Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding Hybrid alerts #212

Merged
merged 133 commits into from
May 30, 2024
Merged

Adding Hybrid alerts #212

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
133 commits
Select commit Hold shift + click to select a range
b19561f
testing ResourceGraph alerts
Brunoga-MS Apr 16, 2024
32c171a
Testing Arg alert for disconnected HybridVM
Brunoga-MS Apr 16, 2024
f78b076
Fixing parameters and alert template
Brunoga-MS Apr 16, 2024
829fae7
Adding uami to the alert template
Brunoga-MS Apr 16, 2024
15ef306
fixing template default values
Brunoga-MS Apr 16, 2024
a0d5027
Fixing wrong parameter association
Brunoga-MS Apr 16, 2024
1e264e2
Fixing missing location param at deployment scope
Brunoga-MS Apr 16, 2024
cc2acae
Fixing allowed values and default values for HybridVMDisconnectedWind…
Brunoga-MS Apr 16, 2024
7833092
fixing wrong parameter value
Brunoga-MS Apr 16, 2024
e508481
Fixing parameter name in policy assignment for the new policy definition
Brunoga-MS Apr 16, 2024
7d048f0
Fixing typo in parameter name
Brunoga-MS Apr 16, 2024
ac8587a
Fixing typo in parameter name
Brunoga-MS Apr 16, 2024
94d10ed
fixing wrong param reference on VM alerts
Brunoga-MS Apr 16, 2024
c6936e8
Fixing default values for params
Brunoga-MS Apr 16, 2024
ae9395e
Fixing dimension name
Brunoga-MS Apr 16, 2024
82598a9
Fixing query and parameter file
Brunoga-MS Apr 16, 2024
75ff226
adding uami deployment through arm template
Brunoga-MS Apr 17, 2024
02b3e36
Changing parameter structure to avoind passing where not needed
Brunoga-MS Apr 17, 2024
f60aa42
Fixing wrong parameter reference
Brunoga-MS Apr 17, 2024
2531944
Fixing syntax error in alzArm.json
Brunoga-MS Apr 18, 2024
309e369
Adding apiVersion to reference for MI principalId
Brunoga-MS Apr 18, 2024
3a2b7f5
Fixed parameters' default and description
Brunoga-MS Apr 18, 2024
64a2efb
changed template to not call linked templates for ARG stuff
Brunoga-MS Apr 18, 2024
c734b3c
fixed param reference
Brunoga-MS Apr 18, 2024
46fde9d
Fixing schema and moving subscription param
Brunoga-MS Apr 18, 2024
8442781
moved back to linked templates and fixed syntax for passing parameter…
Brunoga-MS Apr 18, 2024
3560d18
converted parameter object to string
Brunoga-MS Apr 18, 2024
b5ce5f9
adding .value property to parameter value passage
Brunoga-MS Apr 18, 2024
7c49a4b
passing params in different way for RG
Brunoga-MS Apr 18, 2024
5ca2993
changed param structure for RG
Brunoga-MS Apr 18, 2024
f031e05
Converted to string
Brunoga-MS Apr 18, 2024
341320e
changed approach on how we pass parameters for UAMI
Brunoga-MS Apr 18, 2024
fb65af9
Added description to role assignment and passed the Value property fo…
Brunoga-MS Apr 18, 2024
c070b7c
Added value property to RG name
Brunoga-MS Apr 18, 2024
17ba11f
adding .Value property to RG name param
Brunoga-MS Apr 18, 2024
64b1ad4
Added .Value property to location parameter
Brunoga-MS Apr 18, 2024
6bdbc46
fixed wrong param reference
Brunoga-MS Apr 18, 2024
81bf140
Removed bad copy/paste
Brunoga-MS Apr 18, 2024
63310d2
Adding .Value property to the UAMI name param
Brunoga-MS Apr 18, 2024
d06f0db
renaming UAMI param
Brunoga-MS Apr 18, 2024
52ef729
Fixing role assignment
Brunoga-MS Apr 18, 2024
0db149e
fixing reference to the just deployed managed identity
Brunoga-MS Apr 18, 2024
1ce92ff
changed principalId retrieving method
Brunoga-MS Apr 18, 2024
693aaff
reverting to previous principalId retrieving method
