diff --git a/.azure-devops/nightlybuild/mlz-bicep-azurecloud-pipelines.yml b/.azure-devops/nightlybuild/mlz-bicep-azurecloud-pipelines.yml index ec28bdbf5..7c7872e5e 100644 --- a/.azure-devops/nightlybuild/mlz-bicep-azurecloud-pipelines.yml +++ b/.azure-devops/nightlybuild/mlz-bicep-azurecloud-pipelines.yml @@ -2,6 +2,7 @@ # Licensed under the MIT License. schedules: + - cron: "0 4 * * *" displayName: "Nightly - mlz bicep azure cloud" branches: @@ -10,125 +11,24 @@ schedules: always: true pool: - vmImage: ubuntu-latest -variables: - ServiceConnectionName: $(CAzureConnection) + vmImage: ubuntu-latest jobs: -- job: bicepCommercialCloud - steps: - - task: AzureCLI@2 - displayName: "Deploy MLZ Bicep" - inputs: - azureSubscription: $(ServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - datetime=$(date +%s) # gets the current date time as an epoch - az deployment sub create \ - --name $(bDeploymentName) \ - --location $(Location) \ - --template-file $(TemplateFile) \ - --parameters resourcePrefix=$datetime - - - task: AzureCLI@2 - displayName: "Generate deploymentVariables.json for all addons and examples" - inputs: - azureSubscription: $(ServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - az deployment sub show \ - --name $(bDeploymentName) \ - --query properties.outputs \ - > $(Build.SourcesDirectory)/src/bicep/examples/deploymentVariables.json - - - task: AzureCLI@2 - displayName: "Extract Values and Hydrate Variables for T3 Deployment" - inputs: - azureSubscription: $(ServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - deploymentoutput=$(az deployment sub show \ - --name $(bDeploymentName) \ - --query '{ - hubSubId: properties.outputs.hub.value.subscriptionId, - hubRGroupName: properties.outputs.hub.value.resourceGroupName, - hubVNetworkName: properties.outputs.hub.value.virtualNetworkName, - hubVNetworkResourceId: properties.outputs.hub.value.virtualNetworkResourceId, - logAWspaceResourceId: properties.outputs.logAnalyticsWorkspaceResourceId.value, - firewallPrivateIP: properties.outputs.firewallPrivateIPAddress.value - }' \ - --output json) - - hubSubId=$(echo $deploymentoutput | jq '.hubSubId') \ - && echo "##vso[task.setvariable variable=hubSubscriptionId;]$hubSubId" - hubRGroupName=$(echo $deploymentoutput | jq '.hubRGroupName') \ - && echo "##vso[task.setvariable variable=hubResourceGroupName;]$hubRGroupName" - - hubVNetworkName=$(echo $deploymentoutput | jq '.hubVNetworkName') \ - && echo "##vso[task.setvariable variable=hubVirtualNetworkName;]$hubVNetworkName" - - hubVNetworkResourceId=$(echo $deploymentoutput | jq '.hubVNetworkResourceId') \ - && echo "##vso[task.setvariable variable=hubVirtualNetworkResourceId;]$hubVNetworkResourceId" - - logAWspaceResourceId=$(echo $deploymentoutput | jq '.logAWspaceResourceId') \ - && echo "##vso[task.setvariable variable=logAnalyticsWorkspaceResourceId;]$logAWspaceResourceId" - - firewallPrivateIP=$(echo $deploymentoutput | jq '.firewallPrivateIP') \ - && echo "##vso[task.setvariable variable=firewallPrivateIPAddress;]$firewallPrivateIP" - - - task: AzureCLI@2 - displayName: "T3 Bicep Deployment" - inputs: - azureSubscription: $(ServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - az deployment sub create \ - --subscription $(workloadSubId) \ - --location $(Location) \ - --name $(workloadName) \ - --template-file $(T3TemplateFile) \ - --parameters \ - workloadName=$(workloadName) \ - hubSubscriptionId=$(hubSubscriptionId) \ - hubResourceGroupName=$(hubResourceGroupName) \ - hubVirtualNetworkName=$(hubVirtualNetworkName) \ - hubVirtualNetworkResourceId=$(hubVirtualNetworkResourceId) \ - logAnalyticsWorkspaceResourceId=$(logAnalyticsWorkspaceResourceId) \ - firewallPrivateIPAddress=$(firewallPrivateIPAddress) +- job: bicepCommercialCloud + displayName: "Nightly deployment of Mission LZ Bicep on AzureCloud" - - task: AzureCLI@2 - displayName: "Clean up Subscription Diagnostics Settings" - condition: always() - inputs: - azureSubscription: $(ServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - az monitor diagnostic-settings subscription list \ - --query "value[].name" \ - --output tsv \ - | xargs -t -I % az monitor diagnostic-settings subscription delete \ - --yes \ - --name % + steps: - - task: AzureCLI@2 - displayName: "Clean up Resources" - condition: always() - inputs: - azureSubscription: $(ServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - az group list \ - --query "[].name" \ - --output tsv \ - | xargs -t -I % az group delete \ - --yes \ - --no-wait \ - --name % + - template: templates/az-deployment.yml + parameters: + ServiceConnectionName: $(CAzureConnection) + DeploymentName: $(bDeploymentName) + Location: $(CLocation) + WorkloadSubId: $(CSubId) + WorkloadName: $(workloadName) + + - template: templates/clean-az-subscription.yml + parameters: + serviceConnectionName: $(CAzureConnection) diff --git a/.azure-devops/nightlybuild/mlz-bicep-azuregov-pipelines.yml b/.azure-devops/nightlybuild/mlz-bicep-azuregov-pipelines.yml index f658df6e2..07ec6da99 100644 --- a/.azure-devops/nightlybuild/mlz-bicep-azuregov-pipelines.yml +++ b/.azure-devops/nightlybuild/mlz-bicep-azuregov-pipelines.yml @@ -2,6 +2,7 @@ # Licensed under the MIT License. schedules: + - cron: "0 4 * * *" displayName: "Nightly - mlz bicep azure US Gov Cloud" branches: @@ -10,124 +11,24 @@ schedules: always: true pool: - vmImage: ubuntu-latest -variables: - GServiceConnectionName: $(GAzureConnection) + vmImage: ubuntu-latest jobs: -- job: bicepGovCloud - steps: - - task: AzureCLI@2 - displayName: "Deploy MLZ Bicep" - inputs: - azureSubscription: $(GServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - datetime=$(date +%s) # gets the current date time as an epoch - az deployment sub create \ - --name $(bDeploymentName) \ - --location $(GLocation) \ - --template-file $(TemplateFile) \ - --parameters resourcePrefix=$datetime - - - task: AzureCLI@2 - displayName: "Generate deploymentVariables.json for all addons and examples" - inputs: - azureSubscription: $(GServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - az deployment sub show \ - --name $(bDeploymentName) \ - --query properties.outputs \ - > $(Build.SourcesDirectory)/src/bicep/examples/deploymentVariables.json - - - task: AzureCLI@2 - displayName: "Extract Values and Hydrate Variables for T3 Deployment" - inputs: - azureSubscription: $(GServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - deploymentoutput=$(az deployment sub show \ - --name $(bDeploymentName) \ - --query '{ - hubSubId:properties.outputs.hub.value.subscriptionId, - hubRGroupName:properties.outputs.hub.value.resourceGroupName, - hubVNetworkName:properties.outputs.hub.value.virtualNetworkName, - hubVNetworkResourceId:properties.outputs.hub.value.virtualNetworkResourceId, - logAWspaceResourceId:properties.outputs.logAnalyticsWorkspaceResourceId.value, - firewallPrivateIP:properties.outputs.firewallPrivateIPAddress.value }' \ - --output json) - hubSubId=$(echo $deploymentoutput | jq '.hubSubId') \ - && echo "##vso[task.setvariable variable=hubSubscriptionId;]$hubSubId" - - hubRGroupName=$(echo $deploymentoutput | jq '.hubRGroupName') \ - && echo "##vso[task.setvariable variable=hubResourceGroupName;]$hubRGroupName" - - hubVNetworkName=$(echo $deploymentoutput | jq '.hubVNetworkName') \ - && echo "##vso[task.setvariable variable=hubVirtualNetworkName;]$hubVNetworkName" - - hubVNetworkResourceId=$(echo $deploymentoutput | jq '.hubVNetworkResourceId') \ - && echo "##vso[task.setvariable variable=hubVirtualNetworkResourceId;]$hubVNetworkResourceId" - - logAWspaceResourceId=$(echo $deploymentoutput | jq '.logAWspaceResourceId') \ - && echo "##vso[task.setvariable variable=logAnalyticsWorkspaceResourceId;]$logAWspaceResourceId" - - firewallPrivateIP=$(echo $deploymentoutput | jq '.firewallPrivateIP') \ - && echo "##vso[task.setvariable variable=firewallPrivateIPAddress;]$firewallPrivateIP" +- job: bicepGovCloud + displayName: "Nightly deployment of Mission LZ Bicep on AzureUsGovernment" - - task: AzureCLI@2 - displayName: "T3 Bicep Deployment" - inputs: - azureSubscription: $(GServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - az deployment sub create \ - --subscription $(GSubId) \ - --location $(GLocation) \ - --name $(workloadName) \ - --template-file $(T3TemplateFile) \ - --parameters \ - workloadName=$(workloadName) \ - hubSubscriptionId=$(hubSubscriptionId) \ - hubResourceGroupName=$(hubResourceGroupName) \ - hubVirtualNetworkName=$(hubVirtualNetworkName) \ - hubVirtualNetworkResourceId=$(hubVirtualNetworkResourceId) \ - logAnalyticsWorkspaceResourceId=$(logAnalyticsWorkspaceResourceId) \ - firewallPrivateIPAddress=$(firewallPrivateIPAddress) - - - task: AzureCLI@2 - displayName: "Clean up Subscription Diagnostics Settings" - condition: always() - inputs: - azureSubscription: $(GServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - az monitor diagnostic-settings subscription list \ - --query "value[].name" \ - --output tsv \ - | xargs -t -I % az monitor diagnostic-settings subscription delete \ - --yes \ - --name % + steps: - - task: AzureCLI@2 - displayName: "Clean up Resources" - condition: always() - inputs: - azureSubscription: $(GServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - az group list \ - --query "[].name" \ - --output tsv \ - | xargs -t -I % az group delete \ - --yes \ - --no-wait \ - --name % + - template: templates/az-deployment.yml + parameters: + ServiceConnectionName: $(GAzureConnection) + DeploymentName: $(bDeploymentName) + Location: $(GLocation) + WorkloadSubId: $(GSubId) + WorkloadName: $(workloadName) + + - template: templates/clean-az-subscription.yml + parameters: + serviceConnectionName: $(GAzureConnection) diff --git a/.azure-devops/nightlybuild/mlz-tf-azurecloud-pipelines.yml b/.azure-devops/nightlybuild/mlz-tf-azurecloud-pipelines.yml index 906662efd..d87891a1c 100644 --- a/.azure-devops/nightlybuild/mlz-tf-azurecloud-pipelines.yml +++ b/.azure-devops/nightlybuild/mlz-tf-azurecloud-pipelines.yml @@ -2,6 +2,7 @@ # Licensed under the MIT License. schedules: + - cron: "0 2 * * *" displayName: "Nightly - mlz Terraform azure cloud" branches: @@ -10,122 +11,27 @@ schedules: always: true pool: - vmImage: ubuntu-latest -variables: - ServiceConnectionName: $(CAzureConnection) + vmImage: ubuntu-latest jobs: -- job: CommercialCloud_TF - steps: - - task: TerraformInstaller@0 - inputs: - terraformVersion: 'latest' - - task: AzureCLI@2 - displayName: "Apply MLZ Terraform" - inputs: - azureSubscription: $(CAzureConnection) - scriptType: 'bash' - scriptLocation: 'inlineScript' - addSpnToEnvironment: true - inlineScript: | - export ARM_CLIENT_ID=$(ClientId) - export ARM_CLIENT_SECRET=$(ClientSecret) - export ARM_SUBSCRIPTION_ID=$(subId) - export ARM_TENANT_ID=$(tenantId) - terraform init - terraform plan -var "hub_subid=$(subid)" -input=false - terraform apply -var "hub_subid=$(subid)" -auto-approve -input=false - workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/mlz' - useGlobalConfig: true - - - task: AzureCLI@2 - displayName: "Extract Values and Hydrate Variables for T3 Deployment" - inputs: - azureSubscription: $(CAzureConnection) - scriptType: 'bash' - scriptLocation: 'inlineScript' - addSpnToEnvironment: true - inlineScript: | - echo "##vso[task.setvariable variable=hubSubscriptionId;]$(terraform output -raw hub_subid)" - echo "##vso[task.setvariable variable=hubVirtualNetworkName;]$(terraform output -raw hub_vnetname)" - echo "##vso[task.setvariable variable=hubResourceGroupName;]$(terraform output -raw hub_rgname)" - echo "##vso[task.setvariable variable=firewallPrivateIPAddress;]$(terraform output -raw firewall_private_ip)" - echo "##vso[task.setvariable variable=lawsName;]$(terraform output -raw laws_name)" - echo "##vso[task.setvariable variable=lawsRgName;]$(terraform output -raw laws_rgname)" - echo "##vso[task.setvariable variable=tier1SubId;]$(terraform output -raw tier1_subid)" - echo "##vso[task.setvariable variable=tier3SubId;]$(terraform output -raw tier1_subid)" - workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/mlz' - useGlobalConfig: true - - - task: AzureCLI@2 - displayName: "Apply T3 Workload Terraform" - inputs: - azureSubscription: $(CAzureConnection) - scriptType: 'bash' - scriptLocation: 'inlineScript' - addSpnToEnvironment: true - inlineScript: | - export ARM_CLIENT_ID=$(ClientId) - export ARM_CLIENT_SECRET=$(ClientSecret) - export ARM_SUBSCRIPTION_ID=$(subId) - export ARM_TENANT_ID=$(tenantId) - terraform init - terraform apply -var "hub_subid=$(hubSubscriptionId)" \ - -var "hub_rgname=$(hubResourceGroupName)" \ - -var "firewall_private_ip=$(firewallPrivateIPAddress)" \ - -var "hub_vnetname=$(hubVirtualNetworkName)" \ - -var "laws_name=$(lawsName)" -var "laws_rgname=$(lawsRgName)" \ - -var "tier1_subid=$(tier1SubId)" \ - -var "tier3_subid=$(tier3SubId)" \ - -auto-approve \ - -input=false - workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/tier3' - useGlobalConfig: true +- job: CommercialCloud_TF + displayName: "Nightly deployment of Mission LZ Terraform on AzureCloud" - - task: AzureCLI@2 - displayName: "Destroy T3 Workload Terraform" - condition: always() - inputs: - azureSubscription: $(CAzureConnection) - scriptType: 'bash' - scriptLocation: 'inlineScript' - addSpnToEnvironment: true - inlineScript: | - export ARM_CLIENT_ID=$(ClientId) - export ARM_CLIENT_SECRET=$(ClientSecret) - export ARM_SUBSCRIPTION_ID=$(subId) - export ARM_TENANT_ID=$(tenantId) - terraform init - terraform destroy -var "hub_subid=$(hubSubscriptionId)" \ - -var "hub_rgname=$(hubResourceGroupName)" \ - -var "firewall_private_ip=$(firewallPrivateIPAddress)" \ - -var "hub_vnetname=$(hubVirtualNetworkName)" \ - -var "laws_name=$(lawsName)" \ - -var "laws_rgname=$(lawsRgName)" \ - -var "tier1_subid=$(tier1SubId)" \ - -var "tier3_subid=$(tier3SubId)" \ - -auto-approve \ - -input=false - workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/tier3' - useGlobalConfig: true + steps: - - task: AzureCLI@2 - displayName: "Destroy MLZ Terraform" - condition: always() - inputs: - azureSubscription: $(CAzureConnection) - scriptType: 'bash' - scriptLocation: 'inlineScript' - addSpnToEnvironment: true - inlineScript: | - export ARM_CLIENT_ID=$(ClientId) - export ARM_CLIENT_SECRET=$(ClientSecret) - export ARM_SUBSCRIPTION_ID=$(subId) - export ARM_TENANT_ID=$(tenantId) - terraform init - terraform destroy -var "hub_subid=$(subid)" -auto-approve -input=false - workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/mlz' - useGlobalConfig: true - \ No newline at end of file + - template: templates/terraform-apply.yml + parameters: + ServiceConnectionName: $(CAzureConnection) + ClientId: $(ClientId) + ClientSecret: $(ClientSecret) + SubscriptionId: $(CSubId) + TenantId: $(CTenantId) + Environment: $(CCloudEnv) + MetadataHost: $(CMetadataHost) + Location: $(CLocation) + + - template: templates/clean-az-subscription.yml + parameters: + serviceConnectionName: $(CAzureConnection) diff --git a/.azure-devops/nightlybuild/mlz-tf-azuregov-pipelines.yml b/.azure-devops/nightlybuild/mlz-tf-azuregov-pipelines.yml index fb9b1ce6b..1c64ef14f 100644 --- a/.azure-devops/nightlybuild/mlz-tf-azuregov-pipelines.yml +++ b/.azure-devops/nightlybuild/mlz-tf-azuregov-pipelines.yml @@ -12,145 +12,24 @@ schedules: pool: vmImage: ubuntu-latest -variables: - GServiceConnectionName: $(GAzureConnection) - jobs: -- job: GovCloud_TF - steps: - - task: TerraformInstaller@0 - inputs: - terraformVersion: 'latest' - - - task: AzureCLI@2 - displayName: "Apply MLZ Terraform" - inputs: - azureSubscription: $(GAzureConnection) - scriptType: 'bash' - addSpnToEnvironment: true - scriptLocation: 'inlineScript' - inlineScript: | - export ARM_CLIENT_ID=$(GClientId) - export ARM_CLIENT_SECRET=$(GClientSecret) - export ARM_SUBSCRIPTION_ID=$(GSubId) - export ARM_TENANT_ID=$(GTenantId) - export ARM_ENVIRONMENT=$(CloudEnv) - terraform init - terraform plan \ - -var "hub_subid=$(GSubid)" \ - -var metadata_host=$(MetadataHost) \ - -var environment=$(CloudEnv) \ - -var location=$(GLocation) \ - -input=false - terraform apply -var "hub_subid=$(GSubid)" \ - -var metadata_host=$(MetadataHost) \ - -var environment=$(CloudEnv) \ - -var location=$(GLocation) \ - -auto-approve \ - -input=false - workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/mlz' - useGlobalConfig: true - - task: AzureCLI@2 - displayName: "Extract Values and Hydrate Variables for T3 Deployment" - inputs: - azureSubscription: $(GAzureConnection) - scriptType: 'bash' - scriptLocation: 'inlineScript' - addSpnToEnvironment: true - inlineScript: | - echo "##vso[task.setvariable variable=hubSubscriptionId;]$(terraform output -raw hub_subid)" - echo "##vso[task.setvariable variable=hubVirtualNetworkName;]$(terraform output -raw hub_vnetname)" - echo "##vso[task.setvariable variable=hubResourceGroupName;]$(terraform output -raw hub_rgname)" - echo "##vso[task.setvariable variable=firewallPrivateIPAddress;]$(terraform output -raw firewall_private_ip)" - echo "##vso[task.setvariable variable=lawsName;]$(terraform output -raw laws_name)" - echo "##vso[task.setvariable variable=lawsRgName;]$(terraform output -raw laws_rgname)" - echo "##vso[task.setvariable variable=tier1SubId;]$(terraform output -raw tier1_subid)" - echo "##vso[task.setvariable variable=tier3SubId;]$(terraform output -raw tier1_subid)" - workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/mlz' - useGlobalConfig: true - - - task: AzureCLI@2 - displayName: "Apply T3 Workload Terraform" - inputs: - azureSubscription: $(GAzureConnection) - scriptType: 'bash' - scriptLocation: 'inlineScript' - addSpnToEnvironment: true - inlineScript: | - export ARM_CLIENT_ID=$(GClientId) - export ARM_CLIENT_SECRET=$(GClientSecret) - export ARM_SUBSCRIPTION_ID=$(GSubId) - export ARM_TENANT_ID=$(GTenantId) - export ARM_ENVIRONMENT=$(CloudEnv) - terraform init - terraform apply -var "hub_subid=$(hubSubscriptionId)" \ - -var metadata_host=$(MetadataHost) \ - -var environment=$(CloudEnv) \ - -var location=$(GLocation) \ - -var "hub_rgname=$(hubResourceGroupName)" \ - -var "firewall_private_ip=$(firewallPrivateIPAddress)" \ - -var "hub_vnetname=$(hubVirtualNetworkName)" \ - -var "laws_name=$(lawsName)" \ - -var "laws_rgname=$(lawsRgName)" \ - -var "tier1_subid=$(tier1SubId)" \ - -var "tier3_subid=$(tier3SubId)" \ - -auto-approve \ - -input=false - workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/tier3' - useGlobalConfig: true +- job: GovCloud_TF + displayName: "Nightly deployment of Mission LZ Terraform on AzureUsGovernment" - - task: AzureCLI@2 - displayName: "Destroy T3 Workload Terraform" - condition: always() - inputs: - azureSubscription: $(GAzureConnection) - scriptType: 'bash' - scriptLocation: 'inlineScript' - addSpnToEnvironment: true - inlineScript: | - export ARM_CLIENT_ID=$(GClientId) - export ARM_CLIENT_SECRET=$(GClientSecret) - export ARM_SUBSCRIPTION_ID=$(GSubId) - export ARM_TENANT_ID=$(GTenantId) - export ARM_ENVIRONMENT=$(CloudEnv) - terraform init - terraform destroy -var "hub_subid=$(hubSubscriptionId)" \ - -var metadata_host=$(MetadataHost) \ - -var environment=$(CloudEnv) \ - -var location=$(GLocation) \ - -var "hub_rgname=$(hubResourceGroupName)" \ - -var "firewall_private_ip=$(firewallPrivateIPAddress)" \ - -var "hub_vnetname=$(hubVirtualNetworkName)" \ - -var "laws_name=$(lawsName)" \ - -var "laws_rgname=$(lawsRgName)" \ - -var "tier1_subid=$(tier1SubId)" \ - -var "tier3_subid=$(tier3SubId)" \ - -auto-approve \ - -input=false - workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/tier3' - useGlobalConfig: true + steps: - - task: AzureCLI@2 - displayName: "Destroy MLZ Terraform" - condition: always() - inputs: - azureSubscription: $(GAzureConnection) - scriptType: 'bash' - addSpnToEnvironment: true - scriptLocation: 'inlineScript' - inlineScript: | - export ARM_CLIENT_ID=$(GClientId) - export ARM_CLIENT_SECRET=$(GClientSecret) - export ARM_SUBSCRIPTION_ID=$(GSubId) - export ARM_TENANT_ID=$(GTenantId) - export ARM_ENVIRONMENT=$(CloudEnv) - terraform init - terraform destroy -var "hub_subid=$(GSubid)" \ - -var metadata_host=$(MetadataHost) \ - -var environment=$(CloudEnv) \ - -var location=$(GLocation) \ - -auto-approve \ - -input=false - workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/mlz' - useGlobalConfig: true + - template: templates/terraform-apply.yml + parameters: + ServiceConnectionName: $(GAzureConnection) + ClientId: $(GClientId) + ClientSecret: $(GClientSecret) + SubscriptionId: $(GSubId) + TenantId: $(GTenantId) + Environment: $(GCloudEnv) + MetadataHost: $(GMetadataHost) + Location: $(GLocation) + + - template: templates/clean-az-subscription.yml + parameters: + serviceConnectionName: $(GAzureConnection) diff --git a/.azure-devops/nightlybuild/templates/az-deployment.yml b/.azure-devops/nightlybuild/templates/az-deployment.yml new file mode 100644 index 000000000..cbec1963a --- /dev/null +++ b/.azure-devops/nightlybuild/templates/az-deployment.yml @@ -0,0 +1,101 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. + +parameters: + +- name: ServiceConnectionName + type: string +- name: DeploymentName + type: string +- name: Location + type: string +- name: WorkloadSubId + type: string +- name: WorkloadName + type: string + +steps: + + - task: AzureCLI@2 + displayName: "Deploy MLZ Bicep" + inputs: + azureSubscription: ${{ parameters.ServiceConnectionName }} + scriptType: 'bash' + scriptLocation: 'inlineScript' + inlineScript: | + datetime=$(date +%s) # gets the current date time as an epoch + az deployment sub create \ + --name ${{ parameters.DeploymentName }} \ + --location ${{ parameters.Location }} \ + --template-file $(Build.SourcesDirectory)/src/bicep/mlz.bicep \ + --parameters resourcePrefix=$datetime + + - task: AzureCLI@2 + displayName: "Generate deploymentVariables.json for all addons and examples" + inputs: + azureSubscription: ${{ parameters.ServiceConnectionName }} + scriptType: 'bash' + scriptLocation: 'inlineScript' + inlineScript: | + az deployment sub show \ + --name ${{ parameters.DeploymentName }} \ + --query properties.outputs \ + > $(Build.SourcesDirectory)/src/bicep/examples/deploymentVariables.json + + - task: AzureCLI@2 + displayName: "Extract Values and Hydrate Variables for T3 Deployment" + inputs: + azureSubscription: ${{ parameters.ServiceConnectionName }} + scriptType: 'bash' + scriptLocation: 'inlineScript' + inlineScript: | + deploymentoutput=$(az deployment sub show \ + --name ${{ parameters.DeploymentName }} \ + --query '{ + hubSubId: properties.outputs.hub.value.subscriptionId, + hubRGroupName: properties.outputs.hub.value.resourceGroupName, + hubVNetworkName: properties.outputs.hub.value.virtualNetworkName, + hubVNetworkResourceId: properties.outputs.hub.value.virtualNetworkResourceId, + logAWspaceResourceId: properties.outputs.logAnalyticsWorkspaceResourceId.value, + firewallPrivateIP: properties.outputs.firewallPrivateIPAddress.value + }' \ + --output json) + + hubSubId=$(echo $deploymentoutput | jq '.hubSubId') \ + && echo "##vso[task.setvariable variable=hubSubscriptionId;]$hubSubId" + + hubRGroupName=$(echo $deploymentoutput | jq '.hubRGroupName') \ + && echo "##vso[task.setvariable variable=hubResourceGroupName;]$hubRGroupName" + + hubVNetworkName=$(echo $deploymentoutput | jq '.hubVNetworkName') \ + && echo "##vso[task.setvariable variable=hubVirtualNetworkName;]$hubVNetworkName" + + hubVNetworkResourceId=$(echo $deploymentoutput | jq '.hubVNetworkResourceId') \ + && echo "##vso[task.setvariable variable=hubVirtualNetworkResourceId;]$hubVNetworkResourceId" + + logAWspaceResourceId=$(echo $deploymentoutput | jq '.logAWspaceResourceId') \ + && echo "##vso[task.setvariable variable=logAnalyticsWorkspaceResourceId;]$logAWspaceResourceId" + + firewallPrivateIP=$(echo $deploymentoutput | jq '.firewallPrivateIP') \ + && echo "##vso[task.setvariable variable=firewallPrivateIPAddress;]$firewallPrivateIP" + + - task: AzureCLI@2 + displayName: "T3 Bicep Deployment" + inputs: + azureSubscription: ${{ parameters.ServiceConnectionName }} + scriptType: 'bash' + scriptLocation: 'inlineScript' + inlineScript: | + az deployment sub create \ + --subscription ${{ parameters.WorkloadSubId }} \ + --location ${{ parameters.Location }} \ + --name ${{ parameters.WorkloadName }} \ + --template-file $(Build.SourcesDirectory)/src/bicep/examples/newWorkload/newWorkload.bicep \ + --parameters \ + workloadName=${{ parameters.WorkloadName }} \ + hubSubscriptionId=$(hubSubscriptionId) \ + hubResourceGroupName=$(hubResourceGroupName) \ + hubVirtualNetworkName=$(hubVirtualNetworkName) \ + hubVirtualNetworkResourceId=$(hubVirtualNetworkResourceId) \ + logAnalyticsWorkspaceResourceId=$(logAnalyticsWorkspaceResourceId) \ + firewallPrivateIPAddress=$(firewallPrivateIPAddress) diff --git a/.azure-devops/nightlybuild/templates/clean-az-subscription.yml b/.azure-devops/nightlybuild/templates/clean-az-subscription.yml new file mode 100644 index 000000000..9086b358e --- /dev/null +++ b/.azure-devops/nightlybuild/templates/clean-az-subscription.yml @@ -0,0 +1,40 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. + +parameters: + +- name: ServiceConnectionName + type: string + +steps: + +- task: AzureCLI@2 + displayName: "Delete All Diagnostics Settings in Subscription" + condition: always() + inputs: + azureSubscription: ${{ parameters.ServiceConnectionName }} + scriptType: 'bash' + scriptLocation: 'inlineScript' + inlineScript: | + az monitor diagnostic-settings subscription list \ + --query "value[].name" \ + --output tsv \ + | xargs -t -I % az monitor diagnostic-settings subscription delete \ + --yes \ + --name % + +- task: AzureCLI@2 + displayName: "Delete All Resource Groups in Subscription" + condition: always() + inputs: + azureSubscription: ${{ parameters.ServiceConnectionName }} + scriptType: 'bash' + scriptLocation: 'inlineScript' + inlineScript: | + az group list \ + --query "[].name" \ + --output tsv \ + | xargs -t -I % az group delete \ + --yes \ + --no-wait \ + --name % diff --git a/.azure-devops/nightlybuild/templates/terraform-apply.yml b/.azure-devops/nightlybuild/templates/terraform-apply.yml new file mode 100644 index 000000000..7aa4dffbd --- /dev/null +++ b/.azure-devops/nightlybuild/templates/terraform-apply.yml @@ -0,0 +1,105 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. + +parameters: + +- name: ServiceConnectionName + type: string +- name: ClientId + type: string +- name: ClientSecret + type: string +- name: SubscriptionId + type: string +- name: TenantId + type: string +- name: Environment + type: string +- name: MetadataHost + type: string +- name: Location + type: string + +steps: + + - task: TerraformInstaller@0 + inputs: + terraformVersion: 'latest' + + - task: AzureCLI@2 + displayName: "Apply MLZ Terraform" + inputs: + azureSubscription: ${{ parameters.ServiceConnectionName }} + scriptType: 'bash' + addSpnToEnvironment: true + scriptLocation: 'inlineScript' + inlineScript: | + export ARM_CLIENT_ID=${{ parameters.ClientId }} + export ARM_CLIENT_SECRET=${{ parameters.ClientSecret }} + export ARM_SUBSCRIPTION_ID=${{ parameters.SubscriptionId }} + export ARM_TENANT_ID=${{ parameters.TenantId }} + export ARM_ENVIRONMENT=${{ parameters.Environment }} + terraform init + terraform plan \ + -var "hub_subid=${{ parameters.SubscriptionId }}" \ + -var metadata_host=${{ parameters.MetadataHost}} \ + -var environment=${{ parameters.Environment }} \ + -var location=${{ parameters.Location }} \ + -input=false + terraform apply -var "hub_subid=${{ parameters.SubscriptionId }}" \ + -var metadata_host=${{ parameters.MetadataHost}} \ + -var environment=${{ parameters.Environment }} \ + -var location=${{ parameters.Location }} \ + -auto-approve \ + -input=false + workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/mlz' + useGlobalConfig: true + + - task: AzureCLI@2 + displayName: "Extract Values and Hydrate Variables for T3 Deployment" + inputs: + azureSubscription: ${{ parameters.ServiceConnectionName }} + scriptType: 'bash' + scriptLocation: 'inlineScript' + addSpnToEnvironment: true + inlineScript: | + echo "##vso[task.setvariable variable=hubSubscriptionId;]$(terraform output -raw hub_subid)" + echo "##vso[task.setvariable variable=hubVirtualNetworkName;]$(terraform output -raw hub_vnetname)" + echo "##vso[task.setvariable variable=hubResourceGroupName;]$(terraform output -raw hub_rgname)" + echo "##vso[task.setvariable variable=firewallPrivateIPAddress;]$(terraform output -raw firewall_private_ip)" + echo "##vso[task.setvariable variable=lawsName;]$(terraform output -raw laws_name)" + echo "##vso[task.setvariable variable=lawsRgName;]$(terraform output -raw laws_rgname)" + echo "##vso[task.setvariable variable=tier1SubId;]$(terraform output -raw tier1_subid)" + echo "##vso[task.setvariable variable=tier3SubId;]$(terraform output -raw tier1_subid)" + workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/mlz' + useGlobalConfig: true + + - task: AzureCLI@2 + displayName: "Apply T3 Workload Terraform" + inputs: + azureSubscription: ${{ parameters.ServiceConnectionName }} + scriptType: 'bash' + scriptLocation: 'inlineScript' + addSpnToEnvironment: true + inlineScript: | + export ARM_CLIENT_ID=${{ parameters.ClientId }} + export ARM_CLIENT_SECRET=${{ parameters.ClientSecret }} + export ARM_SUBSCRIPTION_ID=${{ parameters.SubscriptionId }} + export ARM_TENANT_ID=${{ parameters.TenantId }} + export ARM_ENVIRONMENT=${{ parameters.Environment }} + terraform init + terraform apply -var "hub_subid=$(hubSubscriptionId)" \ + -var metadata_host=${{ parameters.MetadataHost}} \ + -var environment=${{ parameters.Environment }} \ + -var location=${{ parameters.Location }} \ + -var "hub_rgname=$(hubResourceGroupName)" \ + -var "firewall_private_ip=$(firewallPrivateIPAddress)" \ + -var "hub_vnetname=$(hubVirtualNetworkName)" \ + -var "laws_name=$(lawsName)" \ + -var "laws_rgname=$(lawsRgName)" \ + -var "tier1_subid=$(tier1SubId)" \ + -var "tier3_subid=$(tier3SubId)" \ + -auto-approve \ + -input=false + workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/tier3' + useGlobalConfig: true diff --git a/.azure-devops/prbuild/mlz-pr-bicep-azurecloud-pipelines.yml b/.azure-devops/prbuild/mlz-pr-bicep-azurecloud-pipelines.yml index ebcd08483..edc5bbc0d 100644 --- a/.azure-devops/prbuild/mlz-pr-bicep-azurecloud-pipelines.yml +++ b/.azure-devops/prbuild/mlz-pr-bicep-azurecloud-pipelines.yml @@ -13,22 +13,14 @@ pr: pool: vmImage: ubuntu-latest -variables: - ServiceConnectionName: $(CAzureConnection) - jobs: + - job: bicepCommercialCloud + displayName: "PR Checks for Mission LZ Bicep on AzureCloud" + steps: - - task: AzureCLI@2 - displayName: "What-if Bicep" - inputs: - azureSubscription: $(ServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - datetime=$(date +%s) # gets the current date time as an epoch - az deployment sub what-if \ - --name $(bDeploymentName) \ - --location $(Location) \ - --template-file $(TemplateFile) \ - --parameters resourcePrefix=$datetime + - template: templates/az-what-if.yml + parameters: + ServiceConnectionName: $(CAzureConnection) + DeploymentName: $(bDeploymentName) + Location: $(CLocation) diff --git a/.azure-devops/prbuild/mlz-pr-bicep-azuregov-pipelines.yml b/.azure-devops/prbuild/mlz-pr-bicep-azuregov-pipelines.yml index 5d033c2b4..503f543aa 100644 --- a/.azure-devops/prbuild/mlz-pr-bicep-azuregov-pipelines.yml +++ b/.azure-devops/prbuild/mlz-pr-bicep-azuregov-pipelines.yml @@ -13,22 +13,14 @@ pr: pool: vmImage: ubuntu-latest -variables: - GServiceConnectionName: $(GAzureConnection) - jobs: + - job: bicepGovCloud + displayName: "PR Checks for Mission LZ Bicep on AzureUsGovernment" + steps: - - task: AzureCLI@2 - displayName: "What-if Bicep" - inputs: - azureSubscription: $(GServiceConnectionName) - scriptType: 'bash' - scriptLocation: 'inlineScript' - inlineScript: | - datetime=$(date +%s) # gets the current date time as an epoch - az deployment sub what-if \ - --name $(bDeploymentName) \ - --location $(GLocation) \ - --template-file $(TemplateFile) \ - --parameters resourcePrefix=$datetime + - template: templates/az-what-if.yml + parameters: + ServiceConnectionName: $(GAzureConnection) + DeploymentName: $(bDeploymentName) + Location: $(GLocation) diff --git a/.azure-devops/prbuild/mlz-pr-sbom-pipelines.yml b/.azure-devops/prbuild/mlz-pr-sbom-pipelines.yml new file mode 100644 index 000000000..225400936 --- /dev/null +++ b/.azure-devops/prbuild/mlz-pr-sbom-pipelines.yml @@ -0,0 +1,125 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. + +# disable CI per: +# https://docs.microsoft.com/en-us/azure/devops/pipelines/repos/github?view=azure-devops&tabs=yaml#disabling-the-ci-trigger +trigger: none + +pr: + branches: + include: + - main + +pool: + vmImage: ubuntu-latest + +jobs: +- job: shouldGenerateSbom + displayName: 'Determine if SBOM needs to be generated' + steps: + - checkout: self + + - bash: | + only_manifest_files=( + _manifest/manifest.json + _manifest/manifest.json.sha256 + _manifest/spdx_2.2/manifest.spdx.json + _manifest/spdx_2.2/manifest.spdx.json.sha256 + ) + + the_last_diff=( $(git log -1 --no-merges --name-only --pretty="") ) + + echo "only manifest files:" + echo ${only_manifest_files[*]} + echo "" + + echo "the last git diff:" + echo ${the_last_diff[*]} + echo "" + + BUILD_SBOM=true + + if [[ "${the_last_diff[*]}" == "${only_manifest_files[*]}" ]]; then + BUILD_SBOM=false + echo "These changes are just the manifest files." + fi + + echo "##vso[task.setvariable variable=BUILD_SBOM;isOutput=true]$BUILD_SBOM" + echo "BUILD_SBOM is $BUILD_SBOM" + name: determineSbom + displayName: 'Determine if SBOM needs to be built' + +- job: generateSbom + dependsOn: shouldGenerateSbom + condition: eq(dependencies.shouldGenerateSbom.outputs['determineSbom.BUILD_SBOM'], 'true') + displayName: 'Generate SBOM' + steps: + - checkout: self + persistCredentials: true + + - bash: | + if [[ "$(Build.Reason)" == "Manual" ]]; then + SOURCE_BRANCH=$(Build.SourceBranch) + elif [[ "$(Build.Reason)" == "PullRequest" ]]; then + SOURCE_BRANCH=$(System.PullRequest.SourceBranch) + else + echo "This pipeline can only be invoked manually or on PR." + echo "Exiting." + exit 1 + fi + echo "The source branch is $SOURCE_BRANCH" + echo "##vso[task.setvariable variable=SOURCE_BRANCH;]$SOURCE_BRANCH" + displayName: 'Determine the branch name' + + - bash: | + cd $(Build.SourcesDirectory) + rm -rf _manifest + displayName: 'Remove previous _manifest contents' + + - bash: | + cd $(Build.SourcesDirectory) + cp -r .git $(Build.ArtifactStagingDirectory) + rm -rf .git + displayName: 'Temporarily move .git so it is not a part of the SBOM' + + - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 + displayName: 'Generate SBOM' + inputs: + BuildComponentPath: '$(Build.SourcesDirectory)' + BuildDropPath: '$(Build.SourcesDirectory)' + PackageName: 'Mission LZ' + PackageVersion: '$(Build.BuildNumber)' + Verbosity: Verbose + + - bash: | + cd $(Build.SourcesDirectory) + cat _manifest/manifest.json | jq . > temp.json \ + && mv temp.json _manifest/manifest.json \ + && rm -f temp.json + cat _manifest/spdx_2.2/manifest.spdx.json | jq . > temp.json \ + && mv temp.json _manifest/spdx_2.2/manifest.spdx.json \ + && rm -f temp.json + displayName: 'Pretty Print SBOM' + + - bash: | + cd $(Build.ArtifactStagingDirectory) + cp -r .git $(Build.SourcesDirectory) + rm -rf .git + displayName: 'Restore .git so we can commit back to the source branch' + + - bash: | + git config --global user.email "$BUILD_REQUESTEDFOREMAIL" + git config --global user.name "$BUILD_REQUESTEDFOR" + git checkout -t origin $(SOURCE_BRANCH) + git add '_manifest/*' + git status + git commit -m "Update Software Bill of Materials (SBOM)" + git push --set-upstream origin HEAD:$(SOURCE_BRANCH) + displayName: 'Commit SBOM changes back to source branch' + + - task: PublishBuildArtifacts@1 + displayName: 'Publish SBOM as Build Artifact' + inputs: + PathtoPublish: '$(Build.SourcesDirectory)/_manifest' + ArtifactName: 'drop' + publishLocation: 'Container' diff --git a/.azure-devops/prbuild/mlz-pr-tf-azurecloud-pipelines.yml b/.azure-devops/prbuild/mlz-pr-tf-azurecloud-pipelines.yml index 383f03b8e..6b9c3bb5f 100644 --- a/.azure-devops/prbuild/mlz-pr-tf-azurecloud-pipelines.yml +++ b/.azure-devops/prbuild/mlz-pr-tf-azurecloud-pipelines.yml @@ -13,28 +13,19 @@ pr: pool: vmImage: ubuntu-latest -variables: - ServiceConnectionName: $(CAzureConnection) - jobs: + - job: CommercialCloud_TF + displayName: "PR Checks for Mission LZ Terraform on AzureCloud" + steps: - - task: TerraformInstaller@0 - inputs: - terraformVersion: 'latest' - - task: AzureCLI@2 - displayName: "Terraform Plan" - inputs: - azureSubscription: $(CAzureConnection) - scriptType: 'bash' - scriptLocation: 'inlineScript' - addSpnToEnvironment: true - inlineScript: | - export ARM_CLIENT_ID=$(ClientId) - export ARM_CLIENT_SECRET=$(ClientSecret) - export ARM_SUBSCRIPTION_ID=$(subId) - export ARM_TENANT_ID=$(tenantId) - terraform init - terraform plan -var "hub_subid=$(subid)" -input=false - workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/mlz' - useGlobalConfig: true + - template: templates/terraform-plan.yml + parameters: + ServiceConnectionName: $(CAzureConnection) + ClientId: $(ClientId) + ClientSecret: $(ClientSecret) + SubscriptionId: $(CSubId) + TenantId: $(CTenantId) + Environment: $(CCloudEnv) + MetadataHost: $(CMetadataHost) + Location: $(CLocation) diff --git a/.azure-devops/prbuild/mlz-pr-tf-azuregov-pipelines.yml b/.azure-devops/prbuild/mlz-pr-tf-azuregov-pipelines.yml index be619bd03..7a793e8d4 100644 --- a/.azure-devops/prbuild/mlz-pr-tf-azuregov-pipelines.yml +++ b/.azure-devops/prbuild/mlz-pr-tf-azuregov-pipelines.yml @@ -13,29 +13,19 @@ pr: pool: vmImage: ubuntu-latest -variables: - GServiceConnectionName: $(GAzureConnection) - jobs: + - job: GovCloud_TF + displayName: "PR Checks for Mission LZ Terraform on AzureUsGovernment" + steps: - - task: TerraformInstaller@0 - inputs: - terraformVersion: 'latest' - - task: AzureCLI@2 - displayName: "Terraform Plan" - inputs: - azureSubscription: $(GAzureConnection) - scriptType: 'bash' - addSpnToEnvironment: true - scriptLocation: 'inlineScript' - inlineScript: | - export ARM_CLIENT_ID=$(GClientId) - export ARM_CLIENT_SECRET=$(GClientSecret) - export ARM_SUBSCRIPTION_ID=$(GSubId) - export ARM_TENANT_ID=$(GTenantId) - export ARM_ENVIRONMENT=$(CloudEnv) - terraform init - terraform plan -var "hub_subid=$(GSubid)" -var metadata_host=$(MetadataHost) -var environment=$(CloudEnv) -var location=$(GLocation) -input=false - workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/mlz' - useGlobalConfig: true + - template: templates/terraform-plan.yml + parameters: + ServiceConnectionName: $(GAzureConnection) + ClientId: $(GClientId) + ClientSecret: $(GClientSecret) + SubscriptionId: $(GSubId) + TenantId: $(GTenantId) + Environment: $(GCloudEnv) + MetadataHost: $(GMetadataHost) + Location: $(GLocation) diff --git a/.azure-devops/prbuild/templates/az-what-if.yml b/.azure-devops/prbuild/templates/az-what-if.yml new file mode 100644 index 000000000..0ed231bfb --- /dev/null +++ b/.azure-devops/prbuild/templates/az-what-if.yml @@ -0,0 +1,26 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. + +parameters: + +- name: ServiceConnectionName + type: string +- name: DeploymentName + type: string +- name: Location + type: string + +steps: + - task: AzureCLI@2 + displayName: "What-if Bicep" + inputs: + azureSubscription: ${{ parameters.ServiceConnectionName }} + scriptType: 'bash' + scriptLocation: 'inlineScript' + inlineScript: | + datetime=$(date +%s) # gets the current date time as an epoch + az deployment sub what-if \ + --name ${{ parameters.DeploymentName }} \ + --location ${{ parameters.Location }} \ + --template-file $(Build.SourcesDirectory)/src/bicep/mlz.bicep \ + --parameters resourcePrefix=$datetime diff --git a/.azure-devops/prbuild/templates/terraform-plan.yml b/.azure-devops/prbuild/templates/terraform-plan.yml new file mode 100644 index 000000000..db5afa388 --- /dev/null +++ b/.azure-devops/prbuild/templates/terraform-plan.yml @@ -0,0 +1,51 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. + +parameters: + +- name: ServiceConnectionName + type: string +- name: ClientId + type: string +- name: ClientSecret + type: string +- name: SubscriptionId + type: string +- name: TenantId + type: string +- name: Environment + type: string +- name: MetadataHost + type: string +- name: Location + type: string + +steps: + + - task: TerraformInstaller@0 + displayName: "Install Terraform" + inputs: + terraformVersion: 'latest' + + - task: AzureCLI@2 + displayName: "Terraform Plan" + inputs: + azureSubscription: ${{ parameters.ServiceConnectionName }} + scriptType: 'bash' + addSpnToEnvironment: true + scriptLocation: 'inlineScript' + inlineScript: | + export ARM_CLIENT_ID=${{ parameters.ClientId }} + export ARM_CLIENT_SECRET=${{ parameters.ClientSecret }} + export ARM_SUBSCRIPTION_ID=${{ parameters.SubscriptionId }} + export ARM_TENANT_ID=${{ parameters.TenantId }} + export ARM_ENVIRONMENT=${{ parameters.Environment }} + terraform init + terraform plan \ + -var 'hub_subid=${{ parameters.SubscriptionId }}' \ + -var 'metadata_host=${{ parameters.MetadataHost }}' \ + -var 'environment=${{ parameters.Environment }}' \ + -var 'location=${{ parameters.Location }}' \ + -input=false + workingDirectory: '$(System.DefaultWorkingDirectory)/src/terraform/mlz' + useGlobalConfig: true diff --git a/.azure-devops/validate-declarative-form.yml b/.azure-devops/validate-declarative-form.yml new file mode 100644 index 000000000..27a62b3cf --- /dev/null +++ b/.azure-devops/validate-declarative-form.yml @@ -0,0 +1,24 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. + +# disable CI per: +# https://docs.microsoft.com/en-us/azure/devops/pipelines/repos/github?view=azure-devops&tabs=yaml#disabling-the-ci-trigger +trigger: none + +pr: + branches: + include: + - main + +pool: + vmImage: ubuntu-latest + +jobs: +- job: ValidateDeclarativeForm + displayName: 'Validate Declarative Form' + steps: + - bash: | + curl -s -o validate_declarative_form.py -L https://raw.githubusercontent.com/glennmusa/validate-declarative-form/main/validate_declarative_form.py + python3 validate_declarative_form.py src/bicep/form/mlz.portal.json src/bicep/mlz.json + displayName: 'Execute validation script' + failOnStderr: true diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 8a28082a9..0221d892f 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -16,6 +16,9 @@ ARG TFLINT_AZURERM=0.14.0 # Azure CLI version ARG AZURE_CLI_VERSION=2.31.0-1~focal +# Bicep version +ARG BICEP_VERSION=v0.4.1272 + # Update distro (software-properties-common installs the add-apt-repository command) RUN apt-get update \ && apt-get -y install --no-install-recommends apt-utils software-properties-common 2>&1 \ @@ -89,7 +92,7 @@ RUN AZ_REPO=$(lsb_release -cs) \ RUN apt-get update && apt-get install -y azure-cli=${AZURE_CLI_VERSION} # Install Bicep -RUN curl -Lo /usr/local/bin/bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 \ +RUN curl -Lo /usr/local/bin/bicep https://github.com/Azure/bicep/releases/download/${BICEP_VERSION}/bicep-linux-x64 \ && chmod +x /usr/local/bin/bicep # Clean up diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md deleted file mode 100644 index bbcbbe7d6..000000000 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ /dev/null @@ -1,20 +0,0 @@ ---- -name: Feature request -about: Suggest an idea for this project -title: '' -labels: '' -assignees: '' - ---- - -**Is your feature request related to a problem? Please describe.