Skip to content

canada-ca-azure-templates/asg

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
template
template
 
 
test
test
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
SECURITY.md
SECURITY.md
 
 
readme.md
readme.md
 
 

Repository files navigation

Application Security Groups

Introduction

This template will create Application Security Groups (ASGs) that can be used for NIC and Subnet associations.

Security Controls

The following security controls can be met through configuration of this template:

  • Azure Networking: AC-4, CA-3 (5), SC-5, SC-7.b, SC-7 (4).b, SC-7 (5), SC-7 (13)
  • Azure Networking, ExpressRoute, VPN Gateway: SC-7.c, SC-7 (3), SC-7 (4).a

Dependancies

Parameter format

{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "ASGArray": {
            "value": [
                {
                    "resourceGroup": "temptest",
                    "applicationSecurityGroupName": "testASG1",
                    "tagValues": {
                        "Owner": "build.pipeline@tpsgc-pwgsc.gc.ca",
                        "CostCenter": "PSPC-EA",
                        "Enviroment": "Validate",
                        "Classification": "Unclassified",
                        "Organizations": "PSPC-CCC-E&O",
                        "DeploymentVersion": "2018-12-14-01"
                    }
                }
            ]
        }
    }
}

Parameter Values

Main Template

Name Type Required Value
containerSasToken string No SAS Token received as a parameter
_artifactsLocation string No Dynamically derived from the deployment template link uri
_debugLevel string No Specifies the type of information to log for debugging. The permitted values are none, requestContent, responseContent, or both requestContent and responseContent separated by a comma. The default is none. When setting this value, carefully consider the type of information you are passing in during deployment. By logging information about the request or response, you could potentially expose sensitive data that is retrieved through the deployment operations.
ASGArray array Yes Array of Application Security Group object

Application Security Group object

Name Type Required Value
resourceGroup string No Name of resourcefroup where availabilityset will be deployed. Only needed when doing a subscription level deployment. Not required for resourcegroup based deployment. Leaving the parameter in place in resourcegroup based deployment will not cause any issue as it will be simply ignored.
applicationSecurityGroupName string Yes Name of the Application Security Group
tagValues object Yes An object of tags - Tag Object

Tag object

Name Type Required Value
tagname1 string No tag1 value
... ... ... ...
tagnameX string No tagX value

History

Date Release Change
20181204 First release of template.
20181211 Updating deploy.ps1 to support new Azure subscription and be more flexible by moving variables as parameter with default values.
20181214 Implementing new template name as template.json
20190205 Template folder cleanup.
20190220 Just a test.
20190501 20190501 Updated documentation

About

No description, website, or topics provided.

Resources

Readme

License

MIT license

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

20190501: Update validation and readme (#2) Latest
May 16, 2019

Packages

No packages published

Languages