Brunoga-MS Apr 18, 2024
fb7b724
Adjusting property path for principalId
Brunoga-MS Apr 18, 2024
ed137b5
Added condition and scope back
Brunoga-MS Apr 18, 2024
afc52e4
Adding output
Brunoga-MS Apr 18, 2024
0acb3af
Simplifying roleAssignment template
Brunoga-MS Apr 18, 2024
70fc087
renamed params and added reference to retrieve uami principal id in t…
Brunoga-MS Apr 18, 2024
5fbff95
aligning parameter names
Brunoga-MS Apr 18, 2024
722df36
testing output
Brunoga-MS Apr 18, 2024
8b0ed14
Fixing role assignment id with a guid
Brunoga-MS Apr 18, 2024
a8019cb
Fixing syntax for role assignment id
Brunoga-MS Apr 18, 2024
2f555b2
Changing role in role assignment from reader to Monitoring Reader
Brunoga-MS Apr 18, 2024
a2e1162
Passing UAMI to alerts policy definition
Brunoga-MS Apr 18, 2024
97af71d
Switching to parameter block for uami params
Brunoga-MS Apr 18, 2024
1a47ba4
Updating tags and descriptions
Brunoga-MS Apr 18, 2024
cff7409
Fixed cleanup script and added a delay before assigning role for moni…
Brunoga-MS Apr 18, 2024
0655aaf
fxed wrong apiVersion on the ambaUamiReplication deployment
Brunoga-MS Apr 18, 2024
cb06fb2
augmenting delay count
Brunoga-MS Apr 18, 2024
5b7c034
moving wait time to 4 iterations
Brunoga-MS Apr 18, 2024
57295b8
moving to 10 and adding output
Brunoga-MS Apr 18, 2024
0e18531
Moving to 60 and adding output
Brunoga-MS Apr 18, 2024
2250d48
Removing comments from inside a policy definition
Brunoga-MS Apr 18, 2024
a626f1b
reducing wat time to 20 empty deployment
Brunoga-MS Apr 18, 2024
551e83e
Testing with delay count to 10
Brunoga-MS Apr 18, 2024
caa4914
moving to 10 and removing outputs
Brunoga-MS Apr 18, 2024
b4c9aec
moved stuff in the previous position
Brunoga-MS Apr 18, 2024
4ce2ada
temporarily removing roleassignment
Brunoga-MS Apr 18, 2024
32596cd
Fixing dependency order and adding throttling to removedeployment script
Brunoga-MS Apr 18, 2024
fd17214
Fixing syntax error with unnecessary ending comma
Brunoga-MS Apr 18, 2024
c598a35
Removing wait state before role assignment
Brunoga-MS Apr 18, 2024
5ac6abb
trying nested template for roleAssignment
Brunoga-MS Apr 19, 2024
53b0f84
Using newGuid() in roleAssignment
Brunoga-MS Apr 19, 2024
8d71aca
testing with hardcoded name
Brunoga-MS Apr 19, 2024
b589eb7
creating Guid from uami name
Brunoga-MS Apr 19, 2024
7d156b8
trying with variables
Brunoga-MS Apr 19, 2024
f3ef0f0
Fixing UAMI params in the policy definition
Brunoga-MS Apr 19, 2024
1990d1b
trying with hardcoded UAMI in the policy definition
Brunoga-MS Apr 19, 2024
e1376de
Eliminating linked templates
Brunoga-MS Apr 19, 2024
2edb1ac
Reverted to linked templates
Brunoga-MS Apr 19, 2024
9fe30de
Fixed variable definition and parameter displayName on Arc-Disconnect…
Brunoga-MS Apr 19, 2024
10dd928
Removing unnecessary param from DisconnectedHybridVM policy
Brunoga-MS Apr 19, 2024
064dcd4
fixing syntax for uami in the disconnected machine alert
Brunoga-MS Apr 19, 2024
bf33770
Removing MonitorDisabled param
Brunoga-MS Apr 19, 2024
eaab8d6
Fixing wrong param name reference
Brunoga-MS Apr 19, 2024
0d7935d
Passing the right uami format to the alert
Brunoga-MS Apr 19, 2024
89bc92b
fixing wrong parameter property in Disconnected Hybrid VM Alerert
Brunoga-MS Apr 19, 2024
7debe1c
reverting RoleAssignment to nested template instead of linked template
Brunoga-MS Apr 19, 2024
e859ac7
making BYON parameters part of the Notification block
Brunoga-MS Apr 22, 2024
0e167df
