Permalink
Cannot retrieve contributors at this time
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
1031 lines (1031 sloc)
45.6 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "virtualMachineAdminUsername": { | |
| "type": "string" | |
| }, | |
| "virtualMachineAdminPassword": { | |
| "type": "securestring" | |
| }, | |
| "cosmosDbDatabaseName": { | |
| "type": "string" | |
| }, | |
| "cosmosDbContainerName": { | |
| "type": "string" | |
| }, | |
| "blobContainerName": { | |
| "type": "string" | |
| }, | |
| "deploySourceCode": { | |
| "type": "bool", | |
| "defaultValue": false | |
| }, | |
| "location": { | |
| "type": "string", | |
| "defaultValue": "[resourceGroup().location]" | |
| }, | |
| "function_repo_url": { | |
| "type": "string" | |
| }, | |
| "virtualNetworkAddressPrefix": { | |
| "type": "string", | |
| "defaultValue": "10.100.0.0/16" | |
| }, | |
| "bastionSubnetAddressPrefix": { | |
| "type": "string", | |
| "defaultValue": "10.100.3.0/27" | |
| }, | |
| "virtualMachineSubnetAddressPrefix": { | |
| "type": "string", | |
| "defaultValue": "10.100.2.0/24" | |
| }, | |
| "functionSubnetAddressPrefix": { | |
| "type": "string", | |
| "defaultValue": "10.100.0.0/24" | |
| }, | |
| "privateEndpointSubnetAddressPrefix": { | |
| "type": "string", | |
| "defaultValue": "10.100.1.0/24" | |
| } | |
| }, | |
| "variables": { | |
| "uniqueStringId": "[uniqueString(resourceGroup().id)]", | |
| "appServicePlanName": "[concat(variables('uniqueStringId'), '-asp')]", | |
| "functionAppName": "[concat(variables('uniqueStringId'), '-funcapp')]", | |
| "vnetName": "[concat(variables('uniqueStringId'), '-vnet')]", | |
| "functionWebJobsStorageAccountName": "[toLower(concat(variables('uniqueStringId'), 'wjsa'))]", | |
| "censusDataStorageAccountName": "[toLower(concat(variables('uniqueStringId'), 'pe'))]", | |
| "applicationInsightsName": "[concat(variables('uniqueStringId'), '-ai')]", | |
| "functionsSubnetName": "[concat(variables('uniqueStringId'), '-subnet-functions')]", | |
| "privateEndpointSubnetName": "[concat(variables('uniqueStringId'), '-subnet-privateendpoint')]", | |
| "privateEndpointStorageBlobName": "[concat(variables('uniqueStringId'), '-blob-private-endpoint')]", | |
| "privateEndpointCosmosDbName": "[concat(variables('uniqueStringId'), '-cosmosdb-private-endpoint')]", | |
| "privateEndpointWebJobsQueueStorageName": "[concat(variables('uniqueStringId'), '-wjsa-queue-private-endpoint')]", | |
| "privateEndpointWebJobsTableStorageName": "[concat(variables('uniqueStringId'), '-wjsa-table-private-endpoint')]", | |
| "privateEndpointWebJobsBlobStorageName": "[concat(variables('uniqueStringId'), '-wjsa-blob-private-endpoint')]", | |
| "privateEndpointWebJobsFileStorageName": "[concat(variables('uniqueStringId'), '-wjsa-file-private-endpoint')]", | |
| "privateStorageQueueDnsZoneName": "privatelink.queue.core.windows.net", | |
| "privateStorageBlobDnsZoneName": "privatelink.blob.core.windows.net", | |
| "privateStorageTableDnsZoneName": "privatelink.table.core.windows.net", | |
| "privateStorageFileDnsZoneName": "privatelink.file.core.windows.net", | |
| "privateCosmosDbDnsZoneName": "privatelink.documents.azure.com", | |
| "vmDiagnosticStorageAccountName": "[concat(variables('uniqueStringId'), 'vmdiag')]", | |
| "virtualMachineName": "[concat(variables('uniqueStringId'), 'vm')]", | |
| "vmNicName": "[concat(variables('uniqueStringId'), '-vm-nic')]", | |
| "vmSubnetName": "[concat(variables('uniqueStringId'), '-subnet-vm')]", | |
| "vmNsgName": "[concat(variables('uniqueStringId'), '-vm-nsg')]", | |
| "privateCosmosDbAccountName": "[concat(variables('uniqueStringId'), '-cosmosdb-private')]", | |
| "bastionPublicIPAddressName": "[concat(variables('uniqueStringId'), '-bastion-pip')]", | |
| "dnsLabelPrefix": "[concat('a', variables('uniqueStringId'), '-vm')]", | |
| "bastionHostName": "[concat(variables('uniqueStringId'), '-bastion-host')]", | |
| "bastionSubnetName": "AzureBastionSubnet", | |
