Skip to content

Instantly share code, notes, and snippets.

Avatar
🥑
azure policy

Jesse jesseloudon

🥑
azure policy
View GitHub Profile
@jesseloudon
jesseloudon / actionGroup.bicep
Created Mar 19, 2021
AzureSpringClean2021 DINE policy example
View actionGroup.bicep
targetScope = 'resourceGroup'
// PARAMETERS
param actionGroupName string
param actionGroupEnabled bool
param actionGroupShortName string
param actionGroupEmailName string
param actionGroupEmail string
param actionGroupAlertSchema bool
@jesseloudon
jesseloudon / policyAssignment.bicep
Created Mar 19, 2021
AzureSpringClean2021 DINE policy example
View policyAssignment.bicep
targetScope = 'subscription'
// PARAMETERS
param bicepExampleInitiativeId string
param assignmentIdentityLocation string
param assignmentEnforcementMode string
// RESOURCES
resource bicepExampleAssignment 'Microsoft.Authorization/policyAssignments@2020-09-01' = {
name: 'bicepExampleAssignment'
@jesseloudon
jesseloudon / policyDefinition.bicep
Created Mar 19, 2021
AzureSpringClean2021 DINE policy example
View policyDefinition.bicep
targetScope = 'subscription'
// PARAMETERS
param actionGroupName string
param actionGroupRG string
param actionGroupId string
param metricAlertResourceNamespace string
param metricAlertName string
param metricAlertDimension1 string
param metricAlertDimension2 string
@jesseloudon
jesseloudon / main.bicep
Created Mar 19, 2021
AzureSpringClean2021 DINE policy example
View main.bicep
targetScope = 'subscription'
// PARAMETERS
param resourceGroupName string = 'BicepExampleRG'
param resourceGrouplocation string = 'australiaeast'
param actionGroupName string = 'BicepExampleAG'
param actionGroupEnabled bool = true
param actionGroupShortName string = 'bicepag'
param actionGroupEmailName string = 'jloudon'
param actionGroupEmail string = 'jesse.loudon@lab3.com.au'
@jesseloudon
jesseloudon / example.tf
Created Feb 7, 2021
Example of creating 1x Terraform AzureRM policyset and 1x assignment using built-in policies and passing in parameter_values
View example.tf
resource "azurerm_policy_set_definition" "example" {
name = "foundations"
policy_type = "Custom"
display_name = "Foundations"
description = "Contains built-in policies for Foundations"
metadata = jsonencode({ category = "Custom", version = "1.0.0", source = "Terraform" })
dynamic "policy_definition_reference" { #built-in policies without parameter_values
for_each = data.azurerm_policy_definition.builtin_policies_foundations
View ubuntu-setup-ansible.sh
#!/bin/bash
# This file should be sourced
# Change directory to user home
cd /home/ansibleadmin
# Upgrade all packages that have available updates and remove old ones.
sudo apt-get update
sudo apt upgrade -y
sudo apt autoremove --assume-yes
@jesseloudon
jesseloudon / extension.tf
Created Nov 9, 2020
ansible on azure part 2
View extension.tf
resource "azurerm_virtual_machine_extension" "vm1extension" {
name = var.vmName
virtual_machine_id = azurerm_linux_virtual_machine.vm1.id
publisher = "Microsoft.Azure.Extensions"
type = "CustomScript"
type_handler_version = "2.1"
settings = <<SETTINGS
{
"fileUris":["https://raw.githubusercontent.com/globalbao/terraform-azurerm-ansible-linux-vm/master/scripts/ubuntu-setup-ansible.sh"]
@jesseloudon
jesseloudon / shutdown.tf
Created Nov 9, 2020
ansible on azure part 2
View shutdown.tf
variable "vmShutdownTime" {
type = string
description = "virtual machine daily shutdown time"
default = "1900"
}
variable "vmShutdownTimeZone" {
type = string
description = "virtual machine daily shutdown time zone"
default = "AUS Eastern Standard Time"
@jesseloudon
jesseloudon / vm.tf
Created Nov 9, 2020
ansible on azure part 2
View vm.tf
variable "vmName" {
type = string
description = "virtual machine name w/ technician's initials as a suffix"
default = "ansibledev-yourinitials"
}
variable "vmSize" {
type = string
description = "virtual machine size"
default = "Standard_B2s"
@jesseloudon
jesseloudon / tls.tf
Created Nov 9, 2020
ansible on azure part 2
View tls.tf
resource "tls_private_key" "vm1key" {
algorithm = "RSA"
rsa_bits = "4096"
}
output "tls_private_key" {
value = tls_private_key.vm1key.private_key_pem
}