Created
September 17, 2020 05:29
-
-
Save davidobrien1985/00fbd4eb5587be5e663ea0d3166daf15 to your computer and use it in GitHub Desktop.
Azure ARM template test
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]" | |
$headers.Add("Content-Type", "application/json") | |
$body = @' | |
{ | |
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", | |
"contentVersion": "1.0.0.0", | |
"parameters": { | |
"projectName": { | |
"type": "string", | |
"minLength": 1, | |
"maxLength": 5, | |
"metadata": { | |
"description": "Define the project name or prefix for all objects." | |
} | |
}, | |
"adminUser": { | |
"type": "string", | |
"metadata": { | |
"description": "What is the username for the admin on VMs and SQL Server?" | |
} | |
}, | |
"adminPasswd": { | |
"type": "securestring", | |
"metadata": { | |
"description": "What is the password for the admin on VMs and SQL Server?" | |
} | |
}, | |
"location": { | |
"type": "string", | |
"defaultValue": "[resourceGroup().location]", | |
"metadata": { | |
"description": "The location for resources on template. By default, the same as resource group location." | |
} | |
}, | |
"timeZoneID": { | |
"type": "string", | |
"defaultValue": "UTC", | |
"metadata": { | |
"description": "TimeZone ID to be used on VMs. Get available timezones with powershell Get-TimeZone command." | |
} | |
}, | |
"externalDnsZone": { | |
"type": "string", | |
"defaultValue": "contosocorp.com", | |
"metadata": { | |
"description": "External public DNS domain zone. NOT AD domain. This the external domain your certs will point to." | |
} | |
}, | |
"deployHA": { | |
"type": "bool", | |
"defaultValue": false, | |
"metadata": { | |
"description": "This will trigger certificate request and HA deployment. If set to false, will not create HA deployment nor request certificates." | |
} | |
}, | |
"dcCount": { | |
"type": "int", | |
"defaultValue": 1, | |
"metadata": { | |
"description": "How many Domain Controllers would you like to deploy?" | |
} | |
}, | |
"rdcbCount": { | |
"type": "int", | |
"defaultValue": 1, | |
"metadata": { | |
"description": "How many RD Connection Brokers would you like to deploy?" | |
} | |
}, | |
"rdwgCount": { | |
"type": "int", | |
"defaultValue": 1, | |
"metadata": { | |
"description": "How many RD Web Access/Gateways would you like to deploy?" | |
} | |
}, | |
"rdshCount": { | |
"type": "int", | |
"defaultValue": 1, | |
"metadata": { | |
"description": "How many RD Session Hosts would you like to deploy?" | |
} | |
}, | |
"lsfsCount": { | |
"type": "int", | |
"defaultValue": 1, | |
"metadata": { | |
"description": "How many License/File Servers would you like to deploy?" | |
} | |
}, | |
"vmSize": { | |
"type": "string", | |
"defaultValue": "Standard_A2_v2", | |
"allowedValues": [ | |
"Standard_A2_v2", | |
"Standard_A4_v2", | |
"Standard_A8_v2", | |
"Standard_D1_v2", | |
"Standard_D2_v2", | |
"Standard_D3_v2", | |
"Standard_D2_v3", | |
"Standard_D4_v3", | |
"Standard_DS1_v2", | |
"Standard_DS2_v2" | |
], | |
"metadata": { | |
"description": "What is the VM size for all VMs?" | |
} | |
}, | |
"vmSpot": { | |
"type": "bool", | |
"defaultValue": true, | |
"metadata": { | |
"description": "Create Azure Spot VMs?" | |
} | |
}, | |
"vmStorageSkuType": { | |
"type": "string", | |
"defaultValue": "Standard_LRS", | |
"allowedValues": [ | |
"StandardSSD_LRS", | |
"Standard_LRS" | |
], | |
"metadata": { | |
"description": "What is the SKU for the storage to VM managed disks?" | |
} | |
}, | |
"adDomainName": { | |
"type": "string", | |
"defaultValue": "contoso.com", | |
"metadata": { | |
"description": "What is the new forest/root Active Directory domain name?" | |
} | |
}, | |
"vNetPrefix": { | |
"type": "string", | |
"defaultValue": "10.100", | |
"metadata": { | |
"description": "What is the prefix for the vnet and first subnet?" | |
} | |
}, | |
"vNetAddressSpace": { | |
"type": "string", | |
"defaultValue": "[concat(parameters('vNetPrefix'),'.0.0/16')]", | |
"metadata": { | |
"description": "What is the vnet address space?" | |
} | |
}, | |
"vNetSubnetAddress": { | |
"type": "string", | |
"defaultValue": "[concat(parameters('vNetPrefix'),'.0.0/24')]", | |
"metadata": { | |
"description": "What is the subnet address prefix?" | |
} | |
}, | |
"_artifactsLocation": { | |
"type": "string", | |