| "appInsightsResourceId": "[resourceId('Microsoft.Insights/components', variables('applicationInsightsName'))]" | |
| }, | |
| "resources": [ | |
| { | |
| "type": "Microsoft.Network/virtualNetworks", | |
| "apiVersion": "2019-11-01", | |
| "location": "[parameters('location')]", | |
| "name": "[variables('vnetName')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/networkSecurityGroups/', variables('vmNsgName'))]" | |
| ], | |
| "properties": { | |
| "addressSpace": { | |
| "addressPrefixes": [ | |
| "[parameters('virtualNetworkAddressPrefix')]" | |
| ] | |
| }, | |
| "subnets": [ | |
| { | |
| "name": "[variables('functionsSubnetName')]", | |
| "properties": { | |
| "addressPrefix": "[parameters('functionSubnetAddressPrefix')]", | |
| "privateEndpointNetworkPolicies": "Enabled", | |
| "privateLinkServiceNetworkPolicies": "Enabled", | |
| "delegations": [ | |
| { | |
| "name": "webapp", | |
| "properties": { | |
| "serviceName": "Microsoft.Web/serverFarms", | |
| "actions": [ | |
| "Microsoft.Network/virtualNetworks/subnets/action" | |
| ] | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "name": "[variables('privateEndpointSubnetName')]", | |
| "properties": { | |
| "addressPrefix": "[parameters('privateEndpointSubnetAddressPrefix')]", | |
| "privateLinkServiceNetworkPolicies": "Enabled", | |
| "privateEndpointNetworkPolicies": "Disabled" | |
| } | |
| }, | |
| { | |
| "name": "[variables('vmSubnetName')]", | |
| "properties": { | |
| "addressPrefix": "[parameters('virtualMachineSubnetAddressPrefix')]", | |
| "networkSecurityGroup": { | |
| "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('vmNsgName'))]" | |
| }, | |
| "delegations": [ | |
| ], | |
| "serviceEndpoints": [ | |
| ], | |
| "privateLinkServiceNetworkPolicies": "Enabled", | |
| "privateEndpointNetworkPolicies": "Disabled" | |
| } | |
| }, | |
| { | |
| "name": "[variables('bastionSubnetName')]", | |
| "properties": { | |
| "addressPrefix": "[parameters('bastionSubnetAddressPrefix')]", | |
| "delegations": [ | |
| ], | |
| "privateEndpointNetworkPolicies": "Enabled", | |
| "privateLinkServiceNetworkPolicies": "Enabled" | |
| } | |
| } | |
| ], | |
| "virtualNetworkPeerings": [ | |
| ], | |
| "enableDdosProtection": false, | |
| "enableVmProtection": false | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Storage/storageAccounts", | |
| "apiVersion": "2019-06-01", | |
| "location": "[parameters('location')]", | |
| "name": "[variables('censusDataStorageAccountName')]", | |
| "sku": { | |
| "name": "Standard_LRS", | |
| "tier": "Standard" | |
| }, | |
| "kind": "StorageV2", | |
| "properties": { | |
| "networkAcls": { | |
| "bypass": "AzureServices", | |
| "virtualNetworkRules": [ | |
| ], | |
| "ipRules": [ | |
| ], | |
| "defaultAction": "Deny" | |
| }, | |
| "supportsHttpsTrafficOnly": true, | |
| "encryption": { | |
| "services": { | |
| "file": { | |
| "keyType": "Account", | |
| "enabled": true | |
| }, | |
| "blob": { | |
| "keyType": "Account", | |
| "enabled": true | |
| } | |
| }, | |
| "keySource": "Microsoft.Storage" | |
| } | |
| }, | |
| "resources": [ | |
| { | |
| "name": "[concat('default/', parameters('blobContainerName'))]", | |
| "type": "blobServices/containers", | |
| "apiVersion": "2018-07-01", | |
| "dependsOn": [ | |
| "[variables('censusDataStorageAccountName')]" | |
| ] | |
| } | |
| ] | |
| }, | |
| { | |
| "type": "Microsoft.Storage/storageAccounts", | |
| "apiVersion": "2019-06-01", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "name": "[variables('functionWebJobsStorageAccountName')]", | |
| "sku": { | |
| "name": "Standard_LRS", | |
| "tier": "Standard" | |
| }, | |
| "kind": "StorageV2", | |
| "properties": { | |
| "networkAcls": { | |
| "bypass": "AzureServices", | |
| "virtualNetworkRules": [ | |
| ], | |
| "ipRules": [ | |
| ], | |
| "defaultAction": "Deny" | |
| }, | |
| "supportsHttpsTrafficOnly": true, | |
| "encryption": { | |
| "services": { | |
| "file": { | |
| "keyType": "Account", | |
| "enabled": true | |
| }, | |
| "blob": { | |
