This commit is contained in:
Bernie White 2020-01-05 21:23:51 +10:00 коммит произвёл GitHub
Родитель 08a7970aa5
Коммит 68947c452c
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
10 изменённых файлов: 340 добавлений и 0 удалений

1
.vscode/settings.json поставляемый
Просмотреть файл

@ -21,6 +21,7 @@
"**/.azure-pipelines/*.yaml": "azure-pipelines"
},
"cSpell.words": [
"NSGs",
"Subnet",
"VNET",
"hashtable",

Просмотреть файл

@ -0,0 +1,41 @@
---
category: Naming
online version: https://github.com/microsoft/PSRule.Rules.CAF/blob/master/docs/rules/en/CAF.Name.Connection.md
---
# Use standard connection names
## SYNOPSIS
Virtual network gateway connection names should use a standard prefix and meet naming requirements.
## DESCRIPTION
An effective naming convention allows operators to quickly identify resource type, associated workload,
deployment environment and Azure region.
For virtual network gateway connections, the Cloud Adoption Framework recommends using the `cn-` prefix.
Requirements for virtual network gateway connection names:
- At least 1 character, but no more than 80.
- Can include alphanumeric, underscore, hyphen, period characters.
- Can only start with a letter or number, and end with a letter, number or underscore.
- Connection names must be unique within a resource group.
## RECOMMENDATION
Consider creating virtual network gateway connections with a standard name.
Additionally consider using Azure Policy to only permit creation using a standard naming convention.
## NOTES
This rule does not check if virtual network gateway connection names are unique.
To configure this rule:
- Override the `CAF_GatewayConnectionPrefix` configuration value with an array of allowed prefixes.
## LINKS
- [Recommended naming and tagging conventions](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/naming-and-tagging)

Просмотреть файл

@ -0,0 +1,41 @@
---
category: Naming
online version: https://github.com/microsoft/PSRule.Rules.CAF/blob/master/docs/rules/en/CAF.Name.LoadBalancer.md
---
# Use standard load balancer names
## SYNOPSIS
Load balancer names should use a standard prefix and meet naming requirements.
## DESCRIPTION
An effective naming convention allows operators to quickly identify resource type, associated workload,
deployment environment and Azure region.
For load balancers, the Cloud Adoption Framework recommends using the `lb-` prefix.
Requirements for load balancers names:
- At least 1 character, but no more than 80.
- Can include alphanumeric, underscore, hyphen, period characters.
- Can only start with a letter or number, and end with a letter, number or underscore.
- Load balancer names must be unique within a resource group.
## RECOMMENDATION
Consider creating load balancers with a standard name.
Additionally consider using Azure Policy to only permit creation using a standard naming convention.
## NOTES
This rule does not check if load balancer names are unique.
To configure this rule:
- Override the `CAF_LoadBalancerPrefix` configuration value with an array of allowed prefixes.
## LINKS
- [Recommended naming and tagging conventions](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/naming-and-tagging)

Просмотреть файл

@ -0,0 +1,41 @@
---
category: Naming
online version: https://github.com/microsoft/PSRule.Rules.CAF/blob/master/docs/rules/en/CAF.Name.NSG.md
---
# Use standard NSG names
## SYNOPSIS
Network security group (NSG) names should use a standard prefix and meet naming requirements.
## DESCRIPTION
An effective naming convention allows operators to quickly identify resource type, associated workload,
deployment environment and Azure region.
For NSGs, the Cloud Adoption Framework recommends using the `nsg-` prefix.
Requirements for NSG names:
- At least 1 character, but no more than 80.
- Can include alphanumeric, underscore, hyphen, period characters.
- Can only start with a letter or number, and end with a letter, number or underscore.
- NSG names must be unique within a resource group.
## RECOMMENDATION
Consider creating NSGs with a standard name.
Additionally consider using Azure Policy to only permit creation using a standard naming convention.
## NOTES
This rule does not check if NSG names are unique.
To configure this rule:
- Override the `CAF_NetworkSecurityGroupPrefix` configuration value with an array of allowed prefixes.
## LINKS
- [Recommended naming and tagging conventions](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/naming-and-tagging)

Просмотреть файл

@ -0,0 +1,41 @@
---
category: Naming
online version: https://github.com/microsoft/PSRule.Rules.CAF/blob/master/docs/rules/en/CAF.Name.PublicIP.md
---
# Use standard public IP names
## SYNOPSIS
Public IP address names should use a standard prefix and meet naming requirements.
## DESCRIPTION
An effective naming convention allows operators to quickly identify resource type, associated workload,
deployment environment and Azure region.
For public IPs, the Cloud Adoption Framework recommends using the `pip-` prefix.
Requirements for public IP names:
- At least 1 character, but no more than 80.
- Can include alphanumeric, underscore, hyphen, period characters.
- Can only start with a letter or number, and end with a letter, number or underscore.
- Public IP names must be unique within a resource group.
## RECOMMENDATION
Consider creating public IPs with a standard name.
Additionally consider using Azure Policy to only permit creation using a standard naming convention.
## NOTES
This rule does not check if public IP names are unique.
To configure this rule:
- Override the `CAF_PublicIPPrefix` configuration value with an array of allowed prefixes.
## LINKS
- [Recommended naming and tagging conventions](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/naming-and-tagging)

