Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Squashed commit of the following: (#24)
commit c714e65 Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Fri Oct 14 15:48:33 2022 -0400 Update CODEOWNERS (Azure#344) Adding Barry Willis and Kevin Evans to the CODEOWNERS file for the entire repo commit b8a9bc9 Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Thu Sep 1 15:31:28 2022 -0400 Version August 2022 schema changes (Azure#342) commit 5851a09 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Aug 17 18:50:15 2022 -0400 Revised Event Hub Diagnostic Settings policy (Azure#339) commit e5fe399 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Aug 17 18:37:43 2022 -0400 Update diagnostic settings profile name (Azure#337) commit db52627 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Aug 17 18:17:12 2022 -0400 Suppress false positive linter warning: secure-secrets-in-params (Azure#335) commit 2a6042d Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Aug 17 17:59:13 2022 -0400 Network security group support for private endpoints subnet (Azure#333) commit e069a4b Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Aug 17 17:28:39 2022 -0400 Support data collection rule (Azure#331) commit c2afa0d Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Mon Aug 8 15:42:22 2022 -0400 Support azkms.core.windows.net and IPs in firewall allow list (Azure#329) commit a7f521d Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Tue Jul 19 23:31:56 2022 -0400 Add missing log categories in diagnostic settings for Azure Firewall (Azure#324) commit 60198bc Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Tue Jul 19 23:11:10 2022 -0400 Resolve linter warning: prefer-unquoted-property-names (Azure#322) commit a4e53ff Author: Sabyasachi Dasgupta <sabyadg.softbio@gmail.com> Date: Mon Jul 18 16:44:01 2022 -0400 Update machinelearning.md (Azure#327) commit 8fc587a Author: Ifyagolu <55541295+Ifyagolu@users.noreply.github.com> Date: Fri Jun 24 17:05:28 2022 -0400 Fix typo in onboarding guidance (Azure#320) commit e9a0962 Author: Islam Gomaa <igomaa@users.noreply.github.com> Date: Fri May 27 16:13:52 2022 -0400 Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (Azure#313) commit 2b11801 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Thu May 19 10:38:55 2022 -0400 Add service health notification info (Azure#310) commit bce747c Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed May 18 09:29:03 2022 -0400 Update resource group names for Logging & Networking (Azure#309) Remove `-rg` suffix commit 6765c48 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Tue May 17 15:14:33 2022 -0400 Serial defender plan deployments & revised resource/resource group names (Azure#307) commit 62adb00 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Mon May 16 13:53:37 2022 -0400 Log Analytics solutions for SQL servers on machines (Azure#303) commit c1a3b99 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Mon May 16 09:26:47 2022 -0400 Flexible policy deployment using PowerShell & GitHub Actions (Azure#300) commit 0ce5c1a Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Sun May 15 12:19:01 2022 -0400 Disable fail fast for matrix deployments (Azure#297) commit c078a79 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Sun May 15 11:19:43 2022 -0400 Concurrent role deployment with PowerShell & GitHub Actions (Azure#299) commit 31a214a Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Sun May 15 10:39:08 2022 -0400 Disable metrics in diagnostic settings for AKS through Policy (Azure#295) commit 6a90a2f Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed May 11 10:56:26 2022 -0400 Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (Azure#289) commit c413307 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Tue May 10 16:46:06 2022 -0400 Ensure multiple subscriptions can be moved to a management in parallel (Azure#288) Ensure deployment name for moving subscription is unique commit 93d2f13 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Tue May 10 14:53:18 2022 -0400 Support jobs in GitHub Actions (Azure#286) commit 31e8d0a Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Tue May 10 12:30:36 2022 -0400 Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (Azure#285) commit 229b144 Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Mon May 9 20:41:06 2022 -0400 Fix DeploySubscriptionIds parameter type casting (Azure#282) commit 799ad52 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Mon May 9 20:10:33 2022 -0400 Pass-thru secure strings as-is until ready for use (Azure#281) commit a9c9419 Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Mon May 9 17:11:12 2022 -0400 Add environment configuration override and protect sensitive parameters (Azure#280) commit ce6c27f Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Mon May 9 11:23:57 2022 -0400 Support schema validation (Azure#277) commit 1d8dbd7 Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Mon May 9 08:07:26 2022 -0400 GitHub workflow implementation (Azure#276) Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector commit 08d8f92 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Mon May 2 16:03:02 2022 -0400 Deployment flow diagram (Azure#274) commit db098e1 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Fri Apr 29 22:37:58 2022 -0400 Powershell deployment script for archetypes (Azure#273) Support for deploying subscriptions commit 15c2847 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Fri Apr 29 16:29:22 2022 -0400 PowerShell deployment scripts (Azure#271) commit 3522571 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Apr 27 18:10:23 2022 -0400 Snapshot ARM parameters JSON schemas (Azure#268) commit 60f3b59 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Apr 27 17:29:58 2022 -0400 Organize deployment parameters for Hub Networking with NVA (Azure#266) commit 926521a Author: ghostme <phebsix@gmail.com> Date: Wed Apr 27 15:20:08 2022 -0400 Updated documentation (Azure#267) commit d68824a Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Mon Apr 25 14:32:25 2022 -0400 Organize deployment parameters for Hub Networking with Azure Firewall (Azure#265) commit 2bc196a Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Mon Apr 25 14:03:31 2022 -0400 Support for optional subnets in Machine Learning & Healthcare archetypes (Azure#264) commit b33cd36 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Thu Apr 21 09:32:43 2022 -0400 Update common.yml example (Azure#262) commit 3008353 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Apr 20 12:44:45 2022 -0400 Removed extra configuration files (Azure#260) commit 1ee5b9e Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Apr 20 11:56:14 2022 -0400 Revise subnet configuration for Healthcare archetype (Azure#256) commit 72fe50d Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Apr 20 11:43:09 2022 -0400 Revise subnet configuration for Machine Learning archetype (Azure#254) commit 7083377 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Apr 20 11:38:07 2022 -0400 Revise subnet configuration for Generic Subscription archetype (Azure#252) commit 3d9c60d Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Apr 20 11:30:10 2022 -0400 Migrate Networking configuration to JSON parameters file (Azure#250) commit 38fc344 Author: Mohamed Sharaf <Mohamed.Sharaf@live.ca> Date: Wed Apr 20 10:29:52 2022 -0400 Azure Active Directory support for Synapse (Azure#259) commit 89613db Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Tue Apr 12 21:31:06 2022 -0400 Include new Databricks' log categories for diagnostic settings (Azure#248) Add new databricks' log categories for diagnostic settings commit 700eb96 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Tue Apr 12 17:33:12 2022 -0400 Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (Azure#246) Update Private DNS Zone policy to support multiple dnsZoneConfigs commit 1c37279 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Mon Apr 11 11:24:00 2022 -0400 Support logging infrastructure for multiple regions in same subscription (Azure#244) Ensure subscription scoped deployments are unique per region commit 0e258f9 Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Sat Apr 9 13:50:50 2022 -0400 Update azure-devops-pipelines.md (Azure#242) commit bfe1f58 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Fri Apr 8 11:31:52 2022 -0400 Migrate Logging configuration to JSON parameters file (Azure#236) commit cc5f017 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Fri Apr 8 10:26:12 2022 -0400 PBMM & HITRUST/HIPAA policy update (Azure#238) commit 3259994 Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Tue Apr 5 14:41:17 2022 -0400 Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script Azure#233 (Azure#234) commit cb96311 Author: ccmsft <98336965+ccmsft@users.noreply.github.com> Date: Mon Apr 4 09:39:17 2022 -0400 Updating recommendations to reflect licensing reqs (Azure#229) commit 3ce2cf8 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Fri Apr 1 22:49:44 2022 -0400 Use built-in policy for Cosmos DB for Defender Plan (Azure#232) * Use built-in policy for Cosmos DB for Defender Plan * Add branch config * Remove branch config commit d2f959a Author: ghostme <phebsix@gmail.com> Date: Fri Apr 1 10:05:21 2022 -0400 Update networking documentation for generic subscription archetype (Azure#230) commit 575440e Author: ccmsft <98336965+ccmsft@users.noreply.github.com> Date: Wed Mar 30 23:36:35 2022 -0400 Initial GC 30-day cloud guardrails compliance/guidance (Azure#226) Initial GC 30-day cloud guardrails doc commit 6b36096 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Mar 30 22:40:17 2022 -0400 Externalize Log Analytics Workspace parameters when loading pipeline variables (Azure#220) Externalize the log analytics parameters to load arbitary LAW variables commit 0210df4 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Mar 30 21:51:30 2022 -0400 Flexible policy assignment parameters JSON files (Azure#222) commit f25f957 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Mar 30 20:57:07 2022 -0400 Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (Azure#228) * Change Cosmos DB namespace to Microsoft.DocumentDB * Add branch config * Remove branch config commit 453a0f8 Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Wed Mar 30 19:00:07 2022 -0400 Improve `delete-management-groups.bat` script (Azure#224) commit 2e5a56b Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Thu Mar 24 09:02:36 2022 -0400 Fix formatting (Azure#218) commit bf5e94b Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Mar 23 23:01:02 2022 -0400 Add instructions for customizing policy set assignments (Azure#215) commit 0538d4d Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Mar 23 22:57:00 2022 -0400 Document delete lock usage (Azure#216) Document when and where delete locks are used commit 789b18a Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Mar 23 22:49:24 2022 -0400 Update OZ subnet name to App Management Zone (Azure#217) commit 97c2904 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Fri Mar 11 21:59:40 2022 -0500 Backward compatibility when setting pipeline variables from management group hierarchy (Azure#213) commit 30b9cc2 Author: Adil Ha <sunshero@msn.com> Date: Fri Mar 11 11:26:31 2022 -0500 fixing doc typo in hubnetwork-azfw (Azure#211) Co-authored-by: Adil Ha <adil.hanifi@osfi-bsif.gc.ca> commit 27363b7 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Sat Mar 5 13:04:13 2022 -0500 Support Defender Plan for Cosmos DB (Azure#200) Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB commit 81eccd1 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Sat Mar 5 12:48:45 2022 -0500 Delete Lock for Log Analytics Workspace resource group (Azure#205) Add delete lock for LAW RG commit 678355f Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Sat Mar 5 11:03:46 2022 -0500 Fix pipeline scripts reference to `subscription-ci` (Azure#207) commit 5753cf0 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Thu Mar 3 14:44:31 2022 -0500 Ensure values from multiline variables are properly logged (Azure#202) Print multi-line environment variables (typically JSON objects) in Show Variables step commit d6b1c08 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Thu Mar 3 14:09:47 2022 -0500 Revise subscription deployment instructions (Azure#201) * Redirect subscriptoin configuration guidance to archetype authoring guide doc * Revise instructions for creating ARM parameter files & management group id selection commit 5e7322e Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Mar 2 08:22:35 2022 -0500 Instructions for backfilling management group hierarchy (Azure#197) * Add instructions for backfilling management group hierarchy * Update section titles, links and reference backfill instruction as part of MG setup * Instructions for installing AzCLI and jq * Clearfy that Tenant Root Group could have been renamed in the organization * Windows Shell example * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used * Note on YAML indentation commit 5d33909 Author: Preston K. Parsard <autocloudarc@users.noreply.github.com> Date: Tue Mar 1 10:46:04 2022 -0500 subscription(generic): add instructions for configuring parameters (Azure#193) commit 17846c4 Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Sun Feb 27 20:30:20 2022 -0500 Show Variables fix (Azure#191) commit c62dcfc Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Sun Feb 27 16:50:20 2022 -0500 Configurable management group hierarchy (Azure#186) Implement configurable management group hierarchy commit 9a141f7 Author: Preston K. Parsard <autocloudarc@users.noreply.github.com> Date: Sat Feb 26 19:45:35 2022 -0500 Update onboarding document Co-authored-by: Preston K. Parsard <autocloudarc@noreply.github.com> commit 6b6ef29 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Sat Feb 26 18:22:48 2022 -0500 Snapshot JSON schemas to v0.4.0 (Azure#182) commit 4dd1f4a Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Feb 23 15:39:43 2022 -0500 Update onboarding doc for logging & networking management group settings (Azure#177) * Fix markdown linter warnings * Add instruction for logging and networking MGs commit 5d7eec3 Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Wed Feb 23 12:51:20 2022 -0500 Update `create-pipelines.bat` onboarding script to auto-provision environment (Azure#178) commit 488fc6e Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Tue Feb 22 09:05:20 2022 -0500 Instructions for Azure DevOps Environments (Azure#175) * Instructions for creating ADO pipeline environments * Fix formatting commit edabd87 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Thu Feb 17 23:29:42 2022 -0500 Support for Tag inheritance from Subscription to Resource Group (Azure#161) * Add policy and policy set to inherit tags from subscription to resource group * Add branch config for testing * Remove policy type as it's not built in * Updated resource type for resource group * Update policy assignment * Ensure assignment name is <= 24 chars * Revert resource group type * Setting mode to all * Update documentation * Add branch config * Add explicit dependsOn for subscription scaffolding to complete * Update test deployment parameters * Remove explicit dependsOn for subscription scaffolding to complete * Update doc to describe approaches for adding tags to RGs * Reduce the options for tagging resources given subscripton to RG tagging is available * Add example scenarios for tag inheritence * Fix typo * Remove branch configs * Resolve linter error: no-loc-expr-outside-params commit e71ed26 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Wed Feb 16 20:09:19 2022 -0500 Linter: no-loc-expr-outside-params - ensure compliance (Azure#169) * Update linter rules for location parameter * Add location parameter with default value based on resourceGroup() or deployment() * Update archetype schema and docs for location * Add branch config for testing * Update AKS version * Update branch config * Remove branch configs commit 6061fa0 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Thu Feb 10 16:49:42 2022 -0500 Repository clean up (Azure#165) * Remove obsolete directory * Rotate resource group names for E2E deployments * Fix typo * Add branch config for testing * Fix typo * Remove branch configs * Remove timestamp from sample JSON templates. Timestamps are kept for E2E testing. * Remove date stamp commit 5104f39 Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Thu Feb 10 09:08:17 2022 -0500 Update DevOps Onboarding section of main readme (Azure#162) commit 209f61c Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Thu Feb 10 09:06:31 2022 -0500 Update Deployment Script's Azure CLI version to 2.32.0 (Azure#164) Update Azure CLI version to 2.32.0 commit d7d5257 Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Mon Feb 7 13:51:17 2022 -0500 Issue Azure#157 - Update scripts documentation (Azure#158) Update scripts documentation (Issue Azure#157) Update docs/onboarding/azure-devops-scripts.md Co-authored-by: Senthuran Sivananthan <senthuran.sivananthan@microsoft.com> commit b628c68 Author: Senthuran Sivananthan <sesivan@microsoft.com> Date: Fri Feb 4 12:42:31 2022 -0500 Enhance PBMM policy assignment to disable diagnostic settings metrics (Azure#156) Ensure diagnostic settings policy only checks for logs commit 61afd59 Author: Senthuran Sivananthan <senthuran.sivananthan@microsoft.com> Date: Mon Jan 31 12:52:09 2022 -0500 Snapshot landing zone schema to v0.3.0 (Azure#152) commit 09f09ed Author: Steve Keeler <skeeler@users.noreply.github.com> Date: Mon Jan 31 09:20:20 2022 -0500 Automation scripts for Azure DevOps onboarding (Azure#151) Implement Azure#150, scripts and documentation commit 82dd826 Author: SlavaRoikhman <52217047+SlavaRoikhman@users.noreply.github.com> Date: Thu Jan 27 13:32:41 2022 -0500 Removed 'privatelink.monitor.azure.com' from Private DNS Zones (Azure#149) commit 73ce2eb Author: Senthuran Sivananthan <senthuran.sivananthan@microsoft.com> Date: Fri Jan 21 23:23:45 2022 -0500 Flexible policy assignment scope (Azure#147) * Add deployment scope for policy assignment * Add branch test config * Set new parameter for policy assignment scope: var-policyAssignmentManagementGroupId * Update pipeline for new var * Add separate scope for testing * Update pipeline parameter name * Ensure new temp file is created to populate the parameters. * Remove test job * Remove branch config * Update readme * Update authoring guide with new parameter commit c71051b Author: hudua <40040433+hudua@users.noreply.github.com> Date: Fri Jan 21 14:21:08 2022 -0500 Private Endpoint for App Service (Azure#144) commit fff245d Author: Senthuran Sivananthan <senthuran.sivananthan@microsoft.com> Date: Fri Jan 21 10:51:43 2022 -0500 Diagnostic Settings Policies for PaaS services (Azure#143) * Add diagnostic settings policies for data services * Add branch config for testing * Add missing types for auditing * Add diagnostic setting policies for compute services * Add diagnostic setting policies for integration services * Add diagnostic setting policies for network services * Remove policy for ACI since it doesn't have logs to collect * Remove extra resource type * Set region to 'global' for edge services * Remove branch config. used for testing * Updated App Service log categories * Add branch config * Remove branch config Co-authored-by: Wanpeng Yang <wanpeng-cds@users.noreply.github.com>
- Loading branch information