| "keyType": "Account", | |
| "enabled": true | |
| } | |
| }, | |
| "keySource": "Microsoft.Storage" | |
| } | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Storage/storageAccounts/fileServices/shares", | |
| "apiVersion": "2019-06-01", | |
| "name": "[concat(variables('functionWebJobsStorageAccountName'), '/default/', 'myfunctionfiles')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Storage/storageAccounts', variables('functionWebJobsStorageAccountName'))]" | |
| ] | |
| }, | |
| { | |
| "type": "Microsoft.Storage/storageAccounts", | |
| "apiVersion": "2019-04-01", | |
| "name": "[variables('vmDiagnosticStorageAccountName')]", | |
| "location": "[parameters('location')]", | |
| "sku": { | |
| "name": "Standard_LRS" | |
| }, | |
| "kind": "Storage", | |
| "properties": { | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.DocumentDB/databaseAccounts", | |
| "name": "[variables('privateCosmosDbAccountName')]", | |
| "apiVersion": "2021-01-15", | |
| "kind": "GlobalDocumentDB", | |
| "location": "[parameters('location')]", | |
| "properties": { | |
| "consistencyPolicy": { | |
| "defaultConsistencyLevel": "Session" | |
| }, | |
| "locations": [ | |
| { | |
| "locationName": "[parameters('location')]" | |
| } | |
| ], | |
| "databaseAccountOfferType": "Standard", | |
| "enableAutomaticFailover": false, | |
| "enableMultipleWriteLocations": false, | |
| "publicNetworkAccess": "Disabled" | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.DocumentDB/databaseAccounts/sqlDatabases", | |
| "name": "[concat(variables('privateCosmosDbAccountName'), '/', parameters('cosmosDbDatabaseName'))]", | |
| "apiVersion": "2021-01-15", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.DocumentDB/databaseAccounts', variables('privateCosmosDbAccountName'))]" | |
| ], | |
| "properties": { | |
| "resource": { | |
| "id": "[ parameters('cosmosDbDatabaseName')]" | |
| }, | |
| "options": { | |
| } | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.DocumentDB/databaseAccounts/sqlDatabases/containers", | |
| "name": "[concat(variables('privateCosmosDbAccountName'), '/', parameters('cosmosDbDatabaseName'), '/', parameters('cosmosDbContainerName'))]", | |
| "apiVersion": "2021-01-15", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.DocumentDB/databaseAccounts/sqlDatabases', variables('privateCosmosDbAccountName'), parameters('cosmosDbDatabaseName'))]", | |
| "[resourceId('Microsoft.DocumentDB/databaseAccounts', variables('privateCosmosDbAccountName'))]" | |
| ], | |
| "properties": { | |
| "resource": { | |
| "id": "[parameters('cosmosDbContainerName')]", | |
| "partitionKey": { | |
| "paths": [ | |
| "/id" | |
| ], | |
| "kind": "Hash" | |
| }, | |
| "indexingPolicy": { | |
| "indexingMode": "consistent", | |
| "includedPaths": [ | |
| { | |
| "path": "/*" | |
| } | |
| ], | |
| "excludedPaths": [ | |
| { | |
| "path": "/\"_etag\"/?" | |
| } | |
| ] | |
| } | |
| }, | |
| "options": { | |
| "throughput": 400 | |
| } | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Compute/virtualMachines", | |
| "apiVersion": "2019-03-01", | |
| "name": "[variables('virtualMachineName')]", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Storage/storageAccounts/', variables('vmDiagnosticStorageAccountName'))]", | |
| "[resourceId('Microsoft.Network/networkInterfaces/', variables('vmNicName'))]" | |
| ], | |
| "properties": { | |
| "hardwareProfile": { | |
| "vmSize": "Standard_D2_v3" | |
| }, | |
| "osProfile": { | |
| "computerName": "[variables('virtualMachineName')]", | |
| "adminUsername": "[parameters('virtualMachineAdminUsername')]", | |
| "adminPassword": "[parameters('virtualMachineAdminPassword')]" | |
| }, | |
| "storageProfile": { | |
| "imageReference": { | |
| "publisher": "MicrosoftWindowsDesktop", | |
| "offer": "Windows-10", | |
| "sku": "rs5-pro", | |
| "version": "latest" | |
| }, | |
| "osDisk": { | |
| "createOption": "FromImage" | |
| } | |
| }, | |
| "networkProfile": { | |
| "networkInterfaces": [ | |
| { | |