"defaultValue": "https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-rds-deployment-full-ha/", | |
"metadata": { | |
"description": "Location of all scripts and DSC resources for RDS deployment." | |
} | |
}, | |
"_artifactsLocationSasToken": { | |
"type": "securestring", | |
"defaultValue": "", | |
"metadata": { | |
"description": "SAS storage token to access _artifactsLocation. No need to change unless you copy or fork this template." | |
} | |
} | |
}, | |
"variables": { | |
"uniqueName": "[substring(uniqueString(resourceGroup().id,deployment().name),0,5)]", | |
"dnsEntry": "remoteapps", | |
"brokerName": "broker", | |
"externalFqdn": "[concat(variables('dnsEntry'),'.',toLower(parameters('externalDnsZone')))]", | |
"brokerFqdn": "[concat(variables('brokerName'),'.',toLower(parameters('externalDnsZone')))]", | |
"vmNames": [ | |
"[concat(toLower(parameters('projectName')),variables('uniqueName'),'dc')]", | |
"[concat(toLower(parameters('projectName')),variables('uniqueName'),'wg')]", | |
"[concat(toLower(parameters('projectName')),variables('uniqueName'),'cb')]", | |
"[concat(toLower(parameters('projectName')),variables('uniqueName'),'sh')]", | |
"[concat(toLower(parameters('projectName')),variables('uniqueName'),'lf')]" | |
], | |
"vmProperties": [ | |
{ | |
"name": "[variables('vmNames')[0]]", | |
"count": "[parameters('dcCount')]", | |
"intLbBackEndPool": "", | |
"pubLbBackEndPool": "", | |
"dscFunction": "DeployRDSLab.ps1\\CreateRootDomain" | |
}, | |
{ | |
"name": "[variables('vmNames')[1]]", | |
"count": "[parameters('rdwgCount')]", | |
"intLbBackEndPool": "rds-webgateways-int-pool", | |
"pubLbBackEndPool": "rds-webgateways-pub-pool", | |
"dscFunction": "DeployRDSLab.ps1\\RDWebGateway" | |
}, | |
{ | |
"name": "[variables('vmNames')[2]]", | |
"count": "[parameters('rdcbCount')]", | |
"intLbBackEndPool": "rds-brokers-int-pool", | |
"pubLbBackEndPool": "", | |
"dscFunction": "DeployRDSLab.ps1\\RDSDeployment" | |
}, | |
{ | |
"name": "[variables('vmNames')[3]]", | |
"count": "[parameters('rdshCount')]", | |
"intLbBackEndPool": "", | |
"pubLbBackEndPool": "", | |
"dscFunction": "DeployRDSLab.ps1\\RDSessionHost" | |
}, | |
{ | |
"name": "[variables('vmNames')[4]]", | |
"count": "[parameters('lsfsCount')]", | |
"intLbBackEndPool": "", | |
"pubLbBackEndPool": "", | |
"dscFunction": "DeployRDSLab.ps1\\RDLicenseServer" | |
} | |
], | |
"diagStorageName": "[concat(toLower(parameters('projectName')),variables('uniqueName'),'diag')]", | |
"publicLbIpName": "[concat(toLower(parameters('projectName')),'lbpip')]", | |
"diagStorageSkuType": "Standard_LRS", | |
"vNetName": "[concat(parameters('projectName'),'vnet')]", | |
"firstDcIP": "[concat(parameters('vNetPrefix'),'.0.99')]", | |
"nsgRef": "[resourceId('Microsoft.Network/networkSecurityGroups',concat(parameters('projectName'),'nsg'))]", | |
"subNetRef": "[resourceId('Microsoft.Network/virtualNetworks/subnets',variables('vNetName'),concat(parameters('projectName'),'main'))]", | |
"sqlServerName": "[concat(toLower(parameters('projectName')),variables('uniqueName'),'sql')]", | |
"rdsDBName": "rdsdb", | |
"dscScriptName": "deployrdslab.zip", | |
"scriptName": "deploycertha.ps1" | |
}, | |
"resources": [ | |
{ | |
"type": "Microsoft.Storage/storageAccounts", | |
"apiVersion": "2019-06-01", | |
"location": "[parameters('location')]", | |
"kind": "StorageV2", | |
"name": "[variables('diagStorageName')]", | |
"sku": { | |
"name": "[variables('diagStorageSkuType')]", | |
"tier": "Standard" | |
} | |
}, | |
{ | |
"type": "Microsoft.Network/networkSecurityGroups", | |
"apiVersion": "2019-12-01", | |
"location": "[parameters('location')]", | |
"name": "[concat(parameters('projectName'),'nsg')]", | |
"properties": { | |
"securityRules": [ | |
{ | |
"name": "Allow_RDP", | |
"properties": { | |
"access": "Allow", | |
"sourceAddressPrefix": "*", | |
"sourcePortRange": "*", | |
"destinationAddressPrefix": "*", | |
"destinationPortRange": "3389", | |
"protocol": "*", | |
"direction": "Inbound", | |
"priority": 1000 | |
} | |
}, | |
{ | |
"name": "Allow_HTTP", | |
"properties": { | |
"access": "Allow", | |
"sourceAddressPrefix": "*", | |
"sourcePortRange": "*", | |
"destinationAddressPrefix": "*", | |
"destinationPortRange": "80", | |
"protocol": "Tcp", | |
"direction": "Inbound", | |
