Azure
/
vdc
зеркало из https://github.com/Azure/vdc.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
202 коммитов 10 Ветки 5 Теги 7,5 MiB
Граф коммитов

6 Коммитов

Автор SHA1 Сообщение Дата
jvalley19 3ba087d6a1
Final Pull Request (#170) 
* fixed conflict merge

* ee

* bnm

* yh

* vv

* sd

* bn

* xx

* vb

* tt

* ss

* zz

* remove sub ids

* aa

* updates

* ff

* updates

* tt

* updates

* mm

* rr

* Added info Azure cli to remove legal hold & other misc updates

* Fix typos

* Moved env variables for toolkit & subscription in the code

* ss

* kk

* Adding Az.Accounts to dockerfile

* cc

* ii

* ll

* yy

* vv

* cc

* ee

* Added all azure regions to AzureBastion module

* nn

* gg

* tt

* dd

* Adding install module in the code itself

* jk

* Added condition to connect to azure & install modules for dev ops

* qaz

* wsx

* bb

* Commented env variables in debug

* ff

* HUB vnet module

* changed MSVDI to connect to shrd svcs hub

* dummy values for config files

* changed para for msvdi with shrd svcs

* do not need to lowercase regions so commented out

* added variables to file so don't need to input

* new prereq script. Not necessary to run

* readme for shared services

* updated readme

* Update

* edc

* Topological path for DevOps pipeline

* test

* Update

* Running individual modules

* Updates

* updated comments

* new modules

* Create dockflow.yml

* Updates to SharedServices & MS-VDI readme

* qq

* Added more info on password restrictions

* Update

* 56

* 985

* 12

* 67

* 45

* 12

* 678

* 12

* 456

* tt

* 12

* 12

* 1q23

* 125

* 343

* 25

* 345

* 2134

* 12

* 2

* 454

* 124

* 312

* 12

* 23

* 34

* mylife

* q3

* 12

* 24

* q1234

* 696

* qw23

* q12e4

* w5

* 213

* 2198

* qw

* 255

* 89876

* 447

* 3242

* 89

* 43234

* 2342342

* q4eq3214

* 87

* 323

* 2345

* 123456

* New version of code for github action

* updates to files

* updated av set infoo

* 789234

* 234143

* 24223412342

* Teardown test

* Copied workflow from Jack's branch

* new changes

* update to readme in shrdsvcs

* new document for github actions

* 234

* adding changes to script for cleanup

* update readme

* update readme

* sdf

* 235

* 123

* 2345

* new changes to readme

* new changes to readme

* readme

* readme

* readmeupdate

* readme

* red

* read

* readme

* 1234

* readme

* 7897894

* update readme shrd svcs

* 345

* new changes to readme

* removed the cleanup and added to different script

* new change to clean up script

* Updates to shared services readme

* update

* 234

* Added passing parameters for subscription & tenant to parameters.json for shared services

* update for networkwatcher

* removed statement in av sets

* Test GH Actions

* Test GH Actions

* Update

* Update

* Cleared values

* Update

* changes to dockerfile version.

* Update

* Update readme

* Update README.md

* Updates to docs - added SPN info

* All documentation updates - removed personal GH repo reference & referencing shared services deployment in quickstart

* Added release notes

* Update

* no change

* added password randomization

* no change

* added sentinel changes

* formatting

* sentinel change and secret changes to kv

* secret changes to kv

* sentinel changes

* dublicate code correction... No code change

* added sentinel env var

* Test Gov Deployment

* updated SS readme

* naming convention changes

* example of inputfile for master script

* updated readme

* updated docker yml fiile

* master orchestration script

* new github actions doc

* master orchestration documentation

* new env document

* updated MS-VDI parameters with ctx

* updated with ps7 requirements

* new windows virtual desktop environment

* added new artifact location parameter

* added spoke env

* doc

* new Vnet peering module

* application group module

* host pool module

* added output for script

* doc edit

* new images for docs

* updated doc

* disable resources

* docedit

* doc edit

* shared services as a spoke

* doc edit

* docedit

* doc updated

* updated for vms

Co-authored-by: RKSelvi <42325057+RKSelvi@users.noreply.github.com>
Co-authored-by: Selvi Kalaiselvi <selvi.kalaiselvi@appliedis.com>
Co-authored-by: Steve Downs <33630027+SteveDatAzureGov@users.noreply.github.com>
 2020-06-17 13:19:50 -04:00
RKSelvi 352150b580
Update GH actions to deploy shared services & tear down (#169) 
* 5

