Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update password requirements to require only 12 characters #585

Merged
merged 3 commits into from
Dec 17, 2021
Merged

Update password requirements to require only 12 characters #585

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
20a83c8
omit the custom windows password constraint
glennmusa Dec 16, 2021
56f39b6
passwords only need to be 12 characters
glennmusa Dec 16, 2021
07596f2
GitHub Action: Build Bicep to JSON
invalid-email-address Dec 16, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions src/bicep/examples/remoteAccess/main.bicep
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ param linuxVmAdminUsername string = 'azureuser'
])
param linuxVmAuthenticationType string = 'password'
@secure()
@minLength(14)
@minLength(12)
param linuxVmAdminPasswordOrKey string

param windowsNetworkInterfaceName string = 'windowsVmNetworkInterface'
Expand All @@ -42,7 +42,7 @@ param windowsVmName string = 'windowsVm'
param windowsVmSize string = 'Standard_DS1_v2'
param windowsVmAdminUsername string = 'azureuser'
@secure()
@minLength(14)
@minLength(12)
param windowsVmAdminPassword string
param windowsVmPublisher string = 'MicrosoftWindowsServer'
param windowsVmOffer string = 'WindowsServer'
Expand Down
30 changes: 15 additions & 15 deletions src/bicep/examples/remoteAccess/main.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"_generator": {
"name": "bicep",
"version": "0.4.1008.15138",
"templateHash": "10398940261016449040"
"templateHash": "1824009288413854506"
}
},
"parameters": {
Expand All @@ -22,7 +22,7 @@
"hubNetworkSecurityGroupResourceId": {
"type": "string"
},
"logAnalyticsWorkspaceId": {
"logAnalyticsWorkspaceResourceId": {
"type": "string"
},
"bastionHostName": {
Expand Down Expand Up @@ -111,7 +111,7 @@
},
"linuxVmAdminPasswordOrKey": {
"type": "secureString",
"minLength": 14
"minLength": 12
},
"windowsNetworkInterfaceName": {
"type": "string",
Expand Down Expand Up @@ -139,7 +139,7 @@
},
"windowsVmAdminPassword": {
"type": "secureString",
"minLength": 14
"minLength": 12
},
"windowsVmPublisher": {
"type": "string",
Expand Down Expand Up @@ -297,7 +297,7 @@
"value": "[parameters('windowsVmStorageAccountType')]"
},
"logAnalyticsWorkspaceId": {
"value": "[parameters('logAnalyticsWorkspaceId')]"
"value": "[parameters('logAnalyticsWorkspaceResourceId')]"
}
},
"template": {
Expand All @@ -307,7 +307,7 @@
"_generator": {
"name": "bicep",
"version": "0.4.1008.15138",
"templateHash": "1148831067271080103"
"templateHash": "5159353539145495381"
}
},
"parameters": {
Expand Down Expand Up @@ -393,7 +393,7 @@
},
"linuxVmAdminPasswordOrKey": {
"type": "secureString",
"minLength": 14
"minLength": 12
},
"windowsNetworkInterfaceName": {
"type": "string"
Expand All @@ -415,7 +415,7 @@
},
"windowsVmAdminPassword": {
"type": "secureString",
"minLength": 14
"minLength": 12
},
"windowsVmPublisher": {
"type": "string"
Expand Down Expand Up @@ -750,7 +750,7 @@
"_generator": {
"name": "bicep",
"version": "0.4.1008.15138",
"templateHash": "16381556259285133052"
"templateHash": "1923864005701002999"
}
},
"parameters": {
Expand Down Expand Up @@ -800,7 +800,7 @@
},
"adminPasswordOrKey": {
"type": "secureString",
"minLength": 14
"minLength": 12
},
"logAnalyticsWorkspaceId": {
"type": "string"
Expand Down Expand Up @@ -871,14 +871,14 @@
"typeHandlerVersion": "1.4"
},
"dependsOn": [
"[resourceId('Microsoft.Compute/virtualMachines/extensions', split(format('{0}/Microsoft.Azure.AzurePolicyforLinux', parameters('name')), '/')[0], split(format('{0}/Microsoft.Azure.AzurePolicyforLinux', parameters('name')), '/')[1])]",
"[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('name'), 'AzurePolicyforLinux')]",
"[resourceId('Microsoft.Compute/virtualMachines', parameters('name'))]"
]
},
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"apiVersion": "2020-06-01",
"name": "[format('{0}/Microsoft.Azure.AzurePolicyforLinux', parameters('name'))]",
"apiVersion": "2020-12-01",
"name": "[format('{0}/{1}', parameters('name'), 'AzurePolicyforLinux')]",
"location": "[parameters('location')]",
"properties": {
"publisher": "Microsoft.GuestConfiguration",
Expand Down Expand Up @@ -1111,7 +1111,7 @@
"_generator": {
"name": "bicep",
"version": "0.4.1008.15138",
"templateHash": "5398822015781472627"
"templateHash": "18222194463697657474"
}
},
"parameters": {
Expand All @@ -1136,7 +1136,7 @@
},
"adminPassword": {
"type": "secureString",
"minLength": 14
"minLength": 12
},
"publisher": {
"type": "string"
Expand Down
4 changes: 1 addition & 3 deletions src/bicep/form/mlz.portal.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -867,9 +867,7 @@
"password": "Specify an administrator password for the Windows virtual machine used to remote into the network."
},
"constraints": {
"required": true,
"customPasswordRegex": "^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{12,128}$",
"customValidationMessage": "The password must be alphanumeric, contain at least 12 characters, and have at least 1 letter, 1 number and one special character."
"required": true
},
"options": {
"hideConfirmation": false
Expand Down
6 changes: 3 additions & 3 deletions src/bicep/mlz.bicep
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -345,7 +345,7 @@ param linuxVmAuthenticationType string = 'password'

