diff --git a/Docs/index.md b/Docs/index.md index 40b6401d..6b0be1f3 100644 --- a/Docs/index.md +++ b/Docs/index.md @@ -93,6 +93,7 @@ The following is the unique IDs (also known as PIDs) used in each of the modules | `Export-NonComplianceReports` | `f464b017-898b-4156-9da5-af932831fa2f` | | `Get-AzExemptions` | `3f02e7d5-1cf5-490a-a95c-3d49f0673093` | | `New-AzPolicyReaderRole` | `f4b5b7ac-70b4-40fc-836f-585791aa83e7` | +| `Sync-ALZPolicies` | `pid-a5e82cd0-9dda-417b-948c-68ec81596c32`| ## Support diff --git a/Scripts/CloudAdoptionFramework/Sync-ALZPolicies.ps1 b/Scripts/CloudAdoptionFramework/Sync-ALZPolicies.ps1 index 05cfab2f..c8d3c5e7 100644 --- a/Scripts/CloudAdoptionFramework/Sync-ALZPolicies.ps1 +++ b/Scripts/CloudAdoptionFramework/Sync-ALZPolicies.ps1 @@ -20,6 +20,19 @@ if ($DefinitionsRootFolder -eq "") { } } +try { + $telemetryEnabled = (Get-Content $DefinitionsRootFolder/global-settings.jsonc | ConvertFrom-Json).telemetryOptOut + $deploymentRootScope = (Get-Content $DefinitionsRootFolder/global-settings.jsonc | ConvertFrom-Json).pacEnvironments[0] + if (!($telemetryEnabled)) { + Write-Information "Telemetry is enabled" + Submit-EPACTelemetry -Cuapid "pid-a5e82cd0-9dda-417b-948c-68ec81596c32" -DeploymentRootScope $deploymentRootScope + } + else { + Write-Information "Telemetry is disabled" + } +} +catch {} + New-Item -Path "$DefinitionsRootFolder\policyDefinitions" -ItemType Directory -Force -ErrorAction SilentlyContinue New-Item -Path "$DefinitionsRootFolder\policyDefinitions\ALZ" -ItemType Directory -Force -ErrorAction SilentlyContinue New-Item -Path "$DefinitionsRootFolder\policySetDefinitions" -ItemType Directory -Force -ErrorAction SilentlyContinue diff --git a/Scripts/Deploy/Build-DeploymentPlans.ps1 b/Scripts/Deploy/Build-DeploymentPlans.ps1 index 1d54b0e4..70ef49c1 100644 --- a/Scripts/Deploy/Build-DeploymentPlans.ps1 +++ b/Scripts/Deploy/Build-DeploymentPlans.ps1 @@ -74,7 +74,7 @@ $null = Set-AzCloudTenantSubscription -Cloud $pacEnvironment.cloud -TenantId $pa # Telemetry if ($pacEnvironment.telemetryEnabled) { Write-Information "Telemetry is enabled" - [Microsoft.Azure.Common.Authentication.AzureSession]::ClientFactory.AddUserAgent("pid-3c88f740-55a8-4a96-9fba-30a81b52151a") + Submit-EPACTelemetry -Cuapid "pid-3c88f740-55a8-4a96-9fba-30a81b52151a" -DeploymentRootScope $pacEnvironment.deploymentRootScope } else { Write-Information "Telemetry is disabled" diff --git a/Scripts/Deploy/Deploy-PolicyPlan.ps1 b/Scripts/Deploy/Deploy-PolicyPlan.ps1 index ad555991..f847eb7e 100644 --- a/Scripts/Deploy/Deploy-PolicyPlan.ps1 +++ b/Scripts/Deploy/Deploy-PolicyPlan.ps1 @@ -63,7 +63,7 @@ $null = Set-AzCloudTenantSubscription -Cloud $pacEnvironment.cloud -TenantId $pa # Telemetry if ($pacEnvironment.telemetryEnabled) { Write-Information "Telemetry is enabled" - [Microsoft.Azure.Common.Authentication.AzureSession]::ClientFactory.AddUserAgent("pid-fe9ff1e8-5521-4b9d-ab1d-84e15447565e") + Submit-EPACTelemetry -Cuapid "pid-fe9ff1e8-5521-4b9d-ab1d-84e15447565e" -DeploymentRootScope $pacEnvironment.deploymentRootScope } else { Write-Information "Telemetry is disabled" diff --git a/Scripts/Deploy/Deploy-RolesPlan.ps1 b/Scripts/Deploy/Deploy-RolesPlan.ps1 index a9e78e5a..75bc8275 100644 --- a/Scripts/Deploy/Deploy-RolesPlan.ps1 +++ b/Scripts/Deploy/Deploy-RolesPlan.ps1 @@ -61,7 +61,7 @@ $null = Set-AzCloudTenantSubscription -Cloud $pacEnvironment.cloud -TenantId $pa # Telemetry if ($pacEnvironment.telemetryEnabled) { Write-Information "Telemetry is enabled" - [Microsoft.Azure.Common.Authentication.AzureSession]::ClientFactory.AddUserAgent("pid-cf031290-b7d4-48ef-9ff5-4dcd7bff8c6c") + Submit-EPACTelemetry -Cuapid "pid-cf031290-b7d4-48ef-9ff5-4dcd7bff8c6c" -DeploymentRootScope $pacEnvironment.deploymentRootScope } else { Write-Information "Telemetry is disabled" diff --git a/Scripts/Helpers/Add-HelperScripts.ps1 b/Scripts/Helpers/Add-HelperScripts.ps1 index 08cb3966..ebe9e756 100644 --- a/Scripts/Helpers/Add-HelperScripts.ps1 +++ b/Scripts/Helpers/Add-HelperScripts.ps1 @@ -93,10 +93,13 @@ . "$PSScriptRoot/Set-ExportNodeAncestors.ps1" . "$PSScriptRoot/Set-UniqueRoleAssignmentScopes.ps1" + . "$PSScriptRoot/Split-ArrayIntoChunks.ps1" . "$PSScriptRoot/Split-AzPolicyResourceId.ps1" . "$PSScriptRoot/Split-HashtableIntoChunks.ps1" +. "$PSScriptRoot/Submit-EPACTelemetry.ps1" + . "$PSScriptRoot/Switch-PacEnvironment.ps1" . "$PSScriptRoot/Write-AssignmentDetails.ps1" diff --git a/Scripts/Helpers/Submit-EPACTelemetry.ps1 b/Scripts/Helpers/Submit-EPACTelemetry.ps1 new file mode 100644 index 00000000..efc8176b --- /dev/null +++ b/Scripts/Helpers/Submit-EPACTelemetry.ps1 @@ -0,0 +1,18 @@ +function Submit-EPACTelemetry { + [CmdletBinding()] + param( + [string]$Cuapid, + [string]$DeploymentRootScope + ) + $method = "PUT" + + # Note - all these calls are meant to fail - we can track the pid in the logs + if ($DeploymentRootScope -match "Microsoft.Management/managementgroups") { + $managementGroupId = $DeploymentRootScope.Split("/")[-1] + Invoke-AzRestMethod -Uri "https://management.azure.com/providers/Microsoft.Management/managementGroups/$($managementGroupId)/providers/Microsoft.Resources/deployments/$($Cuapid)?api-version=2021-04-01" -Method $method -ErrorAction SilentlyContinue -AsJob | Out-Null + } + elseif ($DeploymentRootScope -match "subscriptions") { + $subscriptionId = $DeploymentRootScope.Split("/")[-1] + Invoke-AzRestMethod -Uri "https://management.azure.com/subscriptions/$($subscriptionId)/providers/Microsoft.Resources/deployments/$($Cuapid)?api-version=2021-04-01" -Method $method -ErrorAction SilentlyContinue -AsJob | Out-Null + } +} \ No newline at end of file diff --git a/Scripts/Operations/Build-PolicyDocumentation.ps1 b/Scripts/Operations/Build-PolicyDocumentation.ps1 index 385b5db6..9abf18cd 100644 --- a/Scripts/Operations/Build-PolicyDocumentation.ps1 +++ b/Scripts/Operations/Build-PolicyDocumentation.ps1 @@ -75,7 +75,7 @@ if (-not (Test-Path $outputPath)) { # Telemetry if ($globalSettings.telemetryEnabled) { Write-Information "Telemetry is enabled" - [Microsoft.Azure.Common.Authentication.AzureSession]::ClientFactory.AddUserAgent("pid-2dc29bae-2448-4d7f-b911-418421e83900") + Submit-EPACTelemetry -Cuapid "pid-2dc29bae-2448-4d7f-b911-418421e83900" -DeploymentRootScope $pacEnvironment.deploymentRootScope } else { Write-Information "Telemetry is disabled" diff --git a/Scripts/Operations/Export-AzPolicyResources.ps1 b/Scripts/Operations/Export-AzPolicyResources.ps1 index fcf31cfb..ec0bce40 100644 --- a/Scripts/Operations/Export-AzPolicyResources.ps1 +++ b/Scripts/Operations/Export-AzPolicyResources.ps1 @@ -140,7 +140,7 @@ $invalidChars += (":[]()$".ToCharArray()) # Telemetry if ($globalSettings.telemetryEnabled) { Write-Information "Telemetry is enabled" - [Microsoft.Azure.Common.Authentication.AzureSession]::ClientFactory.AddUserAgent("pid-dc5b73fd-e93c-40ca-8fef-976762d1d30") + Submit-EPACTelemetry -Cuapid "pid-dc5b73fd-e93c-40ca-8fef-976762d1d30" -DeploymentRootScope $pacEnvironment.deploymentRootScope } else { Write-Information "Telemetry is disabled" diff --git a/Scripts/Operations/Export-NonComplianceReports.ps1 b/Scripts/Operations/Export-NonComplianceReports.ps1 index 227d0e51..2109f95c 100644 --- a/Scripts/Operations/Export-NonComplianceReports.ps1 +++ b/Scripts/Operations/Export-NonComplianceReports.ps1 @@ -135,7 +135,7 @@ $account = Set-AzCloudTenantSubscription -Cloud $pacEnvironment.cloud -TenantId # Telemetry if ($pacEnvironment.telemetryEnabled) { Write-Information "Telemetry is enabled" - [Microsoft.Azure.Common.Authentication.AzureSession]::ClientFactory.AddUserAgent("pid-f464b017-898b-4156-9da5-af932831fa2f") + Submit-EPACTelemetry -Cuapid "pid-f464b017-898b-4156-9da5-af932831fa2f" -DeploymentRootScope $pacEnvironment.deploymentRootScope } else { Write-Information "Telemetry is disabled" diff --git a/Scripts/Operations/Get-AzExemptions.ps1 b/Scripts/Operations/Get-AzExemptions.ps1 index 11a19d54..e3318c06 100644 --- a/Scripts/Operations/Get-AzExemptions.ps1 +++ b/Scripts/Operations/Get-AzExemptions.ps1 @@ -64,7 +64,7 @@ $policyExemptionsFolder = "$($pacEnvironment.outputFolder)/policyExemptions" # Telemetry if ($pacEnvironment.telemetryEnabled) { Write-Information "Telemetry is enabled" - [Microsoft.Azure.Common.Authentication.AzureSession]::ClientFactory.AddUserAgent("pid-3f02e7d5-1cf5-490a-a95c-3d49f0673093") + Submit-EPACTelemetry -Cuapid "pid-3f02e7d5-1cf5-490a-a95c-3d49f0673093" -DeploymentRootScope $pacEnvironment.deploymentRootScope } else { Write-Information "Telemetry is disabled" diff --git a/Scripts/Operations/New-AzPolicyReaderRole.ps1 b/Scripts/Operations/New-AzPolicyReaderRole.ps1 index 1946eb3a..987e8a67 100644 --- a/Scripts/Operations/New-AzPolicyReaderRole.ps1 +++ b/Scripts/Operations/New-AzPolicyReaderRole.ps1 @@ -42,7 +42,7 @@ $null = Set-AzCloudTenantSubscription -Cloud $pacEnvironment.cloud -TenantId $pa # Telemetry if ($pacEnvironment.telemetryEnabled) { Write-Information "Telemetry is enabled" - [Microsoft.Azure.Common.Authentication.AzureSession]::ClientFactory.AddUserAgent("pid-f4b5b7ac-70b4-40fc-836f-585791aa83e7") + Submit-EPACTelemetry -Cuapid "pid-f4b5b7ac-70b4-40fc-836f-585791aa83e7" -DeploymentRootScope $pacEnvironment.deploymentRootScope } else { Write-Information "Telemetry is disabled"