v1.3.0

What's Changed

Pull Requests

• Scripts to generate config from template, support JSON config intellisense in editors, fix bugs in deployment scripts by @skeeler in #379

Issues Resolved

• #383 Configure new Azure DevOps organization for testing CanadaPubSecALZ [environment]
• #378 Deploy landing zones to new Azure subscriptions in new primary tenant [environment]
• #377 Scripts to generate CanadaPubSecALZ configuration files using existing environment as template [enhancement]
• #376 CanadaPubSecALZ configuration JSON schema support for editors [enhancement]
• #375 Fix subscription filtering bug in deployment scripts [bug]
• #374 Fix path normalization bug in deployment scripts [bug]

Full Changelog: v1.2.0...v1.3.0

v1.2.0

What's Changed

• Update hubnetwork-azfw.md by @obay in #345
• Updated documents, from docs.microsoft.com - to Learn. by @lukemurraynz in #350
• Fixed Linter warnings & build errors by @tredell in #354
• Identity Archetype by @tredell in #359
• Bug fixes - network routing & ADO Identity Pipelines by @tredell in #362
• Update DDoS.bicep by @ylepine in #363
• Update identity.md by @DavidChristiansen in #365

New Contributors

• @obay made their first contribution in #345
• @lukemurraynz made their first contribution in #350
• @ylepine made their first contribution in #363
• @DavidChristiansen made their first contribution in #365

Full Changelog: v1.1.0...v1.2.0

v1.1.0

What's Changed

• Support data collection rule by @SenthuranSivananthan in #331
• Network security group support for private endpoints subnet by @SenthuranSivananthan in #333
• Suppress false positive linter warning: secure-secrets-in-params by @SenthuranSivananthan in #335
• Update diagnostic settings profile name by @SenthuranSivananthan in #337
• Revised Event Hub Diagnostic Settings policy by @SenthuranSivananthan in #339
• Version August 2022 schema changes by @skeeler in #342

Full Changelog: v1.0.1...v1.1.0

v1.0.1

What's Changed

• Fix typo in machine learning archetype doc by @sabyadg in #327
• Resolve linter warning: prefer-unquoted-property-names by @SenthuranSivananthan in #322
• Azure Firewall - Update log categories in diagnostic settings by @SenthuranSivananthan in #324
• Support new KMS DNS in Azure Global Cloud by @SenthuranSivananthan in #329

New Contributors

• @sabyadg made their first contribution in #327

Full Changelog: v1.0.0...v1.0.1

v1.0.0

What's Changed

• Fix typo in onboarding guidance by @Ifyagolu in #320

New Contributors

• @Ifyagolu made their first contribution in #320

Full Changelog: v0.11.0...v1.0.0

v0.11.0

What's Changed

• PowerShell deployment scripts by @SenthuranSivananthan in #271
• Powershell deployment script for archetypes by @SenthuranSivananthan in #273
• Deployment flow diagram by @SenthuranSivananthan in #274
• GitHub workflow implementation by @skeeler in #276
• Support schema validation by @SenthuranSivananthan in #277
• Add environment configuration override and protect sensitive parameters by @skeeler in #280
• Pass-thru secure strings by @SenthuranSivananthan in #281
• Fix DeploySubscriptionIds parameter type casting by @skeeler in #282
• Correct wiring of the subscriptions-ci pipeline and prompt for NVA firewall username & password by @skeeler in #285
• Support jobs in GitHub Actions by @SenthuranSivananthan in #286
• Ensure multiple subscriptions can be moved to a management group in parallel by @SenthuranSivananthan in #288
• Separate Azure Firewall Policy deployment switch & unique telemetry tracking for policy assignments by @SenthuranSivananthan in #289
• Disable metrics in diagnostic settings for AKS through Policy by @SenthuranSivananthan in #295
• Concurrent role deployment with PowerShell & GitHub Actions by @SenthuranSivananthan in #299
• GitHub Actions: disable fail fast for matrix deployments by @SenthuranSivananthan in #297
• Flexible policy deployment using PowerShell & GitHub Actions by @SenthuranSivananthan in #300
• Log Analytics solutions for SQL servers on machines by @SenthuranSivananthan in #303
• Serial defender plan deployments & revised resource/resource group names by @SenthuranSivananthan in #307
• Update resource group names for Logging & Networking by @SenthuranSivananthan in #309
• Documentation for Service Health by @SenthuranSivananthan in #310
• Reference the Guardrails Solution Accelerator for 30-day guardrail assessment by @igomaa in #313

New Contributors

• @igomaa made their first contribution in #313

Full Changelog: v0.10.0...v0.11.0

v0.10.0

Breaking Changes

Note that several issues were addressed that resulted in breaking changes for this release.