| "id": "[resourceId('Microsoft.Nework/networkInterfaces', variables('vmNicName'))]" | |
| } | |
| ] | |
| }, | |
| "diagnosticsProfile": { | |
| "bootDiagnostics": { | |
| "enabled": true, | |
| "storageUri": "[reference(resourceId('Microsoft.Storage/storageAccounts/', variables('vmDiagnosticStorageAccountName'))).primaryEndpoints.blob]" | |
| } | |
| } | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.DevTestLab/schedules", | |
| "name": "[concat('shutdown-computevm-', variables('virtualMachineName'))]", | |
| "apiVersion": "2018-09-15", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[concat('Microsoft.Compute/virtualMachines/', variables('virtualMachineName'))]" | |
| ], | |
| "properties": { | |
| "status": "Enabled", | |
| "taskType": "ComputeVmShutdownTask", | |
| "dailyRecurrence": { | |
| "time": "1900" | |
| }, | |
| "timeZoneId": "UTC", | |
| "notificationSettings": { | |
| "status": "Disabled" | |
| }, | |
| "targetResourceId": "[resourceId('Microsoft.Compute/virtualMachines',variables('virtualMachineName'))]" | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Insights/components", | |
| "apiVersion": "2015-05-01", | |
| "location": "[parameters('location')]", | |
| "name": "[variables('applicationInsightsName')]", | |
| "kind": "web", | |
| "properties": { | |
| "Application_Type": "web" | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateDnsZones", | |
| "apiVersion": "2018-09-01", | |
| "name": "[variables('privateStorageQueueDnsZoneName')]", | |
| "location": "global", | |
| "properties": "" | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateDnsZones", | |
| "apiVersion": "2018-09-01", | |
| "name": "[variables('privateStorageBlobDnsZoneName')]", | |
| "location": "global", | |
| "properties": "" | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateDnsZones", | |
| "apiVersion": "2018-09-01", | |
| "name": "[variables('privateStorageTableDnsZoneName')]", | |
| "location": "global", | |
| "properties": "" | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateDnsZones", | |
| "apiVersion": "2018-09-01", | |
| "name": "[variables('privateStorageFileDnsZoneName')]", | |
| "location": "global", | |
| "properties": "" | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateDnsZones", | |
| "apiVersion": "2018-09-01", | |
| "name": "[variables('privateCosmosDbDnsZoneName')]", | |
| "location": "global", | |
| "properties": "" | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", | |
| "apiVersion": "2018-09-01", | |
| "name": "[concat(variables('privateStorageQueueDnsZoneName'), '/', variables('privateStorageQueueDnsZoneName'), '-link')]", | |
| "location": "global", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageQueueDnsZoneName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "registrationEnabled": false, | |
| "virtualNetwork": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| } | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", | |
| "apiVersion": "2018-09-01", | |
| "name": "[concat(variables('privateStorageTableDnsZoneName'), '/', variables('privateStorageTableDnsZoneName'), '-link')]", | |
| "location": "global", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageTableDnsZoneName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "registrationEnabled": false, | |
| "virtualNetwork": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| } | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", | |
| "apiVersion": "2018-09-01", | |
| "name": "[concat(variables('privateStorageBlobDnsZoneName'), '/', variables('privateStorageBlobDnsZoneName'), '-link')]", | |
| "location": "global", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageBlobDnsZoneName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "registrationEnabled": false, | |
| "virtualNetwork": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| } | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", | |
| "apiVersion": "2018-09-01", | |
| "name": "[concat(variables('privateStorageFileDnsZoneName'), '/', variables('privateStorageFileDnsZoneName'), '-link')]", | |