"priority": 1001 | |
} | |
}, | |
{ | |
"name": "Allow_HTTPS", | |
"properties": { | |
"access": "Allow", | |
"sourceAddressPrefix": "*", | |
"sourcePortRange": "*", | |
"destinationAddressPrefix": "*", | |
"destinationPortRange": "443", | |
"protocol": "Tcp", | |
"direction": "Inbound", | |
"priority": 1002 | |
} | |
}, | |
{ | |
"name": "Allow_UDP_3391", | |
"properties": { | |
"access": "Allow", | |
"sourceAddressPrefix": "*", | |
"sourcePortRange": "*", | |
"destinationAddressPrefix": "*", | |
"destinationPortRange": "3391", | |
"protocol": "Udp", | |
"direction": "Inbound", | |
"priority": 1003 | |
} | |
} | |
] | |
} | |
}, | |
{ | |
"type": "Microsoft.Network/virtualNetworks", | |
"apiVersion": "2019-12-01", | |
"location": "[parameters('location')]", | |
"name": "[concat(parameters('projectName'),'vnet')]", | |
"dependsOn": [ | |
"[variables('nsgRef')]" | |
], | |
"properties": { | |
"addressSpace": { | |
"addressPrefixes": [ | |
"[parameters('vNetAddressSpace')]" | |
] | |
}, | |
"subnets": [ | |
{ | |
"name": "[concat(parameters('projectName'),'main')]", | |
"properties": { | |
"addressPrefix": "[parameters('vNetSubnetAddress')]", | |
"networkSecurityGroup": { | |
"id": "[variables('nsgRef')]" | |
} | |
} | |
} | |
] | |
} | |
}, | |
{ | |
"type": "Microsoft.Network/loadBalancers", | |
"apiVersion": "2019-12-01", | |
"location": "[parameters('location')]", | |
"name": "[concat(parameters('projectName'),'intlb')]", | |
"sku": { | |
"name": "Standard" | |
}, | |
"dependsOn": [ | |
"[resourceId('Microsoft.Network/virtualNetworks',concat(parameters('projectName'),'vnet'))]" | |
], | |
"properties": { | |
"frontendIPConfigurations": [ | |
{ | |
"name": "rds-brokers-frontend", | |
"properties": { | |
"privateIPAllocationMethod": "Static", | |
"privateIPAddress": "[concat(parameters('vNetPrefix'),'.0.4')]", | |
"privateIPAddressVersion": "IPv4", | |
"subnet": { | |
"id": "[variables('subNetRef')]" | |
} | |
} | |
}, | |
{ | |
"name": "rds-webgateways-frontend", | |
"properties": { | |
"privateIPAllocationMethod": "Dynamic", | |
"privateIPAddressVersion": "IPv4", | |
"subnet": { | |
"id": "[variables('subNetRef')]" | |
} | |
} | |
} | |
], | |
"backendAddressPools": [ | |
{ | |
"name": "rds-brokers-int-pool", | |
"properties": { | |
} | |
}, | |
{ | |
"name": "rds-webgateways-int-pool", | |
"properties": { | |
} | |
} | |
], | |
"probes": [ | |
{ | |
"name": "rds-broker-probe", | |
"properties": { | |
"intervalInSeconds": 5, | |
"numberOfProbes": 2, | |
"protocol": "Tcp", | |
"port": 3389 | |
} | |
}, | |
{ | |
"name": "rds-webgateway-probe", | |
"properties": { | |
"intervalInSeconds": 5, | |
"numberOfProbes": 2, | |
"protocol": "Tcp", | |
"port": 443 | |
} | |
} | |
], | |
"loadBalancingRules": [ | |
{ | |
"name": "rds-brokers-tcp-rule", | |
"properties": { | |
"frontendIPConfiguration": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIpConfigurations',concat(parameters('projectName'),'intlb'),'rds-brokers-frontend')]" | |
}, | |
"backendAddressPool": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',concat(parameters('projectName'),'intlb'),'rds-brokers-int-pool')]" | |
}, | |
"probe": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/probes',concat(parameters('projectName'),'intlb'),'rds-broker-probe')]" | |
}, | |
"protocol": "Tcp", | |
"frontendPort": 3389, | |
"backendPort": 3389, | |
"idleTimeoutInMinutes": 4 | |
} | |
}, | |
{ | |
"name": "rds-brokers-udp-rule", | |
"properties": { | |
"frontendIPConfiguration": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIpConfigurations',concat(parameters('projectName'),'intlb'),'rds-brokers-frontend')]" | |
}, | |
"backendAddressPool": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',concat(parameters('projectName'),'intlb'),'rds-brokers-int-pool')]" | |
}, | |
"probe": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/probes',concat(parameters('projectName'),'intlb'),'rds-broker-probe')]" | |
}, | |
"protocol": "Udp", | |
"frontendPort": 3389, | |
"backendPort": 3389, | |
"idleTimeoutInMinutes": 4 | |
} | |
}, | |
{ | |
"name": "rds-webgateway-http-rule", | |
"properties": { | |
"frontendIPConfiguration": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIpConfigurations',concat(parameters('projectName'),'intlb'),'rds-webgateways-frontend')]" | |
