Skip to content

Commit

Permalink
fixed the remaining linter warnings
Browse files Browse the repository at this point in the history
  • Loading branch information
tredell committed Feb 11, 2023
1 parent 9f0e049 commit 1610a28
Show file tree
Hide file tree
Showing 12 changed files with 32 additions and 25 deletions.
2 changes: 1 addition & 1 deletion azresources/containers/aks/main.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ var virtualNetworkName = subnetIdSplit[8]
var privateDnsZoneIdSplit = split(privateDNSZoneId, '/')
var privateDnsZoneSubscriptionId = privateDnsZoneIdSplit[2]
var privateZoneDnsResourceGroupName = privateDnsZoneIdSplit[4]
var privateZoneResourceName = last(privateDnsZoneIdSplit)
var privateZoneResourceName = last(privateDnsZoneIdSplit)!

module identity '../../iam/user-assigned-identity.bicep' = {
name: 'deploy-aks-identity'
Expand Down
4 changes: 2 additions & 2 deletions azresources/data/sqldb/sqldb-with-cmk.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -107,9 +107,9 @@ resource sqlserver 'Microsoft.Sql/servers@2021-02-01-preview' = {
}

resource sqlserver_va 'Microsoft.Sql/servers/vulnerabilityAssessments@2020-11-01-preview' = {
name: '${sqlServerName}/default'
parent: sqlserver
name: 'default'
dependsOn: [
sqlserver
roleAssignSQLToSALogging
]
properties: {
Expand Down
4 changes: 2 additions & 2 deletions azresources/data/sqldb/sqldb-without-cmk.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -86,9 +86,9 @@ resource sqlserver 'Microsoft.Sql/servers@2021-02-01-preview' = {
}

resource sqlserver_va 'Microsoft.Sql/servers/vulnerabilityAssessments@2020-11-01-preview' = {
name: '${sqlServerName}/default'
parent: sqlserver
name: 'default'
dependsOn: [
sqlserver
roleAssignSQLToSALogging
]
properties: {
Expand Down
4 changes: 2 additions & 2 deletions azresources/data/sqlmi/sqlmi-with-cmk.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -98,9 +98,9 @@ resource sqlmi 'Microsoft.Sql/managedInstances@2020-11-01-preview' = {
}

resource sqlmi_va 'Microsoft.Sql/managedInstances/vulnerabilityAssessments@2020-11-01-preview' = {
name: '${name}/default'
parent: sqlmi
name: 'default'
dependsOn: [
sqlmi
roleAssignSQLMIToSALogging
]
properties: {
Expand Down
4 changes: 2 additions & 2 deletions azresources/data/sqlmi/sqlmi-without-cmk.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -77,9 +77,9 @@ resource sqlmi 'Microsoft.Sql/managedInstances@2020-11-01-preview' = {
}

resource sqlmi_va 'Microsoft.Sql/managedInstances/vulnerabilityAssessments@2020-11-01-preview' = {
name: '${name}/default'
parent: sqlmi
name: 'default'
dependsOn: [
sqlmi
roleAssignSQLMIToSALogging
]
properties: {
Expand Down
6 changes: 4 additions & 2 deletions policy/custom/assignments/AKS.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,10 @@ var policyId = 'custom-aks'
var assignmentName = 'Custom - Azure Kubernetes Service'

var scope = tenantResourceId('Microsoft.Management/managementGroups', policyAssignmentManagementGroupId)
var policyScopedId = managementGroupResourceId(policyDefinitionManagementGroupId, 'Microsoft.Authorization/policySetDefinitions/',policyId)
//var policyScopedId = '/providers/Microsoft.Management/managementGroups/${policyDefinitionManagementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/${policyId}'
var policyDefinitionScope = tenantResourceId('Microsoft.Management/managementGroups', policyDefinitionManagementGroupId)
var policyScopedId = extensionResourceId(policyDefinitionScope, 'Microsoft.Authorization/policySetDefinitions', policyId)