Fixed cleanup script to remove UAMI
Brunoga-MS Apr 22, 2024
f4c9933
changing param allowed values
Brunoga-MS Apr 22, 2024
442d1f6
changin query and default values for hybridDisconnected machines
Brunoga-MS Apr 29, 2024
2fa93f9
adding condition to query
Brunoga-MS Apr 29, 2024
62f09a7
modified alert query to use parametrized threshold
Brunoga-MS Apr 30, 2024
3c89814
reverting to previous query
Brunoga-MS Apr 30, 2024
15c5fa8
Fixing parameter name for hybrid disconnected alert
Brunoga-MS Apr 30, 2024
5fbeb4c
correcting default value for HybridVMDisconnectedAlertDaysThreshold
Brunoga-MS Apr 30, 2024
3244679
Fixing threshold value in the HybridDisconnected alert
Brunoga-MS Apr 30, 2024
207269f
Fixing existence condition for HybridDisconnected alerts
Brunoga-MS Apr 30, 2024
e17806d
Fixing existence condition for HybridDisconnected alerts
Brunoga-MS Apr 30, 2024
c45feec
removing unnecessary dimension on split
Brunoga-MS May 3, 2024
a1c925a
restoring output section, removed by mistake
Brunoga-MS May 9, 2024
17049b0
Creating a dedicate policySetDefinition for Hybrid
Brunoga-MS May 11, 2024
54be280
Creating specific policy definition for Hybrid with all Hybrid VM ale…
Brunoga-MS May 11, 2024
570fa0f
Adding hybrid params section to param file
Brunoga-MS May 11, 2024
f5a57e7
Fixing resource type in hybrid vm alerts
Brunoga-MS May 11, 2024
0bc2aba
Fixing parameter assignment in arm template
Brunoga-MS May 11, 2024
91abcc9
Fixed wrong initiative name in the arm template
Brunoga-MS May 11, 2024
8c2d20a
Added AMBALandingZoneHybridDeploymentName
Brunoga-MS May 11, 2024
4c57455
Fixed variable name in policyassignment
Brunoga-MS May 11, 2024
ae93b79
removed unnecessary hybrid parameters from LandingZone
Brunoga-MS May 11, 2024
0d02a84
Fixed policy version for ybrid alerts
Brunoga-MS May 11, 2024
bd98d74
Fixed parameter references in alzArm and alzArm.param.json
Brunoga-MS May 11, 2024
d7d5568
Renamed policy assignment to not go over the limit of 24 chrs
Brunoga-MS May 11, 2024
a39a866
Renamed alerts to avoid overwrites
Brunoga-MS May 11, 2024
0cd3b26
renamed AMBA and ALZ-Monitor to AMBA-ALZ
Brunoga-MS May 13, 2024
ecc1506
Changed name for assignment on DINE-LandingZoneHybridAssignment
Brunoga-MS May 13, 2024
03d6489
Updating policy versions for Microsoft.Compute/virtualMachines
Brunoga-MS May 13, 2024
53f3d94
Update policySetDefinitions to use Deploy-HybridVM-Alerts.json
arjenhuitema May 17, 2024
133f3ae
Update principalId reference in alzArm.json
arjenhuitema May 17, 2024
c14d5f8
Update principalId reference in alzArm.json
arjenhuitema May 17, 2024
06e2fcf
Update variables and principalId reference
arjenhuitema May 28, 2024
8dd0ef6
Update parameter objects
arjenhuitema May 28, 2024
497070b
Update display name and description
arjenhuitema May 28, 2024
56158dc
Update display name and description
arjenhuitema May 28, 2024
356a423
Update resource group default value to "rg-amba-prod-001"
arjenhuitema May 28, 2024
a11ab20
Update with resource group
arjenhuitema May 28, 2024
789b3ab
Update computer name in query
arjenhuitema May 29, 2024
6a58ecc
Fixed tag name for UAMI
Brunoga-MS May 29, 2024
3fd1dfc
Merge branch 'main' into pr/Brunoga-MS/212
arjenhuitema May 30, 2024
bf5fd2b
Update Policies
arjenhuitema May 30, 2024
4102f44
Formatting
arjenhuitema May 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
418 changes: 384 additions & 34 deletions patterns/alz/alzArm.json
View file
Open in desktop