** -A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] - -**Describe the solution you'd like** -A clear and concise description of what you want to happen. - -**Describe alternatives you've considered** -A clear and concise description of any alternative solutions or features you've considered. - -**Additional context** -Add any other context or screenshots about the feature request here. diff --git a/.github/ISSUE_TEMPLATE/spike.md b/.github/ISSUE_TEMPLATE/spike.md new file mode 100644 index 000000000..42f6e6e49 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/spike.md @@ -0,0 +1,26 @@ +--- +name: Spike +about: Use spikes for time-boxed work to investigate a technology or design problem, resulting in better understanding about what needs to be designed or built. +title: '' +labels: spike +assignees: '' + +--- + +## Benefit/Result/Outcome + +*Write a single statement describing the value we expect to get from investigating this technology. Value statements usually start with "So that" and are a simple description of the value and the persona who will benefit.* +*So that \ \* + +## Description + +*Write a description of what will be done during the spike and the desired outcomes.* + +**Work on this spike is limited to:** \ hours + +## Possible Outcomes + +The spike will result in one or more of the following outcomes: + +- +- diff --git a/.github/workflows/validate-build-bicep.yml b/.github/workflows/validate-build-bicep.yml index 3c52c6b9c..29e7b735a 100644 --- a/.github/workflows/validate-build-bicep.yml +++ b/.github/workflows/validate-build-bicep.yml @@ -2,12 +2,14 @@ # Licensed under the MIT License. name: validate-build-bicep -on: +on: pull_request: branches: [main] - paths: + paths: - 'src/bicep/**' - '!src/bicep/**.md' +env: + BICEP_VERSION: 'v0.4.1272' jobs: validate-build: runs-on: ubuntu-latest @@ -18,6 +20,8 @@ jobs: - run: | git config user.name github-actions git config user.email github-actions@github.com + az bicep install --version "$BICEP_VERSION" + az bicep version az bicep build --file src/bicep/mlz.bicep --outfile src/bicep/mlz.json if [[ $(git status --porcelain) ]]; then git add src/bicep/mlz.json diff --git a/.github/workflows/validate-terraform.sh b/.github/workflows/validate-terraform.sh new file mode 100755 index 000000000..b3f273f33 --- /dev/null +++ b/.github/workflows/validate-terraform.sh @@ -0,0 +1,64 @@ +#!/bin/bash +# +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. +# +# Validates and lints Terraform for 1:M directories, exiting if any errors are produced + +program_log () { + echo "${0}: ${1}" +} + +error_log () { + echo "Error: ${1}" +} + +# check for Terraform +if ! command -v terraform &> /dev/null; then + error_log "Terraform could not be found. This script requires the Terraform CLI." + echo "See https://learn.hashicorp.com/tutorials/terraform/install-cli for installation instructions." + exit 1 +fi + +# validate Terraform with `terraform validate` +validate() { + local tf_dir=$1 + cd "${tf_dir}" || exit 1 + program_log "validating at ${tf_dir}..." + terraform init -backend=false >> /dev/null || exit 1 + terraform validate >> /dev/null || exit 1 + program_log "successful validation with \"terraform validate ${tf_dir}\"!" +} + +# check Terraform formatting with `terraform fmt` +check_formatting() { + local tf_dir=$1 + cd "${tf_dir}" || exit 1 + program_log "checking formatting at ${tf_dir}..." + if terraform fmt -check -recursive >> /dev/null; + then + program_log "successful check with \"terraform fmt -check -recursive ${tf_dir}\"" + else + linting_results=$(terraform fmt -check -recursive) + for j in $linting_results + do + error_log "\"${j}\" is not formatted correctly. Format with the command \"terraform fmt ${j}\"" + done + program_log "run \"terraform fmt -recursive\" to format all Terraform components in a directory" + exit 1 + fi +} + +# get the starting directory +working_dir=$(pwd) + +# for every argument, try to validate and check formatting +for arg in "$@" +do + real_path=$(realpath "${arg}") + validate "${real_path}" + check_formatting "${real_path}" + cd "${working_dir}" || exit 1 +done + +program_log "done!" diff --git a/.github/workflows/validate-terraform.yml b/.github/workflows/validate-terraform.yml index d6e5a0430..c03d09139 100644 --- a/.github/workflows/validate-terraform.yml +++ b/.github/workflows/validate-terraform.yml @@ -4,10 +4,10 @@ # Licensed under the MIT License. name: validate-terraform -on: +on: pull_request: branches: [main] - paths: + paths: - 'src/terraform/**' - '!src/terraform/**.md' workflow_dispatch: @@ -24,8 +24,4 @@ jobs: - shell: bash name: validate and lint terraform run: | - src/build/validate_tf.sh src/terraform/mlz src/terraform/tier3 - - shell: bash - name: check terraform formatting - run: | - src/build/check_tf_format.sh src/terraform + .github/workflows/validate-terraform.sh src/terraform/mlz src/terraform/tier3 diff --git a/.gitignore b/.gitignore index a7264cb4e..7606db2ba 100644 --- a/.gitignore +++ b/.gitignore @@ -16,6 +16,7 @@ crash.log # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan # example: *tfplan* *plan* +!terraform-plan.yml !src/bicep/** *.plan* diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a8a801b29..fba6c6392 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -116,6 +116,19 @@ If an individual backlog item takes more than a week then it's time to ask for h Anyone can modify the backlog items, and when needed the product owner can assist by reducing scope, improving acceptance criteria, and splitting a single backlog item into multiple. Teammates can assist by providing advice, pair programming, or taking on part of the work. +#### Nightly Builds + +[Nightly builds](https://github.com/Azure/missionlz#nightly-build-status) are run in Azure Pipelines to test deployments into Azure subscriptions. Successful nightly builds are a top priority for the team. + +How to remediate a broken build: + +1. One team member volunteers to investigate and fix, and communicates that to the rest of the team. +1. Verify that the break is not an ephemeral issue. If running the build again fixes the issue then investigation can stop. If the same ephemeral issue appears often then [create a bug](https://github.com/Azure/missionlz/issues/new/choose) in the backlog and open a support request. +1. If the issue requires a code change, [create a bug](https://github.com/Azure/missionlz/issues/new/choose) and put the bug at the top of the "In Progress" column of the [current project](https://github.com/Azure/missionlz/projects). +1. Immediately fix the issue and submit a PR. Recruit help from the rest of the team if necessary. + +> NOTE: Broken nightly builds are the top priority for the team. One person will own the remediation, but the rest of the team should rally to assist until the build is fixed. + ### Product Owner Process #### Product Backlog diff --git a/README.md b/README.md index 0f5206818..7eaffc0e1 100644 --- a/README.md +++ b/README.md @@ -61,12 +61,12 @@ You must have [Owner RBAC permissions](https://docs.microsoft.com/en-us/azure/ro cd missionlz ``` -1. Deploy Mission Landing Zone with the [`az deployment sub create`](https://docs.microsoft.com/en-us/cli/azure/deployment/sub?view=azure-cli-latest#az_deployment_sub_create) command. For a quickstart test deployment into the current AZ CLI subscription we suggest setting these parameters: +1. Deploy Mission Landing Zone with the [`az deployment sub create`](https://docs.microsoft.com/en-us/cli/azure/deployment/sub?view=azure-cli-latest#az_deployment_sub_create) command. For a quickstart, we suggest a test deployment into the current AZ CLI subscription setting these parameters: - `--name`: (optional) The deployment name, which is visible in the Azure Portal under Subscription/Deployments. - `--location`: (required) The Azure region to store the deployment metadata. - `--template-file`: (required) The file path to the `mlz.bicep` template. - - `--parameters resourcePrefix=`: (required) The `resourcePrefix` Bicep parameter is used to generate names for your resources. It is the only required parameter in the Bicep file. You can set it to any alphanumeric value that is between 3-10 characters. You can omit this parameter and the `az deployment sub create` command will prompt you to enter a value. + - `--parameters resourcePrefix=`: (required) The `resourcePrefix` Bicep parameter is used to generate names for your resources. It is the only required parameter in the Bicep file. You can set it to any alphanumeric value (without whitespace) that is between 3-10 characters. You can omit this parameter and the `az deployment sub create` command will prompt you to enter a value. Here's an example: @@ -98,7 +98,7 @@ Mission LZ has the following scope: -Mission LZ Scope +A table of the components Mission LZ provisions in Azure beneath a rectangle labeled DISA Secure Cloud Computing Architecture Controls ## Networking @@ -107,7 +107,7 @@ Networking is set up in a hub and spoke design, separated by tiers: T0 (Identity -Mission LZ Networking +A diagram that depicts a hub with four spokes, each spoke pointing at the hub ## Subscriptions @@ -116,7 +116,7 @@ Most customers will deploy each tier to a separate Azure subscription, but multi ## Firewall -All network traffic is directed through the firewall residing in the Network Hub resource group. The firewall is configured as the default route for all the T0 (Identity and Authorization) through T3 (workload/team environments) resource groups as follows: +All network traffic is directed through the firewall residing in the Network Hub resource group. The firewall is configured as the default route for all the T0 (Identity and Authorization) through T3 (workload/team environments) resource groups as follows: |Name |Address prefix| Next hop type| Next hop IP address| |-------------|--------------|-----------------|-----------------| @@ -143,7 +143,7 @@ Here's a summary of what Mission Landing Zone deploys of as of December 2021: -Mission LZ as of December 2021 +A diagram that depicts a hub and spoke network topology built with Azure resources ## Contributing diff --git a/SUPPORT.md b/SUPPORT.md index 92907c338..e3ab0b629 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -4,13 +4,13 @@ We welcome feedback of all types. -This project uses GitHub issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates. +This project uses GitHub issues to track work. Please search the [existing issues](https://github.com/Azure/missionlz/issues) before filing new issues to avoid duplicates. -For new issues, file your bug or feature request as a new [issue](https://github.com/Azure/missionlz/issues), [bug](https://github.com/Azure/missionlz/issues), or [feature request](https://github.com/Azure/missionlz/issues). +For new issues, use the [issue templates](https://github.com/Azure/missionlz/issues/new/choose). -For help and questions about using this project, please submit a [question](https://github.com/Azure/missionlz/issues). +For help and questions about using this project, please submit a [question](https://github.com/Azure/missionlz/issues/new?assignees=&labels=question&template=question.md&title=). -To report a security issue please see our [security guidance](./SECURITY.md). +To report a security issue please see our [security guidance](/SECURITY.md). ## Microsoft Support Policy @@ -21,4 +21,5 @@ Any issues that are deemed out of scope by Microsoft support and/or require bugf Project maintainers and community aim to resolve issues in a timely fashion per community support policy of this repo. The project team works in Eastern U.S. time zone, Monday through Friday, except for U.S. Federal holidays. ## Community Support Policy + Project maintainers will aim to respond within three business days for any new issues. diff --git a/_manifest/manifest.json b/_manifest/manifest.json new file mode 100644 index 000000000..e731e02d0 --- /dev/null +++ b/_manifest/manifest.json @@ -0,0 +1,755 @@ +{ + "Outputs": [ + { + "Source": "/SECURITY.md", + "AzureArtifactsHash": "043C212D2D20424547494E204D4943524F534F46542053454355524954592E4D4420", + "Sha256Hash": "89FFE07758CFD3C7D69F05047000130F78DD40A809D5496E19DCCAB76CF8F50C" + }, + { + "Source": "/.gitignore", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "37EEC709BD606FA90861BC08D28D4117F11F752C3DD1C044FCA2271E2F811828" + }, + { + "Source": "/README.md", + "AzureArtifactsHash": "0423204D697373696F6E204C5A0A0A4D697373696F6E204C616E64696E67205A6F6E", + "Sha256Hash": "D3E67886BA7B64FD6A0FDB70B8D222822F7E846DEA4532D5AD6DB808E0C38F56" + }, + { + "Source": "/src/bicep/modules/windowsVirtualMachine.bicep", + "AzureArtifactsHash": "04706172616D206E616D6520737472696E670A706172616D206C6F636174696F6E20", + "Sha256Hash": "48F34DDD11CBAC02CC724943A8E5B5962E4636FDB68DD4CC39C0205FAA3836FC" + }, + { + "Source": "/src/bicep/modules/networkInterface.bicep", + "AzureArtifactsHash": "04706172616D206E616D6520737472696E670A706172616D206C6F636174696F6E20", + "Sha256Hash": "640DF6FE4E0FB3E23CF8FE05F6068DE14A998F8F761ECC9E954A450EE17F5D77" + }, + { + "Source": "/src/bicep/modules/centralLogging.bicep", + "AzureArtifactsHash": "042F2F2073636F70650A74617267657453636F7065203D2027737562736372697074", + "Sha256Hash": "8DFDF645051221094B24B5CEDF435193BC9CF5C9C302D12BF05A4D98DDD81B24" + }, + { + "Source": "/src/bicep/modules/bastionHost.bicep", + "AzureArtifactsHash": "04706172616D206E616D6520737472696E670A706172616D206C6F636174696F6E20", + "Sha256Hash": "783F2FE42A248EAF9E6A62A0E255793267CC0A97B3E03A6BA2FF13C9A4A053D5" + }, + { + "Source": "/src/bicep/modules/linuxVirtualMachine.bicep", + "AzureArtifactsHash": "04706172616D206E616D6520737472696E670A706172616D206C6F636174696F6E20", + "Sha256Hash": "F8BFDC65216FB6457ED73F519E6D22596866DF80EAEBF597AE509D2AAE9E2A4E" + }, + { + "Source": "/src/bicep/modules/logAnalyticsWorkspace.bicep", + "AzureArtifactsHash": "04706172616D206E616D6520737472696E670A706172616D206C6F636174696F6E20", + "Sha256Hash": "9F8146497CFA675FA651296420E750D2BCEF9B2A2547289212D40AAE05D7F86C" + }, + { + "Source": "/src/bicep/modules/policies/IL5-policyAssignmentParameters.json", + "AzureArtifactsHash": "047B0A2020202022496E636C7564654172634D616368696E657322203A207B200A20", + "Sha256Hash": "CF864DFA1EC76BA0E1EBC38E69A7E1FF9C7ACFA50DE9F947E99872A2610FFD56" + }, + { + "Source": "/src/bicep/modules/policies/CMMC-policyAssignmentParameters.json", + "AzureArtifactsHash": "047B0A20202020226C6F67416E616C7974696373576F726B737061636549642D6634", + "Sha256Hash": "AA11B7DCF0C12D8B4167F5C8AD7130194B6B5E17AD0BF0B2D84D03D8423B29FB" + }, + { + "Source": "/src/bicep/examples/appServicePlan/appService.bicep", + "AzureArtifactsHash": "042F2A0A4465706C6F79657320612077656220736572766572206661726D28616B61", + "Sha256Hash": "482D25AA62E13E458B06C9D3266A190F9C831F5768FA77BAD86364256CB6A4E1" + }, + { + "Source": "/src/bicep/examples/sentinel/README.md", + "AzureArtifactsHash": "04232053656E74696E656C204578616D706C650A0A54686973206578616D706C6520", + "Sha256Hash": "79FF363B323714D4AA508F6416B40FAD1AB83E81B055F47777ABE876850636CE" + }, + { + "Source": "/src/bicep/examples/newWorkload/README.md", + "AzureArtifactsHash": "0423204E657720576F726B6C6F6164204578616D706C650A0A54686973206578616D", + "Sha256Hash": "FF1108A0ADF9E71367C97D2B1DC0E5F521A5F5CF6F3AC70FD6F7FF499189E1DB" + }, + { + "Source": "/src/bicep/examples/newWorkload/newWorkload.bicep", + "AzureArtifactsHash": "0474617267657453636F7065203D2027737562736372697074696F6E270A0A706172", + "Sha256Hash": "C6DA3BD54E52F66D7FF7D5A3288686B7E2C8CCC8C4A2D8250FFD943D668E3C22" + }, + { + "Source": "/src/terraform/mlz/variables.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "41EADEDBDC7A1C8B6E56D829F1CF063C74C6381EFD8CB89B4B4E1106EE7D2C5F" + }, + { + "Source": "/src/terraform/README.md", + "AzureArtifactsHash": "0423204D697373696F6E204C616E64696E67205A6F6E65205465727261666F726D20", + "Sha256Hash": "1138044D7D0567EB2C610DC7CEA7D55807CC461224D8EE1A3B7D420F20902568" + }, + { + "Source": "/src/terraform/modules/policy-assignments/outputs.tf", + "AzureArtifactsHash": "04000000000000000000000000000000000000000000000000000000000000000000", + "Sha256Hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855" + }, + { + "Source": "/src/terraform/modules/bastion/outputs.tf", + "AzureArtifactsHash": "04000000000000000000000000000000000000000000000000000000000000000000", + "Sha256Hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855" + }, + { + "Source": "/src/terraform/modules/firewall/main.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "3A82B541BCBA083CA3DC062A8FBA5891494B06B026839887AF15D565E42CF5ED" + }, + { + "Source": "/src/terraform/modules/policy-assignments/main.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "4E43F990B727CECFC7BA6BA5D176BC0B4EA72D91885F88D6C2971776F0E36679" + }, + { + "Source": "/src/terraform/modules/spoke/variables.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "CDA5F1C9C4F99A12BA47F14EA8AA41246E8CCF4FB0A0C7F74ED9A01EE08A7579" + }, + { + "Source": "/src/terraform/modules/bastion/main.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "40047984910DB59328428465018AE5FD5BB41FCA2B6131F2DD81FBE6CA1CABC6" + }, + { + "Source": "/.azure-devops/prbuild/mlz-pr-tf-azurecloud-pipelines.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "30FAC8178B54C393C7C8EE705A07DCF572C2B5EB874A33FED8CB64582E6007ED" + }, + { + "Source": "/src/terraform/modules/firewall/variables.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "E235A28BF3CDA39701FA01C381C29A7AFF4E8AF671CDC44B4F7CDE850BB2CFB9" + }, + { + "Source": "/.azure-devops/nightlybuild/mlz-tf-azuregov-pipelines.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "D264480523BAFDB200BE0DE38B97DEFB725F28FFB9B1842F31D783B9280572D3" + }, + { + "Source": "/src/terraform/modules/windows-virtual-machine/outputs.tf", + "AzureArtifactsHash": "04000000000000000000000000000000000000000000000000000000000000000000", + "Sha256Hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855" + }, + { + "Source": "/.github/pull_request_template.md", + "AzureArtifactsHash": "0423204465736372697074696F6E0A0A5F506C65617365206578706C61696E207468", + "Sha256Hash": "0DF7C4D87086902F68BE49ACAEB6F9239B3D77DBE4F9B4AE2E1423F871CE9A42" + }, + { + "Source": "/.azure-devops/cred-poli-scan.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "E177C3BB80497F2FB34F50AFF3B97462AEEB187D3ACCD563BBA5FC9E8954B45A" + }, + { + "Source": "/.azure-devops/nightlybuild/mlz-tf-azurecloud-pipelines.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "972DB035811A02922376C19D219C73E247FF852D8FB02C35F1AE9EA781CDCC7F" + }, + { + "Source": "/.github/dependabot.yml", + "AzureArtifactsHash": "042D2D2D0D0A0D0A76657273696F6E3A20320D0A757064617465733A0D0A20202D20", + "Sha256Hash": "3AFD433AAA570CA649E91113F0297130B127F4FEF451CD266DC02E4D59691AC3" + }, + { + "Source": "/.github/ISSUE_TEMPLATE/bug_report.md", + "AzureArtifactsHash": "042D2D2D0A6E616D653A20427567207265706F72740A61626F75743A204372656174", + "Sha256Hash": "A9DAA3FCB5D321CC508AA87BD1024B9375AE0BAAEDA87E0A4D89B11C08908BFB" + }, + { + "Source": "/.github/ISSUE_TEMPLATE/backlog_item.md", + "AzureArtifactsHash": "042D2D2D0A6E616D653A204261636B6C6F67206974656D0A61626F75743A20557365", + "Sha256Hash": "7F409DB232B72C0E6F921C2FD39AD60D1DE13105F6DC90302CB0642D1A513C03" + }, + { + "Source": "/docs/images/networking.png", + "AzureArtifactsHash": "0489504E470D0A1A0A0000000D49484452000004ED000001BE0806000000CFF9F0E0", + "Sha256Hash": "497D6C0C461FA3F0B12758D600F0B88EE0999EB39912AA064952C6569FC1D329" + }, + { + "Source": "/.vscode/extensions.json", + "AzureArtifactsHash": "042F2F20436F7079726967687420286329204D6963726F736F667420436F72706F72", + "Sha256Hash": "E54E7BB6BAEAFC552CC9012F684F10A66834AE06FD107D4266070B7CE256F3BA" + }, + { + "Source": "/docs/images/deploytoazuregov.svg", + "AzureArtifactsHash": "043C3F786D6C2076657273696F6E3D22312E302220656E636F64696E673D22555446", + "Sha256Hash": "D1CA547EAB43B6A18C7D8F98694B301517C5C2448FFC5303DBA352C4E026FF72" + }, + { + "Source": "/docs/images/management-groups/mg2-empty-subscription-list.png", + "AzureArtifactsHash": "0489504E470D0A1A0A0000000D49484452000009F3000002FF0806000000C8E6CFE8", + "Sha256Hash": "FF19B3F037BC865AF2B59BAB59BF285B5C4F2B42D31ECE908387BCC1CE9B20DA" + }, + { + "Source": "/CONTRIBUTING.md", + "AzureArtifactsHash": "042320436F6E747269627574696F6E2047756964656C696E65730A0A546869732070", + "Sha256Hash": "3F733E8C2AFDDA935C789C2378F8AB22A0C9819180DEA6F6FED1D23C2B58BD0D" + }, + { + "Source": "/src/bicep/modules/storageAccount.bicep", + "AzureArtifactsHash": "04706172616D2073746F726167654163636F756E744E616D6520737472696E670A70", + "Sha256Hash": "0A12B988626C851051886A012826EF73D3D63BC1462C45D82D4B2C33D7BFA4B3" + }, + { + "Source": "/src/bicep/modules/hubNetwork.bicep", + "AzureArtifactsHash": "04706172616D206C6F636174696F6E20737472696E67203D207265736F7572636547", + "Sha256Hash": "EDEAC5B5834FC9C3DB0853EC6B7DFD8B786A222B14DD421B8CF5ACCBD04AECC2" + }, + { + "Source": "/src/bicep/modules/hubNetworkPeerings.bicep", + "AzureArtifactsHash": "04706172616D206875625669727475616C4E6574776F726B4E616D6520737472696E", + "Sha256Hash": "9741536D665A963C60720D8AE677B0C6C76CE7B99491966279161038BCCE994E" + }, + { + "Source": "/src/bicep/modules/networkSecurityGroup.bicep", + "AzureArtifactsHash": "04706172616D206E616D6520737472696E670A706172616D206C6F636174696F6E20", + "Sha256Hash": "0C87A70128ADE0133F19D5ECEE43C50EDE516B03D96A971704607F67BD520FDE" + }, + { + "Source": "/src/bicep/examples/containerRegistry/modules/containerRegistry.bicep", + "AzureArtifactsHash": "04406D696E4C656E6774682835290A406D61784C656E677468283530290A70617261", + "Sha256Hash": "0ADAFE6DB27170496017D91EF6363D2F101707BA98C23A5ADE5B60334CB09DDD" + }, + { + "Source": "/src/bicep/examples/remoteAccess/main.bicep", + "AzureArtifactsHash": "04706172616D206C6F636174696F6E20737472696E67203D207265736F7572636547", + "Sha256Hash": "5D3883DFB0A10FE70BA037B6726E2C7659A6CB970829B580EAA3BA52719E4C69" + }, + { + "Source": "/NOTICE", + "AzureArtifactsHash": "044E4F54494345530A0A54686973207265706F7369746F727920696E636F72706F72", + "Sha256Hash": "1F22E5CBB6F4E5A075061CB35E33F3CAA610A880B4D0D5B5ECC7BCEFC9E91A8D" + }, + { + "Source": "/src/bicep/examples/keyVault/README.md", + "AzureArtifactsHash": "042320417A757265204B6579205661756C74204578616D706C650A0A546869732065", + "Sha256Hash": "3AC52947D5729C16A45F4892E6574B63493D595FB3FBAD90EDC5A1228C213B7B" + }, + { + "Source": "/src/terraform/tier3/outputs.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "1C8A20FA5B81A909CB9336B543C6F7E11AF5415BBAB6E880CB9B0EAF2D2F20F8" + }, + { + "Source": "/src/bicep/modules/virtualNetworkPeering.bicep", + "AzureArtifactsHash": "04706172616D206E616D6520737472696E670A706172616D2072656D6F7465566972", + "Sha256Hash": "DE5AF067A6DD7400DC9B67EF629D9EE32EF143BD23EFC67C06FE3D6DA819B84E" + }, + { + "Source": "/src/terraform/modules/hub/outputs.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "EB1AD4F9BE016BB0B646974AACA4C42088E59EEEB84EC8A379E86009E6AD2F59" + }, + { + "Source": "/src/bicep/modules/logAnalyticsDiagnosticLogging.bicep", + "AzureArtifactsHash": "04706172616D20646961676E6F7374696353746F726167654163636F756E744E616D", + "Sha256Hash": "040A8767646B2D5F5CF8C9FAC3112D5183CBAB94B5005F4F6E3F4B79343B57A2" + }, + { + "Source": "/src/terraform/modules/subnet/main.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "B6B553FE91052362452FCAEED457DC627FF7E67C3B3496636C9EBCA8A9C4DA4A" + }, + { + "Source": "/src/bicep/modules/virtualNetwork.bicep", + "AzureArtifactsHash": "04706172616D206E616D6520737472696E670A706172616D206C6F636174696F6E20", + "Sha256Hash": "3E429B1678856F63BAF88C320AA57415E4D2014645BD0499D0F85A5401464180" + }, + { + "Source": "/src/terraform/modules/windows-virtual-machine/variables.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "841918AC341C15DF54F379A7C28FC927400BDB04971E31803C6105B67BA65280" + }, + { + "Source": "/src/bicep/modules/policies/NIST-policyAssignmentParameters.json", + "AzureArtifactsHash": "04202020207B0A2020202020202020226C6973744F664D656D62657273546F457863", + "Sha256Hash": "8BC44D8AE410E93DAA114017536AF566E5E6270B30226225E42A0CE780DD41C7" + }, + { + "Source": "/src/terraform/modules/linux-virtual-machine/outputs.tf", + "AzureArtifactsHash": "04000000000000000000000000000000000000000000000000000000000000000000", + "Sha256Hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855" + }, + { + "Source": "/src/bicep/examples/sentinel/sentinel.tf", + "AzureArtifactsHash": "047465727261666F726D207B0A20206261636B656E6420226C6F63616C22207B7D0A", + "Sha256Hash": "085607CF83157914AD70254C0096F8B9D685EC1769FA660ED528F29C834764B7" + }, + { + "Source": "/.azure-devops/prbuild/templates/terraform-plan.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "CDDEF69DCBB3F354DCEE8EAB2470F1F78BCEA21BA6379A667550EF2DCD403206" + }, + { + "Source": "/src/bicep/examples/remoteAccess/README.md", + "AzureArtifactsHash": "04232052656D6F746520416363657373204578616D706C650A0A5468697320657861", + "Sha256Hash": "4DB9D861FC91AD574D881EB943611526BD756C7AAF2B2845C754123EE56ABF0A" + }, + { + "Source": "/.azure-devops/nightlybuild/templates/clean-az-subscription.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "4064636F0FA679FC9E3F783C56F9B235D6F3C9F984A148AB1354B9DD7DD0C274" + }, + { + "Source": "/src/bicep/examples/keyVault/modules/keyVault.bicep", + "AzureArtifactsHash": "04706172616D206B65795661756C744E616D6520737472696E670A706172616D206C", + "Sha256Hash": "5029F87EC84F97A526F18F05F1A0BEB5D41F17A3E8D2DA8982624492101B55E3" + }, + { + "Source": "/.github/workflows/README.md", + "AzureArtifactsHash": "042320776F726B666C6F77730A0A54686573652061726520746865206175746F6D61", + "Sha256Hash": "F6314B80732C517F16559EC2B9A2FD243123FF1957E99A89F890E060C8D76A54" + }, + { + "Source": "/src/terraform/modules/policy-assignments/variables.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "EF13943A8C0385F563F0847E26F3D5865D1DAA760BC252B4A3BFD756BDE4162B" + }, + { + "Source": "/docs/scca.md", + "AzureArtifactsHash": "042320534343410A0A232320436F6E63657074730A0A4D697373696F6E204C5A2069", + "Sha256Hash": "5872AF3FF944847E78FC9727DF4C13E2A52976405A35148D73B4F4B7ED9B0847" + }, + { + "Source": "/src/terraform/modules/bastion/variables.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "B18FA82F4821BC1D58AE98E63F6D5327BB9A9667E6042AFC2E858E0BC8CEA865" + }, + { + "Source": "/docs/images/management-groups/mg1-management-groups-list.png", + "AzureArtifactsHash": "0489504E470D0A1A0A0000000D49484452000009CA0000032D0806000000A581D08A", + "Sha256Hash": "BFDA1766A4A4F019C97EED61BEFAF284EC6D600DC0C767911F573F58A42D9037" + }, + { + "Source": "/src/terraform/modules/subnet/outputs.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "1C8A20FA5B81A909CB9336B543C6F7E11AF5415BBAB6E880CB9B0EAF2D2F20F8" + }, + { + "Source": "/src/terraform/modules/windows-virtual-machine/main.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "CB23042515CE49FBE377E8BD3EF1532B05E91D598D837C5D104DC5695F4BDDF1" + }, + { + "Source": "/.azure-devops/validate-declarative-form.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "6A21F6AA77B0338123ADEABAFEFC6191BC5A32FF4089B5BCF77886C914C16D59" + }, + { + "Source": "/.azure-devops/prbuild/templates/az-what-if.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "DE5A9721B81916F9C27AD94A08E0091557DC217AF176EAB698AC386694C5EEA1" + }, + { + "Source": "/.github/CODEOWNERS", + "AzureArtifactsHash": "042320546869732067726F7570206973207468652064656661756C7420736574206F", + "Sha256Hash": "407B4BA622B7475BAEFF4516F2E741CEB09E436F640C36F3EF88F6AC7893B3AE" + }, + { + "Source": "/.github/ISSUE_TEMPLATE/spike.md", + "AzureArtifactsHash": "042D2D2D0A6E616D653A205370696B650A61626F75743A20557365207370696B6573", + "Sha256Hash": "3329EDB14E89D305C23FDA463F708037BA51A1D92A33AAA8038E2DBD4592F29B" + }, + { + "Source": "/docs/deployment-guide-terraform.md", + "AzureArtifactsHash": "0423204D697373696F6E204C5A204465706C6F796D656E7420477569646520666F72", + "Sha256Hash": "62F7A7955FA4CA8F63AF8D2B65A0D2179D57A45CCBDDEB2729C70957001857BE" + }, + { + "Source": "/docs/images/management-groups/mg3-select-subscription.png", + "AzureArtifactsHash": "0489504E470D0A1A0A0000000D4948445200000AB00000058B0806000000719D6413", + "Sha256Hash": "5DFA9BFA2C432D09A73E7C5F7BB3FD94EE5EFA0C1CB4CEAD5E29D107F6801FFD" + }, + { + "Source": "/.gitattributes", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "31947E13637D278D0BE0AB58D1F170689FB0602E6831A054469078EEE046100C" + }, + { + "Source": "/src/bicep/README.md", + "AzureArtifactsHash": "0423204D697373696F6E204C616E64696E67205A6F6E652042696365702054656D70", + "Sha256Hash": "25A860C65E9467F99986F23D9AC6370A7F1626A082355491F6EA66E1A3B31C6A" + }, + { + "Source": "/CODE_OF_CONDUCT.md", + "AzureArtifactsHash": "0423204D6963726F736F6674204F70656E20536F7572636520436F6465206F662043", + "Sha256Hash": "9DAEAE709A0BD71BCFD1C96DC5822ECEC5210327EFF929DA64B0AE7F8FAF1444" + }, + { + "Source": "/src/bicep/modules/firewall.bicep", + "AzureArtifactsHash": "04706172616D206E616D6520737472696E670A706172616D206C6F636174696F6E20", + "Sha256Hash": "F549943943514DEEBD5209FEB1D94F1DEC0F6B6B52F0A766A30D02EF0A8DDF0A" + }, + { + "Source": "/src/bicep/bicepconfig.json", + "AzureArtifactsHash": "047B0A2020202022616E616C797A657273223A207B0A20202020202022636F726522", + "Sha256Hash": "77FA6F0029D37602664D964DA5C08C13CF5C60CE7EAF0A7CBC2489FDAF0EEBA6" + }, + { + "Source": "/src/bicep/modules/routeTable.bicep", + "AzureArtifactsHash": "04706172616D206E616D6520737472696E670A706172616D206C6F636174696F6E20", + "Sha256Hash": "5240461A0188AC83F5AA7C0B6BA0A51AF12759638A679D1FA42DD4187719C350" + }, + { + "Source": "/src/bicep/modules/policyAssignment.bicep", + "AzureArtifactsHash": "0440616C6C6F776564285B0A2020274E495354270A202027494C3527202F2F20417A", + "Sha256Hash": "1CBC76AE37B2CFD06428D1C3B950F4DC5F6903C72B5B57438E7B3CDA0DAFFFCD" + }, + { + "Source": "/src/bicep/modules/privateLink.bicep", + "AzureArtifactsHash": "04406465736372697074696F6E2827546865206E616D65206F662074686520726573", + "Sha256Hash": "195246933A4D3560E602D56C8E28BC3CA016D10CC0D1DF3204CD2352DA67A117" + }, + { + "Source": "/src/bicep/modules/roleAssignment.bicep", + "AzureArtifactsHash": "04706172616D207461726765745265736F75726365496420737472696E670A706172", + "Sha256Hash": "E624BD6E6B9896B7EA8F6221F304B00EFB4C2C2485A86DBE816B1D4A880A6EA0" + }, + { + "Source": "/src/bicep/examples/containerRegistry/contRegistry.bicep", + "AzureArtifactsHash": "042F2A0A4465706C6F7965732061207072656D69756D20417A75726520436F6E7461", + "Sha256Hash": "FD04A4E044A41E52838BEDCD504DDC700A6CA5AF898EDB7B49FDCEC5A4AFBFB6" + }, + { + "Source": "/src/bicep/modules/remoteAccess.bicep", + "AzureArtifactsHash": "04706172616D206C6F636174696F6E20737472696E670A706172616D207461677320", + "Sha256Hash": "FC9328E9AFA4EAF57354D15F38813E264F726D3B7974A972799113B2F0DE8D8E" + }, + { + "Source": "/src/bicep/examples/remoteAccess/main.json", + "AzureArtifactsHash": "047B0A20202224736368656D61223A202268747470733A2F2F736368656D612E6D61", + "Sha256Hash": "DD313958E0F8A261F44A2F8E43450F348EC3CB15512CE38E133432BDF2E8C703" + }, + { + "Source": "/src/bicep/examples/containerRegistry/README.md", + "AzureArtifactsHash": "042320417A75726520436F6E7461696E6572205265676973747279204578616D706C", + "Sha256Hash": "953AE6C198E532902B1989F4228A7F52579106B46E3C3214F7F2E9B584CED9B6" + }, + { + "Source": "/src/bicep/examples/keyVault/azureKeyVault.bicep", + "AzureArtifactsHash": "042F2A0A4465706C6F7965732061207072656D69756D20417A757265204B65792056", + "Sha256Hash": "D0D6817F1F8337CFDE3FD438039E803B0C02CED1A88982DC083D202BF134F2BC" + }, + { + "Source": "/src/bicep/examples/appServicePlan/modules/appServiceSettings.bicep", + "AzureArtifactsHash": "04706172616D20737663506C616E4E616D6520737472696E670A706172616D207376", + "Sha256Hash": "543B2FE8D0D013F7886939D5C6A394F49AC6D233ED7391A2FE7B6BA816F5539A" + }, + { + "Source": "/src/bicep/examples/inheritTags/inherit.bicep", + "AzureArtifactsHash": "04706172616D207461674E616D65496E686572697420737472696E670A0A70617261", + "Sha256Hash": "213BADEAEEC230C6E4863F9FEFE30049345638D6C7B1AF482F45E6CDFE97E8B8" + }, + { + "Source": "/src/terraform/tier3/main.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "0382D42009CBB19600C0BC1718EA3DA8D73F9FE818A1173DD090DFAA2D9564FD" + }, + { + "Source": "/src/terraform/tier3/variables.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "750D3C9DBB29C6CD4604559C3C54C6C5514092CC64E974F34396F71A6DB7B854" + }, + { + "Source": "/src/terraform/modules/hub/main.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "2E212BCF5DE340AFAE77348D0D341E084D2C11CFFBFD98655B4DCAC4BFD51321" + }, + { + "Source": "/src/terraform/modules/hub/variables.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "01E58017FFC1E9A3C156FF2BE55976CF7450ADEC625B8CC0A52D72DA8C11A753" + }, + { + "Source": "/src/terraform/modules/subnet/variables.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "F729E9948DF1CF942F9E07B8326D1670338FC8CF2400D1E4DD3FFBAFBEA7AB46" + }, + { + "Source": "/src/terraform/modules/virtual-network/outputs.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "F46EE201DCC740832480C21BC1E36A4DBE619022D5BA389FFDA5DA25F077B9F9" + }, + { + "Source": "/src/terraform/modules/jumpbox/outputs.tf", + "AzureArtifactsHash": "04000000000000000000000000000000000000000000000000000000000000000000", + "Sha256Hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855" + }, + { + "Source": "/src/terraform/modules/jumpbox/main.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "8B3B17E905314033038C173367F999DF3571F2EADE266740C4BA93232574E6EE" + }, + { + "Source": "/src/terraform/modules/linux-virtual-machine/main.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "728753762C952CC2D905D3B91E1E0C58658C10BC64480483BBAB008C00BFE1F7" + }, + { + "Source": "/src/terraform/modules/linux-virtual-machine/variables.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "841918AC341C15DF54F379A7C28FC927400BDB04971E31803C6105B67BA65280" + }, + { + "Source": "/.azure-devops/prbuild/mlz-pr-sbom-pipelines.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "1F4D7C3830A3AD519471DA2518840D9E070378FFBBE5B17D9F12A1EBA3B4D225" + }, + { + "Source": "/.azure-devops/prbuild/mlz-pr-bicep-azurecloud-pipelines.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "B198846BDCDE015D08086EF5FB52A8443D2362D1E789078C6F8D17E483ABFEC8" + }, + { + "Source": "/.azure-devops/nightlybuild/templates/az-deployment.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "AB889865DF0638BA433C76F9D22C58C946274DEB6212B42FD18D813C1A3D35D1" + }, + { + "Source": "/.azure-devops/nightlybuild/templates/terraform-apply.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "3109E228AAC7946F5E4959B6C556481095DF3746988813680F8A5CB4EB503CE6" + }, + { + "Source": "/.github/workflows/validate-terraform.sh", + "AzureArtifactsHash": "0423212F62696E2F626173680A230A2320436F7079726967687420286329204D6963", + "Sha256Hash": "8577AB3C71589F203116670156F65357D9CCDAB1FB841987D30279B8929D67B9" + }, + { + "Source": "/.github/workflows/validate-build-bicep.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "B2F14E7DAF71F16223F8BF7B727AB3FDD07BBAB2A13D4BB2DDFBAF033566F159" + }, + { + "Source": "/docs/policies.md", + "AzureArtifactsHash": "0423204D697373696F6E204C616E64696E67205A6F6E6520526567756C61746F7279", + "Sha256Hash": "00A2A8E93D0561A70566EED82E893DC0BF7DE4EB3DC8ED381F2B584A271B4B4C" + }, + { + "Source": "/docs/management-groups.md", + "AzureArtifactsHash": "0423205573696E67204D616E6167656D656E742047726F7570732077697468204D69", + "Sha256Hash": "E30E4E035E9671D81011FF9FA808965FF16C45A9D5C950E247E013FC45492144" + }, + { + "Source": "/docs/images/management-groups/mg4-subscription-in-management-group.png", + "AzureArtifactsHash": "0489504E470D0A1A0A0000000D4948445200000ABC000003610806000000BFAE8943", + "Sha256Hash": "D992ADF22B34DA57BAFF902353BDE67C6A61B3E4D3C322FF6ADB1B6ECD4942EF" + }, + { + "Source": "/docs/images/scope-v2.png", + "AzureArtifactsHash": "0489504E470D0A1A0A0000000D4948445200000A0A000004AC08030000006349B1EB", + "Sha256Hash": "3BC7910260A3EA8E968AEE386911BC191A0201EB223B1F46E207177300B036A5" + }, + { + "Source": "/.devcontainer/devcontainer.json", + "AzureArtifactsHash": "042F2F20436F7079726967687420286329204D6963726F736F667420436F72706F72", + "Sha256Hash": "3C48AC63A1A836DFBDE3E616C5494E27735D805CB07BD2785CF3E09A94AD5E2D" + }, + { + "Source": "/.devcontainer/README.md", + "AzureArtifactsHash": "042320446576656C6F706D656E7420436F6E7461696E65722047756964650A0A5468", + "Sha256Hash": "C07AC70FBA0D45EE28A0803B6372D08DF408C7CBE3E0D29B549988963FEAC69A" + }, + { + "Source": "/SUPPORT.md", + "AzureArtifactsHash": "042320537570706F727420616E6420466565646261636B0D0A0D0A232320486F7720", + "Sha256Hash": "7F1FAD5639BBA23DBCAA521FE7BDAF812F4176A4E9BB0F873CB45D9C38DACAE1" + }, + { + "Source": "/src/bicep/mlz.bicep", + "AzureArtifactsHash": "0474617267657453636F7065203D2027737562736372697074696F6E270A0A2F2A0A", + "Sha256Hash": "FC3FFADEFC26749186D07311BB156009305D6E45D9055D17901D30A7267338EC" + }, + { + "Source": "/src/bicep/modules/spokeNetwork.bicep", + "AzureArtifactsHash": "04706172616D206C6F636174696F6E20737472696E67203D207265736F7572636547", + "Sha256Hash": "8F2BD0CFF9361E5CB3EE5D3BDB59BA6222F86556B18A83A6723F11BDF3C6AFF3" + }, + { + "Source": "/src/bicep/modules/spokeNetworkPeering.bicep", + "AzureArtifactsHash": "0474617267657453636F7065203D2027737562736372697074696F6E270A0A706172", + "Sha256Hash": "39429416C8647E1AAE0DF44789BD585ED1B23BEB478FC5E42B7AA595557FDF7A" + }, + { + "Source": "/src/bicep/modules/resourceGroup.bicep", + "AzureArtifactsHash": "0474617267657453636F7065203D2027737562736372697074696F6E270A0A706172", + "Sha256Hash": "28E7B52279CE3F54A6F523B10F1126414B5FE74D9D39F326C1E9BDABF83C5124" + }, + { + "Source": "/src/bicep/examples/README.md", + "AzureArtifactsHash": "0423204578616D706C65730A0A496E2074686973206469726563746F727920617265", + "Sha256Hash": "F3D36DA740F6993836CF0A8976201105A662234D75B118EB36E65FF4AE56E5D2" + }, + { + "Source": "/src/bicep/examples/appServicePlan/modules/appServicePlan.bicep", + "AzureArtifactsHash": "04706172616D20737663506C616E4E616D6520737472696E670A706172616D206C6F", + "Sha256Hash": "DDAB567A03B51BCA943BB0BA366B71050CE7C27960BE471C9140B48D2D48B2D0" + }, + { + "Source": "/LICENSE", + "AzureArtifactsHash": "04202020204D4954204C6963656E73650A0A20202020436F70797269676874202863", + "Sha256Hash": "C2CFCCB812FE482101A8F04597DFC5A9991A6B2748266C47AC91B6A5AAE15383" + }, + { + "Source": "/src/bicep/examples/inheritTags/README.md", + "AzureArtifactsHash": "042320496E6865726974696E6720546167730A0A54686973206578616D706C652061", + "Sha256Hash": "5C8D3E3C273890DF49FEF32DD541E8BE38805BC43CAE3AB1668E6CD60008674E" + }, + { + "Source": "/src/bicep/mlz.json", + "AzureArtifactsHash": "047B0A20202224736368656D61223A202268747470733A2F2F736368656D612E6D61", + "Sha256Hash": "DEAE3E8DF0F8F88BFC4BBB477F4905BCEF96807432F4F4CA0793F4A90BF09BD8" + }, + { + "Source": "/src/terraform/mlz/outputs.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "F6BDFCDA80239A07D5608177689D62AE9967AAFE997AB3DF77007D6894213B13" + }, + { + "Source": "/src/bicep/modules/securityCenter.bicep", + "AzureArtifactsHash": "0474617267657453636F7065203D2027737562736372697074696F6E270A0A766172", + "Sha256Hash": "004A08EB6AFF141E1F43B891ECFBFB61E6F8F8482680C4651950EF74E325EF45" + }, + { + "Source": "/src/terraform/modules/policy-assignments/nist-parameter-values/public.json.tmpl", + "AzureArtifactsHash": "047B0A20202020226C6973744F664D656D62657273546F4578636C75646546726F6D", + "Sha256Hash": "1B42919C72CEDD3C594784E235D49A0415E74C6AB2A3C0E18136E4F766156880" + }, + { + "Source": "/src/bicep/modules/publicIPAddress.bicep", + "AzureArtifactsHash": "04706172616D206E616D6520737472696E670A706172616D206C6F636174696F6E20", + "Sha256Hash": "913E010756BAB552AE8F12072B832A5193A083F3A09E035854CDFCAC8867B35C" + }, + { + "Source": "/src/terraform/modules/virtual-network/main.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "5B5E029366F54AF147AD5B0441301A522143C99F6AAF7E9C18C4928DCD279F44" + }, + { + "Source": "/src/bicep/modules/subnet.bicep", + "AzureArtifactsHash": "04706172616D206E616D6520737472696E670A0A706172616D206164647265737350", + "Sha256Hash": "1A5E3368D29165AFEB98202A8F20E089BC55070120BADB863D37694FADBF315D" + }, + { + "Source": "/src/terraform/modules/jumpbox/variables.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "1744163FC4B8A83EABB6C22E49EF3C34FD27804DCCDB622FE8026380140F3179" + }, + { + "Source": "/src/bicep/form/mlz.portal.json", + "AzureArtifactsHash": "047B0A20202224736368656D61223A20223C72656C6174697665207061746820746F", + "Sha256Hash": "A20E84C425AE410785904B3C8D89BC83008AC67EA2533905BEC678AE5F842DBD" + }, + { + "Source": "/src/terraform/modules/spoke/outputs.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "60A31EE16435BA3643EA33422D3987DBCDB8C93F8ED6DF65707385960E73BFD7" + }, + { + "Source": "/src/bicep/examples/appServicePlan/README.md", + "AzureArtifactsHash": "042320417070205365727669636520506C616E204578616D706C650A0A5468697320", + "Sha256Hash": "B86D98C800F5A5A06B66383F65A70BD33EB29000394780A36454D682D36D42C3" + }, + { + "Source": "/.azure-devops/prbuild/mlz-pr-bicep-azuregov-pipelines.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "C7D1B85DA6E819E5AB16A20C60D7DC94F34411C796C26FF9FE2B7F09BCD33D54" + }, + { + "Source": "/src/bicep/examples/newWorkload/modules/hubNetworkPeering.bicep", + "AzureArtifactsHash": "0474617267657453636F7065203D2027737562736372697074696F6E270A0A706172", + "Sha256Hash": "996AC71FADFD807762B7AFFA451383A03310E5DE4CAE20B54816EB3AEB4C505B" + }, + { + "Source": "/.azure-devops/nightlybuild/mlz-bicep-azurecloud-pipelines.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "6A72770D5254DFDF2F4B2A5102D03496DA5BF36406D423B5EFA28CEDCCE59664" + }, + { + "Source": "/src/terraform/mlz/main.