// Telemetry - Azure customer usage attribution
// Reference: https://learn.microsoft.com/azure/marketplace/azure-partner-customer-usage-attribution
Expand Down
4 changes: 2 additions & 2 deletions policy/custom/assignments/DDoS.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -32,9 +32,9 @@ var policyId = 'Network-Deploy-DDoS-Standard'
var assignmentName = 'Custom - Enable DDoS Standard on Virtual Networks'

var scope = tenantResourceId('Microsoft.Management/managementGroups', policyAssignmentManagementGroupId)
var policyScopedId = managementGroupResourceId(policyDefinitionManagementGroupId, 'Microsoft.Authorization/policySetDefinitions/',policyId)
var policyDefinitionScope = tenantResourceId('Microsoft.Management/managementGroups', policyDefinitionManagementGroupId)
var policyScopedId = extensionResourceId(policyDefinitionScope, 'Microsoft.Authorization/policySetDefinitions', policyId)

//var policyScopedId = '/providers/Microsoft.Management/managementGroups/${policyDefinitionManagementGroupId}/providers/Microsoft.Authorization/policyDefinitions/${policyId}'

// Telemetry - Azure customer usage attribution
// Reference: https://learn.microsoft.com/azure/marketplace/azure-partner-customer-usage-attribution
Expand Down
5 changes: 3 additions & 2 deletions policy/custom/assignments/DNSPrivateEndpoints.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,9 @@ var policyId = 'custom-central-dns-private-endpoints'
var assignmentName = 'Custom - Central DNS for Private Endpoints'

var scope = tenantResourceId('Microsoft.Management/managementGroups', policyAssignmentManagementGroupId)
var policyScopedId = managementGroupResourceId(policyDefinitionManagementGroupId, 'Microsoft.Authorization/policySetDefinitions/',policyId)
//var policyScopedId = '/providers/Microsoft.Management/managementGroups/${policyDefinitionManagementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/${policyId}'
var policyDefinitionScope = tenantResourceId('Microsoft.Management/managementGroups', policyDefinitionManagementGroupId)
var policyScopedId = extensionResourceId(policyDefinitionScope, 'Microsoft.Authorization/policySetDefinitions', policyId)


// Telemetry - Azure customer usage attribution
// Reference: https://learn.microsoft.com/azure/marketplace/azure-partner-customer-usage-attribution
Expand Down
4 changes: 2 additions & 2 deletions policy/custom/assignments/DefenderForCloud.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,8 @@ var policyId = 'custom-enable-azure-defender'
var assignmentName = 'Custom - Microsoft Defender for Cloud'

var scope = tenantResourceId('Microsoft.Management/managementGroups', policyAssignmentManagementGroupId)
var policyScopedId = managementGroupResourceId(policyDefinitionManagementGroupId, 'Microsoft.Authorization/policySetDefinitions/',policyId)
//var policyScopedId = '/providers/Microsoft.Management/managementGroups/${policyDefinitionManagementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/${policyId}'
var policyDefinitionScope = tenantResourceId('Microsoft.Management/managementGroups', policyDefinitionManagementGroupId)
var policyScopedId = extensionResourceId(policyDefinitionScope, 'Microsoft.Authorization/policySetDefinitions', policyId)

// Telemetry - Azure customer usage attribution
// Reference: https://learn.microsoft.com/azure/marketplace/azure-partner-customer-usage-attribution
Expand Down
5 changes: 3 additions & 2 deletions policy/custom/assignments/LogAnalytics.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,9 @@ var policyId = 'custom-enable-logging-to-loganalytics'
var assignmentName = 'Custom - Log Analytics for Azure Services'

var scope = tenantResourceId('Microsoft.Management/managementGroups', policyAssignmentManagementGroupId)
var policyScopedId = managementGroupResourceId(policyDefinitionManagementGroupId, 'Microsoft.Authorization/policySetDefinitions/',policyId)
//var policyScopedId = '/providers/Microsoft.Management/managementGroups/${policyDefinitionManagementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/${policyId}'
var policyDefinitionScope = tenantResourceId('Microsoft.Management/managementGroups', policyDefinitionManagementGroupId)
var policyScopedId = extensionResourceId(policyDefinitionScope, 'Microsoft.Authorization/policySetDefinitions', policyId)