}, | |
"backendAddressPool": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',concat(parameters('projectName'),'intlb'),'rds-webgateways-int-pool')]" | |
}, | |
"probe": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/probes',concat(parameters('projectName'),'intlb'),'rds-webgateway-probe')]" | |
}, | |
"protocol": "Tcp", | |
"frontendPort": 80, | |
"backendPort": 80, | |
"idleTimeoutInMinutes": 4 | |
} | |
}, | |
{ | |
"name": "rds-webgateway-https-rule", | |
"properties": { | |
"frontendIPConfiguration": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIpConfigurations',concat(parameters('projectName'),'intlb'),'rds-webgateways-frontend')]" | |
}, | |
"backendAddressPool": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',concat(parameters('projectName'),'intlb'),'rds-webgateways-int-pool')]" | |
}, | |
"probe": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/probes',concat(parameters('projectName'),'intlb'),'rds-webgateway-probe')]" | |
}, | |
"protocol": "Tcp", | |
"frontendPort": 443, | |
"backendPort": 443, | |
"idleTimeoutInMinutes": 4 | |
} | |
}, | |
{ | |
"name": "rds-webgateway-udp-rule", | |
"properties": { | |
"frontendIPConfiguration": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIpConfigurations',concat(parameters('projectName'),'intlb'),'rds-webgateways-frontend')]" | |
}, | |
"backendAddressPool": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',concat(parameters('projectName'),'intlb'),'rds-webgateways-int-pool')]" | |
}, | |
"probe": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/probes',concat(parameters('projectName'),'intlb'),'rds-webgateway-probe')]" | |
}, | |
"protocol": "Udp", | |
"frontendPort": 3391, | |
"backendPort": 3391, | |
"idleTimeoutInMinutes": 4 | |
} | |
} | |
] | |
} | |
}, | |
{ | |
"name": "[variables('publicLbIpName')]", | |
"type": "Microsoft.Network/publicIPAddresses", | |
"apiVersion": "2019-11-01", | |
"location": "[parameters('location')]", | |
"sku": { | |
"name": "Standard" | |
}, | |
"properties": { | |
"publicIPAllocationMethod": "Static", | |
"dnsSettings": { | |
"domainNameLabel": "[variables('publicLbIpName')]" | |
} | |
} | |
}, | |
{ | |
"name": "[concat(parameters('projectName'),'publb')]", | |
"type": "Microsoft.Network/loadBalancers", | |
"apiVersion": "2019-11-01", | |
"location": "[parameters('location')]", | |
"dependsOn": [ | |
"[resourceId('Microsoft.Network/publicIPAddresses',variables('publicLbIpName'))]", | |
"[resourceId('Microsoft.Network/virtualNetworks',concat(parameters('projectName'),'vnet'))]" | |
], | |
"sku": { | |
"name": "Standard" | |
}, | |
"properties": { | |
"frontendIPConfigurations": [ | |
{ | |
"name": "rds-webgateways-frontend", | |
"properties": { | |
"publicIPAddress": { | |
"id": "[resourceId('Microsoft.Network/publicIPAddresses',variables('publicLbIpName'))]" | |
} | |
} | |
} | |
], | |
"backendAddressPools": [ | |
{ | |
"name": "rds-webgateways-pub-pool" | |
} | |
], | |
"probes": [ | |
{ | |
"name": "rds-webgateways-probe", | |
"properties": { | |
"protocol": "Tcp", | |
"port": 80, | |
"intervalInSeconds": 5, | |
"numberOfProbes": 2 | |
} | |
} | |
], | |
"loadBalancingRules": [ | |
{ | |
"name": "rds-webgateways-http-rule", | |
"properties": { | |
"frontendIPConfiguration": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIPConfigurations',concat(parameters('projectName'),'publb'),'rds-webgateways-frontend')]" | |
}, | |
"backendAddressPool": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',concat(parameters('projectName'),'publb'),'rds-webgateways-pub-pool')]" | |
}, | |
"probe": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/probes',concat(parameters('projectName'),'publb'),'rds-webgateways-probe')]" | |
}, | |
"protocol": "Tcp", | |
"frontendPort": 80, | |
"backendPort": 80, | |
"enableFloatingIP": false, | |
"idleTimeoutInMinutes": 5 | |
} | |
}, | |
{ | |
"name": "rds-webgateways-https-rule", | |
"properties": { | |
"frontendIPConfiguration": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIPConfigurations',concat(parameters('projectName'),'publb'),'rds-webgateways-frontend')]" | |
}, | |
"backendAddressPool": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',concat(parameters('projectName'),'publb'),'rds-webgateways-pub-pool')]" | |
