Skip to content

Commit

Permalink
Organize deployment parameters for Hub Networking with NVA (Azure#266)
Browse files Browse the repository at this point in the history
  • Loading branch information
SenthuranSivananthan authored Apr 27, 2022
1 parent 926521a commit 60f3b59
Show file tree
Hide file tree
Showing 24 changed files with 4,222 additions and 3,431 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -99,16 +99,16 @@ steps:
workingDirectory: '${{ parameters.workingDir }}/lz-platform-connectivity-hub-nva'

- task: AzureCLI@2
displayName: Azure Policy - Enable Private DNS Zone Policies (if deployPrivateDnsZones=true in config)
displayName: Azure Policy - Enable Private DNS Zone Policies (if privateDnsZones.enabled=true in config)
inputs:
azureSubscription: $(serviceConnection)
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
$(var-bashPreInjectScript)
DEPLOY_PRIVATE_DNS_ZONES=`jq -r .parameters.deployPrivateDnsZones.value ${{ parameters.networkingConfigurationPath }}`
PRIVATE_DNS_ZONES_RESOURCE_GROUP=`jq -r .parameters.rgPrivateDnsZonesName.value ${{ parameters.networkingConfigurationPath }}`
DEPLOY_PRIVATE_DNS_ZONES=`jq -r .parameters.privateDnsZones.value.enabled ${{ parameters.networkingConfigurationPath }}`
PRIVATE_DNS_ZONES_RESOURCE_GROUP=`jq -r .parameters.privateDnsZones.value.resourceGroupName ${{ parameters.networkingConfigurationPath }}`
case $DEPLOY_PRIVATE_DNS_ZONES in
(true)
Expand Down Expand Up @@ -136,22 +136,22 @@ steps:
workingDirectory: '$(System.DefaultWorkingDirectory)/policy/custom/assignments'

- task: AzureCLI@2
displayName: Azure Policy - Enable DDoS Standard (if deployDdosStandard=true in config)
displayName: Azure Policy - Enable DDoS Standard (if ddosStandard.enabled=true in config)
inputs:
azureSubscription: $(serviceConnection)
scriptType: 'bash'
scriptLocation: 'inlineScript'
inlineScript: |
$(var-bashPreInjectScript)
DEPLOY_DDOS_STANDARD=`jq -r .parameters.deployDdosStandard.value ${{ parameters.networkingConfigurationPath }}`
DEPLOY_DDOS_STANDARD=`jq -r .parameters.ddosStandard.value.enabled ${{ parameters.networkingConfigurationPath }}`
case $DEPLOY_DDOS_STANDARD in
(true)
echo "DDoS Standard is enabled, creating Azure Policy assignment to protect for all Virtual Networks in '$(var-topLevelManagementGroupName)' management group."
DDOS_STANDARD_RESOURCE_GROUP_NAME=`jq -r .parameters.rgDdosName.value ${{ parameters.networkingConfigurationPath }}`
DDOS_STANDARD_PLAN_NAME=`jq -r .parameters.ddosPlanName.value ${{ parameters.networkingConfigurationPath }}`
DDOS_STANDARD_RESOURCE_GROUP_NAME=`jq -r .parameters.ddosStandard.value.resourceGroupName ${{ parameters.networkingConfigurationPath }}`
DDOS_STANDARD_PLAN_NAME=`jq -r .parameters.ddosStandard.value.planName ${{ parameters.networkingConfigurationPath }}`
# Identify the Resource Id for DDOS Standard Plan
DDOS_PLAN_ID=`az network ddos-protection show -g $DDOS_STANDARD_RESOURCE_GROUP_NAME -n $DDOS_STANDARD_PLAN_NAME --subscription ${{ parameters.networkingSubscriptionId }} --query id -o tsv`
Expand Down
Loading

0 comments on commit 60f3b59

Please sign in to comment.