* 6

* 7

* aa

* jj

* Update

* ll

* ll

* mm

* vv

* cv

* df

* Added logic for the NSG flow logs com vs gov

* changes to merge conflicts

* fixed conflict merge

* ee

* bnm

* yh

* vv

* sd

* bn

* xx

* vb

* tt

* ss

* zz

* remove sub ids

* aa

* updates

* ff

* updates

* tt

* updates

* mm

* rr

* Added info Azure cli to remove legal hold & other misc updates

* Fix typos

* Moved env variables for toolkit & subscription in the code

* ss

* kk

* Adding Az.Accounts to dockerfile

* cc

* ii

* ll

* yy

* vv

* cc

* ee

* Added all azure regions to AzureBastion module

* nn

* gg

* tt

* dd

* Adding install module in the code itself

* jk

* Added condition to connect to azure & install modules for dev ops

* qaz

* wsx

* bb

* Commented env variables in debug

* ff

* HUB vnet module

* changed MSVDI to connect to shrd svcs hub

* dummy values for config files

* changed para for msvdi with shrd svcs

* do not need to lowercase regions so commented out

* added variables to file so don't need to input

* new prereq script. Not necessary to run

* readme for shared services

* updated readme

* Update

* edc

* Topological path for DevOps pipeline

* test

* Update

* Running individual modules

* Updates

* updated comments

* new modules

* Create dockflow.yml

* Updates to SharedServices & MS-VDI readme

* qq

* Added more info on password restrictions

* Update

* 56

* 985

* 12

* 67

* 45

* 12

* 678

* 12

* 456

* tt

* 12

* 12

* 1q23

* 125

* 343

* 25

* 345

* 2134

* 12

* 2

* 454

* 124

* 312

* 12

* 23

* 34

* mylife

* q3

* 12

* 24

* q1234

* 696

* qw23

* q12e4

* w5

* 213

* 2198

* qw

* 255

* 89876

* 447

* 3242

* 89

* 43234

* 2342342

* q4eq3214

* 87

* 323

* 2345

* 123456

* New version of code for github action

* updates to files

* updated av set infoo

* 789234

* 234143

* 24223412342

* Teardown test

* Copied workflow from Jack's branch

* new changes

* update to readme in shrdsvcs

* new document for github actions

* 234

* adding changes to script for cleanup

* update readme

* update readme

* sdf

* 235

* 123

* 2345

* new changes to readme

* new changes to readme

* readme

* readme

* readmeupdate

* readme

* red

* read

* readme

* 1234

* readme

* 7897894

* update readme shrd svcs

* 345

* new changes to readme

* removed the cleanup and added to different script

* new change to clean up script

* Updates to shared services readme

* update

* 234

* Added passing parameters for subscription & tenant to parameters.json for shared services

* update for networkwatcher

* removed statement in av sets

* Test GH Actions

* Test GH Actions

* Update

* Update

* Cleared values

* Update

* changes to dockerfile version.

* Update

* Update readme

* Update README.md

* Updates to docs - added SPN info

* All documentation updates - removed personal GH repo reference & referencing shared services deployment in quickstart

* Added release notes

* Update

* Merge

* Readding docs updates after merge conflict

* Update GH actions workflow file

* Update

* Removed duplicated folder

* Clean up

* Remove ms-vdi for GH action wf & added teardown

* no change

* added password randomization

* no change

* added sentinel changes

* formatting

* sentinel change and secret changes to kv

* secret changes to kv

* sentinel changes

* dublicate code correction... No code change

* added sentinel env var

* Test Gov Deployment

* updated SS readme

* Merge changes for Azure Sentinel addition & auto-generate password

* naming convention changes

* Test

Co-authored-by: jvalley19 <52843322+jvalley19@users.noreply.github.com>
 2020-06-17 12:45:37 -04:00
RKSelvi 8b8ecd33ef
Modified Shared Services environment & added new MS-VDI environment - In support for this new environment changes have been made to support all Azure environments (#163) 
* Update dockerimage.yml