| "location": "global", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageFileDnsZoneName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "registrationEnabled": false, | |
| "virtualNetwork": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| } | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks", | |
| "apiVersion": "2018-09-01", | |
| "name": "[concat(variables('privateCosmosDbDnsZoneName'), '/', variables('privateCosmosDbDnsZoneName'), '-link')]", | |
| "location": "global", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/privateDnsZones', variables('privateCosmosDbDnsZoneName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "registrationEnabled": false, | |
| "virtualNetwork": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| } | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateEndpoints", | |
| "name": "[variables('privateEndpointStorageBlobName')]", | |
| "apiVersion": "2019-11-01", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Storage/storageAccounts', variables('censusDataStorageAccountName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "subnet": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('privateEndpointSubnetName') )]" | |
| }, | |
| "privateLinkServiceConnections": [ | |
| { | |
| "name": "MyStorageBlobPrivateLinkConnection", | |
| "properties": { | |
| "privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts', variables('censusDataStorageAccountName'))]", | |
| "groupIds": [ | |
| "blob" | |
| ] | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", | |
| "apiVersion": "2020-03-01", | |
| "location": "[parameters('location')]", | |
| "name": "[concat(variables('privateEndpointStorageBlobName'), '/default')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageBlobDnsZoneName'))]", | |
| "[resourceId('Microsoft.Network/privateEndpoints', variables('privateEndpointStorageBlobName'))]" | |
| ], | |
| "properties": { | |
| "privateDnsZoneConfigs": [ | |
| { | |
| "name": "config1", | |
| "properties": { | |
| "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageBlobDnsZoneName'))]" | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateEndpoints", | |
| "name": "[variables('privateEndpointWebJobsQueueStorageName')]", | |
| "apiVersion": "2019-11-01", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Storage/storageAccounts', variables('functionWebJobsStorageAccountName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "subnet": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('privateEndpointSubnetName') )]" | |
| }, | |
| "privateLinkServiceConnections": [ | |
| { | |
| "name": "MyStorageQueuePrivateLinkConnection", | |
| "properties": { | |
| "privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts', variables('functionWebJobsStorageAccountName'))]", | |
| "groupIds": [ | |
| "queue" | |
| ] | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", | |
| "apiVersion": "2020-03-01", | |
| "location": "[parameters('location')]", | |
| "name": "[concat(variables('privateEndpointWebJobsQueueStorageName'), '/default')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageQueueDnsZoneName'))]", | |
| "[resourceId('Microsoft.Network/privateEndpoints', variables('privateEndpointWebJobsQueueStorageName'))]" | |
| ], | |
| "properties": { | |
| "privateDnsZoneConfigs": [ | |
| { | |
| "name": "config1", | |
| "properties": { | |
| "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageQueueDnsZoneName'))]" | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateEndpoints", | |
| "name": "[variables('privateEndpointWebJobsTableStorageName')]", | |
| "apiVersion": "2019-11-01", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Storage/storageAccounts', variables('functionWebJobsStorageAccountName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "subnet": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('privateEndpointSubnetName') )]" | |
| }, | |
| "privateLinkServiceConnections": [ | |
| { | |