@description('The administrator password or public SSH key for the Linux Virtual Machine to Azure Bastion remote into. See https://docs.microsoft.com/en-us/azure/virtual-machines/linux/faq#what-are-the-password-requirements-when-creating-a-vm- for password requirements.')
@secure()
@minLength(14)
@minLength(12)
param linuxVmAdminPasswordOrKey string = deployRemoteAccess ? '' : newGuid()

@description('The size of the Linux Virtual Machine to Azure Bastion remote into. It defaults to "Standard_B2s".')
Expand Down Expand Up @@ -381,9 +381,9 @@ param linuxNetworkInterfacePrivateIPAddressAllocationMethod string = 'Dynamic'
@description('The administrator username for the Windows Virtual Machine to Azure Bastion remote into. It defaults to "azureuser".')
param windowsVmAdminUsername string = 'azureuser'

@description('The administrator password the Windows Virtual Machine to Azure Bastion remote into. It must be > 14 characters in length. See https://docs.microsoft.com/en-us/azure/virtual-machines/windows/faq#what-are-the-password-requirements-when-creating-a-vm- for password requirements.')
@description('The administrator password the Windows Virtual Machine to Azure Bastion remote into. It must be > 12 characters in length. See https://docs.microsoft.com/en-us/azure/virtual-machines/windows/faq#what-are-the-password-requirements-when-creating-a-vm- for password requirements.')
@secure()
@minLength(14)
@minLength(12)
param windowsVmAdminPassword string = deployRemoteAccess ? '' : newGuid()