* Removed build.yml file

* Run toolkit container

* update

* fix

* mm

* bb

* nn

* qq

* ww

* ee

* rr

* pp

* aa

* Added storageblobURL to resources

* Added StorageblobURL to resources and env variable

* added storageblobURL

* added storageblobURL

* Commented out the Azure Provider feature Bastion

* added condition for resources gov vs com

* changed old GUID for Az Policy

* New change for gov. But need to adjust for com

* changed linux agent version number

* 1

* 2

* 3

* 4

* added logic for the ethernet

* added the ADDS module back after fixing script

* Updated modules IIS, SQLServerAlwaysOn,VM Scale sets for storagebloburl

* 5

* 6

* 7

* aa

* jj

* Update

* ll

* ll

* mm

* vv

* cv

* df

* Added logic for the NSG flow logs com vs gov

* changes to merge conflicts

* fixed conflict merge

* ee

* bnm

* yh

* vv

* sd

* bn

* xx

* vb

* tt

* ss

* zz

* remove sub ids

* aa

* updates

* ff

* updates

* tt

* updates

* mm

* rr

* Added info Azure cli to remove legal hold & other misc updates

* Fix typos

* Moved env variables for toolkit & subscription in the code

* ss

* kk

* Adding Az.Accounts to dockerfile

* cc

* ii

* ll

* yy

* vv

* cc

* ee

* Added all azure regions to AzureBastion module

* nn

* gg

* tt

* dd

* Adding install module in the code itself

* jk

* Added condition to connect to azure & install modules for dev ops

* qaz

* wsx

* bb

* Commented env variables in debug

* ff

* HUB vnet module

* changed MSVDI to connect to shrd svcs hub

* dummy values for config files

* changed para for msvdi with shrd svcs

* do not need to lowercase regions so commented out

* added variables to file so don't need to input

* new prereq script. Not necessary to run

* readme for shared services

* updated readme

* Update

* edc

* Topological path for DevOps pipeline

* test

* Update

* Running individual modules

* Updates

* updated comments

* new modules

* Create dockflow.yml

* Updates to SharedServices & MS-VDI readme

* qq

* Added more info on password restrictions

* Update

* 56

* 985

* 12

* 67

* 45

* 12

* 678

* 12

* 456

* tt

* 12

* 12

* 1q23

* 125

* 343

* 25

* 345

* 2134

* 12

* 2

* 454

* 124

* 312

* 12

* 23

* 34

* mylife

* q3

* 12

* 24

* q1234

* 696

* qw23

* q12e4

* w5

* 213

* 2198

* qw

* 255

* 89876

* 447

* 3242

* 89

* 43234

* 2342342

* q4eq3214

* 87

* 323

* 2345

* 123456

* New version of code for github action

* updates to files

* updated av set infoo

* 789234

* 234143

* 24223412342

* Teardown test

* Copied workflow from Jack's branch

* new changes

* update to readme in shrdsvcs

* new document for github actions

* 234

* adding changes to script for cleanup

* update readme

* update readme

* sdf

* 235

* 123

* 2345

* new changes to readme

* new changes to readme

* readme

* readme

* readmeupdate

* readme

* red

* read

* readme

* 1234

* readme

* 7897894

* update readme shrd svcs

* 345

* new changes to readme

* removed the cleanup and added to different script

* new change to clean up script

* Updates to shared services readme

* update

* 234

* Added passing parameters for subscription & tenant to parameters.json for shared services

* update for networkwatcher

* removed statement in av sets

* Test GH Actions

* Test GH Actions

* Update

* Update

* Cleared values

* Update

* changes to dockerfile version.