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "32DA818501B2E6D739233BF4DB0837CC8230881D038AB228612B32A120FC6785" + }, + { + "Source": "/.github/workflows/super-linter.yml", + "AzureArtifactsHash": "042D2D2D0A0A2320436F7079726967687420286329204D6963726F736F667420436F", + "Sha256Hash": "16E6E1FC5A94B129DC1AE36D7F580587C90DFC6EE97F3A5A10B97022DC774EC0" + }, + { + "Source": "/src/terraform/modules/policy-assignments/nist-parameter-values/usgovernment.json.tmpl", + "AzureArtifactsHash": "047B0A2020226C6973744F664D656D62657273546F4578636C75646546726F6D5769", + "Sha256Hash": "5D39DED25787130282B6D89679B4FECB6F3D225CF737D3685E2F801EFB9FB78E" + }, + { + "Source": "/docs/deployment-guide-bicep.md", + "AzureArtifactsHash": "0423204D697373696F6E204C5A204465706C6F796D656E7420477569646520666F72", + "Sha256Hash": "70AD9502ED1766ACC43F752E9FF08BAFA3389A9D82D7BFCBF8877A2F80420E4F" + }, + { + "Source": "/src/terraform/modules/virtual-network/variables.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "19E5D279275B0028183EE167A94F6AC8705D0470C2F45DAF04305D24D096D1FA" + }, + { + "Source": "/docs/images/deploytoazure.svg", + "AzureArtifactsHash": "043C3F786D6C2076657273696F6E3D22312E302220656E636F64696E673D22555446", + "Sha256Hash": "61DF8823568BE5EC8DD45B79E82CFA33515F86A5D79E56626152E1A13E4F2201" + }, + { + "Source": "/src/terraform/modules/firewall/outputs.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "60A04DF2A8A4FB978E07AD95A1EC278AF63212C71FD27A3D4D1D896E9379C99C" + }, + { + "Source": "/.devcontainer/Dockerfile", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "473D3D91E568CB56944B128692F940F9AEFC7E0E7582704653A7543542611BAA" + }, + { + "Source": "/src/terraform/modules/spoke/main.tf", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "011A409535446955AC0243FBDB00017F121E8B2234305B3E1A99553B04412337" + }, + { + "Source": "/.azure-devops/prbuild/mlz-pr-tf-azuregov-pipelines.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "CC903665D40D120D059DC1AB2779EA33BED232CC54EF2BD21ECF9FC1024BCCF1" + }, + { + "Source": "/.azure-devops/nightlybuild/mlz-bicep-azuregov-pipelines.yml", + "AzureArtifactsHash": "042320436F7079726967687420286329204D6963726F736F667420436F72706F7261", + "Sha256Hash": "EBAB61F71707347FCAFB0DE29DA0D03EC79C3C3ACFFB96690A5D4EB749792481" + }, + { + "Source": "/.github/workflows/validate-terraform.yml", + "AzureArtifactsHash": "042D2D2D0A0A2320436F7079726967687420286329204D6963726F736F667420436F", + "Sha256Hash": "CB36D5401A0EFF9F3A208B15E8ABCCB1573C4287A64075A775E07D06EB372D48" + }, + { + "Source": "/.github/ISSUE_TEMPLATE/question.md", + "AzureArtifactsHash": "042D2D2D0A6E616D653A205175657374696F6E0A61626F75743A2041736B20612071", + "Sha256Hash": "52481C6C2F9A540089846608388932E9ADAC745BC7604EBBF03BD8D31498D398" + }, + { + "Source": "/docs/images/20220204_missionlz_as_of_Feb2022_light.svg", + "AzureArtifactsHash": "043C3F786D6C2076657273696F6E3D22312E302220656E636F64696E673D22555446", + "Sha256Hash": "ACFBFE4CBFC7F93CCA4E7B11A25336260712BCF53EB419FFEC8140C34E9DC8F4" + }, + { + "Source": "/.vscode/settings.json", + "AzureArtifactsHash": "042F2F20436F7079726967687420286329204D6963726F736F667420436F72706F72", + "Sha256Hash": "6C5A2EA2A8A4A493F469FAD5677E0569F2209C321E0F12A6314134B4C99862F9" + } + ], + "CloudBuildId": "8556", + "Repo": "https://github.com/Azure/missionlz", + "Branch": "merge", + "CommitId": "f219da8e00fbf4d50d66475a5d7ca957c9160476", + "Version": "0.0.1", + "Timestamp": 1645133289 +} diff --git a/_manifest/manifest.json.sha256 b/_manifest/manifest.json.sha256 new file mode 100644 index 000000000..f0d26dda7 Binary files /dev/null and b/_manifest/manifest.json.sha256 differ diff --git a/_manifest/spdx_2.2/manifest.spdx.json b/_manifest/spdx_2.2/manifest.spdx.json new file mode 100644 index 000000000..4756fc53b --- /dev/null +++ b/_manifest/spdx_2.2/manifest.spdx.json @@ -0,0 +1,3053 @@ +{ + "files": [ + { + "fileName": "./SECURITY.md", + "SPDXID": "SPDXRef-File--SECURITY.md-28A48DED0C097169644A9C376CAD1A380DECB6CE", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "89ffe07758cfd3c7d69f05047000130f78dd40a809d5496e19dccab76cf8f50c" + }, + { + "algorithm": "SHA1", + "checksumValue": "28a48ded0c097169644a9c376cad1a380decb6ce" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.gitignore", + "SPDXID": "SPDXRef-File--.gitignore-094F7A9121BBAD7D52EFB1D3F4B630CA15F32793", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "37eec709bd606fa90861bc08d28d4117f11f752c3dd1c044fca2271e2f811828" + }, + { + "algorithm": "SHA1", + "checksumValue": "094f7a9121bbad7d52efb1d3f4b630ca15f32793" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./README.md", + "SPDXID": "SPDXRef-File--README.md-2B293E8A393A0FEA40B6A6D95F57E39537C7EAE8", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "d3e67886ba7b64fd6a0fdb70b8d222822f7e846dea4532d5ad6db808e0c38f56" + }, + { + "algorithm": "SHA1", + "checksumValue": "2b293e8a393a0fea40b6a6d95f57e39537c7eae8" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/windowsVirtualMachine.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-windowsVirtualMachine.bicep-AE7BD5127CF8BA159686EF299BEFD3D0ADDD55A0", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "48f34ddd11cbac02cc724943a8e5b5962e4636fdb68dd4cc39c0205faa3836fc" + }, + { + "algorithm": "SHA1", + "checksumValue": "ae7bd5127cf8ba159686ef299befd3d0addd55a0" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/networkInterface.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-networkInterface.bicep-A838969BD72C03563327E85857A26F2A56C6662E", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "640df6fe4e0fb3e23cf8fe05f6068de14a998f8f761ecc9e954a450ee17f5d77" + }, + { + "algorithm": "SHA1", + "checksumValue": "a838969bd72c03563327e85857a26f2a56c6662e" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/centralLogging.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-centralLogging.bicep-76DCBFBB47FC844BFDED8423B1458C1054060FC1", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "8dfdf645051221094b24b5cedf435193bc9cf5c9c302d12bf05a4d98ddd81b24" + }, + { + "algorithm": "SHA1", + "checksumValue": "76dcbfbb47fc844bfded8423b1458c1054060fc1" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/bastionHost.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-bastionHost.bicep-E05D4A8244AE68569C10C94EA2B23B4A1F918E73", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "783f2fe42a248eaf9e6a62a0e255793267cc0a97b3e03a6ba2ff13c9a4a053d5" + }, + { + "algorithm": "SHA1", + "checksumValue": "e05d4a8244ae68569c10c94ea2b23b4a1f918e73" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/linuxVirtualMachine.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-linuxVirtualMachine.bicep-2B7894C75BACB795B526C5AE6531BBFC61D7F9BC", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "f8bfdc65216fb6457ed73f519e6d22596866df80eaebf597ae509d2aae9e2a4e" + }, + { + "algorithm": "SHA1", + "checksumValue": "2b7894c75bacb795b526c5ae6531bbfc61d7f9bc" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/logAnalyticsWorkspace.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-logAnalyticsWorkspace.bicep-3987B39C3375F7A6DDC1D893E0F9013778826AD4", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "9f8146497cfa675fa651296420e750d2bcef9b2a2547289212d40aae05d7f86c" + }, + { + "algorithm": "SHA1", + "checksumValue": "3987b39c3375f7a6ddc1d893e0f9013778826ad4" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/policies/IL5-policyAssignmentParameters.json", + "SPDXID": "SPDXRef-File--src-bicep-modules-policies-IL5-policyAssignmentParameters.json-D0D5010A6DF9D2105C97E07EA480C6C00D990C6C", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "cf864dfa1ec76ba0e1ebc38e69a7e1ff9c7acfa50de9f947e99872a2610ffd56" + }, + { + "algorithm": "SHA1", + "checksumValue": "d0d5010a6df9d2105c97e07ea480c6c00d990c6c" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/policies/CMMC-policyAssignmentParameters.json", + "SPDXID": "SPDXRef-File--src-bicep-modules-policies-CMMC-policyAssignmentParameters.json-8CF60C607C27A50C539609F86166A4A99550B8DB", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "aa11b7dcf0c12d8b4167f5c8ad7130194b6b5e17ad0bf0b2d84d03d8423b29fb" + }, + { + "algorithm": "SHA1", + "checksumValue": "8cf60c607c27a50c539609f86166a4a99550b8db" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/appServicePlan/appService.bicep", + "SPDXID": "SPDXRef-File--src-bicep-examples-appServicePlan-appService.bicep-3464ED8AB337E00BE62CCB3F5861F7D877B89A9D", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "482d25aa62e13e458b06c9d3266a190f9c831f5768fa77bad86364256cb6a4e1" + }, + { + "algorithm": "SHA1", + "checksumValue": "3464ed8ab337e00be62ccb3f5861f7d877b89a9d" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/sentinel/README.md", + "SPDXID": "SPDXRef-File--src-bicep-examples-sentinel-README.md-4E4751C7862E88C7BEE1AB4DB33A77DBAC52404D", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "79ff363b323714d4aa508f6416b40fad1ab83e81b055f47777abe876850636ce" + }, + { + "algorithm": "SHA1", + "checksumValue": "4e4751c7862e88c7bee1ab4db33a77dbac52404d" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/newWorkload/README.md", + "SPDXID": "SPDXRef-File--src-bicep-examples-newWorkload-README.md-76F20515E7FFBA1DA56DAC4348440F3F4D181D85", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "ff1108a0adf9e71367c97d2b1dc0e5f521a5f5cf6f3ac70fd6f7ff499189e1db" + }, + { + "algorithm": "SHA1", + "checksumValue": "76f20515e7ffba1da56dac4348440f3f4d181d85" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/newWorkload/newWorkload.bicep", + "SPDXID": "SPDXRef-File--src-bicep-examples-newWorkload-newWorkload.bicep-B2C355F46340ABC45C5402225B5E3115753067B4", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "c6da3bd54e52f66d7ff7d5a3288686b7e2c8ccc8c4a2d8250ffd943d668e3c22" + }, + { + "algorithm": "SHA1", + "checksumValue": "b2c355f46340abc45c5402225b5e3115753067b4" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/mlz/variables.tf", + "SPDXID": "SPDXRef-File--src-terraform-mlz-variables.tf-B663AABEC188924FF7491D708FFDA188CA3C08A3", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "41eadedbdc7a1c8b6e56d829f1cf063c74c6381efd8cb89b4b4e1106ee7d2c5f" + }, + { + "algorithm": "SHA1", + "checksumValue": "b663aabec188924ff7491d708ffda188ca3c08a3" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/policy-assignments/outputs.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-policy-assignments-outputs.tf-DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" + }, + { + "algorithm": "SHA1", + "checksumValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/bastion/outputs.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-bastion-outputs.tf-DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" + }, + { + "algorithm": "SHA1", + "checksumValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/README.md", + "SPDXID": "SPDXRef-File--src-terraform-README.md-ABE1845E8DB9FEDBCF1BF193CA8C4A052EFB766E", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "1138044d7d0567eb2c610dc7cea7d55807cc461224d8ee1a3b7d420f20902568" + }, + { + "algorithm": "SHA1", + "checksumValue": "abe1845e8db9fedbcf1bf193ca8c4a052efb766e" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/firewall/main.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-firewall-main.tf-A074A567EB7080A6EF97D4D125950422A3EB146B", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "3a82b541bcba083ca3dc062a8fba5891494b06b026839887af15d565e42cf5ed" + }, + { + "algorithm": "SHA1", + "checksumValue": "a074a567eb7080a6ef97d4d125950422a3eb146b" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/policy-assignments/main.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-policy-assignments-main.tf-24E0071CFAAAEBC2BE741FA23B35C53992D56571", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "4e43f990b727cecfc7ba6ba5d176bc0b4ea72d91885f88d6c2971776f0e36679" + }, + { + "algorithm": "SHA1", + "checksumValue": "24e0071cfaaaebc2be741fa23b35c53992d56571" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/spoke/variables.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-spoke-variables.tf-2BCCF3D2E7484BA2A248F5DE8412A96237B59679", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "cda5f1c9c4f99a12ba47f14ea8aa41246e8ccf4fb0a0c7f74ed9a01ee08a7579" + }, + { + "algorithm": "SHA1", + "checksumValue": "2bccf3d2e7484ba2a248f5de8412a96237b59679" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/bastion/main.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-bastion-main.tf-20E06656E6E60AC008404469F037B2130DAE561C", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "40047984910db59328428465018ae5fd5bb41fca2b6131f2dd81fbe6ca1cabc6" + }, + { + "algorithm": "SHA1", + "checksumValue": "20e06656e6e60ac008404469f037b2130dae561c" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/prbuild/mlz-pr-tf-azurecloud-pipelines.yml", + "SPDXID": "SPDXRef-File--.azure-devops-prbuild-mlz-pr-tf-azurecloud-pipelines.yml-FD966A0AC397B24C652F67415CFFB9C5CEE96A0E", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "30fac8178b54c393c7c8ee705a07dcf572c2b5eb874a33fed8cb64582e6007ed" + }, + { + "algorithm": "SHA1", + "checksumValue": "fd966a0ac397b24c652f67415cffb9c5cee96a0e" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/firewall/variables.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-firewall-variables.tf-68EB233172BC175ACC03C12EC7DF8078036C9C88", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "e235a28bf3cda39701fa01c381c29a7aff4e8af671cdc44b4f7cde850bb2cfb9" + }, + { + "algorithm": "SHA1", + "checksumValue": "68eb233172bc175acc03c12ec7df8078036c9c88" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/nightlybuild/mlz-tf-azuregov-pipelines.yml", + "SPDXID": "SPDXRef-File--.azure-devops-nightlybuild-mlz-tf-azuregov-pipelines.yml-7BC9A73199A8B736E635625C7629E9B12541D0C9", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "d264480523bafdb200be0de38b97defb725f28ffb9b1842f31d783b9280572d3" + }, + { + "algorithm": "SHA1", + "checksumValue": "7bc9a73199a8b736e635625c7629e9b12541d0c9" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/windows-virtual-machine/outputs.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-windows-virtual-machine-outputs.tf-DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" + }, + { + "algorithm": "SHA1", + "checksumValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.github/pull_request_template.md", + "SPDXID": "SPDXRef-File--.github-pull-request-template.md-DC86DEADDA96D728BDB99855DC3B6E4BEF34E11A", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "0df7c4d87086902f68be49acaeb6f9239b3d77dbe4f9b4ae2e1423f871ce9a42" + }, + { + "algorithm": "SHA1", + "checksumValue": "dc86deadda96d728bdb99855dc3b6e4bef34e11a" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/cred-poli-scan.yml", + "SPDXID": "SPDXRef-File--.azure-devops-cred-poli-scan.yml-B3803A3194AA6B8E8E176B08414D0D70D2582DAE", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "e177c3bb80497f2fb34f50aff3b97462aeeb187d3accd563bba5fc9e8954b45a" + }, + { + "algorithm": "SHA1", + "checksumValue": "b3803a3194aa6b8e8e176b08414d0d70d2582dae" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/nightlybuild/mlz-tf-azurecloud-pipelines.yml", + "SPDXID": "SPDXRef-File--.azure-devops-nightlybuild-mlz-tf-azurecloud-pipelines.yml-40F24ECAB27D7CA0441FDB799C2CCAD03B545E8C", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "972db035811a02922376c19d219c73e247ff852d8fb02c35f1ae9ea781cdcc7f" + }, + { + "algorithm": "SHA1", + "checksumValue": "40f24ecab27d7ca0441fdb799c2ccad03b545e8c" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.github/dependabot.yml", + "SPDXID": "SPDXRef-File--.github-dependabot.yml-07EDF6C9D72A0309DC91A8763F74247F2D122B57", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "3afd433aaa570ca649e91113f0297130b127f4fef451cd266dc02e4d59691ac3" + }, + { + "algorithm": "SHA1", + "checksumValue": "07edf6c9d72a0309dc91a8763f74247f2d122b57" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.github/ISSUE_TEMPLATE/bug_report.md", + "SPDXID": "SPDXRef-File--.github-ISSUE-TEMPLATE-bug-report.md-B20CF5C186B324D71CACA0CAA26FBE8385408F73", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "a9daa3fcb5d321cc508aa87bd1024b9375ae0baaeda87e0a4d89b11c08908bfb" + }, + { + "algorithm": "SHA1", + "checksumValue": "b20cf5c186b324d71caca0caa26fbe8385408f73" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.github/ISSUE_TEMPLATE/backlog_item.md", + "SPDXID": "SPDXRef-File--.github-ISSUE-TEMPLATE-backlog-item.md-01B6CDB236BB10A931C27F0DE323FD290BAF15E7", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "7f409db232b72c0e6f921c2fd39ad60d1de13105f6dc90302cb0642d1a513c03" + }, + { + "algorithm": "SHA1", + "checksumValue": "01b6cdb236bb10a931c27f0de323fd290baf15e7" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/images/networking.png", + "SPDXID": "SPDXRef-File--docs-images-networking.png-393C984E4D29903DE4426906F004A26CF023B7F2", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "497d6c0c461fa3f0b12758d600f0b88ee0999eb39912aa064952c6569fc1d329" + }, + { + "algorithm": "SHA1", + "checksumValue": "393c984e4d29903de4426906f004a26cf023b7f2" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/images/deploytoazuregov.svg", + "SPDXID": "SPDXRef-File--docs-images-deploytoazuregov.svg-C67080F86FFBC18AABAEDDF46D1C54901D2C7E71", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "d1ca547eab43b6a18c7d8f98694b301517c5c2448ffc5303dba352c4e026ff72" + }, + { + "algorithm": "SHA1", + "checksumValue": "c67080f86ffbc18aabaeddf46d1c54901d2c7e71" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.vscode/extensions.json", + "SPDXID": "SPDXRef-File--.vscode-extensions.json-B410AFCE726859B978FEF226CA6F799D6931A3C2", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "e54e7bb6baeafc552cc9012f684f10a66834ae06fd107d4266070b7ce256f3ba" + }, + { + "algorithm": "SHA1", + "checksumValue": "b410afce726859b978fef226ca6f799d6931a3c2" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/images/management-groups/mg2-empty-subscription-list.png", + "SPDXID": "SPDXRef-File--docs-images-management-groups-mg2-empty-subscription-list.png-49539C23E7C6ED6223EFE91972FDCE52EFBC0A28", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "ff19b3f037bc865af2b59bab59bf285b5c4f2b42d31ece908387bcc1ce9b20da" + }, + { + "algorithm": "SHA1", + "checksumValue": "49539c23e7c6ed6223efe91972fdce52efbc0a28" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./CONTRIBUTING.md", + "SPDXID": "SPDXRef-File--CONTRIBUTING.md-01FC0CBA2503585D19E11361633A2EB351929F87", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "3f733e8c2afdda935c789c2378f8ab22a0c9819180dea6f6fed1d23c2b58bd0d" + }, + { + "algorithm": "SHA1", + "checksumValue": "01fc0cba2503585d19e11361633a2eb351929f87" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/storageAccount.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-storageAccount.bicep-B75FD567081F920D9669310354D314688761878B", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "0a12b988626c851051886a012826ef73d3d63bc1462c45d82d4b2c33d7bfa4b3" + }, + { + "algorithm": "SHA1", + "checksumValue": "b75fd567081f920d9669310354d314688761878b" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/hubNetwork.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-hubNetwork.bicep-EE76CAE454031E1EE88779995C88FB51A873B04E", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "edeac5b5834fc9c3db0853ec6b7dfd8b786a222b14dd421b8cf5accbd04aecc2" + }, + { + "algorithm": "SHA1", + "checksumValue": "ee76cae454031e1ee88779995c88fb51a873b04e" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/hubNetworkPeerings.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-hubNetworkPeerings.bicep-278BB4340CF89126B29E3D1B670F6022BD555960", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "9741536d665a963c60720d8ae677b0c6c76ce7b99491966279161038bcce994e" + }, + { + "algorithm": "SHA1", + "checksumValue": "278bb4340cf89126b29e3d1b670f6022bd555960" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/networkSecurityGroup.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-networkSecurityGroup.bicep-6FAF7D0A8F637A596303712416385AC9BC0B7E4A", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "0c87a70128ade0133f19d5ecee43c50ede516b03d96a971704607f67bd520fde" + }, + { + "algorithm": "SHA1", + "checksumValue": "6faf7d0a8f637a596303712416385ac9bc0b7e4a" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/containerRegistry/modules/containerRegistry.bicep", + "SPDXID": "SPDXRef-File--src-bicep-examples-containerRegistry-modules-containerRegistry.bicep-5709FA93416FAAEFF383A39F549DCDBAEBF20241", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "0adafe6db27170496017d91ef6363d2f101707ba98c23a5ade5b60334cb09ddd" + }, + { + "algorithm": "SHA1", + "checksumValue": "5709fa93416faaeff383a39f549dcdbaebf20241" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/remoteAccess/main.bicep", + "SPDXID": "SPDXRef-File--src-bicep-examples-remoteAccess-main.bicep-8E6378967AB1DDC5641A2EDF5648EE3DB8F96F22", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "5d3883dfb0a10fe70ba037b6726e2c7659a6cb970829b580eaa3ba52719e4c69" + }, + { + "algorithm": "SHA1", + "checksumValue": "8e6378967ab1ddc5641a2edf5648ee3db8f96f22" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/keyVault/README.md", + "SPDXID": "SPDXRef-File--src-bicep-examples-keyVault-README.md-0E6A22DDB3096385053E6BF81FE0DE4CA91B497A", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "3ac52947d5729c16a45f4892e6574b63493d595fb3fbad90edc5a1228c213b7b" + }, + { + "algorithm": "SHA1", + "checksumValue": "0e6a22ddb3096385053e6bf81fe0de4ca91b497a" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./NOTICE", + "SPDXID": "SPDXRef-File--NOTICE-0D647CAB1E14E880446589F9050BE10E6D6882CB", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "1f22e5cbb6f4e5a075061cb35e33f3caa610a880b4d0d5b5ecc7bcefc9e91a8d" + }, + { + "algorithm": "SHA1", + "checksumValue": "0d647cab1e14e880446589f9050be10e6d6882cb" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/tier3/outputs.tf", + "SPDXID": "SPDXRef-File--src-terraform-tier3-outputs.tf-B9820EE813195376DA1292009B5AB91DF14080F0", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "1c8a20fa5b81a909cb9336b543c6f7e11af5415bbab6e880cb9b0eaf2d2f20f8" + }, + { + "algorithm": "SHA1", + "checksumValue": "b9820ee813195376da1292009b5ab91df14080f0" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/virtualNetworkPeering.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-virtualNetworkPeering.bicep-85DC92CB00573147B96DBA46AAD214371730EB7C", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "de5af067a6dd7400dc9b67ef629d9ee32ef143bd23efc67c06fe3d6da819b84e" + }, + { + "algorithm": "SHA1", + "checksumValue": "85dc92cb00573147b96dba46aad214371730eb7c" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/hub/outputs.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-hub-outputs.tf-6E5165DE66D0B63F03669330F8CD14B9601C32BD", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "eb1ad4f9be016bb0b646974aaca4c42088e59eeeb84ec8a379e86009e6ad2f59" + }, + { + "algorithm": "SHA1", + "checksumValue": "6e5165de66d0b63f03669330f8cd14b9601c32bd" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/logAnalyticsDiagnosticLogging.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-logAnalyticsDiagnosticLogging.bicep-5C90C218ACF72F2FD376DC6E73042F6BA2EF9BA1", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "040a8767646b2d5f5cf8c9fac3112d5183cbab94b5005f4f6e3f4b79343b57a2" + }, + { + "algorithm": "SHA1", + "checksumValue": "5c90c218acf72f2fd376dc6e73042f6ba2ef9ba1" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/subnet/main.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-subnet-main.tf-D344C620D3EECC7C9EE2451E145E681325A83E5D", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "b6b553fe91052362452fcaeed457dc627ff7e67c3b3496636c9ebca8a9c4da4a" + }, + { + "algorithm": "SHA1", + "checksumValue": "d344c620d3eecc7c9ee2451e145e681325a83e5d" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/virtualNetwork.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-virtualNetwork.bicep-F479DA88FBA578FF1576EF5D78274E9A8B35F469", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "3e429b1678856f63baf88c320aa57415e4d2014645bd0499d0f85a5401464180" + }, + { + "algorithm": "SHA1", + "checksumValue": "f479da88fba578ff1576ef5d78274e9a8b35f469" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/windows-virtual-machine/variables.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-windows-virtual-machine-variables.tf-E6CE40236B8BDEF4255A61F90B6CD769A8730197", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "841918ac341c15df54f379a7c28fc927400bdb04971e31803c6105b67ba65280" + }, + { + "algorithm": "SHA1", + "checksumValue": "e6ce40236b8bdef4255a61f90b6cd769a8730197" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/policies/NIST-policyAssignmentParameters.json", + "SPDXID": "SPDXRef-File--src-bicep-modules-policies-NIST-policyAssignmentParameters.json-1D2322F550CA984CD0D623B3673C78987F1DDCB3", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "8bc44d8ae410e93daa114017536af566e5e6270b30226225e42a0ce780dd41c7" + }, + { + "algorithm": "SHA1", + "checksumValue": "1d2322f550ca984cd0d623b3673c78987f1ddcb3" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/linux-virtual-machine/outputs.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-linux-virtual-machine-outputs.tf-DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" + }, + { + "algorithm": "SHA1", + "checksumValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/sentinel/sentinel.tf", + "SPDXID": "SPDXRef-File--src-bicep-examples-sentinel-sentinel.tf-0123C515D78CE08EBC531683E6AFA6AD05D131A0", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "085607cf83157914ad70254c0096f8b9d685ec1769fa660ed528f29c834764b7" + }, + { + "algorithm": "SHA1", + "checksumValue": "0123c515d78ce08ebc531683e6afa6ad05d131a0" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/prbuild/templates/terraform-plan.yml", + "SPDXID": "SPDXRef-File--.azure-devops-prbuild-templates-terraform-plan.yml-68A2F159B21A4077813C335A4614C0A234320932", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "cddef69dcbb3f354dcee8eab2470f1f78bcea21ba6379a667550ef2dcd403206" + }, + { + "algorithm": "SHA1", + "checksumValue": "68a2f159b21a4077813c335a4614c0a234320932" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/remoteAccess/README.md", + "SPDXID": "SPDXRef-File--src-bicep-examples-remoteAccess-README.md-A3AFA691CC0E9AC9ABBA7D8B9EBC16DE419D165B", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "4db9d861fc91ad574d881eb943611526bd756c7aaf2b2845c754123ee56abf0a" + }, + { + "algorithm": "SHA1", + "checksumValue": "a3afa691cc0e9ac9abba7d8b9ebc16de419d165b" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/nightlybuild/templates/clean-az-subscription.yml", + "SPDXID": "SPDXRef-File--.azure-devops-nightlybuild-templates-clean-az-subscription.yml-DF56636E3B9FFCC4D4E23435E70F8F0A7A00EA6A", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "4064636f0fa679fc9e3f783c56f9b235d6f3c9f984a148ab1354b9dd7dd0c274" + }, + { + "algorithm": "SHA1", + "checksumValue": "df56636e3b9ffcc4d4e23435e70f8f0a7a00ea6a" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/keyVault/modules/keyVault.bicep", + "SPDXID": "SPDXRef-File--src-bicep-examples-keyVault-modules-keyVault.bicep-E324BD60A35BDAB0DFE96C1392C5E7B4D8929A90", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "5029f87ec84f97a526f18f05f1a0beb5d41f17a3e8d2da8982624492101b55e3" + }, + { + "algorithm": "SHA1", + "checksumValue": "e324bd60a35bdab0dfe96c1392c5e7b4d8929a90" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.github/workflows/README.md", + "SPDXID": "SPDXRef-File--.github-workflows-README.md-17710B7AE200C27DF31FA3011BF864E13FC77C42", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "f6314b80732c517f16559ec2b9a2fd243123ff1957e99a89f890e060c8d76a54" + }, + { + "algorithm": "SHA1", + "checksumValue": "17710b7ae200c27df31fa3011bf864e13fc77c42" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/policy-assignments/variables.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-policy-assignments-variables.tf-40C530674518775957C17862E9D888D4AE5B0019", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "ef13943a8c0385f563f0847e26f3d5865d1daa760bc252b4a3bfd756bde4162b" + }, + { + "algorithm": "SHA1", + "checksumValue": "40c530674518775957c17862e9d888d4ae5b0019" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/scca.md", + "SPDXID": "SPDXRef-File--docs-scca.md-358BFB9D93BE5FF2444E890FF6812ADFCD793281", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "5872af3ff944847e78fc9727df4c13e2a52976405a35148d73b4f4b7ed9b0847" + }, + { + "algorithm": "SHA1", + "checksumValue": "358bfb9d93be5ff2444e890ff6812adfcd793281" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/bastion/variables.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-bastion-variables.tf-437551E35FC31649E974E6AA9B6BF63C147420FC", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "b18fa82f4821bc1d58ae98e63f6d5327bb9a9667e6042afc2e858e0bc8cea865" + }, + { + "algorithm": "SHA1", + "checksumValue": "437551e35fc31649e974e6aa9b6bf63c147420fc" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/images/management-groups/mg1-management-groups-list.png", + "SPDXID": "SPDXRef-File--docs-images-management-groups-mg1-management-groups-list.png-577E9488E0EE7E789403DA12416253B09704DB9D", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "bfda1766a4a4f019c97eed61befaf284ec6d600dc0c767911f573f58a42d9037" + }, + { + "algorithm": "SHA1", + "checksumValue": "577e9488e0ee7e789403da12416253b09704db9d" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/subnet/outputs.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-subnet-outputs.tf-B9820EE813195376DA1292009B5AB91DF14080F0", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "1c8a20fa5b81a909cb9336b543c6f7e11af5415bbab6e880cb9b0eaf2d2f20f8" + }, + { + "algorithm": "SHA1", + "checksumValue": "b9820ee813195376da1292009b5ab91df14080f0" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/windows-virtual-machine/main.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-windows-virtual-machine-main.tf-CDBF5A56C2629B4FCA0CA38D9EA3D3E0C5FAF391", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "cb23042515ce49fbe377e8bd3ef1532b05e91d598d837c5d104dc5695f4bddf1" + }, + { + "algorithm": "SHA1", + "checksumValue": "cdbf5a56c2629b4fca0ca38d9ea3d3e0c5faf391" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/validate-declarative-form.yml", + "SPDXID": "SPDXRef-File--.azure-devops-validate-declarative-form.yml-CDA6BB9FF8E696BB2589C335A03D7EEE585701CF", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "6a21f6aa77b0338123adeabafefc6191bc5a32ff4089b5bcf77886c914c16d59" + }, + { + "algorithm": "SHA1", + "checksumValue": "cda6bb9ff8e696bb2589c335a03d7eee585701cf" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/prbuild/templates/az-what-if.yml", + "SPDXID": "SPDXRef-File--.azure-devops-prbuild-templates-az-what-if.yml-E9F8138A6EA835BCC14417FB8911462A2EA39666", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "de5a9721b81916f9c27ad94a08e0091557dc217af176eab698ac386694c5eea1" + }, + { + "algorithm": "SHA1", + "checksumValue": "e9f8138a6ea835bcc14417fb8911462a2ea39666" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.github/CODEOWNERS", + "SPDXID": "SPDXRef-File--.github-CODEOWNERS-69897633D9B769262D1F52CBEF24DCA8685FE0A1", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "407b4ba622b7475baeff4516f2e741ceb09e436f640c36f3ef88f6ac7893b3ae" + }, + { + "algorithm": "SHA1", + "checksumValue": "69897633d9b769262d1f52cbef24dca8685fe0a1" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.github/ISSUE_TEMPLATE/spike.md", + "SPDXID": "SPDXRef-File--.github-ISSUE-TEMPLATE-spike.md-AD0C69366897B252E4A7730DF15132296CBC93D7", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "3329edb14e89d305c23fda463f708037ba51a1d92a33aaa8038e2dbd4592f29b" + }, + { + "algorithm": "SHA1", + "checksumValue": "ad0c69366897b252e4a7730df15132296cbc93d7" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/deployment-guide-terraform.md", + "SPDXID": "SPDXRef-File--docs-deployment-guide-terraform.md-AFB7807B97838787F8CC23A718DF2F3A6F9F33E4", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "62f7a7955fa4ca8f63af8d2b65a0d2179d57a45ccbddeb2729c70957001857be" + }, + { + "algorithm": "SHA1", + "checksumValue": "afb7807b97838787f8cc23a718df2f3a6f9f33e4" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/images/management-groups/mg3-select-subscription.png", + "SPDXID": "SPDXRef-File--docs-images-management-groups-mg3-select-subscription.png-231F306AA1C73ECEAFF86AFD52A3DD677E3EB584", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "5dfa9bfa2c432d09a73e7c5f7bb3fd94ee5efa0c1cb4cead5e29d107f6801ffd" + }, + { + "algorithm": "SHA1", + "checksumValue": "231f306aa1c73eceaff86afd52a3dd677e3eb584" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.gitattributes", + "SPDXID": "SPDXRef-File--.gitattributes-C3B930865367FCD784793BF0E62F487806F9CFC1", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "31947e13637d278d0be0ab58d1f170689fb0602e6831a054469078eee046100c" + }, + { + "algorithm": "SHA1", + "checksumValue": "c3b930865367fcd784793bf0e62f487806f9cfc1" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/README.md", + "SPDXID": "SPDXRef-File--src-bicep-README.md-72E554A01B7B48E406B19B09672B6EC437E8C033", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "25a860c65e9467f99986f23d9ac6370a7f1626a082355491f6ea66e1a3b31c6a" + }, + { + "algorithm": "SHA1", + "checksumValue": "72e554a01b7b48e406b19b09672b6ec437e8c033" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./CODE_OF_CONDUCT.md", + "SPDXID": "SPDXRef-File--CODE-OF-CONDUCT.md-F1E7F6BA29A857FD36A5F603FA873753ABA9917E", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "9daeae709a0bd71bcfd1c96dc5822ecec5210327eff929da64b0ae7f8faf1444" + }, + { + "algorithm": "SHA1", + "checksumValue": "f1e7f6ba29a857fd36a5f603fa873753aba9917e" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/firewall.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-firewall.bicep-8AF8639EC5FB7F2D39460A26B6F5E20FA79AA9A2", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "f549943943514deebd5209feb1d94f1dec0f6b6b52f0a766a30d02ef0a8ddf0a" + }, + { + "algorithm": "SHA1", + "checksumValue": "8af8639ec5fb7f2d39460a26b6f5e20fa79aa9a2" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/bicepconfig.json", + "SPDXID": "SPDXRef-File--src-bicep-bicepconfig.json-19B4E153666EA4AC1BE0180CA0CEFE9206B650C3", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "77fa6f0029d37602664d964da5c08c13cf5c60ce7eaf0a7cbc2489fdaf0eeba6" + }, + { + "algorithm": "SHA1", + "checksumValue": "19b4e153666ea4ac1be0180ca0cefe9206b650c3" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/routeTable.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-routeTable.bicep-2362382862974BCBF702F5BA4C88FF1AD88C00F5", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "5240461a0188ac83f5aa7c0b6ba0a51af12759638a679d1fa42dd4187719c350" + }, + { + "algorithm": "SHA1", + "checksumValue": "2362382862974bcbf702f5ba4c88ff1ad88c00f5" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/policyAssignment.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-policyAssignment.bicep-F1A972373EA36354EC74796CB250B4A7D6CDA6DB", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "1cbc76ae37b2cfd06428d1c3b950f4dc5f6903c72b5b57438e7b3cda0dafffcd" + }, + { + "algorithm": "SHA1", + "checksumValue": "f1a972373ea36354ec74796cb250b4a7d6cda6db" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/privateLink.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-privateLink.bicep-284290071BD078FD6319D8FE34B1B209C21AA579", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "195246933a4d3560e602d56c8e28bc3ca016d10cc0d1df3204cd2352da67a117" + }, + { + "algorithm": "SHA1", + "checksumValue": "284290071bd078fd6319d8fe34b1b209c21aa579" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/roleAssignment.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-roleAssignment.bicep-5EBEF86E83D8A97A7F72E131A1988F5843C13166", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "e624bd6e6b9896b7ea8f6221f304b00efb4c2c2485a86dbe816b1d4a880a6ea0" + }, + { + "algorithm": "SHA1", + "checksumValue": "5ebef86e83d8a97a7f72e131a1988f5843c13166" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/containerRegistry/contRegistry.bicep", + "SPDXID": "SPDXRef-File--src-bicep-examples-containerRegistry-contRegistry.bicep-163D689FFBFC22FDDE09D7E6F7228D0F7B2E86CF", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "fd04a4e044a41e52838bedcd504ddc700a6ca5af898edb7b49fdcec5a4afbfb6" + }, + { + "algorithm": "SHA1", + "checksumValue": "163d689ffbfc22fdde09d7e6f7228d0f7b2e86cf" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/remoteAccess.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-remoteAccess.bicep-51EDB938D58B0496F8D4560E57902BF9910B7613", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "fc9328e9afa4eaf57354d15f38813e264f726d3b7974a972799113b2f0de8d8e" + }, + { + "algorithm": "SHA1", + "checksumValue": "51edb938d58b0496f8d4560e57902bf9910b7613" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/remoteAccess/main.json", + "SPDXID": "SPDXRef-File--src-bicep-examples-remoteAccess-main.json-8A607B291FCA4E29F77405B458360938D870A888", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "dd313958e0f8a261f44a2f8e43450f348ec3cb15512ce38e133432bdf2e8c703" + }, + { + "algorithm": "SHA1", + "checksumValue": "8a607b291fca4e29f77405b458360938d870a888" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/containerRegistry/README.md", + "SPDXID": "SPDXRef-File--src-bicep-examples-containerRegistry-README.md-E6977EDF9874D65E1F85D25F58198360559CB5A3", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "953ae6c198e532902b1989f4228a7f52579106b46e3c3214f7f2e9b584ced9b6" + }, + { + "algorithm": "SHA1", + "checksumValue": "e6977edf9874d65e1f85d25f58198360559cb5a3" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/appServicePlan/modules/appServiceSettings.bicep", + "SPDXID": "SPDXRef-File--src-bicep-examples-appServicePlan-modules-appServiceSettings.bicep-FC902583C15E80535287221C637426F117C3B260", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "543b2fe8d0d013f7886939d5c6a394f49ac6d233ed7391a2fe7b6ba816f5539a" + }, + { + "algorithm": "SHA1", + "checksumValue": "fc902583c15e80535287221c637426f117c3b260" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/keyVault/azureKeyVault.bicep", + "SPDXID": "SPDXRef-File--src-bicep-examples-keyVault-azureKeyVault.bicep-A9B5CA3A1BA31CDBA3836502F8EF6ECA56778C69", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "d0d6817f1f8337cfde3fd438039e803b0c02ced1a88982dc083d202bf134f2bc" + }, + { + "algorithm": "SHA1", + "checksumValue": "a9b5ca3a1ba31cdba3836502f8ef6eca56778c69" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/inheritTags/inherit.bicep", + "SPDXID": "SPDXRef-File--src-bicep-examples-inheritTags-inherit.bicep-3C8F26FDF941E9391DB52342AF657A2CDA4905BC", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "213badeaeec230c6e4863f9fefe30049345638d6c7b1af482f45e6cdfe97e8b8" + }, + { + "algorithm": "SHA1", + "checksumValue": "3c8f26fdf941e9391db52342af657a2cda4905bc" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/tier3/main.tf", + "SPDXID": "SPDXRef-File--src-terraform-tier3-main.tf-B332969A285A174913D76E0A4B17081F8F39F083", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "0382d42009cbb19600c0bc1718ea3da8d73f9fe818a1173dd090dfaa2d9564fd" + }, + { + "algorithm": "SHA1", + "checksumValue": "b332969a285a174913d76e0a4b17081f8f39f083" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/tier3/variables.tf", + "SPDXID": "SPDXRef-File--src-terraform-tier3-variables.tf-F30C567F4A0095C223D0B5971561B22637838C06", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "750d3c9dbb29c6cd4604559c3c54c6c5514092cc64e974f34396f71a6db7b854" + }, + { + "algorithm": "SHA1", + "checksumValue": "f30c567f4a0095c223d0b5971561b22637838c06" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/hub/main.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-hub-main.tf-09839610F13957C24A14CBE805A92FE8EFA858F8", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "2e212bcf5de340afae77348d0d341e084d2c11cffbfd98655b4dcac4bfd51321" + }, + { + "algorithm": "SHA1", + "checksumValue": "09839610f13957c24a14cbe805a92fe8efa858f8" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/hub/variables.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-hub-variables.tf-00EC3A0D70806548602B57091C6480EFD28D119C", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "01e58017ffc1e9a3c156ff2be55976cf7450adec625b8cc0a52d72da8c11a753" + }, + { + "algorithm": "SHA1", + "checksumValue": "00ec3a0d70806548602b57091c6480efd28d119c" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/subnet/variables.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-subnet-variables.tf-3F6FE2C0BE1D2063E4A5C4DB4D0BD6E0DD792349", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "f729e9948df1cf942f9e07b8326d1670338fc8cf2400d1e4dd3ffbafbea7ab46" + }, + { + "algorithm": "SHA1", + "checksumValue": "3f6fe2c0be1d2063e4a5c4db4d0bd6e0dd792349" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/virtual-network/outputs.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-virtual-network-outputs.tf-366E76A5F9B20E244D649BAC1F497AD5D31C36C5", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "f46ee201dcc740832480c21bc1e36a4dbe619022d5ba389ffda5da25f077b9f9" + }, + { + "algorithm": "SHA1", + "checksumValue": "366e76a5f9b20e244d649bac1f497ad5d31c36c5" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/jumpbox/outputs.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-jumpbox-outputs.tf-DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" + }, + { + "algorithm": "SHA1", + "checksumValue": "da39a3ee5e6b4b0d3255bfef95601890afd80709" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/jumpbox/main.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-jumpbox-main.tf-750CA3274D704F243AC656360B4E6BBFAAE51E57", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "8b3b17e905314033038c173367f999df3571f2eade266740c4ba93232574e6ee" + }, + { + "algorithm": "SHA1", + "checksumValue": "750ca3274d704f243ac656360b4e6bbfaae51e57" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/linux-virtual-machine/main.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-linux-virtual-machine-main.tf-2A6BFBB7A249B4A919C83EAAB829FF19F9ADE9AE", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "728753762c952cc2d905d3b91e1e0c58658c10bc64480483bbab008c00bfe1f7" + }, + { + "algorithm": "SHA1", + "checksumValue": "2a6bfbb7a249b4a919c83eaab829ff19f9ade9ae" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/linux-virtual-machine/variables.