// Telemetry - Azure customer usage attribution
// Reference: https://learn.microsoft.com/azure/marketplace/azure-partner-customer-usage-attribution
Expand Down
5 changes: 3 additions & 2 deletions policy/custom/assignments/Network.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,9 @@ var policyId = 'custom-network'
var assignmentName = 'Custom - Network'

var scope = tenantResourceId('Microsoft.Management/managementGroups', policyAssignmentManagementGroupId)
var policyScopedId = managementGroupResourceId(policyDefinitionManagementGroupId, 'Microsoft.Authorization/policySetDefinitions/',policyId)
//var policyScopedId = '/providers/Microsoft.Management/managementGroups/${policyDefinitionManagementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/${policyId}'
var policyDefinitionScope = tenantResourceId('Microsoft.Management/managementGroups', policyDefinitionManagementGroupId)
var policyScopedId = extensionResourceId(policyDefinitionScope, 'Microsoft.Authorization/policySetDefinitions', policyId)


// Telemetry - Azure customer usage attribution
// Reference: https://learn.microsoft.com/azure/marketplace/azure-partner-customer-usage-attribution
Expand Down
10 changes: 6 additions & 4 deletions policy/custom/assignments/Tags.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,8 @@ param policyAssignmentManagementGroupId string
param enforcementMode string = 'Default'

var scope = tenantResourceId('Microsoft.Management/managementGroups', policyAssignmentManagementGroupId)
var policyDefinitionScope = tenantResourceId('Microsoft.Management/managementGroups', policyDefinitionManagementGroupId)


// Telemetry - Azure customer usage attribution
// Reference: https://learn.microsoft.com/azure/marketplace/azure-partner-customer-usage-attribution
Expand All @@ -42,7 +44,7 @@ resource rgInheritedPolicySetFromSubscriptionToResourceGroupAssignment 'Microsof
name: 'tags-torg-${uniqueString('tags-torg-', policyAssignmentManagementGroupId)}'
properties: {
displayName: rgInheritedAssignmentFromSubscriptionToResourceGroupName
policyDefinitionId: '/providers/Microsoft.Management/managementGroups/${policyDefinitionManagementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/${rgInheritedPolicyFromSubscriptionToResourceGroupId}'
policyDefinitionId: extensionResourceId(policyDefinitionScope, 'Microsoft.Authorization/policySetDefinitions', rgInheritedPolicyFromSubscriptionToResourceGroupId)
scope: scope
notScopes: []
parameters: {}
Expand Down Expand Up @@ -72,7 +74,7 @@ resource rgInheritedPolicySetAssignment 'Microsoft.Authorization/policyAssignmen
name: 'tags-rg-${uniqueString('tags-from-rg-', policyAssignmentManagementGroupId)}'
properties: {
displayName: rgInheritedAssignmentName
policyDefinitionId: '/providers/Microsoft.Management/managementGroups/${policyDefinitionManagementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/${rgInheritedPolicyId}'
policyDefinitionId: extensionResourceId(policyDefinitionScope, 'Microsoft.Authorization/policySetDefinitions', rgInheritedPolicyId)
scope: scope
notScopes: []
parameters: {}
Expand Down Expand Up @@ -102,7 +104,7 @@ resource rgRequiredPolicySetAssignment 'Microsoft.Authorization/policyAssignment
name: 'tags-rg-${uniqueString('tags-required-', policyAssignmentManagementGroupId)}'
properties: {
displayName: rgRequiredAssignmentName
policyDefinitionId: '/providers/Microsoft.Management/managementGroups/${policyDefinitionManagementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/${rgRequiredPolicyId}'
policyDefinitionId: extensionResourceId(policyDefinitionScope, 'Microsoft.Authorization/policySetDefinitions', rgRequiredPolicyId)
scope: scope
notScopes: []
parameters: {}
Expand All @@ -122,7 +124,7 @@ resource resourcesAuditPolicySetAssignment 'Microsoft.Authorization/policyAssign
name: 'tags-r-${uniqueString('tags-missing-', policyAssignmentManagementGroupId)}'
properties: {
displayName: resourcesAssignmentName
policyDefinitionId: '/providers/Microsoft.Management/managementGroups/${policyDefinitionManagementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/${resourcesPolicyId}'
policyDefinitionId: extensionResourceId(policyDefinitionScope, 'Microsoft.Authorization/policySetDefinitions', resourcesPolicyId)
scope: scope
notScopes: []
parameters: {}
Expand Down

0 comments on commit 1610a28

Please sign in to comment.