* Update

* Update readme

* Update README.md

* Updates to docs - added SPN info

Co-authored-by: jvalley19 <52843322+jvalley19@users.noreply.github.com>
 2020-04-30 09:37:04 -04:00
Kungumaraj Nachimuthu d66ef4a76e Toolkit Config Change and Validation RG Enhancement (#134) 
* Completed the initial implementation.

* Finalized the changes and tested

* Changes based on feedback from today's review

* Changes post running tested.

* Changes to optimize the code.
 2019-09-19 21:49:54 -07:00
Kungumaraj Nachimuthu 2c83f220e1 AKS Archetype (#96) 
* AKS Archetype - Initial Commit

* Change in pipeline variable group for testing

* Corrected dependency to the teardown of validation resource group

* Corrected the dependsOn for TearDownValidationResourceGroup

* Changed the Azure Subscription

* Changed from SharedServices to AKS in pipeline.yml

* Added missing Tests folder

* Removing duplicate task

* Updates to new modules

* Separate module for application rule

* Update to application rule module

* Clean up

* Cleaned up security center module

* Multiple var groups

* Added var groups for AKS

* Added env vars for User group IDs

* Updated the Packer agent file to include the az cli installation

* Splitting into Archetype and LandingZone

* Updated the paths in pipeline.yml after restructuring folders

* More updates to file paths

* AzureSecurityCenter correction

* Separate module for updating Azure Firewall

* Code fix for prevention of resource group while executing scripts

* Corrections to the orchestration and parameters file

* Added the Azure Firewall update section to the pipeline yml file

* Fixed json parameters file for AKS module that was formatted incorrectly

* Minor fixes to Virtual Network

* Updated the subscription GUIDs and added a subscription info for AKS

* Changed vNet to VirtualNetwork. Also, added dependsOn for AKS Archetype in Orchestration file.

* Changed the KeyVault behavior to enable Service EndPoint after Landing Zone deployment.

* Orchestration and Pipeline updates for AKS Archetype

* AKS Archetype pipeline / orchestration update

* Fixed unsupported versions for aks

* Changes based on feedback from AKS Archetype review

* Minor changes - feedback work continued

* Pipeline changes specific to AKS LandingZone

* AKS Archetype - Initial Commit

* Change in pipeline variable group for testing

* Corrected dependency to the teardown of validation resource group

* Corrected the dependsOn for TearDownValidationResourceGroup

* Changed the Azure Subscription

* Changed from SharedServices to AKS in pipeline.yml

* Added missing Tests folder

* Removing duplicate task

* Updates to new modules

* Separate module for application rule

* Update to application rule module

* Clean up

* Cleaned up security center module

* Multiple var groups

* Added var groups for AKS

* Added env vars for User group IDs

* Updated the Packer agent file to include the az cli installation

* Splitting into Archetype and LandingZone

* Updated the paths in pipeline.yml after restructuring folders

* More updates to file paths

* AzureSecurityCenter correction

* Separate module for updating Azure Firewall

* Code fix for prevention of resource group while executing scripts

* Corrections to the orchestration and parameters file

* Added the Azure Firewall update section to the pipeline yml file

* Fixed json parameters file for AKS module that was formatted incorrectly

* Minor fixes to Virtual Network

* Updated the subscription GUIDs and added a subscription info for AKS

* Changed vNet to VirtualNetwork. Also, added dependsOn for AKS Archetype in Orchestration file.

* Changed the KeyVault behavior to enable Service EndPoint after Landing Zone deployment.

* Orchestration and Pipeline updates for AKS Archetype

* AKS Archetype pipeline / orchestration update

* Fixed unsupported versions for aks

* Changes based on feedback from AKS Archetype review

* Minor changes - feedback work continued

* Pipeline changes specific to AKS LandingZone

* Changes based on testing firewall rules update logic

* Pipeline yml file updated

* Minor update

* Minor update

* Minor update

* Minor correction to file path

* Minor file path correction

* Minor correction

* Debug statements added

* Fix for Azure Firewall scripts

* Updated

* Updated

* Minor update

* Pipeline jobs rearranged.