| "name": "MyStorageQueuePrivateLinkConnection", | |
| "properties": { | |
| "privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts', variables('functionWebJobsStorageAccountName'))]", | |
| "groupIds": [ | |
| "table" | |
| ] | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", | |
| "apiVersion": "2020-03-01", | |
| "location": "[parameters('location')]", | |
| "name": "[concat(variables('privateEndpointWebJobsTableStorageName'), '/default')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageTableDnsZoneName'))]", | |
| "[resourceId('Microsoft.Network/privateEndpoints', variables('privateEndpointWebJobsTableStorageName'))]" | |
| ], | |
| "properties": { | |
| "privateDnsZoneConfigs": [ | |
| { | |
| "name": "config1", | |
| "properties": { | |
| "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageTableDnsZoneName'))]" | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateEndpoints", | |
| "name": "[variables('privateEndpointWebJobsBlobStorageName')]", | |
| "apiVersion": "2019-11-01", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Storage/storageAccounts', variables('functionWebJobsStorageAccountName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "subnet": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('privateEndpointSubnetName') )]" | |
| }, | |
| "privateLinkServiceConnections": [ | |
| { | |
| "name": "MyStorageQueuePrivateLinkConnection", | |
| "properties": { | |
| "privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts', variables('functionWebJobsStorageAccountName'))]", | |
| "groupIds": [ | |
| "blob" | |
| ] | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", | |
| "apiVersion": "2020-03-01", | |
| "location": "[parameters('location')]", | |
| "name": "[concat(variables('privateEndpointWebJobsBlobStorageName'), '/default')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageBlobDnsZoneName'))]", | |
| "[resourceId('Microsoft.Network/privateEndpoints', variables('privateEndpointWebJobsBlobStorageName'))]" | |
| ], | |
| "properties": { | |
| "privateDnsZoneConfigs": [ | |
| { | |
| "name": "config1", | |
| "properties": { | |
| "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageBlobDnsZoneName'))]" | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateEndpoints", | |
| "name": "[variables('privateEndpointWebJobsFileStorageName')]", | |
| "apiVersion": "2019-11-01", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Storage/storageAccounts', variables('functionWebJobsStorageAccountName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "subnet": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('privateEndpointSubnetName') )]" | |
| }, | |
| "privateLinkServiceConnections": [ | |
| { | |
| "name": "MyStorageQueuePrivateLinkConnection", | |
| "properties": { | |
| "privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts', variables('functionWebJobsStorageAccountName'))]", | |
| "groupIds": [ | |
| "file" | |
| ] | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", | |
| "apiVersion": "2020-03-01", | |
| "location": "[parameters('location')]", | |
| "name": "[concat(variables('privateEndpointWebJobsFileStorageName'), '/default')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageFileDnsZoneName'))]", | |
| "[resourceId('Microsoft.Network/privateEndpoints', variables('privateEndpointWebJobsFileStorageName'))]" | |
| ], | |
| "properties": { | |
| "privateDnsZoneConfigs": [ | |
| { | |
| "name": "config1", | |
| "properties": { | |
| "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateStorageFileDnsZoneName'))]" | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateEndpoints", | |
| "name": "[variables('privateEndpointCosmosDbName')]", | |
| "apiVersion": "2019-11-01", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.DocumentDB/databaseAccounts', variables('privateCosmosDbAccountName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "subnet": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('privateEndpointSubnetName') )]" | |
| }, | |