Просмотреть файл

@ -0,0 +1,41 @@
---
category: Naming
online version: https://github.com/microsoft/PSRule.Rules.CAF/blob/master/docs/rules/en/CAF.Name.Route.md
---
# Use standard route table names
## SYNOPSIS
Route table names should use a standard prefix and meet naming requirements.
## DESCRIPTION
An effective naming convention allows operators to quickly identify resource type, associated workload,
deployment environment and Azure region.
For route tables, the Cloud Adoption Framework recommends using the `route-` prefix.
Requirements for route table names:
- At least 1 character, but no more than 80.
- Can include alphanumeric, underscore, hyphen, period characters.
- Can only start with a letter or number, and end with a letter, number or underscore.
- Route table names must be unique within a resource group.
## RECOMMENDATION
Consider creating route tables with a standard name.
Additionally consider using Azure Policy to only permit creation using a standard naming convention.
## NOTES
This rule does not check if route table names are unique.
To configure this rule:
- Override the `CAF_RouteTablePrefix` configuration value with an array of allowed prefixes.
## LINKS
- [Recommended naming and tagging conventions](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/naming-and-tagging)

Просмотреть файл

@ -0,0 +1,41 @@
---
category: Naming
online version: https://github.com/microsoft/PSRule.Rules.CAF/blob/master/docs/rules/en/CAF.Name.Storage.md
---
# Use standard storage account names
## SYNOPSIS
Storage account names should use a standard prefix and meet naming requirements.
## DESCRIPTION
An effective naming convention allows operators to quickly identify resource type, associated workload,
deployment environment and Azure region.
For storage accounts, the Cloud Adoption Framework recommends using the `stor`, `stvm` and `dls` prefix.
Use of different prefixes depends on the intended usage of the storage account.
Requirements for storage account names:
- At least 3 characters, but no more than 24.
- Can include alphanumeric characters only.
- Storage account names must be global unique, because they directly relate to a DNS host name.
## RECOMMENDATION
Consider creating storage accounts with a standard name.
Additionally consider using Azure Policy to only permit creation using a standard naming convention.
## NOTES
This rule does not check if storage account names are unique.
To configure this rule:
- Override the `CAF_StoragePrefix` configuration value with an array of allowed prefixes.
## LINKS
- [Recommended naming and tagging conventions](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/naming-and-tagging)

Просмотреть файл

@ -0,0 +1,42 @@
---
category: Naming
online version: https://github.com/microsoft/PSRule.Rules.CAF/blob/master/docs/rules/en/CAF.Name.VM.md
---
# Use standard VM names
## SYNOPSIS
Virtual machine names should use a standard prefix and meet naming requirements.
## DESCRIPTION
An effective naming convention allows operators to quickly identify resource type, associated workload,
deployment environment and Azure region.
For VMs, the Cloud Adoption Framework recommends using the `vm-` prefix.
Requirements for VM names:
- For Windows, at least 1 character, but no more than 15.
- For Linux, at least 1 character, but no more than 64.
- Can include alphanumeric and hyphen characters.
- Can only start with a letter or number, and end with a letter or number.
- VM names must be unique within a resource group.
## RECOMMENDATION
Consider creating VMs with a standard name.
Additionally consider using Azure Policy to only permit creation using a standard naming convention.
## NOTES
This rule does not check if VM names are unique.
To configure this rule:
- Override the `CAF_VirtualMachinePrefix` configuration value with an array of allowed prefixes.
## LINKS
- [Recommended naming and tagging conventions](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/naming-and-tagging)

Просмотреть файл

@ -0,0 +1,41 @@
---
category: Naming
online version: https://github.com/microsoft/PSRule.Rules.CAF/blob/master/docs/rules/en/CAF.Name.VNG.md
---
# Use standard virtual network gateway names
## SYNOPSIS
Virtual network gateway names should use a standard prefix and meet naming requirements.
## DESCRIPTION
An effective naming convention allows operators to quickly identify resource type, associated workload,
deployment environment and Azure region.
For virtual network gateways, the Cloud Adoption Framework recommends using the `vnet-gw-` prefix.
Requirements for virtual network gateway names:
- At least 1 character, but no more than 80.
- Can include alphanumeric, underscore, hyphen, period characters.
- Can only start with a letter or number, and end with a letter, number or underscore.
- Virtual network gateway names must be unique within a resource group.
## RECOMMENDATION
Consider creating virtual network gateways with a standard name.
Additionally consider using Azure Policy to only permit creation using a standard naming convention.
## NOTES
This rule does not check if virtual network gateway names are unique.
To configure this rule:
- Override the `CAF_VirtualNetworkGatewayPrefix` configuration value with an array of allowed prefixes.
## LINKS
- [Recommended naming and tagging conventions](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/naming-and-tagging)

Просмотреть файл

@ -61,11 +61,21 @@ Rule 'CAF.Name.Subnet' -Type 'Microsoft.Network/virtualNetworks', 'Microsoft.Net
# Synopsis: Use standard virtual network gateway names
Rule 'CAF.Name.VNG' -Type 'Microsoft.Network/virtualNetworkGateways' {
$Assert.StartsWith($TargetObject, 'Name', $Configuration.CAF_VirtualNetworkGatewayPrefix)
# Name requirements
$Assert.GreaterOrEqual($TargetObject, 'Name', 1)
$Assert.LessOrEqual($TargetObject, 'Name', 80)
Match 'Name' '^[\w][-\w_\.]*[\w_]$'
}
# Synopsis: Use standard virtual networks gateway connection names
Rule 'CAF.Name.Connection' -Type 'Microsoft.Network/connections' {
$Assert.StartsWith($TargetObject, 'Name', $Configuration.CAF_GatewayConnectionPrefix)
# Name requirements
$Assert.GreaterOrEqual($TargetObject, 'Name', 1)
$Assert.LessOrEqual($TargetObject, 'Name', 80)
Match 'Name' '^[\w][-\w_\.]*[\w_]$'
}
# Synopsis: Use standard network security group names