* File path fixed

* Fixes to chmod script

* Minor fixes

* Updated the dependencies

* Corrected the bootstrap var in pipeline

* Live updates from feedback review

* Fixes based on today's review
 2019-08-23 22:48:47 -07:00
Jorge Cotillo fc1327053c
ASE sql archetype (#71) 
* initial commit that creates the new archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* Fixes to pester tests applied

* added baseline archetype

* added Nist controls

* added new NIST policies

* update settings

* fixed repeated policy display name

* Update Archetype Instance Json with Script Output (#65)

* Completed the implementation of the archetype instance update with script outpout

* Created script to create / use a subscription and associate it to a new / existing management group

* SQL database  (#64)

* Add files via upload

* Delete _README.md

* Add files via upload

* Delete sql.database.deploy.json

* Delete sql.database.parameters.json

* Add files via upload

* Delete sql.database.azuredevops.ci.yaml

* Add files via upload

* Add files via upload

* Delete git_placeholder.md

* Update module.tests.ps1

* Update module.tests.ps1

* added new NIST policies

* initial commit that creates the new archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* Fixes to pester tests applied

* added baseline archetype

* Completed the implementation of the archetype instance update with script outpout

* Created script to create / use a subscription and associate it to a new / existing management group

* update settings

* fixed repeated policy display name

* initial commit that creates the new archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* Fixes to pester tests applied

* added baseline archetype

* Completed the implementation of the archetype instance update with script outpout

* Created script to create / use a subscription and associate it to a new / existing management group

* initial commit that creates the new archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* Completed the implementation of the archetype instance update with script outpout

* Completed the implementation of the archetype instance update with script outpout

* Created script to create / use a subscription and associate it to a new / existing management group

* initial commit that creates the new archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* added baseline archetype

* Completed the implementation of the archetype instance update with script outpout

* initial commit that creates the new archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* initial commit that creates the new archetype

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* added infra baseline to ASE/SQL deployment

* added vnet peering module configurations

* set app service plan and webapp as generic modules, added ASE orchestration modules to archetype

* Completed the implementation of the archetype instance update with script outpout

* Resolved a conflict

* removed subscription verification

* running custom script

* cleaned up variables

* Tested custom script execution

* Updated the subscription name for testing

* Check for null subscript and tenant id added

* Added debug for pipeline failures

* Updated Add-SubscriptionAndTenantIds to run only for archetype configuration

* Throw more information when script execution fails

* Throw more information when script execution fails

* Throw more information when script execution fails

* Throw more information when script execution fails

* Throw more information when script execution fails

* Throw more information when script execution fails

* Throw more information when script execution fails

* Throw more information when script execution fails

* finished NIST Controls

* moved baseline configuration to ASE-SQL

* fixed common file path reference

* updated Shared Services pipeline

* updated file name - case sensitive issue

* updated validation rg creation

* Changed the tenant id and subscription id in New-AzureResourceManagerDeployment to string

* added workload baseline pipeline

* added ase sql pipeline

* fixed invalid subscription id saved to resource state

* updated variable name

* Reference Functions scope changed to Module Configuration Object (#66)

* Initial changes

* Completed the implementation

* Cleaned up prior to PR submission

* adding LandingZone

* updated pipeline paths

* updated pipeline paths

* updated parameters file

* correcting case

* removed folders

* placing files back

* delete files

* put files back

* Fix to resolving reference functions

* fixed casing

* fixed casing in code

* updated modules to Modules in pipeline.yml

* Updated config folder name

* Updated config folder name

* fixed casing

* added vpn shared key

* finished ASE SQLDB landing zone

* added ASE-SQL archetype

* replaced hardcoded resource group name

* fixed relative path

* fixed automation account alias

* fixed relative paths

* renamed ADDS to ActiveDirectoryDomainServices

* fixed onprem vgw name

* fixed artifacts storage account name

* fixed custom extensions casing

* enabled adds deployment

* updated on-premises AD information

* updated Key Vault name to pass deployment error

* fixed bug on resource group creation

* updated adds vm name and set pipeline timeout to 0

* updated ADDS address start

* updated ADDS name

* updated dockerignore

* Fixed the pester test failure
 2019-07-05 14:33:50 -07:00