| "privateLinkServiceConnections": [ | |
| { | |
| "name": "MyCosmosDbPrivateLinkConnection", | |
| "properties": { | |
| "privateLinkServiceId": "[resourceId('Microsoft.DocumentDB/databaseAccounts', variables('privateCosmosDbAccountName'))]", | |
| "groupIds": [ | |
| "Sql" | |
| ] | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups", | |
| "apiVersion": "2020-03-01", | |
| "location": "[parameters('location')]", | |
| "name": "[concat(variables('privateEndpointCosmosDbName'), '/default')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/privateDnsZones', variables('privateCosmosDbDnsZoneName'))]", | |
| "[resourceId('Microsoft.Network/privateEndpoints', variables('privateEndpointCosmosDbName'))]" | |
| ], | |
| "properties": { | |
| "privateDnsZoneConfigs": [ | |
| { | |
| "name": "config1", | |
| "properties": { | |
| "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', variables('privateCosmosDbDnsZoneName'))]" | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/bastionHosts", | |
| "name": "[variables('bastionHostName')]", | |
| "apiVersion": "2019-11-01", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/publicIpAddresses', variables('bastionPublicIPAddressName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "ipConfigurations": [ | |
| { | |
| "name": "IpConf", | |
| "properties": { | |
| "subnet": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('BastionSubnetName'))]" | |
| }, | |
| "publicIPAddress": { | |
| "id": "[resourceId('Microsoft.Network/publicIpAddresses', variables('bastionPublicIPAddressName'))]" | |
| } | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/networkInterfaces", | |
| "apiVersion": "2018-11-01", | |
| "name": "[variables('vmNicName')]", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Network/virtualNetworks/', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "ipConfigurations": [ | |
| { | |
| "name": "ipconfig1", | |
| "properties": { | |
| "privateIPAllocationMethod": "Dynamic", | |
| "subnet": { | |
| "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('vmSubnetName'))]" | |
| } | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Network/publicIPAddresses", | |
| "apiVersion": "2018-11-01", | |
| "name": "[variables('bastionPublicIPAddressName')]", | |
| "location": "[parameters('location')]", | |
| "sku": { | |
| "name": "Standard" | |
| }, | |
| "properties": { | |
| "publicIPAllocationMethod": "Static", | |
| "dnsSettings": { | |
| "domainNameLabel": "[variables('dnsLabelPrefix')]" | |
| } | |
| } | |
| }, | |
| { | |
| "apiVersion": "2019-04-01", | |
| "type": "Microsoft.Network/networkSecurityGroups", | |
| "name": "[variables('vmNsgName')]", | |
| "location": "[parameters('location')]", | |
| "properties": { | |
| "securityRules": [ | |
| { | |
| "name": "Block_RDP_Internet", | |
| "properties": { | |
| "description": "Block RDP", | |
| "protocol": "Tcp", | |
| "sourcePortRange": "*", | |
| "destinationPortRange": "3389", | |
| "sourceAddressPrefix": "Internet", | |
| "destinationAddressPrefix": "*", | |
| "access": "Deny", | |
| "priority": 101, | |
| "direction": "Inbound" | |
| } | |
| } | |
| ] | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Web/serverfarms", | |
| "apiVersion": "2018-02-01", | |
| "name": "[variables('appServicePlanName')]", | |
| "location": "[parameters('location')]", | |
| "sku": { | |
| "name": "EP1", | |
| "tier": "ElasticPremium", | |
| "size": "EP1", | |
| "family": "EP", | |
| "capacity": 1 | |
| }, | |
| "kind": "elastic", | |
| "properties": { | |
| "maximumElasticWorkerCount": 20 | |
| } | |
| }, | |
| { | |
| "type": "Microsoft.Web/sites", | |
| "apiVersion": "2018-11-01", | |
| "name": "[variables('functionAppName')]", | |
| "location": "[parameters('location')]", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Web/serverfarms', variables('appServicePlanName'))]", | |
| "[resourceId('Microsoft.Storage/storageAccounts', variables('functionWebJobsStorageAccountName'))]" | |
| ], | |
| "kind": "functionapp", | |
| "properties": { | |