}, | |
"probe": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/probes',concat(parameters('projectName'),'publb'),'rds-webgateways-probe')]" | |
}, | |
"protocol": "Tcp", | |
"frontendPort": 443, | |
"backendPort": 443, | |
"enableFloatingIP": false, | |
"idleTimeoutInMinutes": 5 | |
} | |
}, | |
{ | |
"name": "rds-webgateways-udp-rule", | |
"properties": { | |
"frontendIPConfiguration": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIPConfigurations',concat(parameters('projectName'),'publb'),'rds-webgateways-frontend')]" | |
}, | |
"backendAddressPool": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',concat(parameters('projectName'),'publb'),'rds-webgateways-pub-pool')]" | |
}, | |
"probe": { | |
"id": "[resourceId('Microsoft.Network/loadBalancers/probes',concat(parameters('projectName'),'publb'),'rds-webgateways-probe')]" | |
}, | |
"protocol": "Udp", | |
"frontendPort": 3391, | |
"backendPort": 3391, | |
"enableFloatingIP": false, | |
"idleTimeoutInMinutes": 5 | |
} | |
} | |
] | |
} | |
}, | |
{ | |
"name": "[variables('sqlServerName')]", | |
"type": "Microsoft.Sql/servers", | |
"apiVersion": "2019-06-01-preview", | |
"location": "[parameters('location')]", | |
"properties": { | |
"administratorLogin": "[parameters('adminUser')]", | |
"administratorLoginPassword": "[parameters('adminPasswd')]" | |
}, | |
"resources": [ | |
{ | |
"type": "firewallRules", | |
"apiVersion": "2019-06-01-preview", | |
"dependsOn": [ | |
"[resourceId('Microsoft.Sql/servers',variables('sqlServerName'))]" | |
], | |
"location": "[parameters('location')]", | |
"name": "AllowAllWindowsAzureIps", | |
"properties": { | |
"startIpAddress": "0.0.0.0", | |
"endIpAddress": "0.0.0.0" | |
} | |
} | |
] | |
}, | |
{ | |
"name": "[concat(variables('sqlServerName'),'/',variables('rdsDBName'))]", | |
"type": "Microsoft.Sql/servers/databases", | |
"apiVersion": "2019-06-01-preview", | |
"location": "[parameters('location')]", | |
"dependsOn": [ | |
"[resourceId('Microsoft.Sql/servers',variables('sqlServerName'))]" | |
], | |
"properties": { | |
"collation": "SQL_Latin1_General_CP1_CI_AS", | |
"edition": "Basic", | |
"maxSizeBytes": "1073741824", | |
"requestedServiceObjectiveName": "Basic" | |
} | |
}, | |
{ | |
"type": "Microsoft.Resources/deployments", | |
"apiVersion": "2019-10-01", | |
"name": "[concat(variables('vmProperties')[copyIndex()].name,'Deployment')]", | |
"copy": { | |
"name": "vmCopy", | |
"count": "[length(variables('vmProperties'))]" | |
}, | |
"dependsOn": [ | |
"[resourceId('Microsoft.Network/virtualNetworks',concat(parameters('projectName'),'vnet'))]", | |
"[resourceId('Microsoft.Network/loadBalancers',concat(parameters('projectName'),'intlb'))]", | |
"[resourceId('Microsoft.Network/loadBalancers',concat(parameters('projectName'),'publb'))]", | |
"[resourceId('Microsoft.Storage/storageAccounts',variables('diagStorageName'))]", | |
"[resourceId('Microsoft.Sql/servers/databases',variables('sqlServerName'),variables('rdsDBName'))]" | |
], | |
"properties": { | |
"mode": "Incremental", | |
"expressionEvaluationOptions": { | |
"scope": "inner" | |
}, | |
"parameters": { | |
"projectName": { | |
"value": "[parameters('projectName')]" | |
}, | |
"location": { | |
"value": "[parameters('location')]" | |
}, | |
"timeZoneID": { | |
"value": "[parameters('timeZoneID')]" | |
}, | |
"loopCount": { | |
"value": "[variables('vmProperties')[copyIndex()].count]" | |
}, | |
"storageDiagUrl": { | |
"value": "[reference(resourceId('Microsoft.Storage/storageAccounts',variables('diagStorageName'))).primaryEndpoints.blob]" | |
}, | |
"vmName": { | |
"value": "[variables('vmProperties')[copyIndex()].name]" | |
}, | |
"subNetRef": { | |
"value": "[variables('subNetRef')]" | |
}, | |
"vmSize": { | |
"value": "[parameters('vmSize')]" | |
}, | |
"vmSpot": { | |
"value": "[parameters('vmSpot')]" | |
}, | |
"vmStorageSkuType": { | |
"value": "[parameters('vmStorageSkuType')]" | |
}, | |
"adminUser": { | |
"value": "[parameters('adminUser')]" | |
}, | |
"adminPasswd": { | |
"value": "[parameters('adminPasswd')]" | |
}, | |
"intLbName": { | |
"value": "[concat(parameters('projectName'),'intlb')]" | |
}, | |
"intLbBackEndPool": { | |
"value": "[variables('vmProperties')[copyIndex()].intLbBackEndPool]" | |
}, | |
"intLbBrokerIP": { | |