Large diffs are not rendered by default.

592 changes: 544 additions & 48 deletions patterns/alz/alzArm.param.json
View file
Open in desktop

Large diffs are not rendered by default.

85 changes: 85 additions & 0 deletions patterns/alz/policyAssignments/DINE-HybridVMAssignment.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
{
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"topLevelManagementGroupPrefix": {
"type": "string",
"metadata": {
"description": "Provide the ESLZ prefix to your intermediate root management group containing the policy definitions."
}
},
"enforcementMode": {
"type": "string",
"allowedValues": [ "Default", "DoNotEnforce" ],
"defaultValue": "Default"
},
"nonComplianceMessagePlaceholder": {
"type": "string",
"defaultValue": "{enforcementMode}"
},
"policyAssignmentParameters": {
"type": "object",
"defaultValue": {}
}
},
"variables": {
"policyDefinitions": {
"deployAMBAHybridVM": "[concat('/providers/Microsoft.Management/managementGroups/', parameters('topLevelManagementGroupPrefix'), '/providers/Microsoft.Authorization/policySetDefinitions/Alerting-HybridVM')]"
},
"policyAssignmentNames": {
"ambaHybridVM": "Deploy-AMBA-HybridVM",
"description": "Initiative to deploy AMBA Hybrid VM alerts",
"displayName": "Deploy Azure Monitor Baseline Alerts for Hybrid VMs"
},
"nonComplianceMessage": {
"message": "Alerting {enforcementMode} be deployed to Azure services.",
"Default": "must",
"DoNotEnforce": "should"
},
"rbacContributor": "b24988ac-6180-42a0-ab88-20f7382dd24c",
"roleAssignmentNames": {
"deployAMBAHybridVM": "[guid(concat(parameters('topLevelManagementGroupPrefix'), variables('policyAssignmentNames').ambaHybridVM))]"
}
},
"resources": [
{
"type": "Microsoft.Authorization/policyAssignments",
"apiVersion": "2020-09-01",
"name": "[variables('policyAssignmentNames').ambaHybridVM]",
"location": "[deployment().location]",
"identity": {
"type": "SystemAssigned"
},
"properties": {
"description": "[variables('policyAssignmentNames').description]",
"displayName": "[variables('policyAssignmentNames').displayName]",
"policyDefinitionId": "[variables('policyDefinitions').deployAMBAHybridVM]",
"enforcementMode": "[parameters('enforcementMode')]",
"nonComplianceMessages": [
{
"message": "[replace(variables('nonComplianceMessage').message, parameters('nonComplianceMessagePlaceholder'), variables('nonComplianceMessage')[parameters('enforcementMode')])]"
}
],
"parameters": "[parameters('policyAssignmentParameters')]",
"metadata": {
"_deployed_by_amba": true
}
}
},
{
"type": "Microsoft.Authorization/roleAssignments",
"apiVersion": "2022-04-01",
"name": "[variables('roleAssignmentNames').deployAMBAHybridVM]",
"dependsOn": [
"[variables('policyAssignmentNames').ambaHybridVM]"
],
"properties": {
"principalType": "ServicePrincipal",
"roleDefinitionId": "[concat('/providers/Microsoft.Authorization/roleDefinitions/', variables('rbacContributor'))]",
"principalId": "[toLower(reference(concat('/providers/Microsoft.Authorization/policyAssignments/', variables('policyAssignmentNames').ambaHybridVM), '2019-09-01', 'Full' ).identity.principalId)]",
"description": "_deployed_by_amba"
}
}
],
"outputs": {}
}
8,549 changes: 6,302 additions & 2,247 deletions patterns/alz/policyDefinitions/policies.json
View file
Open in desktop

Large diffs are not rendered by default.

Loading