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-linux-virtual-machine-variables.tf-E6CE40236B8BDEF4255A61F90B6CD769A8730197", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "841918ac341c15df54f379a7c28fc927400bdb04971e31803c6105b67ba65280" + }, + { + "algorithm": "SHA1", + "checksumValue": "e6ce40236b8bdef4255a61f90b6cd769a8730197" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/prbuild/mlz-pr-sbom-pipelines.yml", + "SPDXID": "SPDXRef-File--.azure-devops-prbuild-mlz-pr-sbom-pipelines.yml-09CC592BB6A259CF70F114C88E5A68F8A7221CEC", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "1f4d7c3830a3ad519471da2518840d9e070378ffbbe5b17d9f12a1eba3b4d225" + }, + { + "algorithm": "SHA1", + "checksumValue": "09cc592bb6a259cf70f114c88e5a68f8a7221cec" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/prbuild/mlz-pr-bicep-azurecloud-pipelines.yml", + "SPDXID": "SPDXRef-File--.azure-devops-prbuild-mlz-pr-bicep-azurecloud-pipelines.yml-FBDCF529A4F66EDC1A4176ED796BF6F5296E336E", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "b198846bdcde015d08086ef5fb52a8443d2362d1e789078c6f8d17e483abfec8" + }, + { + "algorithm": "SHA1", + "checksumValue": "fbdcf529a4f66edc1a4176ed796bf6f5296e336e" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/nightlybuild/templates/az-deployment.yml", + "SPDXID": "SPDXRef-File--.azure-devops-nightlybuild-templates-az-deployment.yml-EDD73651293CEC4FEB5752CF898F13CD6F789193", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "ab889865df0638ba433c76f9d22c58c946274deb6212b42fd18d813c1a3d35d1" + }, + { + "algorithm": "SHA1", + "checksumValue": "edd73651293cec4feb5752cf898f13cd6f789193" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/nightlybuild/templates/terraform-apply.yml", + "SPDXID": "SPDXRef-File--.azure-devops-nightlybuild-templates-terraform-apply.yml-8710D5E8D40A83E22764FDBB93B00089ED7DC3FF", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "3109e228aac7946f5e4959b6c556481095df3746988813680f8a5cb4eb503ce6" + }, + { + "algorithm": "SHA1", + "checksumValue": "8710d5e8d40a83e22764fdbb93b00089ed7dc3ff" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.github/workflows/validate-terraform.sh", + "SPDXID": "SPDXRef-File--.github-workflows-validate-terraform.sh-9E3E3D243BAB8745971290688ECA4FB94488DAA8", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "8577ab3c71589f203116670156f65357d9ccdab1fb841987d30279b8929d67b9" + }, + { + "algorithm": "SHA1", + "checksumValue": "9e3e3d243bab8745971290688eca4fb94488daa8" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.github/workflows/validate-build-bicep.yml", + "SPDXID": "SPDXRef-File--.github-workflows-validate-build-bicep.yml-ED4A0B9AE4914DD9BDA5EACF333C0820E75F09CF", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "b2f14e7daf71f16223f8bf7b727ab3fdd07bbab2a13d4bb2ddfbaf033566f159" + }, + { + "algorithm": "SHA1", + "checksumValue": "ed4a0b9ae4914dd9bda5eacf333c0820e75f09cf" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/policies.md", + "SPDXID": "SPDXRef-File--docs-policies.md-26FB418BB2B6EE8E9DD80B5FC894DF9541000465", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "00a2a8e93d0561a70566eed82e893dc0bf7de4eb3dc8ed381f2b584a271b4b4c" + }, + { + "algorithm": "SHA1", + "checksumValue": "26fb418bb2b6ee8e9dd80b5fc894df9541000465" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/management-groups.md", + "SPDXID": "SPDXRef-File--docs-management-groups.md-52613FC2AD36DB0EEE48658A95707DEC5AE2FF37", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "e30e4e035e9671d81011ff9fa808965ff16c45a9d5c950e247e013fc45492144" + }, + { + "algorithm": "SHA1", + "checksumValue": "52613fc2ad36db0eee48658a95707dec5ae2ff37" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/images/management-groups/mg4-subscription-in-management-group.png", + "SPDXID": "SPDXRef-File--docs-images-management-groups-mg4-subscription-in-management-group.png-E8565AF68535039929C984CD40537CDAC0EF692F", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "d992adf22b34da57baff902353bde67c6a61b3e4d3c322ff6adb1b6ecd4942ef" + }, + { + "algorithm": "SHA1", + "checksumValue": "e8565af68535039929c984cd40537cdac0ef692f" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/images/scope-v2.png", + "SPDXID": "SPDXRef-File--docs-images-scope-v2.png-9DA8A7F5CB9C998ADAC2BFE4A1D912DF8C87BFD2", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "3bc7910260a3ea8e968aee386911bc191a0201eb223b1f46e207177300b036a5" + }, + { + "algorithm": "SHA1", + "checksumValue": "9da8a7f5cb9c998adac2bfe4a1d912df8c87bfd2" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.devcontainer/devcontainer.json", + "SPDXID": "SPDXRef-File--.devcontainer-devcontainer.json-9FF15EF486DA6F1D68D67D411480CF2420A744C4", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "3c48ac63a1a836dfbde3e616c5494e27735d805cb07bd2785cf3e09a94ad5e2d" + }, + { + "algorithm": "SHA1", + "checksumValue": "9ff15ef486da6f1d68d67d411480cf2420a744c4" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.devcontainer/README.md", + "SPDXID": "SPDXRef-File--.devcontainer-README.md-0BE5AE023192FA89BFD1C04A97C619FE6B2F33B1", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "c07ac70fba0d45ee28a0803b6372d08df408c7cbe3e0d29b549988963feac69a" + }, + { + "algorithm": "SHA1", + "checksumValue": "0be5ae023192fa89bfd1c04a97c619fe6b2f33b1" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./SUPPORT.md", + "SPDXID": "SPDXRef-File--SUPPORT.md-261DD94D763BBA64A2AF2527A8D31A88163E6F47", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "7f1fad5639bba23dbcaa521fe7bdaf812f4176a4e9bb0f873cb45d9c38dacae1" + }, + { + "algorithm": "SHA1", + "checksumValue": "261dd94d763bba64a2af2527a8d31a88163e6f47" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/mlz.bicep", + "SPDXID": "SPDXRef-File--src-bicep-mlz.bicep-1035A45C58AC7C1BFC28A53DFD7BFAF8D4699AD6", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "fc3ffadefc26749186d07311bb156009305d6e45d9055d17901d30a7267338ec" + }, + { + "algorithm": "SHA1", + "checksumValue": "1035a45c58ac7c1bfc28a53dfd7bfaf8d4699ad6" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/spokeNetwork.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-spokeNetwork.bicep-5B3A80452DEA45F40464ACAA0BB1D83EFB1A5652", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "8f2bd0cff9361e5cb3ee5d3bdb59ba6222f86556b18a83a6723f11bdf3c6aff3" + }, + { + "algorithm": "SHA1", + "checksumValue": "5b3a80452dea45f40464acaa0bb1d83efb1a5652" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/spokeNetworkPeering.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-spokeNetworkPeering.bicep-EF996859180318CEB627151BE790DBAE930FF69C", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "39429416c8647e1aae0df44789bd585ed1b23beb478fc5e42b7aa595557fdf7a" + }, + { + "algorithm": "SHA1", + "checksumValue": "ef996859180318ceb627151be790dbae930ff69c" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/resourceGroup.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-resourceGroup.bicep-ED1F2A67EB6E20D131E562856D05CA10C6271BA3", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "28e7b52279ce3f54a6f523b10f1126414b5fe74d9d39f326c1e9bdabf83c5124" + }, + { + "algorithm": "SHA1", + "checksumValue": "ed1f2a67eb6e20d131e562856d05ca10c6271ba3" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/README.md", + "SPDXID": "SPDXRef-File--src-bicep-examples-README.md-9448C0795A7C81B71131C5E25D6D0D4076CC3863", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "f3d36da740f6993836cf0a8976201105a662234d75b118eb36e65ff4ae56e5d2" + }, + { + "algorithm": "SHA1", + "checksumValue": "9448c0795a7c81b71131c5e25d6d0d4076cc3863" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/appServicePlan/modules/appServicePlan.bicep", + "SPDXID": "SPDXRef-File--src-bicep-examples-appServicePlan-modules-appServicePlan.bicep-9AED4C5BC9991884FCD297AA86B39B761ED5E603", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "ddab567a03b51bca943bb0ba366b71050ce7c27960be471c9140b48d2d48b2d0" + }, + { + "algorithm": "SHA1", + "checksumValue": "9aed4c5bc9991884fcd297aa86b39b761ed5e603" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./LICENSE", + "SPDXID": "SPDXRef-File--LICENSE-689EC0681815ECC32BEE639C68E7740ADD7BD301", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "c2cfccb812fe482101a8f04597dfc5a9991a6b2748266c47ac91b6a5aae15383" + }, + { + "algorithm": "SHA1", + "checksumValue": "689ec0681815ecc32bee639c68e7740add7bd301" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/inheritTags/README.md", + "SPDXID": "SPDXRef-File--src-bicep-examples-inheritTags-README.md-566651DD5D554E9DF3B65AB73A2A02A1EE786F1D", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "5c8d3e3c273890df49fef32dd541e8be38805bc43cae3ab1668e6cd60008674e" + }, + { + "algorithm": "SHA1", + "checksumValue": "566651dd5d554e9df3b65ab73a2a02a1ee786f1d" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/mlz.json", + "SPDXID": "SPDXRef-File--src-bicep-mlz.json-2D7869DA5F6F79E1B007B95A2CDC5F2A6D6FC927", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "deae3e8df0f8f88bfc4bbb477f4905bcef96807432f4f4ca0793f4a90bf09bd8" + }, + { + "algorithm": "SHA1", + "checksumValue": "2d7869da5f6f79e1b007b95a2cdc5f2a6d6fc927" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/mlz/outputs.tf", + "SPDXID": "SPDXRef-File--src-terraform-mlz-outputs.tf-808FF9DC3416870722E09F385BBB06BD4F23449B", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "f6bdfcda80239a07d5608177689d62ae9967aafe997ab3df77007d6894213b13" + }, + { + "algorithm": "SHA1", + "checksumValue": "808ff9dc3416870722e09f385bbb06bd4f23449b" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/securityCenter.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-securityCenter.bicep-994F84DEAB45619516CB6140887EC9D1EE64C6BF", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "004a08eb6aff141e1f43b891ecfbfb61e6f8f8482680c4651950ef74e325ef45" + }, + { + "algorithm": "SHA1", + "checksumValue": "994f84deab45619516cb6140887ec9d1ee64c6bf" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/policy-assignments/nist-parameter-values/public.json.tmpl", + "SPDXID": "SPDXRef-File--src-terraform-modules-policy-assignments-nist-parameter-values-public.json.tmpl-EC4B286437E404C40E04E500F5704B2BC480E940", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "1b42919c72cedd3c594784e235d49a0415e74c6ab2a3c0e18136e4f766156880" + }, + { + "algorithm": "SHA1", + "checksumValue": "ec4b286437e404c40e04e500f5704b2bc480e940" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/publicIPAddress.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-publicIPAddress.bicep-A0A0677308CD206C4B8BE87901FFDE0446AFD1C9", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "913e010756bab552ae8f12072b832a5193a083f3a09e035854cdfcac8867b35c" + }, + { + "algorithm": "SHA1", + "checksumValue": "a0a0677308cd206c4b8be87901ffde0446afd1c9" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/virtual-network/main.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-virtual-network-main.tf-58093AB637AA381EF539C09B2FD7FA37256EDC6F", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "5b5e029366f54af147ad5b0441301a522143c99f6aaf7e9c18c4928dcd279f44" + }, + { + "algorithm": "SHA1", + "checksumValue": "58093ab637aa381ef539c09b2fd7fa37256edc6f" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/modules/subnet.bicep", + "SPDXID": "SPDXRef-File--src-bicep-modules-subnet.bicep-D8CECC891B5D7E602C04C4C6DA6A4FE0828A9C7C", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "1a5e3368d29165afeb98202a8f20e089bc55070120badb863d37694fadbf315d" + }, + { + "algorithm": "SHA1", + "checksumValue": "d8cecc891b5d7e602c04c4c6da6a4fe0828a9c7c" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/jumpbox/variables.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-jumpbox-variables.tf-AADBF23077A9B141ABAA36B121167F373FBC1381", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "1744163fc4b8a83eabb6c22e49ef3c34fd27804dccdb622fe8026380140f3179" + }, + { + "algorithm": "SHA1", + "checksumValue": "aadbf23077a9b141abaa36b121167f373fbc1381" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/form/mlz.portal.json", + "SPDXID": "SPDXRef-File--src-bicep-form-mlz.portal.json-1269035622E6B6FBFA054BC79542542F17801CC4", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "a20e84c425ae410785904b3c8d89bc83008ac67ea2533905bec678ae5f842dbd" + }, + { + "algorithm": "SHA1", + "checksumValue": "1269035622e6b6fbfa054bc79542542f17801cc4" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/spoke/outputs.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-spoke-outputs.tf-24B00D4333F06A82533A8032A037BDCB73E2ED47", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "60a31ee16435ba3643ea33422d3987dbcdb8c93f8ed6df65707385960e73bfd7" + }, + { + "algorithm": "SHA1", + "checksumValue": "24b00d4333f06a82533a8032a037bdcb73e2ed47" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/appServicePlan/README.md", + "SPDXID": "SPDXRef-File--src-bicep-examples-appServicePlan-README.md-C0C287D734B2214BA4AA74198BBD8AF0DD5B8977", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "b86d98c800f5a5a06b66383f65a70bd33eb29000394780a36454d682d36d42c3" + }, + { + "algorithm": "SHA1", + "checksumValue": "c0c287d734b2214ba4aa74198bbd8af0dd5b8977" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/prbuild/mlz-pr-bicep-azuregov-pipelines.yml", + "SPDXID": "SPDXRef-File--.azure-devops-prbuild-mlz-pr-bicep-azuregov-pipelines.yml-C2AC51571535A9641E41EFF136EF0F939A7625D1", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "c7d1b85da6e819e5ab16a20c60d7dc94f34411c796c26ff9fe2b7f09bcd33d54" + }, + { + "algorithm": "SHA1", + "checksumValue": "c2ac51571535a9641e41eff136ef0f939a7625d1" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/bicep/examples/newWorkload/modules/hubNetworkPeering.bicep", + "SPDXID": "SPDXRef-File--src-bicep-examples-newWorkload-modules-hubNetworkPeering.bicep-43F065D7929220A6DB946F702C1B2779E606FA7F", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "996ac71fadfd807762b7affa451383a03310e5de4cae20b54816eb3aeb4c505b" + }, + { + "algorithm": "SHA1", + "checksumValue": "43f065d7929220a6db946f702c1b2779e606fa7f" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/nightlybuild/mlz-bicep-azurecloud-pipelines.yml", + "SPDXID": "SPDXRef-File--.azure-devops-nightlybuild-mlz-bicep-azurecloud-pipelines.yml-E433A1BCBA50FBA3692B1E3FBB9B077A4EA10BCB", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "6a72770d5254dfdf2f4b2a5102d03496da5bf36406d423b5efa28cedcce59664" + }, + { + "algorithm": "SHA1", + "checksumValue": "e433a1bcba50fba3692b1e3fbb9b077a4ea10bcb" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/mlz/main.tf", + "SPDXID": "SPDXRef-File--src-terraform-mlz-main.tf-A1BFFAA640B797531A3CB14C91BFCCDA88F79F41", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "32da818501b2e6d739233bf4db0837cc8230881d038ab228612b32a120fc6785" + }, + { + "algorithm": "SHA1", + "checksumValue": "a1bffaa640b797531a3cb14c91bfccda88f79f41" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.github/workflows/super-linter.yml", + "SPDXID": "SPDXRef-File--.github-workflows-super-linter.yml-D5034B59BE0A231CBAE50AEEAC9C42894EEE4C91", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "16e6e1fc5a94b129dc1ae36d7f580587c90dfc6ee97f3a5a10b97022dc774ec0" + }, + { + "algorithm": "SHA1", + "checksumValue": "d5034b59be0a231cbae50aeeac9c42894eee4c91" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/policy-assignments/nist-parameter-values/usgovernment.json.tmpl", + "SPDXID": "SPDXRef-File--src-terraform-modules-policy-assignments-nist-parameter-values-usgovernment.json.tmpl-5B2CDB23AFD0AC69F365172B9CC7FEDD8789FEFF", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "5d39ded25787130282b6d89679b4fecb6f3d225cf737d3685e2f801efb9fb78e" + }, + { + "algorithm": "SHA1", + "checksumValue": "5b2cdb23afd0ac69f365172b9cc7fedd8789feff" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/deployment-guide-bicep.md", + "SPDXID": "SPDXRef-File--docs-deployment-guide-bicep.md-CFFD0A93115A14E7A6C33085286B7EDB02B9F857", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "70ad9502ed1766acc43f752e9ff08bafa3389a9d82d7bfcbf8877a2f80420e4f" + }, + { + "algorithm": "SHA1", + "checksumValue": "cffd0a93115a14e7a6c33085286b7edb02b9f857" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/virtual-network/variables.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-virtual-network-variables.tf-40E274F8EFEFA6BD46C186A0059A5EFF212F7830", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "19e5d279275b0028183ee167a94f6ac8705d0470c2f45daf04305d24d096d1fa" + }, + { + "algorithm": "SHA1", + "checksumValue": "40e274f8efefa6bd46c186a0059a5eff212f7830" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/images/deploytoazure.svg", + "SPDXID": "SPDXRef-File--docs-images-deploytoazure.svg-8A5B870E6A68286DDFB714F8AB35F5983B36630C", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "61df8823568be5ec8dd45b79e82cfa33515f86a5d79e56626152e1a13e4f2201" + }, + { + "algorithm": "SHA1", + "checksumValue": "8a5b870e6a68286ddfb714f8ab35f5983b36630c" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/firewall/outputs.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-firewall-outputs.tf-5908E0478C6F1509FB987E3323361615B98DF0B7", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "60a04df2a8a4fb978e07ad95a1ec278af63212c71fd27a3d4d1d896e9379c99c" + }, + { + "algorithm": "SHA1", + "checksumValue": "5908e0478c6f1509fb987e3323361615b98df0b7" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.devcontainer/Dockerfile", + "SPDXID": "SPDXRef-File--.devcontainer-Dockerfile-4F0529945927C7DF94EA0659651CC6DBCE0400D0", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "473d3d91e568cb56944b128692f940f9aefc7e0e7582704653a7543542611baa" + }, + { + "algorithm": "SHA1", + "checksumValue": "4f0529945927c7df94ea0659651cc6dbce0400d0" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./src/terraform/modules/spoke/main.tf", + "SPDXID": "SPDXRef-File--src-terraform-modules-spoke-main.tf-B79B77C6BD46A874C36BB53B499FDD5BC2E34094", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "011a409535446955ac0243fbdb00017f121e8b2234305b3e1a99553b04412337" + }, + { + "algorithm": "SHA1", + "checksumValue": "b79b77c6bd46a874c36bb53b499fdd5bc2e34094" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/prbuild/mlz-pr-tf-azuregov-pipelines.yml", + "SPDXID": "SPDXRef-File--.azure-devops-prbuild-mlz-pr-tf-azuregov-pipelines.yml-C356233203BD15D4AF34D7CE2C106B66496B252C", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "cc903665d40d120d059dc1ab2779ea33bed232cc54ef2bd21ecf9fc1024bccf1" + }, + { + "algorithm": "SHA1", + "checksumValue": "c356233203bd15d4af34d7ce2c106b66496b252c" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.azure-devops/nightlybuild/mlz-bicep-azuregov-pipelines.yml", + "SPDXID": "SPDXRef-File--.azure-devops-nightlybuild-mlz-bicep-azuregov-pipelines.yml-0FE74C5991DACCBFC09F3347957C815388B81291", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "ebab61f71707347fcafb0de29da0d03ec79c3c3acffb96690a5d4eb749792481" + }, + { + "algorithm": "SHA1", + "checksumValue": "0fe74c5991daccbfc09f3347957c815388b81291" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.github/workflows/validate-terraform.yml", + "SPDXID": "SPDXRef-File--.github-workflows-validate-terraform.yml-6D31EABA08921A28CCFAACC54405099899F3D5EF", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "cb36d5401a0eff9f3a208b15e8abccb1573c4287a64075a775e07d06eb372d48" + }, + { + "algorithm": "SHA1", + "checksumValue": "6d31eaba08921a28ccfaacc54405099899f3d5ef" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.github/ISSUE_TEMPLATE/question.md", + "SPDXID": "SPDXRef-File--.github-ISSUE-TEMPLATE-question.md-11851AC984C381F90CACF46A4CDF4C8F41A79C06", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "52481c6c2f9a540089846608388932e9adac745bc7604ebbf03bd8d31498d398" + }, + { + "algorithm": "SHA1", + "checksumValue": "11851ac984c381f90cacf46a4cdf4c8f41a79c06" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./docs/images/20220204_missionlz_as_of_Feb2022_light.svg", + "SPDXID": "SPDXRef-File--docs-images-20220204-missionlz-as-of-Feb2022-light.svg-079B813667961E1A3D2A1A1115D05260887A9C46", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "acfbfe4cbfc7f93cca4e7b11a25336260712bcf53eb419ffec8140c34e9dc8f4" + }, + { + "algorithm": "SHA1", + "checksumValue": "079b813667961e1a3d2a1a1115d05260887a9c46" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + }, + { + "fileName": "./.vscode/settings.json", + "SPDXID": "SPDXRef-File--.vscode-settings.json-EC29FB6F42C84C9D5D98A3F0292F58584515411B", + "checksums": [ + { + "algorithm": "SHA256", + "checksumValue": "6c5a2ea2a8a4a493f469fad5677e0569f2209c321e0f12a6314134b4c99862f9" + }, + { + "algorithm": "SHA1", + "checksumValue": "ec29fb6f42c84c9d5d98a3f0292f58584515411b" + } + ], + "licenseConcluded": "NOASSERTION", + "licenseInfoInFiles": [ + "NOASSERTION" + ], + "copyrightText": "NOASSERTION" + } + ], + "packages": [ + { + "name": "Azure Pipelines Hosted Image ubuntu20", + "SPDXID": "Azure-Pipelines-Hosted-Image-ubuntu20-20220213.1", + "downloadLocation": "NOASSERTION", + "filesAnalyzed": false, + "licenseConcluded": "NOASSERTION", + "licenseInfoFromFiles": [ + "NOASSERTION" + ], + "licenseDeclared": "NOASSERTION", + "copyrightText": "NOASSERTION", + "versionInfo": "20220213.1", + "externalRefs": [ + { + "referenceCategory": "PACKAGE_MANAGER", + "referenceType": "purl", + "referenceLocator": "https://github.com/actions/virtual-environments" + } + ], + "supplier": "Microsoft/GitHub" + }, + { + "name": "Mission LZ", + "SPDXID": "SPDXRef-RootPackage", + "downloadLocation": "NOASSERTION", + "packageVerificationCode": { + "packageVerificationCodeValue": "e86826ed28007117b221d67b4a186dfdb1caac85" + }, + "filesAnalyzed": true, + "licenseConcluded": "NOASSERTION", + "licenseInfoFromFiles": [ + "NOASSERTION" + ], + "licenseDeclared": "NOASSERTION", + "copyrightText": "NOASSERTION", + "versionInfo": "20220217.11", + "supplier": "Organization: Microsoft", + "hasFiles": [ + "SPDXRef-File--.vscode-settings.json-EC29FB6F42C84C9D5D98A3F0292F58584515411B", + "SPDXRef-File--docs-images-20220204-missionlz-as-of-Feb2022-light.svg-079B813667961E1A3D2A1A1115D05260887A9C46", + "SPDXRef-File--.github-ISSUE-TEMPLATE-question.md-11851AC984C381F90CACF46A4CDF4C8F41A79C06", + "SPDXRef-File--.github-workflows-validate-terraform.yml-6D31EABA08921A28CCFAACC54405099899F3D5EF", + "SPDXRef-File--.azure-devops-nightlybuild-mlz-bicep-azuregov-pipelines.yml-0FE74C5991DACCBFC09F3347957C815388B81291", + "SPDXRef-File--.azure-devops-prbuild-mlz-pr-tf-azuregov-pipelines.yml-C356233203BD15D4AF34D7CE2C106B66496B252C", + "SPDXRef-File--src-terraform-modules-spoke-main.tf-B79B77C6BD46A874C36BB53B499FDD5BC2E34094", + "SPDXRef-File--src-terraform-modules-firewall-outputs.tf-5908E0478C6F1509FB987E3323361615B98DF0B7", + "SPDXRef-File--src-terraform-modules-virtual-network-variables.tf-40E274F8EFEFA6BD46C186A0059A5EFF212F7830", + "SPDXRef-File--src-terraform-modules-policy-assignments-nist-parameter-values-usgovernment.json.tmpl-5B2CDB23AFD0AC69F365172B9CC7FEDD8789FEFF", + "SPDXRef-File--src-terraform-mlz-main.tf-A1BFFAA640B797531A3CB14C91BFCCDA88F79F41", + "SPDXRef-File--src-bicep-examples-newWorkload-modules-hubNetworkPeering.bicep-43F065D7929220A6DB946F702C1B2779E606FA7F", + "SPDXRef-File--src-bicep-examples-appServicePlan-README.md-C0C287D734B2214BA4AA74198BBD8AF0DD5B8977", + "SPDXRef-File--src-bicep-form-mlz.portal.json-1269035622E6B6FBFA054BC79542542F17801CC4", + "SPDXRef-File--src-bicep-modules-subnet.bicep-D8CECC891B5D7E602C04C4C6DA6A4FE0828A9C7C", + "SPDXRef-File--src-bicep-modules-publicIPAddress.bicep-A0A0677308CD206C4B8BE87901FFDE0446AFD1C9", + "SPDXRef-File--src-bicep-modules-securityCenter.bicep-994F84DEAB45619516CB6140887EC9D1EE64C6BF", + "SPDXRef-File--src-bicep-mlz.json-2D7869DA5F6F79E1B007B95A2CDC5F2A6D6FC927", + "SPDXRef-File--LICENSE-689EC0681815ECC32BEE639C68E7740ADD7BD301", + "SPDXRef-File--.devcontainer-README.md-0BE5AE023192FA89BFD1C04A97C619FE6B2F33B1", + "SPDXRef-File--docs-images-scope-v2.png-9DA8A7F5CB9C998ADAC2BFE4A1D912DF8C87BFD2", + "SPDXRef-File--docs-management-groups.md-52613FC2AD36DB0EEE48658A95707DEC5AE2FF37", + "SPDXRef-File--.github-workflows-validate-build-bicep.yml-ED4A0B9AE4914DD9BDA5EACF333C0820E75F09CF", + "SPDXRef-File--.azure-devops-nightlybuild-templates-terraform-apply.yml-8710D5E8D40A83E22764FDBB93B00089ED7DC3FF", + "SPDXRef-File--.azure-devops-prbuild-mlz-pr-bicep-azurecloud-pipelines.yml-FBDCF529A4F66EDC1A4176ED796BF6F5296E336E", + "SPDXRef-File--src-terraform-modules-linux-virtual-machine-variables.tf-E6CE40236B8BDEF4255A61F90B6CD769A8730197", + "SPDXRef-File--src-terraform-modules-jumpbox-main.tf-750CA3274D704F243AC656360B4E6BBFAAE51E57", + "SPDXRef-File--src-terraform-modules-virtual-network-outputs.tf-366E76A5F9B20E244D649BAC1F497AD5D31C36C5", + "SPDXRef-File--src-terraform-modules-hub-variables.tf-00EC3A0D70806548602B57091C6480EFD28D119C", + "SPDXRef-File--src-terraform-tier3-variables.tf-F30C567F4A0095C223D0B5971561B22637838C06", + "SPDXRef-File--src-bicep-examples-inheritTags-inherit.bicep-3C8F26FDF941E9391DB52342AF657A2CDA4905BC", + "SPDXRef-File--src-bicep-examples-appServicePlan-modules-appServiceSettings.bicep-FC902583C15E80535287221C637426F117C3B260", + "SPDXRef-File--src-bicep-examples-containerRegistry-README.md-E6977EDF9874D65E1F85D25F58198360559CB5A3", + "SPDXRef-File--src-bicep-modules-remoteAccess.bicep-51EDB938D58B0496F8D4560E57902BF9910B7613", + "SPDXRef-File--src-bicep-modules-roleAssignment.bicep-5EBEF86E83D8A97A7F72E131A1988F5843C13166", + "SPDXRef-File--src-bicep-modules-policyAssignment.bicep-F1A972373EA36354EC74796CB250B4A7D6CDA6DB", + "SPDXRef-File--src-bicep-bicepconfig.json-19B4E153666EA4AC1BE0180CA0CEFE9206B650C3", + "SPDXRef-File--CODE-OF-CONDUCT.md-F1E7F6BA29A857FD36A5F603FA873753ABA9917E", + "SPDXRef-File--docs-images-management-groups-mg1-management-groups-list.png-577E9488E0EE7E789403DA12416253B09704DB9D", + "SPDXRef-File--docs-scca.md-358BFB9D93BE5FF2444E890FF6812ADFCD793281", + "SPDXRef-File--.github-workflows-README.md-17710B7AE200C27DF31FA3011BF864E13FC77C42", + "SPDXRef-File--.azure-devops-nightlybuild-templates-clean-az-subscription.yml-DF56636E3B9FFCC4D4E23435E70F8F0A7A00EA6A", + "SPDXRef-File--.azure-devops-prbuild-templates-terraform-plan.yml-68A2F159B21A4077813C335A4614C0A234320932", + "SPDXRef-File--src-terraform-modules-linux-virtual-machine-outputs.tf-DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", + "SPDXRef-File--src-terraform-modules-windows-virtual-machine-variables.tf-E6CE40236B8BDEF4255A61F90B6CD769A8730197", + "SPDXRef-File--src-terraform-modules-subnet-main.tf-D344C620D3EECC7C9EE2451E145E681325A83E5D", + "SPDXRef-File--src-terraform-modules-hub-outputs.tf-6E5165DE66D0B63F03669330F8CD14B9601C32BD", + "SPDXRef-File--src-terraform-tier3-outputs.tf-B9820EE813195376DA1292009B5AB91DF14080F0", + "SPDXRef-File--src-bicep-examples-keyVault-README.md-0E6A22DDB3096385053E6BF81FE0DE4CA91B497A", + "SPDXRef-File--src-bicep-examples-remoteAccess-main.bicep-8E6378967AB1DDC5641A2EDF5648EE3DB8F96F22", + "SPDXRef-File--src-bicep-examples-containerRegistry-modules-containerRegistry.bicep-5709FA93416FAAEFF383A39F549DCDBAEBF20241", + "SPDXRef-File--src-bicep-modules-networkSecurityGroup.bicep-6FAF7D0A8F637A596303712416385AC9BC0B7E4A", + "SPDXRef-File--src-bicep-modules-hubNetworkPeerings.bicep-278BB4340CF89126B29E3D1B670F6022BD555960", + "SPDXRef-File--src-bicep-modules-hubNetwork.bicep-EE76CAE454031E1EE88779995C88FB51A873B04E", + "SPDXRef-File--src-bicep-modules-storageAccount.bicep-B75FD567081F920D9669310354D314688761878B", + "SPDXRef-File--CONTRIBUTING.md-01FC0CBA2503585D19E11361633A2EB351929F87", + "SPDXRef-File--docs-images-management-groups-mg2-empty-subscription-list.png-49539C23E7C6ED6223EFE91972FDCE52EFBC0A28", + "SPDXRef-File--docs-images-deploytoazuregov.svg-C67080F86FFBC18AABAEDDF46D1C54901D2C7E71", + "SPDXRef-File--.github-ISSUE-TEMPLATE-bug-report.md-B20CF5C186B324D71CACA0CAA26FBE8385408F73", + "SPDXRef-File--.github-dependabot.yml-07EDF6C9D72A0309DC91A8763F74247F2D122B57", + "SPDXRef-File--.azure-devops-nightlybuild-mlz-tf-azurecloud-pipelines.yml-40F24ECAB27D7CA0441FDB799C2CCAD03B545E8C", + "SPDXRef-File--.azure-devops-cred-poli-scan.yml-B3803A3194AA6B8E8E176B08414D0D70D2582DAE", + "SPDXRef-File--src-terraform-modules-windows-virtual-machine-outputs.tf-DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", + "SPDXRef-File--src-terraform-modules-firewall-variables.tf-68EB233172BC175ACC03C12EC7DF8078036C9C88", + "SPDXRef-File--src-terraform-modules-bastion-main.tf-20E06656E6E60AC008404469F037B2130DAE561C", + "SPDXRef-File--src-terraform-modules-policy-assignments-main.tf-24E0071CFAAAEBC2BE741FA23B35C53992D56571", + "SPDXRef-File--src-terraform-README.md-ABE1845E8DB9FEDBCF1BF193CA8C4A052EFB766E", + "SPDXRef-File--src-bicep-examples-newWorkload-newWorkload.bicep-B2C355F46340ABC45C5402225B5E3115753067B4", + "SPDXRef-File--src-bicep-examples-sentinel-README.md-4E4751C7862E88C7BEE1AB4DB33A77DBAC52404D", + "SPDXRef-File--src-bicep-modules-policies-CMMC-policyAssignmentParameters.json-8CF60C607C27A50C539609F86166A4A99550B8DB", + "SPDXRef-File--src-bicep-modules-logAnalyticsWorkspace.bicep-3987B39C3375F7A6DDC1D893E0F9013778826AD4", + "SPDXRef-File--src-bicep-modules-bastionHost.bicep-E05D4A8244AE68569C10C94EA2B23B4A1F918E73", + "SPDXRef-File--src-bicep-modules-networkInterface.bicep-A838969BD72C03563327E85857A26F2A56C6662E", + "SPDXRef-File--.gitignore-094F7A9121BBAD7D52EFB1D3F4B630CA15F32793", + "SPDXRef-File--.devcontainer-Dockerfile-4F0529945927C7DF94EA0659651CC6DBCE0400D0", + "SPDXRef-File--docs-images-deploytoazure.svg-8A5B870E6A68286DDFB714F8AB35F5983B36630C", + "SPDXRef-File--docs-deployment-guide-bicep.md-CFFD0A93115A14E7A6C33085286B7EDB02B9F857", + "SPDXRef-File--.github-workflows-super-linter.yml-D5034B59BE0A231CBAE50AEEAC9C42894EEE4C91", + "SPDXRef-File--.azure-devops-nightlybuild-mlz-bicep-azurecloud-pipelines.yml-E433A1BCBA50FBA3692B1E3FBB9B077A4EA10BCB", + "SPDXRef-File--.azure-devops-prbuild-mlz-pr-bicep-azuregov-pipelines.yml-C2AC51571535A9641E41EFF136EF0F939A7625D1", + "SPDXRef-File--src-terraform-modules-spoke-outputs.tf-24B00D4333F06A82533A8032A037BDCB73E2ED47", + "SPDXRef-File--src-terraform-modules-jumpbox-variables.tf-AADBF23077A9B141ABAA36B121167F373FBC1381", + "SPDXRef-File--src-terraform-modules-virtual-network-main.tf-58093AB637AA381EF539C09B2FD7FA37256EDC6F", + "SPDXRef-File--src-terraform-modules-policy-assignments-nist-parameter-values-public.json.tmpl-EC4B286437E404C40E04E500F5704B2BC480E940", + "SPDXRef-File--src-terraform-mlz-outputs.tf-808FF9DC3416870722E09F385BBB06BD4F23449B", + "SPDXRef-File--src-bicep-examples-inheritTags-README.md-566651DD5D554E9DF3B65AB73A2A02A1EE786F1D", + "SPDXRef-File--src-bicep-examples-appServicePlan-modules-appServicePlan.bicep-9AED4C5BC9991884FCD297AA86B39B761ED5E603", + "SPDXRef-File--src-bicep-examples-README.md-9448C0795A7C81B71131C5E25D6D0D4076CC3863", + "SPDXRef-File--src-bicep-modules-resourceGroup.bicep-ED1F2A67EB6E20D131E562856D05CA10C6271BA3", + "SPDXRef-File--src-bicep-modules-spokeNetworkPeering.bicep-EF996859180318CEB627151BE790DBAE930FF69C", + "SPDXRef-File--src-bicep-modules-spokeNetwork.bicep-5B3A80452DEA45F40464ACAA0BB1D83EFB1A5652", + "SPDXRef-File--src-bicep-mlz.bicep-1035A45C58AC7C1BFC28A53DFD7BFAF8D4699AD6", + "SPDXRef-File--SUPPORT.md-261DD94D763BBA64A2AF2527A8D31A88163E6F47", + "SPDXRef-File--.devcontainer-devcontainer.json-9FF15EF486DA6F1D68D67D411480CF2420A744C4", + "SPDXRef-File--docs-images-management-groups-mg4-subscription-in-management-group.png-E8565AF68535039929C984CD40537CDAC0EF692F", + "SPDXRef-File--docs-policies.md-26FB418BB2B6EE8E9DD80B5FC894DF9541000465", + "SPDXRef-File--.github-workflows-validate-terraform.sh-9E3E3D243BAB8745971290688ECA4FB94488DAA8", + "SPDXRef-File--.azure-devops-nightlybuild-templates-az-deployment.yml-EDD73651293CEC4FEB5752CF898F13CD6F789193", + "SPDXRef-File--.azure-devops-prbuild-mlz-pr-sbom-pipelines.yml-09CC592BB6A259CF70F114C88E5A68F8A7221CEC", + "SPDXRef-File--src-terraform-modules-linux-virtual-machine-main.tf-2A6BFBB7A249B4A919C83EAAB829FF19F9ADE9AE", + "SPDXRef-File--src-terraform-modules-jumpbox-outputs.tf-DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", + "SPDXRef-File--src-terraform-modules-subnet-variables.tf-3F6FE2C0BE1D2063E4A5C4DB4D0BD6E0DD792349", + "SPDXRef-File--src-terraform-modules-hub-main.tf-09839610F13957C24A14CBE805A92FE8EFA858F8", + "SPDXRef-File--src-terraform-tier3-main.tf-B332969A285A174913D76E0A4B17081F8F39F083", + "SPDXRef-File--src-bicep-examples-keyVault-azureKeyVault.bicep-A9B5CA3A1BA31CDBA3836502F8EF6ECA56778C69", + "SPDXRef-File--src-bicep-examples-remoteAccess-main.json-8A607B291FCA4E29F77405B458360938D870A888", + "SPDXRef-File--src-bicep-examples-containerRegistry-contRegistry.bicep-163D689FFBFC22FDDE09D7E6F7228D0F7B2E86CF", + "SPDXRef-File--src-bicep-modules-privateLink.bicep-284290071BD078FD6319D8FE34B1B209C21AA579", + "SPDXRef-File--src-bicep-modules-routeTable.bicep-2362382862974BCBF702F5BA4C88FF1AD88C00F5", + "SPDXRef-File--src-bicep-modules-firewall.bicep-8AF8639EC5FB7F2D39460A26B6F5E20FA79AA9A2", + "SPDXRef-File--src-bicep-README.md-72E554A01B7B48E406B19B09672B6EC437E8C033", + "SPDXRef-File--.gitattributes-C3B930865367FCD784793BF0E62F487806F9CFC1", + "SPDXRef-File--docs-images-management-groups-mg3-select-subscription.png-231F306AA1C73ECEAFF86AFD52A3DD677E3EB584", + "SPDXRef-File--docs-deployment-guide-terraform.md-AFB7807B97838787F8CC23A718DF2F3A6F9F33E4", + "SPDXRef-File--.github-ISSUE-TEMPLATE-spike.md-AD0C69366897B252E4A7730DF15132296CBC93D7", + "SPDXRef-File--.github-CODEOWNERS-69897633D9B769262D1F52CBEF24DCA8685FE0A1", + "SPDXRef-File--.azure-devops-prbuild-templates-az-what-if.yml-E9F8138A6EA835BCC14417FB8911462A2EA39666", + "SPDXRef-File--.azure-devops-validate-declarative-form.yml-CDA6BB9FF8E696BB2589C335A03D7EEE585701CF", + "SPDXRef-File--src-terraform-modules-windows-virtual-machine-main.tf-CDBF5A56C2629B4FCA0CA38D9EA3D3E0C5FAF391", + "SPDXRef-File--src-terraform-modules-subnet-outputs.tf-B9820EE813195376DA1292009B5AB91DF14080F0", + "SPDXRef-File--src-terraform-modules-bastion-variables.tf-437551E35FC31649E974E6AA9B6BF63C147420FC", + "SPDXRef-File--src-terraform-modules-policy-assignments-variables.tf-40C530674518775957C17862E9D888D4AE5B0019", + "SPDXRef-File--src-bicep-examples-keyVault-modules-keyVault.bicep-E324BD60A35BDAB0DFE96C1392C5E7B4D8929A90", + "SPDXRef-File--src-bicep-examples-remoteAccess-README.md-A3AFA691CC0E9AC9ABBA7D8B9EBC16DE419D165B", + "SPDXRef-File--src-bicep-examples-sentinel-sentinel.tf-0123C515D78CE08EBC531683E6AFA6AD05D131A0", + "SPDXRef-File--src-bicep-modules-policies-NIST-policyAssignmentParameters.json-1D2322F550CA984CD0D623B3673C78987F1DDCB3", + "SPDXRef-File--src-bicep-modules-virtualNetwork.bicep-F479DA88FBA578FF1576EF5D78274E9A8B35F469", + "SPDXRef-File--src-bicep-modules-logAnalyticsDiagnosticLogging.bicep-5C90C218ACF72F2FD376DC6E73042F6BA2EF9BA1", + "SPDXRef-File--src-bicep-modules-virtualNetworkPeering.bicep-85DC92CB00573147B96DBA46AAD214371730EB7C", + "SPDXRef-File--NOTICE-0D647CAB1E14E880446589F9050BE10E6D6882CB", + "SPDXRef-File--.vscode-extensions.json-B410AFCE726859B978FEF226CA6F799D6931A3C2", + "SPDXRef-File--docs-images-networking.png-393C984E4D29903DE4426906F004A26CF023B7F2", + "SPDXRef-File--.github-ISSUE-TEMPLATE-backlog-item.md-01B6CDB236BB10A931C27F0DE323FD290BAF15E7", + "SPDXRef-File--.github-pull-request-template.md-DC86DEADDA96D728BDB99855DC3B6E4BEF34E11A", + "SPDXRef-File--.azure-devops-nightlybuild-mlz-tf-azuregov-pipelines.yml-7BC9A73199A8B736E635625C7629E9B12541D0C9", + "SPDXRef-File--.azure-devops-prbuild-mlz-pr-tf-azurecloud-pipelines.yml-FD966A0AC397B24C652F67415CFFB9C5CEE96A0E", + "SPDXRef-File--src-terraform-modules-spoke-variables.tf-2BCCF3D2E7484BA2A248F5DE8412A96237B59679", + "SPDXRef-File--src-terraform-modules-firewall-main.tf-A074A567EB7080A6EF97D4D125950422A3EB146B", + "SPDXRef-File--src-terraform-modules-bastion-outputs.tf-DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", + "SPDXRef-File--src-terraform-modules-policy-assignments-outputs.tf-DA39A3EE5E6B4B0D3255BFEF95601890AFD80709", + "SPDXRef-File--src-terraform-mlz-variables.tf-B663AABEC188924FF7491D708FFDA188CA3C08A3", + "SPDXRef-File--src-bicep-examples-newWorkload-README.md-76F20515E7FFBA1DA56DAC4348440F3F4D181D85", + "SPDXRef-File--src-bicep-examples-appServicePlan-appService.bicep-3464ED8AB337E00BE62CCB3F5861F7D877B89A9D", + "SPDXRef-File--src-bicep-modules-policies-IL5-policyAssignmentParameters.json-D0D5010A6DF9D2105C97E07EA480C6C00D990C6C", + "SPDXRef-File--src-bicep-modules-linuxVirtualMachine.bicep-2B7894C75BACB795B526C5AE6531BBFC61D7F9BC", + "SPDXRef-File--src-bicep-modules-centralLogging.bicep-76DCBFBB47FC844BFDED8423B1458C1054060FC1", + "SPDXRef-File--src-bicep-modules-windowsVirtualMachine.bicep-AE7BD5127CF8BA159686EF299BEFD3D0ADDD55A0", + "SPDXRef-File--README.md-2B293E8A393A0FEA40B6A6D95F57E39537C7EAE8", + "SPDXRef-File--SECURITY.md-28A48DED0C097169644A9C376CAD1A380DECB6CE" + ] + } + ], + "relationships": [ + { + "relationshipType": "DEPENDS_ON", + "relatedSpdxElement": "Azure-Pipelines-Hosted-Image-ubuntu20-20220213.1", + "spdxElementId": "SPDXRef-RootPackage" + }, + { + "relationshipType": "DESCRIBES", + "relatedSpdxElement": "SPDXRef-RootPackage", + "spdxElementId": "SPDXRef-DOCUMENT" + } + ], + "spdxVersion": "SPDX-2.2", + "dataLicense": "CC0-1.0", + "SPDXID": "SPDXRef-DOCUMENT", + "name": "Mission LZ 20220217.11", + "documentNamespace": "https://sbom.microsoft/1:I5vpEMl9wkCCZsmqQqtQDQ:MIGbmOPODUWjMVCPbweVOQ/202:8556/P6JDE7ryokepFvIO2J59Iw", + "creationInfo": { + "created": "2022-02-17T21:28:09Z", + "creators": [ + "Organization: Microsoft", + "Tool: Microsoft.SBOMTool-2.1.14" + ] + }, + "documentDescribes": [ + "SPDXRef-RootPackage" + ] +} diff --git a/_manifest/spdx_2.2/manifest.spdx.json.sha256 b/_manifest/spdx_2.2/manifest.spdx.json.sha256 new file mode 100644 index 000000000..e14cd4a28 Binary files /dev/null and b/_manifest/spdx_2.2/manifest.spdx.json.sha256 differ diff --git a/docs/deployment-guide-bicep.md b/docs/deployment-guide-bicep.md index 476064899..b3b424fd1 100644 --- a/docs/deployment-guide-bicep.md +++ b/docs/deployment-guide-bicep.md @@ -396,10 +396,11 @@ az deployment sub show \ ## Cleanup -The Bicep/ARM deployment of Mission Landing Zone can be deleted with two steps: +The Bicep/ARM deployment of Mission Landing Zone can be deleted with these steps: 1. Delete all resource groups. 1. Delete the diagnostic settings deployed at the subscription level. +1. If Azure Security Center (ASC) was deployed (parameter `deployASC=true` was used) then remove subscription-level policy assignments and downgrade the ASC pricing tiers. > NOTE: If you deploy and delete Mission Landing Zone in the same subscription multiple times without deleting the subscription-level diagnostic settings, the sixth deployment will fail. Azure has a limit of five diagnostic settings per subscription. The error will be similar to this: `"The limit of 5 diagnostic settings was reached."` @@ -415,6 +416,41 @@ az monitor diagnostic-settings subscription list --query value[] --output table az monitor diagnostic-settings subscription delete --name ``` +To delete the subscription-level policy assignments in the Azure portal: + +1. Navigate to the Policy page and select the Assignments tab in the left navigation bar. +1. At the top, in the Scope box, choose the subscription(s) that contain the policy assignments you want to remove. +1. In the table click the ellipsis menu ("...") and choose "Delete assignment". + +To delete the subscription-level policy assignments using the AZ CLI: + +```BASH +# View the policy assignments for the current subscription +az policy assignment list -o table --query "[].{Name:name, DisplayName:displayName, Scope:scope}" + +# Remove a policy assignment in the current subscription scope. +az policy assignment delete --name "" +``` + +To downgrade the ASC pricing level in the Azure portal: + +1. Navigate to the Microsoft Defender for Cloud page, then click the "Environment settings" tab in the left navigation panel. +1. In the tree/grid select the subscription you want to manage. +1. Click the large box near the top of the page that says "Enhanced security off". +1. Click the save button. + +To downgrade the ASC pricing level using the AZ CLI: + +```BASH +# List the pricing tiers +az security pricing list -o table --query "value[].