"value": "[reference(resourceId('Microsoft.Network/loadBalancers',concat(parameters('projectName'),'intlb'))).frontendIPConfigurations[0].properties.privateIPAddress]" | |
}, | |
"intLbWebGWIP": { | |
"value": "[reference(resourceId('Microsoft.Network/loadBalancers',concat(parameters('projectName'),'intlb'))).frontendIPConfigurations[1].properties.privateIPAddress]" | |
}, | |
"pubLbName": { | |
"value": "[concat(parameters('projectName'),'publb')]" | |
}, | |
"pubLbBackEndPool": { | |
"value": "[variables('vmProperties')[copyIndex()].pubLbBackEndPool]" | |
}, | |
"adDomainName": { | |
"value": "[parameters('adDomainName')]" | |
}, | |
"firstDcIP": { | |
"value": "[variables('firstDcIP')]" | |
}, | |
"dcName": { | |
"value": "[variables('vmProperties')[0].name]" | |
}, | |
"MainConnectionBroker": { | |
"value": "[concat(variables('vmProperties')[2].name,'1')]" | |
}, | |
"WebAccessServerName": { | |
"value": "[variables('vmProperties')[1].name]" | |
}, | |
"WebAccessServerCount": { | |
"value": "[variables('vmProperties')[1].count]" | |
}, | |
"SessionHostName": { | |
"value": "[variables('vmProperties')[3].name]" | |
}, | |
"SessionHostCount": { | |
"value": "[variables('vmProperties')[3].count]" | |
}, | |
"LicenseServerName": { | |
"value": "[variables('vmProperties')[4].name]" | |
}, | |
"LicenseServerCount": { | |
"value": "[variables('vmProperties')[4].count]" | |
}, | |
"externalFqdn": { | |
"value": "[variables('externalFqdn')]" | |
}, | |
"brokerFqdn": { | |
"value": "[variables('brokerFqdn')]" | |
}, | |
"externalDnsZone": { | |
"value": "[parameters('externalDnsZone')]" | |
}, | |
"dscFunction": { | |
"value": "[variables('vmProperties')[copyIndex()].dscFunction]" | |
}, | |
"dscLocation": { | |
"value": "[parameters('_artifactsLocation')]" | |
}, | |
"dscScriptName": { | |
"value": "[variables('dscScriptName')]" | |
}, | |
"scriptName": { | |
"value": "[variables('scriptName')]" | |
}, | |
"deployHA": { | |
"value": "[parameters('deployHA')]" | |
}, | |
"rdsDBName": { | |
"value": "[variables('rdsDBName')]" | |
}, | |
"azureSqlFqdn": { | |
"value": "[reference(resourceId('Microsoft.Sql/servers',variables('sqlServerName'))).fullyQualifiedDomainName]" | |
}, | |
"webGwName": { | |
"value": "[variables('dnsEntry')]" | |
}, | |
"_artifactsLocationSasToken": { | |
"value": "[parameters('_artifactsLocationSasToken')]" | |
} | |
}, | |
"template": { | |
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", | |
"contentVersion": "1.0.0.0", | |
"parameters": { | |
"projectName": { | |
"type": "string" | |
}, | |
"location": { | |
"type": "string" | |
}, | |
"timeZoneID": { | |
"type": "string" | |
}, | |
"loopCount": { | |
"type": "int" | |
}, | |
"storageDiagUrl": { | |
"type": "string" | |
}, | |
"vmName": { | |
"type": "string" | |
}, | |
"subNetRef": { | |
"type": "string" | |
}, | |
"vmSize": { | |
"type": "string" | |
}, | |
"vmSpot": { | |
"type": "bool" | |
}, | |
"vmStorageSkuType": { | |
"type": "string" | |
}, | |
"adminUser": { | |
"type": "string" | |
}, | |
"adminPasswd": { | |
"type": "securestring" | |
}, | |
"intLbName": { | |
"type": "string" | |
}, | |
"intLbBackEndPool": { | |
"type": "string" | |
}, | |
"intLbBrokerIP": { | |
"type": "string" | |
}, | |
"intLbWebGWIP": { | |
"type": "string" | |
}, | |
"pubLbName": { | |
"type": "string" | |
}, | |
"pubLbBackEndPool": { | |
"type": "string" | |
}, | |
"adDomainName": { | |
"type": "string" | |
}, | |
"firstDcIP": { | |
"type": "string" | |
}, | |
"dcName": { | |
"type": "string" | |
}, | |
"MainConnectionBroker": { | |
"type": "string" | |
}, | |
"WebAccessServerName": { | |
"type": "string" | |
}, | |
"WebAccessServerCount": { | |
"type": "int" | |
}, | |
"SessionHostName": { | |
"type": "string" | |
}, | |
"SessionHostCount": { | |
"type": "int" | |
}, | |
"LicenseServerName": { | |
"type": "string" | |
}, | |
"LicenseServerCount": { | |
"type": "int" | |
}, | |
"externalFqdn": { | |
"type": "string" | |
}, | |
"brokerFqdn": { | |
"type": "string" | |
}, | |
"externalDnsZone": { | |
"type": "string" | |
}, | |
"dscFunction": { | |
"type": "string" | |
}, | |
"dscLocation": { | |
"type": "string" | |
}, | |
"dscScriptName": { | |
"type": "string" | |
}, | |
"scriptName": { | |
"type": "string" | |
}, | |
"deployHA": { | |
"type": "bool" | |
}, | |
