This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| locals { | |
| my_string = "Hello World!" | |
| my_empty_string = "" | |
| my_number_as_string = "1234" | |
| my_bool = true | |
| my_number = 1234 | |
| my_number_2 = 12.34 | |
| my_list = ["Hello", "World", "!"] | |
| my_set_of_strings = toset(["Hello", "World", "!"]) | |
| my_nested_list = [ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| variable "scenario" { | |
| type = string | |
| description = "Scenario to deploy. Must be one of 'simple', or 'complex'." | |
| default = "simple" | |
| validation { | |
| condition = contains(["simple", "complex"], var.scenario) | |
| error_message = "Scenario must be one of 'simple', or 'complex'." | |
| } | |
| } |
matt-FFFFFF
/ deploy-nsg-flowlog.json
Last active
March 11, 2021 11:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "properties": { | |
| "description": "Deploys NSG flow logs and traffic analytics to a storageaccountid with a specified retention period. This must be assigned once for each in-scope region because the storage account and NSG must be in the same region.", | |
| "displayName": "Deploys NSG flow logs and traffic analytics", | |
| "mode": "all", | |
| "parameters": { | |
| "effect": { | |
| "allowedValues": [ | |
| "DeployIfNotExists", | |
| "Disabled" |
matt-FFFFFF
/ deny-loganalytics-solution.json
Created
February 25, 2021 15:31
Azure policy to disallow specific LA solutions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "properties": { | |
| "displayName": "Disallowed Log Analytics solutions", | |
| "policyType": "Custom", | |
| "mode": "All", | |
| "description": "This policy enables you to specify the resource types that your organization cannot deploy.", | |
| "metadata": { | |
| "category": "General", | |
| }, | |
| "parameters": { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "name": { | |
| "type": "String" | |
| }, | |
| "location": { | |
| "type": "String" | |
| }, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| export KEYVAULT=<<<CHANGEME>>> | |
| # Configure ssh forwarding | |
| export SSH_AUTH_SOCK=$HOME/.ssh/agent.sock | |
| # need `ps -ww` to get non-truncated command for matching | |
| # use square brackets to generate a regex match for the process we want but that doesn't match the grep command running it! | |
| ALREADY_RUNNING=$(ps -auxww | grep -q "[n]piperelay.exe -ei -s //./pipe/openssh-ssh-agent"; echo $?) | |
| if [[ $ALREADY_RUNNING != "0" ]]; then | |
| if [[ -S $SSH_AUTH_SOCK ]]; then | |
| # not expecting the socket to exist as the forwarding command isn't running (http://www.tldp.org/LDP/abs/html/fto.html) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "mode": "All", | |
| "policyRule": { | |
| "if": { | |
| "allOf": [ | |
| { | |
| "equals": "Microsoft.Compute/virtualMachines", | |
| "field": "type" | |
| }, | |
| { |
matt-FFFFFF
/ NSG-Flow-Log-Analytics-policydef.json
Last active
July 21, 2020 10:56
NSG flow logs and traffic analytics policy def
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "mode": "All", | |
| "policyRule": { | |
| "if": { | |
| "equals": "Microsoft.Network/networkSecurityGroups", | |
| "field": "type" | |
| }, | |
| "then": { | |
| "details": { | |
| "deployment": { |
matt-FFFFFF
/ Microsoft.Authorization_roleDefinitions-NetOpsRole.parameters.json
Created
July 14, 2020 09:46
matt-FFFFFF
/ enterprisescalecleanup.sh
Last active
October 6, 2023 13:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Script to clean up after Enterprise-Scale - DO NOT RUN IN PRODUCTION | |
| echo "THIS SCRIPT WILL DESTROY YOUR AZURE ENVIRONMENT" | |
| read -n 4 -p "Are you SURE you want to do this? (type 'yes' to continue): " YES | |
| if [ ! "$YES" == "yes" ]; then | |
| echo "Confirmation denied - quitting" | |
| exit 0 |
NewerOlder