{Name:name, Tier:pricingTier}" + +# Change a pricing tier to the default free tier +az security pricing create --name "" --tier Free +``` + +> NOTE: The Azure portal allows changing all pricing tiers with a single setting, but the AZ CLI requires each setting to be managed individually. + ## Development Setup If you want to develop with Bicep you'll need these: diff --git a/docs/images/20211220_missionlz_as_of_Dec2021.svg b/docs/images/20220204_missionlz_as_of_Feb2022_light.svg similarity index 71% rename from docs/images/20211220_missionlz_as_of_Dec2021.svg rename to docs/images/20220204_missionlz_as_of_Feb2022_light.svg index b45470815..700476a48 100644 --- a/docs/images/20211220_missionlz_as_of_Dec2021.svg +++ b/docs/images/20220204_missionlz_as_of_Feb2022_light.svg @@ -1,9 +1,9 @@ - + + xml:space="preserve" color-interpolation-filters="sRGB" class="st74"> @@ -12,132 +12,130 @@ - + - + - + - + xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAYAAADED76LAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAITcAACE3ATNYn3oAAAAvSURBVChTY2CouPIfhN+8eQPGGHysgkh8sAJ8isBW4FWEVRCZj1UQiU+pG678BwC0tcHBjaAGogAAAABJRU5ErkJggg=="/> - + xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAYAAADED76LAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAITcAACE3ATNYn3oAAAAoSURBVChTY8je+ek/CL958waM0fkM2ASR+WAF+BSBrcCnaODd8Ok/ANC42wGY5IQuAAAAAElFTkSuQmCC"/> - + - + xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAgAAAAICAYAAADED76LAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAAITcAACE3ATNYn3oAAAAoSURBVChTYwh49v8/CL958waM0fkM2ASR+WAF+BSBrcCnaODd8P8/AM1G3uEodXroAAAAAElFTkSuQmCC"/> - + - + - + @@ -146,46 +144,31 @@ - + - + - - - - - - - - - - - - - - - - + - + - + @@ -193,11 +176,11 @@ - + - + @@ -205,7 +188,7 @@ - + @@ -214,20 +197,20 @@ - + - + - + - + @@ -236,19 +219,19 @@ - - - - @@ -268,16 +251,15 @@ - - Arrow (Azure Poster style).445 - + + Sheet.1464 + - + Sheet.1263 - + Sheet.328 - + Rectangle Hub @@ -286,14 +268,14 @@ - - Hub - + + Hub + Sheet.25 - + Firewalls Azure Firewall Premium & Firewall Policy - + Sheet.14 @@ -301,144 +283,144 @@ + 0 0 32.23 603.27 Z" class="st4"/> - + Sheet.15 + 612 a0.751991 0.915308 -180 0 0 0.751991 -0.893515 L18.94 600.21 Z" class="st5"/> - + Sheet.16 - + - + Sheet.17 - + - + Sheet.18 + L2.13 612 L0 612 L0 609.23 Z" class="st6"/> - + Sheet.19 + 612 L0 612 L0 609.23 Z" class="st7"/> - + Sheet.20 + 612 L0 612 L0 609.23 Z" class="st6"/> - + Sheet.21 - + - + Sheet.22 - + - + - - Azure Firewall Premium &Firewall Policy + + Azure Firewall Premium &Firewall Policy - + Sheet.300 - + Sheet.312 Azure Bastion - - Azure Bastion - + + Azure Bastion + Sheet.315 - + Sheet.316 Virtual Network - - Virtual Network - + + Virtual Network + Icon-networking-61 - + Sheet.318 - + - + Sheet.319 - + - + Sheet.320 - + - Sheet.321 + Z" class="st14"/> - + Sheet.322 + Z" class="st15"/> - + Sheet.323 + L14.91 602.79 Z" class="st14"/> - Sheet.324 + -0.704913 L15.61 602.92 Z" class="st15"/> - + Sheet.377 - + Sheet.329 - + Rectangle.10 Tier 0 (Identity) @@ -447,77 +429,77 @@ - - Tier 0 (Identity) - + + Tier 0 (Identity) + Sheet.253 - + Sheet.252 Virtual Network - - Virtual Network - + + Virtual Network + Icon-networking-61 - + Sheet.109 - + - + Sheet.110 - + - + Sheet.111 - + - Sheet.112 + -0.316116 Z" class="st14"/> - Sheet.113 + -0.316116 Z" class="st15"/> - Sheet.114 + L17.95 603.74 Z" class="st14"/> - Sheet.115 + 0 1 0.761247 -0.632232 L18.79 603.85 Z" class="st15"/> - + Sheet.344 - + Subnet with NSG - + Rectangle - + - + Rectangle.19 Subnet with NSG Rules @@ -529,253 +511,253 @@ - - Subnet with NSG Rules - + + Subnet with NSG Rules + Security Groups Security Groups - + Sheet.198 - + + 0 0 1 0.704348 0.736099 L23.04 596.64 Z" class="st20"/> + 0.736099 L23.04 596.64 Z" class="st21"/> - + Sheet.199 - + + 0.672091 0 0 1 0.641739 0.672091 L21.13 597.92 Z" class="st20"/> + 0.672091 0 0 1 0.641739 0.672091 L21.13 597.92 Z" class="st22"/> - + Sheet.200 - + + 0 0 0.281739 0.096013 L10.52 612 L10.52 598.8 Z" class="st20"/> + 0.096013 L10.52 612 L10.52 598.8 Z" class="st23"/> - + Sheet.201 - + + class="st20"/> + class="st24"/> - + Sheet.202 - + + 9.89 605.49 10.52 598.8 Z" class="st20"/> + 605.49 10.52 598.8 Z" class="st24"/> - + Virtual Machine - + Sheet.269 + 597.1 a0.829016 0.745237 -180 0 0 -0.828997 0.745219 L0 611.25 Z" class="st25"/> - + Sheet.270 - + - + Sheet.271 - + - + Sheet.272 - + - + Sheet.273 - + - + Sheet.274 - + - + Sheet.275 + Z" class="st25"/> - + Virtual Machine.276 - + Sheet.277 + 597.1 a0.829016 0.745237 -180 0 0 -0.828997 0.745219 L0 611.25 Z" class="st25"/> - + Sheet.278 - + - + Sheet.279 - + - + Sheet.280 - + - + Sheet.281 - + - + Sheet.282 - + - + Sheet.283 + Z" class="st25"/> - + Virtual Machine.284 - + Sheet.285 + 597.1 a0.829016 0.745237 -180 0 0 -0.828997 0.745219 L0 611.25 Z" class="st25"/> - + Sheet.286 - + - + Sheet.287 - + - + Sheet.288 - + - + Sheet.289 - + - + Sheet.290 - + - + Sheet.291 + Z" class="st25"/> - + Sheet.378 - + Sheet.379 - + Rectangle.10 Tier 2 (Shared Services) @@ -784,77 +766,77 @@ - - Tier 2 (Shared Services) - + + Tier 2 (Shared Services) + Sheet.401 - + Sheet.402 Virtual Network - - Virtual Network - + + Virtual Network + Icon-networking-61 - + Sheet.404 - + - + Sheet.405 - + - + Sheet.406 - + - Sheet.407 + -0.316116 Z" class="st14"/> - Sheet.408 + -0.316116 Z" class="st15"/> - Sheet.409 + L17.95 603.74 Z" class="st14"/> - Sheet.410 + 0 1 0.761247 -0.632232 L18.79 603.85 Z" class="st15"/> - + Sheet.411 - + Subnet with NSG - + Rectangle - + - + Rectangle.19 Subnet with NSG Rules @@ -866,263 +848,253 @@ - - Subnet with NSG Rules - + + Subnet with NSG Rules + Security Groups Security Groups - + Sheet.416 - + + 0 0 1 0.704348 0.736099 L23.04 596.64 Z" class="st20"/> + 0.736099 L23.04 596.64 Z" class="st21"/> - + Sheet.417 - + + 0.672091 0 0 1 0.641739 0.672091 L21.13 597.92 Z" class="st20"/> + 0.672091 0 0 1 0.641739 0.672091 L21.13 597.92 Z" class="st22"/> - + Sheet.418 - + + 0 0 0.281739 0.096013 L10.52 612 L10.52 598.8 Z" class="st20"/> + 0.096013 L10.52 612 L10.52 598.8 Z" class="st23"/> - + Sheet.419 - + + class="st20"/> + class="st24"/> - + Sheet.420 - + + 9.89 605.49 10.52 598.8 Z" class="st20"/> + 605.49 10.52 598.8 Z" class="st24"/> - + Virtual Machine - + Sheet.422 + 597.1 a0.829016 0.745237 -180 0 0 -0.828997 0.745219 L0 611.25 Z" class="st25"/> - + Sheet.423 - + - + Sheet.424 - + - + Sheet.425 - + - + Sheet.426 - + - + Sheet.427 - + - + Sheet.428 + Z" class="st25"/> - + Virtual Machine.276 - + Sheet.430 + 597.1 a0.829016 0.745237 -180 0 0 -0.828997 0.745219 L0 611.25 Z" class="st25"/> - + Sheet.431 - + - + Sheet.432 - + - + Sheet.433 - + - + Sheet.434 - + - + Sheet.435 - + - + Sheet.436 + Z" class="st25"/> - + Virtual Machine.284 - + Sheet.438 + 597.1 a0.829016 0.745237 -180 0 0 -0.828997 0.745219 L0 611.25 Z" class="st25"/> - + Sheet.439 - + - + Sheet.440 - + - + Sheet.441 - + - + Sheet.442 - + - + Sheet.443 - + - + Sheet.444 + Z" class="st25"/> - - Arrow (Azure Poster style).335 - - - - Arrow (Azure Poster style).445 - - - + Sheet.446 - + Sheet.447 - + Rectangle.10 Tier 1 (Operations) @@ -1131,77 +1103,77 @@ - - Tier 1 (Operations) - + + Tier 1 (Operations) + Sheet.469 - + Sheet.470 Virtual Network - - Virtual Network - + + Virtual Network + Icon-networking-61 - + Sheet.472 - + - + Sheet.473 - + - + Sheet.474 - + - Sheet.475 + -0.316116 Z" class="st14"/> - Sheet.476 + -0.316116 Z" class="st15"/> - Sheet.477 + L17.95 603.74 Z" class="st14"/> - Sheet.478 + 0 1 0.761247 -0.632232 L18.79 603.85 Z" class="st15"/> - + Sheet.479 - + Subnet with NSG - + Rectangle - + - + Rectangle.19 Subnet with NSG Rules @@ -1213,341 +1185,314 @@ - - Subnet with NSG Rules - + + Subnet with NSG Rules + Security Groups Security Groups - + Sheet.484 - + + 0 0 1 0.704348 0.736099 L23.04 596.64 Z" class="st20"/> + 0.736099 L23.04 596.64 Z" class="st21"/> - + Sheet.485 - + + 0.672091 0 0 1 0.641739 0.672091 L21.13 597.92 Z" class="st20"/> + 0.672091 0 0 1 0.641739 0.672091 L21.13 597.92 Z" class="st22"/> - + Sheet.486 - + + 0 0 0.281739 0.096013 L10.52 612 L10.52 598.8 Z" class="st20"/> + 0.096013 L10.52 612 L10.52 598.8 Z" class="st23"/> - + Sheet.487 - + + class="st20"/> + class="st24"/> - + Sheet.488 - + + 9.89 605.49 10.52 598.8 Z" class="st20"/> + 605.49 10.52 598.8 Z" class="st24"/> - + Virtual Machine - + Sheet.490 + 597.1 a0.829016 0.745237 -180 0 0 -0.828997 0.745219 L0 611.25 Z" class="st25"/> - + Sheet.491 - + - + Sheet.492 - + - + Sheet.493 - + - + Sheet.494 - + - + Sheet.495 - + - + Sheet.496 + Z" class="st25"/> - + Virtual Machine.276 - + Sheet.498 + 597.1 a0.829016 0.745237 -180 0 0 -0.828997 0.745219 L0 611.25 Z" class="st25"/> - + Sheet.499 - + - + Sheet.500 - + - + Sheet.501 - + - + Sheet.502 - + - + Sheet.503 - + - + Sheet.504 + Z" class="st25"/> - + Virtual Machine.284 - + Sheet.506 + 597.1 a0.829016 0.745237 -180 0 0 -0.828997 0.745219 L0 611.25 Z" class="st25"/> - + Sheet.507 - + - + Sheet.508 - + - + Sheet.509 - + - + Sheet.510 - + - + Sheet.511 - + - + Sheet.512 + Z" class="st25"/> - - Arrow double - vnet peer - - - - - vnet peer - - Arrow double.516 - vnet peer - - - - - vnet peer - - Arrow double.517 - vnet peer - - - - - vnet peer - + Sheet.1006 - + 2nd box color Security, Monitoring, and Compliance - - Security, Monitoring, and Compliance - - Sheet.1067 - - Storage Accounts - Monitor Logs - - Sheet.86 - - - - - - - Sheet.87 - - - - - - - Sheet.88 - - - - - - - Sheet.89 - - - - - - - Sheet.90 - - - - - - - - - Monitor Logs + + Security, Monitoring, and Compliance + + Storage Accounts.85 + Monitor Logs + + Sheet.86 + + + + + + Sheet.87 + + + + + + + Sheet.88 + + + + + + + Sheet.89 + + + + + + + Sheet.90 + + + + + + + + + Monitor Logs - + Sheet.1148 - + Subscriptions.1127 - + Sheet.1150 @@ -1560,50 +1505,50 @@ 0.422211 -180 0 0 -1.95399E-14 -0.617078 L14.6 603.7 a0.546707 0.454689 0 0 1 -3.90799E-14 -0.665795 L15.78 602.07 a0.507656 0.422211 -180 0 0 3.90799E-14 -0.617078 L14.27 600.19 L14.27 599.73 L20.77 594.26 ZM11.01 585.1 A2.30398 1.91619 0 1 1 8.69 587.02 A2.28445 1.89995 0 0 1 10.97 - 585.1 L11.01 585.1 Z" class="st38"/> + 585.1 L11.01 585.1 Z" class="st32"/> - + Sheet.1151 + -180 0 0 0.234303 0.341017 Z" class="st33"/> - + Sheet.1152 + 0.519657 -180 0 0 -0.624808 0.519645 L0 611.48 Z" class="st33"/> - + Sheet.1153 + 0.519657 -180 0 0 -0.624808 0.519645 L0 611.48 Z" class="st33"/> - + Sheet.1154 Subscription Boundary (Optional) - - Subscription Boundary (Optional) + + Subscription Boundary (Optional) - + Sheet.1157 - + Subscriptions.1127 - + Sheet.1159 @@ -1616,50 +1561,50 @@ 0.422211 -180 0 0 -1.95399E-14 -0.617078 L14.6 603.7 a0.546707 0.454689 0 0 1 -3.90799E-14 -0.665795 L15.78 602.07 a0.507656 0.422211 -180 0 0 3.90799E-14 -0.617078 L14.27 600.19 L14.27 599.73 L20.77 594.26 ZM11.01 585.1 A2.30398 1.91619 0 1 1 8.69 587.02 A2.28445 1.89995 0 0 1 10.97 - 585.1 L11.01 585.1 Z" class="st38"/> + 585.1 L11.01 585.1 Z" class="st32"/> - + Sheet.1160 + -180 0 0 0.234303 0.341017 Z" class="st33"/> - + Sheet.1161 + 0.519657 -180 0 0 -0.624808 0.519645 L0 611.48 Z" class="st33"/> - + Sheet.1162 + 0.519657 -180 0 0 -0.624808 0.519645 L0 611.48 Z" class="st33"/> - + Sheet.1163 Subscription Boundary (Optional) - - Subscription Boundary (Optional) + + Subscription Boundary (Optional) - + Sheet.1164 - + Subscriptions.1127 - + Sheet.1166 @@ -1672,214 +1617,205 @@ 0.422211 -180 0 0 -1.95399E-14 -0.617078 L14.6 603.7 a0.546707 0.454689 0 0 1 -3.90799E-14 -0.665795 L15.78 602.07 a0.507656 0.422211 -180 0 0 3.90799E-14 -0.617078 L14.27 600.19 L14.27 599.73 L20.77 594.26 ZM11.01 585.1 A2.30398 1.91619 0 1 1 8.69 587.02 A2.28445 1.89995 0 0 1 10.97 - 585.1 L11.01 585.1 Z" class="st38"/> + 585.1 L11.01 585.1 Z" class="st32"/> - + Sheet.1167 + -180 0 0 0.234303 0.341017 Z" class="st33"/> - + Sheet.1168 + 0.519657 -180 0 0 -0.624808 0.519645 L0 611.48 Z" class="st33"/> - + Sheet.1169 + 0.519657 -180 0 0 -0.624808 0.519645 L0 611.48 Z" class="st33"/> - + Sheet.1170 Subscription Boundary (Optional) - - Subscription Boundary (Optional) + + Subscription Boundary (Optional) - + Sheet.1189 - + Sheet.1191 - + Storage Accounts.1194 Monitor Logs - + Sheet.1195 + 1 0 610.76 L0 590.13 Z" class="st28"/> - + Sheet.1196 + 0 0 1 1.2 604.12 Z" class="st29"/> - + Sheet.1197 + 0.587583 0 0 1 0.547831 -0.587583 Z" class="st30"/> - + Sheet.1198 + 0.587583 0 0 1 0.547831 -0.696394 Z" class="st29"/> - + Sheet.1199 + 0.587583 0 0 1 0.547831 -0.587583 Z" class="st31"/> - + - - Monitor Logs + + Monitor Logs - + Storage Accounts Monitor Logs - + Sheet.1222 + 1 0 610.76 L0 590.13 Z" class="st28"/> - + Sheet.1223 + 0 0 1 1.2 604.12 Z" class="st29"/> - + Sheet.1224 + 0.587583 0 0 1 0.547831 -0.587583 Z" class="st30"/> - + Sheet.1225 + 0.587583 0 0 1 0.547831 -0.696394 Z" class="st29"/> - + Sheet.1226 + 0.587583 0 0 1 0.547831 -0.587583 Z" class="st31"/> - + - Monitor Logs + Monitor Logs - + Sheet.1247 - + faeec9e4-44b9-413a-8332-867d334 - + Sheet.1249 - + Sheet.1250 - + - + Sheet.1251 - + - + Sheet.1252 - + Sheet.1253 + -180 0 0 -0.242603 -0.579838 Z" class="st36"/> - + Sheet.1254 + class="st36"/> - - Arrow (Azure Poster style).513 - Forced Tunneling - - - - - Forced Tunneling - + Sheet.1260 - + Sheet.1256 - + Sheet.1257 - + - + Sheet.1255 - + - + - + Sheet.1258 Browser - - Browser + + Browser - + Arrow (Azure Poster style).1261 Azure Portal - - - - Azure Portal - - Arrow (Azure Poster style).1262 - + + + + Azure Portal + + Arrow (Azure Poster style).335 + + + Arrow (Azure Poster style).445 + + + + Arrow double.517 + vnet peer + + + + + vnet peer + + Arrow double.516 + vnet peer + + + + + vnet peer + + Arrow double + vnet peer + + + + + vnet peer - + Sheet.1264 - + Sheet.1265 - + Rectangle.10 Tier 3 (Workloads/Team Environments) @@ -2003,77 +1969,77 @@ - - Tier 3 (Workloads/Team Environments) - + + Tier 3 (Workloads/Team Environments) + Sheet.1267 - + Sheet.1268 Virtual Network - - Virtual Network - + + Virtual Network + Icon-networking-61 - + Sheet.1270 - + - + Sheet.1271 - + - + Sheet.1272 - + - Sheet.1273 + Z" class="st14"/> - Sheet.1274 + Z" class="st15"/> - Sheet.1275 + L17.95 604.56 Z" class="st14"/> - Sheet.1276 + 0.761247 -0.569527 L18.79 604.66 Z" class="st15"/> - + Sheet.1277 - + Subnet with NSG - + Rectangle - + - + Rectangle.19 Subnet with NSG Rules @@ -2085,261 +2051,261 @@ - - Subnet with NSG Rules - + + Subnet with NSG Rules + Security Groups Security Groups - + Sheet.1282 - + + 0.736099 L23.04 596.64 Z" class="st20"/> + L23.04 596.64 Z" class="st21"/> - + Sheet.1283 - + + 0.672091 0 0 1 0.641739 0.672091 L21.13 597.92 Z" class="st20"/> + 0.672091 L21.13 597.92 Z" class="st22"/> - + Sheet.1284 - + + 0.096013 L10.52 612 L10.52 598.8 Z" class="st20"/> + L10.52 612 L10.52 598.8 Z" class="st23"/> - + Sheet.1285 - + + class="st20"/> + 0.01 611.14 L0.01 602.59 a0.673043 0.688093 0 0 1 0.594783 -0.688093 Z" class="st24"/> - + Sheet.1286 - + + 605.49 10.52 598.8 Z" class="st20"/> + 605.49 10.52 598.8 Z" class="st24"/> - + Virtual Machine - + Sheet.1288 + a0.829016 0.671324 -180 0 0 -0.828997 0.671309 L0 611.33 Z" class="st25"/> - + Sheet.1289 - + - + Sheet.1290 - + - + Sheet.1291 - + - + Sheet.1292 - + - + Sheet.1293 - + - + Sheet.1294 + class="st25"/> - + Virtual Machine.276 - + Sheet.1296 + a0.829016 0.671324 -180 0 0 -0.828997 0.671309 L0 611.33 Z" class="st25"/> - + Sheet.1297 - + - + Sheet.1298 - + - + Sheet.1299 - + - + Sheet.1300 - + - + Sheet.1301 - + - + Sheet.1302 + class="st25"/> - + Virtual Machine.284 - + Sheet.1304 + a0.829016 0.671324 -180 0 0 -0.828997 0.671309 L0 611.33 Z" class="st25"/> - + Sheet.1305 - + - + Sheet.1306 - + - + Sheet.1307 - + - + Sheet.1308 - + - + Sheet.1309 - + - + Sheet.1310 + class="st25"/> - + Sheet.1312 One or more Tier 3 environments for isolated workloads or tea... - - One or more Tier 3 environments for isolated workloads or teams developing workloads - + + One or more Tier 3 environments for isolated workloads or teams developing workloads + Sheet.1313 - + Subscriptions.1127 - + Sheet.1315 @@ -2352,167 +2318,128 @@ 2.84217E-14 -0.617078 L14.6 603.7 a0.546707 0.454689 0 0 1 -1.42109E-14 -0.665795 L15.78 602.07 a0.507656 0.422211 -180 0 0 -7.10543E-15 -0.617078 L14.27 600.19 L14.27 599.73 L20.77 594.26 ZM11.01 585.1 A2.30398 1.91619 0 1 1 8.69 587.02 A2.28445 1.89995 0 0 1 10.97 585.1 L11.01 585.1 Z" - class="st38"/> + class="st32"/> - + Sheet.1316 + 0 0 0.234303 0.341017 Z" class="st33"/> - + Sheet.1317 + -180 0 0 -0.624808 0.519645 L0 611.48 Z" class="st33"/> - + Sheet.1318 + -180 0 0 -0.624808 0.519645 L0 611.48 Z" class="st33"/> - + Sheet.1319 Subscription Boundary (Optional) - - Subscription Boundary (Optional) + + Subscription Boundary (Optional) - + Sheet.1339 - + Icon-manage-307 - + Sheet.1341 + L0 603.32 Z" class="st44"/> - + Sheet.1342 + 10.2279 0 0 1 9.27 591.25 Z" class="st45"/> - + Sheet.1343 - + - + Sheet.1344 - + - + Sheet.1345 - + - + Sheet.1346 Log Analytics Workspace - - Log AnalyticsWorkspace - - - Solutions - Solutions - - Sheet.1348 - - - - - - - Sheet.1349 - - - - - - - Sheet.1350 - - - - - - - - - Solutions + + Log AnalyticsWorkspace - + Policy.1033 Azure Policy Initiatives - + Sheet.1352 - + - + Sheet.1353 - + - + Sheet.1354 - + - + Sheet.1355 - + - + Sheet.1356 - + - + Sheet.1357 - + - + Sheet.1358 @@ -2522,9 +2449,9 @@ -0.359601 C22.86 587.86 13.47 582.86 13.34 582.93 L0.2 590.02 L0 590.15 L2.57 591.63 ZM22.39 604.57 L13.76 609.25 a0.637152 0.599335 0 0 1 -0.200248 0 L13.56 611.99 a0.364087 0.342477 -180 0 0 0.200248 0 L22.86 607.09 a0.436905 0.410973 -180 0 0 0.218452 -0.342477 L23.08 604.93 a0.436905 0.410973 -180 - 0 0 -0.691765 -0.359601 Z" class="st52"/> + 0 0 -0.691765 -0.359601 Z" class="st48"/> - + Sheet.1359 @@ -2532,18 +2459,18 @@ + 0.410973 -180 0 0 0.218452 1.13687E-13 L13.58 609.3 Z" class="st49"/> - + - Azure Policy Initiatives + Azure Policy Initiatives - + Security Center.1214 Azure Security Center / Defender - + Sheet.1361 @@ -2551,9 +2478,9 @@ + class="st51"/> - + Sheet.1362 @@ -2561,9 +2488,9 @@ + Z" class="st52"/> - + Sheet.1363 @@ -2573,158 +2500,155 @@ 0 0 -0.795324 0.650419 L0 611.35 a0.802643 0.668712 -180 0 0 0.795324 0.650419 L14.72 612 a0.802643 0.668712 -180 0 0 0.795324 -0.650419 L15.51 603.87 a0.800203 0.66668 -180 0 0 -0.795324 -0.650419 ZM10.94 603.22 L4.58 603.22 L4.58 600.29 A3.49845 2.91469 0 0 1 5.58 598.27 A2.92757 2.43907 0 0 1 9.95 598.27 - A3.40086 2.83339 0 0 1 10.32 598.68 A3.52529 2.93705 0 0 1 10.95 600.29 L10.94 603.22 Z" class="st36"/> + A3.40086 2.83339 0 0 1 10.32 598.68 A3.52529 2.93705 0 0 1 10.95 600.29 L10.94 603.22 Z" class="st30"/> - + Sheet.1364 + -0.489847 L0 604.03 a0.800203 0.66668 0 0 1 0.795324 -0.652452 Z" class="st53"/> - + Sheet.1365 + 0 0 0.285438 -0.489847 L15.23 604.03 a0.802643 0.668712 -180 0 0 -0.795324 -0.652452 Z" class="st54"/> - + - - Azure Security Center / Defender + + Azure Security Center / Defender - + Azure Sentinel Azure Sentinel - + Sheet.1367 + 577.44 19.94 581.28 29.22 581.5 a0.9504 0.894143 0 0 1 0.9288 0.894143 L30.24 593.58 Z" class="st55"/> - + Sheet.1368 + 580.26 18.21 583.84 26.74 583.98 a0.8856 0.833178 0 0 1 0.8424 0.812857 L27.56 595.11 Z" class="st56"/> - + Sheet.1369 + L4.1 612 a1.0584 0.99575 -180 0 0 1.0584 -0.812857 A6.2208 5.85257 0 0 1 11.3 606.17 Z" class="st57"/> - + Sheet.1370 - + - + - - Azure Sentinel + + Azure Sentinel - + Virtual Machine.1022 Windows/Linux - + Sheet.1372 + class="st4"/> - + Sheet.1373 - + - + Sheet.1374 - + - + Sheet.1375 - + - + Sheet.1376 - + - + Sheet.1377 - + - + Sheet.1378 + A1.92 2.07817 -180 0 0 0 612 L17.28 612 A1.92 2.07817 -180 0 0 15.57 609.92 Z" class="st59"/> - + - - Windows/Linux + + Windows/Linux - - Arrow double.517 - vnet peer - - - - - vnet peer - + + Arrow (Azure Poster style).445 + + + Private Link.1023 Private Endpoints/ Private Link Scope - + Sheet.1381 - + - + Sheet.1382 - + - + Sheet.1383 @@ -2732,9 +2656,9 @@ + Z" class="st61"/> - + Sheet.1384 @@ -2742,295 +2666,295 @@ + A4.3111 4.64683 -180 0 0 8.43 602.77 Z" class="st62"/> - + Sheet.1385 + class="st14"/> - + Sheet.1386 + 0 1 0.32 609.41 L9 600.02 a0.539606 0.581629 0 0 1 0.761628 0 Z" class="st15"/> - + Sheet.1387 + 610.97 Z" class="st14"/> - + Sheet.1388 + 0 1 -1.13243E-14 -0.828686 L1.04 600.02 a0.539606 0.581629 0 0 1 0.761628 0 Z" class="st15"/> - + - - Private Endpoints/Private Link Scope + + Private Endpoints/Private Link Scope - + Sheet.1399 - + Icon-networking-82 - + Sheet.1401 + Z" class="st63"/> - + Sheet.1402 + Z" class="st64"/> - + Sheet.1403 - + - + Sheet.1404 + a0.226051 0.226051 -180 0 0 0.212754 -0.226051 L7.27 607.76 Z" class="st66"/> - + Sheet.1405 Route Table - - Route Table + + Route Table - + Sheet.1406 - + Icon-networking-82 - + Sheet.1408 + Z" class="st63"/> - + Sheet.1409 + Z" class="st64"/> - + Sheet.1410 - + - + Sheet.1411 + a0.226051 0.226051 -180 0 0 0.212754 -0.226051 L7.27 607.76 Z" class="st66"/> - + Sheet.1412 Route Table - - Route Table + + Route Table - + Sheet.1413 - + Icon-networking-82 - + Sheet.1415 + Z" class="st63"/> - + Sheet.1416 + Z" class="st64"/> - + Sheet.1417 - + - + Sheet.1418 + a0.226051 0.226051 -180 0 0 0.212754 -0.226051 L7.27 607.76 Z" class="st66"/> - + Sheet.1419 Route Table - - Route Table + + Route Table - + Sheet.1420 - + Icon-networking-82 - + Sheet.1422 + Z" class="st63"/> - + Sheet.1423 + Z" class="st64"/> - + Sheet.1424 - + - + Sheet.1425 + a0.226051 0.226051 -180 0 0 0.212754 -0.226051 L7.27 607.76 Z" class="st66"/> - + Sheet.1426 Route Table - - Route Table + + Route Table - + Storage Accounts Monitor Logs - + Sheet.1428 + 610.76 L0 590.13 Z" class="st28"/> - + Sheet.1429 + 0 0 1 1.2 604.12 Z" class="st29"/> - + Sheet.1430 + 0 0 1 0.547831 -0.587583 Z" class="st30"/> - + Sheet.1431 + 0 0 1 0.547831 -0.696394 Z" class="st29"/> - + Sheet.1432 + 0 0 1 0.547831 -0.587583 Z" class="st31"/> - + - Monitor Logs + Monitor Logs - + Sheet.1433 - + Icon-manage-306 - + Sheet.1435 + 0 0 0.251886 -0.570059 L18.83 590.56 A1.07383 1.07383 -180 0 0 17.59 589.46 Z" class="st67"/> - + Sheet.1436 + 592.49 Z" class="st68"/> + class="st69"/> - + Sheet.1437 + a0.503773 0.503773 -180 0 0 -0.503773 -0.51703 Z" class="st70"/> - + Sheet.1438 + 606.79 a0.490516 0.490516 -180 0 0 0.490516 -0.477258 Z" class="st30"/> - + Sheet.1439 - Diagnostic Setting + Diagnostic Settings - - Diagnostic Setting + + Diagnostic Settings - + Sheet.1440 - + Subscriptions.1127 - + Sheet.1442 @@ -3043,62 +2967,62 @@ 2.84217E-14 -0.617078 L14.6 603.7 a0.546707 0.454689 0 0 1 -1.42109E-14 -0.665795 L15.78 602.07 a0.507656 0.422211 -180 0 0 -7.10543E-15 -0.617078 L14.27 600.19 L14.27 599.73 L20.77 594.26 ZM11.01 585.1 A2.30398 1.91619 0 1 1 8.69 587.02 A2.28445 1.89995 0 0 1 10.97 585.1 L11.01 585.1 Z" - class="st38"/> + class="st32"/> - + Sheet.1443 + 0 0 0.234303 0.341017 Z" class="st33"/> - + Sheet.1444 + -180 0 0 -0.624808 0.519645 L0 611.48 Z" class="st33"/> - + Sheet.1445 + -180 0 0 -0.624808 0.519645 L0 611.48 Z" class="st33"/> - + Sheet.1446 Subscription Boundary (Optional) - - Subscription Boundary (Optional) + + Subscription Boundary (Optional) - + DNS Zones Private DNS Zones - + Sheet.1448 - + Sheet.1449 + 577.44 24.5 578.83 29.57 585.61 C34.56 592.27 33.3 601.68 26.74 606.82 Z" class="st71"/> - + Sheet.1450 @@ -3123,9 +3047,9 @@ 12.46 591.86 14.3 591.81 C15.99 591.81 17.67 591.65 19.32 591.34 C19.45 591.83 19.58 592.35 19.68 592.87 L20.51 593.07 C20.38 592.42 20.24 591.82 20.08 591.27 C21.55 590.95 22.95 590.4 24.24 589.63 C28.55 594.5 28.6 601.8 24.35 606.72 C23.11 605.92 21.76 605.33 20.34 604.98 L20.34 605.03 Z" - class="st75"/> + class="st72"/> - + Sheet.1451 @@ -3143,13 +3067,74 @@ C17.83 604.12 18.41 604.24 18.93 604.5 L18.64 605.3 C18.2 605.06 17.7 604.94 17.2 604.94 C16.15 604.94 15.75 605.56 15.75 606.08 C15.75 606.6 16.22 607.14 17.27 607.54 C18.31 607.93 19.22 608.66 19.22 609.77 C19.22 610.89 18.35 611.95 16.54 611.95 C15.87 611.96 15.21 611.79 14.61 611.46 L14.83 - 610.65 Z" class="st36"/> + 610.65 Z" class="st30"/> - + - - Private DNS Zones + + Private DNS Zones + + + Arrow (Azure Poster style).513 + Forced Tunneling + + + + + Forced Tunneling + + Arrow double.517 + vnet peer + + + + + vnet peer + + Arrow (Azure Poster style).1261 + + + + Arrow (Azure Poster style).1455 + + + + Sheet.1456 + + Icon-manage-307 + + Sheet.1458 + + + + Sheet.1459 + + + + Sheet.1460 + + + + Sheet.1461 + + + + Sheet.1462 + + + + + Sheet.1463 + Solutions + + + + Solutions diff --git a/src/bicep/mlz.bicep b/src/bicep/mlz.bicep index e11757b9b..0ed35b83c 100644 --- a/src/bicep/mlz.bicep +++ b/src/bicep/mlz.bicep @@ -879,6 +879,7 @@ module hubPolicyAssignment './modules/policyAssignment.bicep' = if (deployPolicy logAnalyticsWorkspaceName: logAnalyticsWorkspace.outputs.name logAnalyticsWorkspaceResourceGroupName: logAnalyticsWorkspace.outputs.resourceGroupName operationsSubscriptionId: operationsSubscriptionId + location: location } } @@ -890,6 +891,7 @@ module spokePolicyAssignments './modules/policyAssignment.bicep' = [for spoke in logAnalyticsWorkspaceName: logAnalyticsWorkspace.outputs.name logAnalyticsWorkspaceResourceGroupName: logAnalyticsWorkspace.outputs.resourceGroupName operationsSubscriptionId: operationsSubscriptionId + location: location } }] diff --git a/src/bicep/mlz.json b/src/bicep/mlz.json index 9f7e3c48f..1748b4866 100644 --- a/src/bicep/mlz.json +++ b/src/bicep/mlz.json @@ -4,8 +4,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "9598620800925226147" + "version": "0.4.1272.37030", + "templateHash": "9201973649437229365" } }, "parameters": { @@ -992,8 +992,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "14950222555728755781" + "version": "0.4.1272.37030", + "templateHash": "4174558877263142858" } }, "parameters": { @@ -1070,8 +1070,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "14950222555728755781" + "version": "0.4.1272.37030", + "templateHash": "4174558877263142858" } }, "parameters": { @@ -1156,8 +1156,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "4395124562160248941" + "version": "0.4.1272.37030", + "templateHash": "11724831103924478361" } }, "parameters": { @@ -1353,10 +1353,10 @@ "value": "[parameters('logStorageSkuName')]" }, "logAnalyticsWorkspaceName": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.name.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.name.value]" }, "logAnalyticsWorkspaceResourceId": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.id.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.id.value]" }, "virtualNetworkName": { "value": "[variables('hubVirtualNetworkName')]" @@ -1476,8 +1476,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "11458318329795931964" + "version": "0.4.1272.37030", + "templateHash": "5240539463340820565" } }, "parameters": { @@ -1654,10 +1654,10 @@ "properties": { "addressPrefix": "[parameters('subnetAddressPrefix')]", "networkSecurityGroup": { - "id": "[reference(resourceId('Microsoft.Resources/deployments', 'networkSecurityGroup'), '2020-10-01').outputs.id.value]" + "id": "[reference(resourceId('Microsoft.Resources/deployments', 'networkSecurityGroup')).outputs.id.value]" }, "routeTable": { - "id": "[reference(resourceId('Microsoft.Resources/deployments', 'routeTable'), '2020-10-01').outputs.id.value]" + "id": "[reference(resourceId('Microsoft.Resources/deployments', 'routeTable')).outputs.id.value]" }, "serviceEndpoints": "[parameters('subnetServiceEndpoints')]", "privateEndpointNetworkPolicies": "Disabled", @@ -1699,8 +1699,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "7484285560193853939" + "version": "0.4.1272.37030", + "templateHash": "3206702832865512735" } }, "parameters": { @@ -1766,7 +1766,7 @@ "value": "[parameters('logAnalyticsWorkspaceResourceId')]" }, "logStorageAccountResourceId": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage')).outputs.id.value]" }, "logs": { "value": "[parameters('networkSecurityGroupDiagnosticsLogs')]" @@ -1781,8 +1781,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "17232318724092975283" + "version": "0.4.1272.37030", + "templateHash": "14536610351575430582" } }, "parameters": { @@ -1899,7 +1899,7 @@ "value": "[parameters('logAnalyticsWorkspaceResourceId')]" }, "logStorageAccountResourceId": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage')).outputs.id.value]" }, "logs": { "value": "[parameters('virtualNetworkDiagnosticsLogs')]" @@ -1914,8 +1914,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "10163287795309985629" + "version": "0.4.1272.37030", + "templateHash": "15378128806924914363" } }, "parameters": { @@ -2030,7 +2030,7 @@ "value": "[parameters('routeTableRouteAddressPrefix')]" }, "routeNextHopIpAddress": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'firewall'), '2020-10-01').outputs.privateIPAddress.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'firewall')).outputs.privateIPAddress.value]" }, "routeNextHopType": { "value": "[parameters('routeTableRouteNextHopType')]" @@ -2042,8 +2042,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "2236665956144068983" + "version": "0.4.1272.37030", + "templateHash": "10577685666181832631" } }, "parameters": { @@ -2139,7 +2139,7 @@ "value": "[parameters('logAnalyticsWorkspaceResourceId')]" }, "logStorageAccountResourceId": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage')).outputs.id.value]" }, "logs": { "value": "[parameters('publicIPAddressDiagnosticsLogs')]" @@ -2154,8 +2154,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "10197745718752567420" + "version": "0.4.1272.37030", + "templateHash": "7846702911597501894" } }, "parameters": { @@ -2266,7 +2266,7 @@ "value": "[parameters('logAnalyticsWorkspaceResourceId')]" }, "logStorageAccountResourceId": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage')).outputs.id.value]" }, "logs": { "value": "[parameters('publicIPAddressDiagnosticsLogs')]" @@ -2281,8 +2281,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "10197745718752567420" + "version": "0.4.1272.37030", + "templateHash": "7846702911597501894" } }, "parameters": { @@ -2396,10 +2396,10 @@ "value": "[parameters('firewallClientIpConfigurationName')]" }, "clientIpConfigurationSubnetResourceId": { - "value": "[format('{0}/subnets/{1}', reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2020-10-01').outputs.id.value, parameters('firewallClientSubnetName'))]" + "value": "[format('{0}/subnets/{1}', reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork')).outputs.id.value, parameters('firewallClientSubnetName'))]" }, "clientIpConfigurationPublicIPAddressResourceId": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'firewallClientPublicIPAddress'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'firewallClientPublicIPAddress')).outputs.id.value]" }, "firewallSupernetIPAddress": { "value": "[parameters('firewallSupernetIPAddress')]" @@ -2408,16 +2408,16 @@ "value": "[parameters('firewallManagementIpConfigurationName')]" }, "managementIpConfigurationSubnetResourceId": { - "value": "[format('{0}/subnets/{1}', reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2020-10-01').outputs.id.value, parameters('firewallManagementSubnetName'))]" + "value": "[format('{0}/subnets/{1}', reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork')).outputs.id.value, parameters('firewallManagementSubnetName'))]" }, "managementIpConfigurationPublicIPAddressResourceId": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'firewallManagementPublicIPAddress'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'firewallManagementPublicIPAddress')).outputs.id.value]" }, "logAnalyticsWorkspaceResourceId": { "value": "[parameters('logAnalyticsWorkspaceResourceId')]" }, "logStorageAccountResourceId": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage')).outputs.id.value]" }, "logs": { "value": "[parameters('firewallDiagnosticsLogs')]" @@ -2432,8 +2432,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "4253924211133862661" + "version": "0.4.1272.37030", + "templateHash": "9132850396755633016" } }, "parameters": { @@ -2735,7 +2735,10 @@ "value": "[parameters('subnetName')]" }, "privateEndpointVnetName": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2020-10-01').outputs.name.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork')).outputs.name.value]" + }, + "location": { + "value": "[parameters('location')]" }, "tags": { "value": "[parameters('tags')]" @@ -2747,8 +2750,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "6573393806892750619" + "version": "0.4.1272.37030", + "templateHash": "14974764322478340080" } }, "parameters": { @@ -2802,6 +2805,13 @@ "metadata": { "description": "The subscription id of the subscription the virtual network exists in" } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of this resource" + } } }, "variables": { @@ -2838,7 +2848,7 @@ "type": "Microsoft.Network/privateEndpoints", "apiVersion": "2020-07-01", "name": "[variables('privateLinkEndpointName')]", - "location": "[resourceGroup().location]", + "location": "[parameters('location')]", "tags": "[parameters('tags')]", "properties": { "subnet": { @@ -3029,11 +3039,11 @@ "outputs": { "virtualNetworkName": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2020-10-01').outputs.name.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork')).outputs.name.value]" }, "virtualNetworkResourceId": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork')).outputs.id.value]" }, "subnetName": { "type": "string", @@ -3049,15 +3059,15 @@ }, "networkSecurityGroupName": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'networkSecurityGroup'), '2020-10-01').outputs.name.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'networkSecurityGroup')).outputs.name.value]" }, "networkSecurityGroupResourceId": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'networkSecurityGroup'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'networkSecurityGroup')).outputs.id.value]" }, "firewallPrivateIPAddress": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'firewall'), '2020-10-01').outputs.privateIPAddress.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'firewall')).outputs.privateIPAddress.value]" } } } @@ -3095,10 +3105,10 @@ "value": "[parameters('logStorageSkuName')]" }, "logAnalyticsWorkspaceResourceId": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.id.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.id.value]" }, "firewallPrivateIPAddress": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.firewallPrivateIPAddress.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.firewallPrivateIPAddress.value]" }, "virtualNetworkName": { "value": "[variables('spokes')[copyIndex()].virtualNetworkName]" @@ -3140,8 +3150,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "8302475958031972588" + "version": "0.4.1272.37030", + "templateHash": "11486064324027397618" } }, "parameters": { @@ -3249,8 +3259,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "7484285560193853939" + "version": "0.4.1272.37030", + "templateHash": "3206702832865512735" } }, "parameters": { @@ -3316,7 +3326,7 @@ "value": "[parameters('logAnalyticsWorkspaceResourceId')]" }, "logStorageAccountResourceId": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage')).outputs.id.value]" }, "logs": { "value": "[parameters('networkSecurityGroupDiagnosticsLogs')]" @@ -3331,8 +3341,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "17232318724092975283" + "version": "0.4.1272.37030", + "templateHash": "14536610351575430582" } }, "parameters": { @@ -3443,8 +3453,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "2236665956144068983" + "version": "0.4.1272.37030", + "templateHash": "10577685666181832631" } }, "parameters": { @@ -3534,10 +3544,10 @@ "properties": { "addressPrefix": "[parameters('subnetAddressPrefix')]", "networkSecurityGroup": { - "id": "[reference(resourceId('Microsoft.Resources/deployments', 'networkSecurityGroup'), '2020-10-01').outputs.id.value]" + "id": "[reference(resourceId('Microsoft.Resources/deployments', 'networkSecurityGroup')).outputs.id.value]" }, "routeTable": { - "id": "[reference(resourceId('Microsoft.Resources/deployments', 'routeTable'), '2020-10-01').outputs.id.value]" + "id": "[reference(resourceId('Microsoft.Resources/deployments', 'routeTable')).outputs.id.value]" }, "serviceEndpoints": "[parameters('subnetServiceEndpoints')]" } @@ -3548,7 +3558,7 @@ "value": "[parameters('logAnalyticsWorkspaceResourceId')]" }, "logStorageAccountResourceId": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'logStorage')).outputs.id.value]" }, "logs": { "value": "[parameters('virtualNetworkDiagnosticsLogs')]" @@ -3563,8 +3573,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "10163287795309985629" + "version": "0.4.1272.37030", + "templateHash": "15378128806924914363" } }, "parameters": { @@ -3659,35 +3669,35 @@ "outputs": { "virtualNetworkName": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2020-10-01').outputs.name.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork')).outputs.name.value]" }, "virtualNetworkResourceId": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork')).outputs.id.value]" }, "virtualNetworkAddressPrefix": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2020-10-01').outputs.addressPrefix.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork')).outputs.addressPrefix.value]" }, "subnetName": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2020-10-01').outputs.subnets.value[0].name]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork')).outputs.subnets.value[0].name]" }, "subnetAddressPrefix": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2020-10-01').outputs.subnets.value[0].properties.addressPrefix]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork')).outputs.subnets.value[0].properties.addressPrefix]" }, "subnetResourceId": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork'), '2020-10-01').outputs.subnets.value[0].id]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'virtualNetwork')).outputs.subnets.value[0].id]" }, "networkSecurityGroupName": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'networkSecurityGroup'), '2020-10-01').outputs.name.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'networkSecurityGroup')).outputs.name.value]" }, "networkSecurityGroupResourceId": { "type": "string", - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'networkSecurityGroup'), '2020-10-01').outputs.id.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'networkSecurityGroup')).outputs.id.value]" } } } @@ -3710,14 +3720,14 @@ "mode": "Incremental", "parameters": { "hubVirtualNetworkName": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.virtualNetworkName.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.virtualNetworkName.value]" }, "spokes": { "copy": [ { "name": "value", "count": "[length(variables('spokes'))]", - "input": "[createObject('type', variables('spokes')[copyIndex('value')].name, 'virtualNetworkName', reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex('value')].subscriptionId, variables('spokes')[copyIndex('value')].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex('value')].name, parameters('deploymentNameSuffix'))), '2020-10-01').outputs.virtualNetworkName.value, 'virtualNetworkResourceId', reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex('value')].subscriptionId, variables('spokes')[copyIndex('value')].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex('value')].name, parameters('deploymentNameSuffix'))), '2020-10-01').outputs.virtualNetworkResourceId.value)]" + "input": "[createObject('type', variables('spokes')[copyIndex('value')].name, 'virtualNetworkName', reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex('value')].subscriptionId, variables('spokes')[copyIndex('value')].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex('value')].name, parameters('deploymentNameSuffix')))).outputs.virtualNetworkName.value, 'virtualNetworkResourceId', reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex('value')].subscriptionId, variables('spokes')[copyIndex('value')].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex('value')].name, parameters('deploymentNameSuffix')))).outputs.virtualNetworkResourceId.value)]" } ] } @@ -3728,8 +3738,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "485438933319305543" + "version": "0.4.1272.37030", + "templateHash": "14488538598773189525" } }, "parameters": { @@ -3768,8 +3778,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "8767588004842445770" + "version": "0.4.1272.37030", + "templateHash": "239707517000050546" } }, "parameters": { @@ -3827,13 +3837,13 @@ "value": "[variables('spokes')[copyIndex()].resourceGroupName]" }, "spokeVirtualNetworkName": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2020-10-01').outputs.virtualNetworkName.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix')))).outputs.virtualNetworkName.value]" }, "hubVirtualNetworkName": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.virtualNetworkName.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.virtualNetworkName.value]" }, "hubVirtualNetworkResourceId": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.virtualNetworkResourceId.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.virtualNetworkResourceId.value]" } }, "template": { @@ -3842,8 +3852,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "13959757217405312631" + "version": "0.4.1272.37030", + "templateHash": "4061591777489920619" } }, "parameters": { @@ -3888,8 +3898,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "8767588004842445770" + "version": "0.4.1272.37030", + "templateHash": "239707517000050546" } }, "parameters": { @@ -3941,13 +3951,16 @@ "value": "[parameters('policy')]" }, "logAnalyticsWorkspaceName": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.name.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.name.value]" }, "logAnalyticsWorkspaceResourceGroupName": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.resourceGroupName.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.resourceGroupName.value]" }, "operationsSubscriptionId": { "value": "[parameters('operationsSubscriptionId')]" + }, + "location": { + "value": "[parameters('location')]" } }, "template": { @@ -3956,8 +3969,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "11502515675173143648" + "version": "0.4.1272.37030", + "templateHash": "18107093368850779190" } }, "parameters": { @@ -3988,6 +4001,13 @@ "metadata": { "description": "Starts a policy remediation for the VM Agent policies in hub RG. Set to false by default since this is time consuming in deployment." } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of this resource" + } } }, "variables": { @@ -4003,7 +4023,7 @@ "type": "Microsoft.Authorization/policyAssignments", "apiVersion": "2020-09-01", "name": "[variables('assignmentName')]", - "location": "[resourceGroup().location]", + "location": "[parameters('location')]", "properties": { "policyDefinitionId": "[createObject('NIST', createObject('id', '/providers/Microsoft.Authorization/policySetDefinitions/cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f', 'parameters', json(replace(' {\n \"listOfMembersToExcludeFromWindowsVMAdministratorsGroup\": \n {\n \"value\": \"admin\"\n },\n \"listOfMembersToIncludeInWindowsVMAdministratorsGroup\": \n {\n \"value\": \"azureuser\"\n },\n \"logAnalyticsWorkspaceIdforVMReporting\": \n {\n \"value\": \"\"\n },\n \"IncludeArcMachines\": \n {\n \"value\": \"true\"\n },\n \"MinimumTLSVersion-5752e6d6-1206-46d8-8ab1-ecc2f71a8112\": \n {\n \"value\": \"1.2\"\n },\n \"NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40\": \n {\n \"value\": \"Compliant\"\n },\n \"requiredRetentionDays\": \n {\n \"value\": \"365\"\n },\n \"resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6\": \n {\n \"value\": \"NetworkWatcherRG\"\n }\n }', '', extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), parameters('logAnalyticsWorkspaceResourceGroupName')), 'Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))))), 'IL5', createObject('id', '/providers/Microsoft.Authorization/policySetDefinitions/f9a961fa-3241-4b20-adc4-bbf8ad9d7197', 'parameters', json(replace('{\n \"IncludeArcMachines\" : { \n \"value\" : \"false\"\n },\n \"NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40\" : { \n \"value\" : \"Compliant\"\n },\n \"MinimumTLSVersionForWindowsServers\" : { \n \"value\" : \"1.2\"\n },\n \"requiredRetentionDays\" : { \n \"value\" : \"365\"\n },\n \"effect-febd0533-8e55-448f-b837-bd0e06f16469\" : { \n \"value\" : \"audit\"\n },\n \"allowedContainerImagesRegex-febd0533-8e55-448f-b837-bd0e06f16469\" : { \n \"value\" : \"^(.