Refer to this list of issues for more details: v0.10.0 breaking changes

What's Changed

• Use built-in policy for Cosmos DB for Defender Plan by @SenthuranSivananthan in #232
• Updating recommendations to reflect licensing reqs by @ccmsft in #229
• Fix order of platform-connectivity-hub-azfw-policy pipeline listed in run-pipelines.bat script #233 by @skeeler in #234
• PBMM & HITRUST/HIPAA policy update by @SenthuranSivananthan in #238
• Migrate Logging configuration to JSON parameters file by @SenthuranSivananthan in #236
• Onboarding documentation structure improvements by @skeeler in #242
• Support logging infrastructure for multiple regions in same subscription by @SenthuranSivananthan in #244
• Support multiple private dns zone configuration when updating private DNS Zones through Azure Policy by @SenthuranSivananthan in #246
• Include new Databricks' log categories for diagnostic settings by @SenthuranSivananthan in #248
• Azure Active Directory support for Synapse by @mosharafMS in #259
• Migrate Networking configuration to JSON parameters file by @SenthuranSivananthan in #250
• Revise subnet configuration for Generic Subscription archetype by @SenthuranSivananthan in #252
• Revise subnet configuration for Machine Learning archetype by @SenthuranSivananthan in #254
• Revise subnet configuration for Healthcare archetype by @SenthuranSivananthan in #256
• Removed extra configuration files by @SenthuranSivananthan in #260
• Update onboarding guide by @SenthuranSivananthan in #262
• Support for optional subnets in Machine Learning & Healthcare archetypes by @SenthuranSivananthan in #264
• Organize deployment parameters for Hub Networking with Azure Firewall by @SenthuranSivananthan in #265
• Updated documentation by @ghostme in #267
• Organize deployment parameters for Hub Networking with NVA by @SenthuranSivananthan in #266
• Snapshot ARM parameters JSON schemas by @SenthuranSivananthan in #268

Full Changelog: v0.9.0...v0.10.0

v0.9.0

What's Changed

• Configurable management group hierarchy by @skeeler in #186
• Show Variables fix by @skeeler in #191
• subscription(generic): add instructions for configuring parameters by @autocloudarc in #193
• Instructions for backfilling management group hierarchy by @SenthuranSivananthan in #197
• Revise subscription deployment instructions by @SenthuranSivananthan in #201
• Ensure values from multiline variables are properly logged by @SenthuranSivananthan in #202
• Fix pipeline scripts reference to subscription-ci by @skeeler in #207
• Delete Lock for Log Analytics Workspace resource group by @SenthuranSivananthan in #205
• Support Defender Plan for Cosmos DB by @SenthuranSivananthan in #200
• fixing doc typo in hubnetwork-azfw by @SunChero in #211
• Backward compatibility when setting pipeline variables from management group hierarchy by @SenthuranSivananthan in #213
• Update OZ subnet name to App Management Zone by @SenthuranSivananthan in #217
• Document delete lock usage by @SenthuranSivananthan in #216
• ADO Pipeline onboarding - add instructions for customizing policy set assignments in by @SenthuranSivananthan in #215
• Formatting changes to policy section by @SenthuranSivananthan in #218
• Improve delete-management-groups.bat script by @skeeler in #224
• Private DNS Policy - Change Cosmos DB namespace to Microsoft.DocumentDB by @SenthuranSivananthan in #228
• Flexible policy assignment parameters JSON files by @SenthuranSivananthan in #222
• Externalize Log Analytics Workspace parameters when loading pipeline variables by @SenthuranSivananthan in #220
• Initial GC 30-day cloud guardrails compliance/guidance by @ccmsft in #226
• Update networking documentation for generic subscription archetype by @ghostme in #230

New Contributors

• @SunChero made their first contribution in #211
• @ccmsft made their first contribution in #226

Full Changelog: v0.8.0...v0.9.0

v0.8.0

What's Changed

• Enhance PBMM policy assignment to disable diagnostic settings metrics by @SenthuranSivananthan in #156
• Update scripts documentation by @skeeler in #158
• Update Deployment Script's Azure CLI version to 2.32.0 by @SenthuranSivananthan in #164
• Update DevOps Onboarding section of main readme by @skeeler in #162
• Repository clean up by @SenthuranSivananthan in #165
• Linter: no-loc-expr-outside-params - ensure compliance by @SenthuranSivananthan in #169
• Support for Tag inheritance from Subscription to Resource Group by @SenthuranSivananthan in #161
• Instructions for Azure DevOps Environments by @SenthuranSivananthan in #175
• Update create-pipelines.bat onboarding script to auto-provision environment by @skeeler in #178
• Update onboarding doc for logging & networking management group settings by @SenthuranSivananthan in #177
• Snapshot JSON schemas to v0.4.0 by @SenthuranSivananthan in #182
• docs(networking): don't have to comment variables by @autocloudarc in #184

New Contributors

• @autocloudarc made their first contribution in #184

Full Changelog: v0.7.0...v0.8.0

v0.7.0

What's Changed

• Update method for upgrading Azure CLI by @SenthuranSivananthan in #128
• App service machine learning landing zone support by @hudua in #127
• Diagnostic Settings Policies for Azure App Service & Function App by @SenthuranSivananthan in #133
• Switch to built-in Audit diagnostic setting policy by @SenthuranSivananthan in #135
• Diagnostic Settings for App Service & Function App by @SenthuranSivananthan in #136
• Align custom role definitions to CAF by @SenthuranSivananthan in #138
• Diagnostic Settings Policies for PaaS services by @SenthuranSivananthan in #143
• Private Endpoint for App Service by @hudua in #144
• Flexible policy assignment scope by @SenthuranSivananthan in #147
• Removed 'privatelink.monitor.azure.com' from Private DNS Zones by @SlavaRoikhman in #149
• Automation scripts for Azure DevOps onboarding by @skeeler in #151
• Snapshot landing zone schema to v0.3.0 by @SenthuranSivananthan in #152

New Contributors

• @SlavaRoikhman made their first contribution in #149

Full Changelog: v0.6.0...v0.7.0