@description('The size of the Windows Virtual Machine to Azure Bastion remote into. It defaults to "Standard_DS1_v2".')
Expand Down
22 changes: 11 additions & 11 deletions src/bicep/mlz.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"_generator": {
"name": "bicep",
"version": "0.4.1124.51302",
"templateHash": "13546296569054440129"
"templateHash": "16835281694778509752"
}
},
"parameters": {
Expand Down Expand Up @@ -577,7 +577,7 @@
"linuxVmAdminPasswordOrKey": {
"type": "secureString",
"defaultValue": "[if(parameters('deployRemoteAccess'), '', newGuid())]",
"minLength": 14,
"minLength": 12,
"metadata": {
"description": "The administrator password or public SSH key for the Linux Virtual Machine to Azure Bastion remote into. See https://docs.microsoft.com/en-us/azure/virtual-machines/linux/faq#what-are-the-password-requirements-when-creating-a-vm- for password requirements."
}
Expand Down Expand Up @@ -652,9 +652,9 @@
"windowsVmAdminPassword": {
"type": "secureString",
"defaultValue": "[if(parameters('deployRemoteAccess'), '', newGuid())]",
"minLength": 14,
"minLength": 12,
"metadata": {
"description": "The administrator password the Windows Virtual Machine to Azure Bastion remote into. It must be > 14 characters in length. See https://docs.microsoft.com/en-us/azure/virtual-machines/windows/faq#what-are-the-password-requirements-when-creating-a-vm- for password requirements."
"description": "The administrator password the Windows Virtual Machine to Azure Bastion remote into. It must be > 12 characters in length. See https://docs.microsoft.com/en-us/azure/virtual-machines/windows/faq#what-are-the-password-requirements-when-creating-a-vm- for password requirements."
}
},
"windowsVmSize": {
Expand Down Expand Up @@ -4996,7 +4996,7 @@
"_generator": {
"name": "bicep",
"version": "0.4.1124.51302",
"templateHash": "5493952578857184506"
"templateHash": "1358220533990268216"
}
},
"parameters": {
Expand Down Expand Up @@ -5082,7 +5082,7 @@
},
"linuxVmAdminPasswordOrKey": {
"type": "secureString",
"minLength": 14
"minLength": 12
},
"windowsNetworkInterfaceName": {
"type": "string"
Expand All @@ -5104,7 +5104,7 @@
},
"windowsVmAdminPassword": {
"type": "secureString",
"minLength": 14
"minLength": 12
},
"windowsVmPublisher": {
"type": "string"
Expand Down Expand Up @@ -5436,7 +5436,7 @@
"_generator": {
"name": "bicep",
"version": "0.4.1124.51302",
"templateHash": "6195638442308081265"
"templateHash": "16581269896210557617"
}
},
"parameters": {
Expand Down Expand Up @@ -5486,7 +5486,7 @@
},
"adminPasswordOrKey": {
"type": "secureString",
"minLength": 14
"minLength": 12
},
"logAnalyticsWorkspaceId": {
"type": "string"
Expand Down Expand Up @@ -5795,7 +5795,7 @@
"_generator": {
"name": "bicep",
"version": "0.4.1124.51302",
"templateHash": "10579512088546693511"
"templateHash": "5877468865897065265"
}
},
"parameters": {
Expand All @@ -5820,7 +5820,7 @@
},
"adminPassword": {
"type": "secureString",
"minLength": 14
"minLength": 12
},
"publisher": {
"type": "string"
Expand Down
2 changes: 1 addition & 1 deletion src/bicep/modules/linuxVirtualMachine.bicep
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ param adminUsername string
])
param authenticationType string
@secure()
@minLength(14)
@minLength(12)
param adminPasswordOrKey string

var linuxConfiguration = {
Expand Down
4 changes: 2 additions & 2 deletions src/bicep/modules/remoteAccess.bicep
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ param linuxVmAdminUsername string
])
param linuxVmAuthenticationType string
@secure()
@minLength(14)
@minLength(12)
param linuxVmAdminPasswordOrKey string

param windowsNetworkInterfaceName string
Expand All @@ -43,7 +43,7 @@ param windowsVmName string
param windowsVmSize string
param windowsVmAdminUsername string
@secure()
@minLength(14)
@minLength(12)
param windowsVmAdminPassword string
param windowsVmPublisher string
param windowsVmOffer string
Expand Down
2 changes: 1 addition & 1 deletion src/bicep/modules/windowsVirtualMachine.bicep
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ param networkInterfaceName string
param size string
param adminUsername string
@secure()
@minLength(14)
@minLength(12)
param adminPassword string
param publisher string
param offer string
Expand Down