+){0}$\"\n },\n \"effect-95edb821-ddaf-4404-9732-666045e056b4\" : { \n \"value\" : \"audit\"\n },\n \"effect-440b515e-a580-421e-abeb-b159a61ddcbc\" : { \n \"value\" : \"audit\"\n },\n \"effect-233a2a17-77ca-4fb1-9b6b-69223d272a44\" : { \n \"value\" : \"audit\"\n },\n \"effect-e345eecc-fa47-480f-9e88-67dcc122b164\" : { \n \"value\" : \"audit\"\n },\n \"cpuLimit-e345eecc-fa47-480f-9e88-67dcc122b164\" : { \n \"value\" : \"0\"\n },\n \"memoryLimit-e345eecc-fa47-480f-9e88-67dcc122b164\" : { \n \"value\" : \"0\"\n },\n \"effect-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"audit\"\n },\n \"runAsUserRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"MustRunAsNonRoot\"\n },\n \"runAsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"RunAsAny\"\n },\n \"supplementalGroupsRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"RunAsAny\"\n },\n \"fsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"RunAsAny\"\n },\n \"effect-1c6e92c9-99f0-4e55-9cf2-0c234dc48f99\" : { \n \"value\" : \"audit\"\n },\n \"effect-47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8\" : { \n \"value\" : \"audit\"\n },\n \"effect-df49d893-a74c-421d-bc95-c663042e5b80\" : { \n \"value\" : \"audit\"\n },\n \"effect-1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d\" : { \n \"value\" : \"audit\"\n },\n \"effect-c26596ff-4d70-4e6a-9a30-c2506bd2f80c\" : { \n \"value\" : \"audit\"\n },\n \"effect-511f5417-5d12-434d-ab2e-816901e72a5e\" : { \n \"value\" : \"audit\"\n },\n \"effect-82985f06-dc18-4a48-bc1c-b9f4f0098cfe\" : { \n \"value\" : \"audit\"\n },\n \"effect-098fc59e-46c7-4d99-9b16-64990e543d75\" : { \n \"value\" : \"audit\"\n },\n \"NetworkWatcherResourceGroupName\" : { \n \"value\" : \"NetworkWatcherRG\"\n },\n \"setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9\" : { \n \"value\" : \"enabled\"\n },\n \"aadAuthenticationInServiceFabricMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"effect-71ef260a-8f18-47b7-abcb-62d0673d94dc\" : { \n \"value\" : \"Audit\"\n },\n \"effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66\" : { \n \"value\" : \"Audit\"\n },\n \"effect-862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d9da03a1-f3c3-412a-9709-947156872263\" : { \n \"value\" : \"Audit\"\n },\n \"effect-617c02be-7f02-4efd-8836-3180d47b6c68\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c349d81b-9985-44ae-a8da-ff98d108ede8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-3657f5a0-770e-44a3-b44e-9431ba1e9735\" : { \n \"value\" : \"Audit\"\n },\n \"effect-b4ac1030-89c5-4697-8e00-28b5ba6a8811\" : { \n \"value\" : \"audit\"\n },\n \"effect-ea0dfaed-95fb-448c-934e-d6e713ce393d\" : { \n \"value\" : \"audit\"\n },\n \"effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a\" : { \n \"value\" : \"Audit\"\n },\n \"effect-f4b53539-8df9-40e4-86c6-6b607703bd4e\" : { \n \"value\" : \"Audit\"\n },\n \"effect-41425d9f-d1a5-499a-9932-f8ed8453932c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-fc4d8e41-e223-45ea-9bf5-eada37891d87\" : { \n \"value\" : \"Audit\"\n },\n \"effect-86efb160-8de7-451d-bc08-5d475b0aadae\" : { \n \"value\" : \"Audit\"\n },\n \"effect-4ec52d6d-beb7-40c4-9a9e-fe753254690e\" : { \n \"value\" : \"Audit\"\n },\n \"effect-64d314f6-6062-4780-a861-c23e8951bee5\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-fa298e57-9444-42ba-bf04-86e8470e32c7\" : { \n \"value\" : \"audit\"\n },\n \"effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1f905d99-2ab7-462c-a6b0-f709acca6c8f\" : { \n \"value\" : \"audit\"\n },\n \"effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ba769a63-b8cc-4b2d-abf6-ac33c7204be8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-81e74cea-30fd-40d5-802f-d72103c2aaaa\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0aa61e00-0a01-4a3c-9945-e93cffedf0e6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-47031206-ce96-41f8-861b-6a915f3de284\" : { \n \"value\" : \"Audit\"\n },\n \"effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7\" : { \n \"value\" : \"audit\"\n },\n \"effect-51522a96-0869-4791-82f3-981000c2c67f\" : { \n \"value\" : \"audit\"\n },\n \"effect-b5ec538c-daa0-4006-8596-35468b9148e8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-56a5ee18-2ae6-4810-86f7-18e39ce5629b\" : { \n \"value\" : \"Audit\"\n },\n \"effect-2e94d99a-8a36-4563-bc77-810d8893b671\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5\" : { \n \"value\" : \"Audit\"\n },\n \"effect-99e9ccd8-3db9-4592-b0d1-14b1715a4d8a\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1f68a601-6e6d-4e42-babf-3f643a047ea2\" : { \n \"value\" : \"audit\"\n },\n \"effect-f7d52b2d-e161-4dfa-a82b-55e564167385\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ca91455f-eace-4f96-be59-e6e2c35b4816\" : { \n \"value\" : \"Audit\"\n },\n \"effect-702dd420-7fcc-42c5-afe8-4026edd20fe0\" : { \n \"value\" : \"Audit\"\n },\n \"diagnosticsLogsInRedisCacheMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"secureTransferToStorageAccountMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d0793b48-0edc-4296-a390-4c75d1bdfd71\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7d092e0a-7acd-40d2-a975-dca21cae48c4\" : { \n \"value\" : \"Audit\"\n },\n \"effect-2a1a9cdf-e04d-429a-8416-3bfb72a1b26f\" : { \n \"value\" : \"Audit\"\n },\n \"disableUnrestrictedNetworkToStorageAccountMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"effect-55615ac9-af46-4a59-874e-391cc3dfb490\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1b8ca024-1d5c-4dec-8995-b1a932b41780\" : { \n \"value\" : \"Audit\"\n },\n \"effect-037eea7a-bd0a-46c5-9a66-03aea78705d3\" : { \n \"value\" : \"Audit\"\n },\n \"effect-53503636-bcc9-4748-9663-5348217f160f\" : { \n \"value\" : \"Audit\"\n },\n \"effect-40cec1dd-a100-4920-b15b-3024fe8901ab\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0725b4dd-7e76-479c-a735-68e7ee23d5ca\" : { \n \"value\" : \"Audit\"\n },\n \"effect-a049bf77-880b-470f-ba6d-9f21c530cf83\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ee980b6d-0eca-4501-8d54-f6290fd512c3\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1d84d5fb-01f6-4d12-ba4f-4a26081d403d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-37e0d2fe-28a5-43d6-a273-67d37d1f5606\" : { \n \"value\" : \"Audit\"\n },\n \"identityDesignateMoreThanOneOwnerMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"diskEncryptionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"emailNotificationToSubscriptionOwnerHighSeverityAlertsEnabledEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"functionAppDisableRemoteDebuggingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"sqlDbEncryptionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vulnerabilityAssessmentOnManagedInstanceMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePHPVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"aadAuthenticationInSqlServerMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vmssEndpointProtectionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vmssOsVulnerabilitiesMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"adaptiveApplicationControlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"geoRedundantBackupShouldBeEnabledForAzureDatabaseForPostgreSQLEffect\" : { \n \"value\" : \"Audit\"\n },\n \"ensureJavaVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityDesignateLessThanOwnersMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"securityContactEmailAddressForSubscriptionEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"webAppRestrictCORSAccessMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveExternalAccountWithWritePermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveExternalAccountWithReadPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveDeprecatedAccountMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"functionAppEnforceHttpsMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"ensurePythonVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePythonVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePHPVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePythonVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"geoRedundantBackupShouldBeEnabledForAzureDatabaseForMySQLEffect\" : { \n \"value\" : \"Audit\"\n },\n \"systemUpdatesMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureJavaVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureHTTPVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"apiAppRequireLatestTlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityEnableMFAForWritePermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureHTTPVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureJavaVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"nextGenerationFirewallMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"useRbacRulesMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"webAppEnforceHttpsMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"sqlServerAuditingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vnetEnableDDoSProtectionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityEnableMFAForOwnerPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"sqlServerAdvancedDataSecurityMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"sqlManagedInstanceAdvancedDataSecurityMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"endpointProtectionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"jitNetworkAccessMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"apiAppEnforceHttpsMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"geoRedundantStorageShouldBeEnabledForStorageAccountsEffect\" : { \n \"value\" : \"Audit\"\n },\n \"vmssSystemUpdatesMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"webAppDisableRemoteDebuggingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"longtermGeoRedundantBackupEnabledAzureSQLDatabasesEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"systemConfigurationsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureHTTPVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityEnableMFAForReadPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"containerBenchmarkMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"apiAppDisableRemoteDebuggingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveDeprecatedAccountWithOwnerPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vulnerabilityAssessmentOnServerMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"webAppRequireLatestTlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveExternalAccountWithOwnerPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"functionAppRequireLatestTlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"kubernetesServiceVersionUpToDateMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"sqlDbVulnerabilityAssesmentMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"membersToIncludeInLocalAdministratorsGroup\" : { \n \"value\" : \"\"\n },\n \"membersToExcludeInLocalAdministratorsGroup\" : { \n \"value\" : \"\"\n },\n \"logAnalyticsWorkspaceIDForVMAgents\" : { \n \"value\" : \"\"\n },\n \"PHPLatestVersionForAppServices\" : { \n \"value\" : \"7.4\"\n },\n \"JavaLatestVersionForAppServices\" : { \n \"value\" : \"11\"\n },\n \"WindowsPythonLatestVersionForAppServices\" : { \n \"value\" : \"3.6\"\n },\n \"LinuxPythonLatestVersionForAppServices\" : { \n \"value\" : \"3.9\"\n },\n \"ensureDotNetFrameworkLatestForFunctionAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlManagedInstanceAdvancedDataSecurityEmailsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"vulnerabilityAssessmentMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"ensureDotNetFrameworkLatestForWebAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlServerAdvancedDataSecurityEmailsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"microsoftIaaSAntimalwareExtensionShouldBeDeployedOnWindowsServersEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"securityCenterStandardPricingTierShouldBeSelectedEffect\" : { \n \"value\" : \"Audit\"\n },\n \"theLogAnalyticsAgentShouldBeInstalledOnVirtualMachinesEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"ensurePHPVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlManagedInstanceAdvancedDataSecurityEmailAdminsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"securityContactPhoneNumberShouldBeProvidedForSubscriptionEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"threatDetectionTypesOnManagedInstanceMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"ensureDotNetFrameworkLatestForAPIAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlServerAdvancedDataSecurityEmailAdminsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"threatDetectionTypesOnServerMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"theLogAnalyticsAgentShouldBeInstalledOnVirtualMachineScaleSetsEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n }\n}', '', extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), parameters('logAnalyticsWorkspaceResourceGroupName')), 'Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))))), 'CMMC', createObject('id', '/providers/Microsoft.Authorization/policySetDefinitions/b5629c75-5c77-4422-87b9-2509e680f8de', 'parameters', json(replace('{\n \"logAnalyticsWorkspaceId-f47b5582-33ec-4c5c-87c0-b010a6b2e917\" : { \n \"value\" : \"\"\n },\n \"effect-09024ccc-0c5f-475e-9457-b7c0d9ed487b\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"MembersToExclude-69bf4abd-ca1e-4cf6-8b5a-762d42e61d4f\" :{\n \"value\": \"\"\n },\n \"MembersToInclude-30f71ea1-ac77-4f26-9fc5-2d926bbd4ba7\": {\n \"value\": \"\"\n },\n \"effect-0961003e-5a0a-4549-abde-af6a37f2724d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0b15565f-aa9e-48ba-8619-45960f2c314d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0e60b895-3786-45da-8377-9c6b4b6ac5f9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-17k78e20-9358-41c9-923c-fb736d382a12\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-1bc1795e-d44a-4d48-9b3b-6fff0fd5f9ba\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"PHPLatestVersion\" : { \n \"value\" : \"7.3\"\n },\n \"effect-22bee202-a82f-4305-9a2a-6d7f44d4dedb\" : { \n \"value\" : \"Audit\"\n },\n \"effect-26a828e1-e88f-464e-bbb3-c134a282b9de\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-34c877ad-507e-4c82-993e-3452a6e0ad3c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-3c735d8a-a4ba-4a3a-b7cf-db7754cf57f4\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-404c3081-a854-4457-ae30-26a93ef643f9\" : { \n \"value\" : \"Audit\"\n },\n \"effect-47a6b606-51aa-4496-8bb7-64b11cf66adc\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-496223c3-ad65-4ecd-878a-bae78737e9ed\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"JavaLatestVersion\" : { \n \"value\" : \"11\"\n },\n \"effect-4f11b553-d42e-4e3a-89be-32ca364cad4c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-5c607a2e-c700-4744-8254-d77e7c9eb5e4\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-5f76cf89-fbf2-47fd-a3f4-b891fa780b60\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-6b1cbf55-e8b6-442f-ba4c-7246b6381474\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-6d555dd1-86f2-4f1c-8ed7-5abae7c6cbab\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7008174a-fd10-4ef0-817e-fc820a951d73\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"LinuxPythonLatestVersion\" : { \n \"value\" : \"3.8\"\n },\n \"effect-7238174a-fd10-4ef0-817e-fc820a951d73\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-7261b898-8a84-4db8-9e04-18527132abb3\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-74c3584d-afae-46f7-a20a-6f8adba71a16\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-86b3d65f-7626-441e-b690-81a8b71cff60\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-88999f4c-376a-45c8-bcb3-4058f713cf39\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-8c122334-9d20-4eb8-89ea-ac9a705b74ae\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-8cb6aa8b-9e41-4f4e-aa25-089a7ac2581e\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9297c21d-2ed6-4474-b48f-163f75654ce3\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-991310cd-e9f3-47bc-b7b6-f57b557d07db\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9b597639-28e4-48eb-b506-56b05d366257\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9d0b6ea4-93e2-4578-bf2f-6bb17d22b4bc\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9daedab3-fb2d-461e-b861-71790eead4f6\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-a4af4a39-4135-47fb-b175-47fbdf85311d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9\" : { \n \"value\" : \"enabled\"\n },\n \"effect-a70ca396-0a34-413a-88e1-b956c1e683be\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-aa633080-8b72-40c4-a2d7-d00c03e80bed\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-abfb4388-5bf4-4ad7-ba82-2cd2f41ceae9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-abfb7388-5bf4-4ad7-ba99-2cd2f41cebb9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-af6cd1bd-1635-48cb-bde7-5b15693900b9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6\" : { \n \"value\" : \"NetworkWatcherRG\"\n },\n \"effect-b7ddfbdc-1260-477d-91fd-98bd9be789a6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c3f317a7-a95c-4547-b7e7-11017ebdf2fe\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-cb510bfd-1cba-4d9f-a230-cb0976f4bb71\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e2c1c086-2d84-4019-bff3-c44ccd95113c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e3576e28-8b17-4677-84c3-db2990658d64\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e8cbc669-f12d-49eb-93e7-9273119e9933\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e9c8d085-d9cc-4b17-9cdc-059f1f01f19e\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ebb62a0c-3560-49e1-89ed-27e074e9f8ad\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-efbde977-ba53-4479-b8e9-10b957924fbf\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f6de0be7-9a8a-4b8a-b349-43cf02d22f7c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f8456c1c-aa66-4dfb-861a-25d127b775c9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f9d614c5-c173-4d56-95a7-b4437057d193\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-fb893a29-21bb-418c-a157-e99480ec364c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-feedbf84-6b99-488c-acc2-71c829aa5ffc\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-3b980d31-7904-4bb7-8575-5665739a8052\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-6e2593d9-add6-4083-9c9b-4b7d2188c899\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b607c5de-e7d9-4eee-9e5c-83f1bcee4fa0\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-12430be1-6cc8-4527-a9a8-e3d38f250096\" : { \n \"value\" : \"Audit\"\n },\n \"modeRequirement-12430be1-6cc8-4527-a9a8-e3d38f250096\" : { \n \"value\" : \"Detection\"\n },\n \"effect-425bea59-a659-4cbb-8d31-34499bd030b8\" : { \n \"value\" : \"Audit\"\n },\n \"modeRequirement-425bea59-a659-4cbb-8d31-34499bd030b8\" : { \n \"value\" : \"Detection\"\n },\n \"effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66\" : { \n \"value\" : \"Audit\"\n },\n \"effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-013e242c-8828-4970-87b3-ab247555486d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-d38fc420-0735-4ef3-ac11-c806f651a570\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-a1181c5f-672a-477a-979a-7d58aa086233\" : { \n \"value\" : \"Audit\"\n },\n \"effect-308fbb08-4ab8-4e67-9b29-592e93fb94fa\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-4da35fc9-c9e7-4960-aec9-797fe7d9051d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-523b5cd1-3e23-492f-a539-13118b6d1e3a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-7fe3b40f-802b-4cdd-8bd4-fd799c948cc2\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-c25d9a16-bc35-4e15-a7e5-9db606bf9ed4\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b0f33259-77d7-4c9e-aac6-3aabcfae693c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-037eea7a-bd0a-46c5-9a66-03aea78705d3\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0725b4dd-7e76-479c-a735-68e7ee23d5ca\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0820b7b9-23aa-4725-a1ce-ae4558f718e5\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-2c89a2e5-7285-40fe-afe0-ae8654b92fab\" : { \n \"value\" : \"Audit\"\n },\n \"effect-358c20a6-3f9e-4f0e-97ff-c6ce485e2aac\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-5744710e-cc2f-4ee8-8809-3b11e89f4bc9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ac4a19c2-fa67-49b4-8ae5-0b2e78c49457\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c9d007d0-c057-4772-b18c-01e546713bcd\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d0793b48-0edc-4296-a390-4c75d1bdfd71\" : { \n \"value\" : \"Audit\"\n },\n \"effect-e372f825-a257-4fb8-9175-797a8a8627d6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d158790f-bfb0-486c-8631-2dc6b4e8e6af\" : { \n \"value\" : \"Audit\"\n },\n \"effect-e802a67a-daf5-4436-9ea6-f6d821dd0c5d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-a451c1ef-c6ca-483d-87ed-f49761e3ffb5\" : { \n \"value\" : \"Audit\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftSql-servers-firewallRules-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftNetwork-networkSecurityGroups-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftClassicNetwork-networkSecurityGroups-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftNetwork-networkSecurityGroups-securityRules-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftClassicNetwork-networkSecurityGroups-securityRules-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ae89ebca-1c92-4898-ac2c-9f63decb045c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-d26f7642-7545-4e18-9b75-8c9bbdee3a9a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-1a4e592a-6a6e-44a5-9814-e36264ca96e7\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-7796937f-307b-4598-941c-67d3a05ebfe7\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-c5447c04-a4d7-4ba8-a263-c9ee321a6858\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-41388f1c-2db0-4c25-95b2-35d7f5ccbfa9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b02aacc0-b073-424e-8298-42b22829ee0a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-057d6cfe-9c4f-4a6d-bc60-14420ea1f1a9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0ec47710-77ff-4a3d-9181-6aa50af424d0\" : { \n \"value\" : \"Audit\"\n },\n \"effect-48af4db5-9b8b-401c-8e74-076be876a430\" : { \n \"value\" : \"Audit\"\n },\n \"effect-82339799-d096-41ae-8538-b108becf0970\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1b7aa243-30e4-4c9e-bca8-d0d3022b634a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ef2a8f2a-b3d9-49cd-a8a8-9a3aaaf647d9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-bb91dfba-c30d-4263-9add-9c2384e659a6\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e71308d3-144b-4262-b144-efdc3cc90517\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-2bdd0062-9d75-436e-89df-487dd8e4b3c7\" : { \n \"value\" : \"Disabled\"\n },\n \"effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a\" : { \n \"value\" : \"Audit\"\n },\n \"effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-6fac406b-40ca-413b-bf8e-0bf964659c25\" : { \n \"value\" : \"Audit\"\n },\n \"effect-81e74cea-30fd-40d5-802f-d72103c2aaaa\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c349d81b-9985-44ae-a8da-ff98d108ede8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-f4b53539-8df9-40e4-86c6-6b607703bd4e\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1\" : { \n \"value\" : \"Audit\"\n },\n \"effect-048248b0-55cd-46da-b1ff-39efd52db260\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0d134df8-db83-46fb-ad72-fe0c9428c8dd\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-2c89a2e5-7285-40fe-afe0-ae8654b92fb2\" : { \n \"value\" : \"Audit\"\n },\n \"effect-3657f5a0-770e-44a3-b44e-9431ba1e9735\" : { \n \"value\" : \"Audit\"\n },\n \"effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580\" : { \n \"value\" : \"Audit\"\n },\n \"effect-617c02be-7f02-4efd-8836-3180d47b6c68\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67\" : { \n \"value\" : \"Audit\"\n },\n \"effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7\" : { \n \"value\" : \"audit\"\n },\n \"effect-f7d52b2d-e161-4dfa-a82b-55e564167385\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c43e4a30-77cb-48ab-a4dd-93f175c63b57\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1f314764-cb73-4fc9-b863-8eca98ac36e9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-123a3936-f020-408a-ba0c-47873faf1534\" : { \n \"value\" : \"AuditIfNotExists\"\n }\n}\n', '', reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), parameters('logAnalyticsWorkspaceResourceGroupName')), 'Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName')), '2021-06-01').customerId))))[variables('modifiedAssignment')].id]", "parameters": "[createObject('NIST', createObject('id', '/providers/Microsoft.Authorization/policySetDefinitions/cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f', 'parameters', json(replace(' {\n \"listOfMembersToExcludeFromWindowsVMAdministratorsGroup\": \n {\n \"value\": \"admin\"\n },\n \"listOfMembersToIncludeInWindowsVMAdministratorsGroup\": \n {\n \"value\": \"azureuser\"\n },\n \"logAnalyticsWorkspaceIdforVMReporting\": \n {\n \"value\": \"\"\n },\n \"IncludeArcMachines\": \n {\n \"value\": \"true\"\n },\n \"MinimumTLSVersion-5752e6d6-1206-46d8-8ab1-ecc2f71a8112\": \n {\n \"value\": \"1.2\"\n },\n \"NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40\": \n {\n \"value\": \"Compliant\"\n },\n \"requiredRetentionDays\": \n {\n \"value\": \"365\"\n },\n \"resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6\": \n {\n \"value\": \"NetworkWatcherRG\"\n }\n }', '', extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), parameters('logAnalyticsWorkspaceResourceGroupName')), 'Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))))), 'IL5', createObject('id', '/providers/Microsoft.Authorization/policySetDefinitions/f9a961fa-3241-4b20-adc4-bbf8ad9d7197', 'parameters', json(replace('{\n \"IncludeArcMachines\" : { \n \"value\" : \"false\"\n },\n \"NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40\" : { \n \"value\" : \"Compliant\"\n },\n \"MinimumTLSVersionForWindowsServers\" : { \n \"value\" : \"1.2\"\n },\n \"requiredRetentionDays\" : { \n \"value\" : \"365\"\n },\n \"effect-febd0533-8e55-448f-b837-bd0e06f16469\" : { \n \"value\" : \"audit\"\n },\n \"allowedContainerImagesRegex-febd0533-8e55-448f-b837-bd0e06f16469\" : { \n \"value\" : \"^(.+){0}$\"\n },\n \"effect-95edb821-ddaf-4404-9732-666045e056b4\" : { \n \"value\" : \"audit\"\n },\n \"effect-440b515e-a580-421e-abeb-b159a61ddcbc\" : { \n \"value\" : \"audit\"\n },\n \"effect-233a2a17-77ca-4fb1-9b6b-69223d272a44\" : { \n \"value\" : \"audit\"\n },\n \"effect-e345eecc-fa47-480f-9e88-67dcc122b164\" : { \n \"value\" : \"audit\"\n },\n \"cpuLimit-e345eecc-fa47-480f-9e88-67dcc122b164\" : { \n \"value\" : \"0\"\n },\n \"memoryLimit-e345eecc-fa47-480f-9e88-67dcc122b164\" : { \n \"value\" : \"0\"\n },\n \"effect-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"audit\"\n },\n \"runAsUserRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"MustRunAsNonRoot\"\n },\n \"runAsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"RunAsAny\"\n },\n \"supplementalGroupsRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"RunAsAny\"\n },\n \"fsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"RunAsAny\"\n },\n \"effect-1c6e92c9-99f0-4e55-9cf2-0c234dc48f99\" : { \n \"value\" : \"audit\"\n },\n \"effect-47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8\" : { \n \"value\" : \"audit\"\n },\n \"effect-df49d893-a74c-421d-bc95-c663042e5b80\" : { \n \"value\" : \"audit\"\n },\n \"effect-1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d\" : { \n \"value\" : \"audit\"\n },\n \"effect-c26596ff-4d70-4e6a-9a30-c2506bd2f80c\" : { \n \"value\" : \"audit\"\n },\n \"effect-511f5417-5d12-434d-ab2e-816901e72a5e\" : { \n \"value\" : \"audit\"\n },\n \"effect-82985f06-dc18-4a48-bc1c-b9f4f0098cfe\" : { \n \"value\" : \"audit\"\n },\n \"effect-098fc59e-46c7-4d99-9b16-64990e543d75\" : { \n \"value\" : \"audit\"\n },\n \"NetworkWatcherResourceGroupName\" : { \n \"value\" : \"NetworkWatcherRG\"\n },\n \"setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9\" : { \n \"value\" : \"enabled\"\n },\n \"aadAuthenticationInServiceFabricMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"effect-71ef260a-8f18-47b7-abcb-62d0673d94dc\" : { \n \"value\" : \"Audit\"\n },\n \"effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66\" : { \n \"value\" : \"Audit\"\n },\n \"effect-862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d9da03a1-f3c3-412a-9709-947156872263\" : { \n \"value\" : \"Audit\"\n },\n \"effect-617c02be-7f02-4efd-8836-3180d47b6c68\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c349d81b-9985-44ae-a8da-ff98d108ede8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-3657f5a0-770e-44a3-b44e-9431ba1e9735\" : { \n \"value\" : \"Audit\"\n },\n \"effect-b4ac1030-89c5-4697-8e00-28b5ba6a8811\" : { \n \"value\" : \"audit\"\n },\n \"effect-ea0dfaed-95fb-448c-934e-d6e713ce393d\" : { \n \"value\" : \"audit\"\n },\n \"effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a\" : { \n \"value\" : \"Audit\"\n },\n \"effect-f4b53539-8df9-40e4-86c6-6b607703bd4e\" : { \n \"value\" : \"Audit\"\n },\n \"effect-41425d9f-d1a5-499a-9932-f8ed8453932c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-fc4d8e41-e223-45ea-9bf5-eada37891d87\" : { \n \"value\" : \"Audit\"\n },\n \"effect-86efb160-8de7-451d-bc08-5d475b0aadae\" : { \n \"value\" : \"Audit\"\n },\n \"effect-4ec52d6d-beb7-40c4-9a9e-fe753254690e\" : { \n \"value\" : \"Audit\"\n },\n \"effect-64d314f6-6062-4780-a861-c23e8951bee5\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-fa298e57-9444-42ba-bf04-86e8470e32c7\" : { \n \"value\" : \"audit\"\n },\n \"effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1f905d99-2ab7-462c-a6b0-f709acca6c8f\" : { \n \"value\" : \"audit\"\n },\n \"effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ba769a63-b8cc-4b2d-abf6-ac33c7204be8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-81e74cea-30fd-40d5-802f-d72103c2aaaa\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0aa61e00-0a01-4a3c-9945-e93cffedf0e6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-47031206-ce96-41f8-861b-6a915f3de284\" : { \n \"value\" : \"Audit\"\n },\n \"effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7\" : { \n \"value\" : \"audit\"\n },\n \"effect-51522a96-0869-4791-82f3-981000c2c67f\" : { \n \"value\" : \"audit\"\n },\n \"effect-b5ec538c-daa0-4006-8596-35468b9148e8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-56a5ee18-2ae6-4810-86f7-18e39ce5629b\" : { \n \"value\" : \"Audit\"\n },\n \"effect-2e94d99a-8a36-4563-bc77-810d8893b671\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5\" : { \n \"value\" : \"Audit\"\n },\n \"effect-99e9ccd8-3db9-4592-b0d1-14b1715a4d8a\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1f68a601-6e6d-4e42-babf-3f643a047ea2\" : { \n \"value\" : \"audit\"\n },\n \"effect-f7d52b2d-e161-4dfa-a82b-55e564167385\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ca91455f-eace-4f96-be59-e6e2c35b4816\" : { \n \"value\" : \"Audit\"\n },\n \"effect-702dd420-7fcc-42c5-afe8-4026edd20fe0\" : { \n \"value\" : \"Audit\"\n },\n \"diagnosticsLogsInRedisCacheMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"secureTransferToStorageAccountMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d0793b48-0edc-4296-a390-4c75d1bdfd71\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7d092e0a-7acd-40d2-a975-dca21cae48c4\" : { \n \"value\" : \"Audit\"\n },\n \"effect-2a1a9cdf-e04d-429a-8416-3bfb72a1b26f\" : { \n \"value\" : \"Audit\"\n },\n \"disableUnrestrictedNetworkToStorageAccountMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"effect-55615ac9-af46-4a59-874e-391cc3dfb490\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1b8ca024-1d5c-4dec-8995-b1a932b41780\" : { \n \"value\" : \"Audit\"\n },\n \"effect-037eea7a-bd0a-46c5-9a66-03aea78705d3\" : { \n \"value\" : \"Audit\"\n },\n \"effect-53503636-bcc9-4748-9663-5348217f160f\" : { \n \"value\" : \"Audit\"\n },\n \"effect-40cec1dd-a100-4920-b15b-3024fe8901ab\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0725b4dd-7e76-479c-a735-68e7ee23d5ca\" : { \n \"value\" : \"Audit\"\n },\n \"effect-a049bf77-880b-470f-ba6d-9f21c530cf83\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ee980b6d-0eca-4501-8d54-f6290fd512c3\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1d84d5fb-01f6-4d12-ba4f-4a26081d403d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-37e0d2fe-28a5-43d6-a273-67d37d1f5606\" : { \n \"value\" : \"Audit\"\n },\n \"identityDesignateMoreThanOneOwnerMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"diskEncryptionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"emailNotificationToSubscriptionOwnerHighSeverityAlertsEnabledEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"functionAppDisableRemoteDebuggingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"sqlDbEncryptionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vulnerabilityAssessmentOnManagedInstanceMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePHPVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"aadAuthenticationInSqlServerMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vmssEndpointProtectionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vmssOsVulnerabilitiesMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"adaptiveApplicationControlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"geoRedundantBackupShouldBeEnabledForAzureDatabaseForPostgreSQLEffect\" : { \n \"value\" : \"Audit\"\n },\n \"ensureJavaVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityDesignateLessThanOwnersMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"securityContactEmailAddressForSubscriptionEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"webAppRestrictCORSAccessMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveExternalAccountWithWritePermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveExternalAccountWithReadPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveDeprecatedAccountMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"functionAppEnforceHttpsMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"ensurePythonVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePythonVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePHPVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePythonVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"geoRedundantBackupShouldBeEnabledForAzureDatabaseForMySQLEffect\" : { \n \"value\" : \"Audit\"\n },\n \"systemUpdatesMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureJavaVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureHTTPVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"apiAppRequireLatestTlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityEnableMFAForWritePermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureHTTPVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureJavaVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"nextGenerationFirewallMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"useRbacRulesMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"webAppEnforceHttpsMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"sqlServerAuditingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vnetEnableDDoSProtectionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityEnableMFAForOwnerPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"sqlServerAdvancedDataSecurityMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"sqlManagedInstanceAdvancedDataSecurityMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"endpointProtectionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"jitNetworkAccessMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"apiAppEnforceHttpsMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"geoRedundantStorageShouldBeEnabledForStorageAccountsEffect\" : { \n \"value\" : \"Audit\"\n },\n \"vmssSystemUpdatesMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"webAppDisableRemoteDebuggingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"longtermGeoRedundantBackupEnabledAzureSQLDatabasesEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"systemConfigurationsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureHTTPVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityEnableMFAForReadPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"containerBenchmarkMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"apiAppDisableRemoteDebuggingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveDeprecatedAccountWithOwnerPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vulnerabilityAssessmentOnServerMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"webAppRequireLatestTlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveExternalAccountWithOwnerPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"functionAppRequireLatestTlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"kubernetesServiceVersionUpToDateMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"sqlDbVulnerabilityAssesmentMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"membersToIncludeInLocalAdministratorsGroup\" : { \n \"value\" : \"\"\n },\n \"membersToExcludeInLocalAdministratorsGroup\" : { \n \"value\" : \"\"\n },\n \"logAnalyticsWorkspaceIDForVMAgents\" : { \n \"value\" : \"\"\n },\n \"PHPLatestVersionForAppServices\" : { \n \"value\" : \"7.4\"\n },\n \"JavaLatestVersionForAppServices\" : { \n \"value\" : \"11\"\n },\n \"WindowsPythonLatestVersionForAppServices\" : { \n \"value\" : \"3.6\"\n },\n \"LinuxPythonLatestVersionForAppServices\" : { \n \"value\" : \"3.9\"\n },\n \"ensureDotNetFrameworkLatestForFunctionAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlManagedInstanceAdvancedDataSecurityEmailsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"vulnerabilityAssessmentMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"ensureDotNetFrameworkLatestForWebAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlServerAdvancedDataSecurityEmailsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"microsoftIaaSAntimalwareExtensionShouldBeDeployedOnWindowsServersEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"securityCenterStandardPricingTierShouldBeSelectedEffect\" : { \n \"value\" : \"Audit\"\n },\n \"theLogAnalyticsAgentShouldBeInstalledOnVirtualMachinesEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"ensurePHPVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlManagedInstanceAdvancedDataSecurityEmailAdminsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"securityContactPhoneNumberShouldBeProvidedForSubscriptionEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"threatDetectionTypesOnManagedInstanceMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"ensureDotNetFrameworkLatestForAPIAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlServerAdvancedDataSecurityEmailAdminsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"threatDetectionTypesOnServerMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"theLogAnalyticsAgentShouldBeInstalledOnVirtualMachineScaleSetsEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n }\n}', '', extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), parameters('logAnalyticsWorkspaceResourceGroupName')), 'Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))))), 'CMMC', createObject('id', '/providers/Microsoft.Authorization/policySetDefinitions/b5629c75-5c77-4422-87b9-2509e680f8de', 'parameters', json(replace('{\n \"logAnalyticsWorkspaceId-f47b5582-33ec-4c5c-87c0-b010a6b2e917\" : { \n \"value\" : \"\"\n },\n \"effect-09024ccc-0c5f-475e-9457-b7c0d9ed487b\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"MembersToExclude-69bf4abd-ca1e-4cf6-8b5a-762d42e61d4f\" :{\n \"value\": \"\"\n },\n \"MembersToInclude-30f71ea1-ac77-4f26-9fc5-2d926bbd4ba7\": {\n \"value\": \"\"\n },\n \"effect-0961003e-5a0a-4549-abde-af6a37f2724d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0b15565f-aa9e-48ba-8619-45960f2c314d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0e60b895-3786-45da-8377-9c6b4b6ac5f9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-17k78e20-9358-41c9-923c-fb736d382a12\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-1bc1795e-d44a-4d48-9b3b-6fff0fd5f9ba\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"PHPLatestVersion\" : { \n \"value\" : \"7.3\"\n },\n \"effect-22bee202-a82f-4305-9a2a-6d7f44d4dedb\" : { \n \"value\" : \"Audit\"\n },\n \"effect-26a828e1-e88f-464e-bbb3-c134a282b9de\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-34c877ad-507e-4c82-993e-3452a6e0ad3c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-3c735d8a-a4ba-4a3a-b7cf-db7754cf57f4\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-404c3081-a854-4457-ae30-26a93ef643f9\" : { \n \"value\" : \"Audit\"\n },\n \"effect-47a6b606-51aa-4496-8bb7-64b11cf66adc\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-496223c3-ad65-4ecd-878a-bae78737e9ed\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"JavaLatestVersion\" : { \n \"value\" : \"11\"\n },\n \"effect-4f11b553-d42e-4e3a-89be-32ca364cad4c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-5c607a2e-c700-4744-8254-d77e7c9eb5e4\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-5f76cf89-fbf2-47fd-a3f4-b891fa780b60\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-6b1cbf55-e8b6-442f-ba4c-7246b6381474\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-6d555dd1-86f2-4f1c-8ed7-5abae7c6cbab\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7008174a-fd10-4ef0-817e-fc820a951d73\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"LinuxPythonLatestVersion\" : { \n \"value\" : \"3.8\"\n },\n \"effect-7238174a-fd10-4ef0-817e-fc820a951d73\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-7261b898-8a84-4db8-9e04-18527132abb3\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-74c3584d-afae-46f7-a20a-6f8adba71a16\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-86b3d65f-7626-441e-b690-81a8b71cff60\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-88999f4c-376a-45c8-bcb3-4058f713cf39\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-8c122334-9d20-4eb8-89ea-ac9a705b74ae\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-8cb6aa8b-9e41-4f4e-aa25-089a7ac2581e\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9297c21d-2ed6-4474-b48f-163f75654ce3\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-991310cd-e9f3-47bc-b7b6-f57b557d07db\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9b597639-28e4-48eb-b506-56b05d366257\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9d0b6ea4-93e2-4578-bf2f-6bb17d22b4bc\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9daedab3-fb2d-461e-b861-71790eead4f6\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-a4af4a39-4135-47fb-b175-47fbdf85311d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9\" : { \n \"value\" : \"enabled\"\n },\n \"effect-a70ca396-0a34-413a-88e1-b956c1e683be\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-aa633080-8b72-40c4-a2d7-d00c03e80bed\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-abfb4388-5bf4-4ad7-ba82-2cd2f41ceae9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-abfb7388-5bf4-4ad7-ba99-2cd2f41cebb9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-af6cd1bd-1635-48cb-bde7-5b15693900b9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6\" : { \n \"value\" : \"NetworkWatcherRG\"\n },\n \"effect-b7ddfbdc-1260-477d-91fd-98bd9be789a6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c3f317a7-a95c-4547-b7e7-11017ebdf2fe\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-cb510bfd-1cba-4d9f-a230-cb0976f4bb71\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e2c1c086-2d84-4019-bff3-c44ccd95113c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e3576e28-8b17-4677-84c3-db2990658d64\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e8cbc669-f12d-49eb-93e7-9273119e9933\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e9c8d085-d9cc-4b17-9cdc-059f1f01f19e\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ebb62a0c-3560-49e1-89ed-27e074e9f8ad\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-efbde977-ba53-4479-b8e9-10b957924fbf\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f6de0be7-9a8a-4b8a-b349-43cf02d22f7c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f8456c1c-aa66-4dfb-861a-25d127b775c9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f9d614c5-c173-4d56-95a7-b4437057d193\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-fb893a29-21bb-418c-a157-e99480ec364c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-feedbf84-6b99-488c-acc2-71c829aa5ffc\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-3b980d31-7904-4bb7-8575-5665739a8052\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-6e2593d9-add6-4083-9c9b-4b7d2188c899\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b607c5de-e7d9-4eee-9e5c-83f1bcee4fa0\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-12430be1-6cc8-4527-a9a8-e3d38f250096\" : { \n \"value\" : \"Audit\"\n },\n \"modeRequirement-12430be1-6cc8-4527-a9a8-e3d38f250096\" : { \n \"value\" : \"Detection\"\n },\n \"effect-425bea59-a659-4cbb-8d31-34499bd030b8\" : { \n \"value\" : \"Audit\"\n },\n \"modeRequirement-425bea59-a659-4cbb-8d31-34499bd030b8\" : { \n \"value\" : \"Detection\"\n },\n \"effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66\" : { \n \"value\" : \"Audit\"\n },\n \"effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-013e242c-8828-4970-87b3-ab247555486d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-d38fc420-0735-4ef3-ac11-c806f651a570\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-a1181c5f-672a-477a-979a-7d58aa086233\" : { \n \"value\" : \"Audit\"\n },\n \"effect-308fbb08-4ab8-4e67-9b29-592e93fb94fa\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-4da35fc9-c9e7-4960-aec9-797fe7d9051d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-523b5cd1-3e23-492f-a539-13118b6d1e3a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-7fe3b40f-802b-4cdd-8bd4-fd799c948cc2\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-c25d9a16-bc35-4e15-a7e5-9db606bf9ed4\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b0f33259-77d7-4c9e-aac6-3aabcfae693c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-037eea7a-bd0a-46c5-9a66-03aea78705d3\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0725b4dd-7e76-479c-a735-68e7ee23d5ca\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0820b7b9-23aa-4725-a1ce-ae4558f718e5\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-2c89a2e5-7285-40fe-afe0-ae8654b92fab\" : { \n \"value\" : \"Audit\"\n },\n \"effect-358c20a6-3f9e-4f0e-97ff-c6ce485e2aac\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-5744710e-cc2f-4ee8-8809-3b11e89f4bc9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ac4a19c2-fa67-49b4-8ae5-0b2e78c49457\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c9d007d0-c057-4772-b18c-01e546713bcd\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d0793b48-0edc-4296-a390-4c75d1bdfd71\" : { \n \"value\" : \"Audit\"\n },\n \"effect-e372f825-a257-4fb8-9175-797a8a8627d6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d158790f-bfb0-486c-8631-2dc6b4e8e6af\" : { \n \"value\" : \"Audit\"\n },\n \"effect-e802a67a-daf5-4436-9ea6-f6d821dd0c5d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-a451c1ef-c6ca-483d-87ed-f49761e3ffb5\" : { \n \"value\" : \"Audit\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftSql-servers-firewallRules-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftNetwork-networkSecurityGroups-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftClassicNetwork-networkSecurityGroups-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftNetwork-networkSecurityGroups-securityRules-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftClassicNetwork-networkSecurityGroups-securityRules-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ae89ebca-1c92-4898-ac2c-9f63decb045c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-d26f7642-7545-4e18-9b75-8c9bbdee3a9a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-1a4e592a-6a6e-44a5-9814-e36264ca96e7\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-7796937f-307b-4598-941c-67d3a05ebfe7\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-c5447c04-a4d7-4ba8-a263-c9ee321a6858\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-41388f1c-2db0-4c25-95b2-35d7f5ccbfa9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b02aacc0-b073-424e-8298-42b22829ee0a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-057d6cfe-9c4f-4a6d-bc60-14420ea1f1a9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0ec47710-77ff-4a3d-9181-6aa50af424d0\" : { \n \"value\" : \"Audit\"\n },\n \"effect-48af4db5-9b8b-401c-8e74-076be876a430\" : { \n \"value\" : \"Audit\"\n },\n \"effect-82339799-d096-41ae-8538-b108becf0970\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1b7aa243-30e4-4c9e-bca8-d0d3022b634a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ef2a8f2a-b3d9-49cd-a8a8-9a3aaaf647d9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-bb91dfba-c30d-4263-9add-9c2384e659a6\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e71308d3-144b-4262-b144-efdc3cc90517\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-2bdd0062-9d75-436e-89df-487dd8e4b3c7\" : { \n \"value\" : \"Disabled\"\n },\n \"effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a\" : { \n \"value\" : \"Audit\"\n },\n \"effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-6fac406b-40ca-413b-bf8e-0bf964659c25\" : { \n \"value\" : \"Audit\"\n },\n \"effect-81e74cea-30fd-40d5-802f-d72103c2aaaa\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c349d81b-9985-44ae-a8da-ff98d108ede8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-f4b53539-8df9-40e4-86c6-6b607703bd4e\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1\" : { \n \"value\" : \"Audit\"\n },\n \"effect-048248b0-55cd-46da-b1ff-39efd52db260\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0d134df8-db83-46fb-ad72-fe0c9428c8dd\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-2c89a2e5-7285-40fe-afe0-ae8654b92fb2\" : { \n \"value\" : \"Audit\"\n },\n \"effect-3657f5a0-770e-44a3-b44e-9431ba1e9735\" : { \n \"value\" : \"Audit\"\n },\n \"effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580\" : { \n \"value\" : \"Audit\"\n },\n \"effect-617c02be-7f02-4efd-8836-3180d47b6c68\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67\" : { \n \"value\" : \"Audit\"\n },\n \"effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7\" : { \n \"value\" : \"audit\"\n },\n \"effect-f7d52b2d-e161-4dfa-a82b-55e564167385\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c43e4a30-77cb-48ab-a4dd-93f175c63b57\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1f314764-cb73-4fc9-b863-8eca98ac36e9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-123a3936-f020-408a-ba0c-47873faf1534\" : { \n \"value\" : \"AuditIfNotExists\"\n }\n}\n', '', reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), parameters('logAnalyticsWorkspaceResourceGroupName')), 'Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName')), '2021-06-01').customerId))))[variables('modifiedAssignment')].parameters]" @@ -4016,7 +4036,7 @@ "type": "Microsoft.Authorization/policyAssignments", "apiVersion": "2020-09-01", "name": "[variables('agentVmssAssignmentName')]", - "location": "[resourceGroup().location]", + "location": "[parameters('location')]", "properties": { "policyDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/75714362-cae7-409e-9b99-a8e5075b7fad", "parameters": { @@ -4033,7 +4053,7 @@ "type": "Microsoft.Authorization/policyAssignments", "apiVersion": "2020-09-01", "name": "[variables('agentVmAssignmentName')]", - "location": "[resourceGroup().location]", + "location": "[parameters('location')]", "properties": { "policyDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/55f3eceb-5573-4f18-9695-226972c6d74a", "parameters": { @@ -4126,8 +4146,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "17084517484392773483" + "version": "0.4.1272.37030", + "templateHash": "6737383255098096059" } }, "parameters": { @@ -4202,13 +4222,16 @@ "value": "[parameters('policy')]" }, "logAnalyticsWorkspaceName": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.name.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.name.value]" }, "logAnalyticsWorkspaceResourceGroupName": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.resourceGroupName.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.resourceGroupName.value]" }, "operationsSubscriptionId": { "value": "[parameters('operationsSubscriptionId')]" + }, + "location": { + "value": "[parameters('location')]" } }, "template": { @@ -4217,8 +4240,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "11502515675173143648" + "version": "0.4.1272.37030", + "templateHash": "18107093368850779190" } }, "parameters": { @@ -4249,6 +4272,13 @@ "metadata": { "description": "Starts a policy remediation for the VM Agent policies in hub RG. Set to false by default since this is time consuming in deployment." } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]", + "metadata": { + "description": "The location of this resource" + } } }, "variables": { @@ -4264,7 +4294,7 @@ "type": "Microsoft.Authorization/policyAssignments", "apiVersion": "2020-09-01", "name": "[variables('assignmentName')]", - "location": "[resourceGroup().location]", + "location": "[parameters('location')]", "properties": { "policyDefinitionId": "[createObject('NIST', createObject('id', '/providers/Microsoft.Authorization/policySetDefinitions/cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f', 'parameters', json(replace(' {\n \"listOfMembersToExcludeFromWindowsVMAdministratorsGroup\": \n {\n \"value\": \"admin\"\n },\n \"listOfMembersToIncludeInWindowsVMAdministratorsGroup\": \n {\n \"value\": \"azureuser\"\n },\n \"logAnalyticsWorkspaceIdforVMReporting\": \n {\n \"value\": \"\"\n },\n \"IncludeArcMachines\": \n {\n \"value\": \"true\"\n },\n \"MinimumTLSVersion-5752e6d6-1206-46d8-8ab1-ecc2f71a8112\": \n {\n \"value\": \"1.2\"\n },\n \"NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40\": \n {\n \"value\": \"Compliant\"\n },\n \"requiredRetentionDays\": \n {\n \"value\": \"365\"\n },\n \"resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6\": \n {\n \"value\": \"NetworkWatcherRG\"\n }\n }', '', extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), parameters('logAnalyticsWorkspaceResourceGroupName')), 'Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))))), 'IL5', createObject('id', '/providers/Microsoft.Authorization/policySetDefinitions/f9a961fa-3241-4b20-adc4-bbf8ad9d7197', 'parameters', json(replace('{\n \"IncludeArcMachines\" : { \n \"value\" : \"false\"\n },\n \"NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40\" : { \n \"value\" : \"Compliant\"\n },\n \"MinimumTLSVersionForWindowsServers\" : { \n \"value\" : \"1.2\"\n },\n \"requiredRetentionDays\" : { \n \"value\" : \"365\"\n },\n \"effect-febd0533-8e55-448f-b837-bd0e06f16469\" : { \n \"value\" : \"audit\"\n },\n \"allowedContainerImagesRegex-febd0533-8e55-448f-b837-bd0e06f16469\" : { \n \"value\" : \"^(.+){0}$\"\n },\n \"effect-95edb821-ddaf-4404-9732-666045e056b4\" : { \n \"value\" : \"audit\"\n },\n \"effect-440b515e-a580-421e-abeb-b159a61ddcbc\" : { \n \"value\" : \"audit\"\n },\n \"effect-233a2a17-77ca-4fb1-9b6b-69223d272a44\" : { \n \"value\" : \"audit\"\n },\n \"effect-e345eecc-fa47-480f-9e88-67dcc122b164\" : { \n \"value\" : \"audit\"\n },\n \"cpuLimit-e345eecc-fa47-480f-9e88-67dcc122b164\" : { \n \"value\" : \"0\"\n },\n \"memoryLimit-e345eecc-fa47-480f-9e88-67dcc122b164\" : { \n \"value\" : \"0\"\n },\n \"effect-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"audit\"\n },\n \"runAsUserRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"MustRunAsNonRoot\"\n },\n \"runAsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"RunAsAny\"\n },\n \"supplementalGroupsRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"RunAsAny\"\n },\n \"fsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"RunAsAny\"\n },\n \"effect-1c6e92c9-99f0-4e55-9cf2-0c234dc48f99\" : { \n \"value\" : \"audit\"\n },\n \"effect-47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8\" : { \n \"value\" : \"audit\"\n },\n \"effect-df49d893-a74c-421d-bc95-c663042e5b80\" : { \n \"value\" : \"audit\"\n },\n \"effect-1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d\" : { \n \"value\" : \"audit\"\n },\n \"effect-c26596ff-4d70-4e6a-9a30-c2506bd2f80c\" : { \n \"value\" : \"audit\"\n },\n \"effect-511f5417-5d12-434d-ab2e-816901e72a5e\" : { \n \"value\" : \"audit\"\n },\n \"effect-82985f06-dc18-4a48-bc1c-b9f4f0098cfe\" : { \n \"value\" : \"audit\"\n },\n \"effect-098fc59e-46c7-4d99-9b16-64990e543d75\" : { \n \"value\" : \"audit\"\n },\n \"NetworkWatcherResourceGroupName\" : { \n \"value\" : \"NetworkWatcherRG\"\n },\n \"setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9\" : { \n \"value\" : \"enabled\"\n },\n \"aadAuthenticationInServiceFabricMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"effect-71ef260a-8f18-47b7-abcb-62d0673d94dc\" : { \n \"value\" : \"Audit\"\n },\n \"effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66\" : { \n \"value\" : \"Audit\"\n },\n \"effect-862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d9da03a1-f3c3-412a-9709-947156872263\" : { \n \"value\" : \"Audit\"\n },\n \"effect-617c02be-7f02-4efd-8836-3180d47b6c68\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c349d81b-9985-44ae-a8da-ff98d108ede8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-3657f5a0-770e-44a3-b44e-9431ba1e9735\" : { \n \"value\" : \"Audit\"\n },\n \"effect-b4ac1030-89c5-4697-8e00-28b5ba6a8811\" : { \n \"value\" : \"audit\"\n },\n \"effect-ea0dfaed-95fb-448c-934e-d6e713ce393d\" : { \n \"value\" : \"audit\"\n },\n \"effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a\" : { \n \"value\" : \"Audit\"\n },\n \"effect-f4b53539-8df9-40e4-86c6-6b607703bd4e\" : { \n \"value\" : \"Audit\"\n },\n \"effect-41425d9f-d1a5-499a-9932-f8ed8453932c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-fc4d8e41-e223-45ea-9bf5-eada37891d87\" : { \n \"value\" : \"Audit\"\n },\n \"effect-86efb160-8de7-451d-bc08-5d475b0aadae\" : { \n \"value\" : \"Audit\"\n },\n \"effect-4ec52d6d-beb7-40c4-9a9e-fe753254690e\" : { \n \"value\" : \"Audit\"\n },\n \"effect-64d314f6-6062-4780-a861-c23e8951bee5\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-fa298e57-9444-42ba-bf04-86e8470e32c7\" : { \n \"value\" : \"audit\"\n },\n \"effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1f905d99-2ab7-462c-a6b0-f709acca6c8f\" : { \n \"value\" : \"audit\"\n },\n \"effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ba769a63-b8cc-4b2d-abf6-ac33c7204be8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-81e74cea-30fd-40d5-802f-d72103c2aaaa\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0aa61e00-0a01-4a3c-9945-e93cffedf0e6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-47031206-ce96-41f8-861b-6a915f3de284\" : { \n \"value\" : \"Audit\"\n },\n \"effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7\" : { \n \"value\" : \"audit\"\n },\n \"effect-51522a96-0869-4791-82f3-981000c2c67f\" : { \n \"value\" : \"audit\"\n },\n \"effect-b5ec538c-daa0-4006-8596-35468b9148e8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-56a5ee18-2ae6-4810-86f7-18e39ce5629b\" : { \n \"value\" : \"Audit\"\n },\n \"effect-2e94d99a-8a36-4563-bc77-810d8893b671\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5\" : { \n \"value\" : \"Audit\"\n },\n \"effect-99e9ccd8-3db9-4592-b0d1-14b1715a4d8a\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1f68a601-6e6d-4e42-babf-3f643a047ea2\" : { \n \"value\" : \"audit\"\n },\n \"effect-f7d52b2d-e161-4dfa-a82b-55e564167385\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ca91455f-eace-4f96-be59-e6e2c35b4816\" : { \n \"value\" : \"Audit\"\n },\n \"effect-702dd420-7fcc-42c5-afe8-4026edd20fe0\" : { \n \"value\" : \"Audit\"\n },\n \"diagnosticsLogsInRedisCacheMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"secureTransferToStorageAccountMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d0793b48-0edc-4296-a390-4c75d1bdfd71\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7d092e0a-7acd-40d2-a975-dca21cae48c4\" : { \n \"value\" : \"Audit\"\n },\n \"effect-2a1a9cdf-e04d-429a-8416-3bfb72a1b26f\" : { \n \"value\" : \"Audit\"\n },\n \"disableUnrestrictedNetworkToStorageAccountMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"effect-55615ac9-af46-4a59-874e-391cc3dfb490\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1b8ca024-1d5c-4dec-8995-b1a932b41780\" : { \n \"value\" : \"Audit\"\n },\n \"effect-037eea7a-bd0a-46c5-9a66-03aea78705d3\" : { \n \"value\" : \"Audit\"\n },\n \"effect-53503636-bcc9-4748-9663-5348217f160f\" : { \n \"value\" : \"Audit\"\n },\n \"effect-40cec1dd-a100-4920-b15b-3024fe8901ab\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0725b4dd-7e76-479c-a735-68e7ee23d5ca\" : { \n \"value\" : \"Audit\"\n },\n \"effect-a049bf77-880b-470f-ba6d-9f21c530cf83\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ee980b6d-0eca-4501-8d54-f6290fd512c3\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1d84d5fb-01f6-4d12-ba4f-4a26081d403d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-37e0d2fe-28a5-43d6-a273-67d37d1f5606\" : { \n \"value\" : \"Audit\"\n },\n \"identityDesignateMoreThanOneOwnerMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"diskEncryptionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"emailNotificationToSubscriptionOwnerHighSeverityAlertsEnabledEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"functionAppDisableRemoteDebuggingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"sqlDbEncryptionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vulnerabilityAssessmentOnManagedInstanceMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePHPVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"aadAuthenticationInSqlServerMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vmssEndpointProtectionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vmssOsVulnerabilitiesMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"adaptiveApplicationControlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"geoRedundantBackupShouldBeEnabledForAzureDatabaseForPostgreSQLEffect\" : { \n \"value\" : \"Audit\"\n },\n \"ensureJavaVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityDesignateLessThanOwnersMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"securityContactEmailAddressForSubscriptionEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"webAppRestrictCORSAccessMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveExternalAccountWithWritePermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveExternalAccountWithReadPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveDeprecatedAccountMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"functionAppEnforceHttpsMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"ensurePythonVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePythonVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePHPVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePythonVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"geoRedundantBackupShouldBeEnabledForAzureDatabaseForMySQLEffect\" : { \n \"value\" : \"Audit\"\n },\n \"systemUpdatesMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureJavaVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureHTTPVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"apiAppRequireLatestTlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityEnableMFAForWritePermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureHTTPVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureJavaVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"nextGenerationFirewallMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"useRbacRulesMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"webAppEnforceHttpsMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"sqlServerAuditingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vnetEnableDDoSProtectionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityEnableMFAForOwnerPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"sqlServerAdvancedDataSecurityMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"sqlManagedInstanceAdvancedDataSecurityMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"endpointProtectionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"jitNetworkAccessMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"apiAppEnforceHttpsMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"geoRedundantStorageShouldBeEnabledForStorageAccountsEffect\" : { \n \"value\" : \"Audit\"\n },\n \"vmssSystemUpdatesMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"webAppDisableRemoteDebuggingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"longtermGeoRedundantBackupEnabledAzureSQLDatabasesEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"systemConfigurationsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureHTTPVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityEnableMFAForReadPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"containerBenchmarkMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"apiAppDisableRemoteDebuggingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveDeprecatedAccountWithOwnerPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vulnerabilityAssessmentOnServerMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"webAppRequireLatestTlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveExternalAccountWithOwnerPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"functionAppRequireLatestTlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"kubernetesServiceVersionUpToDateMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"sqlDbVulnerabilityAssesmentMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"membersToIncludeInLocalAdministratorsGroup\" : { \n \"value\" : \"\"\n },\n \"membersToExcludeInLocalAdministratorsGroup\" : { \n \"value\" : \"\"\n },\n \"logAnalyticsWorkspaceIDForVMAgents\" : { \n \"value\" : \"\"\n },\n \"PHPLatestVersionForAppServices\" : { \n \"value\" : \"7.4\"\n },\n \"JavaLatestVersionForAppServices\" : { \n \"value\" : \"11\"\n },\n \"WindowsPythonLatestVersionForAppServices\" : { \n \"value\" : \"3.6\"\n },\n \"LinuxPythonLatestVersionForAppServices\" : { \n \"value\" : \"3.9\"\n },\n \"ensureDotNetFrameworkLatestForFunctionAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlManagedInstanceAdvancedDataSecurityEmailsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"vulnerabilityAssessmentMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"ensureDotNetFrameworkLatestForWebAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlServerAdvancedDataSecurityEmailsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"microsoftIaaSAntimalwareExtensionShouldBeDeployedOnWindowsServersEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"securityCenterStandardPricingTierShouldBeSelectedEffect\" : { \n \"value\" : \"Audit\"\n },\n \"theLogAnalyticsAgentShouldBeInstalledOnVirtualMachinesEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"ensurePHPVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlManagedInstanceAdvancedDataSecurityEmailAdminsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"securityContactPhoneNumberShouldBeProvidedForSubscriptionEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"threatDetectionTypesOnManagedInstanceMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"ensureDotNetFrameworkLatestForAPIAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlServerAdvancedDataSecurityEmailAdminsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"threatDetectionTypesOnServerMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"theLogAnalyticsAgentShouldBeInstalledOnVirtualMachineScaleSetsEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n }\n}', '', extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), parameters('logAnalyticsWorkspaceResourceGroupName')), 'Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))))), 'CMMC', createObject('id', '/providers/Microsoft.Authorization/policySetDefinitions/b5629c75-5c77-4422-87b9-2509e680f8de', 'parameters', json(replace('{\n \"logAnalyticsWorkspaceId-f47b5582-33ec-4c5c-87c0-b010a6b2e917\" : { \n \"value\" : \"\"\n },\n \"effect-09024ccc-0c5f-475e-9457-b7c0d9ed487b\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"MembersToExclude-69bf4abd-ca1e-4cf6-8b5a-762d42e61d4f\" :{\n \"value\": \"\"\n },\n \"MembersToInclude-30f71ea1-ac77-4f26-9fc5-2d926bbd4ba7\": {\n \"value\": \"\"\n },\n \"effect-0961003e-5a0a-4549-abde-af6a37f2724d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0b15565f-aa9e-48ba-8619-45960f2c314d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0e60b895-3786-45da-8377-9c6b4b6ac5f9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-17k78e20-9358-41c9-923c-fb736d382a12\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-1bc1795e-d44a-4d48-9b3b-6fff0fd5f9ba\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"PHPLatestVersion\" : { \n \"value\" : \"7.3\"\n },\n \"effect-22bee202-a82f-4305-9a2a-6d7f44d4dedb\" : { \n \"value\" : \"Audit\"\n },\n \"effect-26a828e1-e88f-464e-bbb3-c134a282b9de\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-34c877ad-507e-4c82-993e-3452a6e0ad3c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-3c735d8a-a4ba-4a3a-b7cf-db7754cf57f4\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-404c3081-a854-4457-ae30-26a93ef643f9\" : { \n \"value\" : \"Audit\"\n },\n \"effect-47a6b606-51aa-4496-8bb7-64b11cf66adc\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-496223c3-ad65-4ecd-878a-bae78737e9ed\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"JavaLatestVersion\" : { \n \"value\" : \"11\"\n },\n \"effect-4f11b553-d42e-4e3a-89be-32ca364cad4c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-5c607a2e-c700-4744-8254-d77e7c9eb5e4\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-5f76cf89-fbf2-47fd-a3f4-b891fa780b60\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-6b1cbf55-e8b6-442f-ba4c-7246b6381474\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-6d555dd1-86f2-4f1c-8ed7-5abae7c6cbab\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7008174a-fd10-4ef0-817e-fc820a951d73\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"LinuxPythonLatestVersion\" : { \n \"value\" : \"3.8\"\n },\n \"effect-7238174a-fd10-4ef0-817e-fc820a951d73\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-7261b898-8a84-4db8-9e04-18527132abb3\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-74c3584d-afae-46f7-a20a-6f8adba71a16\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-86b3d65f-7626-441e-b690-81a8b71cff60\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-88999f4c-376a-45c8-bcb3-4058f713cf39\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-8c122334-9d20-4eb8-89ea-ac9a705b74ae\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-8cb6aa8b-9e41-4f4e-aa25-089a7ac2581e\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9297c21d-2ed6-4474-b48f-163f75654ce3\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-991310cd-e9f3-47bc-b7b6-f57b557d07db\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9b597639-28e4-48eb-b506-56b05d366257\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9d0b6ea4-93e2-4578-bf2f-6bb17d22b4bc\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9daedab3-fb2d-461e-b861-71790eead4f6\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-a4af4a39-4135-47fb-b175-47fbdf85311d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9\" : { \n \"value\" : \"enabled\"\n },\n \"effect-a70ca396-0a34-413a-88e1-b956c1e683be\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-aa633080-8b72-40c4-a2d7-d00c03e80bed\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-abfb4388-5bf4-4ad7-ba82-2cd2f41ceae9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-abfb7388-5bf4-4ad7-ba99-2cd2f41cebb9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-af6cd1bd-1635-48cb-bde7-5b15693900b9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6\" : { \n \"value\" : \"NetworkWatcherRG\"\n },\n \"effect-b7ddfbdc-1260-477d-91fd-98bd9be789a6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c3f317a7-a95c-4547-b7e7-11017ebdf2fe\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-cb510bfd-1cba-4d9f-a230-cb0976f4bb71\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e2c1c086-2d84-4019-bff3-c44ccd95113c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e3576e28-8b17-4677-84c3-db2990658d64\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e8cbc669-f12d-49eb-93e7-9273119e9933\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e9c8d085-d9cc-4b17-9cdc-059f1f01f19e\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ebb62a0c-3560-49e1-89ed-27e074e9f8ad\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-efbde977-ba53-4479-b8e9-10b957924fbf\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f6de0be7-9a8a-4b8a-b349-43cf02d22f7c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f8456c1c-aa66-4dfb-861a-25d127b775c9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f9d614c5-c173-4d56-95a7-b4437057d193\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-fb893a29-21bb-418c-a157-e99480ec364c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-feedbf84-6b99-488c-acc2-71c829aa5ffc\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-3b980d31-7904-4bb7-8575-5665739a8052\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-6e2593d9-add6-4083-9c9b-4b7d2188c899\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b607c5de-e7d9-4eee-9e5c-83f1bcee4fa0\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-12430be1-6cc8-4527-a9a8-e3d38f250096\" : { \n \"value\" : \"Audit\"\n },\n \"modeRequirement-12430be1-6cc8-4527-a9a8-e3d38f250096\" : { \n \"value\" : \"Detection\"\n },\n \"effect-425bea59-a659-4cbb-8d31-34499bd030b8\" : { \n \"value\" : \"Audit\"\n },\n \"modeRequirement-425bea59-a659-4cbb-8d31-34499bd030b8\" : { \n \"value\" : \"Detection\"\n },\n \"effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66\" : { \n \"value\" : \"Audit\"\n },\n \"effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-013e242c-8828-4970-87b3-ab247555486d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-d38fc420-0735-4ef3-ac11-c806f651a570\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-a1181c5f-672a-477a-979a-7d58aa086233\" : { \n \"value\" : \"Audit\"\n },\n \"effect-308fbb08-4ab8-4e67-9b29-592e93fb94fa\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-4da35fc9-c9e7-4960-aec9-797fe7d9051d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-523b5cd1-3e23-492f-a539-13118b6d1e3a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-7fe3b40f-802b-4cdd-8bd4-fd799c948cc2\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-c25d9a16-bc35-4e15-a7e5-9db606bf9ed4\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b0f33259-77d7-4c9e-aac6-3aabcfae693c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-037eea7a-bd0a-46c5-9a66-03aea78705d3\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0725b4dd-7e76-479c-a735-68e7ee23d5ca\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0820b7b9-23aa-4725-a1ce-ae4558f718e5\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-2c89a2e5-7285-40fe-afe0-ae8654b92fab\" : { \n \"value\" : \"Audit\"\n },\n \"effect-358c20a6-3f9e-4f0e-97ff-c6ce485e2aac\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-5744710e-cc2f-4ee8-8809-3b11e89f4bc9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ac4a19c2-fa67-49b4-8ae5-0b2e78c49457\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c9d007d0-c057-4772-b18c-01e546713bcd\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d0793b48-0edc-4296-a390-4c75d1bdfd71\" : { \n \"value\" : \"Audit\"\n },\n \"effect-e372f825-a257-4fb8-9175-797a8a8627d6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d158790f-bfb0-486c-8631-2dc6b4e8e6af\" : { \n \"value\" : \"Audit\"\n },\n \"effect-e802a67a-daf5-4436-9ea6-f6d821dd0c5d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-a451c1ef-c6ca-483d-87ed-f49761e3ffb5\" : { \n \"value\" : \"Audit\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftSql-servers-firewallRules-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftNetwork-networkSecurityGroups-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftClassicNetwork-networkSecurityGroups-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftNetwork-networkSecurityGroups-securityRules-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftClassicNetwork-networkSecurityGroups-securityRules-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ae89ebca-1c92-4898-ac2c-9f63decb045c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-d26f7642-7545-4e18-9b75-8c9bbdee3a9a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-1a4e592a-6a6e-44a5-9814-e36264ca96e7\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-7796937f-307b-4598-941c-67d3a05ebfe7\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-c5447c04-a4d7-4ba8-a263-c9ee321a6858\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-41388f1c-2db0-4c25-95b2-35d7f5ccbfa9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b02aacc0-b073-424e-8298-42b22829ee0a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-057d6cfe-9c4f-4a6d-bc60-14420ea1f1a9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0ec47710-77ff-4a3d-9181-6aa50af424d0\" : { \n \"value\" : \"Audit\"\n },\n \"effect-48af4db5-9b8b-401c-8e74-076be876a430\" : { \n \"value\" : \"Audit\"\n },\n \"effect-82339799-d096-41ae-8538-b108becf0970\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1b7aa243-30e4-4c9e-bca8-d0d3022b634a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ef2a8f2a-b3d9-49cd-a8a8-9a3aaaf647d9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-bb91dfba-c30d-4263-9add-9c2384e659a6\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e71308d3-144b-4262-b144-efdc3cc90517\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-2bdd0062-9d75-436e-89df-487dd8e4b3c7\" : { \n \"value\" : \"Disabled\"\n },\n \"effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a\" : { \n \"value\" : \"Audit\"\n },\n \"effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-6fac406b-40ca-413b-bf8e-0bf964659c25\" : { \n \"value\" : \"Audit\"\n },\n \"effect-81e74cea-30fd-40d5-802f-d72103c2aaaa\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c349d81b-9985-44ae-a8da-ff98d108ede8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-f4b53539-8df9-40e4-86c6-6b607703bd4e\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1\" : { \n \"value\" : \"Audit\"\n },\n \"effect-048248b0-55cd-46da-b1ff-39efd52db260\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0d134df8-db83-46fb-ad72-fe0c9428c8dd\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-2c89a2e5-7285-40fe-afe0-ae8654b92fb2\" : { \n \"value\" : \"Audit\"\n },\n \"effect-3657f5a0-770e-44a3-b44e-9431ba1e9735\" : { \n \"value\" : \"Audit\"\n },\n \"effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580\" : { \n \"value\" : \"Audit\"\n },\n \"effect-617c02be-7f02-4efd-8836-3180d47b6c68\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67\" : { \n \"value\" : \"Audit\"\n },\n \"effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7\" : { \n \"value\" : \"audit\"\n },\n \"effect-f7d52b2d-e161-4dfa-a82b-55e564167385\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c43e4a30-77cb-48ab-a4dd-93f175c63b57\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1f314764-cb73-4fc9-b863-8eca98ac36e9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-123a3936-f020-408a-ba0c-47873faf1534\" : { \n \"value\" : \"AuditIfNotExists\"\n }\n}\n', '', reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), parameters('logAnalyticsWorkspaceResourceGroupName')), 'Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName')), '2021-06-01').customerId))))[variables('modifiedAssignment')].id]", "parameters": "[createObject('NIST', createObject('id', '/providers/Microsoft.Authorization/policySetDefinitions/cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f', 'parameters', json(replace(' {\n \"listOfMembersToExcludeFromWindowsVMAdministratorsGroup\": \n {\n \"value\": \"admin\"\n },\n \"listOfMembersToIncludeInWindowsVMAdministratorsGroup\": \n {\n \"value\": \"azureuser\"\n },\n \"logAnalyticsWorkspaceIdforVMReporting\": \n {\n \"value\": \"\"\n },\n \"IncludeArcMachines\": \n {\n \"value\": \"true\"\n },\n \"MinimumTLSVersion-5752e6d6-1206-46d8-8ab1-ecc2f71a8112\": \n {\n \"value\": \"1.2\"\n },\n \"NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40\": \n {\n \"value\": \"Compliant\"\n },\n \"requiredRetentionDays\": \n {\n \"value\": \"365\"\n },\n \"resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6\": \n {\n \"value\": \"NetworkWatcherRG\"\n }\n }', '', extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), parameters('logAnalyticsWorkspaceResourceGroupName')), 'Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))))), 'IL5', createObject('id', '/providers/Microsoft.Authorization/policySetDefinitions/f9a961fa-3241-4b20-adc4-bbf8ad9d7197', 'parameters', json(replace('{\n \"IncludeArcMachines\" : { \n \"value\" : \"false\"\n },\n \"NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40\" : { \n \"value\" : \"Compliant\"\n },\n \"MinimumTLSVersionForWindowsServers\" : { \n \"value\" : \"1.2\"\n },\n \"requiredRetentionDays\" : { \n \"value\" : \"365\"\n },\n \"effect-febd0533-8e55-448f-b837-bd0e06f16469\" : { \n \"value\" : \"audit\"\n },\n \"allowedContainerImagesRegex-febd0533-8e55-448f-b837-bd0e06f16469\" : { \n \"value\" : \"^(.