| "serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('appServicePlanName'))]", | |
| "siteConfig": { | |
| "vnetName": "[concat('bead47e1-d65e-4cb4-b907-f74674d32c09_', variables('functionsSubnetName'))]", | |
| "appSettings": [ | |
| { | |
| "name": "APPINSIGHTS_INSTRUMENTATIONKEY", | |
| "value": "[reference(variables('appInsightsResourceId'), '2018-05-01-preview').instrumentationKey]" | |
| }, | |
| { | |
| "name": "APPLICATIONINSIGHTS_CONNECTION_STRING", | |
| "value": "[concat('InstrumentationKey=', reference(variables('appInsightsResourceId'), '2018-05-01-preview').instrumentationKey)]" | |
| }, | |
| { | |
| "name": "AzureWebJobsStorage", | |
| "value": "[concat('DefaultEndpointsProtocol=https;AccountName=',variables('functionWebJobsStorageAccountName'),';AccountKey=',listkeys(resourceId('Microsoft.Storage/storageAccounts', variables('functionWebJobsStorageAccountName')), '2018-11-01').keys[0].value,';')]" | |
| }, | |
| { | |
| "name": "FUNCTIONS_EXTENSION_VERSION", | |
| "value": "~3" | |
| }, | |
| { | |
| "name": "FUNCTIONS_WORKER_RUNTIME", | |
| "value": "dotnet" | |
| }, | |
| { | |
| "name": "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING", | |
| "value": "[concat('DefaultEndpointsProtocol=https;AccountName=',variables('functionWebJobsStorageAccountName'),';AccountKey=',listkeys(resourceId('Microsoft.Storage/storageAccounts', variables('functionWebJobsStorageAccountName')), '2018-11-01').keys[0].value,';')]" | |
| }, | |
| { | |
| "name": "WEBSITE_CONTENTSHARE", | |
| "value": "myfunctionfiles" | |
| }, | |
| { | |
| "name": "WEBSITE_DNS_SERVER", | |
| "value": "168.63.129.16" | |
| }, | |
| { | |
| "name": "WEBSITE_CONTENTOVERVNET", | |
| "value": "1" | |
| }, | |
| { | |
| "name": "WEBSITE_VNET_ROUTE_ALL", | |
| "value": "1" | |
| }, | |
| { | |
| "name": "CensusResultsAzureStorageConnection", | |
| "value": "[concat('DefaultEndpointsProtocol=https;AccountName=',variables('censusDataStorageAccountName'),';AccountKey=',listkeys(resourceId('Microsoft.Storage/storageAccounts', variables('censusDataStorageAccountName')), '2018-11-01').keys[0].value,';')]" | |
| }, | |
| { | |
| "name": "ContainerName", | |
| "value": "[parameters('blobContainerName')]" | |
| }, | |
| { | |
| "name": "CosmosDbName", | |
| "value": "[parameters('cosmosDbDatabaseName')]" | |
| }, | |
| { | |
| "name": "CosmosDbCollectionName", | |
| "value": "[parameters('cosmosDbContainerName')]" | |
| }, | |
| { | |
| "name": "CosmosDBConnection", | |
| "value": "[listConnectionStrings(resourceId('Microsoft.DocumentDB/databaseAccounts', variables('privateCosmosDbAccountName')), '2019-12-12').connectionStrings[0].connectionString]" | |
| }, | |
| { | |
| "name": "Project", | |
| "value": "src" | |
| } | |
| ] | |
| } | |
| }, | |
| "resources": [ | |
| { | |
| "type": "networkConfig", | |
| "apiVersion": "2019-08-01", | |
| "name": "virtualNetwork", | |
| "dependsOn": [ | |
| "[concat('Microsoft.Web/sites/', variables('functionAppName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "subnetResourceId": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('functionsSubnetName'))]", | |
| "isSwift": true | |
| } | |
| }, | |
| { | |
| "condition": "[parameters('deploySourceCode')]", | |
| "type": "sourcecontrols", | |
| "apiVersion": "2019-08-01", | |
| "name": "web", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Web/sites', variables('functionAppName'))]" | |
| ], | |
| "properties": { | |
| "RepoUrl": "[parameters('function_repo_url')]", | |
| "branch": "master", | |
| "IsManualIntegration": true | |
| } | |
| }, | |
| { | |
| "type": "config", | |
| "name": "web", | |
| "apiVersion": "2019-08-01", | |
| "dependsOn": [ | |
| "[resourceId('Microsoft.Web/sites', variables('functionAppName'))]", | |
| "[resourceId('Microsoft.Network/virtualNetworks', variables('vnetName'))]" | |
| ], | |
| "properties": { | |
| "functionsRuntimeScaleMonitoringEnabled": true | |
| } | |
| } | |
| ] | |
| } | |
| ], | |
| "outputs": { | |
| } | |
| } |