"rdsDBName": { | |
"type": "string" | |
}, | |
"azureSQLFqdn": { | |
"type": "string" | |
}, | |
"webGwName": { | |
"type": "string" | |
}, | |
"_artifactsLocationSasToken": { | |
"type": "securestring" | |
} | |
}, | |
"variables": { | |
"scriptPath": "[uri(parameters('dscLocation'),concat('scripts/',parameters('scriptName'),parameters('_artifactsLocationSasToken')))]", | |
"intlbPool": [ | |
{ | |
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',parameters('intLbName'),parameters('intLbBackEndPool'))]" | |
} | |
], | |
"pubIntlbPool": [ | |
{ | |
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',parameters('intLbName'),parameters('intLbBackEndPool'))]" | |
}, | |
{ | |
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools',parameters('pubLbName'),parameters('pubLbBackEndPool'))]" | |
} | |
], | |
"intlbRef": "[resourceId(parameters('location'),'Microsoft.Network/loadBalancers',parameters('intLbName'))]" | |
}, | |
"resources": [ | |
{ | |
"type": "Microsoft.Network/publicIPAddresses", | |
"apiVersion": "2019-12-01", | |
"name": "[concat(parameters('vmName'),copyIndex(1),'pip')]", | |
"location": "[parameters('location')]", | |
"sku": { | |
"name": "Standard" | |
}, | |
"copy": { | |
"name": "[concat(parameters('vmName'),'pipcopy')]", | |
"count": "[parameters('loopCount')]" | |
}, | |
"properties": { | |
"publicIPAllocationMethod": "Static", | |
"dnsSettings": { | |
"domainNameLabel": "[concat(parameters('vmName'),'pip',copyIndex(1))]" | |
} | |
} | |
}, | |
{ | |
"type": "Microsoft.Network/networkInterfaces", | |
"apiVersion": "2019-12-01", | |
"location": "[parameters('location')]", | |
"name": "[concat(parameters('vmName'),copyIndex(1),'nic1')]", | |
"copy": { | |
"name": "[concat(parameters('vmName'),'niccopy')]", | |
"count": "[parameters('loopCount')]" | |
}, | |
"dependsOn": [ | |
"[resourceId('Microsoft.Network/publicIPAddresses',concat(parameters('vmName'),copyIndex(1),'pip'))]" | |
], | |
"properties": { | |
"ipConfigurations": [ | |
{ | |
"name": "ipconfig", | |
"properties": { | |
"subnet": { | |
"id": "[parameters('subNetRef')]" | |
}, | |
"privateIPAllocationMethod": "[if(equals(parameters('vmName'),parameters('dcName')),if(equals(copyIndex(1),1),'static','dynamic'),'dynamic')]", | |
"privateIPAddress": "[if(equals(parameters('vmName'),parameters('dcName')),if(equals(copyIndex(1),1),parameters('firstDcIP'),json('null')),json('null'))]", | |
"publicIPAddress": { | |
"id": "[resourceId('Microsoft.Network/publicIPAddresses',concat(parameters('vmName'),copyIndex(1),'pip'))]" | |
}, | |
"loadBalancerBackendAddressPools": "[if(not(empty(parameters('intLbBackEndPool'))),if(not(empty(parameters('pubLbBackEndPool'))),variables('pubIntlbPool'),variables('intlbPool')),json('null'))]" | |
} | |
} | |
] | |
} | |
}, | |
{ | |
"type": "Microsoft.Compute/virtualMachines", | |
"apiVersion": "2019-07-01", | |
"name": "[concat(parameters('vmName'),copyIndex(1))]", | |
"location": "[parameters('location')]", | |
"copy": { | |
"name": "[concat(parameters('vmName'),'vmcopy')]", | |
"count": "[parameters('loopCount')]" | |
}, | |
"dependsOn": [ | |
"[resourceId('Microsoft.Network/networkInterfaces',concat(parameters('vmName'),copyIndex(1),'nic1'))]" | |
], | |
"properties": { | |
"licenseType": "Windows_Server", | |
"billingProfile": { | |
"maxPrice": "[if(equals(parameters('vmSpot'),bool('true')),'-1',json('null'))]" | |
}, | |
"priority": "[if(equals(parameters('vmSpot'),bool('true')),'Spot',json('null'))]", | |
"evictionPolicy": "[if(equals(parameters('vmSpot'),bool('true')),'Deallocate',json('null'))]", | |
"diagnosticsProfile": { | |
"bootDiagnostics": { | |
"enabled": true, | |
"storageUri": "[parameters('storageDiagUrl')]" | |
} | |
}, | |
"networkProfile": { | |
"networkInterfaces": [ | |
{ | |
"id": "[resourceId('Microsoft.Network/networkInterfaces',concat(parameters('vmName'),copyIndex(1),'nic1'))]" | |
} | |
] | |
}, | |
"osProfile": { | |
"adminUsername": "[parameters('adminUser')]", | |
"adminPassword": "[parameters('adminPasswd')]", | |
"computerName": "[concat(parameters('vmName'),copyIndex(1))]" | |
}, | |
"hardwareProfile": { | |
"vmSize": "[parameters('vmSize')]" | |
}, | |
"storageProfile": { | |
"osDisk": { | |
"createOption": "FromImage", | |
"managedDisk": { | |