+){0}$\"\n },\n \"effect-95edb821-ddaf-4404-9732-666045e056b4\" : { \n \"value\" : \"audit\"\n },\n \"effect-440b515e-a580-421e-abeb-b159a61ddcbc\" : { \n \"value\" : \"audit\"\n },\n \"effect-233a2a17-77ca-4fb1-9b6b-69223d272a44\" : { \n \"value\" : \"audit\"\n },\n \"effect-e345eecc-fa47-480f-9e88-67dcc122b164\" : { \n \"value\" : \"audit\"\n },\n \"cpuLimit-e345eecc-fa47-480f-9e88-67dcc122b164\" : { \n \"value\" : \"0\"\n },\n \"memoryLimit-e345eecc-fa47-480f-9e88-67dcc122b164\" : { \n \"value\" : \"0\"\n },\n \"effect-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"audit\"\n },\n \"runAsUserRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"MustRunAsNonRoot\"\n },\n \"runAsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"RunAsAny\"\n },\n \"supplementalGroupsRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"RunAsAny\"\n },\n \"fsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042\" : { \n \"value\" : \"RunAsAny\"\n },\n \"effect-1c6e92c9-99f0-4e55-9cf2-0c234dc48f99\" : { \n \"value\" : \"audit\"\n },\n \"effect-47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8\" : { \n \"value\" : \"audit\"\n },\n \"effect-df49d893-a74c-421d-bc95-c663042e5b80\" : { \n \"value\" : \"audit\"\n },\n \"effect-1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d\" : { \n \"value\" : \"audit\"\n },\n \"effect-c26596ff-4d70-4e6a-9a30-c2506bd2f80c\" : { \n \"value\" : \"audit\"\n },\n \"effect-511f5417-5d12-434d-ab2e-816901e72a5e\" : { \n \"value\" : \"audit\"\n },\n \"effect-82985f06-dc18-4a48-bc1c-b9f4f0098cfe\" : { \n \"value\" : \"audit\"\n },\n \"effect-098fc59e-46c7-4d99-9b16-64990e543d75\" : { \n \"value\" : \"audit\"\n },\n \"NetworkWatcherResourceGroupName\" : { \n \"value\" : \"NetworkWatcherRG\"\n },\n \"setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9\" : { \n \"value\" : \"enabled\"\n },\n \"aadAuthenticationInServiceFabricMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"effect-71ef260a-8f18-47b7-abcb-62d0673d94dc\" : { \n \"value\" : \"Audit\"\n },\n \"effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66\" : { \n \"value\" : \"Audit\"\n },\n \"effect-862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d9da03a1-f3c3-412a-9709-947156872263\" : { \n \"value\" : \"Audit\"\n },\n \"effect-617c02be-7f02-4efd-8836-3180d47b6c68\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c349d81b-9985-44ae-a8da-ff98d108ede8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-3657f5a0-770e-44a3-b44e-9431ba1e9735\" : { \n \"value\" : \"Audit\"\n },\n \"effect-b4ac1030-89c5-4697-8e00-28b5ba6a8811\" : { \n \"value\" : \"audit\"\n },\n \"effect-ea0dfaed-95fb-448c-934e-d6e713ce393d\" : { \n \"value\" : \"audit\"\n },\n \"effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a\" : { \n \"value\" : \"Audit\"\n },\n \"effect-f4b53539-8df9-40e4-86c6-6b607703bd4e\" : { \n \"value\" : \"Audit\"\n },\n \"effect-41425d9f-d1a5-499a-9932-f8ed8453932c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-fc4d8e41-e223-45ea-9bf5-eada37891d87\" : { \n \"value\" : \"Audit\"\n },\n \"effect-86efb160-8de7-451d-bc08-5d475b0aadae\" : { \n \"value\" : \"Audit\"\n },\n \"effect-4ec52d6d-beb7-40c4-9a9e-fe753254690e\" : { \n \"value\" : \"Audit\"\n },\n \"effect-64d314f6-6062-4780-a861-c23e8951bee5\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-fa298e57-9444-42ba-bf04-86e8470e32c7\" : { \n \"value\" : \"audit\"\n },\n \"effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1f905d99-2ab7-462c-a6b0-f709acca6c8f\" : { \n \"value\" : \"audit\"\n },\n \"effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ba769a63-b8cc-4b2d-abf6-ac33c7204be8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-81e74cea-30fd-40d5-802f-d72103c2aaaa\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0aa61e00-0a01-4a3c-9945-e93cffedf0e6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-47031206-ce96-41f8-861b-6a915f3de284\" : { \n \"value\" : \"Audit\"\n },\n \"effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7\" : { \n \"value\" : \"audit\"\n },\n \"effect-51522a96-0869-4791-82f3-981000c2c67f\" : { \n \"value\" : \"audit\"\n },\n \"effect-b5ec538c-daa0-4006-8596-35468b9148e8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-56a5ee18-2ae6-4810-86f7-18e39ce5629b\" : { \n \"value\" : \"Audit\"\n },\n \"effect-2e94d99a-8a36-4563-bc77-810d8893b671\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5\" : { \n \"value\" : \"Audit\"\n },\n \"effect-99e9ccd8-3db9-4592-b0d1-14b1715a4d8a\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1f68a601-6e6d-4e42-babf-3f643a047ea2\" : { \n \"value\" : \"audit\"\n },\n \"effect-f7d52b2d-e161-4dfa-a82b-55e564167385\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ca91455f-eace-4f96-be59-e6e2c35b4816\" : { \n \"value\" : \"Audit\"\n },\n \"effect-702dd420-7fcc-42c5-afe8-4026edd20fe0\" : { \n \"value\" : \"Audit\"\n },\n \"diagnosticsLogsInRedisCacheMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"secureTransferToStorageAccountMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d0793b48-0edc-4296-a390-4c75d1bdfd71\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7d092e0a-7acd-40d2-a975-dca21cae48c4\" : { \n \"value\" : \"Audit\"\n },\n \"effect-2a1a9cdf-e04d-429a-8416-3bfb72a1b26f\" : { \n \"value\" : \"Audit\"\n },\n \"disableUnrestrictedNetworkToStorageAccountMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"effect-55615ac9-af46-4a59-874e-391cc3dfb490\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1b8ca024-1d5c-4dec-8995-b1a932b41780\" : { \n \"value\" : \"Audit\"\n },\n \"effect-037eea7a-bd0a-46c5-9a66-03aea78705d3\" : { \n \"value\" : \"Audit\"\n },\n \"effect-53503636-bcc9-4748-9663-5348217f160f\" : { \n \"value\" : \"Audit\"\n },\n \"effect-40cec1dd-a100-4920-b15b-3024fe8901ab\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0725b4dd-7e76-479c-a735-68e7ee23d5ca\" : { \n \"value\" : \"Audit\"\n },\n \"effect-a049bf77-880b-470f-ba6d-9f21c530cf83\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ee980b6d-0eca-4501-8d54-f6290fd512c3\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1d84d5fb-01f6-4d12-ba4f-4a26081d403d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-37e0d2fe-28a5-43d6-a273-67d37d1f5606\" : { \n \"value\" : \"Audit\"\n },\n \"identityDesignateMoreThanOneOwnerMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"diskEncryptionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"emailNotificationToSubscriptionOwnerHighSeverityAlertsEnabledEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"functionAppDisableRemoteDebuggingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"sqlDbEncryptionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vulnerabilityAssessmentOnManagedInstanceMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePHPVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"aadAuthenticationInSqlServerMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vmssEndpointProtectionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vmssOsVulnerabilitiesMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"adaptiveApplicationControlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"geoRedundantBackupShouldBeEnabledForAzureDatabaseForPostgreSQLEffect\" : { \n \"value\" : \"Audit\"\n },\n \"ensureJavaVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityDesignateLessThanOwnersMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"securityContactEmailAddressForSubscriptionEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"webAppRestrictCORSAccessMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveExternalAccountWithWritePermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveExternalAccountWithReadPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveDeprecatedAccountMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"functionAppEnforceHttpsMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"ensurePythonVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePythonVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePHPVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensurePythonVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"geoRedundantBackupShouldBeEnabledForAzureDatabaseForMySQLEffect\" : { \n \"value\" : \"Audit\"\n },\n \"systemUpdatesMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureJavaVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureHTTPVersionLatestForWebAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"apiAppRequireLatestTlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityEnableMFAForWritePermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureHTTPVersionLatestForAPIAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureJavaVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"nextGenerationFirewallMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"useRbacRulesMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"webAppEnforceHttpsMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"sqlServerAuditingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vnetEnableDDoSProtectionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityEnableMFAForOwnerPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"sqlServerAdvancedDataSecurityMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"sqlManagedInstanceAdvancedDataSecurityMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"endpointProtectionMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"jitNetworkAccessMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"apiAppEnforceHttpsMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"geoRedundantStorageShouldBeEnabledForStorageAccountsEffect\" : { \n \"value\" : \"Audit\"\n },\n \"vmssSystemUpdatesMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"webAppDisableRemoteDebuggingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"longtermGeoRedundantBackupEnabledAzureSQLDatabasesEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"systemConfigurationsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"ensureHTTPVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityEnableMFAForReadPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"containerBenchmarkMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"apiAppDisableRemoteDebuggingMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveDeprecatedAccountWithOwnerPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"vulnerabilityAssessmentOnServerMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"webAppRequireLatestTlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"identityRemoveExternalAccountWithOwnerPermissionsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"functionAppRequireLatestTlsMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"kubernetesServiceVersionUpToDateMonitoringEffect\" : { \n \"value\" : \"Audit\"\n },\n \"sqlDbVulnerabilityAssesmentMonitoringEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"membersToIncludeInLocalAdministratorsGroup\" : { \n \"value\" : \"\"\n },\n \"membersToExcludeInLocalAdministratorsGroup\" : { \n \"value\" : \"\"\n },\n \"logAnalyticsWorkspaceIDForVMAgents\" : { \n \"value\" : \"\"\n },\n \"PHPLatestVersionForAppServices\" : { \n \"value\" : \"7.4\"\n },\n \"JavaLatestVersionForAppServices\" : { \n \"value\" : \"11\"\n },\n \"WindowsPythonLatestVersionForAppServices\" : { \n \"value\" : \"3.6\"\n },\n \"LinuxPythonLatestVersionForAppServices\" : { \n \"value\" : \"3.9\"\n },\n \"ensureDotNetFrameworkLatestForFunctionAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlManagedInstanceAdvancedDataSecurityEmailsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"vulnerabilityAssessmentMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"ensureDotNetFrameworkLatestForWebAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlServerAdvancedDataSecurityEmailsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"microsoftIaaSAntimalwareExtensionShouldBeDeployedOnWindowsServersEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"securityCenterStandardPricingTierShouldBeSelectedEffect\" : { \n \"value\" : \"Audit\"\n },\n \"theLogAnalyticsAgentShouldBeInstalledOnVirtualMachinesEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"ensurePHPVersionLatestForFunctionAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlManagedInstanceAdvancedDataSecurityEmailAdminsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"securityContactPhoneNumberShouldBeProvidedForSubscriptionEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"threatDetectionTypesOnManagedInstanceMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"ensureDotNetFrameworkLatestForAPIAppEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"sqlServerAdvancedDataSecurityEmailAdminsMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"threatDetectionTypesOnServerMonitoringEffect\" : { \n \"value\" : \"Disabled\"\n },\n \"theLogAnalyticsAgentShouldBeInstalledOnVirtualMachineScaleSetsEffect\" : { \n \"value\" : \"AuditIfNotExists\"\n }\n}', '', extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), parameters('logAnalyticsWorkspaceResourceGroupName')), 'Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName'))))), 'CMMC', createObject('id', '/providers/Microsoft.Authorization/policySetDefinitions/b5629c75-5c77-4422-87b9-2509e680f8de', 'parameters', json(replace('{\n \"logAnalyticsWorkspaceId-f47b5582-33ec-4c5c-87c0-b010a6b2e917\" : { \n \"value\" : \"\"\n },\n \"effect-09024ccc-0c5f-475e-9457-b7c0d9ed487b\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"MembersToExclude-69bf4abd-ca1e-4cf6-8b5a-762d42e61d4f\" :{\n \"value\": \"\"\n },\n \"MembersToInclude-30f71ea1-ac77-4f26-9fc5-2d926bbd4ba7\": {\n \"value\": \"\"\n },\n \"effect-0961003e-5a0a-4549-abde-af6a37f2724d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0b15565f-aa9e-48ba-8619-45960f2c314d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0e60b895-3786-45da-8377-9c6b4b6ac5f9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-17k78e20-9358-41c9-923c-fb736d382a12\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-1bc1795e-d44a-4d48-9b3b-6fff0fd5f9ba\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"PHPLatestVersion\" : { \n \"value\" : \"7.3\"\n },\n \"effect-22bee202-a82f-4305-9a2a-6d7f44d4dedb\" : { \n \"value\" : \"Audit\"\n },\n \"effect-26a828e1-e88f-464e-bbb3-c134a282b9de\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-34c877ad-507e-4c82-993e-3452a6e0ad3c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-3c735d8a-a4ba-4a3a-b7cf-db7754cf57f4\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-404c3081-a854-4457-ae30-26a93ef643f9\" : { \n \"value\" : \"Audit\"\n },\n \"effect-47a6b606-51aa-4496-8bb7-64b11cf66adc\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-496223c3-ad65-4ecd-878a-bae78737e9ed\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"JavaLatestVersion\" : { \n \"value\" : \"11\"\n },\n \"effect-4f11b553-d42e-4e3a-89be-32ca364cad4c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-5c607a2e-c700-4744-8254-d77e7c9eb5e4\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-5f76cf89-fbf2-47fd-a3f4-b891fa780b60\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-6b1cbf55-e8b6-442f-ba4c-7246b6381474\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-6d555dd1-86f2-4f1c-8ed7-5abae7c6cbab\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7008174a-fd10-4ef0-817e-fc820a951d73\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"LinuxPythonLatestVersion\" : { \n \"value\" : \"3.8\"\n },\n \"effect-7238174a-fd10-4ef0-817e-fc820a951d73\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-7261b898-8a84-4db8-9e04-18527132abb3\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-74c3584d-afae-46f7-a20a-6f8adba71a16\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-86b3d65f-7626-441e-b690-81a8b71cff60\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-88999f4c-376a-45c8-bcb3-4058f713cf39\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-8c122334-9d20-4eb8-89ea-ac9a705b74ae\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-8cb6aa8b-9e41-4f4e-aa25-089a7ac2581e\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9297c21d-2ed6-4474-b48f-163f75654ce3\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-991310cd-e9f3-47bc-b7b6-f57b557d07db\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9b597639-28e4-48eb-b506-56b05d366257\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9d0b6ea4-93e2-4578-bf2f-6bb17d22b4bc\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-9daedab3-fb2d-461e-b861-71790eead4f6\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-a4af4a39-4135-47fb-b175-47fbdf85311d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9\" : { \n \"value\" : \"enabled\"\n },\n \"effect-a70ca396-0a34-413a-88e1-b956c1e683be\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-aa633080-8b72-40c4-a2d7-d00c03e80bed\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-abfb4388-5bf4-4ad7-ba82-2cd2f41ceae9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-abfb7388-5bf4-4ad7-ba99-2cd2f41cebb9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-af6cd1bd-1635-48cb-bde7-5b15693900b9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6\" : { \n \"value\" : \"NetworkWatcherRG\"\n },\n \"effect-b7ddfbdc-1260-477d-91fd-98bd9be789a6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c3f317a7-a95c-4547-b7e7-11017ebdf2fe\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-cb510bfd-1cba-4d9f-a230-cb0976f4bb71\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e2c1c086-2d84-4019-bff3-c44ccd95113c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e3576e28-8b17-4677-84c3-db2990658d64\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e8cbc669-f12d-49eb-93e7-9273119e9933\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e9c8d085-d9cc-4b17-9cdc-059f1f01f19e\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ebb62a0c-3560-49e1-89ed-27e074e9f8ad\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-efbde977-ba53-4479-b8e9-10b957924fbf\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f6de0be7-9a8a-4b8a-b349-43cf02d22f7c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f8456c1c-aa66-4dfb-861a-25d127b775c9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-f9d614c5-c173-4d56-95a7-b4437057d193\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-fb893a29-21bb-418c-a157-e99480ec364c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-feedbf84-6b99-488c-acc2-71c829aa5ffc\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-3b980d31-7904-4bb7-8575-5665739a8052\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-6e2593d9-add6-4083-9c9b-4b7d2188c899\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b607c5de-e7d9-4eee-9e5c-83f1bcee4fa0\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-12430be1-6cc8-4527-a9a8-e3d38f250096\" : { \n \"value\" : \"Audit\"\n },\n \"modeRequirement-12430be1-6cc8-4527-a9a8-e3d38f250096\" : { \n \"value\" : \"Detection\"\n },\n \"effect-425bea59-a659-4cbb-8d31-34499bd030b8\" : { \n \"value\" : \"Audit\"\n },\n \"modeRequirement-425bea59-a659-4cbb-8d31-34499bd030b8\" : { \n \"value\" : \"Detection\"\n },\n \"effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66\" : { \n \"value\" : \"Audit\"\n },\n \"effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c\" : { \n \"value\" : \"Audit\"\n },\n \"effect-013e242c-8828-4970-87b3-ab247555486d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-d38fc420-0735-4ef3-ac11-c806f651a570\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-a1181c5f-672a-477a-979a-7d58aa086233\" : { \n \"value\" : \"Audit\"\n },\n \"effect-308fbb08-4ab8-4e67-9b29-592e93fb94fa\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-4da35fc9-c9e7-4960-aec9-797fe7d9051d\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-523b5cd1-3e23-492f-a539-13118b6d1e3a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-7fe3b40f-802b-4cdd-8bd4-fd799c948cc2\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-c25d9a16-bc35-4e15-a7e5-9db606bf9ed4\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b0f33259-77d7-4c9e-aac6-3aabcfae693c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-037eea7a-bd0a-46c5-9a66-03aea78705d3\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0725b4dd-7e76-479c-a735-68e7ee23d5ca\" : { \n \"value\" : \"Audit\"\n },\n \"effect-0820b7b9-23aa-4725-a1ce-ae4558f718e5\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-2c89a2e5-7285-40fe-afe0-ae8654b92fab\" : { \n \"value\" : \"Audit\"\n },\n \"effect-358c20a6-3f9e-4f0e-97ff-c6ce485e2aac\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-5744710e-cc2f-4ee8-8809-3b11e89f4bc9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ac4a19c2-fa67-49b4-8ae5-0b2e78c49457\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c9d007d0-c057-4772-b18c-01e546713bcd\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d0793b48-0edc-4296-a390-4c75d1bdfd71\" : { \n \"value\" : \"Audit\"\n },\n \"effect-e372f825-a257-4fb8-9175-797a8a8627d6\" : { \n \"value\" : \"Audit\"\n },\n \"effect-d158790f-bfb0-486c-8631-2dc6b4e8e6af\" : { \n \"value\" : \"Audit\"\n },\n \"effect-e802a67a-daf5-4436-9ea6-f6d821dd0c5d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-a451c1ef-c6ca-483d-87ed-f49761e3ffb5\" : { \n \"value\" : \"Audit\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftSql-servers-firewallRules-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftNetwork-networkSecurityGroups-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftClassicNetwork-networkSecurityGroups-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftNetwork-networkSecurityGroups-securityRules-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b954148f-4c11-4c38-8221-be76711e194a-MicrosoftClassicNetwork-networkSecurityGroups-securityRules-delete\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ae89ebca-1c92-4898-ac2c-9f63decb045c\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-d26f7642-7545-4e18-9b75-8c9bbdee3a9a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-1a4e592a-6a6e-44a5-9814-e36264ca96e7\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-7796937f-307b-4598-941c-67d3a05ebfe7\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-c5447c04-a4d7-4ba8-a263-c9ee321a6858\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-41388f1c-2db0-4c25-95b2-35d7f5ccbfa9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-b02aacc0-b073-424e-8298-42b22829ee0a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-057d6cfe-9c4f-4a6d-bc60-14420ea1f1a9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0ec47710-77ff-4a3d-9181-6aa50af424d0\" : { \n \"value\" : \"Audit\"\n },\n \"effect-48af4db5-9b8b-401c-8e74-076be876a430\" : { \n \"value\" : \"Audit\"\n },\n \"effect-82339799-d096-41ae-8538-b108becf0970\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1b7aa243-30e4-4c9e-bca8-d0d3022b634a\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-ef2a8f2a-b3d9-49cd-a8a8-9a3aaaf647d9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-bb91dfba-c30d-4263-9add-9c2384e659a6\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-e71308d3-144b-4262-b144-efdc3cc90517\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-2bdd0062-9d75-436e-89df-487dd8e4b3c7\" : { \n \"value\" : \"Disabled\"\n },\n \"effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a\" : { \n \"value\" : \"Audit\"\n },\n \"effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-6fac406b-40ca-413b-bf8e-0bf964659c25\" : { \n \"value\" : \"Audit\"\n },\n \"effect-81e74cea-30fd-40d5-802f-d72103c2aaaa\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c349d81b-9985-44ae-a8da-ff98d108ede8\" : { \n \"value\" : \"Audit\"\n },\n \"effect-f4b53539-8df9-40e4-86c6-6b607703bd4e\" : { \n \"value\" : \"Audit\"\n },\n \"effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1\" : { \n \"value\" : \"Audit\"\n },\n \"effect-048248b0-55cd-46da-b1ff-39efd52db260\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0d134df8-db83-46fb-ad72-fe0c9428c8dd\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-2c89a2e5-7285-40fe-afe0-ae8654b92fb2\" : { \n \"value\" : \"Audit\"\n },\n \"effect-3657f5a0-770e-44a3-b44e-9431ba1e9735\" : { \n \"value\" : \"Audit\"\n },\n \"effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580\" : { \n \"value\" : \"Audit\"\n },\n \"effect-617c02be-7f02-4efd-8836-3180d47b6c68\" : { \n \"value\" : \"Audit\"\n },\n \"effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67\" : { \n \"value\" : \"Audit\"\n },\n \"effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7\" : { \n \"value\" : \"audit\"\n },\n \"effect-f7d52b2d-e161-4dfa-a82b-55e564167385\" : { \n \"value\" : \"Audit\"\n },\n \"effect-c43e4a30-77cb-48ab-a4dd-93f175c63b57\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d\" : { \n \"value\" : \"Audit\"\n },\n \"effect-1f314764-cb73-4fc9-b863-8eca98ac36e9\" : { \n \"value\" : \"AuditIfNotExists\"\n },\n \"effect-123a3936-f020-408a-ba0c-47873faf1534\" : { \n \"value\" : \"AuditIfNotExists\"\n }\n}\n', '', reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), parameters('logAnalyticsWorkspaceResourceGroupName')), 'Microsoft.OperationalInsights/workspaces', parameters('logAnalyticsWorkspaceName')), '2021-06-01').customerId))))[variables('modifiedAssignment')].parameters]" @@ -4277,7 +4307,7 @@ "type": "Microsoft.Authorization/policyAssignments", "apiVersion": "2020-09-01", "name": "[variables('agentVmssAssignmentName')]", - "location": "[resourceGroup().location]", + "location": "[parameters('location')]", "properties": { "policyDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/75714362-cae7-409e-9b99-a8e5075b7fad", "parameters": { @@ -4294,7 +4324,7 @@ "type": "Microsoft.Authorization/policyAssignments", "apiVersion": "2020-09-01", "name": "[variables('agentVmAssignmentName')]", - "location": "[resourceGroup().location]", + "location": "[parameters('location')]", "properties": { "policyDefinitionId": "/providers/Microsoft.Authorization/policySetDefinitions/55f3eceb-5573-4f18-9695-226972c6d74a", "parameters": { @@ -4387,8 +4417,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "17084517484392773483" + "version": "0.4.1272.37030", + "templateHash": "6737383255098096059" } }, "parameters": { @@ -4455,10 +4485,10 @@ "mode": "Incremental", "parameters": { "diagnosticSettingName": { - "value": "[format('log-hub-sub-activity-to-{0}', reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.name.value)]" + "value": "[format('log-hub-sub-activity-to-{0}', reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.name.value)]" }, "logAnalyticsWorkspaceId": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.id.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.id.value]" } }, "template": { @@ -4467,8 +4497,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "16846284475547410965" + "version": "0.4.1272.37030", + "templateHash": "15522060180834331930" } }, "parameters": { @@ -4556,10 +4586,10 @@ "mode": "Incremental", "parameters": { "diagnosticSettingName": { - "value": "[format('log-{0}-sub-activity-to-{1}', variables('spokes')[copyIndex()].name, reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.name.value)]" + "value": "[format('log-{0}-sub-activity-to-{1}', variables('spokes')[copyIndex()].name, reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.name.value)]" }, "logAnalyticsWorkspaceId": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.id.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.id.value]" } }, "template": { @@ -4568,8 +4598,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "16846284475547410965" + "version": "0.4.1272.37030", + "templateHash": "15522060180834331930" } }, "parameters": { @@ -4655,7 +4685,7 @@ "value": "[variables('operationsLogStorageAccountName')]" }, "logAnalyticsWorkspaceName": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.name.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.name.value]" } }, "template": { @@ -4664,8 +4694,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "14543561787523322977" + "version": "0.4.1272.37030", + "templateHash": "9749215519242778982" } }, "parameters": { @@ -4730,7 +4760,7 @@ "mode": "Incremental", "parameters": { "logAnalyticsWorkspaceId": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.id.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.id.value]" }, "emailSecurityContact": { "value": "[parameters('emailSecurityContact')]" @@ -4742,8 +4772,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "998933596067649007" + "version": "0.4.1272.37030", + "templateHash": "16713937257548308780" } }, "parameters": { @@ -4821,7 +4851,7 @@ }, { "type": "Microsoft.Authorization/policyAssignments", - "apiVersion": "2021-06-01", + "apiVersion": "2020-09-01", "name": "Azure Security Benchmark", "properties": { "displayName": "ASC Default", @@ -4856,7 +4886,7 @@ "mode": "Incremental", "parameters": { "logAnalyticsWorkspaceId": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.id.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.id.value]" }, "emailSecurityContact": { "value": "[parameters('emailSecurityContact')]" @@ -4868,8 +4898,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "998933596067649007" + "version": "0.4.1272.37030", + "templateHash": "16713937257548308780" } }, "parameters": { @@ -4947,7 +4977,7 @@ }, { "type": "Microsoft.Authorization/policyAssignments", - "apiVersion": "2021-06-01", + "apiVersion": "2020-09-01", "name": "Azure Security Benchmark", "properties": { "displayName": "ASC Default", @@ -4981,13 +5011,13 @@ "value": "[parameters('location')]" }, "hubVirtualNetworkName": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.virtualNetworkName.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.virtualNetworkName.value]" }, "hubSubnetResourceId": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.subnetResourceId.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.subnetResourceId.value]" }, "hubNetworkSecurityGroupResourceId": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.networkSecurityGroupResourceId.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.networkSecurityGroupResourceId.value]" }, "bastionHostName": { "value": "[variables('bastionHostName')]" @@ -5092,7 +5122,7 @@ "value": "[parameters('windowsVmStorageAccountType')]" }, "logAnalyticsWorkspaceId": { - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.id.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.id.value]" } }, "template": { @@ -5101,8 +5131,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "1358220533990268216" + "version": "0.4.1272.37030", + "templateHash": "7953755682688172427" } }, "parameters": { @@ -5282,8 +5312,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "2380768471469099549" + "version": "0.4.1272.37030", + "templateHash": "16261454761537760759" } }, "parameters": { @@ -5413,8 +5443,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "8101744643505090252" + "version": "0.4.1272.37030", + "templateHash": "2926151568052081917" } }, "parameters": { @@ -5529,7 +5559,7 @@ "value": "[parameters('linuxVmAdminPasswordOrKey')]" }, "networkInterfaceName": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'remoteAccess-linuxNetworkInterface'), '2020-10-01').outputs.name.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'remoteAccess-linuxNetworkInterface')).outputs.name.value]" }, "logAnalyticsWorkspaceId": { "value": "[parameters('logAnalyticsWorkspaceId')]" @@ -5541,8 +5571,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "16581269896210557617" + "version": "0.4.1272.37030", + "templateHash": "4945275168872962487" } }, "parameters": { @@ -5775,8 +5805,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "8101744643505090252" + "version": "0.4.1272.37030", + "templateHash": "2926151568052081917" } }, "parameters": { @@ -5888,7 +5918,7 @@ "value": "[parameters('windowsVmStorageAccountType')]" }, "networkInterfaceName": { - "value": "[reference(resourceId('Microsoft.Resources/deployments', 'remoteAccess-windowsNetworkInterface'), '2020-10-01').outputs.name.value]" + "value": "[reference(resourceId('Microsoft.Resources/deployments', 'remoteAccess-windowsNetworkInterface')).outputs.name.value]" }, "logAnalyticsWorkspaceId": { "value": "[parameters('logAnalyticsWorkspaceId')]" @@ -5900,8 +5930,8 @@ "metadata": { "_generator": { "name": "bicep", - "version": "0.4.1124.51302", - "templateHash": "5877468865897065265" + "version": "0.4.1272.37030", + "templateHash": "10676220666681786088" } }, "parameters": { @@ -6078,30 +6108,30 @@ }, "firewallPrivateIPAddress": { "type": "string", - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.firewallPrivateIPAddress.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.firewallPrivateIPAddress.value]" }, "hub": { "type": "object", "value": { "subscriptionId": "[parameters('hubSubscriptionId')]", - "resourceGroupName": "[reference(subscriptionResourceId(parameters('hubSubscriptionId'), 'Microsoft.Resources/deployments', format('deploy-rg-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.name.value]", - "resourceGroupResourceId": "[reference(subscriptionResourceId(parameters('hubSubscriptionId'), 'Microsoft.Resources/deployments', format('deploy-rg-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.id.value]", - "virtualNetworkName": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.virtualNetworkName.value]", - "virtualNetworkResourceId": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.virtualNetworkResourceId.value]", - "subnetName": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.subnetName.value]", - "subnetResourceId": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.subnetResourceId.value]", - "subnetAddressPrefix": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.subnetAddressPrefix.value]", - "networkSecurityGroupName": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.networkSecurityGroupName.value]", - "networkSecurityGroupResourceId": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.networkSecurityGroupResourceId.value]" + "resourceGroupName": "[reference(subscriptionResourceId(parameters('hubSubscriptionId'), 'Microsoft.Resources/deployments', format('deploy-rg-hub-{0}', parameters('deploymentNameSuffix')))).outputs.name.value]", + "resourceGroupResourceId": "[reference(subscriptionResourceId(parameters('hubSubscriptionId'), 'Microsoft.Resources/deployments', format('deploy-rg-hub-{0}', parameters('deploymentNameSuffix')))).outputs.id.value]", + "virtualNetworkName": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.virtualNetworkName.value]", + "virtualNetworkResourceId": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.virtualNetworkResourceId.value]", + "subnetName": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.subnetName.value]", + "subnetResourceId": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.subnetResourceId.value]", + "subnetAddressPrefix": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.subnetAddressPrefix.value]", + "networkSecurityGroupName": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.networkSecurityGroupName.value]", + "networkSecurityGroupResourceId": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('hubSubscriptionId'), variables('hubResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-vnet-hub-{0}', parameters('deploymentNameSuffix')))).outputs.networkSecurityGroupResourceId.value]" } }, "logAnalyticsWorkspaceName": { "type": "string", - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.name.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.name.value]" }, "logAnalyticsWorkspaceResourceId": { "type": "string", - "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix'))), '2020-10-01').outputs.id.value]" + "value": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', parameters('operationsSubscriptionId'), variables('operationsResourceGroupName')), 'Microsoft.Resources/deployments', format('deploy-laws-{0}', parameters('deploymentNameSuffix')))).outputs.id.value]" }, "spokes": { "type": "array", @@ -6110,15 +6140,15 @@ "input": { "name": "[variables('spokes')[copyIndex()].name]", "subscriptionId": "[variables('spokes')[copyIndex()].subscriptionId]", - "resourceGroupName": "[reference(subscriptionResourceId(variables('spokes')[copyIndex()].subscriptionId, 'Microsoft.Resources/deployments', format('deploy-rg-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2020-10-01').outputs.name.value]", - "resourceGroupId": "[reference(subscriptionResourceId(variables('spokes')[copyIndex()].subscriptionId, 'Microsoft.Resources/deployments', format('deploy-rg-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2020-10-01').outputs.id.value]", - "virtualNetworkName": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2020-10-01').outputs.virtualNetworkName.value]", - "virtualNetworkResourceId": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2020-10-01').outputs.virtualNetworkResourceId.value]", - "subnetName": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2020-10-01').outputs.subnetName.value]", - "subnetResourceId": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2020-10-01').outputs.subnetResourceId.value]", - "subnetAddressPrefix": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2020-10-01').outputs.subnetAddressPrefix.value]", - "networkSecurityGroupName": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2020-10-01').outputs.networkSecurityGroupName.value]", - "networkSecurityGroupResourceId": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix'))), '2020-10-01').outputs.networkSecurityGroupResourceId.value]" + "resourceGroupName": "[reference(subscriptionResourceId(variables('spokes')[copyIndex()].subscriptionId, 'Microsoft.Resources/deployments', format('deploy-rg-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix')))).outputs.name.value]", + "resourceGroupId": "[reference(subscriptionResourceId(variables('spokes')[copyIndex()].subscriptionId, 'Microsoft.Resources/deployments', format('deploy-rg-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix')))).outputs.id.value]", + "virtualNetworkName": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix')))).outputs.virtualNetworkName.value]", + "virtualNetworkResourceId": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix')))).outputs.virtualNetworkResourceId.value]", + "subnetName": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix')))).outputs.subnetName.value]", + "subnetResourceId": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix')))).outputs.subnetResourceId.value]", + "subnetAddressPrefix": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix')))).outputs.subnetAddressPrefix.value]", + "networkSecurityGroupName": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix')))).outputs.networkSecurityGroupName.value]", + "networkSecurityGroupResourceId": "[reference(extensionResourceId(format('/subscriptions/{0}/resourceGroups/{1}', variables('spokes')[copyIndex()].subscriptionId, variables('spokes')[copyIndex()].resourceGroupName), 'Microsoft.Resources/deployments', format('deploy-vnet-{0}-{1}', variables('spokes')[copyIndex()].name, parameters('deploymentNameSuffix')))).outputs.networkSecurityGroupResourceId.value]" } } } diff --git a/src/bicep/modules/hubNetwork.bicep b/src/bicep/modules/hubNetwork.bicep index 27769cabb..7b1e59d8b 100644 --- a/src/bicep/modules/hubNetwork.bicep +++ b/src/bicep/modules/hubNetwork.bicep @@ -240,6 +240,7 @@ module azureMonitorPrivateLink './privateLink.bicep' = if ( contains(supportedCl logAnalyticsWorkspaceResourceId: logAnalyticsWorkspaceResourceId privateEndpointSubnetName: subnetName privateEndpointVnetName: virtualNetwork.outputs.name + location: location tags: tags } dependsOn: [ diff --git a/src/bicep/modules/policyAssignment.bicep b/src/bicep/modules/policyAssignment.bicep index 12dcd8a29..18e6a1350 100644 --- a/src/bicep/modules/policyAssignment.bicep +++ b/src/bicep/modules/policyAssignment.bicep @@ -12,6 +12,9 @@ param operationsSubscriptionId string @description('Starts a policy remediation for the VM Agent policies in hub RG. Set to false by default since this is time consuming in deployment.') param deployRemediation bool = false +@description('The location of this resource') +param location string = resourceGroup().location + resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2021-06-01' existing = { name: logAnalyticsWorkspaceName scope: resourceGroup(operationsSubscriptionId, logAnalyticsWorkspaceResourceGroupName) @@ -42,7 +45,7 @@ var lawsReaderRoleDefinitionId = resourceId('Microsoft.Authorization/roleDefinit // assign policy to resource group resource assignment 'Microsoft.Authorization/policyAssignments@2020-09-01' = { name: assignmentName - location: resourceGroup().location + location: location properties: { policyDefinitionId: policyDefinitionID[modifiedAssignment].id parameters: policyDefinitionID[modifiedAssignment].parameters @@ -54,7 +57,7 @@ resource assignment 'Microsoft.Authorization/policyAssignments@2020-09-01' = { resource vmssAgentAssignment 'Microsoft.Authorization/policyAssignments@2020-09-01' = { name: agentVmssAssignmentName - location: resourceGroup().location + location: location properties: { policyDefinitionId: '/providers/Microsoft.Authorization/policySetDefinitions/75714362-cae7-409e-9b99-a8e5075b7fad' parameters: { @@ -70,7 +73,7 @@ resource vmssAgentAssignment 'Microsoft.Authorization/policyAssignments@2020-09- resource vmAgentAssignment 'Microsoft.Authorization/policyAssignments@2020-09-01' = { name: agentVmAssignmentName - location: resourceGroup().location + location: location properties: { policyDefinitionId: '/providers/Microsoft.Authorization/policySetDefinitions/55f3eceb-5573-4f18-9695-226972c6d74a' parameters: { diff --git a/src/bicep/modules/privateLink.bicep b/src/bicep/modules/privateLink.bicep index 60d4db648..310a39001 100644 --- a/src/bicep/modules/privateLink.bicep +++ b/src/bicep/modules/privateLink.bicep @@ -22,6 +22,9 @@ param vnetResourceGroup string = resourceGroup().name @description('The subscription id of the subscription the virtual network exists in') param vnetSubscriptionId string = subscription().subscriptionId +@description('The location of this resource') +param location string = resourceGroup().location + var privateLinkConnectionName = take('plconn${logAnalyticsWorkspaceName}${uniqueData}', 80) var privateLinkEndpointName = take('pl${logAnalyticsWorkspaceName}${uniqueData}', 80) var privateLinkScopeName = take('plscope${logAnalyticsWorkspaceName}${uniqueData}', 80) @@ -45,7 +48,7 @@ resource logAnalyticsWorkspacePrivateLinkScope 'microsoft.insights/privateLinkS resource subnetPrivateEndpoint 'Microsoft.Network/privateEndpoints@2020-07-01' = { name: privateLinkEndpointName - location: resourceGroup().location + location: location tags: tags properties: { subnet: { diff --git a/src/bicep/modules/securityCenter.bicep b/src/bicep/modules/securityCenter.bicep index ddadd1ebf..0bf0c87a6 100644 --- a/src/bicep/modules/securityCenter.bicep +++ b/src/bicep/modules/securityCenter.bicep @@ -70,7 +70,7 @@ resource securityNotifications 'Microsoft.Security/securityContacts@2017-08-01-p } } -resource securityPoliciesDefault 'Microsoft.Authorization/policyAssignments@2021-06-01' = { +resource securityPoliciesDefault 'Microsoft.Authorization/policyAssignments@2020-09-01' = { name: 'Azure Security Benchmark' scope: subscription() properties: { diff --git a/src/build/check_tf_format.sh b/src/build/check_tf_format.sh deleted file mode 100755 index 906deee2f..000000000 --- a/src/build/check_tf_format.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash -# -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# -# Check Terraform formatting for 1:M directories, exiting if any errors are produced - -program_log () { - echo "${0}: ${1}" -} - -error_log () { - echo "Error: ${1}" -} - -# Check for Terraform -if ! command -v terraform &> /dev/null; then - error_log "Terraform could not be found. This script requires the Terraform CLI." - echo "See https://learn.hashicorp.com/tutorials/terraform/install-cli for installation instructions." - exit 1 -fi - -format_tf() { - local tf_dir=$1 - cd "$tf_dir" || exit 1 - program_log "checking formatting at $tf_dir..." - if terraform fmt -check -recursive >> /dev/null; - then - program_log "successful check with 'terraform fmt -check -recursive ${tf_dir}'" - else - linting_results=$(terraform fmt -check -recursive) - for j in $linting_results - do - error_log "'${j}' is not formatted correctly. Format with the command 'terraform fmt ${j}'" - done - program_log "run 'terraform fmt -recursive' to format all Terraform components in a directory" - exit 1; - fi -} - -working_dir=$(pwd) - -for arg in "$@" -do - cd "$working_dir" || exit 1 - format_tf "$(realpath "$arg")" -done - -program_log "done!" \ No newline at end of file diff --git a/src/build/delete.sh b/src/build/delete.sh deleted file mode 100644 index 5584dc6ae..000000000 --- a/src/build/delete.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash -# -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# -# Steps through current logged in az cli subscriptions and deletes resource groups based on first arg, -# as filter as a job by not waiting for them to complete. -# -# Then steps through each diagnostic setting at subscription level with similar filter, -# resets az cli account to a specific subscription to be able to continue to use command line. -# Usage: ./delete.sh "" "" - -for subscription in $(az account list -o tsv); do - az account set --subscription "${subscription}" - for rgname in $(az group list --query "[? contains(name,'$1')][].{name:name}" -o tsv); do - echo Deleting "${rgname}" - az group delete -n "${rgname}" --yes --no-wait - done - for setting in $(az monitor diagnostic-settings subscription list --query "value[? contains(@.name, '$1')].name" -o tsv); do - echo Deleting "${setting}" - az monitor diagnostic-settings delete --name "${setting}" --resource /subscriptions/"${subscription}" - done -done - -az account set --subscription "$2" diff --git a/src/build/validate_tf.sh b/src/build/validate_tf.sh deleted file mode 100755 index ab8815375..000000000 --- a/src/build/validate_tf.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# -# Validates and lints Terraform for 1:M directories, exiting if any errors are produced - -program_log () { - echo "${0}: ${1}" -} - -error_log () { - echo "Error: ${1}" -} - -# Check for Terraform -if ! command -v terraform &> /dev/null; then - error_log "Terraform could not be found. This script requires the Terraform CLI." - echo "See https://learn.hashicorp.com/tutorials/terraform/install-cli for installation instructions." - exit 1 -fi - -validate_tf() { - local tf_dir=$1 - cd "$tf_dir" || exit 1 - program_log "validating at $tf_dir..." - terraform init -backend=false >> /dev/null || exit 1 - terraform validate >> /dev/null || exit 1 -} - -working_dir=$(pwd) - -for arg in "$@" -do - cd "$working_dir" || exit 1 - validate_tf "$(realpath "$arg")" -done - -program_log "done!" \ No newline at end of file diff --git a/src/terraform/mlz/main.tf b/src/terraform/mlz/main.tf index e79871afb..231c4d7e8 100644 --- a/src/terraform/mlz/main.tf +++ b/src/terraform/mlz/main.tf @@ -96,7 +96,7 @@ provider "azurerm" { alias = "tier2" environment = var.environment metadata_host = var.metadata_host - subscription_id = coalesce(var.hub_subid, var.tier2_subid) + subscription_id = coalesce(var.tier2_subid, var.hub_subid) features { log_analytics_workspace {