipeline

* updated file name - case sensitive issue

* updated validation rg creation

* Changed the tenant id and subscription id in New-AzureResourceManagerDeployment to string

* added workload baseline pipeline

* added ase sql pipeline

* fixed invalid subscription id saved to resource state

* updated variable name

* Reference Functions scope changed to Module Configuration Object (#66)

* Initial changes

* Completed the implementation

* Cleaned up prior to PR submission

* adding LandingZone

* updated pipeline paths

* updated pipeline paths

* updated parameters file

* correcting case

* removed folders

* placing files back

* delete files

* put files back

* Fix to resolving reference functions

* fixed casing

* fixed casing in code

* updated modules to Modules in pipeline.yml

* Updated config folder name

* Updated config folder name

* fixed casing

* added vpn shared key

* finished ASE SQLDB landing zone

* added ASE-SQL archetype

* replaced hardcoded resource group name

* fixed relative path

* fixed automation account alias

* fixed relative paths

* renamed ADDS to ActiveDirectoryDomainServices

* fixed onprem vgw name

* fixed artifacts storage account name

* fixed custom extensions casing

* enabled adds deployment

* updated on-premises AD information

* updated Key Vault name to pass deployment error

* fixed bug on resource group creation

* updated adds vm name and set pipeline timeout to 0

* updated ADDS address start

* updated ADDS name

* updated dockerignore

* Fixed the pester test failure
 2019-07-05 14:33:50 -07:00