"storageAccountType": "[parameters('vmStorageSkuType')]" | |
} | |
}, | |
"imageReference": { | |
"publisher": "MicrosoftWindowsServer", | |
"offer": "WindowsServer", | |
"sku": "2019-Datacenter", | |
"version": "latest" | |
} | |
} | |
}, | |
"resources": [ | |
{ | |
"type": "Microsoft.Compute/virtualMachines/extensions", | |
"apiVersion": "2019-12-01", | |
"name": "[concat(parameters('vmName'),copyIndex(1),'/dscext')]", | |
"location": "[parameters('location')]", | |
"condition": "[not(empty(parameters('dscFunction')))]", | |
"dependsOn": [ | |
"[resourceId('Microsoft.Compute/virtualMachines',concat(parameters('vmName'),copyIndex(1)))]" | |
], | |
"properties": { | |
"publisher": "Microsoft.Powershell", | |
"type": "DSC", | |
"typeHandlerVersion": "2.11", | |
"autoUpgradeMinorVersion": true, | |
"settings": { | |
"ModulesUrl": "[uri(parameters('dscLocation'),concat('dsc/',parameters('dscScriptName'),parameters('_artifactsLocationSasToken')))]", | |
"ConfigurationFunction": "[parameters('dscFunction')]", | |
"Properties": { | |
"AdminCreds": { | |
"UserName": "[parameters('adminUser')]", | |
"Password": "PrivateSettingsRef:AdminPassword" | |
}, | |
"RDSParameters": [ | |
{ | |
"timeZoneID": "[parameters('timeZoneID')]", | |
"DomainName": "[parameters('adDomainName')]", | |
"DNSServer": "[parameters('firstDcIP')]", | |
"MainConnectionBroker": "[parameters('MainConnectionBroker')]", | |
"WebAccessServer": "[concat(parameters('WebAccessServerName'),'1')]", | |
"SessionHost": "[concat(parameters('SessionHostName'),'1')]", | |
"LicenseServer": "[concat(parameters('LicenseServerName'),'1')]", | |
"externalFqdn": "[parameters('externalFqdn')]", | |
"externalDnsDomain": "[parameters('externalDnsZone')]", | |
"IntBrokerLBIP": "[parameters('intLbBrokerIP')]", | |
"IntWebGWLBIP": "[parameters('intLbWebGWIP')]", | |
"WebGWDNS": "[parameters('webGwName')]" | |
} | |
] | |
} | |
}, | |
"protectedSettings": { | |
"Items": { | |
"AdminPassword": "[parameters('adminPasswd')]" | |
} | |
} | |
} | |
}, | |
{ | |
"type": "Microsoft.Compute/virtualMachines/extensions", | |
"apiVersion": "2019-12-01", | |
"name": "[concat(parameters('vmName'),copyIndex(1),'/pwshext')]", | |
"location": "[parameters('location')]", | |
"condition": "[and(contains(parameters('vmName'),'cb'),parameters('deployHA'))]", | |
"dependsOn": [ | |
"[resourceId('Microsoft.Compute/virtualMachines',concat(parameters('vmName'),copyIndex(1)))]", | |
"[resourceId('Microsoft.Compute/virtualMachines/extensions',concat(parameters('vmName'),copyIndex(1)),'dscext')]" | |
], | |
"properties": { | |
"publisher": "Microsoft.Compute", | |
"type": "CustomScriptExtension", | |
"typeHandlerVersion": "1.10", | |
"autoUpgradeMinorVersion": true, | |
"settings": { | |
"fileUris": [ | |
"[variables('scriptPath')]" | |
] | |
}, | |
"protectedSettings": { | |
"commandToExecute": "[concat('powershell -ExecutionPolicy Bypass -File ./',parameters('scriptName'),' -AdminUser ',parameters('adminUser'),' -Passwd ',parameters('adminPasswd'),' -MainConnectionBroker ',parameters('MainConnectionBroker'),' -BrokerFqdn ',parameters('brokerFqdn'),' -WebGatewayFqdn ',parameters('externalFqdn'),' -AzureSQLFQDN ',parameters('azureSqlFqdn'),' -AzureSQLDBName ',parameters('rdsDBName'),' -WebAccessServerName ',parameters('WebAccessServerName'),' -WebAccessServerCount ',parameters('WebAccessServerCount'),' -SessionHostName ',parameters('SessionHostName'),' -SessionHostCount ',parameters('SessionHostCount'),' -LicenseServerName ',parameters('LicenseServerName'),' -LicenseServerCount ',parameters('LicenseServerCount'))]" | |
} | |
} | |
} | |
] | |
} | |
] | |
} | |
} | |
} | |
], | |
"outputs": { | |
"adminUser": { | |
"type": "string", | |
"value": "[parameters('adminUser')]" | |
}, | |
"WebAccessFQDN": { | |
"type": "string", | |
"value": "[reference(resourceId('Microsoft.Network/publicIPAddresses',variables('publicLbIpName'))).dnsSettings.fqdn]" | |
}, | |
"ExternalFQDN": { | |
"type": "string", | |
"value": "[variables('externalFqdn')]", | |
"condition": "[parameters('deployHA')]" | |
} | |
} | |
} | |
'@ | |
$response = Invoke-RestMethod 'https://test-iac.argos-security.io/api/iac-test?provider=arm&file_type=json' -Method 'POST' -Headers $headers -Body $body | |
$response |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment