Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Initial GC 30-day cloud guardrails compliance/guidance #226

Merged
merged 4 commits into from
Mar 31, 2022
Merged

Initial GC 30-day cloud guardrails compliance/guidance #226

merged 4 commits into from
Mar 31, 2022

Conversation

ccmsft
Copy link
Contributor

@ccmsft ccmsft commented Mar 30, 2022

Overview/Summary

This document identifies the key considerations as part of each guardrail and provides information on how an Azure Landing Zones for Canadian Public Sector (ALZCPS) deployment meets (or could meet) each consideration.

This PR addresses #58

As part of this Pull Request I have

@ccmsft ccmsft marked this pull request as draft March 30, 2022 17:06
@skeeler skeeler assigned skeeler and hudua and unassigned skeeler and hudua Mar 31, 2022
@skeeler skeeler added this to the v0.9.0 milestone Mar 31, 2022
@skeeler skeeler added the documentation Improvements or additions to documentation label Mar 31, 2022
Copy link
Contributor

@skeeler skeeler left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved with changes.

For future reference,:

  • Remove language specifiers (e.g. en-us) from URLs whenever possible
  • Use relative URL paths to point to files inside the CanadaPubSecALZ repository

@skeeler skeeler marked this pull request as ready for review March 31, 2022 03:35
@skeeler skeeler merged commit 575440e into Azure:main Mar 31, 2022
wanpengyang pushed a commit to cds-snc/CanadaPubSecALZ that referenced this pull request Oct 26, 2022
Squashed commit of the following:

commit c714e65
Author: Steve Keeler <[email protected]>
Date:   Fri Oct 14 15:48:33 2022 -0400

    Update CODEOWNERS (Azure#344)

    Adding Barry Willis and Kevin Evans to the CODEOWNERS file for the entire repo

commit b8a9bc9
Author: Steve Keeler <[email protected]>
Date:   Thu Sep 1 15:31:28 2022 -0400

    Version August 2022 schema changes (Azure#342)

commit 5851a09
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:50:15 2022 -0400

    Revised Event Hub Diagnostic Settings policy (Azure#339)

commit e5fe399
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:37:43 2022 -0400

    Update diagnostic settings profile name (Azure#337)

commit db52627
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:17:12 2022 -0400

    Suppress false positive linter warning: secure-secrets-in-params (Azure#335)

commit 2a6042d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:59:13 2022 -0400

    Network security group support for private endpoints subnet (Azure#333)

commit e069a4b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:28:39 2022 -0400

    Support data collection rule (Azure#331)

commit c2afa0d
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Aug 8 15:42:22 2022 -0400

    Support azkms.core.windows.net and IPs in firewall allow list (Azure#329)

commit a7f521d
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:31:56 2022 -0400

    Add missing log categories in diagnostic settings for Azure Firewall (Azure#324)

commit 60198bc
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:11:10 2022 -0400

    Resolve linter warning: prefer-unquoted-property-names (Azure#322)

commit a4e53ff
Author: Sabyasachi Dasgupta <[email protected]>
Date:   Mon Jul 18 16:44:01 2022 -0400

    Update machinelearning.md (Azure#327)

commit 8fc587a
Author: Ifyagolu <[email protected]>
Date:   Fri Jun 24 17:05:28 2022 -0400

    Fix typo in onboarding guidance (Azure#320)

commit e9a0962
Author: Islam Gomaa <[email protected]>
Date:   Fri May 27 16:13:52 2022 -0400

    Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (Azure#313)

commit 2b11801
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu May 19 10:38:55 2022 -0400

    Add service health notification info (Azure#310)

commit bce747c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 18 09:29:03 2022 -0400

    Update resource group names for Logging & Networking (Azure#309)

    Remove `-rg` suffix

commit 6765c48
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 17 15:14:33 2022 -0400

    Serial defender plan deployments & revised resource/resource group names (Azure#307)

commit 62adb00
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 13:53:37 2022 -0400

    Log Analytics solutions for SQL servers on machines (Azure#303)

commit c1a3b99
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 09:26:47 2022 -0400

    Flexible policy deployment using PowerShell & GitHub Actions (Azure#300)

commit 0ce5c1a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 12:19:01 2022 -0400

    Disable fail fast for matrix deployments (Azure#297)

commit c078a79
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 11:19:43 2022 -0400

    Concurrent role deployment with PowerShell & GitHub Actions (Azure#299)

commit 31a214a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 10:39:08 2022 -0400

    Disable metrics in diagnostic settings for AKS through Policy (Azure#295)

commit 6a90a2f
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 11 10:56:26 2022 -0400

    Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (Azure#289)

commit c413307
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 16:46:06 2022 -0400

    Ensure multiple subscriptions can be moved to a management in parallel (Azure#288)

    Ensure deployment name for moving subscription is unique

commit 93d2f13
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 14:53:18 2022 -0400

    Support jobs in GitHub Actions  (Azure#286)

commit 31e8d0a
Author: Steve Keeler <[email protected]>
Date:   Tue May 10 12:30:36 2022 -0400

    Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (Azure#285)

commit 229b144
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 20:41:06 2022 -0400

    Fix DeploySubscriptionIds parameter type casting (Azure#282)

commit 799ad52
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 20:10:33 2022 -0400

    Pass-thru secure strings as-is until ready for use (Azure#281)

commit a9c9419
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 17:11:12 2022 -0400

    Add environment configuration override and protect sensitive parameters (Azure#280)

commit ce6c27f
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 11:23:57 2022 -0400

    Support schema validation (Azure#277)

commit 1d8dbd7
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 08:07:26 2022 -0400

    GitHub workflow implementation (Azure#276)

    Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector

commit 08d8f92
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 2 16:03:02 2022 -0400

    Deployment flow diagram (Azure#274)

commit db098e1
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 22:37:58 2022 -0400

    Powershell deployment script for archetypes (Azure#273)

    Support for deploying subscriptions

commit 15c2847
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 16:29:22 2022 -0400

    PowerShell deployment scripts (Azure#271)

commit 3522571
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 18:10:23 2022 -0400

    Snapshot ARM parameters JSON schemas (Azure#268)

commit 60f3b59
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 17:29:58 2022 -0400

    Organize deployment parameters for Hub Networking with NVA (Azure#266)

commit 926521a
Author: ghostme <[email protected]>
Date:   Wed Apr 27 15:20:08 2022 -0400

    Updated documentation  (Azure#267)

commit d68824a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:32:25 2022 -0400

    Organize deployment parameters for Hub Networking with Azure Firewall (Azure#265)

commit 2bc196a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:03:31 2022 -0400

    Support for optional subnets in Machine Learning & Healthcare archetypes (Azure#264)

commit b33cd36
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Apr 21 09:32:43 2022 -0400

    Update common.yml example (Azure#262)

commit 3008353
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 12:44:45 2022 -0400

    Removed extra configuration files (Azure#260)

commit 1ee5b9e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:56:14 2022 -0400

    Revise subnet configuration for Healthcare archetype (Azure#256)

commit 72fe50d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:43:09 2022 -0400

    Revise subnet configuration for Machine Learning archetype (Azure#254)

commit 7083377
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:38:07 2022 -0400

    Revise subnet configuration for Generic Subscription archetype (Azure#252)

commit 3d9c60d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:30:10 2022 -0400

    Migrate Networking configuration to JSON parameters file (Azure#250)

commit 38fc344
Author: Mohamed Sharaf <[email protected]>
Date:   Wed Apr 20 10:29:52 2022 -0400

    Azure Active Directory support for Synapse (Azure#259)

commit 89613db
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 21:31:06 2022 -0400

    Include new Databricks' log categories for diagnostic settings (Azure#248)

    Add new databricks' log categories for diagnostic settings

commit 700eb96
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 17:33:12 2022 -0400

    Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (Azure#246)

    Update Private DNS Zone policy to support multiple dnsZoneConfigs

commit 1c37279
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 11 11:24:00 2022 -0400

    Support logging infrastructure for multiple regions in same subscription (Azure#244)

    Ensure subscription scoped deployments are unique per region

commit 0e258f9
Author: Steve Keeler <[email protected]>
Date:   Sat Apr 9 13:50:50 2022 -0400

    Update azure-devops-pipelines.md (Azure#242)

commit bfe1f58
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 11:31:52 2022 -0400

    Migrate Logging configuration to JSON parameters file  (Azure#236)

commit cc5f017
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 10:26:12 2022 -0400

    PBMM & HITRUST/HIPAA policy update (Azure#238)

commit 3259994
Author: Steve Keeler <[email protected]>
Date:   Tue Apr 5 14:41:17 2022 -0400

    Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script Azure#233 (Azure#234)

commit cb96311
Author: ccmsft <[email protected]>
Date:   Mon Apr 4 09:39:17 2022 -0400

    Updating recommendations to reflect licensing reqs (Azure#229)

commit 3ce2cf8
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 1 22:49:44 2022 -0400

    Use built-in policy for Cosmos DB for Defender Plan (Azure#232)

    * Use built-in policy for Cosmos DB for Defender Plan

    * Add branch config

    * Remove branch config

commit d2f959a
Author: ghostme <[email protected]>
Date:   Fri Apr 1 10:05:21 2022 -0400

    Update networking documentation for generic subscription archetype (Azure#230)

commit 575440e
Author: ccmsft <[email protected]>
Date:   Wed Mar 30 23:36:35 2022 -0400

    Initial GC 30-day cloud guardrails compliance/guidance (Azure#226)

    Initial GC 30-day cloud guardrails doc

commit 6b36096
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 22:40:17 2022 -0400

    Externalize Log Analytics Workspace parameters when loading pipeline variables (Azure#220)

    Externalize the log analytics parameters to load arbitary LAW variables

commit 0210df4
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 21:51:30 2022 -0400

    Flexible policy assignment parameters JSON files (Azure#222)

commit f25f957
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 20:57:07 2022 -0400

    Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (Azure#228)

    * Change Cosmos DB namespace to Microsoft.DocumentDB

    * Add branch config

    * Remove branch config

commit 453a0f8
Author: Steve Keeler <[email protected]>
Date:   Wed Mar 30 19:00:07 2022 -0400

    Improve `delete-management-groups.bat` script (Azure#224)

commit 2e5a56b
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 24 09:02:36 2022 -0400

    Fix formatting (Azure#218)

commit bf5e94b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 23:01:02 2022 -0400

    Add instructions for customizing policy set assignments (Azure#215)

commit 0538d4d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:57:00 2022 -0400

    Document delete lock usage (Azure#216)

    Document when and where delete locks are used

commit 789b18a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:49:24 2022 -0400

    Update OZ subnet name to App Management Zone (Azure#217)

commit 97c2904
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Mar 11 21:59:40 2022 -0500

    Backward compatibility when setting pipeline variables from management group hierarchy  (Azure#213)

commit 30b9cc2
Author: Adil Ha <[email protected]>
Date:   Fri Mar 11 11:26:31 2022 -0500

    fixing doc typo in hubnetwork-azfw (Azure#211)

    Co-authored-by: Adil Ha <[email protected]>

commit 27363b7
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 13:04:13 2022 -0500

    Support Defender Plan for Cosmos DB (Azure#200)

    Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB

commit 81eccd1
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 12:48:45 2022 -0500

    Delete Lock for Log Analytics Workspace resource group (Azure#205)

    Add delete lock for LAW RG

commit 678355f
Author: Steve Keeler <[email protected]>
Date:   Sat Mar 5 11:03:46 2022 -0500

    Fix pipeline scripts reference to `subscription-ci` (Azure#207)

commit 5753cf0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:44:31 2022 -0500

    Ensure values from multiline variables are properly logged (Azure#202)

    Print multi-line environment variables (typically JSON objects) in Show Variables step

commit d6b1c08
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:09:47 2022 -0500

    Revise subscription deployment instructions (Azure#201)

    * Redirect subscriptoin configuration guidance to archetype authoring guide doc
    * Revise instructions for creating ARM parameter files & management group id selection

commit 5e7322e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 2 08:22:35 2022 -0500

    Instructions for backfilling management group hierarchy (Azure#197)

    * Add instructions for backfilling management group hierarchy

    * Update section titles, links and reference backfill instruction as part of MG setup

    * Instructions for installing AzCLI and jq

    * Clearfy that Tenant Root Group could have been renamed in the organization

    * Windows Shell example

    * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used

    * Note on YAML indentation

commit 5d33909
Author: Preston K. Parsard <[email protected]>
Date:   Tue Mar 1 10:46:04 2022 -0500

    subscription(generic): add instructions for configuring parameters (Azure#193)

commit 17846c4
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 20:30:20 2022 -0500

    Show Variables fix (Azure#191)

commit c62dcfc
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 16:50:20 2022 -0500

    Configurable management group hierarchy (Azure#186)

    Implement configurable management group hierarchy

commit 9a141f7
Author: Preston K. Parsard <[email protected]>
Date:   Sat Feb 26 19:45:35 2022 -0500

    Update onboarding document

    Co-authored-by: Preston K. Parsard <[email protected]>

commit 6b6ef29
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Feb 26 18:22:48 2022 -0500

    Snapshot JSON schemas to v0.4.0 (Azure#182)

commit 4dd1f4a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 23 15:39:43 2022 -0500

    Update onboarding doc for logging & networking management group settings (Azure#177)

    * Fix markdown linter warnings
    * Add instruction for logging and networking MGs

commit 5d7eec3
Author: Steve Keeler <[email protected]>
Date:   Wed Feb 23 12:51:20 2022 -0500

    Update `create-pipelines.bat` onboarding script to auto-provision environment (Azure#178)

commit 488fc6e
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Feb 22 09:05:20 2022 -0500

    Instructions for Azure DevOps Environments (Azure#175)

    * Instructions for creating ADO pipeline environments

    * Fix formatting

commit edabd87
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 17 23:29:42 2022 -0500

    Support for Tag inheritance from Subscription to Resource Group (Azure#161)

    * Add policy and policy set to inherit tags from subscription to resource group

    * Add branch config for testing

    * Remove policy type as it's not built in

    * Updated resource type for resource group

    * Update policy assignment

    * Ensure assignment name is <= 24 chars

    * Revert resource group type

    * Setting mode to all

    * Update documentation

    * Add branch config

    * Add explicit dependsOn for subscription scaffolding to complete

    * Update test deployment parameters

    * Remove explicit dependsOn for subscription scaffolding to complete

    * Update doc to describe approaches for adding tags to RGs

    * Reduce the options for tagging resources given subscripton to RG tagging is available

    * Add example scenarios for tag inheritence

    * Fix typo

    * Remove branch configs

    * Resolve linter error: no-loc-expr-outside-params

commit e71ed26
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 16 20:09:19 2022 -0500

    Linter: no-loc-expr-outside-params - ensure compliance (Azure#169)

    * Update linter rules for location parameter

    * Add location parameter with default value based on resourceGroup() or deployment()

    * Update archetype schema and docs for location

    * Add branch config for testing

    * Update AKS version

    * Update branch config

    * Remove branch configs

commit 6061fa0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 16:49:42 2022 -0500

    Repository clean up (Azure#165)

    * Remove obsolete directory

    * Rotate resource group names for E2E deployments

    * Fix typo

    * Add branch config for testing

    * Fix typo

    * Remove branch configs

    * Remove timestamp from sample JSON templates.  Timestamps are kept for E2E testing.

    * Remove date stamp

commit 5104f39
Author: Steve Keeler <[email protected]>
Date:   Thu Feb 10 09:08:17 2022 -0500

    Update DevOps Onboarding section of main readme (Azure#162)

commit 209f61c
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 09:06:31 2022 -0500

    Update Deployment Script's Azure CLI version to 2.32.0 (Azure#164)

    Update Azure CLI version to 2.32.0

commit d7d5257
Author: Steve Keeler <[email protected]>
Date:   Mon Feb 7 13:51:17 2022 -0500

    Issue Azure#157 - Update scripts documentation (Azure#158)

    Update scripts documentation (Issue Azure#157)
    Update docs/onboarding/azure-devops-scripts.md
    Co-authored-by: Senthuran Sivananthan <[email protected]>

commit b628c68
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Feb 4 12:42:31 2022 -0500

    Enhance PBMM policy assignment to disable diagnostic settings metrics (Azure#156)

    Ensure diagnostic settings policy only checks for logs

commit 61afd59
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Jan 31 12:52:09 2022 -0500

    Snapshot landing zone schema to v0.3.0 (Azure#152)

commit 09f09ed
Author: Steve Keeler <[email protected]>
Date:   Mon Jan 31 09:20:20 2022 -0500

    Automation scripts for Azure DevOps onboarding (Azure#151)

    Implement Azure#150, scripts and documentation

commit 82dd826
Author: SlavaRoikhman <[email protected]>
Date:   Thu Jan 27 13:32:41 2022 -0500

    Removed 'privatelink.monitor.azure.com' from Private DNS Zones (Azure#149)

commit 73ce2eb
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 23:23:45 2022 -0500

    Flexible policy assignment scope (Azure#147)

    * Add deployment scope for policy assignment

    * Add branch test config

    * Set new parameter for policy assignment scope:  var-policyAssignmentManagementGroupId

    * Update pipeline for new var

    * Add separate scope for testing

    * Update pipeline parameter name

    * Ensure new temp file is created to populate the parameters.

    * Remove test job

    * Remove branch config

    * Update readme

    * Update authoring guide with new parameter

commit c71051b
Author: hudua <[email protected]>
Date:   Fri Jan 21 14:21:08 2022 -0500

    Private Endpoint for App Service (Azure#144)

commit fff245d
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 10:51:43 2022 -0500

    Diagnostic Settings Policies for PaaS services (Azure#143)

    * Add diagnostic settings policies for data services

    * Add branch config for testing

    * Add missing types for auditing

    * Add diagnostic setting policies for compute services

    * Add diagnostic setting policies for integration services

    * Add diagnostic setting policies for network services

    * Remove policy for ACI since it doesn't have logs to collect

    * Remove extra resource type

    * Set region to 'global' for edge services

    * Remove branch config. used for testing

    * Updated App Service log categories

    * Add branch config

    * Remove branch config
wanpengyang pushed a commit to cds-snc/CanadaPubSecALZ that referenced this pull request Oct 27, 2022
commit c714e65
Author: Steve Keeler <[email protected]>
Date:   Fri Oct 14 15:48:33 2022 -0400

    Update CODEOWNERS (Azure#344)

    Adding Barry Willis and Kevin Evans to the CODEOWNERS file for the entire repo

commit b8a9bc9
Author: Steve Keeler <[email protected]>
Date:   Thu Sep 1 15:31:28 2022 -0400

    Version August 2022 schema changes (Azure#342)

commit 5851a09
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:50:15 2022 -0400

    Revised Event Hub Diagnostic Settings policy (Azure#339)

commit e5fe399
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:37:43 2022 -0400

    Update diagnostic settings profile name (Azure#337)

commit db52627
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:17:12 2022 -0400

    Suppress false positive linter warning: secure-secrets-in-params (Azure#335)

commit 2a6042d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:59:13 2022 -0400

    Network security group support for private endpoints subnet (Azure#333)

commit e069a4b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:28:39 2022 -0400

    Support data collection rule (Azure#331)

commit c2afa0d
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Aug 8 15:42:22 2022 -0400

    Support azkms.core.windows.net and IPs in firewall allow list (Azure#329)

commit a7f521d
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:31:56 2022 -0400

    Add missing log categories in diagnostic settings for Azure Firewall (Azure#324)

commit 60198bc
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:11:10 2022 -0400

    Resolve linter warning: prefer-unquoted-property-names (Azure#322)

commit a4e53ff
Author: Sabyasachi Dasgupta <[email protected]>
Date:   Mon Jul 18 16:44:01 2022 -0400

    Update machinelearning.md (Azure#327)

commit 8fc587a
Author: Ifyagolu <[email protected]>
Date:   Fri Jun 24 17:05:28 2022 -0400

    Fix typo in onboarding guidance (Azure#320)

commit e9a0962
Author: Islam Gomaa <[email protected]>
Date:   Fri May 27 16:13:52 2022 -0400

    Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (Azure#313)

commit 2b11801
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu May 19 10:38:55 2022 -0400

    Add service health notification info (Azure#310)

commit bce747c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 18 09:29:03 2022 -0400

    Update resource group names for Logging & Networking (Azure#309)

    Remove `-rg` suffix

commit 6765c48
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 17 15:14:33 2022 -0400

    Serial defender plan deployments & revised resource/resource group names (Azure#307)

commit 62adb00
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 13:53:37 2022 -0400

    Log Analytics solutions for SQL servers on machines (Azure#303)

commit c1a3b99
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 09:26:47 2022 -0400

    Flexible policy deployment using PowerShell & GitHub Actions (Azure#300)

commit 0ce5c1a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 12:19:01 2022 -0400

    Disable fail fast for matrix deployments (Azure#297)

commit c078a79
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 11:19:43 2022 -0400

    Concurrent role deployment with PowerShell & GitHub Actions (Azure#299)

commit 31a214a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 10:39:08 2022 -0400

    Disable metrics in diagnostic settings for AKS through Policy (Azure#295)

commit 6a90a2f
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 11 10:56:26 2022 -0400

    Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (Azure#289)

commit c413307
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 16:46:06 2022 -0400

    Ensure multiple subscriptions can be moved to a management in parallel (Azure#288)

    Ensure deployment name for moving subscription is unique

commit 93d2f13
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 14:53:18 2022 -0400

    Support jobs in GitHub Actions  (Azure#286)

commit 31e8d0a
Author: Steve Keeler <[email protected]>
Date:   Tue May 10 12:30:36 2022 -0400

    Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (Azure#285)

commit 229b144
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 20:41:06 2022 -0400

    Fix DeploySubscriptionIds parameter type casting (Azure#282)

commit 799ad52
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 20:10:33 2022 -0400

    Pass-thru secure strings as-is until ready for use (Azure#281)

commit a9c9419
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 17:11:12 2022 -0400

    Add environment configuration override and protect sensitive parameters (Azure#280)

commit ce6c27f
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 11:23:57 2022 -0400

    Support schema validation (Azure#277)

commit 1d8dbd7
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 08:07:26 2022 -0400

    GitHub workflow implementation (Azure#276)

    Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector

commit 08d8f92
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 2 16:03:02 2022 -0400

    Deployment flow diagram (Azure#274)

commit db098e1
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 22:37:58 2022 -0400

    Powershell deployment script for archetypes (Azure#273)

    Support for deploying subscriptions

commit 15c2847
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 16:29:22 2022 -0400

    PowerShell deployment scripts (Azure#271)

commit 3522571
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 18:10:23 2022 -0400

    Snapshot ARM parameters JSON schemas (Azure#268)

commit 60f3b59
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 17:29:58 2022 -0400

    Organize deployment parameters for Hub Networking with NVA (Azure#266)

commit 926521a
Author: ghostme <[email protected]>
Date:   Wed Apr 27 15:20:08 2022 -0400

    Updated documentation  (Azure#267)

commit d68824a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:32:25 2022 -0400

    Organize deployment parameters for Hub Networking with Azure Firewall (Azure#265)

commit 2bc196a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:03:31 2022 -0400

    Support for optional subnets in Machine Learning & Healthcare archetypes (Azure#264)

commit b33cd36
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Apr 21 09:32:43 2022 -0400

    Update common.yml example (Azure#262)

commit 3008353
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 12:44:45 2022 -0400

    Removed extra configuration files (Azure#260)

commit 1ee5b9e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:56:14 2022 -0400

    Revise subnet configuration for Healthcare archetype (Azure#256)

commit 72fe50d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:43:09 2022 -0400

    Revise subnet configuration for Machine Learning archetype (Azure#254)

commit 7083377
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:38:07 2022 -0400

    Revise subnet configuration for Generic Subscription archetype (Azure#252)

commit 3d9c60d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:30:10 2022 -0400

    Migrate Networking configuration to JSON parameters file (Azure#250)

commit 38fc344
Author: Mohamed Sharaf <[email protected]>
Date:   Wed Apr 20 10:29:52 2022 -0400

    Azure Active Directory support for Synapse (Azure#259)

commit 89613db
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 21:31:06 2022 -0400

    Include new Databricks' log categories for diagnostic settings (Azure#248)

    Add new databricks' log categories for diagnostic settings

commit 700eb96
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 17:33:12 2022 -0400

    Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (Azure#246)

    Update Private DNS Zone policy to support multiple dnsZoneConfigs

commit 1c37279
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 11 11:24:00 2022 -0400

    Support logging infrastructure for multiple regions in same subscription (Azure#244)

    Ensure subscription scoped deployments are unique per region

commit 0e258f9
Author: Steve Keeler <[email protected]>
Date:   Sat Apr 9 13:50:50 2022 -0400

    Update azure-devops-pipelines.md (Azure#242)

commit bfe1f58
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 11:31:52 2022 -0400

    Migrate Logging configuration to JSON parameters file  (Azure#236)

commit cc5f017
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 10:26:12 2022 -0400

    PBMM & HITRUST/HIPAA policy update (Azure#238)

commit 3259994
Author: Steve Keeler <[email protected]>
Date:   Tue Apr 5 14:41:17 2022 -0400

    Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script Azure#233 (Azure#234)

commit cb96311
Author: ccmsft <[email protected]>
Date:   Mon Apr 4 09:39:17 2022 -0400

    Updating recommendations to reflect licensing reqs (Azure#229)

commit 3ce2cf8
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 1 22:49:44 2022 -0400

    Use built-in policy for Cosmos DB for Defender Plan (Azure#232)

    * Use built-in policy for Cosmos DB for Defender Plan

    * Add branch config

    * Remove branch config

commit d2f959a
Author: ghostme <[email protected]>
Date:   Fri Apr 1 10:05:21 2022 -0400

    Update networking documentation for generic subscription archetype (Azure#230)

commit 575440e
Author: ccmsft <[email protected]>
Date:   Wed Mar 30 23:36:35 2022 -0400

    Initial GC 30-day cloud guardrails compliance/guidance (Azure#226)

    Initial GC 30-day cloud guardrails doc

commit 6b36096
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 22:40:17 2022 -0400

    Externalize Log Analytics Workspace parameters when loading pipeline variables (Azure#220)

    Externalize the log analytics parameters to load arbitary LAW variables

commit 0210df4
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 21:51:30 2022 -0400

    Flexible policy assignment parameters JSON files (Azure#222)

commit f25f957
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 20:57:07 2022 -0400

    Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (Azure#228)

    * Change Cosmos DB namespace to Microsoft.DocumentDB

    * Add branch config

    * Remove branch config

commit 453a0f8
Author: Steve Keeler <[email protected]>
Date:   Wed Mar 30 19:00:07 2022 -0400

    Improve `delete-management-groups.bat` script (Azure#224)

commit 2e5a56b
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 24 09:02:36 2022 -0400

    Fix formatting (Azure#218)

commit bf5e94b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 23:01:02 2022 -0400

    Add instructions for customizing policy set assignments (Azure#215)

commit 0538d4d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:57:00 2022 -0400

    Document delete lock usage (Azure#216)

    Document when and where delete locks are used

commit 789b18a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:49:24 2022 -0400

    Update OZ subnet name to App Management Zone (Azure#217)

commit 97c2904
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Mar 11 21:59:40 2022 -0500

    Backward compatibility when setting pipeline variables from management group hierarchy  (Azure#213)

commit 30b9cc2
Author: Adil Ha <[email protected]>
Date:   Fri Mar 11 11:26:31 2022 -0500

    fixing doc typo in hubnetwork-azfw (Azure#211)

    Co-authored-by: Adil Ha <[email protected]>

commit 27363b7
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 13:04:13 2022 -0500

    Support Defender Plan for Cosmos DB (Azure#200)

    Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB

commit 81eccd1
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 12:48:45 2022 -0500

    Delete Lock for Log Analytics Workspace resource group (Azure#205)

    Add delete lock for LAW RG

commit 678355f
Author: Steve Keeler <[email protected]>
Date:   Sat Mar 5 11:03:46 2022 -0500

    Fix pipeline scripts reference to `subscription-ci` (Azure#207)

commit 5753cf0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:44:31 2022 -0500

    Ensure values from multiline variables are properly logged (Azure#202)

    Print multi-line environment variables (typically JSON objects) in Show Variables step

commit d6b1c08
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:09:47 2022 -0500

    Revise subscription deployment instructions (Azure#201)

    * Redirect subscriptoin configuration guidance to archetype authoring guide doc
    * Revise instructions for creating ARM parameter files & management group id selection

commit 5e7322e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 2 08:22:35 2022 -0500

    Instructions for backfilling management group hierarchy (Azure#197)

    * Add instructions for backfilling management group hierarchy

    * Update section titles, links and reference backfill instruction as part of MG setup

    * Instructions for installing AzCLI and jq

    * Clearfy that Tenant Root Group could have been renamed in the organization

    * Windows Shell example

    * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used

    * Note on YAML indentation

commit 5d33909
Author: Preston K. Parsard <[email protected]>
Date:   Tue Mar 1 10:46:04 2022 -0500

    subscription(generic): add instructions for configuring parameters (Azure#193)

commit 17846c4
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 20:30:20 2022 -0500

    Show Variables fix (Azure#191)

commit c62dcfc
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 16:50:20 2022 -0500

    Configurable management group hierarchy (Azure#186)

    Implement configurable management group hierarchy

commit 9a141f7
Author: Preston K. Parsard <[email protected]>
Date:   Sat Feb 26 19:45:35 2022 -0500

    Update onboarding document

    Co-authored-by: Preston K. Parsard <[email protected]>

commit 6b6ef29
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Feb 26 18:22:48 2022 -0500

    Snapshot JSON schemas to v0.4.0 (Azure#182)

commit 4dd1f4a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 23 15:39:43 2022 -0500

    Update onboarding doc for logging & networking management group settings (Azure#177)

    * Fix markdown linter warnings
    * Add instruction for logging and networking MGs

commit 5d7eec3
Author: Steve Keeler <[email protected]>
Date:   Wed Feb 23 12:51:20 2022 -0500

    Update `create-pipelines.bat` onboarding script to auto-provision environment (Azure#178)

commit 488fc6e
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Feb 22 09:05:20 2022 -0500

    Instructions for Azure DevOps Environments (Azure#175)

    * Instructions for creating ADO pipeline environments

    * Fix formatting

commit edabd87
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 17 23:29:42 2022 -0500

    Support for Tag inheritance from Subscription to Resource Group (Azure#161)

    * Add policy and policy set to inherit tags from subscription to resource group

    * Add branch config for testing

    * Remove policy type as it's not built in

    * Updated resource type for resource group

    * Update policy assignment

    * Ensure assignment name is <= 24 chars

    * Revert resource group type

    * Setting mode to all

    * Update documentation

    * Add branch config

    * Add explicit dependsOn for subscription scaffolding to complete

    * Update test deployment parameters

    * Remove explicit dependsOn for subscription scaffolding to complete

    * Update doc to describe approaches for adding tags to RGs

    * Reduce the options for tagging resources given subscripton to RG tagging is available

    * Add example scenarios for tag inheritence

    * Fix typo

    * Remove branch configs

    * Resolve linter error: no-loc-expr-outside-params

commit e71ed26
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 16 20:09:19 2022 -0500

    Linter: no-loc-expr-outside-params - ensure compliance (Azure#169)

    * Update linter rules for location parameter

    * Add location parameter with default value based on resourceGroup() or deployment()

    * Update archetype schema and docs for location

    * Add branch config for testing

    * Update AKS version

    * Update branch config

    * Remove branch configs

commit 6061fa0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 16:49:42 2022 -0500

    Repository clean up (Azure#165)

    * Remove obsolete directory

    * Rotate resource group names for E2E deployments

    * Fix typo

    * Add branch config for testing

    * Fix typo

    * Remove branch configs

    * Remove timestamp from sample JSON templates.  Timestamps are kept for E2E testing.

    * Remove date stamp

commit 5104f39
Author: Steve Keeler <[email protected]>
Date:   Thu Feb 10 09:08:17 2022 -0500

    Update DevOps Onboarding section of main readme (Azure#162)

commit 209f61c
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 09:06:31 2022 -0500

    Update Deployment Script's Azure CLI version to 2.32.0 (Azure#164)

    Update Azure CLI version to 2.32.0

commit d7d5257
Author: Steve Keeler <[email protected]>
Date:   Mon Feb 7 13:51:17 2022 -0500

    Issue Azure#157 - Update scripts documentation (Azure#158)

    Update scripts documentation (Issue Azure#157)
    Update docs/onboarding/azure-devops-scripts.md
    Co-authored-by: Senthuran Sivananthan <[email protected]>

commit b628c68
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Feb 4 12:42:31 2022 -0500

    Enhance PBMM policy assignment to disable diagnostic settings metrics (Azure#156)

    Ensure diagnostic settings policy only checks for logs

commit 61afd59
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Jan 31 12:52:09 2022 -0500

    Snapshot landing zone schema to v0.3.0 (Azure#152)

commit 09f09ed
Author: Steve Keeler <[email protected]>
Date:   Mon Jan 31 09:20:20 2022 -0500

    Automation scripts for Azure DevOps onboarding (Azure#151)

    Implement Azure#150, scripts and documentation

commit 82dd826
Author: SlavaRoikhman <[email protected]>
Date:   Thu Jan 27 13:32:41 2022 -0500

    Removed 'privatelink.monitor.azure.com' from Private DNS Zones (Azure#149)

commit 73ce2eb
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 23:23:45 2022 -0500

    Flexible policy assignment scope (Azure#147)

    * Add deployment scope for policy assignment

    * Add branch test config

    * Set new parameter for policy assignment scope:  var-policyAssignmentManagementGroupId

    * Update pipeline for new var

    * Add separate scope for testing

    * Update pipeline parameter name

    * Ensure new temp file is created to populate the parameters.

    * Remove test job

    * Remove branch config

    * Update readme

    * Update authoring guide with new parameter

commit c71051b
Author: hudua <[email protected]>
Date:   Fri Jan 21 14:21:08 2022 -0500

    Private Endpoint for App Service (Azure#144)

commit fff245d
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 10:51:43 2022 -0500

    Diagnostic Settings Policies for PaaS services (Azure#143)

    * Add diagnostic settings policies for data services

    * Add branch config for testing

    * Add missing types for auditing

    * Add diagnostic setting policies for compute services

    * Add diagnostic setting policies for integration services

    * Add diagnostic setting policies for network services

    * Remove policy for ACI since it doesn't have logs to collect

    * Remove extra resource type

    * Set region to 'global' for edge services

    * Remove branch config. used for testing

    * Updated App Service log categories

    * Add branch config

    * Remove branch config
wanpengyang added a commit to cds-snc/CanadaPubSecALZ that referenced this pull request Oct 27, 2022
commit c714e65
Author: Steve Keeler <[email protected]>
Date:   Fri Oct 14 15:48:33 2022 -0400

    Update CODEOWNERS (Azure#344)

    Adding Barry Willis and Kevin Evans to the CODEOWNERS file for the entire repo

commit b8a9bc9
Author: Steve Keeler <[email protected]>
Date:   Thu Sep 1 15:31:28 2022 -0400

    Version August 2022 schema changes (Azure#342)

commit 5851a09
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:50:15 2022 -0400

    Revised Event Hub Diagnostic Settings policy (Azure#339)

commit e5fe399
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:37:43 2022 -0400

    Update diagnostic settings profile name (Azure#337)

commit db52627
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:17:12 2022 -0400

    Suppress false positive linter warning: secure-secrets-in-params (Azure#335)

commit 2a6042d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:59:13 2022 -0400

    Network security group support for private endpoints subnet (Azure#333)

commit e069a4b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:28:39 2022 -0400

    Support data collection rule (Azure#331)

commit c2afa0d
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Aug 8 15:42:22 2022 -0400

    Support azkms.core.windows.net and IPs in firewall allow list (Azure#329)

commit a7f521d
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:31:56 2022 -0400

    Add missing log categories in diagnostic settings for Azure Firewall (Azure#324)

commit 60198bc
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:11:10 2022 -0400

    Resolve linter warning: prefer-unquoted-property-names (Azure#322)

commit a4e53ff
Author: Sabyasachi Dasgupta <[email protected]>
Date:   Mon Jul 18 16:44:01 2022 -0400

    Update machinelearning.md (Azure#327)

commit 8fc587a
Author: Ifyagolu <[email protected]>
Date:   Fri Jun 24 17:05:28 2022 -0400

    Fix typo in onboarding guidance (Azure#320)

commit e9a0962
Author: Islam Gomaa <[email protected]>
Date:   Fri May 27 16:13:52 2022 -0400

    Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (Azure#313)

commit 2b11801
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu May 19 10:38:55 2022 -0400

    Add service health notification info (Azure#310)

commit bce747c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 18 09:29:03 2022 -0400

    Update resource group names for Logging & Networking (Azure#309)

    Remove `-rg` suffix

commit 6765c48
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 17 15:14:33 2022 -0400

    Serial defender plan deployments & revised resource/resource group names (Azure#307)

commit 62adb00
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 13:53:37 2022 -0400

    Log Analytics solutions for SQL servers on machines (Azure#303)

commit c1a3b99
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 09:26:47 2022 -0400

    Flexible policy deployment using PowerShell & GitHub Actions (Azure#300)

commit 0ce5c1a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 12:19:01 2022 -0400

    Disable fail fast for matrix deployments (Azure#297)

commit c078a79
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 11:19:43 2022 -0400

    Concurrent role deployment with PowerShell & GitHub Actions (Azure#299)

commit 31a214a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 10:39:08 2022 -0400

    Disable metrics in diagnostic settings for AKS through Policy (Azure#295)

commit 6a90a2f
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 11 10:56:26 2022 -0400

    Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (Azure#289)

commit c413307
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 16:46:06 2022 -0400

    Ensure multiple subscriptions can be moved to a management in parallel (Azure#288)

    Ensure deployment name for moving subscription is unique

commit 93d2f13
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 14:53:18 2022 -0400

    Support jobs in GitHub Actions  (Azure#286)

commit 31e8d0a
Author: Steve Keeler <[email protected]>
Date:   Tue May 10 12:30:36 2022 -0400

    Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (Azure#285)

commit 229b144
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 20:41:06 2022 -0400

    Fix DeploySubscriptionIds parameter type casting (Azure#282)

commit 799ad52
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 20:10:33 2022 -0400

    Pass-thru secure strings as-is until ready for use (Azure#281)

commit a9c9419
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 17:11:12 2022 -0400

    Add environment configuration override and protect sensitive parameters (Azure#280)

commit ce6c27f
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 11:23:57 2022 -0400

    Support schema validation (Azure#277)

commit 1d8dbd7
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 08:07:26 2022 -0400

    GitHub workflow implementation (Azure#276)

    Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector

commit 08d8f92
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 2 16:03:02 2022 -0400

    Deployment flow diagram (Azure#274)

commit db098e1
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 22:37:58 2022 -0400

    Powershell deployment script for archetypes (Azure#273)

    Support for deploying subscriptions

commit 15c2847
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 16:29:22 2022 -0400

    PowerShell deployment scripts (Azure#271)

commit 3522571
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 18:10:23 2022 -0400

    Snapshot ARM parameters JSON schemas (Azure#268)

commit 60f3b59
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 17:29:58 2022 -0400

    Organize deployment parameters for Hub Networking with NVA (Azure#266)

commit 926521a
Author: ghostme <[email protected]>
Date:   Wed Apr 27 15:20:08 2022 -0400

    Updated documentation  (Azure#267)

commit d68824a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:32:25 2022 -0400

    Organize deployment parameters for Hub Networking with Azure Firewall (Azure#265)

commit 2bc196a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:03:31 2022 -0400

    Support for optional subnets in Machine Learning & Healthcare archetypes (Azure#264)

commit b33cd36
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Apr 21 09:32:43 2022 -0400

    Update common.yml example (Azure#262)

commit 3008353
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 12:44:45 2022 -0400

    Removed extra configuration files (Azure#260)

commit 1ee5b9e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:56:14 2022 -0400

    Revise subnet configuration for Healthcare archetype (Azure#256)

commit 72fe50d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:43:09 2022 -0400

    Revise subnet configuration for Machine Learning archetype (Azure#254)

commit 7083377
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:38:07 2022 -0400

    Revise subnet configuration for Generic Subscription archetype (Azure#252)

commit 3d9c60d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:30:10 2022 -0400

    Migrate Networking configuration to JSON parameters file (Azure#250)

commit 38fc344
Author: Mohamed Sharaf <[email protected]>
Date:   Wed Apr 20 10:29:52 2022 -0400

    Azure Active Directory support for Synapse (Azure#259)

commit 89613db
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 21:31:06 2022 -0400

    Include new Databricks' log categories for diagnostic settings (Azure#248)

    Add new databricks' log categories for diagnostic settings

commit 700eb96
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 17:33:12 2022 -0400

    Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (Azure#246)

    Update Private DNS Zone policy to support multiple dnsZoneConfigs

commit 1c37279
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 11 11:24:00 2022 -0400

    Support logging infrastructure for multiple regions in same subscription (Azure#244)

    Ensure subscription scoped deployments are unique per region

commit 0e258f9
Author: Steve Keeler <[email protected]>
Date:   Sat Apr 9 13:50:50 2022 -0400

    Update azure-devops-pipelines.md (Azure#242)

commit bfe1f58
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 11:31:52 2022 -0400

    Migrate Logging configuration to JSON parameters file  (Azure#236)

commit cc5f017
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 10:26:12 2022 -0400

    PBMM & HITRUST/HIPAA policy update (Azure#238)

commit 3259994
Author: Steve Keeler <[email protected]>
Date:   Tue Apr 5 14:41:17 2022 -0400

    Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script Azure#233 (Azure#234)

commit cb96311
Author: ccmsft <[email protected]>
Date:   Mon Apr 4 09:39:17 2022 -0400

    Updating recommendations to reflect licensing reqs (Azure#229)

commit 3ce2cf8
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 1 22:49:44 2022 -0400

    Use built-in policy for Cosmos DB for Defender Plan (Azure#232)

    * Use built-in policy for Cosmos DB for Defender Plan

    * Add branch config

    * Remove branch config

commit d2f959a
Author: ghostme <[email protected]>
Date:   Fri Apr 1 10:05:21 2022 -0400

    Update networking documentation for generic subscription archetype (Azure#230)

commit 575440e
Author: ccmsft <[email protected]>
Date:   Wed Mar 30 23:36:35 2022 -0400

    Initial GC 30-day cloud guardrails compliance/guidance (Azure#226)

    Initial GC 30-day cloud guardrails doc

commit 6b36096
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 22:40:17 2022 -0400

    Externalize Log Analytics Workspace parameters when loading pipeline variables (Azure#220)

    Externalize the log analytics parameters to load arbitary LAW variables

commit 0210df4
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 21:51:30 2022 -0400

    Flexible policy assignment parameters JSON files (Azure#222)

commit f25f957
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 20:57:07 2022 -0400

    Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (Azure#228)

    * Change Cosmos DB namespace to Microsoft.DocumentDB

    * Add branch config

    * Remove branch config

commit 453a0f8
Author: Steve Keeler <[email protected]>
Date:   Wed Mar 30 19:00:07 2022 -0400

    Improve `delete-management-groups.bat` script (Azure#224)

commit 2e5a56b
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 24 09:02:36 2022 -0400

    Fix formatting (Azure#218)

commit bf5e94b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 23:01:02 2022 -0400

    Add instructions for customizing policy set assignments (Azure#215)

commit 0538d4d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:57:00 2022 -0400

    Document delete lock usage (Azure#216)

    Document when and where delete locks are used

commit 789b18a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:49:24 2022 -0400

    Update OZ subnet name to App Management Zone (Azure#217)

commit 97c2904
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Mar 11 21:59:40 2022 -0500

    Backward compatibility when setting pipeline variables from management group hierarchy  (Azure#213)

commit 30b9cc2
Author: Adil Ha <[email protected]>
Date:   Fri Mar 11 11:26:31 2022 -0500

    fixing doc typo in hubnetwork-azfw (Azure#211)

    Co-authored-by: Adil Ha <[email protected]>

commit 27363b7
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 13:04:13 2022 -0500

    Support Defender Plan for Cosmos DB (Azure#200)

    Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB

commit 81eccd1
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 12:48:45 2022 -0500

    Delete Lock for Log Analytics Workspace resource group (Azure#205)

    Add delete lock for LAW RG

commit 678355f
Author: Steve Keeler <[email protected]>
Date:   Sat Mar 5 11:03:46 2022 -0500

    Fix pipeline scripts reference to `subscription-ci` (Azure#207)

commit 5753cf0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:44:31 2022 -0500

    Ensure values from multiline variables are properly logged (Azure#202)

    Print multi-line environment variables (typically JSON objects) in Show Variables step

commit d6b1c08
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:09:47 2022 -0500

    Revise subscription deployment instructions (Azure#201)

    * Redirect subscriptoin configuration guidance to archetype authoring guide doc
    * Revise instructions for creating ARM parameter files & management group id selection

commit 5e7322e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 2 08:22:35 2022 -0500

    Instructions for backfilling management group hierarchy (Azure#197)

    * Add instructions for backfilling management group hierarchy

    * Update section titles, links and reference backfill instruction as part of MG setup

    * Instructions for installing AzCLI and jq

    * Clearfy that Tenant Root Group could have been renamed in the organization

    * Windows Shell example

    * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used

    * Note on YAML indentation

commit 5d33909
Author: Preston K. Parsard <[email protected]>
Date:   Tue Mar 1 10:46:04 2022 -0500

    subscription(generic): add instructions for configuring parameters (Azure#193)

commit 17846c4
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 20:30:20 2022 -0500

    Show Variables fix (Azure#191)

commit c62dcfc
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 16:50:20 2022 -0500

    Configurable management group hierarchy (Azure#186)

    Implement configurable management group hierarchy

commit 9a141f7
Author: Preston K. Parsard <[email protected]>
Date:   Sat Feb 26 19:45:35 2022 -0500

    Update onboarding document

    Co-authored-by: Preston K. Parsard <[email protected]>

commit 6b6ef29
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Feb 26 18:22:48 2022 -0500

    Snapshot JSON schemas to v0.4.0 (Azure#182)

commit 4dd1f4a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 23 15:39:43 2022 -0500

    Update onboarding doc for logging & networking management group settings (Azure#177)

    * Fix markdown linter warnings
    * Add instruction for logging and networking MGs

commit 5d7eec3
Author: Steve Keeler <[email protected]>
Date:   Wed Feb 23 12:51:20 2022 -0500

    Update `create-pipelines.bat` onboarding script to auto-provision environment (Azure#178)

commit 488fc6e
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Feb 22 09:05:20 2022 -0500

    Instructions for Azure DevOps Environments (Azure#175)

    * Instructions for creating ADO pipeline environments

    * Fix formatting

commit edabd87
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 17 23:29:42 2022 -0500

    Support for Tag inheritance from Subscription to Resource Group (Azure#161)

    * Add policy and policy set to inherit tags from subscription to resource group

    * Add branch config for testing

    * Remove policy type as it's not built in

    * Updated resource type for resource group

    * Update policy assignment

    * Ensure assignment name is <= 24 chars

    * Revert resource group type

    * Setting mode to all

    * Update documentation

    * Add branch config

    * Add explicit dependsOn for subscription scaffolding to complete

    * Update test deployment parameters

    * Remove explicit dependsOn for subscription scaffolding to complete

    * Update doc to describe approaches for adding tags to RGs

    * Reduce the options for tagging resources given subscripton to RG tagging is available

    * Add example scenarios for tag inheritence

    * Fix typo

    * Remove branch configs

    * Resolve linter error: no-loc-expr-outside-params

commit e71ed26
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 16 20:09:19 2022 -0500

    Linter: no-loc-expr-outside-params - ensure compliance (Azure#169)

    * Update linter rules for location parameter

    * Add location parameter with default value based on resourceGroup() or deployment()

    * Update archetype schema and docs for location

    * Add branch config for testing

    * Update AKS version

    * Update branch config

    * Remove branch configs

commit 6061fa0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 16:49:42 2022 -0500

    Repository clean up (Azure#165)

    * Remove obsolete directory

    * Rotate resource group names for E2E deployments

    * Fix typo

    * Add branch config for testing

    * Fix typo

    * Remove branch configs

    * Remove timestamp from sample JSON templates.  Timestamps are kept for E2E testing.

    * Remove date stamp

commit 5104f39
Author: Steve Keeler <[email protected]>
Date:   Thu Feb 10 09:08:17 2022 -0500

    Update DevOps Onboarding section of main readme (Azure#162)

commit 209f61c
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 09:06:31 2022 -0500

    Update Deployment Script's Azure CLI version to 2.32.0 (Azure#164)

    Update Azure CLI version to 2.32.0

commit d7d5257
Author: Steve Keeler <[email protected]>
Date:   Mon Feb 7 13:51:17 2022 -0500

    Issue Azure#157 - Update scripts documentation (Azure#158)

    Update scripts documentation (Issue Azure#157)
    Update docs/onboarding/azure-devops-scripts.md
    Co-authored-by: Senthuran Sivananthan <[email protected]>

commit b628c68
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Feb 4 12:42:31 2022 -0500

    Enhance PBMM policy assignment to disable diagnostic settings metrics (Azure#156)

    Ensure diagnostic settings policy only checks for logs

commit 61afd59
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Jan 31 12:52:09 2022 -0500

    Snapshot landing zone schema to v0.3.0 (Azure#152)

commit 09f09ed
Author: Steve Keeler <[email protected]>
Date:   Mon Jan 31 09:20:20 2022 -0500

    Automation scripts for Azure DevOps onboarding (Azure#151)

    Implement Azure#150, scripts and documentation

commit 82dd826
Author: SlavaRoikhman <[email protected]>
Date:   Thu Jan 27 13:32:41 2022 -0500

    Removed 'privatelink.monitor.azure.com' from Private DNS Zones (Azure#149)

commit 73ce2eb
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 23:23:45 2022 -0500

    Flexible policy assignment scope (Azure#147)

    * Add deployment scope for policy assignment

    * Add branch test config

    * Set new parameter for policy assignment scope:  var-policyAssignmentManagementGroupId

    * Update pipeline for new var

    * Add separate scope for testing

    * Update pipeline parameter name

    * Ensure new temp file is created to populate the parameters.

    * Remove test job

    * Remove branch config

    * Update readme

    * Update authoring guide with new parameter

commit c71051b
Author: hudua <[email protected]>
Date:   Fri Jan 21 14:21:08 2022 -0500

    Private Endpoint for App Service (Azure#144)

commit fff245d
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 10:51:43 2022 -0500

    Diagnostic Settings Policies for PaaS services (Azure#143)

    * Add diagnostic settings policies for data services

    * Add branch config for testing

    * Add missing types for auditing

    * Add diagnostic setting policies for compute services

    * Add diagnostic setting policies for integration services

    * Add diagnostic setting policies for network services

    * Remove policy for ACI since it doesn't have logs to collect

    * Remove extra resource type

    * Set region to 'global' for edge services

    * Remove branch config. used for testing

    * Updated App Service log categories

    * Add branch config

    * Remove branch config

Co-authored-by: Wanpeng Yang <[email protected]>
wanpengyang added a commit to cds-snc/CanadaPubSecALZ that referenced this pull request Mar 8, 2024
commit fb13f56
Author: aporodnov <[email protected]>
Date:   Thu Nov 16 19:00:37 2023 -0800

    Removed #Requires -Modules from the PS scripts (Azure#393)

    Co-authored-by: @skeeler

commit e5fad99
Author: Barrington Willis <[email protected]>
Date:   Thu Sep 14 09:01:14 2023 -0700

    Removed the Diagnostic Logs Audit requirement for EventGrid/eventSubscriptions (Azure#390)

    * Removed Diagnostic logging auditing for EventGrid/eventSubscriptions from the PBMM and Log Analytics policy initiatives.

commit aa697c3
Author: Barrington Willis <[email protected]>
Date:   Wed Sep 13 13:01:26 2023 -0700

    PrivateLink support for MySql Flexible Databases (Azure#388)

commit db45632
Author: Steve Keeler <[email protected]>
Date:   Sun Jul 9 23:14:55 2023 -0400

    Scripts to generate config from template, support JSON config intellisense in editors, fix bugs in deployment scripts (Azure#379)

    Fixes path normalization bug in deployment scripts Azure#374
    Fixes subscription filtering bug in deployment scripts Azure#375
    Adds CanadaPubSecALZ configuration JSON schema support for editors Azure#376
    Adds Scripts to generate CanadaPubSecALZ configuration files using existing environments as template Azure#377
    Adds Deploy landing zones to new Azure subscriptions in new primary tenant Azure#378

commit 5830bcb
Author: David Christiansen <[email protected]>
Date:   Tue Apr 25 21:12:23 2023 +0100

    Update identity.md (Azure#365)

    Updated page title to reflect content

commit 674f6cb
Author: Yanick Lepine <[email protected]>
Date:   Thu Mar 16 13:13:38 2023 -0400

    Update DDoS.bicep (Azure#363)

    Change policySetDefinitions to policyDefinitions for the policyScopedId variable.

commit 5680e65
Author: Barrington Willis <[email protected]>
Date:   Mon Mar 13 06:31:54 2023 -0700

    Bug fixes - network routing & ADO Identity Pipelines (Azure#362)

    * Fixed Bug: missing identityPathFromRoot variable missing

    * Fixed Bug: Allow Network transit thru the hub

    * renamed the Subscriptions Yaml

commit f13f6ec
Author: Barrington Willis <[email protected]>
Date:   Fri Mar 3 07:00:06 2023 -0800

    Identity Archetype (Azure#359)

    * Squashed commit of the following:

    commit 6d6b3e49855c365f49a4674534b985bacf9cd74c
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 27 08:07:45 2023 -0800

        changed the areacode on the logging service health alerts architype

    commit 86b4505c2ffd5127978883c0bc6a1f9b0e7d3268
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:39:08 2023 -0800

        prepping for testing in ESLZ test environment

    commit 0f92b6bf70aee1377b4d49db436fa7024f1bfd25
    Merge: 2a3584a 7749e7b
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:10:37 2023 -0800

        Merge remote-tracking branch 'origin/main' into IdentityLZ

    commit 7749e7b
    Merge: f6555a4 5337654
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:08:54 2023 -0800

        Merge remote-tracking branch 'github-CanadaPubSecALZ/main'

    commit f6555a4
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 12:30:20 2023 -0800

        Added the patch version to the AKS versions in the Data Archetypes

    commit 8edcb63
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 11:32:54 2023 -0800

        Changed hte AKS version to only have the Major.Minor

    commit 37123d7
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 11:17:38 2023 -0800

        updated AKS version in the Data Archetypes

    commit 459b3c6
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 08:55:13 2023 -0800

        changed the servcie health number prefix to 604

    commit cccf886
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 07:42:52 2023 -0800

        changed the invalid dummy service alert phone number to a valid phone number

    commit 8e9628d
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 07:01:36 2023 -0800

        fixed linter warnings in policy files

    commit 6c2b2f7
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 15:36:36 2023 -0800

        Commit 95556ddd: changed the extensionResourceId function to tenantResourceId for all built-in polify definitions

    commit c58ba48
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 15:09:56 2023 -0800

        Fixed the AKS policy deployment

    commit f9e8418
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 14:04:22 2023 -0800

        Fixed Bug on policy defnition

    commit 1a3c82e
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 19:09:02 2023 -0800

        updated the linter rules

    commit 20e1880
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 18:52:18 2023 -0800

        fixed the remaining linter errors in the policy definitions

    commit 1610a28
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 18:27:14 2023 -0800

        fixed the remaining linter warnings

    commit 9f0e049
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 17:31:21 2023 -0800

        fixed BCP321 warning

    commit 466d7b0
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 17:22:46 2023 -0800

        changed the pOlicyScopedId var to be set by using the MGResourceID Function

    commit 9362967
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 16:48:26 2023 -0800

        Fixed Role Definition Id References to use the ResourceId function

    commit 4bcbc28
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 16:07:33 2023 -0800

        Fixed BCP321 Linter warning in networking files

    commit 2a3584a7cac9c5822c7a226bc8a5d44f52d69a65
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 15:07:43 2023 -0800

        Removed Linter exception BCP321 - will fix in the linter PR

    commit a0b48ec7710a5ee8023a066e4cb5394074002c1e
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 10:39:36 2023 -0800

        Fixed the bugs with conditionally deploying DNS Resolver

    commit 4f24be78f48465b404c529b276db66496c9958db
    Author: Barry Willis <[email protected]>
    Date:   Wed Feb 8 15:29:38 2023 -0800

        Updated documentation and made the DNS Resolver subnets optional

    commit 03fcb5e50b0670c67d1850063dd828ffa6945cf8
    Merge: dfe0d9a 0fa01e8
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 6 16:58:41 2023 -0800

        Merge remote-tracking branch 'origin/main' into IdentityLZ

    commit dfe0d9acab086df1d9dfbfbdae5770fbf5da999a
    Author: Barry Willis <[email protected]>
    Date:   Wed Jan 11 15:52:06 2023 -0800

        added Schema validation to the identity config file

    commit fb88630b5d707db6b7f4ab1aa2455ff79920d5b3
    Author: Barry Willis <[email protected]>
    Date:   Mon Jan 9 10:28:13 2023 -0800

        changed the DNS Resolver ruleset to be an object-array

    commit 78aaf4d6cdeff8d9832d8a309f26c10cefe97a22
    Author: Barry Willis <[email protected]>
    Date:   Sat Jan 7 13:57:37 2023 -0800

        first pass at creating conditional forwarding rulesets in the Identity LZ

    commit e7b554d04daee83a55a985073ec0c59084c7f3c2
    Author: Barry Willis <[email protected]>
    Date:   Fri Jan 6 08:54:27 2023 -0800

        Configured Subnet Delegation for Az DNS Resolver

    commit 978ab9925f876945ba02280493f7deba1c07e7ee
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 19:52:24 2023 -0800

        added Private DNS Resolver to the Identity LZ

    commit 9735d58fc04d7a587a76a5387deb112c466390fe
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 13:19:05 2023 -0800

        Removed the optional Subnet

    commit 4cd57ed41a09672b3cfbc1792c2edbdc3569a060
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 13:09:36 2023 -0800

        first cut at the identity LZ framework

    commit a119eea02fca28a2028362f484aa2835c9313c1d
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:54:58 2022 -0800

        added identitypathfromroot in the branch config file

    commit 75b6ccc2ab6efd55037e0a5a938d49f2eef32de4
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:35:12 2022 -0800

        Added: identity vars display
        Changed: location reference to identity param file

    commit e0cfc41b5a83c4c331689fcafa5edc9928e93d39
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:22:35 2022 -0800

        fixed misconfigured working directory

    commit fb58b16999aeb9cc6b6b81647c76e95024e1267c
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:18:46 2022 -0800

        removed schema validation to test deployment

    commit 240189de7e30fa57654c3ec76ec37c762ff80133
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:15:43 2022 -0800

        fixed bug - neworking region is now identity region

    commit 89e63b5976cb5cdc4e85d0b25c01234ffe4853d7
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:11:48 2022 -0800

        initial identity lz deployment

    commit d4b40b26b893b78d7a9250dffe24c3e9ce06d690
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:03:29 2022 -0800

        Added default region for Identity Subscription

    commit 41e611818d09181b1a455f612425cae20f0683f7
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 08:29:33 2022 -0800

        Changed bastion subnet range in identity subnet

    commit f5a43f2d44803e80db8a043d31e5c9f72fc51675
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 07:33:03 2022 -0800

        Param file for Identity LZ

    commit 13d084b0fe74f39ca1423b2eb9f333a2b760b1f2
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 15:19:23 2022 +0000

        Deleted identity.parameteres.json

    commit 5ba9a12fa8e8e02f60f3f2afea43681cc84d7446
    Merge: 002b2be e395307
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:18:40 2022 -0800

        Merge branch 'IdentityLZ' of https://dev.azure.com/Tredell/CanadaALZ/_git/CanadaALZ into IdentityLZ

    commit 002b2be1bb5b555a334f35cbb505e7a68f321649
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:18:32 2022 -0800

        id-lz - created param section for id lz

    commit e395307b1c12786cc28cf3d4b00586dde69739d5
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:13:54 2022 -0800

        id-lz - created param section for id lz

    commit 7f4a43eb4fdc7f6f37ebab8e661981cccbee9f50
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:54:57 2022 -0800

        disabled privatelink infrastructure to be deployed in hub lz

    commit db85049ac94b5c394d586b6960343bc1286997f1
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:46:36 2022 -0800

        Configured hub networking parameter files

    commit 8d772e868803d1b712013f7db21044d48ab730d2
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:07:43 2022 -0800

        removed comment from json - not supported

    commit 89cde8d92704f1a41a123af46da6dd90568d99cb
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:56:47 2022 -0800

        Configuring Policies for deployment to Test enviornment

    commit ba781ee844a4abd403071e072645988b63ada494
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:40:53 2022 -0800

        added a default security Group

    commit 1269da21e08fdf4c29a53b38a4d18722c64461e0
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:26:14 2022 -0800

        setting up logging for my test environment

    commit 4d6a41f4133380223f5895dba270cbce4ae5a39b
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:13:08 2022 -0800

        testing the path to the logging configuraiton file

    commit 75d0b99caf6aed5f809c28566cad35569d78be58
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:00:14 2022 -0800

        added the full path to the logging parameters file

    commit 32e8382bcb8deaaaab0c7bc1c2791483ef439971
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:55:00 2022 -0800

        path to logging parameters file was incorrect

    commit 5757d36a486e7f3b707f00848d19cfe64de83358
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:37:20 2022 -0800

        Changed MG Root to match test enviornment

    commit 1fdd02db1638420decf5ab021fb617b95920aada
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:09:46 2022 -0800

        Adding config file for IdentityLZ branch

    * PowerShell Deployment Files created

    * GitHub Action Pipelines modified to add the Identity Archetype

    * made the Identity GitHub Action optional

    * put the boolean option in single quotes

    * fixed a few bugs (BCP321 & references to the wrong tenant)

    * changed the sub id for the logging subscription

    * Removed the hardcoded reference to the LAW in the identity param file

    * updated the param file with the LAW ID

    * disabled private dns zone deployment in the identity sub

    * removed the config files from my custom branch

    * uncommented the validation in the Identity ADO Pipeline

    * removed commented trigger code from ADO Identity Pipeline

    * renenabled the dployment of the DNSPrivateEndPoints policyset

    * removed the provider registration for containerservices in the deploy-identity-pipeline yaml

    * added an explanation comment to the dnsforwardingruleset file

    * Added telemetry tracking  for the identity subscription

    * fixed cut and paste errors

    * Updated test cases & documentation

    * added the consistency check & pull request checks for github actions

    * fixed spelling error

commit 5337654
Author: Barrington Willis <[email protected]>
Date:   Fri Feb 24 12:57:36 2023 -0800

    Fixed Linter warnings & build errors (Azure#354)

    * Fixed BCP321 Linter warning in networking files

    * Fixed Role Definition Id References to use the ResourceId function

    * changed the pOlicyScopedId var to be set by using the MGResourceID Function

    * fixed BCP321 warning

    * fixed the remaining linter warnings

    * fixed the remaining linter errors in the policy definitions

    * updated the linter rules

    * Fixed Bug on policy defnition

    * Fixed the AKS policy deployment

    * Commit 95556ddd: changed the extensionResourceId function to tenantResourceId for all built-in polify definitions

    * fixed linter warnings in policy files

    * changed the invalid dummy service alert phone number to a valid phone number

    * changed the servcie health number prefix to 604

    * updated AKS version in the Data Archetypes

    * Changed hte AKS version to only have the Major.Minor

    * Added the patch version to the AKS versions in the Data Archetypes

commit 0fa01e8
Author: Luke Murray <[email protected]>
Date:   Tue Feb 7 12:26:03 2023 +1300

    Updated documents, from docs.microsoft.com - to Learn. (Azure#350)

    Updated documents, from docs.microsoft.com - to Learn.

commit e44c7ea
Author: Obay <[email protected]>
Date:   Wed Nov 30 19:14:57 2022 -0800

    Update hubnetwork-azfw.md (Azure#345)

    Having domain controllers under the "Connectivity" subscription is an anti-pattern that causes confusion to users.

    Co-authored-by: Barrington Willis <[email protected]>

commit 12cd557
Author: Steve Keeler <[email protected]>
Date:   Wed Nov 30 21:27:08 2022 -0500

    Add Barry to code owners list (Azure#346)

commit c714e65
Author: Steve Keeler <[email protected]>
Date:   Fri Oct 14 15:48:33 2022 -0400

    Update CODEOWNERS (Azure#344)

    Adding Barry Willis and Kevin Evans to the CODEOWNERS file for the entire repo

commit b8a9bc9
Author: Steve Keeler <[email protected]>
Date:   Thu Sep 1 15:31:28 2022 -0400

    Version August 2022 schema changes (Azure#342)

commit 5851a09
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:50:15 2022 -0400

    Revised Event Hub Diagnostic Settings policy (Azure#339)

commit e5fe399
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:37:43 2022 -0400

    Update diagnostic settings profile name (Azure#337)

commit db52627
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:17:12 2022 -0400

    Suppress false positive linter warning: secure-secrets-in-params (Azure#335)

commit 2a6042d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:59:13 2022 -0400

    Network security group support for private endpoints subnet (Azure#333)

commit e069a4b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:28:39 2022 -0400

    Support data collection rule (Azure#331)

commit c2afa0d
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Aug 8 15:42:22 2022 -0400

    Support azkms.core.windows.net and IPs in firewall allow list (Azure#329)

commit a7f521d
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:31:56 2022 -0400

    Add missing log categories in diagnostic settings for Azure Firewall (Azure#324)

commit 60198bc
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:11:10 2022 -0400

    Resolve linter warning: prefer-unquoted-property-names (Azure#322)

commit a4e53ff
Author: Sabyasachi Dasgupta <[email protected]>
Date:   Mon Jul 18 16:44:01 2022 -0400

    Update machinelearning.md (Azure#327)

commit 8fc587a
Author: Ifyagolu <[email protected]>
Date:   Fri Jun 24 17:05:28 2022 -0400

    Fix typo in onboarding guidance (Azure#320)

commit e9a0962
Author: Islam Gomaa <[email protected]>
Date:   Fri May 27 16:13:52 2022 -0400

    Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (Azure#313)

commit 2b11801
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu May 19 10:38:55 2022 -0400

    Add service health notification info (Azure#310)

commit bce747c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 18 09:29:03 2022 -0400

    Update resource group names for Logging & Networking (Azure#309)

    Remove `-rg` suffix

commit 6765c48
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 17 15:14:33 2022 -0400

    Serial defender plan deployments & revised resource/resource group names (Azure#307)

commit 62adb00
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 13:53:37 2022 -0400

    Log Analytics solutions for SQL servers on machines (Azure#303)

commit c1a3b99
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 09:26:47 2022 -0400

    Flexible policy deployment using PowerShell & GitHub Actions (Azure#300)

commit 0ce5c1a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 12:19:01 2022 -0400

    Disable fail fast for matrix deployments (Azure#297)

commit c078a79
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 11:19:43 2022 -0400

    Concurrent role deployment with PowerShell & GitHub Actions (Azure#299)

commit 31a214a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 10:39:08 2022 -0400

    Disable metrics in diagnostic settings for AKS through Policy (Azure#295)

commit 6a90a2f
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 11 10:56:26 2022 -0400

    Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (Azure#289)

commit c413307
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 16:46:06 2022 -0400

    Ensure multiple subscriptions can be moved to a management in parallel (Azure#288)

    Ensure deployment name for moving subscription is unique

commit 93d2f13
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 14:53:18 2022 -0400

    Support jobs in GitHub Actions  (Azure#286)

commit 31e8d0a
Author: Steve Keeler <[email protected]>
Date:   Tue May 10 12:30:36 2022 -0400

    Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (Azure#285)

commit 229b144
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 20:41:06 2022 -0400

    Fix DeploySubscriptionIds parameter type casting (Azure#282)

commit 799ad52
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 20:10:33 2022 -0400

    Pass-thru secure strings as-is until ready for use (Azure#281)

commit a9c9419
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 17:11:12 2022 -0400

    Add environment configuration override and protect sensitive parameters (Azure#280)

commit ce6c27f
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 11:23:57 2022 -0400

    Support schema validation (Azure#277)

commit 1d8dbd7
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 08:07:26 2022 -0400

    GitHub workflow implementation (Azure#276)

    Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector

commit 08d8f92
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 2 16:03:02 2022 -0400

    Deployment flow diagram (Azure#274)

commit db098e1
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 22:37:58 2022 -0400

    Powershell deployment script for archetypes (Azure#273)

    Support for deploying subscriptions

commit 15c2847
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 16:29:22 2022 -0400

    PowerShell deployment scripts (Azure#271)

commit 3522571
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 18:10:23 2022 -0400

    Snapshot ARM parameters JSON schemas (Azure#268)

commit 60f3b59
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 17:29:58 2022 -0400

    Organize deployment parameters for Hub Networking with NVA (Azure#266)

commit 926521a
Author: ghostme <[email protected]>
Date:   Wed Apr 27 15:20:08 2022 -0400

    Updated documentation  (Azure#267)

commit d68824a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:32:25 2022 -0400

    Organize deployment parameters for Hub Networking with Azure Firewall (Azure#265)

commit 2bc196a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:03:31 2022 -0400

    Support for optional subnets in Machine Learning & Healthcare archetypes (Azure#264)

commit b33cd36
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Apr 21 09:32:43 2022 -0400

    Update common.yml example (Azure#262)

commit 3008353
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 12:44:45 2022 -0400

    Removed extra configuration files (Azure#260)

commit 1ee5b9e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:56:14 2022 -0400

    Revise subnet configuration for Healthcare archetype (Azure#256)

commit 72fe50d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:43:09 2022 -0400

    Revise subnet configuration for Machine Learning archetype (Azure#254)

commit 7083377
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:38:07 2022 -0400

    Revise subnet configuration for Generic Subscription archetype (Azure#252)

commit 3d9c60d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:30:10 2022 -0400

    Migrate Networking configuration to JSON parameters file (Azure#250)

commit 38fc344
Author: Mohamed Sharaf <[email protected]>
Date:   Wed Apr 20 10:29:52 2022 -0400

    Azure Active Directory support for Synapse (Azure#259)

commit 89613db
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 21:31:06 2022 -0400

    Include new Databricks' log categories for diagnostic settings (Azure#248)

    Add new databricks' log categories for diagnostic settings

commit 700eb96
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 17:33:12 2022 -0400

    Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (Azure#246)

    Update Private DNS Zone policy to support multiple dnsZoneConfigs

commit 1c37279
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 11 11:24:00 2022 -0400

    Support logging infrastructure for multiple regions in same subscription (Azure#244)

    Ensure subscription scoped deployments are unique per region

commit 0e258f9
Author: Steve Keeler <[email protected]>
Date:   Sat Apr 9 13:50:50 2022 -0400

    Update azure-devops-pipelines.md (Azure#242)

commit bfe1f58
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 11:31:52 2022 -0400

    Migrate Logging configuration to JSON parameters file  (Azure#236)

commit cc5f017
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 10:26:12 2022 -0400

    PBMM & HITRUST/HIPAA policy update (Azure#238)

commit 3259994
Author: Steve Keeler <[email protected]>
Date:   Tue Apr 5 14:41:17 2022 -0400

    Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script Azure#233 (Azure#234)

commit cb96311
Author: ccmsft <[email protected]>
Date:   Mon Apr 4 09:39:17 2022 -0400

    Updating recommendations to reflect licensing reqs (Azure#229)

commit 3ce2cf8
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 1 22:49:44 2022 -0400

    Use built-in policy for Cosmos DB for Defender Plan (Azure#232)

    * Use built-in policy for Cosmos DB for Defender Plan

    * Add branch config

    * Remove branch config

commit d2f959a
Author: ghostme <[email protected]>
Date:   Fri Apr 1 10:05:21 2022 -0400

    Update networking documentation for generic subscription archetype (Azure#230)

commit 575440e
Author: ccmsft <[email protected]>
Date:   Wed Mar 30 23:36:35 2022 -0400

    Initial GC 30-day cloud guardrails compliance/guidance (Azure#226)

    Initial GC 30-day cloud guardrails doc

commit 6b36096
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 22:40:17 2022 -0400

    Externalize Log Analytics Workspace parameters when loading pipeline variables (Azure#220)

    Externalize the log analytics parameters to load arbitary LAW variables

commit 0210df4
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 21:51:30 2022 -0400

    Flexible policy assignment parameters JSON files (Azure#222)

commit f25f957
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 20:57:07 2022 -0400

    Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (Azure#228)

    * Change Cosmos DB namespace to Microsoft.DocumentDB

    * Add branch config

    * Remove branch config

commit 453a0f8
Author: Steve Keeler <[email protected]>
Date:   Wed Mar 30 19:00:07 2022 -0400

    Improve `delete-management-groups.bat` script (Azure#224)

commit 2e5a56b
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 24 09:02:36 2022 -0400

    Fix formatting (Azure#218)

commit bf5e94b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 23:01:02 2022 -0400

    Add instructions for customizing policy set assignments (Azure#215)

commit 0538d4d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:57:00 2022 -0400

    Document delete lock usage (Azure#216)

    Document when and where delete locks are used

commit 789b18a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:49:24 2022 -0400

    Update OZ subnet name to App Management Zone (Azure#217)

commit 97c2904
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Mar 11 21:59:40 2022 -0500

    Backward compatibility when setting pipeline variables from management group hierarchy  (Azure#213)

commit 30b9cc2
Author: Adil Ha <[email protected]>
Date:   Fri Mar 11 11:26:31 2022 -0500

    fixing doc typo in hubnetwork-azfw (Azure#211)

    Co-authored-by: Adil Ha <[email protected]>

commit 27363b7
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 13:04:13 2022 -0500

    Support Defender Plan for Cosmos DB (Azure#200)

    Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB

commit 81eccd1
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 12:48:45 2022 -0500

    Delete Lock for Log Analytics Workspace resource group (Azure#205)

    Add delete lock for LAW RG

commit 678355f
Author: Steve Keeler <[email protected]>
Date:   Sat Mar 5 11:03:46 2022 -0500

    Fix pipeline scripts reference to `subscription-ci` (Azure#207)

commit 5753cf0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:44:31 2022 -0500

    Ensure values from multiline variables are properly logged (Azure#202)

    Print multi-line environment variables (typically JSON objects) in Show Variables step

commit d6b1c08
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:09:47 2022 -0500

    Revise subscription deployment instructions (Azure#201)

    * Redirect subscriptoin configuration guidance to archetype authoring guide doc
    * Revise instructions for creating ARM parameter files & management group id selection

commit 5e7322e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 2 08:22:35 2022 -0500

    Instructions for backfilling management group hierarchy (Azure#197)

    * Add instructions for backfilling management group hierarchy

    * Update section titles, links and reference backfill instruction as part of MG setup

    * Instructions for installing AzCLI and jq

    * Clearfy that Tenant Root Group could have been renamed in the organization

    * Windows Shell example

    * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used

    * Note on YAML indentation

commit 5d33909
Author: Preston K. Parsard <[email protected]>
Date:   Tue Mar 1 10:46:04 2022 -0500

    subscription(generic): add instructions for configuring parameters (Azure#193)

commit 17846c4
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 20:30:20 2022 -0500

    Show Variables fix (Azure#191)

commit c62dcfc
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 16:50:20 2022 -0500

    Configurable management group hierarchy (Azure#186)

    Implement configurable management group hierarchy

commit 9a141f7
Author: Preston K. Parsard <[email protected]>
Date:   Sat Feb 26 19:45:35 2022 -0500

    Update onboarding document

    Co-authored-by: Preston K. Parsard <[email protected]>

commit 6b6ef29
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Feb 26 18:22:48 2022 -0500

    Snapshot JSON schemas to v0.4.0 (Azure#182)

commit 4dd1f4a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 23 15:39:43 2022 -0500

    Update onboarding doc for logging & networking management group settings (Azure#177)

    * Fix markdown linter warnings
    * Add instruction for logging and networking MGs

commit 5d7eec3
Author: Steve Keeler <[email protected]>
Date:   Wed Feb 23 12:51:20 2022 -0500

    Update `create-pipelines.bat` onboarding script to auto-provision environment (Azure#178)

commit 488fc6e
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Feb 22 09:05:20 2022 -0500

    Instructions for Azure DevOps Environments (Azure#175)

    * Instructions for creating ADO pipeline environments

    * Fix formatting

commit edabd87
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 17 23:29:42 2022 -0500

    Support for Tag inheritance from Subscription to Resource Group (Azure#161)

    * Add policy and policy set to inherit tags from subscription to resource group

    * Add branch config for testing

    * Remove policy type as it's not built in

    * Updated resource type for resource group

    * Update policy assignment

    * Ensure assignment name is <= 24 chars

    * Revert resource group type

    * Setting mode to all

    * Update documentation

    * Add branch config

    * Add explicit dependsOn for subscription scaffolding to complete

    * Update test deployment parameters

    * Remove explicit dependsOn for subscription scaffolding to complete

    * Update doc to describe approaches for adding tags to RGs

    * Reduce the options for tagging resources given subscripton to RG tagging is available

    * Add example scenarios for tag inheritence

    * Fix typo

    * Remove branch configs

    * Resolve linter error: no-loc-expr-outside-params

commit e71ed26
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 16 20:09:19 2022 -0500

    Linter: no-loc-expr-outside-params - ensure compliance (Azure#169)

    * Update linter rules for location parameter

    * Add location parameter with default value based on resourceGroup() or deployment()

    * Update archetype schema and docs for location

    * Add branch config for testing

    * Update AKS version

    * Update branch config

    * Remove branch configs

commit 6061fa0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 16:49:42 2022 -0500

    Repository clean up (Azure#165)

    * Remove obsolete directory

    * Rotate resource group names for E2E deployments

    * Fix typo

    * Add branch config for testing

    * Fix typo

    * Remove branch configs

    * Remove timestamp from sample JSON templates.  Timestamps are kept for E2E testing.

    * Remove date stamp

commit 5104f39
Author: Steve Keeler <[email protected]>
Date:   Thu Feb 10 09:08:17 2022 -0500

    Update DevOps Onboarding section of main readme (Azure#162)

commit 209f61c
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 09:06:31 2022 -0500

    Update Deployment Script's Azure CLI version to 2.32.0 (Azure#164)

    Update Azure CLI version to 2.32.0

commit d7d5257
Author: Steve Keeler <[email protected]>
Date:   Mon Feb 7 13:51:17 2022 -0500

    Issue Azure#157 - Update scripts documentation (Azure#158)

    Update scripts documentation (Issue Azure#157)
    Update docs/onboarding/azure-devops-scripts.md
    Co-authored-by: Senthuran Sivananthan <[email protected]>

commit b628c68
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Feb 4 12:42:31 2022 -0500

    Enhance PBMM policy assignment to disable diagnostic settings metrics (Azure#156)

    Ensure diagnostic settings policy only checks for logs

commit 61afd59
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Jan 31 12:52:09 2022 -0500

    Snapshot landing zone schema to v0.3.0 (Azure#152)

commit 09f09ed
Author: Steve Keeler <[email protected]>
Date:   Mon Jan 31 09:20:20 2022 -0500

    Automation scripts for Azure DevOps onboarding (Azure#151)

    Implement Azure#150, scripts and documentation

commit 82dd826
Author: SlavaRoikhman <[email protected]>
Date:   Thu Jan 27 13:32:41 2022 -0500

    Removed 'privatelink.monitor.azure.com' from Private DNS Zones (Azure#149)

commit 73ce2eb
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 23:23:45 2022 -0500

    Flexible policy assignment scope (Azure#147)

    * Add deployment scope for policy assignment

    * Add branch test config

    * Set new parameter for policy assignment scope:  var-policyAssignmentManagementGroupId

    * Update pipeline for new var

    * Add separate scope for testing

    * Update pipeline parameter name

    * Ensure new temp file is created to populate the parameters.

    * Remove test job

    * Remove branch config

    * Update readme

    * Update authoring guide with new parameter

commit c71051b
Author: hudua <[email protected]>
Date:   Fri Jan 21 14:21:08 2022 -0500

    Private Endpoint for App Service (Azure#144)

commit fff245d
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 10:51:43 2022 -0500

    Diagnostic Settings Policies for PaaS services (Azure#143)

    * Add diagnostic settings policies for data services

    * Add branch config for testing

    * Add missing types for auditing

    * Add diagnostic setting policies for compute services

    * Add diagnostic setting policies for integration services

    * Add diagnostic setting policies for network services

    * Remove policy for ACI since it doesn't have logs to collect

    * Remove extra resource type

    * Set region to 'global' for edge services

    * Remove branch config. used for testing

    * Updated App Service log categories

    * Add branch config

    * Remove branch config
wanpengyang added a commit to cds-snc/CanadaPubSecALZ that referenced this pull request Mar 19, 2024
commit 8fc587a
Author: Ifyagolu <[email protected]>
Date:   Fri Jun 24 17:05:28 2022 -0400

    Fix typo in onboarding guidance (Azure#320)

commit e9a0962
Author: Islam Gomaa <[email protected]>
Date:   Fri May 27 16:13:52 2022 -0400

    Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (Azure#313)

commit 2b11801
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu May 19 10:38:55 2022 -0400

    Add service health notification info (Azure#310)

commit bce747c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 18 09:29:03 2022 -0400

    Update resource group names for Logging & Networking (Azure#309)

    Remove `-rg` suffix

commit 6765c48
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 17 15:14:33 2022 -0400

    Serial defender plan deployments & revised resource/resource group names (Azure#307)

commit 62adb00
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 13:53:37 2022 -0400

    Log Analytics solutions for SQL servers on machines (Azure#303)

commit c1a3b99
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 09:26:47 2022 -0400

    Flexible policy deployment using PowerShell & GitHub Actions (Azure#300)

commit 0ce5c1a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 12:19:01 2022 -0400

    Disable fail fast for matrix deployments (Azure#297)

commit c078a79
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 11:19:43 2022 -0400

    Concurrent role deployment with PowerShell & GitHub Actions (Azure#299)

commit 31a214a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 10:39:08 2022 -0400

    Disable metrics in diagnostic settings for AKS through Policy (Azure#295)

commit 6a90a2f
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 11 10:56:26 2022 -0400

    Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (Azure#289)

commit c413307
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 16:46:06 2022 -0400

    Ensure multiple subscriptions can be moved to a management in parallel (Azure#288)

    Ensure deployment name for moving subscription is unique

commit 93d2f13
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 14:53:18 2022 -0400

    Support jobs in GitHub Actions  (Azure#286)

commit 31e8d0a
Author: Steve Keeler <[email protected]>
Date:   Tue May 10 12:30:36 2022 -0400

    Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (Azure#285)

commit 229b144
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 20:41:06 2022 -0400

    Fix DeploySubscriptionIds parameter type casting (Azure#282)

commit 799ad52
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 20:10:33 2022 -0400

    Pass-thru secure strings as-is until ready for use (Azure#281)

commit a9c9419
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 17:11:12 2022 -0400

    Add environment configuration override and protect sensitive parameters (Azure#280)

commit ce6c27f
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 11:23:57 2022 -0400

    Support schema validation (Azure#277)

commit 1d8dbd7
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 08:07:26 2022 -0400

    GitHub workflow implementation (Azure#276)

    Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector

commit 08d8f92
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 2 16:03:02 2022 -0400

    Deployment flow diagram (Azure#274)

commit db098e1
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 22:37:58 2022 -0400

    Powershell deployment script for archetypes (Azure#273)

    Support for deploying subscriptions

commit 15c2847
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 16:29:22 2022 -0400

    PowerShell deployment scripts (Azure#271)

commit 3522571
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 18:10:23 2022 -0400

    Snapshot ARM parameters JSON schemas (Azure#268)

commit 60f3b59
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 17:29:58 2022 -0400

    Organize deployment parameters for Hub Networking with NVA (Azure#266)

commit 926521a
Author: ghostme <[email protected]>
Date:   Wed Apr 27 15:20:08 2022 -0400

    Updated documentation  (Azure#267)

commit d68824a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:32:25 2022 -0400

    Organize deployment parameters for Hub Networking with Azure Firewall (Azure#265)

commit 2bc196a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:03:31 2022 -0400

    Support for optional subnets in Machine Learning & Healthcare archetypes (Azure#264)

commit b33cd36
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Apr 21 09:32:43 2022 -0400

    Update common.yml example (Azure#262)

commit 3008353
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 12:44:45 2022 -0400

    Removed extra configuration files (Azure#260)

commit 1ee5b9e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:56:14 2022 -0400

    Revise subnet configuration for Healthcare archetype (Azure#256)

commit 72fe50d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:43:09 2022 -0400

    Revise subnet configuration for Machine Learning archetype (Azure#254)

commit 7083377
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:38:07 2022 -0400

    Revise subnet configuration for Generic Subscription archetype (Azure#252)

commit 3d9c60d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:30:10 2022 -0400

    Migrate Networking configuration to JSON parameters file (Azure#250)

commit 38fc344
Author: Mohamed Sharaf <[email protected]>
Date:   Wed Apr 20 10:29:52 2022 -0400

    Azure Active Directory support for Synapse (Azure#259)

commit 89613db
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 21:31:06 2022 -0400

    Include new Databricks' log categories for diagnostic settings (Azure#248)

    Add new databricks' log categories for diagnostic settings

commit 700eb96
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 17:33:12 2022 -0400

    Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (Azure#246)

    Update Private DNS Zone policy to support multiple dnsZoneConfigs

commit 1c37279
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 11 11:24:00 2022 -0400

    Support logging infrastructure for multiple regions in same subscription (Azure#244)

    Ensure subscription scoped deployments are unique per region

commit 0e258f9
Author: Steve Keeler <[email protected]>
Date:   Sat Apr 9 13:50:50 2022 -0400

    Update azure-devops-pipelines.md (Azure#242)

commit bfe1f58
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 11:31:52 2022 -0400

    Migrate Logging configuration to JSON parameters file  (Azure#236)

commit cc5f017
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 10:26:12 2022 -0400

    PBMM & HITRUST/HIPAA policy update (Azure#238)

commit 3259994
Author: Steve Keeler <[email protected]>
Date:   Tue Apr 5 14:41:17 2022 -0400

    Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script Azure#233 (Azure#234)

commit cb96311
Author: ccmsft <[email protected]>
Date:   Mon Apr 4 09:39:17 2022 -0400

    Updating recommendations to reflect licensing reqs (Azure#229)

commit 3ce2cf8
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 1 22:49:44 2022 -0400

    Use built-in policy for Cosmos DB for Defender Plan (Azure#232)

    * Use built-in policy for Cosmos DB for Defender Plan

    * Add branch config

    * Remove branch config

commit d2f959a
Author: ghostme <[email protected]>
Date:   Fri Apr 1 10:05:21 2022 -0400

    Update networking documentation for generic subscription archetype (Azure#230)

commit 575440e
Author: ccmsft <[email protected]>
Date:   Wed Mar 30 23:36:35 2022 -0400

    Initial GC 30-day cloud guardrails compliance/guidance (Azure#226)

    Initial GC 30-day cloud guardrails doc

commit 6b36096
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 22:40:17 2022 -0400

    Externalize Log Analytics Workspace parameters when loading pipeline variables (Azure#220)

    Externalize the log analytics parameters to load arbitary LAW variables

commit 0210df4
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 21:51:30 2022 -0400

    Flexible policy assignment parameters JSON files (Azure#222)

commit f25f957
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 20:57:07 2022 -0400

    Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (Azure#228)

    * Change Cosmos DB namespace to Microsoft.DocumentDB

    * Add branch config

    * Remove branch config

commit 453a0f8
Author: Steve Keeler <[email protected]>
Date:   Wed Mar 30 19:00:07 2022 -0400

    Improve `delete-management-groups.bat` script (Azure#224)

commit 2e5a56b
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 24 09:02:36 2022 -0400

    Fix formatting (Azure#218)

commit bf5e94b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 23:01:02 2022 -0400

    Add instructions for customizing policy set assignments (Azure#215)

commit 0538d4d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:57:00 2022 -0400

    Document delete lock usage (Azure#216)

    Document when and where delete locks are used

commit 789b18a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:49:24 2022 -0400

    Update OZ subnet name to App Management Zone (Azure#217)

commit 97c2904
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Mar 11 21:59:40 2022 -0500

    Backward compatibility when setting pipeline variables from management group hierarchy  (Azure#213)

commit 30b9cc2
Author: Adil Ha <[email protected]>
Date:   Fri Mar 11 11:26:31 2022 -0500

    fixing doc typo in hubnetwork-azfw (Azure#211)

    Co-authored-by: Adil Ha <[email protected]>

commit 27363b7
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 13:04:13 2022 -0500

    Support Defender Plan for Cosmos DB (Azure#200)

    Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB

commit 81eccd1
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 12:48:45 2022 -0500

    Delete Lock for Log Analytics Workspace resource group (Azure#205)

    Add delete lock for LAW RG

commit 678355f
Author: Steve Keeler <[email protected]>
Date:   Sat Mar 5 11:03:46 2022 -0500

    Fix pipeline scripts reference to `subscription-ci` (Azure#207)

commit 5753cf0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:44:31 2022 -0500

    Ensure values from multiline variables are properly logged (Azure#202)

    Print multi-line environment variables (typically JSON objects) in Show Variables step

commit d6b1c08
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:09:47 2022 -0500

    Revise subscription deployment instructions (Azure#201)

    * Redirect subscriptoin configuration guidance to archetype authoring guide doc
    * Revise instructions for creating ARM parameter files & management group id selection

commit 5e7322e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 2 08:22:35 2022 -0500

    Instructions for backfilling management group hierarchy (Azure#197)

    * Add instructions for backfilling management group hierarchy

    * Update section titles, links and reference backfill instruction as part of MG setup

    * Instructions for installing AzCLI and jq

    * Clearfy that Tenant Root Group could have been renamed in the organization

    * Windows Shell example

    * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used

    * Note on YAML indentation

commit 5d33909
Author: Preston K. Parsard <[email protected]>
Date:   Tue Mar 1 10:46:04 2022 -0500

    subscription(generic): add instructions for configuring parameters (Azure#193)

commit 17846c4
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 20:30:20 2022 -0500

    Show Variables fix (Azure#191)

commit c62dcfc
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 16:50:20 2022 -0500

    Configurable management group hierarchy (Azure#186)

    Implement configurable management group hierarchy

commit 9a141f7
Author: Preston K. Parsard <[email protected]>
Date:   Sat Feb 26 19:45:35 2022 -0500

    Update onboarding document

    Co-authored-by: Preston K. Parsard <[email protected]>

commit 6b6ef29
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Feb 26 18:22:48 2022 -0500

    Snapshot JSON schemas to v0.4.0 (Azure#182)

commit 4dd1f4a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 23 15:39:43 2022 -0500

    Update onboarding doc for logging & networking management group settings (Azure#177)

    * Fix markdown linter warnings
    * Add instruction for logging and networking MGs

commit 5d7eec3
Author: Steve Keeler <[email protected]>
Date:   Wed Feb 23 12:51:20 2022 -0500

    Update `create-pipelines.bat` onboarding script to auto-provision environment (Azure#178)

commit 488fc6e
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Feb 22 09:05:20 2022 -0500

    Instructions for Azure DevOps Environments (Azure#175)

    * Instructions for creating ADO pipeline environments

    * Fix formatting

commit edabd87
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 17 23:29:42 2022 -0500

    Support for Tag inheritance from Subscription to Resource Group (Azure#161)

    * Add policy and policy set to inherit tags from subscription to resource group

    * Add branch config for testing

    * Remove policy type as it's not built in

    * Updated resource type for resource group

    * Update policy assignment

    * Ensure assignment name is <= 24 chars

    * Revert resource group type

    * Setting mode to all

    * Update documentation

    * Add branch config

    * Add explicit dependsOn for subscription scaffolding to complete

    * Update test deployment parameters

    * Remove explicit dependsOn for subscription scaffolding to complete

    * Update doc to describe approaches for adding tags to RGs

    * Reduce the options for tagging resources given subscripton to RG tagging is available

    * Add example scenarios for tag inheritence

    * Fix typo

    * Remove branch configs

    * Resolve linter error: no-loc-expr-outside-params

commit e71ed26
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 16 20:09:19 2022 -0500

    Linter: no-loc-expr-outside-params - ensure compliance (Azure#169)

    * Update linter rules for location parameter

    * Add location parameter with default value based on resourceGroup() or deployment()

    * Update archetype schema and docs for location

    * Add branch config for testing

    * Update AKS version

    * Update branch config

    * Remove branch configs

commit 6061fa0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 16:49:42 2022 -0500

    Repository clean up (Azure#165)

    * Remove obsolete directory

    * Rotate resource group names for E2E deployments

    * Fix typo

    * Add branch config for testing

    * Fix typo

    * Remove branch configs

    * Remove timestamp from sample JSON templates.  Timestamps are kept for E2E testing.

    * Remove date stamp

commit 5104f39
Author: Steve Keeler <[email protected]>
Date:   Thu Feb 10 09:08:17 2022 -0500

    Update DevOps Onboarding section of main readme (Azure#162)

commit 209f61c
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 09:06:31 2022 -0500

    Update Deployment Script's Azure CLI version to 2.32.0 (Azure#164)

    Update Azure CLI version to 2.32.0

commit d7d5257
Author: Steve Keeler <[email protected]>
Date:   Mon Feb 7 13:51:17 2022 -0500

    Issue Azure#157 - Update scripts documentation (Azure#158)

    Update scripts documentation (Issue Azure#157)
    Update docs/onboarding/azure-devops-scripts.md
    Co-authored-by: Senthuran Sivananthan <[email protected]>

commit b628c68
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Feb 4 12:42:31 2022 -0500

    Enhance PBMM policy assignment to disable diagnostic settings metrics (Azure#156)

    Ensure diagnostic settings policy only checks for logs

commit 61afd59
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Jan 31 12:52:09 2022 -0500

    Snapshot landing zone schema to v0.3.0 (Azure#152)

commit 09f09ed
Author: Steve Keeler <[email protected]>
Date:   Mon Jan 31 09:20:20 2022 -0500

    Automation scripts for Azure DevOps onboarding (Azure#151)

    Implement Azure#150, scripts and documentation

commit 82dd826
Author: SlavaRoikhman <[email protected]>
Date:   Thu Jan 27 13:32:41 2022 -0500

    Removed 'privatelink.monitor.azure.com' from Private DNS Zones (Azure#149)

commit 73ce2eb
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 23:23:45 2022 -0500

    Flexible policy assignment scope (Azure#147)

    * Add deployment scope for policy assignment

    * Add branch test config

    * Set new parameter for policy assignment scope:  var-policyAssignmentManagementGroupId

    * Update pipeline for new var

    * Add separate scope for testing

    * Update pipeline parameter name

    * Ensure new temp file is created to populate the parameters.

    * Remove test job

    * Remove branch config

    * Update readme

    * Update authoring guide with new parameter

commit c71051b
Author: hudua <[email protected]>
Date:   Fri Jan 21 14:21:08 2022 -0500

    Private Endpoint for App Service (Azure#144)

commit fff245d
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 10:51:43 2022 -0500

    Diagnostic Settings Policies for PaaS services (Azure#143)

    * Add diagnostic settings policies for data services

    * Add branch config for testing

    * Add missing types for auditing

    * Add diagnostic setting policies for compute services

    * Add diagnostic setting policies for integration services

    * Add diagnostic setting policies for network services

    * Remove policy for ACI since it doesn't have logs to collect

    * Remove extra resource type

    * Set region to 'global' for edge services

    * Remove branch config. used for testing

    * Updated App Service log categories

    * Add branch config

    * Remove branch config
wanpengyang added a commit to cds-snc/CanadaPubSecALZ that referenced this pull request Mar 20, 2024
commit b8a9bc9
Author: Steve Keeler <[email protected]>
Date:   Thu Sep 1 15:31:28 2022 -0400

    Version August 2022 schema changes (Azure#342)

commit 5851a09
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:50:15 2022 -0400

    Revised Event Hub Diagnostic Settings policy (Azure#339)

commit e5fe399
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:37:43 2022 -0400

    Update diagnostic settings profile name (Azure#337)

commit db52627
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:17:12 2022 -0400

    Suppress false positive linter warning: secure-secrets-in-params (Azure#335)

commit 2a6042d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:59:13 2022 -0400

    Network security group support for private endpoints subnet (Azure#333)

commit e069a4b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:28:39 2022 -0400

    Support data collection rule (Azure#331)

commit c2afa0d
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Aug 8 15:42:22 2022 -0400

    Support azkms.core.windows.net and IPs in firewall allow list (Azure#329)

commit a7f521d
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:31:56 2022 -0400

    Add missing log categories in diagnostic settings for Azure Firewall (Azure#324)

commit 60198bc
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:11:10 2022 -0400

    Resolve linter warning: prefer-unquoted-property-names (Azure#322)

commit a4e53ff
Author: Sabyasachi Dasgupta <[email protected]>
Date:   Mon Jul 18 16:44:01 2022 -0400

    Update machinelearning.md (Azure#327)

commit 8fc587a
Author: Ifyagolu <[email protected]>
Date:   Fri Jun 24 17:05:28 2022 -0400

    Fix typo in onboarding guidance (Azure#320)

commit e9a0962
Author: Islam Gomaa <[email protected]>
Date:   Fri May 27 16:13:52 2022 -0400

    Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (Azure#313)

commit 2b11801
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu May 19 10:38:55 2022 -0400

    Add service health notification info (Azure#310)

commit bce747c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 18 09:29:03 2022 -0400

    Update resource group names for Logging & Networking (Azure#309)

    Remove `-rg` suffix

commit 6765c48
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 17 15:14:33 2022 -0400

    Serial defender plan deployments & revised resource/resource group names (Azure#307)

commit 62adb00
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 13:53:37 2022 -0400

    Log Analytics solutions for SQL servers on machines (Azure#303)

commit c1a3b99
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 09:26:47 2022 -0400

    Flexible policy deployment using PowerShell & GitHub Actions (Azure#300)

commit 0ce5c1a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 12:19:01 2022 -0400

    Disable fail fast for matrix deployments (Azure#297)

commit c078a79
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 11:19:43 2022 -0400

    Concurrent role deployment with PowerShell & GitHub Actions (Azure#299)

commit 31a214a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 10:39:08 2022 -0400

    Disable metrics in diagnostic settings for AKS through Policy (Azure#295)

commit 6a90a2f
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 11 10:56:26 2022 -0400

    Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (Azure#289)

commit c413307
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 16:46:06 2022 -0400

    Ensure multiple subscriptions can be moved to a management in parallel (Azure#288)

    Ensure deployment name for moving subscription is unique

commit 93d2f13
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 14:53:18 2022 -0400

    Support jobs in GitHub Actions  (Azure#286)

commit 31e8d0a
Author: Steve Keeler <[email protected]>
Date:   Tue May 10 12:30:36 2022 -0400

    Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (Azure#285)

commit 229b144
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 20:41:06 2022 -0400

    Fix DeploySubscriptionIds parameter type casting (Azure#282)

commit 799ad52
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 20:10:33 2022 -0400

    Pass-thru secure strings as-is until ready for use (Azure#281)

commit a9c9419
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 17:11:12 2022 -0400

    Add environment configuration override and protect sensitive parameters (Azure#280)

commit ce6c27f
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 11:23:57 2022 -0400

    Support schema validation (Azure#277)

commit 1d8dbd7
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 08:07:26 2022 -0400

    GitHub workflow implementation (Azure#276)

    Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector

commit 08d8f92
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 2 16:03:02 2022 -0400

    Deployment flow diagram (Azure#274)

commit db098e1
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 22:37:58 2022 -0400

    Powershell deployment script for archetypes (Azure#273)

    Support for deploying subscriptions

commit 15c2847
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 16:29:22 2022 -0400

    PowerShell deployment scripts (Azure#271)

commit 3522571
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 18:10:23 2022 -0400

    Snapshot ARM parameters JSON schemas (Azure#268)

commit 60f3b59
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 17:29:58 2022 -0400

    Organize deployment parameters for Hub Networking with NVA (Azure#266)

commit 926521a
Author: ghostme <[email protected]>
Date:   Wed Apr 27 15:20:08 2022 -0400

    Updated documentation  (Azure#267)

commit d68824a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:32:25 2022 -0400

    Organize deployment parameters for Hub Networking with Azure Firewall (Azure#265)

commit 2bc196a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:03:31 2022 -0400

    Support for optional subnets in Machine Learning & Healthcare archetypes (Azure#264)

commit b33cd36
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Apr 21 09:32:43 2022 -0400

    Update common.yml example (Azure#262)

commit 3008353
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 12:44:45 2022 -0400

    Removed extra configuration files (Azure#260)

commit 1ee5b9e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:56:14 2022 -0400

    Revise subnet configuration for Healthcare archetype (Azure#256)

commit 72fe50d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:43:09 2022 -0400

    Revise subnet configuration for Machine Learning archetype (Azure#254)

commit 7083377
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:38:07 2022 -0400

    Revise subnet configuration for Generic Subscription archetype (Azure#252)

commit 3d9c60d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:30:10 2022 -0400

    Migrate Networking configuration to JSON parameters file (Azure#250)

commit 38fc344
Author: Mohamed Sharaf <[email protected]>
Date:   Wed Apr 20 10:29:52 2022 -0400

    Azure Active Directory support for Synapse (Azure#259)

commit 89613db
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 21:31:06 2022 -0400

    Include new Databricks' log categories for diagnostic settings (Azure#248)

    Add new databricks' log categories for diagnostic settings

commit 700eb96
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 17:33:12 2022 -0400

    Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (Azure#246)

    Update Private DNS Zone policy to support multiple dnsZoneConfigs

commit 1c37279
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 11 11:24:00 2022 -0400

    Support logging infrastructure for multiple regions in same subscription (Azure#244)

    Ensure subscription scoped deployments are unique per region

commit 0e258f9
Author: Steve Keeler <[email protected]>
Date:   Sat Apr 9 13:50:50 2022 -0400

    Update azure-devops-pipelines.md (Azure#242)

commit bfe1f58
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 11:31:52 2022 -0400

    Migrate Logging configuration to JSON parameters file  (Azure#236)

commit cc5f017
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 10:26:12 2022 -0400

    PBMM & HITRUST/HIPAA policy update (Azure#238)

commit 3259994
Author: Steve Keeler <[email protected]>
Date:   Tue Apr 5 14:41:17 2022 -0400

    Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script Azure#233 (Azure#234)

commit cb96311
Author: ccmsft <[email protected]>
Date:   Mon Apr 4 09:39:17 2022 -0400

    Updating recommendations to reflect licensing reqs (Azure#229)

commit 3ce2cf8
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 1 22:49:44 2022 -0400

    Use built-in policy for Cosmos DB for Defender Plan (Azure#232)

    * Use built-in policy for Cosmos DB for Defender Plan

    * Add branch config

    * Remove branch config

commit d2f959a
Author: ghostme <[email protected]>
Date:   Fri Apr 1 10:05:21 2022 -0400

    Update networking documentation for generic subscription archetype (Azure#230)

commit 575440e
Author: ccmsft <[email protected]>
Date:   Wed Mar 30 23:36:35 2022 -0400

    Initial GC 30-day cloud guardrails compliance/guidance (Azure#226)

    Initial GC 30-day cloud guardrails doc

commit 6b36096
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 22:40:17 2022 -0400

    Externalize Log Analytics Workspace parameters when loading pipeline variables (Azure#220)

    Externalize the log analytics parameters to load arbitary LAW variables

commit 0210df4
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 21:51:30 2022 -0400

    Flexible policy assignment parameters JSON files (Azure#222)

commit f25f957
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 20:57:07 2022 -0400

    Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (Azure#228)

    * Change Cosmos DB namespace to Microsoft.DocumentDB

    * Add branch config

    * Remove branch config

commit 453a0f8
Author: Steve Keeler <[email protected]>
Date:   Wed Mar 30 19:00:07 2022 -0400

    Improve `delete-management-groups.bat` script (Azure#224)

commit 2e5a56b
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 24 09:02:36 2022 -0400

    Fix formatting (Azure#218)

commit bf5e94b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 23:01:02 2022 -0400

    Add instructions for customizing policy set assignments (Azure#215)

commit 0538d4d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:57:00 2022 -0400

    Document delete lock usage (Azure#216)

    Document when and where delete locks are used

commit 789b18a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:49:24 2022 -0400

    Update OZ subnet name to App Management Zone (Azure#217)

commit 97c2904
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Mar 11 21:59:40 2022 -0500

    Backward compatibility when setting pipeline variables from management group hierarchy  (Azure#213)

commit 30b9cc2
Author: Adil Ha <[email protected]>
Date:   Fri Mar 11 11:26:31 2022 -0500

    fixing doc typo in hubnetwork-azfw (Azure#211)

    Co-authored-by: Adil Ha <[email protected]>

commit 27363b7
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 13:04:13 2022 -0500

    Support Defender Plan for Cosmos DB (Azure#200)

    Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB

commit 81eccd1
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 12:48:45 2022 -0500

    Delete Lock for Log Analytics Workspace resource group (Azure#205)

    Add delete lock for LAW RG

commit 678355f
Author: Steve Keeler <[email protected]>
Date:   Sat Mar 5 11:03:46 2022 -0500

    Fix pipeline scripts reference to `subscription-ci` (Azure#207)

commit 5753cf0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:44:31 2022 -0500

    Ensure values from multiline variables are properly logged (Azure#202)

    Print multi-line environment variables (typically JSON objects) in Show Variables step

commit d6b1c08
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:09:47 2022 -0500

    Revise subscription deployment instructions (Azure#201)

    * Redirect subscriptoin configuration guidance to archetype authoring guide doc
    * Revise instructions for creating ARM parameter files & management group id selection

commit 5e7322e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 2 08:22:35 2022 -0500

    Instructions for backfilling management group hierarchy (Azure#197)

    * Add instructions for backfilling management group hierarchy

    * Update section titles, links and reference backfill instruction as part of MG setup

    * Instructions for installing AzCLI and jq

    * Clearfy that Tenant Root Group could have been renamed in the organization

    * Windows Shell example

    * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used

    * Note on YAML indentation

commit 5d33909
Author: Preston K. Parsard <[email protected]>
Date:   Tue Mar 1 10:46:04 2022 -0500

    subscription(generic): add instructions for configuring parameters (Azure#193)

commit 17846c4
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 20:30:20 2022 -0500

    Show Variables fix (Azure#191)

commit c62dcfc
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 16:50:20 2022 -0500

    Configurable management group hierarchy (Azure#186)

    Implement configurable management group hierarchy

commit 9a141f7
Author: Preston K. Parsard <[email protected]>
Date:   Sat Feb 26 19:45:35 2022 -0500

    Update onboarding document

    Co-authored-by: Preston K. Parsard <[email protected]>

commit 6b6ef29
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Feb 26 18:22:48 2022 -0500

    Snapshot JSON schemas to v0.4.0 (Azure#182)

commit 4dd1f4a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 23 15:39:43 2022 -0500

    Update onboarding doc for logging & networking management group settings (Azure#177)

    * Fix markdown linter warnings
    * Add instruction for logging and networking MGs

commit 5d7eec3
Author: Steve Keeler <[email protected]>
Date:   Wed Feb 23 12:51:20 2022 -0500

    Update `create-pipelines.bat` onboarding script to auto-provision environment (Azure#178)

commit 488fc6e
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Feb 22 09:05:20 2022 -0500

    Instructions for Azure DevOps Environments (Azure#175)

    * Instructions for creating ADO pipeline environments

    * Fix formatting

commit edabd87
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 17 23:29:42 2022 -0500

    Support for Tag inheritance from Subscription to Resource Group (Azure#161)

    * Add policy and policy set to inherit tags from subscription to resource group

    * Add branch config for testing

    * Remove policy type as it's not built in

    * Updated resource type for resource group

    * Update policy assignment

    * Ensure assignment name is <= 24 chars

    * Revert resource group type

    * Setting mode to all

    * Update documentation

    * Add branch config

    * Add explicit dependsOn for subscription scaffolding to complete

    * Update test deployment parameters

    * Remove explicit dependsOn for subscription scaffolding to complete

    * Update doc to describe approaches for adding tags to RGs

    * Reduce the options for tagging resources given subscripton to RG tagging is available

    * Add example scenarios for tag inheritence

    * Fix typo

    * Remove branch configs

    * Resolve linter error: no-loc-expr-outside-params

commit e71ed26
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 16 20:09:19 2022 -0500

    Linter: no-loc-expr-outside-params - ensure compliance (Azure#169)

    * Update linter rules for location parameter

    * Add location parameter with default value based on resourceGroup() or deployment()

    * Update archetype schema and docs for location

    * Add branch config for testing

    * Update AKS version

    * Update branch config

    * Remove branch configs

commit 6061fa0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 16:49:42 2022 -0500

    Repository clean up (Azure#165)

    * Remove obsolete directory

    * Rotate resource group names for E2E deployments

    * Fix typo

    * Add branch config for testing

    * Fix typo

    * Remove branch configs

    * Remove timestamp from sample JSON templates.  Timestamps are kept for E2E testing.

    * Remove date stamp

commit 5104f39
Author: Steve Keeler <[email protected]>
Date:   Thu Feb 10 09:08:17 2022 -0500

    Update DevOps Onboarding section of main readme (Azure#162)

commit 209f61c
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 09:06:31 2022 -0500

    Update Deployment Script's Azure CLI version to 2.32.0 (Azure#164)

    Update Azure CLI version to 2.32.0

commit d7d5257
Author: Steve Keeler <[email protected]>
Date:   Mon Feb 7 13:51:17 2022 -0500

    Issue Azure#157 - Update scripts documentation (Azure#158)

    Update scripts documentation (Issue Azure#157)
    Update docs/onboarding/azure-devops-scripts.md
    Co-authored-by: Senthuran Sivananthan <[email protected]>

commit b628c68
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Feb 4 12:42:31 2022 -0500

    Enhance PBMM policy assignment to disable diagnostic settings metrics (Azure#156)

    Ensure diagnostic settings policy only checks for logs

commit 61afd59
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Jan 31 12:52:09 2022 -0500

    Snapshot landing zone schema to v0.3.0 (Azure#152)

commit 09f09ed
Author: Steve Keeler <[email protected]>
Date:   Mon Jan 31 09:20:20 2022 -0500

    Automation scripts for Azure DevOps onboarding (Azure#151)

    Implement Azure#150, scripts and documentation

commit 82dd826
Author: SlavaRoikhman <[email protected]>
Date:   Thu Jan 27 13:32:41 2022 -0500

    Removed 'privatelink.monitor.azure.com' from Private DNS Zones (Azure#149)

commit 73ce2eb
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 23:23:45 2022 -0500

    Flexible policy assignment scope (Azure#147)

    * Add deployment scope for policy assignment

    * Add branch test config

    * Set new parameter for policy assignment scope:  var-policyAssignmentManagementGroupId

    * Update pipeline for new var

    * Add separate scope for testing

    * Update pipeline parameter name

    * Ensure new temp file is created to populate the parameters.

    * Remove test job

    * Remove branch config

    * Update readme

    * Update authoring guide with new parameter

commit c71051b
Author: hudua <[email protected]>
Date:   Fri Jan 21 14:21:08 2022 -0500

    Private Endpoint for App Service (Azure#144)

commit fff245d
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 10:51:43 2022 -0500

    Diagnostic Settings Policies for PaaS services (Azure#143)

    * Add diagnostic settings policies for data services

    * Add branch config for testing

    * Add missing types for auditing

    * Add diagnostic setting policies for compute services

    * Add diagnostic setting policies for integration services

    * Add diagnostic setting policies for network services

    * Remove policy for ACI since it doesn't have logs to collect

    * Remove extra resource type

    * Set region to 'global' for edge services

    * Remove branch config. used for testing

    * Updated App Service log categories

    * Add branch config

    * Remove branch config
wanpengyang added a commit to cds-snc/CanadaPubSecALZ that referenced this pull request Mar 20, 2024
* Squashed commit of the following:

commit b8a9bc9
Author: Steve Keeler <[email protected]>
Date:   Thu Sep 1 15:31:28 2022 -0400

    Version August 2022 schema changes (Azure#342)

commit 5851a09
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:50:15 2022 -0400

    Revised Event Hub Diagnostic Settings policy (Azure#339)

commit e5fe399
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:37:43 2022 -0400

    Update diagnostic settings profile name (Azure#337)

commit db52627
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:17:12 2022 -0400

    Suppress false positive linter warning: secure-secrets-in-params (Azure#335)

commit 2a6042d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:59:13 2022 -0400

    Network security group support for private endpoints subnet (Azure#333)

commit e069a4b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:28:39 2022 -0400

    Support data collection rule (Azure#331)

commit c2afa0d
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Aug 8 15:42:22 2022 -0400

    Support azkms.core.windows.net and IPs in firewall allow list (Azure#329)

commit a7f521d
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:31:56 2022 -0400

    Add missing log categories in diagnostic settings for Azure Firewall (Azure#324)

commit 60198bc
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:11:10 2022 -0400

    Resolve linter warning: prefer-unquoted-property-names (Azure#322)

commit a4e53ff
Author: Sabyasachi Dasgupta <[email protected]>
Date:   Mon Jul 18 16:44:01 2022 -0400

    Update machinelearning.md (Azure#327)

commit 8fc587a
Author: Ifyagolu <[email protected]>
Date:   Fri Jun 24 17:05:28 2022 -0400

    Fix typo in onboarding guidance (Azure#320)

commit e9a0962
Author: Islam Gomaa <[email protected]>
Date:   Fri May 27 16:13:52 2022 -0400

    Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (Azure#313)

commit 2b11801
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu May 19 10:38:55 2022 -0400

    Add service health notification info (Azure#310)

commit bce747c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 18 09:29:03 2022 -0400

    Update resource group names for Logging & Networking (Azure#309)

    Remove `-rg` suffix

commit 6765c48
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 17 15:14:33 2022 -0400

    Serial defender plan deployments & revised resource/resource group names (Azure#307)

commit 62adb00
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 13:53:37 2022 -0400

    Log Analytics solutions for SQL servers on machines (Azure#303)

commit c1a3b99
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 09:26:47 2022 -0400

    Flexible policy deployment using PowerShell & GitHub Actions (Azure#300)

commit 0ce5c1a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 12:19:01 2022 -0400

    Disable fail fast for matrix deployments (Azure#297)

commit c078a79
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 11:19:43 2022 -0400

    Concurrent role deployment with PowerShell & GitHub Actions (Azure#299)

commit 31a214a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 10:39:08 2022 -0400

    Disable metrics in diagnostic settings for AKS through Policy (Azure#295)

commit 6a90a2f
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 11 10:56:26 2022 -0400

    Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (Azure#289)

commit c413307
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 16:46:06 2022 -0400

    Ensure multiple subscriptions can be moved to a management in parallel (Azure#288)

    Ensure deployment name for moving subscription is unique

commit 93d2f13
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 14:53:18 2022 -0400

    Support jobs in GitHub Actions  (Azure#286)

commit 31e8d0a
Author: Steve Keeler <[email protected]>
Date:   Tue May 10 12:30:36 2022 -0400

    Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (Azure#285)

commit 229b144
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 20:41:06 2022 -0400

    Fix DeploySubscriptionIds parameter type casting (Azure#282)

commit 799ad52
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 20:10:33 2022 -0400

    Pass-thru secure strings as-is until ready for use (Azure#281)

commit a9c9419
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 17:11:12 2022 -0400

    Add environment configuration override and protect sensitive parameters (Azure#280)

commit ce6c27f
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 11:23:57 2022 -0400

    Support schema validation (Azure#277)

commit 1d8dbd7
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 08:07:26 2022 -0400

    GitHub workflow implementation (Azure#276)

    Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector

commit 08d8f92
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 2 16:03:02 2022 -0400

    Deployment flow diagram (Azure#274)

commit db098e1
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 22:37:58 2022 -0400

    Powershell deployment script for archetypes (Azure#273)

    Support for deploying subscriptions

commit 15c2847
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 16:29:22 2022 -0400

    PowerShell deployment scripts (Azure#271)

commit 3522571
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 18:10:23 2022 -0400

    Snapshot ARM parameters JSON schemas (Azure#268)

commit 60f3b59
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 17:29:58 2022 -0400

    Organize deployment parameters for Hub Networking with NVA (Azure#266)

commit 926521a
Author: ghostme <[email protected]>
Date:   Wed Apr 27 15:20:08 2022 -0400

    Updated documentation  (Azure#267)

commit d68824a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:32:25 2022 -0400

    Organize deployment parameters for Hub Networking with Azure Firewall (Azure#265)

commit 2bc196a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:03:31 2022 -0400

    Support for optional subnets in Machine Learning & Healthcare archetypes (Azure#264)

commit b33cd36
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Apr 21 09:32:43 2022 -0400

    Update common.yml example (Azure#262)

commit 3008353
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 12:44:45 2022 -0400

    Removed extra configuration files (Azure#260)

commit 1ee5b9e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:56:14 2022 -0400

    Revise subnet configuration for Healthcare archetype (Azure#256)

commit 72fe50d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:43:09 2022 -0400

    Revise subnet configuration for Machine Learning archetype (Azure#254)

commit 7083377
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:38:07 2022 -0400

    Revise subnet configuration for Generic Subscription archetype (Azure#252)

commit 3d9c60d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:30:10 2022 -0400

    Migrate Networking configuration to JSON parameters file (Azure#250)

commit 38fc344
Author: Mohamed Sharaf <[email protected]>
Date:   Wed Apr 20 10:29:52 2022 -0400

    Azure Active Directory support for Synapse (Azure#259)

commit 89613db
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 21:31:06 2022 -0400

    Include new Databricks' log categories for diagnostic settings (Azure#248)

    Add new databricks' log categories for diagnostic settings

commit 700eb96
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 17:33:12 2022 -0400

    Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (Azure#246)

    Update Private DNS Zone policy to support multiple dnsZoneConfigs

commit 1c37279
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 11 11:24:00 2022 -0400

    Support logging infrastructure for multiple regions in same subscription (Azure#244)

    Ensure subscription scoped deployments are unique per region

commit 0e258f9
Author: Steve Keeler <[email protected]>
Date:   Sat Apr 9 13:50:50 2022 -0400

    Update azure-devops-pipelines.md (Azure#242)

commit bfe1f58
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 11:31:52 2022 -0400

    Migrate Logging configuration to JSON parameters file  (Azure#236)

commit cc5f017
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 10:26:12 2022 -0400

    PBMM & HITRUST/HIPAA policy update (Azure#238)

commit 3259994
Author: Steve Keeler <[email protected]>
Date:   Tue Apr 5 14:41:17 2022 -0400

    Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script Azure#233 (Azure#234)

commit cb96311
Author: ccmsft <[email protected]>
Date:   Mon Apr 4 09:39:17 2022 -0400

    Updating recommendations to reflect licensing reqs (Azure#229)

commit 3ce2cf8
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 1 22:49:44 2022 -0400

    Use built-in policy for Cosmos DB for Defender Plan (Azure#232)

    * Use built-in policy for Cosmos DB for Defender Plan

    * Add branch config

    * Remove branch config

commit d2f959a
Author: ghostme <[email protected]>
Date:   Fri Apr 1 10:05:21 2022 -0400

    Update networking documentation for generic subscription archetype (Azure#230)

commit 575440e
Author: ccmsft <[email protected]>
Date:   Wed Mar 30 23:36:35 2022 -0400

    Initial GC 30-day cloud guardrails compliance/guidance (Azure#226)

    Initial GC 30-day cloud guardrails doc

commit 6b36096
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 22:40:17 2022 -0400

    Externalize Log Analytics Workspace parameters when loading pipeline variables (Azure#220)

    Externalize the log analytics parameters to load arbitary LAW variables

commit 0210df4
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 21:51:30 2022 -0400

    Flexible policy assignment parameters JSON files (Azure#222)

commit f25f957
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 20:57:07 2022 -0400

    Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (Azure#228)

    * Change Cosmos DB namespace to Microsoft.DocumentDB

    * Add branch config

    * Remove branch config

commit 453a0f8
Author: Steve Keeler <[email protected]>
Date:   Wed Mar 30 19:00:07 2022 -0400

    Improve `delete-management-groups.bat` script (Azure#224)

commit 2e5a56b
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 24 09:02:36 2022 -0400

    Fix formatting (Azure#218)

commit bf5e94b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 23:01:02 2022 -0400

    Add instructions for customizing policy set assignments (Azure#215)

commit 0538d4d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:57:00 2022 -0400

    Document delete lock usage (Azure#216)

    Document when and where delete locks are used

commit 789b18a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:49:24 2022 -0400

    Update OZ subnet name to App Management Zone (Azure#217)

commit 97c2904
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Mar 11 21:59:40 2022 -0500

    Backward compatibility when setting pipeline variables from management group hierarchy  (Azure#213)

commit 30b9cc2
Author: Adil Ha <[email protected]>
Date:   Fri Mar 11 11:26:31 2022 -0500

    fixing doc typo in hubnetwork-azfw (Azure#211)

    Co-authored-by: Adil Ha <[email protected]>

commit 27363b7
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 13:04:13 2022 -0500

    Support Defender Plan for Cosmos DB (Azure#200)

    Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB

commit 81eccd1
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 12:48:45 2022 -0500

    Delete Lock for Log Analytics Workspace resource group (Azure#205)

    Add delete lock for LAW RG

commit 678355f
Author: Steve Keeler <[email protected]>
Date:   Sat Mar 5 11:03:46 2022 -0500

    Fix pipeline scripts reference to `subscription-ci` (Azure#207)

commit 5753cf0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:44:31 2022 -0500

    Ensure values from multiline variables are properly logged (Azure#202)

    Print multi-line environment variables (typically JSON objects) in Show Variables step

commit d6b1c08
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:09:47 2022 -0500

    Revise subscription deployment instructions (Azure#201)

    * Redirect subscriptoin configuration guidance to archetype authoring guide doc
    * Revise instructions for creating ARM parameter files & management group id selection

commit 5e7322e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 2 08:22:35 2022 -0500

    Instructions for backfilling management group hierarchy (Azure#197)

    * Add instructions for backfilling management group hierarchy

    * Update section titles, links and reference backfill instruction as part of MG setup

    * Instructions for installing AzCLI and jq

    * Clearfy that Tenant Root Group could have been renamed in the organization

    * Windows Shell example

    * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used

    * Note on YAML indentation

commit 5d33909
Author: Preston K. Parsard <[email protected]>
Date:   Tue Mar 1 10:46:04 2022 -0500

    subscription(generic): add instructions for configuring parameters (Azure#193)

commit 17846c4
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 20:30:20 2022 -0500

    Show Variables fix (Azure#191)

commit c62dcfc
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 16:50:20 2022 -0500

    Configurable management group hierarchy (Azure#186)

    Implement configurable management group hierarchy

commit 9a141f7
Author: Preston K. Parsard <[email protected]>
Date:   Sat Feb 26 19:45:35 2022 -0500

    Update onboarding document

    Co-authored-by: Preston K. Parsard <[email protected]>

commit 6b6ef29
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Feb 26 18:22:48 2022 -0500

    Snapshot JSON schemas to v0.4.0 (Azure#182)

commit 4dd1f4a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 23 15:39:43 2022 -0500

    Update onboarding doc for logging & networking management group settings (Azure#177)

    * Fix markdown linter warnings
    * Add instruction for logging and networking MGs

commit 5d7eec3
Author: Steve Keeler <[email protected]>
Date:   Wed Feb 23 12:51:20 2022 -0500

    Update `create-pipelines.bat` onboarding script to auto-provision environment (Azure#178)

commit 488fc6e
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Feb 22 09:05:20 2022 -0500

    Instructions for Azure DevOps Environments (Azure#175)

    * Instructions for creating ADO pipeline environments

    * Fix formatting

commit edabd87
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 17 23:29:42 2022 -0500

    Support for Tag inheritance from Subscription to Resource Group (Azure#161)

    * Add policy and policy set to inherit tags from subscription to resource group

    * Add branch config for testing

    * Remove policy type as it's not built in

    * Updated resource type for resource group

    * Update policy assignment

    * Ensure assignment name is <= 24 chars

    * Revert resource group type

    * Setting mode to all

    * Update documentation

    * Add branch config

    * Add explicit dependsOn for subscription scaffolding to complete

    * Update test deployment parameters

    * Remove explicit dependsOn for subscription scaffolding to complete

    * Update doc to describe approaches for adding tags to RGs

    * Reduce the options for tagging resources given subscripton to RG tagging is available

    * Add example scenarios for tag inheritence

    * Fix typo

    * Remove branch configs

    * Resolve linter error: no-loc-expr-outside-params

commit e71ed26
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 16 20:09:19 2022 -0500

    Linter: no-loc-expr-outside-params - ensure compliance (Azure#169)

    * Update linter rules for location parameter

    * Add location parameter with default value based on resourceGroup() or deployment()

    * Update archetype schema and docs for location

    * Add branch config for testing

    * Update AKS version

    * Update branch config

    * Remove branch configs

commit 6061fa0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 16:49:42 2022 -0500

    Repository clean up (Azure#165)

    * Remove obsolete directory

    * Rotate resource group names for E2E deployments

    * Fix typo

    * Add branch config for testing

    * Fix typo

    * Remove branch configs

    * Remove timestamp from sample JSON templates.  Timestamps are kept for E2E testing.

    * Remove date stamp

commit 5104f39
Author: Steve Keeler <[email protected]>
Date:   Thu Feb 10 09:08:17 2022 -0500

    Update DevOps Onboarding section of main readme (Azure#162)

commit 209f61c
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 09:06:31 2022 -0500

    Update Deployment Script's Azure CLI version to 2.32.0 (Azure#164)

    Update Azure CLI version to 2.32.0

commit d7d5257
Author: Steve Keeler <[email protected]>
Date:   Mon Feb 7 13:51:17 2022 -0500

    Issue Azure#157 - Update scripts documentation (Azure#158)

    Update scripts documentation (Issue Azure#157)
    Update docs/onboarding/azure-devops-scripts.md
    Co-authored-by: Senthuran Sivananthan <[email protected]>

commit b628c68
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Feb 4 12:42:31 2022 -0500

    Enhance PBMM policy assignment to disable diagnostic settings metrics (Azure#156)

    Ensure diagnostic settings policy only checks for logs

commit 61afd59
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Jan 31 12:52:09 2022 -0500

    Snapshot landing zone schema to v0.3.0 (Azure#152)

commit 09f09ed
Author: Steve Keeler <[email protected]>
Date:   Mon Jan 31 09:20:20 2022 -0500

    Automation scripts for Azure DevOps onboarding (Azure#151)

    Implement Azure#150, scripts and documentation

commit 82dd826
Author: SlavaRoikhman <[email protected]>
Date:   Thu Jan 27 13:32:41 2022 -0500

    Removed 'privatelink.monitor.azure.com' from Private DNS Zones (Azure#149)

commit 73ce2eb
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 23:23:45 2022 -0500

    Flexible policy assignment scope (Azure#147)

    * Add deployment scope for policy assignment

    * Add branch test config

    * Set new parameter for policy assignment scope:  var-policyAssignmentManagementGroupId

    * Update pipeline for new var

    * Add separate scope for testing

    * Update pipeline parameter name

    * Ensure new temp file is created to populate the parameters.

    * Remove test job

    * Remove branch config

    * Update readme

    * Update authoring guide with new parameter

commit c71051b
Author: hudua <[email protected]>
Date:   Fri Jan 21 14:21:08 2022 -0500

    Private Endpoint for App Service (Azure#144)

commit fff245d
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 10:51:43 2022 -0500

    Diagnostic Settings Policies for PaaS services (Azure#143)

    * Add diagnostic settings policies for data services

    * Add branch config for testing

    * Add missing types for auditing

    * Add diagnostic setting policies for compute services

    * Add diagnostic setting policies for integration services

    * Add diagnostic setting policies for network services

    * Remove policy for ACI since it doesn't have logs to collect

    * Remove extra resource type

    * Set region to 'global' for edge services

    * Remove branch config. used for testing

    * Updated App Service log categories

    * Add branch config

    * Remove branch config

* remove trailing comma
wanpengyang added a commit to cds-snc/CanadaPubSecALZ that referenced this pull request Mar 22, 2024
Squashed commit of the following:

commit 5830bcb
Author: David Christiansen <[email protected]>
Date:   Tue Apr 25 21:12:23 2023 +0100

    Update identity.md (Azure#365)

    Updated page title to reflect content

commit 674f6cb
Author: Yanick Lepine <[email protected]>
Date:   Thu Mar 16 13:13:38 2023 -0400

    Update DDoS.bicep (Azure#363)

    Change policySetDefinitions to policyDefinitions for the policyScopedId variable.

commit 5680e65
Author: Barrington Willis <[email protected]>
Date:   Mon Mar 13 06:31:54 2023 -0700

    Bug fixes - network routing & ADO Identity Pipelines (Azure#362)

    * Fixed Bug: missing identityPathFromRoot variable missing

    * Fixed Bug: Allow Network transit thru the hub

    * renamed the Subscriptions Yaml

commit f13f6ec
Author: Barrington Willis <[email protected]>
Date:   Fri Mar 3 07:00:06 2023 -0800

    Identity Archetype (Azure#359)

    * Squashed commit of the following:

    commit 6d6b3e49855c365f49a4674534b985bacf9cd74c
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 27 08:07:45 2023 -0800

        changed the areacode on the logging service health alerts architype

    commit 86b4505c2ffd5127978883c0bc6a1f9b0e7d3268
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:39:08 2023 -0800

        prepping for testing in ESLZ test environment

    commit 0f92b6bf70aee1377b4d49db436fa7024f1bfd25
    Merge: 2a3584a 7749e7b
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:10:37 2023 -0800

        Merge remote-tracking branch 'origin/main' into IdentityLZ

    commit 7749e7b
    Merge: f6555a4 5337654
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:08:54 2023 -0800

        Merge remote-tracking branch 'github-CanadaPubSecALZ/main'

    commit f6555a4
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 12:30:20 2023 -0800

        Added the patch version to the AKS versions in the Data Archetypes

    commit 8edcb63
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 11:32:54 2023 -0800

        Changed hte AKS version to only have the Major.Minor

    commit 37123d7
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 11:17:38 2023 -0800

        updated AKS version in the Data Archetypes

    commit 459b3c6
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 08:55:13 2023 -0800

        changed the servcie health number prefix to 604

    commit cccf886
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 07:42:52 2023 -0800

        changed the invalid dummy service alert phone number to a valid phone number

    commit 8e9628d
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 07:01:36 2023 -0800

        fixed linter warnings in policy files

    commit 6c2b2f7
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 15:36:36 2023 -0800

        Commit 95556ddd: changed the extensionResourceId function to tenantResourceId for all built-in polify definitions

    commit c58ba48
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 15:09:56 2023 -0800

        Fixed the AKS policy deployment

    commit f9e8418
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 14:04:22 2023 -0800

        Fixed Bug on policy defnition

    commit 1a3c82e
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 19:09:02 2023 -0800

        updated the linter rules

    commit 20e1880
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 18:52:18 2023 -0800

        fixed the remaining linter errors in the policy definitions

    commit 1610a28
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 18:27:14 2023 -0800

        fixed the remaining linter warnings

    commit 9f0e049
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 17:31:21 2023 -0800

        fixed BCP321 warning

    commit 466d7b0
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 17:22:46 2023 -0800

        changed the pOlicyScopedId var to be set by using the MGResourceID Function

    commit 9362967
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 16:48:26 2023 -0800

        Fixed Role Definition Id References to use the ResourceId function

    commit 4bcbc28
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 16:07:33 2023 -0800

        Fixed BCP321 Linter warning in networking files

    commit 2a3584a7cac9c5822c7a226bc8a5d44f52d69a65
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 15:07:43 2023 -0800

        Removed Linter exception BCP321 - will fix in the linter PR

    commit a0b48ec7710a5ee8023a066e4cb5394074002c1e
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 10:39:36 2023 -0800

        Fixed the bugs with conditionally deploying DNS Resolver

    commit 4f24be78f48465b404c529b276db66496c9958db
    Author: Barry Willis <[email protected]>
    Date:   Wed Feb 8 15:29:38 2023 -0800

        Updated documentation and made the DNS Resolver subnets optional

    commit 03fcb5e50b0670c67d1850063dd828ffa6945cf8
    Merge: dfe0d9a 0fa01e8
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 6 16:58:41 2023 -0800

        Merge remote-tracking branch 'origin/main' into IdentityLZ

    commit dfe0d9acab086df1d9dfbfbdae5770fbf5da999a
    Author: Barry Willis <[email protected]>
    Date:   Wed Jan 11 15:52:06 2023 -0800

        added Schema validation to the identity config file

    commit fb88630b5d707db6b7f4ab1aa2455ff79920d5b3
    Author: Barry Willis <[email protected]>
    Date:   Mon Jan 9 10:28:13 2023 -0800

        changed the DNS Resolver ruleset to be an object-array

    commit 78aaf4d6cdeff8d9832d8a309f26c10cefe97a22
    Author: Barry Willis <[email protected]>
    Date:   Sat Jan 7 13:57:37 2023 -0800

        first pass at creating conditional forwarding rulesets in the Identity LZ

    commit e7b554d04daee83a55a985073ec0c59084c7f3c2
    Author: Barry Willis <[email protected]>
    Date:   Fri Jan 6 08:54:27 2023 -0800

        Configured Subnet Delegation for Az DNS Resolver

    commit 978ab9925f876945ba02280493f7deba1c07e7ee
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 19:52:24 2023 -0800

        added Private DNS Resolver to the Identity LZ

    commit 9735d58fc04d7a587a76a5387deb112c466390fe
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 13:19:05 2023 -0800

        Removed the optional Subnet

    commit 4cd57ed41a09672b3cfbc1792c2edbdc3569a060
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 13:09:36 2023 -0800

        first cut at the identity LZ framework

    commit a119eea02fca28a2028362f484aa2835c9313c1d
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:54:58 2022 -0800

        added identitypathfromroot in the branch config file

    commit 75b6ccc2ab6efd55037e0a5a938d49f2eef32de4
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:35:12 2022 -0800

        Added: identity vars display
        Changed: location reference to identity param file

    commit e0cfc41b5a83c4c331689fcafa5edc9928e93d39
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:22:35 2022 -0800

        fixed misconfigured working directory

    commit fb58b16999aeb9cc6b6b81647c76e95024e1267c
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:18:46 2022 -0800

        removed schema validation to test deployment

    commit 240189de7e30fa57654c3ec76ec37c762ff80133
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:15:43 2022 -0800

        fixed bug - neworking region is now identity region

    commit 89e63b5976cb5cdc4e85d0b25c01234ffe4853d7
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:11:48 2022 -0800

        initial identity lz deployment

    commit d4b40b26b893b78d7a9250dffe24c3e9ce06d690
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:03:29 2022 -0800

        Added default region for Identity Subscription

    commit 41e611818d09181b1a455f612425cae20f0683f7
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 08:29:33 2022 -0800

        Changed bastion subnet range in identity subnet

    commit f5a43f2d44803e80db8a043d31e5c9f72fc51675
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 07:33:03 2022 -0800

        Param file for Identity LZ

    commit 13d084b0fe74f39ca1423b2eb9f333a2b760b1f2
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 15:19:23 2022 +0000

        Deleted identity.parameteres.json

    commit 5ba9a12fa8e8e02f60f3f2afea43681cc84d7446
    Merge: 002b2be e395307
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:18:40 2022 -0800

        Merge branch 'IdentityLZ' of https://dev.azure.com/Tredell/CanadaALZ/_git/CanadaALZ into IdentityLZ

    commit 002b2be1bb5b555a334f35cbb505e7a68f321649
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:18:32 2022 -0800

        id-lz - created param section for id lz

    commit e395307b1c12786cc28cf3d4b00586dde69739d5
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:13:54 2022 -0800

        id-lz - created param section for id lz

    commit 7f4a43eb4fdc7f6f37ebab8e661981cccbee9f50
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:54:57 2022 -0800

        disabled privatelink infrastructure to be deployed in hub lz

    commit db85049ac94b5c394d586b6960343bc1286997f1
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:46:36 2022 -0800

        Configured hub networking parameter files

    commit 8d772e868803d1b712013f7db21044d48ab730d2
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:07:43 2022 -0800

        removed comment from json - not supported

    commit 89cde8d92704f1a41a123af46da6dd90568d99cb
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:56:47 2022 -0800

        Configuring Policies for deployment to Test enviornment

    commit ba781ee844a4abd403071e072645988b63ada494
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:40:53 2022 -0800

        added a default security Group

    commit 1269da21e08fdf4c29a53b38a4d18722c64461e0
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:26:14 2022 -0800

        setting up logging for my test environment

    commit 4d6a41f4133380223f5895dba270cbce4ae5a39b
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:13:08 2022 -0800

        testing the path to the logging configuraiton file

    commit 75d0b99caf6aed5f809c28566cad35569d78be58
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:00:14 2022 -0800

        added the full path to the logging parameters file

    commit 32e8382bcb8deaaaab0c7bc1c2791483ef439971
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:55:00 2022 -0800

        path to logging parameters file was incorrect

    commit 5757d36a486e7f3b707f00848d19cfe64de83358
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:37:20 2022 -0800

        Changed MG Root to match test enviornment

    commit 1fdd02db1638420decf5ab021fb617b95920aada
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:09:46 2022 -0800

        Adding config file for IdentityLZ branch

    * PowerShell Deployment Files created

    * GitHub Action Pipelines modified to add the Identity Archetype

    * made the Identity GitHub Action optional

    * put the boolean option in single quotes

    * fixed a few bugs (BCP321 & references to the wrong tenant)

    * changed the sub id for the logging subscription

    * Removed the hardcoded reference to the LAW in the identity param file

    * updated the param file with the LAW ID

    * disabled private dns zone deployment in the identity sub

    * removed the config files from my custom branch

    * uncommented the validation in the Identity ADO Pipeline

    * removed commented trigger code from ADO Identity Pipeline

    * renenabled the dployment of the DNSPrivateEndPoints policyset

    * removed the provider registration for containerservices in the deploy-identity-pipeline yaml

    * added an explanation comment to the dnsforwardingruleset file

    * Added telemetry tracking  for the identity subscription

    * fixed cut and paste errors

    * Updated test cases & documentation

    * added the consistency check & pull request checks for github actions

    * fixed spelling error

commit 5337654
Author: Barrington Willis <[email protected]>
Date:   Fri Feb 24 12:57:36 2023 -0800

    Fixed Linter warnings & build errors (Azure#354)

    * Fixed BCP321 Linter warning in networking files

    * Fixed Role Definition Id References to use the ResourceId function

    * changed the pOlicyScopedId var to be set by using the MGResourceID Function

    * fixed BCP321 warning

    * fixed the remaining linter warnings

    * fixed the remaining linter errors in the policy definitions

    * updated the linter rules

    * Fixed Bug on policy defnition

    * Fixed the AKS policy deployment

    * Commit 95556ddd: changed the extensionResourceId function to tenantResourceId for all built-in polify definitions

    * fixed linter warnings in policy files

    * changed the invalid dummy service alert phone number to a valid phone number

    * changed the servcie health number prefix to 604

    * updated AKS version in the Data Archetypes

    * Changed hte AKS version to only have the Major.Minor

    * Added the patch version to the AKS versions in the Data Archetypes

commit 0fa01e8
Author: Luke Murray <[email protected]>
Date:   Tue Feb 7 12:26:03 2023 +1300

    Updated documents, from docs.microsoft.com - to Learn. (Azure#350)

    Updated documents, from docs.microsoft.com - to Learn.

commit e44c7ea
Author: Obay <[email protected]>
Date:   Wed Nov 30 19:14:57 2022 -0800

    Update hubnetwork-azfw.md (Azure#345)

    Having domain controllers under the "Connectivity" subscription is an anti-pattern that causes confusion to users.

    Co-authored-by: Barrington Willis <[email protected]>

commit 12cd557
Author: Steve Keeler <[email protected]>
Date:   Wed Nov 30 21:27:08 2022 -0500

    Add Barry to code owners list (Azure#346)

commit c714e65
Author: Steve Keeler <[email protected]>
Date:   Fri Oct 14 15:48:33 2022 -0400

    Update CODEOWNERS (Azure#344)

    Adding Barry Willis and Kevin Evans to the CODEOWNERS file for the entire repo

commit b8a9bc9
Author: Steve Keeler <[email protected]>
Date:   Thu Sep 1 15:31:28 2022 -0400

    Version August 2022 schema changes (Azure#342)

commit 5851a09
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:50:15 2022 -0400

    Revised Event Hub Diagnostic Settings policy (Azure#339)

commit e5fe399
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:37:43 2022 -0400

    Update diagnostic settings profile name (Azure#337)

commit db52627
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:17:12 2022 -0400

    Suppress false positive linter warning: secure-secrets-in-params (Azure#335)

commit 2a6042d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:59:13 2022 -0400

    Network security group support for private endpoints subnet (Azure#333)

commit e069a4b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:28:39 2022 -0400

    Support data collection rule (Azure#331)

commit c2afa0d
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Aug 8 15:42:22 2022 -0400

    Support azkms.core.windows.net and IPs in firewall allow list (Azure#329)

commit a7f521d
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:31:56 2022 -0400

    Add missing log categories in diagnostic settings for Azure Firewall (Azure#324)

commit 60198bc
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:11:10 2022 -0400

    Resolve linter warning: prefer-unquoted-property-names (Azure#322)

commit a4e53ff
Author: Sabyasachi Dasgupta <[email protected]>
Date:   Mon Jul 18 16:44:01 2022 -0400

    Update machinelearning.md (Azure#327)

commit 8fc587a
Author: Ifyagolu <[email protected]>
Date:   Fri Jun 24 17:05:28 2022 -0400

    Fix typo in onboarding guidance (Azure#320)

commit e9a0962
Author: Islam Gomaa <[email protected]>
Date:   Fri May 27 16:13:52 2022 -0400

    Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (Azure#313)

commit 2b11801
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu May 19 10:38:55 2022 -0400

    Add service health notification info (Azure#310)

commit bce747c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 18 09:29:03 2022 -0400

    Update resource group names for Logging & Networking (Azure#309)

    Remove `-rg` suffix

commit 6765c48
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 17 15:14:33 2022 -0400

    Serial defender plan deployments & revised resource/resource group names (Azure#307)

commit 62adb00
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 13:53:37 2022 -0400

    Log Analytics solutions for SQL servers on machines (Azure#303)

commit c1a3b99
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 09:26:47 2022 -0400

    Flexible policy deployment using PowerShell & GitHub Actions (Azure#300)

commit 0ce5c1a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 12:19:01 2022 -0400

    Disable fail fast for matrix deployments (Azure#297)

commit c078a79
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 11:19:43 2022 -0400

    Concurrent role deployment with PowerShell & GitHub Actions (Azure#299)

commit 31a214a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 10:39:08 2022 -0400

    Disable metrics in diagnostic settings for AKS through Policy (Azure#295)

commit 6a90a2f
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 11 10:56:26 2022 -0400

    Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (Azure#289)

commit c413307
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 16:46:06 2022 -0400

    Ensure multiple subscriptions can be moved to a management in parallel (Azure#288)

    Ensure deployment name for moving subscription is unique

commit 93d2f13
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 14:53:18 2022 -0400

    Support jobs in GitHub Actions  (Azure#286)

commit 31e8d0a
Author: Steve Keeler <[email protected]>
Date:   Tue May 10 12:30:36 2022 -0400

    Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (Azure#285)

commit 229b144
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 20:41:06 2022 -0400

    Fix DeploySubscriptionIds parameter type casting (Azure#282)

commit 799ad52
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 20:10:33 2022 -0400

    Pass-thru secure strings as-is until ready for use (Azure#281)

commit a9c9419
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 17:11:12 2022 -0400

    Add environment configuration override and protect sensitive parameters (Azure#280)

commit ce6c27f
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 11:23:57 2022 -0400

    Support schema validation (Azure#277)

commit 1d8dbd7
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 08:07:26 2022 -0400

    GitHub workflow implementation (Azure#276)

    Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector

commit 08d8f92
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 2 16:03:02 2022 -0400

    Deployment flow diagram (Azure#274)

commit db098e1
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 22:37:58 2022 -0400

    Powershell deployment script for archetypes (Azure#273)

    Support for deploying subscriptions

commit 15c2847
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 16:29:22 2022 -0400

    PowerShell deployment scripts (Azure#271)

commit 3522571
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 18:10:23 2022 -0400

    Snapshot ARM parameters JSON schemas (Azure#268)

commit 60f3b59
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 17:29:58 2022 -0400

    Organize deployment parameters for Hub Networking with NVA (Azure#266)

commit 926521a
Author: ghostme <[email protected]>
Date:   Wed Apr 27 15:20:08 2022 -0400

    Updated documentation  (Azure#267)

commit d68824a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:32:25 2022 -0400

    Organize deployment parameters for Hub Networking with Azure Firewall (Azure#265)

commit 2bc196a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:03:31 2022 -0400

    Support for optional subnets in Machine Learning & Healthcare archetypes (Azure#264)

commit b33cd36
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Apr 21 09:32:43 2022 -0400

    Update common.yml example (Azure#262)

commit 3008353
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 12:44:45 2022 -0400

    Removed extra configuration files (Azure#260)

commit 1ee5b9e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:56:14 2022 -0400

    Revise subnet configuration for Healthcare archetype (Azure#256)

commit 72fe50d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:43:09 2022 -0400

    Revise subnet configuration for Machine Learning archetype (Azure#254)

commit 7083377
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:38:07 2022 -0400

    Revise subnet configuration for Generic Subscription archetype (Azure#252)

commit 3d9c60d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:30:10 2022 -0400

    Migrate Networking configuration to JSON parameters file (Azure#250)

commit 38fc344
Author: Mohamed Sharaf <[email protected]>
Date:   Wed Apr 20 10:29:52 2022 -0400

    Azure Active Directory support for Synapse (Azure#259)

commit 89613db
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 21:31:06 2022 -0400

    Include new Databricks' log categories for diagnostic settings (Azure#248)

    Add new databricks' log categories for diagnostic settings

commit 700eb96
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 17:33:12 2022 -0400

    Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (Azure#246)

    Update Private DNS Zone policy to support multiple dnsZoneConfigs

commit 1c37279
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 11 11:24:00 2022 -0400

    Support logging infrastructure for multiple regions in same subscription (Azure#244)

    Ensure subscription scoped deployments are unique per region

commit 0e258f9
Author: Steve Keeler <[email protected]>
Date:   Sat Apr 9 13:50:50 2022 -0400

    Update azure-devops-pipelines.md (Azure#242)

commit bfe1f58
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 11:31:52 2022 -0400

    Migrate Logging configuration to JSON parameters file  (Azure#236)

commit cc5f017
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 10:26:12 2022 -0400

    PBMM & HITRUST/HIPAA policy update (Azure#238)

commit 3259994
Author: Steve Keeler <[email protected]>
Date:   Tue Apr 5 14:41:17 2022 -0400

    Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script Azure#233 (Azure#234)

commit cb96311
Author: ccmsft <[email protected]>
Date:   Mon Apr 4 09:39:17 2022 -0400

    Updating recommendations to reflect licensing reqs (Azure#229)

commit 3ce2cf8
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 1 22:49:44 2022 -0400

    Use built-in policy for Cosmos DB for Defender Plan (Azure#232)

    * Use built-in policy for Cosmos DB for Defender Plan

    * Add branch config

    * Remove branch config

commit d2f959a
Author: ghostme <[email protected]>
Date:   Fri Apr 1 10:05:21 2022 -0400

    Update networking documentation for generic subscription archetype (Azure#230)

commit 575440e
Author: ccmsft <[email protected]>
Date:   Wed Mar 30 23:36:35 2022 -0400

    Initial GC 30-day cloud guardrails compliance/guidance (Azure#226)

    Initial GC 30-day cloud guardrails doc

commit 6b36096
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 22:40:17 2022 -0400

    Externalize Log Analytics Workspace parameters when loading pipeline variables (Azure#220)

    Externalize the log analytics parameters to load arbitary LAW variables

commit 0210df4
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 21:51:30 2022 -0400

    Flexible policy assignment parameters JSON files (Azure#222)

commit f25f957
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 20:57:07 2022 -0400

    Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (Azure#228)

    * Change Cosmos DB namespace to Microsoft.DocumentDB

    * Add branch config

    * Remove branch config

commit 453a0f8
Author: Steve Keeler <[email protected]>
Date:   Wed Mar 30 19:00:07 2022 -0400

    Improve `delete-management-groups.bat` script (Azure#224)

commit 2e5a56b
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 24 09:02:36 2022 -0400

    Fix formatting (Azure#218)

commit bf5e94b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 23:01:02 2022 -0400

    Add instructions for customizing policy set assignments (Azure#215)

commit 0538d4d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:57:00 2022 -0400

    Document delete lock usage (Azure#216)

    Document when and where delete locks are used

commit 789b18a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:49:24 2022 -0400

    Update OZ subnet name to App Management Zone (Azure#217)

commit 97c2904
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Mar 11 21:59:40 2022 -0500

    Backward compatibility when setting pipeline variables from management group hierarchy  (Azure#213)

commit 30b9cc2
Author: Adil Ha <[email protected]>
Date:   Fri Mar 11 11:26:31 2022 -0500

    fixing doc typo in hubnetwork-azfw (Azure#211)

    Co-authored-by: Adil Ha <[email protected]>

commit 27363b7
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 13:04:13 2022 -0500

    Support Defender Plan for Cosmos DB (Azure#200)

    Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB

commit 81eccd1
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 12:48:45 2022 -0500

    Delete Lock for Log Analytics Workspace resource group (Azure#205)

    Add delete lock for LAW RG

commit 678355f
Author: Steve Keeler <[email protected]>
Date:   Sat Mar 5 11:03:46 2022 -0500

    Fix pipeline scripts reference to `subscription-ci` (Azure#207)

commit 5753cf0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:44:31 2022 -0500

    Ensure values from multiline variables are properly logged (Azure#202)

    Print multi-line environment variables (typically JSON objects) in Show Variables step

commit d6b1c08
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:09:47 2022 -0500

    Revise subscription deployment instructions (Azure#201)

    * Redirect subscriptoin configuration guidance to archetype authoring guide doc
    * Revise instructions for creating ARM parameter files & management group id selection

commit 5e7322e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 2 08:22:35 2022 -0500

    Instructions for backfilling management group hierarchy (Azure#197)

    * Add instructions for backfilling management group hierarchy

    * Update section titles, links and reference backfill instruction as part of MG setup

    * Instructions for installing AzCLI and jq

    * Clearfy that Tenant Root Group could have been renamed in the organization

    * Windows Shell example

    * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used

    * Note on YAML indentation

commit 5d33909
Author: Preston K. Parsard <[email protected]>
Date:   Tue Mar 1 10:46:04 2022 -0500

    subscription(generic): add instructions for configuring parameters (Azure#193)

commit 17846c4
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 20:30:20 2022 -0500

    Show Variables fix (Azure#191)

commit c62dcfc
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 16:50:20 2022 -0500

    Configurable management group hierarchy (Azure#186)

    Implement configurable management group hierarchy

commit 9a141f7
Author: Preston K. Parsard <[email protected]>
Date:   Sat Feb 26 19:45:35 2022 -0500

    Update onboarding document

    Co-authored-by: Preston K. Parsard <[email protected]>

commit 6b6ef29
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Feb 26 18:22:48 2022 -0500

    Snapshot JSON schemas to v0.4.0 (Azure#182)

commit 4dd1f4a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 23 15:39:43 2022 -0500

    Update onboarding doc for logging & networking management group settings (Azure#177)

    * Fix markdown linter warnings
    * Add instruction for logging and networking MGs

commit 5d7eec3
Author: Steve Keeler <[email protected]>
Date:   Wed Feb 23 12:51:20 2022 -0500

    Update `create-pipelines.bat` onboarding script to auto-provision environment (Azure#178)

commit 488fc6e
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Feb 22 09:05:20 2022 -0500

    Instructions for Azure DevOps Environments (Azure#175)

    * Instructions for creating ADO pipeline environments

    * Fix formatting

commit edabd87
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 17 23:29:42 2022 -0500

    Support for Tag inheritance from Subscription to Resource Group (Azure#161)

    * Add policy and policy set to inherit tags from subscription to resource group

    * Add branch config for testing

    * Remove policy type as it's not built in

    * Updated resource type for resource group

    * Update policy assignment

    * Ensure assignment name is <= 24 chars

    * Revert resource group type

    * Setting mode to all

    * Update documentation

    * Add branch config

    * Add explicit dependsOn for subscription scaffolding to complete

    * Update test deployment parameters

    * Remove explicit dependsOn for subscription scaffolding to complete

    * Update doc to describe approaches for adding tags to RGs

    * Reduce the options for tagging resources given subscripton to RG tagging is available

    * Add example scenarios for tag inheritence

    * Fix typo

    * Remove branch configs

    * Resolve linter error: no-loc-expr-outside-params

commit e71ed26
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 16 20:09:19 2022 -0500

    Linter: no-loc-expr-outside-params - ensure compliance (Azure#169)

    * Update linter rules for location parameter

    * Add location parameter with default value based on resourceGroup() or deployment()

    * Update archetype schema and docs for location

    * Add branch config for testing

    * Update AKS version

    * Update branch config

    * Remove branch configs

commit 6061fa0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 16:49:42 2022 -0500

    Repository clean up (Azure#165)

    * Remove obsolete directory

    * Rotate resource group names for E2E deployments

    * Fix typo

    * Add branch config for testing

    * Fix typo

    * Remove branch configs

    * Remove timestamp from sample JSON templates.  Timestamps are kept for E2E testing.

    * Remove date stamp

commit 5104f39
Author: Steve Keeler <[email protected]>
Date:   Thu Feb 10 09:08:17 2022 -0500

    Update DevOps Onboarding section of main readme (Azure#162)

commit 209f61c
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 09:06:31 2022 -0500

    Update Deployment Script's Azure CLI version to 2.32.0 (Azure#164)

    Update Azure CLI version to 2.32.0

commit d7d5257
Author: Steve Keeler <[email protected]>
Date:   Mon Feb 7 13:51:17 2022 -0500

    Issue Azure#157 - Update scripts documentation (Azure#158)

    Update scripts documentation (Issue Azure#157)
    Update docs/onboarding/azure-devops-scripts.md
    Co-authored-by: Senthuran Sivananthan <[email protected]>

commit b628c68
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Feb 4 12:42:31 2022 -0500

    Enhance PBMM policy assignment to disable diagnostic settings metrics (Azure#156)

    Ensure diagnostic settings policy only checks for logs

commit 61afd59
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Jan 31 12:52:09 2022 -0500

    Snapshot landing zone schema to v0.3.0 (Azure#152)

commit 09f09ed
Author: Steve Keeler <[email protected]>
Date:   Mon Jan 31 09:20:20 2022 -0500

    Automation scripts for Azure DevOps onboarding (Azure#151)

    Implement Azure#150, scripts and documentation

commit 82dd826
Author: SlavaRoikhman <[email protected]>
Date:   Thu Jan 27 13:32:41 2022 -0500

    Removed 'privatelink.monitor.azure.com' from Private DNS Zones (Azure#149)

commit 73ce2eb
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 23:23:45 2022 -0500

    Flexible policy assignment scope (Azure#147)

    * Add deployment scope for policy assignment

    * Add branch test config

    * Set new parameter for policy assignment scope:  var-policyAssignmentManagementGroupId

    * Update pipeline for new var

    * Add separate scope for testing

    * Update pipeline parameter name

    * Ensure new temp file is created to populate the parameters.

    * Remove test job

    * Remove branch config

    * Update readme

    * Update authoring guide with new parameter

commit c71051b
Author: hudua <[email protected]>
Date:   Fri Jan 21 14:21:08 2022 -0500

    Private Endpoint for App Service (Azure#144)

commit fff245d
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 10:51:43 2022 -0500

    Diagnostic Settings Policies for PaaS services (Azure#143)

    * Add diagnostic settings policies for data services

    * Add branch config for testing

    * Add missing types for auditing

    * Add diagnostic setting policies for compute services

    * Add diagnostic setting policies for integration services

    * Add diagnostic setting policies for network services

    * Remove policy for ACI since it doesn't have logs to collect

    * Remove extra resource type

    * Set region to 'global' for edge services

    * Remove branch config. used for testing

    * Updated App Service log categories

    * Add branch config

    * Remove branch config
wanpengyang added a commit to cds-snc/CanadaPubSecALZ that referenced this pull request Mar 22, 2024
* update to 1.2.0

Squashed commit of the following:

commit 5830bcb
Author: David Christiansen <[email protected]>
Date:   Tue Apr 25 21:12:23 2023 +0100

    Update identity.md (Azure#365)

    Updated page title to reflect content

commit 674f6cb
Author: Yanick Lepine <[email protected]>
Date:   Thu Mar 16 13:13:38 2023 -0400

    Update DDoS.bicep (Azure#363)

    Change policySetDefinitions to policyDefinitions for the policyScopedId variable.

commit 5680e65
Author: Barrington Willis <[email protected]>
Date:   Mon Mar 13 06:31:54 2023 -0700

    Bug fixes - network routing & ADO Identity Pipelines (Azure#362)

    * Fixed Bug: missing identityPathFromRoot variable missing

    * Fixed Bug: Allow Network transit thru the hub

    * renamed the Subscriptions Yaml

commit f13f6ec
Author: Barrington Willis <[email protected]>
Date:   Fri Mar 3 07:00:06 2023 -0800

    Identity Archetype (Azure#359)

    * Squashed commit of the following:

    commit 6d6b3e49855c365f49a4674534b985bacf9cd74c
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 27 08:07:45 2023 -0800

        changed the areacode on the logging service health alerts architype

    commit 86b4505c2ffd5127978883c0bc6a1f9b0e7d3268
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:39:08 2023 -0800

        prepping for testing in ESLZ test environment

    commit 0f92b6bf70aee1377b4d49db436fa7024f1bfd25
    Merge: 2a3584a 7749e7b
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:10:37 2023 -0800

        Merge remote-tracking branch 'origin/main' into IdentityLZ

    commit 7749e7b
    Merge: f6555a4 5337654
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:08:54 2023 -0800

        Merge remote-tracking branch 'github-CanadaPubSecALZ/main'

    commit f6555a4
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 12:30:20 2023 -0800

        Added the patch version to the AKS versions in the Data Archetypes

    commit 8edcb63
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 11:32:54 2023 -0800

        Changed hte AKS version to only have the Major.Minor

    commit 37123d7
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 11:17:38 2023 -0800

        updated AKS version in the Data Archetypes

    commit 459b3c6
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 08:55:13 2023 -0800

        changed the servcie health number prefix to 604

    commit cccf886
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 07:42:52 2023 -0800

        changed the invalid dummy service alert phone number to a valid phone number

    commit 8e9628d
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 07:01:36 2023 -0800

        fixed linter warnings in policy files

    commit 6c2b2f7
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 15:36:36 2023 -0800

        Commit 95556ddd: changed the extensionResourceId function to tenantResourceId for all built-in polify definitions

    commit c58ba48
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 15:09:56 2023 -0800

        Fixed the AKS policy deployment

    commit f9e8418
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 14:04:22 2023 -0800

        Fixed Bug on policy defnition

    commit 1a3c82e
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 19:09:02 2023 -0800

        updated the linter rules

    commit 20e1880
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 18:52:18 2023 -0800

        fixed the remaining linter errors in the policy definitions

    commit 1610a28
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 18:27:14 2023 -0800

        fixed the remaining linter warnings

    commit 9f0e049
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 17:31:21 2023 -0800

        fixed BCP321 warning

    commit 466d7b0
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 17:22:46 2023 -0800

        changed the pOlicyScopedId var to be set by using the MGResourceID Function

    commit 9362967
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 16:48:26 2023 -0800

        Fixed Role Definition Id References to use the ResourceId function

    commit 4bcbc28
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 16:07:33 2023 -0800

        Fixed BCP321 Linter warning in networking files

    commit 2a3584a7cac9c5822c7a226bc8a5d44f52d69a65
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 15:07:43 2023 -0800

        Removed Linter exception BCP321 - will fix in the linter PR

    commit a0b48ec7710a5ee8023a066e4cb5394074002c1e
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 10:39:36 2023 -0800

        Fixed the bugs with conditionally deploying DNS Resolver

    commit 4f24be78f48465b404c529b276db66496c9958db
    Author: Barry Willis <[email protected]>
    Date:   Wed Feb 8 15:29:38 2023 -0800

        Updated documentation and made the DNS Resolver subnets optional

    commit 03fcb5e50b0670c67d1850063dd828ffa6945cf8
    Merge: dfe0d9a 0fa01e8
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 6 16:58:41 2023 -0800

        Merge remote-tracking branch 'origin/main' into IdentityLZ

    commit dfe0d9acab086df1d9dfbfbdae5770fbf5da999a
    Author: Barry Willis <[email protected]>
    Date:   Wed Jan 11 15:52:06 2023 -0800

        added Schema validation to the identity config file

    commit fb88630b5d707db6b7f4ab1aa2455ff79920d5b3
    Author: Barry Willis <[email protected]>
    Date:   Mon Jan 9 10:28:13 2023 -0800

        changed the DNS Resolver ruleset to be an object-array

    commit 78aaf4d6cdeff8d9832d8a309f26c10cefe97a22
    Author: Barry Willis <[email protected]>
    Date:   Sat Jan 7 13:57:37 2023 -0800

        first pass at creating conditional forwarding rulesets in the Identity LZ

    commit e7b554d04daee83a55a985073ec0c59084c7f3c2
    Author: Barry Willis <[email protected]>
    Date:   Fri Jan 6 08:54:27 2023 -0800

        Configured Subnet Delegation for Az DNS Resolver

    commit 978ab9925f876945ba02280493f7deba1c07e7ee
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 19:52:24 2023 -0800

        added Private DNS Resolver to the Identity LZ

    commit 9735d58fc04d7a587a76a5387deb112c466390fe
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 13:19:05 2023 -0800

        Removed the optional Subnet

    commit 4cd57ed41a09672b3cfbc1792c2edbdc3569a060
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 13:09:36 2023 -0800

        first cut at the identity LZ framework

    commit a119eea02fca28a2028362f484aa2835c9313c1d
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:54:58 2022 -0800

        added identitypathfromroot in the branch config file

    commit 75b6ccc2ab6efd55037e0a5a938d49f2eef32de4
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:35:12 2022 -0800

        Added: identity vars display
        Changed: location reference to identity param file

    commit e0cfc41b5a83c4c331689fcafa5edc9928e93d39
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:22:35 2022 -0800

        fixed misconfigured working directory

    commit fb58b16999aeb9cc6b6b81647c76e95024e1267c
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:18:46 2022 -0800

        removed schema validation to test deployment

    commit 240189de7e30fa57654c3ec76ec37c762ff80133
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:15:43 2022 -0800

        fixed bug - neworking region is now identity region

    commit 89e63b5976cb5cdc4e85d0b25c01234ffe4853d7
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:11:48 2022 -0800

        initial identity lz deployment

    commit d4b40b26b893b78d7a9250dffe24c3e9ce06d690
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:03:29 2022 -0800

        Added default region for Identity Subscription

    commit 41e611818d09181b1a455f612425cae20f0683f7
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 08:29:33 2022 -0800

        Changed bastion subnet range in identity subnet

    commit f5a43f2d44803e80db8a043d31e5c9f72fc51675
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 07:33:03 2022 -0800

        Param file for Identity LZ

    commit 13d084b0fe74f39ca1423b2eb9f333a2b760b1f2
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 15:19:23 2022 +0000

        Deleted identity.parameteres.json

    commit 5ba9a12fa8e8e02f60f3f2afea43681cc84d7446
    Merge: 002b2be e395307
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:18:40 2022 -0800

        Merge branch 'IdentityLZ' of https://dev.azure.com/Tredell/CanadaALZ/_git/CanadaALZ into IdentityLZ

    commit 002b2be1bb5b555a334f35cbb505e7a68f321649
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:18:32 2022 -0800

        id-lz - created param section for id lz

    commit e395307b1c12786cc28cf3d4b00586dde69739d5
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:13:54 2022 -0800

        id-lz - created param section for id lz

    commit 7f4a43eb4fdc7f6f37ebab8e661981cccbee9f50
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:54:57 2022 -0800

        disabled privatelink infrastructure to be deployed in hub lz

    commit db85049ac94b5c394d586b6960343bc1286997f1
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:46:36 2022 -0800

        Configured hub networking parameter files

    commit 8d772e868803d1b712013f7db21044d48ab730d2
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:07:43 2022 -0800

        removed comment from json - not supported

    commit 89cde8d92704f1a41a123af46da6dd90568d99cb
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:56:47 2022 -0800

        Configuring Policies for deployment to Test enviornment

    commit ba781ee844a4abd403071e072645988b63ada494
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:40:53 2022 -0800

        added a default security Group

    commit 1269da21e08fdf4c29a53b38a4d18722c64461e0
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:26:14 2022 -0800

        setting up logging for my test environment

    commit 4d6a41f4133380223f5895dba270cbce4ae5a39b
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:13:08 2022 -0800

        testing the path to the logging configuraiton file

    commit 75d0b99caf6aed5f809c28566cad35569d78be58
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:00:14 2022 -0800

        added the full path to the logging parameters file

    commit 32e8382bcb8deaaaab0c7bc1c2791483ef439971
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:55:00 2022 -0800

        path to logging parameters file was incorrect

    commit 5757d36a486e7f3b707f00848d19cfe64de83358
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:37:20 2022 -0800

        Changed MG Root to match test enviornment

    commit 1fdd02db1638420decf5ab021fb617b95920aada
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:09:46 2022 -0800

        Adding config file for IdentityLZ branch

    * PowerShell Deployment Files created

    * GitHub Action Pipelines modified to add the Identity Archetype

    * made the Identity GitHub Action optional

    * put the boolean option in single quotes

    * fixed a few bugs (BCP321 & references to the wrong tenant)

    * changed the sub id for the logging subscription

    * Removed the hardcoded reference to the LAW in the identity param file

    * updated the param file with the LAW ID

    * disabled private dns zone deployment in the identity sub

    * removed the config files from my custom branch

    * uncommented the validation in the Identity ADO Pipeline

    * removed commented trigger code from ADO Identity Pipeline

    * renenabled the dployment of the DNSPrivateEndPoints policyset

    * removed the provider registration for containerservices in the deploy-identity-pipeline yaml

    * added an explanation comment to the dnsforwardingruleset file

    * Added telemetry tracking  for the identity subscription

    * fixed cut and paste errors

    * Updated test cases & documentation

    * added the consistency check & pull request checks for github actions

    * fixed spelling error

commit 5337654
Author: Barrington Willis <[email protected]>
Date:   Fri Feb 24 12:57:36 2023 -0800

    Fixed Linter warnings & build errors (Azure#354)

    * Fixed BCP321 Linter warning in networking files

    * Fixed Role Definition Id References to use the ResourceId function

    * changed the pOlicyScopedId var to be set by using the MGResourceID Function

    * fixed BCP321 warning

    * fixed the remaining linter warnings

    * fixed the remaining linter errors in the policy definitions

    * updated the linter rules

    * Fixed Bug on policy defnition

    * Fixed the AKS policy deployment

    * Commit 95556ddd: changed the extensionResourceId function to tenantResourceId for all built-in polify definitions

    * fixed linter warnings in policy files

    * changed the invalid dummy service alert phone number to a valid phone number

    * changed the servcie health number prefix to 604

    * updated AKS version in the Data Archetypes

    * Changed hte AKS version to only have the Major.Minor

    * Added the patch version to the AKS versions in the Data Archetypes

commit 0fa01e8
Author: Luke Murray <[email protected]>
Date:   Tue Feb 7 12:26:03 2023 +1300

    Updated documents, from docs.microsoft.com - to Learn. (Azure#350)

    Updated documents, from docs.microsoft.com - to Learn.

commit e44c7ea
Author: Obay <[email protected]>
Date:   Wed Nov 30 19:14:57 2022 -0800

    Update hubnetwork-azfw.md (Azure#345)

    Having domain controllers under the "Connectivity" subscription is an anti-pattern that causes confusion to users.

    Co-authored-by: Barrington Willis <[email protected]>

commit 12cd557
Author: Steve Keeler <[email protected]>
Date:   Wed Nov 30 21:27:08 2022 -0500

    Add Barry to code owners list (Azure#346)

commit c714e65
Author: Steve Keeler <[email protected]>
Date:   Fri Oct 14 15:48:33 2022 -0400

    Update CODEOWNERS (Azure#344)

    Adding Barry Willis and Kevin Evans to the CODEOWNERS file for the entire repo

commit b8a9bc9
Author: Steve Keeler <[email protected]>
Date:   Thu Sep 1 15:31:28 2022 -0400

    Version August 2022 schema changes (Azure#342)

commit 5851a09
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:50:15 2022 -0400

    Revised Event Hub Diagnostic Settings policy (Azure#339)

commit e5fe399
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:37:43 2022 -0400

    Update diagnostic settings profile name (Azure#337)

commit db52627
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:17:12 2022 -0400

    Suppress false positive linter warning: secure-secrets-in-params (Azure#335)

commit 2a6042d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:59:13 2022 -0400

    Network security group support for private endpoints subnet (Azure#333)

commit e069a4b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:28:39 2022 -0400

    Support data collection rule (Azure#331)

commit c2afa0d
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Aug 8 15:42:22 2022 -0400

    Support azkms.core.windows.net and IPs in firewall allow list (Azure#329)

commit a7f521d
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:31:56 2022 -0400

    Add missing log categories in diagnostic settings for Azure Firewall (Azure#324)

commit 60198bc
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:11:10 2022 -0400

    Resolve linter warning: prefer-unquoted-property-names (Azure#322)

commit a4e53ff
Author: Sabyasachi Dasgupta <[email protected]>
Date:   Mon Jul 18 16:44:01 2022 -0400

    Update machinelearning.md (Azure#327)

commit 8fc587a
Author: Ifyagolu <[email protected]>
Date:   Fri Jun 24 17:05:28 2022 -0400

    Fix typo in onboarding guidance (Azure#320)

commit e9a0962
Author: Islam Gomaa <[email protected]>
Date:   Fri May 27 16:13:52 2022 -0400

    Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (Azure#313)

commit 2b11801
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu May 19 10:38:55 2022 -0400

    Add service health notification info (Azure#310)

commit bce747c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 18 09:29:03 2022 -0400

    Update resource group names for Logging & Networking (Azure#309)

    Remove `-rg` suffix

commit 6765c48
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 17 15:14:33 2022 -0400

    Serial defender plan deployments & revised resource/resource group names (Azure#307)

commit 62adb00
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 13:53:37 2022 -0400

    Log Analytics solutions for SQL servers on machines (Azure#303)

commit c1a3b99
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 09:26:47 2022 -0400

    Flexible policy deployment using PowerShell & GitHub Actions (Azure#300)

commit 0ce5c1a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 12:19:01 2022 -0400

    Disable fail fast for matrix deployments (Azure#297)

commit c078a79
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 11:19:43 2022 -0400

    Concurrent role deployment with PowerShell & GitHub Actions (Azure#299)

commit 31a214a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 10:39:08 2022 -0400

    Disable metrics in diagnostic settings for AKS through Policy (Azure#295)

commit 6a90a2f
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 11 10:56:26 2022 -0400

    Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (Azure#289)

commit c413307
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 16:46:06 2022 -0400

    Ensure multiple subscriptions can be moved to a management in parallel (Azure#288)

    Ensure deployment name for moving subscription is unique

commit 93d2f13
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 14:53:18 2022 -0400

    Support jobs in GitHub Actions  (Azure#286)

commit 31e8d0a
Author: Steve Keeler <[email protected]>
Date:   Tue May 10 12:30:36 2022 -0400

    Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (Azure#285)

commit 229b144
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 20:41:06 2022 -0400

    Fix DeploySubscriptionIds parameter type casting (Azure#282)

commit 799ad52
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 20:10:33 2022 -0400

    Pass-thru secure strings as-is until ready for use (Azure#281)

commit a9c9419
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 17:11:12 2022 -0400

    Add environment configuration override and protect sensitive parameters (Azure#280)

commit ce6c27f
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 11:23:57 2022 -0400

    Support schema validation (Azure#277)

commit 1d8dbd7
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 08:07:26 2022 -0400

    GitHub workflow implementation (Azure#276)

    Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector

commit 08d8f92
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 2 16:03:02 2022 -0400

    Deployment flow diagram (Azure#274)

commit db098e1
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 22:37:58 2022 -0400

    Powershell deployment script for archetypes (Azure#273)

    Support for deploying subscriptions

commit 15c2847
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 16:29:22 2022 -0400

    PowerShell deployment scripts (Azure#271)

commit 3522571
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 18:10:23 2022 -0400

    Snapshot ARM parameters JSON schemas (Azure#268)

commit 60f3b59
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 17:29:58 2022 -0400

    Organize deployment parameters for Hub Networking with NVA (Azure#266)

commit 926521a
Author: ghostme <[email protected]>
Date:   Wed Apr 27 15:20:08 2022 -0400

    Updated documentation  (Azure#267)

commit d68824a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:32:25 2022 -0400

    Organize deployment parameters for Hub Networking with Azure Firewall (Azure#265)

commit 2bc196a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:03:31 2022 -0400

    Support for optional subnets in Machine Learning & Healthcare archetypes (Azure#264)

commit b33cd36
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Apr 21 09:32:43 2022 -0400

    Update common.yml example (Azure#262)

commit 3008353
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 12:44:45 2022 -0400

    Removed extra configuration files (Azure#260)

commit 1ee5b9e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:56:14 2022 -0400

    Revise subnet configuration for Healthcare archetype (Azure#256)

commit 72fe50d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:43:09 2022 -0400

    Revise subnet configuration for Machine Learning archetype (Azure#254)

commit 7083377
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:38:07 2022 -0400

    Revise subnet configuration for Generic Subscription archetype (Azure#252)

commit 3d9c60d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:30:10 2022 -0400

    Migrate Networking configuration to JSON parameters file (Azure#250)

commit 38fc344
Author: Mohamed Sharaf <[email protected]>
Date:   Wed Apr 20 10:29:52 2022 -0400

    Azure Active Directory support for Synapse (Azure#259)

commit 89613db
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 21:31:06 2022 -0400

    Include new Databricks' log categories for diagnostic settings (Azure#248)

    Add new databricks' log categories for diagnostic settings

commit 700eb96
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 17:33:12 2022 -0400

    Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (Azure#246)

    Update Private DNS Zone policy to support multiple dnsZoneConfigs

commit 1c37279
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 11 11:24:00 2022 -0400

    Support logging infrastructure for multiple regions in same subscription (Azure#244)

    Ensure subscription scoped deployments are unique per region

commit 0e258f9
Author: Steve Keeler <[email protected]>
Date:   Sat Apr 9 13:50:50 2022 -0400

    Update azure-devops-pipelines.md (Azure#242)

commit bfe1f58
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 11:31:52 2022 -0400

    Migrate Logging configuration to JSON parameters file  (Azure#236)

commit cc5f017
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 10:26:12 2022 -0400

    PBMM & HITRUST/HIPAA policy update (Azure#238)

commit 3259994
Author: Steve Keeler <[email protected]>
Date:   Tue Apr 5 14:41:17 2022 -0400

    Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script Azure#233 (Azure#234)

commit cb96311
Author: ccmsft <[email protected]>
Date:   Mon Apr 4 09:39:17 2022 -0400

    Updating recommendations to reflect licensing reqs (Azure#229)

commit 3ce2cf8
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 1 22:49:44 2022 -0400

    Use built-in policy for Cosmos DB for Defender Plan (Azure#232)

    * Use built-in policy for Cosmos DB for Defender Plan

    * Add branch config

    * Remove branch config

commit d2f959a
Author: ghostme <[email protected]>
Date:   Fri Apr 1 10:05:21 2022 -0400

    Update networking documentation for generic subscription archetype (Azure#230)

commit 575440e
Author: ccmsft <[email protected]>
Date:   Wed Mar 30 23:36:35 2022 -0400

    Initial GC 30-day cloud guardrails compliance/guidance (Azure#226)

    Initial GC 30-day cloud guardrails doc

commit 6b36096
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 22:40:17 2022 -0400

    Externalize Log Analytics Workspace parameters when loading pipeline variables (Azure#220)

    Externalize the log analytics parameters to load arbitary LAW variables

commit 0210df4
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 21:51:30 2022 -0400

    Flexible policy assignment parameters JSON files (Azure#222)

commit f25f957
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 20:57:07 2022 -0400

    Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (Azure#228)

    * Change Cosmos DB namespace to Microsoft.DocumentDB

    * Add branch config

    * Remove branch config

commit 453a0f8
Author: Steve Keeler <[email protected]>
Date:   Wed Mar 30 19:00:07 2022 -0400

    Improve `delete-management-groups.bat` script (Azure#224)

commit 2e5a56b
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 24 09:02:36 2022 -0400

    Fix formatting (Azure#218)

commit bf5e94b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 23:01:02 2022 -0400

    Add instructions for customizing policy set assignments (Azure#215)

commit 0538d4d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:57:00 2022 -0400

    Document delete lock usage (Azure#216)

    Document when and where delete locks are used

commit 789b18a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:49:24 2022 -0400

    Update OZ subnet name to App Management Zone (Azure#217)

commit 97c2904
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Mar 11 21:59:40 2022 -0500

    Backward compatibility when setting pipeline variables from management group hierarchy  (Azure#213)

commit 30b9cc2
Author: Adil Ha <[email protected]>
Date:   Fri Mar 11 11:26:31 2022 -0500

    fixing doc typo in hubnetwork-azfw (Azure#211)

    Co-authored-by: Adil Ha <[email protected]>

commit 27363b7
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 13:04:13 2022 -0500

    Support Defender Plan for Cosmos DB (Azure#200)

    Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB

commit 81eccd1
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 12:48:45 2022 -0500

    Delete Lock for Log Analytics Workspace resource group (Azure#205)

    Add delete lock for LAW RG

commit 678355f
Author: Steve Keeler <[email protected]>
Date:   Sat Mar 5 11:03:46 2022 -0500

    Fix pipeline scripts reference to `subscription-ci` (Azure#207)

commit 5753cf0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:44:31 2022 -0500

    Ensure values from multiline variables are properly logged (Azure#202)

    Print multi-line environment variables (typically JSON objects) in Show Variables step

commit d6b1c08
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:09:47 2022 -0500

    Revise subscription deployment instructions (Azure#201)

    * Redirect subscriptoin configuration guidance to archetype authoring guide doc
    * Revise instructions for creating ARM parameter files & management group id selection

commit 5e7322e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 2 08:22:35 2022 -0500

    Instructions for backfilling management group hierarchy (Azure#197)

    * Add instructions for backfilling management group hierarchy

    * Update section titles, links and reference backfill instruction as part of MG setup

    * Instructions for installing AzCLI and jq

    * Clearfy that Tenant Root Group could have been renamed in the organization

    * Windows Shell example

    * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used

    * Note on YAML indentation

commit 5d33909
Author: Preston K. Parsard <[email protected]>
Date:   Tue Mar 1 10:46:04 2022 -0500

    subscription(generic): add instructions for configuring parameters (Azure#193)

commit 17846c4
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 20:30:20 2022 -0500

    Show Variables fix (Azure#191)

commit c62dcfc
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 16:50:20 2022 -0500

    Configurable management group hierarchy (Azure#186)

    Implement configurable management group hierarchy

commit 9a141f7
Author: Preston K. Parsard <[email protected]>
Date:   Sat Feb 26 19:45:35 2022 -0500

    Update onboarding document

    Co-authored-by: Preston K. Parsard <[email protected]>

commit 6b6ef29
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Feb 26 18:22:48 2022 -0500

    Snapshot JSON schemas to v0.4.0 (Azure#182)

commit 4dd1f4a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 23 15:39:43 2022 -0500

    Update onboarding doc for logging & networking management group settings (Azure#177)

    * Fix markdown linter warnings
    * Add instruction for logging and networking MGs

commit 5d7eec3
Author: Steve Keeler <[email protected]>
Date:   Wed Feb 23 12:51:20 2022 -0500

    Update `create-pipelines.bat` onboarding script to auto-provision environment (Azure#178)

commit 488fc6e
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Feb 22 09:05:20 2022 -0500

    Instructions for Azure DevOps Environments (Azure#175)

    * Instructions for creating ADO pipeline environments

    * Fix formatting

commit edabd87
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 17 23:29:42 2022 -0500

    Support for Tag inheritance from Subscription to Resource Group (Azure#161)

    * Add policy and policy set to inherit tags from subscription to resource group

    * Add branch config for testing

    * Remove policy type as it's not built in

    * Updated resource type for resource group

    * Update policy assignment

    * Ensure assignment name is <= 24 chars

    * Revert resource group type

    * Setting mode to all

    * Update documentation

    * Add branch config

    * Add explicit dependsOn for subscription scaffolding to complete

    * Update test deployment parameters

    * Remove explicit dependsOn for subscription scaffolding to complete

    * Update doc to describe approaches for adding tags to RGs

    * Reduce the options for tagging resources given subscripton to RG tagging is available

    * Add example scenarios for tag inheritence

    * Fix typo

    * Remove branch configs

    * Resolve linter error: no-loc-expr-outside-params

commit e71ed26
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 16 20:09:19 2022 -0500

    Linter: no-loc-expr-outside-params - ensure compliance (Azure#169)

    * Update linter rules for location parameter

    * Add location parameter with default value based on resourceGroup() or deployment()

    * Update archetype schema and docs for location

    * Add branch config for testing

    * Update AKS version

    * Update branch config

    * Remove branch configs

commit 6061fa0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 16:49:42 2022 -0500

    Repository clean up (Azure#165)

    * Remove obsolete directory

    * Rotate resource group names for E2E deployments

    * Fix typo

    * Add branch config for testing

    * Fix typo

    * Remove branch configs

    * Remove timestamp from sample JSON templates.  Timestamps are kept for E2E testing.

    * Remove date stamp

commit 5104f39
Author: Steve Keeler <[email protected]>
Date:   Thu Feb 10 09:08:17 2022 -0500

    Update DevOps Onboarding section of main readme (Azure#162)

commit 209f61c
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 09:06:31 2022 -0500

    Update Deployment Script's Azure CLI version to 2.32.0 (Azure#164)

    Update Azure CLI version to 2.32.0

commit d7d5257
Author: Steve Keeler <[email protected]>
Date:   Mon Feb 7 13:51:17 2022 -0500

    Issue Azure#157 - Update scripts documentation (Azure#158)

    Update scripts documentation (Issue Azure#157)
    Update docs/onboarding/azure-devops-scripts.md
    Co-authored-by: Senthuran Sivananthan <[email protected]>

commit b628c68
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Feb 4 12:42:31 2022 -0500

    Enhance PBMM policy assignment to disable diagnostic settings metrics (Azure#156)

    Ensure diagnostic settings policy only checks for logs

commit 61afd59
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Jan 31 12:52:09 2022 -0500

    Snapshot landing zone schema to v0.3.0 (Azure#152)

commit 09f09ed
Author: Steve Keeler <[email protected]>
Date:   Mon Jan 31 09:20:20 2022 -0500

    Automation scripts for Azure DevOps onboarding (Azure#151)

    Implement Azure#150, scripts and documentation

commit 82dd826
Author: SlavaRoikhman <[email protected]>
Date:   Thu Jan 27 13:32:41 2022 -0500

    Removed 'privatelink.monitor.azure.com' from Private DNS Zones (Azure#149)

commit 73ce2eb
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 23:23:45 2022 -0500

    Flexible policy assignment scope (Azure#147)

    * Add deployment scope for policy assignment

    * Add branch test config

    * Set new parameter for policy assignment scope:  var-policyAssignmentManagementGroupId

    * Update pipeline for new var

    * Add separate scope for testing

    * Update pipeline parameter name

    * Ensure new temp file is created to populate the parameters.

    * Remove test job

    * Remove branch config

    * Update readme

    * Update authoring guide with new parameter

commit c71051b
Author: hudua <[email protected]>
Date:   Fri Jan 21 14:21:08 2022 -0500

    Private Endpoint for App Service (Azure#144)

commit fff245d
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 10:51:43 2022 -0500

    Diagnostic Settings Policies for PaaS services (Azure#143)

    * Add diagnostic settings policies for data services

    * Add branch config for testing

    * Add missing types for auditing

    * Add diagnostic setting policies for compute services

    * Add diagnostic setting policies for integration services

    * Add diagnostic setting policies for network services

    * Remove policy for ACI since it doesn't have logs to collect

    * Remove extra resource type

    * Set region to 'global' for edge services

    * Remove branch config. used for testing

    * Updated App Service log categories

    * Add branch config

    * Remove branch config

* remove trailing comma
wanpengyang added a commit to cds-snc/CanadaPubSecALZ that referenced this pull request Mar 26, 2024
Squashed commit of the following:

commit db45632
Author: Steve Keeler <[email protected]>
Date:   Sun Jul 9 23:14:55 2023 -0400

    Scripts to generate config from template, support JSON config intellisense in editors, fix bugs in deployment scripts (Azure#379)

    Fixes path normalization bug in deployment scripts Azure#374
    Fixes subscription filtering bug in deployment scripts Azure#375
    Adds CanadaPubSecALZ configuration JSON schema support for editors Azure#376
    Adds Scripts to generate CanadaPubSecALZ configuration files using existing environments as template Azure#377
    Adds Deploy landing zones to new Azure subscriptions in new primary tenant Azure#378

commit 5830bcb
Author: David Christiansen <[email protected]>
Date:   Tue Apr 25 21:12:23 2023 +0100

    Update identity.md (Azure#365)

    Updated page title to reflect content

commit 674f6cb
Author: Yanick Lepine <[email protected]>
Date:   Thu Mar 16 13:13:38 2023 -0400

    Update DDoS.bicep (Azure#363)

    Change policySetDefinitions to policyDefinitions for the policyScopedId variable.

commit 5680e65
Author: Barrington Willis <[email protected]>
Date:   Mon Mar 13 06:31:54 2023 -0700

    Bug fixes - network routing & ADO Identity Pipelines (Azure#362)

    * Fixed Bug: missing identityPathFromRoot variable missing

    * Fixed Bug: Allow Network transit thru the hub

    * renamed the Subscriptions Yaml

commit f13f6ec
Author: Barrington Willis <[email protected]>
Date:   Fri Mar 3 07:00:06 2023 -0800

    Identity Archetype (Azure#359)

    * Squashed commit of the following:

    commit 6d6b3e49855c365f49a4674534b985bacf9cd74c
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 27 08:07:45 2023 -0800

        changed the areacode on the logging service health alerts architype

    commit 86b4505c2ffd5127978883c0bc6a1f9b0e7d3268
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:39:08 2023 -0800

        prepping for testing in ESLZ test environment

    commit 0f92b6bf70aee1377b4d49db436fa7024f1bfd25
    Merge: 2a3584a 7749e7b
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:10:37 2023 -0800

        Merge remote-tracking branch 'origin/main' into IdentityLZ

    commit 7749e7b
    Merge: f6555a4 5337654
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:08:54 2023 -0800

        Merge remote-tracking branch 'github-CanadaPubSecALZ/main'

    commit f6555a4
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 12:30:20 2023 -0800

        Added the patch version to the AKS versions in the Data Archetypes

    commit 8edcb63
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 11:32:54 2023 -0800

        Changed hte AKS version to only have the Major.Minor

    commit 37123d7
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 11:17:38 2023 -0800

        updated AKS version in the Data Archetypes

    commit 459b3c6
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 08:55:13 2023 -0800

        changed the servcie health number prefix to 604

    commit cccf886
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 07:42:52 2023 -0800

        changed the invalid dummy service alert phone number to a valid phone number

    commit 8e9628d
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 07:01:36 2023 -0800

        fixed linter warnings in policy files

    commit 6c2b2f7
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 15:36:36 2023 -0800

        Commit 95556ddd: changed the extensionResourceId function to tenantResourceId for all built-in polify definitions

    commit c58ba48
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 15:09:56 2023 -0800

        Fixed the AKS policy deployment

    commit f9e8418
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 14:04:22 2023 -0800

        Fixed Bug on policy defnition

    commit 1a3c82e
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 19:09:02 2023 -0800

        updated the linter rules

    commit 20e1880
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 18:52:18 2023 -0800

        fixed the remaining linter errors in the policy definitions

    commit 1610a28
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 18:27:14 2023 -0800

        fixed the remaining linter warnings

    commit 9f0e049
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 17:31:21 2023 -0800

        fixed BCP321 warning

    commit 466d7b0
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 17:22:46 2023 -0800

        changed the pOlicyScopedId var to be set by using the MGResourceID Function

    commit 9362967
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 16:48:26 2023 -0800

        Fixed Role Definition Id References to use the ResourceId function

    commit 4bcbc28
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 16:07:33 2023 -0800

        Fixed BCP321 Linter warning in networking files

    commit 2a3584a7cac9c5822c7a226bc8a5d44f52d69a65
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 15:07:43 2023 -0800

        Removed Linter exception BCP321 - will fix in the linter PR

    commit a0b48ec7710a5ee8023a066e4cb5394074002c1e
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 10:39:36 2023 -0800

        Fixed the bugs with conditionally deploying DNS Resolver

    commit 4f24be78f48465b404c529b276db66496c9958db
    Author: Barry Willis <[email protected]>
    Date:   Wed Feb 8 15:29:38 2023 -0800

        Updated documentation and made the DNS Resolver subnets optional

    commit 03fcb5e50b0670c67d1850063dd828ffa6945cf8
    Merge: dfe0d9a 0fa01e8
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 6 16:58:41 2023 -0800

        Merge remote-tracking branch 'origin/main' into IdentityLZ

    commit dfe0d9acab086df1d9dfbfbdae5770fbf5da999a
    Author: Barry Willis <[email protected]>
    Date:   Wed Jan 11 15:52:06 2023 -0800

        added Schema validation to the identity config file

    commit fb88630b5d707db6b7f4ab1aa2455ff79920d5b3
    Author: Barry Willis <[email protected]>
    Date:   Mon Jan 9 10:28:13 2023 -0800

        changed the DNS Resolver ruleset to be an object-array

    commit 78aaf4d6cdeff8d9832d8a309f26c10cefe97a22
    Author: Barry Willis <[email protected]>
    Date:   Sat Jan 7 13:57:37 2023 -0800

        first pass at creating conditional forwarding rulesets in the Identity LZ

    commit e7b554d04daee83a55a985073ec0c59084c7f3c2
    Author: Barry Willis <[email protected]>
    Date:   Fri Jan 6 08:54:27 2023 -0800

        Configured Subnet Delegation for Az DNS Resolver

    commit 978ab9925f876945ba02280493f7deba1c07e7ee
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 19:52:24 2023 -0800

        added Private DNS Resolver to the Identity LZ

    commit 9735d58fc04d7a587a76a5387deb112c466390fe
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 13:19:05 2023 -0800

        Removed the optional Subnet

    commit 4cd57ed41a09672b3cfbc1792c2edbdc3569a060
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 13:09:36 2023 -0800

        first cut at the identity LZ framework

    commit a119eea02fca28a2028362f484aa2835c9313c1d
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:54:58 2022 -0800

        added identitypathfromroot in the branch config file

    commit 75b6ccc2ab6efd55037e0a5a938d49f2eef32de4
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:35:12 2022 -0800

        Added: identity vars display
        Changed: location reference to identity param file

    commit e0cfc41b5a83c4c331689fcafa5edc9928e93d39
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:22:35 2022 -0800

        fixed misconfigured working directory

    commit fb58b16999aeb9cc6b6b81647c76e95024e1267c
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:18:46 2022 -0800

        removed schema validation to test deployment

    commit 240189de7e30fa57654c3ec76ec37c762ff80133
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:15:43 2022 -0800

        fixed bug - neworking region is now identity region

    commit 89e63b5976cb5cdc4e85d0b25c01234ffe4853d7
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:11:48 2022 -0800

        initial identity lz deployment

    commit d4b40b26b893b78d7a9250dffe24c3e9ce06d690
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:03:29 2022 -0800

        Added default region for Identity Subscription

    commit 41e611818d09181b1a455f612425cae20f0683f7
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 08:29:33 2022 -0800

        Changed bastion subnet range in identity subnet

    commit f5a43f2d44803e80db8a043d31e5c9f72fc51675
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 07:33:03 2022 -0800

        Param file for Identity LZ

    commit 13d084b0fe74f39ca1423b2eb9f333a2b760b1f2
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 15:19:23 2022 +0000

        Deleted identity.parameteres.json

    commit 5ba9a12fa8e8e02f60f3f2afea43681cc84d7446
    Merge: 002b2be e395307
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:18:40 2022 -0800

        Merge branch 'IdentityLZ' of https://dev.azure.com/Tredell/CanadaALZ/_git/CanadaALZ into IdentityLZ

    commit 002b2be1bb5b555a334f35cbb505e7a68f321649
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:18:32 2022 -0800

        id-lz - created param section for id lz

    commit e395307b1c12786cc28cf3d4b00586dde69739d5
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:13:54 2022 -0800

        id-lz - created param section for id lz

    commit 7f4a43eb4fdc7f6f37ebab8e661981cccbee9f50
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:54:57 2022 -0800

        disabled privatelink infrastructure to be deployed in hub lz

    commit db85049ac94b5c394d586b6960343bc1286997f1
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:46:36 2022 -0800

        Configured hub networking parameter files

    commit 8d772e868803d1b712013f7db21044d48ab730d2
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:07:43 2022 -0800

        removed comment from json - not supported

    commit 89cde8d92704f1a41a123af46da6dd90568d99cb
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:56:47 2022 -0800

        Configuring Policies for deployment to Test enviornment

    commit ba781ee844a4abd403071e072645988b63ada494
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:40:53 2022 -0800

        added a default security Group

    commit 1269da21e08fdf4c29a53b38a4d18722c64461e0
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:26:14 2022 -0800

        setting up logging for my test environment

    commit 4d6a41f4133380223f5895dba270cbce4ae5a39b
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:13:08 2022 -0800

        testing the path to the logging configuraiton file

    commit 75d0b99caf6aed5f809c28566cad35569d78be58
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:00:14 2022 -0800

        added the full path to the logging parameters file

    commit 32e8382bcb8deaaaab0c7bc1c2791483ef439971
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:55:00 2022 -0800

        path to logging parameters file was incorrect

    commit 5757d36a486e7f3b707f00848d19cfe64de83358
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:37:20 2022 -0800

        Changed MG Root to match test enviornment

    commit 1fdd02db1638420decf5ab021fb617b95920aada
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:09:46 2022 -0800

        Adding config file for IdentityLZ branch

    * PowerShell Deployment Files created

    * GitHub Action Pipelines modified to add the Identity Archetype

    * made the Identity GitHub Action optional

    * put the boolean option in single quotes

    * fixed a few bugs (BCP321 & references to the wrong tenant)

    * changed the sub id for the logging subscription

    * Removed the hardcoded reference to the LAW in the identity param file

    * updated the param file with the LAW ID

    * disabled private dns zone deployment in the identity sub

    * removed the config files from my custom branch

    * uncommented the validation in the Identity ADO Pipeline

    * removed commented trigger code from ADO Identity Pipeline

    * renenabled the dployment of the DNSPrivateEndPoints policyset

    * removed the provider registration for containerservices in the deploy-identity-pipeline yaml

    * added an explanation comment to the dnsforwardingruleset file

    * Added telemetry tracking  for the identity subscription

    * fixed cut and paste errors

    * Updated test cases & documentation

    * added the consistency check & pull request checks for github actions

    * fixed spelling error

commit 5337654
Author: Barrington Willis <[email protected]>
Date:   Fri Feb 24 12:57:36 2023 -0800

    Fixed Linter warnings & build errors (Azure#354)

    * Fixed BCP321 Linter warning in networking files

    * Fixed Role Definition Id References to use the ResourceId function

    * changed the pOlicyScopedId var to be set by using the MGResourceID Function

    * fixed BCP321 warning

    * fixed the remaining linter warnings

    * fixed the remaining linter errors in the policy definitions

    * updated the linter rules

    * Fixed Bug on policy defnition

    * Fixed the AKS policy deployment

    * Commit 95556ddd: changed the extensionResourceId function to tenantResourceId for all built-in polify definitions

    * fixed linter warnings in policy files

    * changed the invalid dummy service alert phone number to a valid phone number

    * changed the servcie health number prefix to 604

    * updated AKS version in the Data Archetypes

    * Changed hte AKS version to only have the Major.Minor

    * Added the patch version to the AKS versions in the Data Archetypes

commit 0fa01e8
Author: Luke Murray <[email protected]>
Date:   Tue Feb 7 12:26:03 2023 +1300

    Updated documents, from docs.microsoft.com - to Learn. (Azure#350)

    Updated documents, from docs.microsoft.com - to Learn.

commit e44c7ea
Author: Obay <[email protected]>
Date:   Wed Nov 30 19:14:57 2022 -0800

    Update hubnetwork-azfw.md (Azure#345)

    Having domain controllers under the "Connectivity" subscription is an anti-pattern that causes confusion to users.

    Co-authored-by: Barrington Willis <[email protected]>

commit 12cd557
Author: Steve Keeler <[email protected]>
Date:   Wed Nov 30 21:27:08 2022 -0500

    Add Barry to code owners list (Azure#346)

commit c714e65
Author: Steve Keeler <[email protected]>
Date:   Fri Oct 14 15:48:33 2022 -0400

    Update CODEOWNERS (Azure#344)

    Adding Barry Willis and Kevin Evans to the CODEOWNERS file for the entire repo

commit b8a9bc9
Author: Steve Keeler <[email protected]>
Date:   Thu Sep 1 15:31:28 2022 -0400

    Version August 2022 schema changes (Azure#342)

commit 5851a09
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:50:15 2022 -0400

    Revised Event Hub Diagnostic Settings policy (Azure#339)

commit e5fe399
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:37:43 2022 -0400

    Update diagnostic settings profile name (Azure#337)

commit db52627
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:17:12 2022 -0400

    Suppress false positive linter warning: secure-secrets-in-params (Azure#335)

commit 2a6042d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:59:13 2022 -0400

    Network security group support for private endpoints subnet (Azure#333)

commit e069a4b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:28:39 2022 -0400

    Support data collection rule (Azure#331)

commit c2afa0d
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Aug 8 15:42:22 2022 -0400

    Support azkms.core.windows.net and IPs in firewall allow list (Azure#329)

commit a7f521d
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:31:56 2022 -0400

    Add missing log categories in diagnostic settings for Azure Firewall (Azure#324)

commit 60198bc
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:11:10 2022 -0400

    Resolve linter warning: prefer-unquoted-property-names (Azure#322)

commit a4e53ff
Author: Sabyasachi Dasgupta <[email protected]>
Date:   Mon Jul 18 16:44:01 2022 -0400

    Update machinelearning.md (Azure#327)

commit 8fc587a
Author: Ifyagolu <[email protected]>
Date:   Fri Jun 24 17:05:28 2022 -0400

    Fix typo in onboarding guidance (Azure#320)

commit e9a0962
Author: Islam Gomaa <[email protected]>
Date:   Fri May 27 16:13:52 2022 -0400

    Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (Azure#313)

commit 2b11801
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu May 19 10:38:55 2022 -0400

    Add service health notification info (Azure#310)

commit bce747c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 18 09:29:03 2022 -0400

    Update resource group names for Logging & Networking (Azure#309)

    Remove `-rg` suffix

commit 6765c48
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 17 15:14:33 2022 -0400

    Serial defender plan deployments & revised resource/resource group names (Azure#307)

commit 62adb00
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 13:53:37 2022 -0400

    Log Analytics solutions for SQL servers on machines (Azure#303)

commit c1a3b99
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 09:26:47 2022 -0400

    Flexible policy deployment using PowerShell & GitHub Actions (Azure#300)

commit 0ce5c1a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 12:19:01 2022 -0400

    Disable fail fast for matrix deployments (Azure#297)

commit c078a79
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 11:19:43 2022 -0400

    Concurrent role deployment with PowerShell & GitHub Actions (Azure#299)

commit 31a214a
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 10:39:08 2022 -0400

    Disable metrics in diagnostic settings for AKS through Policy (Azure#295)

commit 6a90a2f
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 11 10:56:26 2022 -0400

    Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (Azure#289)

commit c413307
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 16:46:06 2022 -0400

    Ensure multiple subscriptions can be moved to a management in parallel (Azure#288)

    Ensure deployment name for moving subscription is unique

commit 93d2f13
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 14:53:18 2022 -0400

    Support jobs in GitHub Actions  (Azure#286)

commit 31e8d0a
Author: Steve Keeler <[email protected]>
Date:   Tue May 10 12:30:36 2022 -0400

    Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (Azure#285)

commit 229b144
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 20:41:06 2022 -0400

    Fix DeploySubscriptionIds parameter type casting (Azure#282)

commit 799ad52
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 20:10:33 2022 -0400

    Pass-thru secure strings as-is until ready for use (Azure#281)

commit a9c9419
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 17:11:12 2022 -0400

    Add environment configuration override and protect sensitive parameters (Azure#280)

commit ce6c27f
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 11:23:57 2022 -0400

    Support schema validation (Azure#277)

commit 1d8dbd7
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 08:07:26 2022 -0400

    GitHub workflow implementation (Azure#276)

    Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector

commit 08d8f92
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 2 16:03:02 2022 -0400

    Deployment flow diagram (Azure#274)

commit db098e1
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 22:37:58 2022 -0400

    Powershell deployment script for archetypes (Azure#273)

    Support for deploying subscriptions

commit 15c2847
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 16:29:22 2022 -0400

    PowerShell deployment scripts (Azure#271)

commit 3522571
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 18:10:23 2022 -0400

    Snapshot ARM parameters JSON schemas (Azure#268)

commit 60f3b59
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 17:29:58 2022 -0400

    Organize deployment parameters for Hub Networking with NVA (Azure#266)

commit 926521a
Author: ghostme <[email protected]>
Date:   Wed Apr 27 15:20:08 2022 -0400

    Updated documentation  (Azure#267)

commit d68824a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:32:25 2022 -0400

    Organize deployment parameters for Hub Networking with Azure Firewall (Azure#265)

commit 2bc196a
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:03:31 2022 -0400

    Support for optional subnets in Machine Learning & Healthcare archetypes (Azure#264)

commit b33cd36
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Apr 21 09:32:43 2022 -0400

    Update common.yml example (Azure#262)

commit 3008353
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 12:44:45 2022 -0400

    Removed extra configuration files (Azure#260)

commit 1ee5b9e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:56:14 2022 -0400

    Revise subnet configuration for Healthcare archetype (Azure#256)

commit 72fe50d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:43:09 2022 -0400

    Revise subnet configuration for Machine Learning archetype (Azure#254)

commit 7083377
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:38:07 2022 -0400

    Revise subnet configuration for Generic Subscription archetype (Azure#252)

commit 3d9c60d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:30:10 2022 -0400

    Migrate Networking configuration to JSON parameters file (Azure#250)

commit 38fc344
Author: Mohamed Sharaf <[email protected]>
Date:   Wed Apr 20 10:29:52 2022 -0400

    Azure Active Directory support for Synapse (Azure#259)

commit 89613db
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 21:31:06 2022 -0400

    Include new Databricks' log categories for diagnostic settings (Azure#248)

    Add new databricks' log categories for diagnostic settings

commit 700eb96
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 17:33:12 2022 -0400

    Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (Azure#246)

    Update Private DNS Zone policy to support multiple dnsZoneConfigs

commit 1c37279
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 11 11:24:00 2022 -0400

    Support logging infrastructure for multiple regions in same subscription (Azure#244)

    Ensure subscription scoped deployments are unique per region

commit 0e258f9
Author: Steve Keeler <[email protected]>
Date:   Sat Apr 9 13:50:50 2022 -0400

    Update azure-devops-pipelines.md (Azure#242)

commit bfe1f58
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 11:31:52 2022 -0400

    Migrate Logging configuration to JSON parameters file  (Azure#236)

commit cc5f017
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 10:26:12 2022 -0400

    PBMM & HITRUST/HIPAA policy update (Azure#238)

commit 3259994
Author: Steve Keeler <[email protected]>
Date:   Tue Apr 5 14:41:17 2022 -0400

    Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script Azure#233 (Azure#234)

commit cb96311
Author: ccmsft <[email protected]>
Date:   Mon Apr 4 09:39:17 2022 -0400

    Updating recommendations to reflect licensing reqs (Azure#229)

commit 3ce2cf8
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 1 22:49:44 2022 -0400

    Use built-in policy for Cosmos DB for Defender Plan (Azure#232)

    * Use built-in policy for Cosmos DB for Defender Plan

    * Add branch config

    * Remove branch config

commit d2f959a
Author: ghostme <[email protected]>
Date:   Fri Apr 1 10:05:21 2022 -0400

    Update networking documentation for generic subscription archetype (Azure#230)

commit 575440e
Author: ccmsft <[email protected]>
Date:   Wed Mar 30 23:36:35 2022 -0400

    Initial GC 30-day cloud guardrails compliance/guidance (Azure#226)

    Initial GC 30-day cloud guardrails doc

commit 6b36096
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 22:40:17 2022 -0400

    Externalize Log Analytics Workspace parameters when loading pipeline variables (Azure#220)

    Externalize the log analytics parameters to load arbitary LAW variables

commit 0210df4
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 21:51:30 2022 -0400

    Flexible policy assignment parameters JSON files (Azure#222)

commit f25f957
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 20:57:07 2022 -0400

    Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (Azure#228)

    * Change Cosmos DB namespace to Microsoft.DocumentDB

    * Add branch config

    * Remove branch config

commit 453a0f8
Author: Steve Keeler <[email protected]>
Date:   Wed Mar 30 19:00:07 2022 -0400

    Improve `delete-management-groups.bat` script (Azure#224)

commit 2e5a56b
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 24 09:02:36 2022 -0400

    Fix formatting (Azure#218)

commit bf5e94b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 23:01:02 2022 -0400

    Add instructions for customizing policy set assignments (Azure#215)

commit 0538d4d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:57:00 2022 -0400

    Document delete lock usage (Azure#216)

    Document when and where delete locks are used

commit 789b18a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:49:24 2022 -0400

    Update OZ subnet name to App Management Zone (Azure#217)

commit 97c2904
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Mar 11 21:59:40 2022 -0500

    Backward compatibility when setting pipeline variables from management group hierarchy  (Azure#213)

commit 30b9cc2
Author: Adil Ha <[email protected]>
Date:   Fri Mar 11 11:26:31 2022 -0500

    fixing doc typo in hubnetwork-azfw (Azure#211)

    Co-authored-by: Adil Ha <[email protected]>

commit 27363b7
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 13:04:13 2022 -0500

    Support Defender Plan for Cosmos DB (Azure#200)

    Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB

commit 81eccd1
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 12:48:45 2022 -0500

    Delete Lock for Log Analytics Workspace resource group (Azure#205)

    Add delete lock for LAW RG

commit 678355f
Author: Steve Keeler <[email protected]>
Date:   Sat Mar 5 11:03:46 2022 -0500

    Fix pipeline scripts reference to `subscription-ci` (Azure#207)

commit 5753cf0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:44:31 2022 -0500

    Ensure values from multiline variables are properly logged (Azure#202)

    Print multi-line environment variables (typically JSON objects) in Show Variables step

commit d6b1c08
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:09:47 2022 -0500

    Revise subscription deployment instructions (Azure#201)

    * Redirect subscriptoin configuration guidance to archetype authoring guide doc
    * Revise instructions for creating ARM parameter files & management group id selection

commit 5e7322e
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 2 08:22:35 2022 -0500

    Instructions for backfilling management group hierarchy (Azure#197)

    * Add instructions for backfilling management group hierarchy

    * Update section titles, links and reference backfill instruction as part of MG setup

    * Instructions for installing AzCLI and jq

    * Clearfy that Tenant Root Group could have been renamed in the organization

    * Windows Shell example

    * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used

    * Note on YAML indentation

commit 5d33909
Author: Preston K. Parsard <[email protected]>
Date:   Tue Mar 1 10:46:04 2022 -0500

    subscription(generic): add instructions for configuring parameters (Azure#193)

commit 17846c4
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 20:30:20 2022 -0500

    Show Variables fix (Azure#191)

commit c62dcfc
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 16:50:20 2022 -0500

    Configurable management group hierarchy (Azure#186)

    Implement configurable management group hierarchy

commit 9a141f7
Author: Preston K. Parsard <[email protected]>
Date:   Sat Feb 26 19:45:35 2022 -0500

    Update onboarding document

    Co-authored-by: Preston K. Parsard <[email protected]>

commit 6b6ef29
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Feb 26 18:22:48 2022 -0500

    Snapshot JSON schemas to v0.4.0 (Azure#182)

commit 4dd1f4a
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 23 15:39:43 2022 -0500

    Update onboarding doc for logging & networking management group settings (Azure#177)

    * Fix markdown linter warnings
    * Add instruction for logging and networking MGs

commit 5d7eec3
Author: Steve Keeler <[email protected]>
Date:   Wed Feb 23 12:51:20 2022 -0500

    Update `create-pipelines.bat` onboarding script to auto-provision environment (Azure#178)

commit 488fc6e
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Feb 22 09:05:20 2022 -0500

    Instructions for Azure DevOps Environments (Azure#175)

    * Instructions for creating ADO pipeline environments

    * Fix formatting

commit edabd87
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 17 23:29:42 2022 -0500

    Support for Tag inheritance from Subscription to Resource Group (Azure#161)

    * Add policy and policy set to inherit tags from subscription to resource group

    * Add branch config for testing

    * Remove policy type as it's not built in

    * Updated resource type for resource group

    * Update policy assignment

    * Ensure assignment name is <= 24 chars

    * Revert resource group type

    * Setting mode to all

    * Update documentation

    * Add branch config

    * Add explicit dependsOn for subscription scaffolding to complete

    * Update test deployment parameters

    * Remove explicit dependsOn for subscription scaffolding to complete

    * Update doc to describe approaches for adding tags to RGs

    * Reduce the options for tagging resources given subscripton to RG tagging is available

    * Add example scenarios for tag inheritence

    * Fix typo

    * Remove branch configs

    * Resolve linter error: no-loc-expr-outside-params

commit e71ed26
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 16 20:09:19 2022 -0500

    Linter: no-loc-expr-outside-params - ensure compliance (Azure#169)

    * Update linter rules for location parameter

    * Add location parameter with default value based on resourceGroup() or deployment()

    * Update archetype schema and docs for location

    * Add branch config for testing

    * Update AKS version

    * Update branch config

    * Remove branch configs

commit 6061fa0
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 16:49:42 2022 -0500

    Repository clean up (Azure#165)

    * Remove obsolete directory

    * Rotate resource group names for E2E deployments

    * Fix typo

    * Add branch config for testing

    * Fix typo

    * Remove branch configs

    * Remove timestamp from sample JSON templates.  Timestamps are kept for E2E testing.

    * Remove date stamp

commit 5104f39
Author: Steve Keeler <[email protected]>
Date:   Thu Feb 10 09:08:17 2022 -0500

    Update DevOps Onboarding section of main readme (Azure#162)

commit 209f61c
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 09:06:31 2022 -0500

    Update Deployment Script's Azure CLI version to 2.32.0 (Azure#164)

    Update Azure CLI version to 2.32.0

commit d7d5257
Author: Steve Keeler <[email protected]>
Date:   Mon Feb 7 13:51:17 2022 -0500

    Issue Azure#157 - Update scripts documentation (Azure#158)

    Update scripts documentation (Issue Azure#157)
    Update docs/onboarding/azure-devops-scripts.md
    Co-authored-by: Senthuran Sivananthan <[email protected]>

commit b628c68
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Feb 4 12:42:31 2022 -0500

    Enhance PBMM policy assignment to disable diagnostic settings metrics (Azure#156)

    Ensure diagnostic settings policy only checks for logs

commit 61afd59
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Jan 31 12:52:09 2022 -0500

    Snapshot landing zone schema to v0.3.0 (Azure#152)

commit 09f09ed
Author: Steve Keeler <[email protected]>
Date:   Mon Jan 31 09:20:20 2022 -0500

    Automation scripts for Azure DevOps onboarding (Azure#151)

    Implement Azure#150, scripts and documentation

commit 82dd826
Author: SlavaRoikhman <[email protected]>
Date:   Thu Jan 27 13:32:41 2022 -0500

    Removed 'privatelink.monitor.azure.com' from Private DNS Zones (Azure#149)

commit 73ce2eb
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 23:23:45 2022 -0500

    Flexible policy assignment scope (Azure#147)

    * Add deployment scope for policy assignment

    * Add branch test config

    * Set new parameter for policy assignment scope:  var-policyAssignmentManagementGroupId

    * Update pipeline for new var

    * Add separate scope for testing

    * Update pipeline parameter name

    * Ensure new temp file is created to populate the parameters.

    * Remove test job

    * Remove branch config

    * Update readme

    * Update authoring guide with new parameter

commit c71051b
Author: hudua <[email protected]>
Date:   Fri Jan 21 14:21:08 2022 -0500

    Private Endpoint for App Service (Azure#144)

commit fff245d
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 10:51:43 2022 -0500

    Diagnostic Settings Policies for PaaS services (Azure#143)

    * Add diagnostic settings policies for data services

    * Add branch config for testing

    * Add missing types for auditing

    * Add diagnostic setting policies for compute services

    * Add diagnostic setting policies for integration services

    * Add diagnostic setting policies for network services

    * Remove policy for ACI since it doesn't have logs to collect

    * Remove extra resource type

    * Set region to 'global' for edge services

    * Remove branch config. used for testing

    * Updated App Service log categories

    * Add branch config

    * Remove branch config
wanpengyang added a commit to cds-snc/CanadaPubSecALZ that referenced this pull request Apr 19, 2024
* Diagnostic Settings Policies for PaaS services (#143)

* Add diagnostic settings policies for data services

* Add branch config for testing

* Add missing types for auditing

* Add diagnostic setting policies for compute services

* Add diagnostic setting policies for integration services

* Add diagnostic setting policies for network services

* Remove policy for ACI since it doesn't have logs to collect

* Remove extra resource type

* Set region to 'global' for edge services

* Remove branch config. used for testing

* Updated App Service log categories

* Add branch config

* Remove branch config

* Private Endpoint for App Service (#144)

* Flexible policy assignment scope (#147)

* Add deployment scope for policy assignment

* Add branch test config

* Set new parameter for policy assignment scope:  var-policyAssignmentManagementGroupId

* Update pipeline for new var

* Add separate scope for testing

* Update pipeline parameter name

* Ensure new temp file is created to populate the parameters.

* Remove test job

* Remove branch config

* Update readme

* Update authoring guide with new parameter

* Removed 'privatelink.monitor.azure.com' from Private DNS Zones (#149)

* Automation scripts for Azure DevOps onboarding (#151)

Implement #150, scripts and documentation

* Snapshot landing zone schema to v0.3.0 (#152)

* Enhance PBMM policy assignment to disable diagnostic settings metrics (#156)

Ensure diagnostic settings policy only checks for logs

* Issue #157 - Update scripts documentation (#158)

Update scripts documentation (Issue #157)
Update docs/onboarding/azure-devops-scripts.md
Co-authored-by: Senthuran Sivananthan <[email protected]>

* Update Deployment Script's Azure CLI version to 2.32.0 (#164)

Update Azure CLI version to 2.32.0

* Update DevOps Onboarding section of main readme (#162)

* Repository clean up (#165)

* Remove obsolete directory

* Rotate resource group names for E2E deployments

* Fix typo

* Add branch config for testing

* Fix typo

* Remove branch configs

* Remove timestamp from sample JSON templates.  Timestamps are kept for E2E testing.

* Remove date stamp

* Linter: no-loc-expr-outside-params - ensure compliance (#169)

* Update linter rules for location parameter

* Add location parameter with default value based on resourceGroup() or deployment()

* Update archetype schema and docs for location

* Add branch config for testing

* Update AKS version

* Update branch config

* Remove branch configs

* Support for Tag inheritance from Subscription to Resource Group (#161)

* Add policy and policy set to inherit tags from subscription to resource group

* Add branch config for testing

* Remove policy type as it's not built in

* Updated resource type for resource group

* Update policy assignment

* Ensure assignment name is <= 24 chars

* Revert resource group type

* Setting mode to all

* Update documentation

* Add branch config

* Add explicit dependsOn for subscription scaffolding to complete

* Update test deployment parameters

* Remove explicit dependsOn for subscription scaffolding to complete

* Update doc to describe approaches for adding tags to RGs

* Reduce the options for tagging resources given subscripton to RG tagging is available

* Add example scenarios for tag inheritence

* Fix typo

* Remove branch configs

* Resolve linter error: no-loc-expr-outside-params

* Instructions for Azure DevOps Environments (#175)

* Instructions for creating ADO pipeline environments

* Fix formatting

* Update `create-pipelines.bat` onboarding script to auto-provision environment (#178)

* Update onboarding doc for logging & networking management group settings (#177)

* Fix markdown linter warnings
* Add instruction for logging and networking MGs

* Snapshot JSON schemas to v0.4.0 (#182)

* Update onboarding document

Co-authored-by: Preston K. Parsard <[email protected]>

* Configurable management group hierarchy (#186)

Implement configurable management group hierarchy

* Show Variables fix (#191)

* subscription(generic): add instructions for configuring parameters (#193)

* Instructions for backfilling management group hierarchy (#197)

* Add instructions for backfilling management group hierarchy

* Update section titles, links and reference backfill instruction as part of MG setup

* Instructions for installing AzCLI and jq

* Clearfy that Tenant Root Group could have been renamed in the organization

* Windows Shell example

* Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used

* Note on YAML indentation

* Revise subscription deployment instructions (#201)

* Redirect subscriptoin configuration guidance to archetype authoring guide doc
* Revise instructions for creating ARM parameter files & management group id selection

* Ensure values from multiline variables are properly logged (#202)

Print multi-line environment variables (typically JSON objects) in Show Variables step

* Fix pipeline scripts reference to `subscription-ci` (#207)

* Delete Lock for Log Analytics Workspace resource group (#205)

Add delete lock for LAW RG

* Support Defender Plan for Cosmos DB (#200)

Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB

* fixing doc typo in hubnetwork-azfw (#211)

Co-authored-by: Adil Ha <[email protected]>

* Backward compatibility when setting pipeline variables from management group hierarchy  (#213)

* Update OZ subnet name to App Management Zone (#217)

* Document delete lock usage (#216)

Document when and where delete locks are used

* Add instructions for customizing policy set assignments (#215)

* Fix formatting (#218)

* Improve `delete-management-groups.bat` script (#224)

* Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (#228)

* Change Cosmos DB namespace to Microsoft.DocumentDB

* Add branch config

* Remove branch config

* Flexible policy assignment parameters JSON files (#222)

* Externalize Log Analytics Workspace parameters when loading pipeline variables (#220)

Externalize the log analytics parameters to load arbitary LAW variables

* Initial GC 30-day cloud guardrails compliance/guidance (#226)

Initial GC 30-day cloud guardrails doc

* Update networking documentation for generic subscription archetype (#230)

* Use built-in policy for Cosmos DB for Defender Plan (#232)

* Use built-in policy for Cosmos DB for Defender Plan

* Add branch config

* Remove branch config

* Updating recommendations to reflect licensing reqs (#229)

* Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script #233 (#234)

* PBMM & HITRUST/HIPAA policy update (#238)

* Migrate Logging configuration to JSON parameters file  (#236)

* Update azure-devops-pipelines.md (#242)

* Support logging infrastructure for multiple regions in same subscription (#244)

Ensure subscription scoped deployments are unique per region

* Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (#246)

Update Private DNS Zone policy to support multiple dnsZoneConfigs

* Include new Databricks' log categories for diagnostic settings (#248)

Add new databricks' log categories for diagnostic settings

* Azure Active Directory support for Synapse (#259)

* Migrate Networking configuration to JSON parameters file (#250)

* Revise subnet configuration for Generic Subscription archetype (#252)

* Revise subnet configuration for Machine Learning archetype (#254)

* Revise subnet configuration for Healthcare archetype (#256)

* Removed extra configuration files (#260)

* Update common.yml example (#262)

* Support for optional subnets in Machine Learning & Healthcare archetypes (#264)

* Organize deployment parameters for Hub Networking with Azure Firewall (#265)

* Updated documentation  (#267)

* Organize deployment parameters for Hub Networking with NVA (#266)

* Snapshot ARM parameters JSON schemas (#268)

* PowerShell deployment scripts (#271)

* Powershell deployment script for archetypes (#273)

Support for deploying subscriptions

* Deployment flow diagram (#274)

* GitHub workflow implementation (#276)

Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector

* Support schema validation (#277)

* Add environment configuration override and protect sensitive parameters (#280)

* Pass-thru secure strings as-is until ready for use (#281)

* Fix DeploySubscriptionIds parameter type casting (#282)

* Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (#285)

* Support jobs in GitHub Actions  (#286)

* Ensure multiple subscriptions can be moved to a management in parallel (#288)

Ensure deployment name for moving subscription is unique

* Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (#289)

* Disable metrics in diagnostic settings for AKS through Policy (#295)

* Concurrent role deployment with PowerShell & GitHub Actions (#299)

* Disable fail fast for matrix deployments (#297)

* Flexible policy deployment using PowerShell & GitHub Actions (#300)

* Log Analytics solutions for SQL servers on machines (#303)

* Serial defender plan deployments & revised resource/resource group names (#307)

* Update resource group names for Logging & Networking (#309)

Remove `-rg` suffix

* Add service health notification info (#310)

* Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (#313)

* Fix typo in onboarding guidance (#320)

* Update machinelearning.md (#327)

* Resolve linter warning: prefer-unquoted-property-names (#322)

* Add missing log categories in diagnostic settings for Azure Firewall (#324)

* Support azkms.core.windows.net and IPs in firewall allow list (#329)

* Support data collection rule (#331)

* Network security group support for private endpoints subnet (#333)

* Suppress false positive linter warning: secure-secrets-in-params (#335)

* Update diagnostic settings profile name (#337)

* Revised Event Hub Diagnostic Settings policy (#339)

* Version August 2022 schema changes (#342)

* Update CODEOWNERS (#344)

Adding Barry Willis and Kevin Evans to the CODEOWNERS file for the entire repo

* Add Barry to code owners list (#346)

* Update hubnetwork-azfw.md (#345)

Having domain controllers under the "Connectivity" subscription is an anti-pattern that causes confusion to users.

Co-authored-by: Barrington Willis <[email protected]>

* Updated documents, from docs.microsoft.com - to Learn. (#350)

Updated documents, from docs.microsoft.com - to Learn.

* Fixed Linter warnings & build errors (#354)

* Fixed BCP321 Linter warning in networking files

* Fixed Role Definition Id References to use the ResourceId function

* changed the pOlicyScopedId var to be set by using the MGResourceID Function

* fixed BCP321 warning

* fixed the remaining linter warnings

* fixed the remaining linter errors in the policy definitions

* updated the linter rules

* Fixed Bug on policy defnition

* Fixed the AKS policy deployment

* Commit 95556ddd: changed the extensionResourceId function to tenantResourceId for all built-in polify definitions

* fixed linter warnings in policy files

* changed the invalid dummy service alert phone number to a valid phone number

* changed the servcie health number prefix to 604

* updated AKS version in the Data Archetypes

* Changed hte AKS version to only have the Major.Minor

* Added the patch version to the AKS versions in the Data Archetypes

* Identity Archetype (#359)

* Squashed commit of the following:

commit 6d6b3e49855c365f49a4674534b985bacf9cd74c
Author: Barry Willis <[email protected]>
Date:   Mon Feb 27 08:07:45 2023 -0800

    changed the areacode on the logging service health alerts architype

commit 86b4505c2ffd5127978883c0bc6a1f9b0e7d3268
Author: Barry Willis <[email protected]>
Date:   Fri Feb 24 16:39:08 2023 -0800

    prepping for testing in ESLZ test environment

commit 0f92b6bf70aee1377b4d49db436fa7024f1bfd25
Merge: 2a3584a 7749e7b
Author: Barry Willis <[email protected]>
Date:   Fri Feb 24 16:10:37 2023 -0800

    Merge remote-tracking branch 'origin/main' into IdentityLZ

commit 7749e7bf7a8756e3b2ffd09016e3e9d9954407db
Merge: f6555a4 5337654
Author: Barry Willis <[email protected]>
Date:   Fri Feb 24 16:08:54 2023 -0800

    Merge remote-tracking branch 'github-CanadaPubSecALZ/main'

commit f6555a41227fdbe47a6981798e2cb2bb97bd7cd6
Author: Barry Willis <[email protected]>
Date:   Mon Feb 13 12:30:20 2023 -0800

    Added the patch version to the AKS versions in the Data Archetypes

commit 8edcb63d833fd177ede60c9a51b6228f448c0c33
Author: Barry Willis <[email protected]>
Date:   Mon Feb 13 11:32:54 2023 -0800

    Changed hte AKS version to only have the Major.Minor

commit 37123d71623b7c6ed288a5ba32c7cab5f8e75e6f
Author: Barry Willis <[email protected]>
Date:   Mon Feb 13 11:17:38 2023 -0800

    updated AKS version in the Data Archetypes

commit 459b3c62751cb6bfedf2ddc5800ad39137417d38
Author: Barry Willis <[email protected]>
Date:   Mon Feb 13 08:55:13 2023 -0800

    changed the servcie health number prefix to 604

commit cccf88662c3a0e0d7b2f625a13ec191053017985
Author: Barry Willis <[email protected]>
Date:   Mon Feb 13 07:42:52 2023 -0800

    changed the invalid dummy service alert phone number to a valid phone number

commit 8e9628d26e1285c437a6ec8a3ebd479299f3cb5f
Author: Barry Willis <[email protected]>
Date:   Mon Feb 13 07:01:36 2023 -0800

    fixed linter warnings in policy files

commit 6c2b2f7d2d53b97d0014306656406cf564189779
Author: Barry Willis <[email protected]>
Date:   Sat Feb 11 15:36:36 2023 -0800

    Commit 95556ddd: changed the extensionResourceId function to tenantResourceId for all built-in polify definitions

commit c58ba48f5073c0b86b41c54fddca9cab0368b59a
Author: Barry Willis <[email protected]>
Date:   Sat Feb 11 15:09:56 2023 -0800

    Fixed the AKS policy deployment

commit f9e8418b7e1faf8cc8122acc9414e12c5bfbd22e
Author: Barry Willis <[email protected]>
Date:   Sat Feb 11 14:04:22 2023 -0800

    Fixed Bug on policy defnition

commit 1a3c82e446072db49d927343a4792e30bdb31f05
Author: Barry Willis <[email protected]>
Date:   Fri Feb 10 19:09:02 2023 -0800

    updated the linter rules

commit 20e188051a8999d7a5e6ee925ec193f6e1d2dea6
Author: Barry Willis <[email protected]>
Date:   Fri Feb 10 18:52:18 2023 -0800

    fixed the remaining linter errors in the policy definitions

commit 1610a28e355af15a86d8a555a97ca9912cc11aeb
Author: Barry Willis <[email protected]>
Date:   Fri Feb 10 18:27:14 2023 -0800

    fixed the remaining linter warnings

commit 9f0e049fa09e19f0cf312f4826520e1005e58434
Author: Barry Willis <[email protected]>
Date:   Fri Feb 10 17:31:21 2023 -0800

    fixed BCP321 warning

commit 466d7b0c070f4bb4fef94b1fb9bac2f3da754c4a
Author: Barry Willis <[email protected]>
Date:   Fri Feb 10 17:22:46 2023 -0800

    changed the pOlicyScopedId var to be set by using the MGResourceID Function

commit 9362967e5006d9ec3882cdc5bec5aae5b872bf29
Author: Barry Willis <[email protected]>
Date:   Fri Feb 10 16:48:26 2023 -0800

    Fixed Role Definition Id References to use the ResourceId function

commit 4bcbc28212ecac9bff2a8e3c720a9a364479733c
Author: Barry Willis <[email protected]>
Date:   Fri Feb 10 16:07:33 2023 -0800

    Fixed BCP321 Linter warning in networking files

commit 2a3584a7cac9c5822c7a226bc8a5d44f52d69a65
Author: Barry Willis <[email protected]>
Date:   Fri Feb 10 15:07:43 2023 -0800

    Removed Linter exception BCP321 - will fix in the linter PR

commit a0b48ec7710a5ee8023a066e4cb5394074002c1e
Author: Barry Willis <[email protected]>
Date:   Fri Feb 10 10:39:36 2023 -0800

    Fixed the bugs with conditionally deploying DNS Resolver

commit 4f24be78f48465b404c529b276db66496c9958db
Author: Barry Willis <[email protected]>
Date:   Wed Feb 8 15:29:38 2023 -0800

    Updated documentation and made the DNS Resolver subnets optional

commit 03fcb5e50b0670c67d1850063dd828ffa6945cf8
Merge: dfe0d9a 0fa01e8
Author: Barry Willis <[email protected]>
Date:   Mon Feb 6 16:58:41 2023 -0800

    Merge remote-tracking branch 'origin/main' into IdentityLZ

commit dfe0d9acab086df1d9dfbfbdae5770fbf5da999a
Author: Barry Willis <[email protected]>
Date:   Wed Jan 11 15:52:06 2023 -0800

    added Schema validation to the identity config file

commit fb88630b5d707db6b7f4ab1aa2455ff79920d5b3
Author: Barry Willis <[email protected]>
Date:   Mon Jan 9 10:28:13 2023 -0800

    changed the DNS Resolver ruleset to be an object-array

commit 78aaf4d6cdeff8d9832d8a309f26c10cefe97a22
Author: Barry Willis <[email protected]>
Date:   Sat Jan 7 13:57:37 2023 -0800

    first pass at creating conditional forwarding rulesets in the Identity LZ

commit e7b554d04daee83a55a985073ec0c59084c7f3c2
Author: Barry Willis <[email protected]>
Date:   Fri Jan 6 08:54:27 2023 -0800

    Configured Subnet Delegation for Az DNS Resolver

commit 978ab9925f876945ba02280493f7deba1c07e7ee
Author: Barry Willis <[email protected]>
Date:   Thu Jan 5 19:52:24 2023 -0800

    added Private DNS Resolver to the Identity LZ

commit 9735d58fc04d7a587a76a5387deb112c466390fe
Author: Barry Willis <[email protected]>
Date:   Thu Jan 5 13:19:05 2023 -0800

    Removed the optional Subnet

commit 4cd57ed41a09672b3cfbc1792c2edbdc3569a060
Author: Barry Willis <[email protected]>
Date:   Thu Jan 5 13:09:36 2023 -0800

    first cut at the identity LZ framework

commit a119eea02fca28a2028362f484aa2835c9313c1d
Author: Barry Willis <[email protected]>
Date:   Wed Dec 21 11:54:58 2022 -0800

    added identitypathfromroot in the branch config file

commit 75b6ccc2ab6efd55037e0a5a938d49f2eef32de4
Author: Barry Willis <[email protected]>
Date:   Wed Dec 21 11:35:12 2022 -0800

    Added: identity vars display
    Changed: location reference to identity param file

commit e0cfc41b5a83c4c331689fcafa5edc9928e93d39
Author: Barry Willis <[email protected]>
Date:   Wed Dec 21 11:22:35 2022 -0800

    fixed misconfigured working directory

commit fb58b16999aeb9cc6b6b81647c76e95024e1267c
Author: Barry Willis <[email protected]>
Date:   Wed Dec 21 11:18:46 2022 -0800

    removed schema validation to test deployment

commit 240189de7e30fa57654c3ec76ec37c762ff80133
Author: Barry Willis <[email protected]>
Date:   Wed Dec 21 11:15:43 2022 -0800

    fixed bug - neworking region is now identity region

commit 89e63b5976cb5cdc4e85d0b25c01234ffe4853d7
Author: Barry Willis <[email protected]>
Date:   Wed Dec 21 11:11:48 2022 -0800

    initial identity lz deployment

commit d4b40b26b893b78d7a9250dffe24c3e9ce06d690
Author: Barry Willis <[email protected]>
Date:   Wed Dec 21 11:03:29 2022 -0800

    Added default region for Identity Subscription

commit 41e611818d09181b1a455f612425cae20f0683f7
Author: Barry Willis <[email protected]>
Date:   Wed Dec 21 08:29:33 2022 -0800

    Changed bastion subnet range in identity subnet

commit f5a43f2d44803e80db8a043d31e5c9f72fc51675
Author: Barry Willis <[email protected]>
Date:   Wed Dec 21 07:33:03 2022 -0800

    Param file for Identity LZ

commit 13d084b0fe74f39ca1423b2eb9f333a2b760b1f2
Author: Barry Willis <[email protected]>
Date:   Tue Dec 20 15:19:23 2022 +0000

    Deleted identity.parameteres.json

commit 5ba9a12fa8e8e02f60f3f2afea43681cc84d7446
Merge: 002b2be e395307
Author: Barry Willis <[email protected]>
Date:   Tue Dec 20 07:18:40 2022 -0800

    Merge branch 'IdentityLZ' of https://dev.azure.com/Tredell/CanadaALZ/_git/CanadaALZ into IdentityLZ

commit 002b2be1bb5b555a334f35cbb505e7a68f321649
Author: Barry Willis <[email protected]>
Date:   Tue Dec 20 07:18:32 2022 -0800

    id-lz - created param section for id lz

commit e395307b1c12786cc28cf3d4b00586dde69739d5
Author: Barry Willis <[email protected]>
Date:   Tue Dec 20 07:13:54 2022 -0800

    id-lz - created param section for id lz

commit 7f4a43eb4fdc7f6f37ebab8e661981cccbee9f50
Author: Barry Willis <[email protected]>
Date:   Mon Dec 19 14:54:57 2022 -0800

    disabled privatelink infrastructure to be deployed in hub lz

commit db85049ac94b5c394d586b6960343bc1286997f1
Author: Barry Willis <[email protected]>
Date:   Mon Dec 19 14:46:36 2022 -0800

    Configured hub networking parameter files

commit 8d772e868803d1b712013f7db21044d48ab730d2
Author: Barry Willis <[email protected]>
Date:   Mon Dec 19 14:07:43 2022 -0800

    removed comment from json - not supported

commit 89cde8d92704f1a41a123af46da6dd90568d99cb
Author: Barry Willis <[email protected]>
Date:   Mon Dec 19 12:56:47 2022 -0800

    Configuring Policies for deployment to Test enviornment

commit ba781ee844a4abd403071e072645988b63ada494
Author: Barry Willis <[email protected]>
Date:   Mon Dec 19 12:40:53 2022 -0800

    added a default security Group

commit 1269da21e08fdf4c29a53b38a4d18722c64461e0
Author: Barry Willis <[email protected]>
Date:   Mon Dec 19 12:26:14 2022 -0800

    setting up logging for my test environment

commit 4d6a41f4133380223f5895dba270cbce4ae5a39b
Author: Barry Willis <[email protected]>
Date:   Mon Dec 19 12:13:08 2022 -0800

    testing the path to the logging configuraiton file

commit 75d0b99caf6aed5f809c28566cad35569d78be58
Author: Barry Willis <[email protected]>
Date:   Mon Dec 19 12:00:14 2022 -0800

    added the full path to the logging parameters file

commit 32e8382bcb8deaaaab0c7bc1c2791483ef439971
Author: Barry Willis <[email protected]>
Date:   Mon Dec 19 11:55:00 2022 -0800

    path to logging parameters file was incorrect

commit 5757d36a486e7f3b707f00848d19cfe64de83358
Author: Barry Willis <[email protected]>
Date:   Mon Dec 19 11:37:20 2022 -0800

    Changed MG Root to match test enviornment

commit 1fdd02db1638420decf5ab021fb617b95920aada
Author: Barry Willis <[email protected]>
Date:   Mon Dec 19 11:09:46 2022 -0800

    Adding config file for IdentityLZ branch

* PowerShell Deployment Files created

* GitHub Action Pipelines modified to add the Identity Archetype

* made the Identity GitHub Action optional

* put the boolean option in single quotes

* fixed a few bugs (BCP321 & references to the wrong tenant)

* changed the sub id for the logging subscription

* Removed the hardcoded reference to the LAW in the identity param file

* updated the param file with the LAW ID

* disabled private dns zone deployment in the identity sub

* removed the config files from my custom branch

* uncommented the validation in the Identity ADO Pipeline

* removed commented trigger code from ADO Identity Pipeline

* renenabled the dployment of the DNSPrivateEndPoints policyset

* removed the provider registration for containerservices in the deploy-identity-pipeline yaml

* added an explanation comment to the dnsforwardingruleset file

* Added telemetry tracking  for the identity subscription

* fixed cut and paste errors

* Updated test cases & documentation

* added the consistency check & pull request checks for github actions

* fixed spelling error

* Bug fixes - network routing & ADO Identity Pipelines (#362)

* Fixed Bug: missing identityPathFromRoot variable missing

* Fixed Bug: Allow Network transit thru the hub

* renamed the Subscriptions Yaml

* Update DDoS.bicep (#363)

Change policySetDefinitions to policyDefinitions for the policyScopedId variable.

* Update identity.md (#365)

Updated page title to reflect content

* Scripts to generate config from template, support JSON config intellisense in editors, fix bugs in deployment scripts (#379)

Fixes path normalization bug in deployment scripts #374
Fixes subscription filtering bug in deployment scripts #375
Adds CanadaPubSecALZ configuration JSON schema support for editors #376
Adds Scripts to generate CanadaPubSecALZ configuration files using existing environments as template #377
Adds Deploy landing zones to new Azure subscriptions in new primary tenant #378

* update to 1.3.0

Squashed commit of the following:

commit db45632283e6982fb095f6be33540c28ad54960a
Author: Steve Keeler <[email protected]>
Date:   Sun Jul 9 23:14:55 2023 -0400

    Scripts to generate config from template, support JSON config intellisense in editors, fix bugs in deployment scripts (#379)

    Fixes path normalization bug in deployment scripts #374
    Fixes subscription filtering bug in deployment scripts #375
    Adds CanadaPubSecALZ configuration JSON schema support for editors #376
    Adds Scripts to generate CanadaPubSecALZ configuration files using existing environments as template #377
    Adds Deploy landing zones to new Azure subscriptions in new primary tenant #378

commit 5830bcb63193565ab291076b54765f2d8986f64b
Author: David Christiansen <[email protected]>
Date:   Tue Apr 25 21:12:23 2023 +0100

    Update identity.md (#365)

    Updated page title to reflect content

commit 674f6cb1e7ee407765eeb9d99a8163ef0a461b32
Author: Yanick Lepine <[email protected]>
Date:   Thu Mar 16 13:13:38 2023 -0400

    Update DDoS.bicep (#363)

    Change policySetDefinitions to policyDefinitions for the policyScopedId variable.

commit 5680e6582a6c28907898da2026ef3c1f0e56a332
Author: Barrington Willis <[email protected]>
Date:   Mon Mar 13 06:31:54 2023 -0700

    Bug fixes - network routing & ADO Identity Pipelines (#362)

    * Fixed Bug: missing identityPathFromRoot variable missing

    * Fixed Bug: Allow Network transit thru the hub

    * renamed the Subscriptions Yaml

commit f13f6ec24f5b8c0f318cf66f6cd1a2f3c7a01534
Author: Barrington Willis <[email protected]>
Date:   Fri Mar 3 07:00:06 2023 -0800

    Identity Archetype (#359)

    * Squashed commit of the following:

    commit 6d6b3e49855c365f49a4674534b985bacf9cd74c
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 27 08:07:45 2023 -0800

        changed the areacode on the logging service health alerts architype

    commit 86b4505c2ffd5127978883c0bc6a1f9b0e7d3268
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:39:08 2023 -0800

        prepping for testing in ESLZ test environment

    commit 0f92b6bf70aee1377b4d49db436fa7024f1bfd25
    Merge: 2a3584a 7749e7b
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:10:37 2023 -0800

        Merge remote-tracking branch 'origin/main' into IdentityLZ

    commit 7749e7bf7a8756e3b2ffd09016e3e9d9954407db
    Merge: f6555a4 5337654
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 24 16:08:54 2023 -0800

        Merge remote-tracking branch 'github-CanadaPubSecALZ/main'

    commit f6555a41227fdbe47a6981798e2cb2bb97bd7cd6
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 12:30:20 2023 -0800

        Added the patch version to the AKS versions in the Data Archetypes

    commit 8edcb63d833fd177ede60c9a51b6228f448c0c33
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 11:32:54 2023 -0800

        Changed hte AKS version to only have the Major.Minor

    commit 37123d71623b7c6ed288a5ba32c7cab5f8e75e6f
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 11:17:38 2023 -0800

        updated AKS version in the Data Archetypes

    commit 459b3c62751cb6bfedf2ddc5800ad39137417d38
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 08:55:13 2023 -0800

        changed the servcie health number prefix to 604

    commit cccf88662c3a0e0d7b2f625a13ec191053017985
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 07:42:52 2023 -0800

        changed the invalid dummy service alert phone number to a valid phone number

    commit 8e9628d26e1285c437a6ec8a3ebd479299f3cb5f
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 13 07:01:36 2023 -0800

        fixed linter warnings in policy files

    commit 6c2b2f7d2d53b97d0014306656406cf564189779
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 15:36:36 2023 -0800

        Commit 95556ddd: changed the extensionResourceId function to tenantResourceId for all built-in polify definitions

    commit c58ba48f5073c0b86b41c54fddca9cab0368b59a
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 15:09:56 2023 -0800

        Fixed the AKS policy deployment

    commit f9e8418b7e1faf8cc8122acc9414e12c5bfbd22e
    Author: Barry Willis <[email protected]>
    Date:   Sat Feb 11 14:04:22 2023 -0800

        Fixed Bug on policy defnition

    commit 1a3c82e446072db49d927343a4792e30bdb31f05
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 19:09:02 2023 -0800

        updated the linter rules

    commit 20e188051a8999d7a5e6ee925ec193f6e1d2dea6
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 18:52:18 2023 -0800

        fixed the remaining linter errors in the policy definitions

    commit 1610a28e355af15a86d8a555a97ca9912cc11aeb
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 18:27:14 2023 -0800

        fixed the remaining linter warnings

    commit 9f0e049fa09e19f0cf312f4826520e1005e58434
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 17:31:21 2023 -0800

        fixed BCP321 warning

    commit 466d7b0c070f4bb4fef94b1fb9bac2f3da754c4a
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 17:22:46 2023 -0800

        changed the pOlicyScopedId var to be set by using the MGResourceID Function

    commit 9362967e5006d9ec3882cdc5bec5aae5b872bf29
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 16:48:26 2023 -0800

        Fixed Role Definition Id References to use the ResourceId function

    commit 4bcbc28212ecac9bff2a8e3c720a9a364479733c
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 16:07:33 2023 -0800

        Fixed BCP321 Linter warning in networking files

    commit 2a3584a7cac9c5822c7a226bc8a5d44f52d69a65
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 15:07:43 2023 -0800

        Removed Linter exception BCP321 - will fix in the linter PR

    commit a0b48ec7710a5ee8023a066e4cb5394074002c1e
    Author: Barry Willis <[email protected]>
    Date:   Fri Feb 10 10:39:36 2023 -0800

        Fixed the bugs with conditionally deploying DNS Resolver

    commit 4f24be78f48465b404c529b276db66496c9958db
    Author: Barry Willis <[email protected]>
    Date:   Wed Feb 8 15:29:38 2023 -0800

        Updated documentation and made the DNS Resolver subnets optional

    commit 03fcb5e50b0670c67d1850063dd828ffa6945cf8
    Merge: dfe0d9a 0fa01e8
    Author: Barry Willis <[email protected]>
    Date:   Mon Feb 6 16:58:41 2023 -0800

        Merge remote-tracking branch 'origin/main' into IdentityLZ

    commit dfe0d9acab086df1d9dfbfbdae5770fbf5da999a
    Author: Barry Willis <[email protected]>
    Date:   Wed Jan 11 15:52:06 2023 -0800

        added Schema validation to the identity config file

    commit fb88630b5d707db6b7f4ab1aa2455ff79920d5b3
    Author: Barry Willis <[email protected]>
    Date:   Mon Jan 9 10:28:13 2023 -0800

        changed the DNS Resolver ruleset to be an object-array

    commit 78aaf4d6cdeff8d9832d8a309f26c10cefe97a22
    Author: Barry Willis <[email protected]>
    Date:   Sat Jan 7 13:57:37 2023 -0800

        first pass at creating conditional forwarding rulesets in the Identity LZ

    commit e7b554d04daee83a55a985073ec0c59084c7f3c2
    Author: Barry Willis <[email protected]>
    Date:   Fri Jan 6 08:54:27 2023 -0800

        Configured Subnet Delegation for Az DNS Resolver

    commit 978ab9925f876945ba02280493f7deba1c07e7ee
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 19:52:24 2023 -0800

        added Private DNS Resolver to the Identity LZ

    commit 9735d58fc04d7a587a76a5387deb112c466390fe
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 13:19:05 2023 -0800

        Removed the optional Subnet

    commit 4cd57ed41a09672b3cfbc1792c2edbdc3569a060
    Author: Barry Willis <[email protected]>
    Date:   Thu Jan 5 13:09:36 2023 -0800

        first cut at the identity LZ framework

    commit a119eea02fca28a2028362f484aa2835c9313c1d
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:54:58 2022 -0800

        added identitypathfromroot in the branch config file

    commit 75b6ccc2ab6efd55037e0a5a938d49f2eef32de4
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:35:12 2022 -0800

        Added: identity vars display
        Changed: location reference to identity param file

    commit e0cfc41b5a83c4c331689fcafa5edc9928e93d39
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:22:35 2022 -0800

        fixed misconfigured working directory

    commit fb58b16999aeb9cc6b6b81647c76e95024e1267c
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:18:46 2022 -0800

        removed schema validation to test deployment

    commit 240189de7e30fa57654c3ec76ec37c762ff80133
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:15:43 2022 -0800

        fixed bug - neworking region is now identity region

    commit 89e63b5976cb5cdc4e85d0b25c01234ffe4853d7
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:11:48 2022 -0800

        initial identity lz deployment

    commit d4b40b26b893b78d7a9250dffe24c3e9ce06d690
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 11:03:29 2022 -0800

        Added default region for Identity Subscription

    commit 41e611818d09181b1a455f612425cae20f0683f7
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 08:29:33 2022 -0800

        Changed bastion subnet range in identity subnet

    commit f5a43f2d44803e80db8a043d31e5c9f72fc51675
    Author: Barry Willis <[email protected]>
    Date:   Wed Dec 21 07:33:03 2022 -0800

        Param file for Identity LZ

    commit 13d084b0fe74f39ca1423b2eb9f333a2b760b1f2
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 15:19:23 2022 +0000

        Deleted identity.parameteres.json

    commit 5ba9a12fa8e8e02f60f3f2afea43681cc84d7446
    Merge: 002b2be e395307
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:18:40 2022 -0800

        Merge branch 'IdentityLZ' of https://dev.azure.com/Tredell/CanadaALZ/_git/CanadaALZ into IdentityLZ

    commit 002b2be1bb5b555a334f35cbb505e7a68f321649
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:18:32 2022 -0800

        id-lz - created param section for id lz

    commit e395307b1c12786cc28cf3d4b00586dde69739d5
    Author: Barry Willis <[email protected]>
    Date:   Tue Dec 20 07:13:54 2022 -0800

        id-lz - created param section for id lz

    commit 7f4a43eb4fdc7f6f37ebab8e661981cccbee9f50
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:54:57 2022 -0800

        disabled privatelink infrastructure to be deployed in hub lz

    commit db85049ac94b5c394d586b6960343bc1286997f1
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:46:36 2022 -0800

        Configured hub networking parameter files

    commit 8d772e868803d1b712013f7db21044d48ab730d2
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 14:07:43 2022 -0800

        removed comment from json - not supported

    commit 89cde8d92704f1a41a123af46da6dd90568d99cb
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:56:47 2022 -0800

        Configuring Policies for deployment to Test enviornment

    commit ba781ee844a4abd403071e072645988b63ada494
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:40:53 2022 -0800

        added a default security Group

    commit 1269da21e08fdf4c29a53b38a4d18722c64461e0
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:26:14 2022 -0800

        setting up logging for my test environment

    commit 4d6a41f4133380223f5895dba270cbce4ae5a39b
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:13:08 2022 -0800

        testing the path to the logging configuraiton file

    commit 75d0b99caf6aed5f809c28566cad35569d78be58
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 12:00:14 2022 -0800

        added the full path to the logging parameters file

    commit 32e8382bcb8deaaaab0c7bc1c2791483ef439971
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:55:00 2022 -0800

        path to logging parameters file was incorrect

    commit 5757d36a486e7f3b707f00848d19cfe64de83358
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:37:20 2022 -0800

        Changed MG Root to match test enviornment

    commit 1fdd02db1638420decf5ab021fb617b95920aada
    Author: Barry Willis <[email protected]>
    Date:   Mon Dec 19 11:09:46 2022 -0800

        Adding config file for IdentityLZ branch

    * PowerShell Deployment Files created

    * GitHub Action Pipelines modified to add the Identity Archetype

    * made the Identity GitHub Action optional

    * put the boolean option in single quotes

    * fixed a few bugs (BCP321 & references to the wrong tenant)

    * changed the sub id for the logging subscription

    * Removed the hardcoded reference to the LAW in the identity param file

    * updated the param file with the LAW ID

    * disabled private dns zone deployment in the identity sub

    * removed the config files from my custom branch

    * uncommented the validation in the Identity ADO Pipeline

    * removed commented trigger code from ADO Identity Pipeline

    * renenabled the dployment of the DNSPrivateEndPoints policyset

    * removed the provider registration for containerservices in the deploy-identity-pipeline yaml

    * added an explanation comment to the dnsforwardingruleset file

    * Added telemetry tracking  for the identity subscription

    * fixed cut and paste errors

    * Updated test cases & documentation

    * added the consistency check & pull request checks for github actions

    * fixed spelling error

commit 533765439f98250eccbbccc194f82309ff4be9ec
Author: Barrington Willis <[email protected]>
Date:   Fri Feb 24 12:57:36 2023 -0800

    Fixed Linter warnings & build errors (#354)

    * Fixed BCP321 Linter warning in networking files

    * Fixed Role Definition Id References to use the ResourceId function

    * changed the pOlicyScopedId var to be set by using the MGResourceID Function

    * fixed BCP321 warning

    * fixed the remaining linter warnings

    * fixed the remaining linter errors in the policy definitions

    * updated the linter rules

    * Fixed Bug on policy defnition

    * Fixed the AKS policy deployment

    * Commit 95556ddd: changed the extensionResourceId function to tenantResourceId for all built-in polify definitions

    * fixed linter warnings in policy files

    * changed the invalid dummy service alert phone number to a valid phone number

    * changed the servcie health number prefix to 604

    * updated AKS version in the Data Archetypes

    * Changed hte AKS version to only have the Major.Minor

    * Added the patch version to the AKS versions in the Data Archetypes

commit 0fa01e8b7b4320d3d9d50a38d044cdff5da1a3c6
Author: Luke Murray <[email protected]>
Date:   Tue Feb 7 12:26:03 2023 +1300

    Updated documents, from docs.microsoft.com - to Learn. (#350)

    Updated documents, from docs.microsoft.com - to Learn.

commit e44c7eabf85bb4d5ec526c8f4229dbc31b282ed3
Author: Obay <[email protected]>
Date:   Wed Nov 30 19:14:57 2022 -0800

    Update hubnetwork-azfw.md (#345)

    Having domain controllers under the "Connectivity" subscription is an anti-pattern that causes confusion to users.

    Co-authored-by: Barrington Willis <[email protected]>

commit 12cd557bc479041ee6fca7f76c7fe1e4c17c7e74
Author: Steve Keeler <[email protected]>
Date:   Wed Nov 30 21:27:08 2022 -0500

    Add Barry to code owners list (#346)

commit c714e65b81d4bf5048bcf56351534a8be26c5c0c
Author: Steve Keeler <[email protected]>
Date:   Fri Oct 14 15:48:33 2022 -0400

    Update CODEOWNERS (#344)

    Adding Barry Willis and Kevin Evans to the CODEOWNERS file for the entire repo

commit b8a9bc91168f5afe9cb4c6ea35148714c11b4761
Author: Steve Keeler <[email protected]>
Date:   Thu Sep 1 15:31:28 2022 -0400

    Version August 2022 schema changes (#342)

commit 5851a09acff454df0bb8bbb2d6406fcd9a8efb6d
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:50:15 2022 -0400

    Revised Event Hub Diagnostic Settings policy (#339)

commit e5fe39930e55ae9cb62745499d1a520a098693df
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:37:43 2022 -0400

    Update diagnostic settings profile name (#337)

commit db52627fe3769b7430c99be757f9761238b27adc
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 18:17:12 2022 -0400

    Suppress false positive linter warning: secure-secrets-in-params (#335)

commit 2a6042d38ccd04844d9cc445e0a95ead182e5a6b
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:59:13 2022 -0400

    Network security group support for private endpoints subnet (#333)

commit e069a4b6ac4f5be8d7614eeb5a67d0cfb3534e52
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Aug 17 17:28:39 2022 -0400

    Support data collection rule (#331)

commit c2afa0d99717c56bacc211cfb5ed13234880d9a1
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Aug 8 15:42:22 2022 -0400

    Support azkms.core.windows.net and IPs in firewall allow list (#329)

commit a7f521dcf919114a9441296407fc4dd06be46927
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:31:56 2022 -0400

    Add missing log categories in diagnostic settings for Azure Firewall (#324)

commit 60198bc19eb4d87d0bbebc24d4c2fe240d2297ab
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Jul 19 23:11:10 2022 -0400

    Resolve linter warning: prefer-unquoted-property-names (#322)

commit a4e53fffe4b1f2a2fdbf25ec92a181ef625dd240
Author: Sabyasachi Dasgupta <[email protected]>
Date:   Mon Jul 18 16:44:01 2022 -0400

    Update machinelearning.md (#327)

commit 8fc587a6bf2e53e516ded633d96c652874ab5875
Author: Ifyagolu <[email protected]>
Date:   Fri Jun 24 17:05:28 2022 -0400

    Fix typo in onboarding guidance (#320)

commit e9a0962b7db12c5438782d2597afd494de5354b2
Author: Islam Gomaa <[email protected]>
Date:   Fri May 27 16:13:52 2022 -0400

    Reference the Guardrails Solution Accelerator for 30-day guardrail assessment (#313)

commit 2b11801386654f6b3f68bd63c887d74ec7a4fdb8
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu May 19 10:38:55 2022 -0400

    Add service health notification info (#310)

commit bce747c9fdc96c2be78881a4dc9276351ff40b64
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 18 09:29:03 2022 -0400

    Update resource group names for Logging & Networking (#309)

    Remove `-rg` suffix

commit 6765c48680e47ccc380ab0df929e3cd1af4f8a5b
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 17 15:14:33 2022 -0400

    Serial defender plan deployments & revised resource/resource group names (#307)

commit 62adb00d6a8561030b39272f1d710c2a4e0cfcba
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 13:53:37 2022 -0400

    Log Analytics solutions for SQL servers on machines (#303)

commit c1a3b99c969f802d8325245387b617f21bc0c921
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 16 09:26:47 2022 -0400

    Flexible policy deployment using PowerShell & GitHub Actions (#300)

commit 0ce5c1ac9ef8ff728a19e608bf8bd3654b453cbb
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 12:19:01 2022 -0400

    Disable fail fast for matrix deployments (#297)

commit c078a797d9be10bf1b2dc7bed01957637ddb73ea
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 11:19:43 2022 -0400

    Concurrent role deployment with PowerShell & GitHub Actions (#299)

commit 31a214abbf65c10b106962b1493a1830e37f9702
Author: Senthuran Sivananthan <[email protected]>
Date:   Sun May 15 10:39:08 2022 -0400

    Disable metrics in diagnostic settings for AKS through Policy (#295)

commit 6a90a2fe9d881730a32303fe6a10d1bbcc22f943
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed May 11 10:56:26 2022 -0400

    Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments (#289)

commit c4133077e1d97a6beaa6e4811588236912d5c768
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 16:46:06 2022 -0400

    Ensure multiple subscriptions can be moved to a management in parallel (#288)

    Ensure deployment name for moving subscription is unique

commit 93d2f13847d56c195e2c170d314a3bbc5cfe5c63
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue May 10 14:53:18 2022 -0400

    Support jobs in GitHub Actions  (#286)

commit 31e8d0ab602bfcf856c9134666eb4814817d6964
Author: Steve Keeler <[email protected]>
Date:   Tue May 10 12:30:36 2022 -0400

    Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password (#285)

commit 229b14466384252ba034546095f5c21a932cb6fc
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 20:41:06 2022 -0400

    Fix DeploySubscriptionIds parameter type casting (#282)

commit 799ad52d778ebbc4fc4ed53d56c872d56ab2fc29
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 20:10:33 2022 -0400

    Pass-thru secure strings as-is until ready for use (#281)

commit a9c941948d51c59c758d07bce702bcb36aee70ec
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 17:11:12 2022 -0400

    Add environment configuration override and protect sensitive parameters (#280)

commit ce6c27f4e02cf194b3b13574c2caf4b60f8e8205
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 9 11:23:57 2022 -0400

    Support schema validation (#277)

commit 1d8dbd7bafc62b402719fb187698cfd950e8e3df
Author: Steve Keeler <[email protected]>
Date:   Mon May 9 08:07:26 2022 -0400

    GitHub workflow implementation (#276)

    Implement GitHub workflows to deploy the Azure Landing Zones for Canadian Public Sector

commit 08d8f9256aaf3236a6920abe67e7d58b95887a0c
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon May 2 16:03:02 2022 -0400

    Deployment flow diagram (#274)

commit db098e17a13f111c18aa3af33c81f1cb54979cd1
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 22:37:58 2022 -0400

    Powershell deployment script for archetypes (#273)

    Support for deploying subscriptions

commit 15c2847a4255108680937da0192d54ccc2d7f16c
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 29 16:29:22 2022 -0400

    PowerShell deployment scripts (#271)

commit 352257187e7d03bf5abade4a18302bdd310ab82c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 18:10:23 2022 -0400

    Snapshot ARM parameters JSON schemas (#268)

commit 60f3b59013e27c549e2d57bd16fba2ea26bf12b5
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 27 17:29:58 2022 -0400

    Organize deployment parameters for Hub Networking with NVA (#266)

commit 926521a1c01ab420ccaa319d47516a2870cf3a15
Author: ghostme <[email protected]>
Date:   Wed Apr 27 15:20:08 2022 -0400

    Updated documentation  (#267)

commit d68824a2eed32c62cc199f374ba15ea732025241
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:32:25 2022 -0400

    Organize deployment parameters for Hub Networking with Azure Firewall (#265)

commit 2bc196a0960bfecb9c545226000c5c34dbbabec8
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 25 14:03:31 2022 -0400

    Support for optional subnets in Machine Learning & Healthcare archetypes (#264)

commit b33cd36261fd797834cdcbeebe53ce1262ef21ac
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Apr 21 09:32:43 2022 -0400

    Update common.yml example (#262)

commit 300835322afd2d85f34aa8b8ff5921d3839c2e6c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 12:44:45 2022 -0400

    Removed extra configuration files (#260)

commit 1ee5b9e736feca7270c4ad62d27c4366751f1cab
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:56:14 2022 -0400

    Revise subnet configuration for Healthcare archetype (#256)

commit 72fe50db665710eabc8e6edffae5d658d0497822
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:43:09 2022 -0400

    Revise subnet configuration for Machine Learning archetype (#254)

commit 70833771ac433d5de7950423dd8085777bfb03be
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:38:07 2022 -0400

    Revise subnet configuration for Generic Subscription archetype (#252)

commit 3d9c60d251a98b2ebc400aadb2c452f3f6262712
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Apr 20 11:30:10 2022 -0400

    Migrate Networking configuration to JSON parameters file (#250)

commit 38fc344508cd6b4707aac0fca2e0cf3e8609a882
Author: Mohamed Sharaf <[email protected]>
Date:   Wed Apr 20 10:29:52 2022 -0400

    Azure Active Directory support for Synapse (#259)

commit 89613dbc876831f543f2749cbe6f804278a65612
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 21:31:06 2022 -0400

    Include new Databricks' log categories for diagnostic settings (#248)

    Add new databricks' log categories for diagnostic settings

commit 700eb9645cbde1435bdda80b28faa03a52dee671
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Apr 12 17:33:12 2022 -0400

    Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy (#246)

    Update Private DNS Zone policy to support multiple dnsZoneConfigs

commit 1c3727990cc12a401c0ecebdbf31234d71c472ab
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Apr 11 11:24:00 2022 -0400

    Support logging infrastructure for multiple regions in same subscription (#244)

    Ensure subscription scoped deployments are unique per region

commit 0e258f96cd99c622665d382d73aeba1e78f52319
Author: Steve Keeler <[email protected]>
Date:   Sat Apr 9 13:50:50 2022 -0400

    Update azure-devops-pipelines.md (#242)

commit bfe1f588adc59922145fcf9a47c19173130cf321
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 11:31:52 2022 -0400

    Migrate Logging configuration to JSON parameters file  (#236)

commit cc5f017b01e06331d4246d5fc0286cf50d525470
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 8 10:26:12 2022 -0400

    PBMM & HITRUST/HIPAA policy update (#238)

commit 3259994f47c482153368a9fb115ce60b9e3488fb
Author: Steve Keeler <[email protected]>
Date:   Tue Apr 5 14:41:17 2022 -0400

    Fix order of `platform-connectivity-hub-azfw-policy` pipeline listed in run-pipelines.bat script #233 (#234)

commit cb96311bf94224c1cf94470320c9c8fec029e165
Author: ccmsft <[email protected]>
Date:   Mon Apr 4 09:39:17 2022 -0400

    Updating recommendations to reflect licensing reqs (#229)

commit 3ce2cf875b5d6c9464a0262f183a37f40399f8dd
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Apr 1 22:49:44 2022 -0400

    Use built-in policy for Cosmos DB for Defender Plan (#232)

    * Use built-in policy for Cosmos DB for Defender Plan

    * Add branch config

    * Remove branch config

commit d2f959a2550b694d79fb0aa6d1a9d2b8166090c8
Author: ghostme <[email protected]>
Date:   Fri Apr 1 10:05:21 2022 -0400

    Update networking documentation for generic subscription archetype (#230)

commit 575440e4c629b1c00686ba62e5911749375832ff
Author: ccmsft <[email protected]>
Date:   Wed Mar 30 23:36:35 2022 -0400

    Initial GC 30-day cloud guardrails compliance/guidance (#226)

    Initial GC 30-day cloud guardrails doc

commit 6b36096f2356255a967a7d9cd14dd04a5dc3b6ce
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 22:40:17 2022 -0400

    Externalize Log Analytics Workspace parameters when loading pipeline variables (#220)

    Externalize the log analytics parameters to load arbitary LAW variables

commit 0210df4fd3a11dfcaee3a82f2da1e2315bf70400
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 21:51:30 2022 -0400

    Flexible policy assignment parameters JSON files (#222)

commit f25f95781d6f9f3c2169bbe4b148c3b748a6ac93
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 30 20:57:07 2022 -0400

    Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB (#228)

    * Change Cosmos DB namespace to Microsoft.DocumentDB

    * Add branch config

    * Remove branch config

commit 453a0f8bc78dbf7a78c46d01f0cde28b3ab2bbaa
Author: Steve Keeler <[email protected]>
Date:   Wed Mar 30 19:00:07 2022 -0400

    Improve `delete-management-groups.bat` script (#224)

commit 2e5a56b04fd25149da78e77f396073945ba785f5
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 24 09:02:36 2022 -0400

    Fix formatting (#218)

commit bf5e94bcdee854db8fde7a8eb60d7886bc2c2191
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 23:01:02 2022 -0400

    Add instructions for customizing policy set assignments (#215)

commit 0538d4d7d8765fcd558c99fdbf7aa7d6655c8b95
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:57:00 2022 -0400

    Document delete lock usage (#216)

    Document when and where delete locks are used

commit 789b18a888290ada72d8fe2328097429ee9823d6
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 23 22:49:24 2022 -0400

    Update OZ subnet name to App Management Zone (#217)

commit 97c2904a773f94adf26cd52924f0dfccab985cdf
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Mar 11 21:59:40 2022 -0500

    Backward compatibility when setting pipeline variables from management group hierarchy  (#213)

commit 30b9cc2060e96dd99b12743bb4c959181a403e91
Author: Adil Ha <[email protected]>
Date:   Fri Mar 11 11:26:31 2022 -0500

    fixing doc typo in hubnetwork-azfw (#211)

    Co-authored-by: Adil Ha <[email protected]>

commit 27363b730f34536fbf7f9994e08da7aa5af3c58e
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 13:04:13 2022 -0500

    Support Defender Plan for Cosmos DB (#200)

    Add CosmosDB Defender Plan and custom policy to deploy Defender Plan for Cosmos DB

commit 81eccd1d54956f7c7addb2a969ebb3e62e99b588
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Mar 5 12:48:45 2022 -0500

    Delete Lock for Log Analytics Workspace resource group (#205)

    Add delete lock for LAW RG

commit 678355f149698ecfdab6d10669e631702f1d9d49
Author: Steve Keeler <[email protected]>
Date:   Sat Mar 5 11:03:46 2022 -0500

    Fix pipeline scripts reference to `subscription-ci` (#207)

commit 5753cf0e35a9f921c4cb59ec90db787e26d6d400
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:44:31 2022 -0500

    Ensure values from multiline variables are properly logged (#202)

    Print multi-line environment variables (typically JSON objects) in Show Variables step

commit d6b1c08fec1a96c332cf5abb758b16cd8bfede87
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Mar 3 14:09:47 2022 -0500

    Revise subscription deployment instructions (#201)

    * Redirect subscriptoin configuration guidance to archetype authoring guide doc
    * Revise instructions for creating ARM parameter files & management group id selection

commit 5e7322ee0b64ffa379e1ac546972796a76407db7
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Mar 2 08:22:35 2022 -0500

    Instructions for backfilling management group hierarchy (#197)

    * Add instructions for backfilling management group hierarchy

    * Update section titles, links and reference backfill instruction as part of MG setup

    * Instructions for installing AzCLI and jq

    * Clearfy that Tenant Root Group could have been renamed in the organization

    * Windows Shell example

    * Update instructions to delete pipeline variables that will be automatically created when MG heirarchy is used

    * Note on YAML indentation

commit 5d33909d70f821039df0deab2d26a5d180d7a16c
Author: Preston K. Parsard <[email protected]>
Date:   Tue Mar 1 10:46:04 2022 -0500

    subscription(generic): add instructions for configuring parameters (#193)

commit 17846c4959c5156dee905736e3631fa56193d9e7
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 20:30:20 2022 -0500

    Show Variables fix (#191)

commit c62dcfcd5862ae15196000e0fd481d214081c817
Author: Steve Keeler <[email protected]>
Date:   Sun Feb 27 16:50:20 2022 -0500

    Configurable management group hierarchy (#186)

    Implement configurable management group hierarchy

commit 9a141f7e5bf238f21838898ff908b6fc7f6d8fcc
Author: Preston K. Parsard <[email protected]>
Date:   Sat Feb 26 19:45:35 2022 -0500

    Update onboarding document

    Co-authored-by: Preston K. Parsard <[email protected]>

commit 6b6ef29fd266fe0b2c23fed5f1bf6cc3fdb5e4a8
Author: Senthuran Sivananthan <[email protected]>
Date:   Sat Feb 26 18:22:48 2022 -0500

    Snapshot JSON schemas to v0.4.0 (#182)

commit 4dd1f4a901fbd44c54a32fdf9ac23f5ca5bed736
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 23 15:39:43 2022 -0500

    Update onboarding doc for logging & networking management group settings (#177)

    * Fix markdown linter warnings
    * Add instruction for logging and networking MGs

commit 5d7eec3a319524b5ded5f32e6db951566c365ffc
Author: Steve Keeler <[email protected]>
Date:   Wed Feb 23 12:51:20 2022 -0500

    Update `create-pipelines.bat` onboarding script to auto-provision environment (#178)

commit 488fc6e767639f3acd00a2dea11a8f2a6476379e
Author: Senthuran Sivananthan <[email protected]>
Date:   Tue Feb 22 09:05:20 2022 -0500

    Instructions for Azure DevOps Environments (#175)

    * Instructions for creating ADO pipeline environments

    * Fix formatting

commit edabd873d42a622fc5d1503c099c514bb4f2bd7f
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 17 23:29:42 2022 -0500

    Support for Tag inheritance from Subscription to Resource Group (#161)

    * Add policy and policy set to inherit tags from subscription to resource group

    * Add branch config for testing

    * Remove policy type as it's not built in

    * Updated resource type for resource group

    * Update policy assignment

    * Ensure assignment name is <= 24 chars

    * Revert resource group type

    * Setting mode to all

    * Update documentation

    * Add branch config

    * Add explicit dependsOn for subscription scaffolding to complete

    * Update test deployment parameters

    * Remove explicit dependsOn for subscription scaffolding to complete

    * Update doc to describe approaches for adding tags to RGs

    * Reduce the options for tagging resources given subscripton to RG tagging is available

    * Add example scenarios for tag inheritence

    * Fix typo

    * Remove branch configs

    * Resolve linter error: no-loc-expr-outside-params

commit e71ed265f2267d35cd36d30bab217f9ecbb6891c
Author: Senthuran Sivananthan <[email protected]>
Date:   Wed Feb 16 20:09:19 2022 -0500

    Linter: no-loc-expr-outside-params - ensure compliance (#169)

    * Update linter rules for location parameter

    * Add location parameter with default value based on resourceGroup() or deployment()

    * Update archetype schema and docs for location

    * Add branch config for testing

    * Update AKS version

    * Update branch config

    * Remove branch configs

commit 6061fa0b930200d73e906e0bedefafeb35e43296
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 16:49:42 2022 -0500

    Repository clean up (#165)

    * Remove obsolete directory

    * Rotate resource group names for E2E deployments

    * Fix typo

    * Add branch config for testing

    * Fix typo

    * Remove branch configs

    * Remove timestamp from sample JSON templates.  Timestamps are kept for E2E testing.

    * Remove date stamp

commit 5104f393a618a0f0f7072100fd810df4534a3210
Author: Steve Keeler <[email protected]>
Date:   Thu Feb 10 09:08:17 2022 -0500

    Update DevOps Onboarding section of main readme (#162)

commit 209f61cf72ac91555f8b2171dcf84c6daae6a7cc
Author: Senthuran Sivananthan <[email protected]>
Date:   Thu Feb 10 09:06:31 2022 -0500

    Update Deployment Script's Azure CLI version to 2.32.0 (#164)

    Update Azure CLI version to 2.32.0

commit d7d52570c8dce3ed8bcc3b809191d1cd2ddf5e3f
Author: Steve Keeler <[email protected]>
Date:   Mon Feb 7 13:51:17 2022 -0500

    Issue #157 - Update scripts documentation (#158)

    Update scripts documentation (Issue #157)
    Update docs/onboarding/azure-devops-scripts.md
    Co-authored-by: Senthuran Sivananthan <[email protected]>

commit b628c68ff84bb5b8796d6821161450010d19ce3b
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Feb 4 12:42:31 2022 -0500

    Enhance PBMM policy assignment to disable diagnostic settings metrics (#156)

    Ensure diagnostic settings policy only checks for logs

commit 61afd59bb6d7f6c2a37518d41c64ced985cafd92
Author: Senthuran Sivananthan <[email protected]>
Date:   Mon Jan 31 12:52:09 2022 -0500

    Snapshot landing zone schema to v0.3.0 (#152)

commit 09f09ede5613cf600441616831f762595aecdbed
Author: Steve Keeler <[email protected]>
Date:   Mon Jan 31 09:20:20 2022 -0500

    Automation scripts for Azure DevOps onboarding (#151)

    Implement #150, scripts and documentation

commit 82dd82606059a6643d7de294cb1f15afab41cd94
Author: SlavaRoikhman <[email protected]>
Date:   Thu Jan 27 13:32:41 2022 -0500

    Removed 'privatelink.monitor.azure.com' from Private DNS Zones (#149)

commit 73ce2eb316175f1bf86135010d5f35ce9bbc6da7
Author: Senthuran Sivananthan <[email protected]>
Date:   Fri Jan 21 23:23:45 2022 -0500

    Flexible policy assignment scope (#147)

    * Add deployment scope for policy assignment

    * Add branch test config

    * Set new parameter for policy assignment scope:  var-policyAssignme…
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
documentation Improvements or additions to documentation
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants