{ "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "bastionHosts_bas_odms_maintenance_name": { "type": "String" }, "networkInterfaces_vm_odms_deploy_maintenance759_name": { "type": "String" }, "networkInterfaces_vm_odms_maintenance600_name": { "type": "String" }, "networkInterfaces_vm_odms_prod_maintenance7_name": { "type": "String" }, "networkInterfaces_vm_odms_staging_maintenance158_name": { "type": "String" }, "networkSecurityGroups_nsg_odms_bas_maintenance_name": { "type": "String" }, "networkSecurityGroups_nsg_odms_deploy_maintenance_name": { "type": "String" }, "networkSecurityGroups_nsg_odms_vm_maintenance_name": { "type": "String" }, "privateDnsZones_privatelink_azurecr_io_name": { "type": "String" }, "privateDnsZones_privatelink_blob_core_windows_net_name": { "type": "String" }, "privateEndpoints_pep_odms_bastion_maintenance_name": { "type": "String" }, "privateEndpoints_pep_odms_registry_maintenance_name": { "type": "String" }, "publicIPAddresses_vm_odms_staging_maintenance_ip_name": { "type": "String" }, "publicIPAddresses_vnet_odms_network_maintenance_ip_name": { "type": "String" }, "registries_crOdmsRegistryMaintenance_name": { "type": "String" }, "schedules_shutdown_computevm_vm_odms_maintenance_name": { "type": "String" }, "schedules_shutdown_computevm_vm_odms_prod_maintenance_name": { "type": "String" }, "schedules_shutdown_computevm_vm_odms_staging_maintenance_name": { "type": "String" }, "sshPublicKeys_vm_odms_deploy_maintenance_key_0720_name": { "type": "String" }, "storageAccounts_saodmscloudshell_name": { "type": "String" }, "storageAccounts_saomdsbastion_name": { "type": "String" }, "storageAccounts_saomdspipeline_name": { "type": "String" }, "userAssignedIdentities_id_odms_deploy_stg_name": { "type": "String" }, "virtualMachines_vm_odms_deploy_maintenance_name": { "type": "String" }, "virtualMachines_vm_odms_maintenance_name": { "type": "String" }, "virtualMachines_vm_odms_prod_maintenance_name": { "type": "String" }, "virtualMachines_vm_odms_staging_maintenance_name": { "type": "String" }, "virtualNetworks_vnet_odms_network_dev_externalid": { "type": "String" }, "virtualNetworks_vnet_odms_network_maintenance_name": { "type": "String" }, "virtualNetworks_vnet_odms_network_prod_externalid": { "type": "String" }, "virtualNetworks_vnet_odms_network_stg_externalid": { "type": "String" }, "webhooks_webappappodmsdictationprod_serviceUri": { "type": "SecureString" }, "webhooks_webappappodmsdictationtest_serviceUri": { "type": "SecureString" }, "webhooks_webappfuncodmsdictationstg_serviceUri": { "type": "SecureString" }, "webhooks_webhookOdmsDictationDev_serviceUri": { "type": "SecureString" }, "webhooks_webhookOdmsDictationFunctionDev_serviceUri": { "type": "SecureString" }, "webhooks_webhookOdmsDictationFunctionStg_serviceUri": { "type": "SecureString" }, "webhooks_webhookOdmsDictationStg_serviceUri": { "type": "SecureString" } }, "resources": [ { "apiVersion": "2023-03-01", "location": "japaneast", "name": "[parameters('sshPublicKeys_vm_odms_deploy_maintenance_key_0720_name')]", "properties": { "publicKey": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQHikRMWS6PAEmjEAiYHgwnufRHsWDWxyIPYDr0RrHXzOdGT+7T3eCgZvuvggGZQkdssziqOLCa2BaA162091/o1JCta8fgfXwl4uFd/j5FNnXH9+f6I6ShwM3cKThd7FYUKZXD6OidudZyMYUNE49bv42GRG1vwNCPpoYF49dfyiWoFqYCd+Mtd5K6VPoA8d/n7o86eS2Ue33Z5HdyPP79ZJbrBquKrQBwCWFSyFkhC1rnaU+m2zMJ8M/+lf/W1cKsQJDMSfYzuu6CUdNHtJ6c+q8CNJJqbBX7QVc34AlR4vBc+dNMyGF+h6i6jU/eNToRrWZqEPfWvEaZQledmeITW5FAYaoCAlCW4r9u+iCKf3ifOMNDcaV+0Bxhni2mX8HrGzlzN3h7nxGzG0oGuvoTIxuAjq9+pY3tn3u2jcNUztEAL9x4Idg0uUom5dFxMN1K42KdttFKnhuWsKJMHe/o1tDPNrWnQ47Yr/jw9k4YTUkBfpHu8zBJS7uErhOyAk= generated-by-azure" }, "tags": { "Project": "OMDS", "environment": "maintenance", "ms-resource-usage": "pipeline-self-hosted-agent" }, "type": "Microsoft.Compute/sshPublicKeys" }, { "apiVersion": "2023-08-01-preview", "location": "japaneast", "name": "[parameters('registries_crOdmsRegistryMaintenance_name')]", "properties": { "adminUserEnabled": true, "anonymousPullEnabled": false, "dataEndpointEnabled": false, "encryption": { "status": "disabled" }, "networkRuleBypassOptions": "AzureServices", "networkRuleSet": { "defaultAction": "Deny", "ipRules": [ { "action": "Allow", "value": "180.39.76.100" }, { "action": "Allow", "value": "20.194.200.91" }, { "action": "Allow", "value": "60.65.231.128" } ] }, "policies": { "azureADAuthenticationAsArmPolicy": { "status": "enabled" }, "exportPolicy": { "status": "enabled" }, "quarantinePolicy": { "status": "disabled" }, "retentionPolicy": { "days": 7, "status": "disabled" }, "softDeletePolicy": { "retentionDays": 7, "status": "disabled" }, "trustPolicy": { "status": "disabled", "type": "Notary" } }, "publicNetworkAccess": "Enabled", "zoneRedundancy": "Disabled" }, "sku": { "name": "Premium", "tier": "Premium" }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.ContainerRegistry/registries" }, { "apiVersion": "2023-01-31", "location": "japaneast", "name": "[parameters('userAssignedIdentities_id_odms_deploy_stg_name')]", "tags": { "Environment": "production", "Project": "ODMS" }, "type": "Microsoft.ManagedIdentity/userAssignedIdentities" }, { "apiVersion": "2023-05-01", "location": "japaneast", "name": "[parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name')]", "properties": { "securityRules": [ { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowGatewayManagerHTTPSInbound')]", "name": "AllowGatewayManagerHTTPSInbound", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 100, "protocol": "TCP", "sourceAddressPrefix": "GatewayManager", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowAzureLoadBalancerHTTPSInbound')]", "name": "AllowAzureLoadBalancerHTTPSInbound", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 110, "protocol": "TCP", "sourceAddressPrefix": "AzureLoadBalancer", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowBastionHostCommunicationInbound')]", "name": "AllowBastionHostCommunicationInbound", "properties": { "access": "Allow", "destinationAddressPrefix": "VirtualNetwork", "destinationAddressPrefixes": [], "destinationPortRanges": [ "8080", "5701" ], "direction": "Inbound", "priority": 120, "protocol": "*", "sourceAddressPrefix": "VirtualNetwork", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'DenyAnyCustomAnyInbound')]", "name": "DenyAnyCustomAnyInbound", "properties": { "access": "Deny", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "*", "destinationPortRanges": [], "direction": "Inbound", "priority": 4096, "protocol": "*", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowSSH-RDPOutbound')]", "name": "AllowSSH-RDPOutbound", "properties": { "access": "Allow", "destinationAddressPrefix": "VirtualNetwork", "destinationAddressPrefixes": [], "destinationPortRanges": [ "22", "3389" ], "direction": "Outbound", "priority": 100, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowAzureCloudHTTPSOutbound')]", "name": "AllowAzureCloudHTTPSOutbound", "properties": { "access": "Allow", "destinationAddressPrefix": "AzureCloud", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 110, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowSessionInfo')]", "name": "AllowSessionInfo", "properties": { "access": "Allow", "destinationAddressPrefix": "Internet", "destinationAddressPrefixes": [], "destinationPortRange": "80", "destinationPortRanges": [], "direction": "Outbound", "priority": 120, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowBastionHostCommunicationOutBound')]", "name": "AllowBastionHostCommunicationOutBound", "properties": { "access": "Allow", "destinationAddressPrefix": "VirtualNetwork", "destinationAddressPrefixes": [], "destinationPortRanges": [ "8080", "5701" ], "direction": "Outbound", "priority": 130, "protocol": "*", "sourceAddressPrefix": "VirtualNetwork", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-saito.k-HTTPSInbound')]", "name": "AllowMyIpAddress-saito.k-HTTPSInbound", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 130, "protocol": "TCP", "sourceAddressPrefix": "220.215.248.24", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-okuzawa-HTTPSInbound')]", "name": "AllowMyIpAddress-okuzawa-HTTPSInbound", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 140, "protocol": "TCP", "sourceAddressPrefix": "211.125.140.0/24", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-fukunaga-HTTPSInbound')]", "name": "AllowMyIpAddress-fukunaga-HTTPSInbound", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 150, "protocol": "TCP", "sourceAddressPrefix": "221.252.90.222", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-makabe-HTTPSInbound')]", "name": "AllowMyIpAddress-makabe-HTTPSInbound", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 160, "protocol": "TCP", "sourceAddressPrefixes": [ "60.97.55.122", "118.238.231.215" ], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-oura-HTTPSInbound')]", "name": "AllowMyIpAddress-oura-HTTPSInbound", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 200, "protocol": "TCP", "sourceAddressPrefix": "60.65.231.128", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddressHTTPSInbound-sunamoto')]", "name": "AllowMyIpAddressHTTPSInbound-sunamoto", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 201, "protocol": "TCP", "sourceAddressPrefix": "122.210.18.114", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-maruyama-HTTPSInbound')]", "name": "AllowMyIpAddress-maruyama-HTTPSInbound", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 202, "protocol": "TCP", "sourceAddressPrefix": "61.87.49.72", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-yumoto-HTTPSInbound')]", "name": "AllowMyIpAddress-yumoto-HTTPSInbound", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 131, "protocol": "TCP", "sourceAddressPrefix": "180.39.76.100", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-iwata-HTTPSInbound')]", "name": "AllowMyIpAddress-iwata-HTTPSInbound", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 203, "protocol": "TCP", "sourceAddressPrefix": "126.12.45.45", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" } ] }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Network/networkSecurityGroups" }, { "apiVersion": "2023-05-01", "location": "japaneast", "name": "[parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name')]", "properties": { "securityRules": [ { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'), 'DenyAllInbound')]", "name": "DenyAllInbound", "properties": { "access": "Deny", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "*", "destinationPortRanges": [], "direction": "Inbound", "priority": 4096, "protocol": "*", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" } ] }, "tags": { "Project": "OMDS", "environment": "maintenance", "ms-resource-usage": "pipeline-self-hosted-agent" }, "type": "Microsoft.Network/networkSecurityGroups" }, { "apiVersion": "2023-05-01", "location": "japaneast", "name": "[parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name')]", "properties": { "securityRules": [ { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowCidrBlockRDPInbound')]", "name": "AllowCidrBlockRDPInbound", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "3389", "destinationPortRanges": [], "direction": "Inbound", "priority": 1001, "protocol": "TCP", "sourceAddressPrefix": "10.0.1.0/26", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'DenyAnyCustomAnyInbound')]", "name": "DenyAnyCustomAnyInbound", "properties": { "access": "Deny", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "*", "destinationPortRanges": [], "direction": "Inbound", "priority": 4096, "protocol": "*", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'DenyCidrBlockCustom4443Outbound')]", "name": "DenyCidrBlockCustom4443Outbound", "properties": { "access": "Deny", "description": "staging踏み台からdev環境へのアクセスを禁止", "destinationAddressPrefix": "10.1.0.10", "destinationAddressPrefixes": [], "destinationPortRange": "4443", "destinationPortRanges": [], "direction": "Outbound", "priority": 100, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.5", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'DenyCidrBlockCustom4443Outbound_DevToStg')]", "name": "DenyCidrBlockCustom4443Outbound_DevToStg", "properties": { "access": "Deny", "description": "dev踏み台からstaging環境へのアクセスを禁止", "destinationAddressPrefix": "10.2.0.10", "destinationAddressPrefixes": [], "destinationPortRange": "4443", "destinationPortRanges": [], "direction": "Outbound", "priority": 101, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.4", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowDevAppOutbound')]", "name": "AllowDevAppOutbound", "properties": { "access": "Allow", "description": "Dev踏み台からDev環境へのアクセスを許可", "destinationAddressPrefix": "10.1.0.10", "destinationAddressPrefixes": [], "destinationPortRange": "4443", "destinationPortRanges": [], "direction": "Outbound", "priority": 102, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.4", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowStgAppOutbound')]", "name": "AllowStgAppOutbound", "properties": { "access": "Allow", "description": "STG踏み台からSTG環境へのアクセスを許可", "destinationAddressPrefix": "10.2.0.10", "destinationAddressPrefixes": [], "destinationPortRange": "4443", "destinationPortRanges": [], "direction": "Outbound", "priority": 103, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.5", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowDevHTTPSOutbound')]", "name": "AllowDevHTTPSOutbound", "properties": { "access": "Allow", "destinationAddressPrefix": "AzureActiveDirectory", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 106, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.4", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowStgHTTPSOutbound')]", "name": "AllowStgHTTPSOutbound", "properties": { "access": "Allow", "destinationAddressPrefix": "AzureActiveDirectory", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 107, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.5", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowAnyMySQLOutbound')]", "name": "AllowAnyMySQLOutbound", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "3306", "destinationPortRanges": [], "direction": "Outbound", "priority": 108, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowStorageAccountEastUSOutbound')]", "name": "AllowStorageAccountEastUSOutbound", "properties": { "access": "Allow", "description": "US用のStorageAccountへのアクセスを許可する", "destinationAddressPrefix": "Storage.EastUS", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 109, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowStorageAccountNorthEuropeOutbound')]", "name": "AllowStorageAccountNorthEuropeOutbound", "properties": { "access": "Allow", "description": "EU用のStorageAccountへのアクセスを許可する", "destinationAddressPrefix": "Storage.NorthEurope", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 110, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowStorageAccountAustraliaEastOutbound')]", "name": "AllowStorageAccountAustraliaEastOutbound", "properties": { "access": "Allow", "description": "AU用のStorageAccountへのアクセスを許可する", "destinationAddressPrefix": "Storage.AustraliaEast", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 111, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'DenyAllOutbound')]", "name": "DenyAllOutbound", "properties": { "access": "Deny", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "*", "destinationPortRanges": [], "direction": "Outbound", "priority": 4096, "protocol": "*", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowToolInstallerStorageOutbound')]", "name": "AllowToolInstallerStorageOutbound", "properties": { "access": "Allow", "destinationAddressPrefix": "10.0.2.7", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 1001, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.0/24", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowProdBastionToRedisOutbound')]", "name": "AllowProdBastionToRedisOutbound", "properties": { "access": "Allow", "description": "本番環境踏み台PCから本番環境Redisへのoutbound", "destinationAddressPrefix": "10.3.1.4", "destinationAddressPrefixes": [], "destinationPortRange": "6380", "destinationPortRanges": [], "direction": "Outbound", "priority": 122, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.6", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowDevBastionToRedisOutbound')]", "name": "AllowDevBastionToRedisOutbound", "properties": { "access": "Allow", "description": "DEV環境踏み台PCからDEV環境Redisへのoutbound", "destinationAddressPrefix": "10.1.1.7", "destinationAddressPrefixes": [], "destinationPortRange": "6380", "destinationPortRanges": [], "direction": "Outbound", "priority": 120, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.4", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowStgBastionToRedisOutbound')]", "name": "AllowStgBastionToRedisOutbound", "properties": { "access": "Allow", "description": "STG環境踏み台PCからSTG環境Redisへのoutbound", "destinationAddressPrefix": "10.2.1.7", "destinationAddressPrefixes": [], "destinationPortRange": "6380", "destinationPortRanges": [], "direction": "Outbound", "priority": 121, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.5", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowProdHTTPSOutbound')]", "name": "AllowProdHTTPSOutbound", "properties": { "access": "Allow", "destinationAddressPrefix": "AzureActiveDirectory", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 112, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.6", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowProdAppOutbound')]", "name": "AllowProdAppOutbound", "properties": { "access": "Allow", "description": "PROD踏み台からPROD環境へのアクセスを許可", "destinationAddressPrefix": "10.3.0.10", "destinationAddressPrefixes": [], "destinationPortRange": "4443", "destinationPortRanges": [], "direction": "Outbound", "priority": 113, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.6", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" } ] }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Network/networkSecurityGroups" }, { "apiVersion": "2018-09-01", "location": "global", "name": "[parameters('privateDnsZones_privatelink_azurecr_io_name')]", "properties": { "maxNumberOfRecordSets": 25000, "maxNumberOfVirtualNetworkLinks": 1000, "maxNumberOfVirtualNetworkLinksWithRegistration": 100, "numberOfRecordSets": 3, "numberOfVirtualNetworkLinks": 4, "numberOfVirtualNetworkLinksWithRegistration": 0, "provisioningState": "Succeeded" }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Network/privateDnsZones" }, { "apiVersion": "2018-09-01", "location": "global", "name": "[parameters('privateDnsZones_privatelink_blob_core_windows_net_name')]", "properties": { "maxNumberOfRecordSets": 25000, "maxNumberOfVirtualNetworkLinks": 1000, "maxNumberOfVirtualNetworkLinksWithRegistration": 100, "numberOfRecordSets": 2, "numberOfVirtualNetworkLinks": 1, "numberOfVirtualNetworkLinksWithRegistration": 0, "provisioningState": "Succeeded" }, "type": "Microsoft.Network/privateDnsZones" }, { "apiVersion": "2023-05-01", "location": "japaneast", "name": "[parameters('publicIPAddresses_vm_odms_staging_maintenance_ip_name')]", "properties": { "idleTimeoutInMinutes": 4, "ipAddress": "20.243.50.100", "ipTags": [], "publicIPAddressVersion": "IPv4", "publicIPAllocationMethod": "Static" }, "sku": { "name": "Standard", "tier": "Regional" }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Network/publicIPAddresses" }, { "apiVersion": "2023-05-01", "location": "japaneast", "name": "[parameters('publicIPAddresses_vnet_odms_network_maintenance_ip_name')]", "properties": { "idleTimeoutInMinutes": 4, "ipAddress": "20.63.184.157", "ipTags": [], "publicIPAddressVersion": "IPv4", "publicIPAllocationMethod": "Static" }, "sku": { "name": "Standard", "tier": "Regional" }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Network/publicIPAddresses" }, { "apiVersion": "2023-01-01", "kind": "StorageV2", "location": "japaneast", "name": "[parameters('storageAccounts_saodmscloudshell_name')]", "properties": { "accessTier": "Hot", "allowBlobPublicAccess": false, "encryption": { "keySource": "Microsoft.Storage", "services": { "blob": { "enabled": true, "keyType": "Account" }, "file": { "enabled": true, "keyType": "Account" } } }, "minimumTlsVersion": "TLS1_2", "networkAcls": { "bypass": "AzureServices", "defaultAction": "Allow", "ipRules": [], "virtualNetworkRules": [] }, "supportsHttpsTrafficOnly": true }, "sku": { "name": "Standard_LRS", "tier": "Standard" }, "tags": { "ms-resource-usage": "azure-cloud-shell" }, "type": "Microsoft.Storage/storageAccounts" }, { "apiVersion": "2023-01-01", "kind": "StorageV2", "location": "japaneast", "name": "[parameters('storageAccounts_saomdsbastion_name')]", "properties": { "accessTier": "Hot", "allowBlobPublicAccess": false, "allowCrossTenantReplication": false, "allowSharedKeyAccess": true, "defaultToOAuthAuthentication": false, "dnsEndpointType": "Standard", "encryption": { "keySource": "Microsoft.Storage", "requireInfrastructureEncryption": true, "services": { "blob": { "enabled": true, "keyType": "Account" }, "file": { "enabled": true, "keyType": "Account" } } }, "minimumTlsVersion": "TLS1_2", "networkAcls": { "bypass": "AzureServices", "defaultAction": "Deny", "ipRules": [ { "action": "Allow", "value": "180.39.76.100" } ], "resourceAccessRules": [], "virtualNetworkRules": [] }, "publicNetworkAccess": "Enabled", "supportsHttpsTrafficOnly": true }, "sku": { "name": "Standard_LRS", "tier": "Standard" }, "tags": { "Environment": "maintenance", "Project": "ODMS" }, "type": "Microsoft.Storage/storageAccounts" }, { "apiVersion": "2023-01-01", "kind": "StorageV2", "location": "japaneast", "name": "[parameters('storageAccounts_saomdspipeline_name')]", "properties": { "accessTier": "Hot", "allowBlobPublicAccess": true, "allowCrossTenantReplication": true, "allowSharedKeyAccess": true, "defaultToOAuthAuthentication": false, "dnsEndpointType": "Standard", "encryption": { "keySource": "Microsoft.Storage", "requireInfrastructureEncryption": false, "services": { "blob": { "enabled": true, "keyType": "Account" }, "file": { "enabled": true, "keyType": "Account" } } }, "minimumTlsVersion": "TLS1_2", "networkAcls": { "bypass": "AzureServices", "defaultAction": "Allow", "ipRules": [], "virtualNetworkRules": [] }, "publicNetworkAccess": "Enabled", "supportsHttpsTrafficOnly": true }, "sku": { "name": "Standard_RAGRS", "tier": "Standard" }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Storage/storageAccounts" }, { "apiVersion": "2023-03-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance759_name'))]" ], "location": "japaneast", "name": "[parameters('virtualMachines_vm_odms_deploy_maintenance_name')]", "properties": { "diagnosticsProfile": { "bootDiagnostics": { "enabled": true } }, "hardwareProfile": { "vmSize": "Standard_B2s" }, "networkProfile": { "networkInterfaces": [ { "id": "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance759_name'))]", "properties": { "deleteOption": "Detach" } } ] }, "osProfile": { "adminUsername": "azureuser", "allowExtensionOperations": true, "computerName": "[parameters('virtualMachines_vm_odms_deploy_maintenance_name')]", "linuxConfiguration": { "disablePasswordAuthentication": true, "enableVMAgentPlatformUpdates": false, "patchSettings": { "assessmentMode": "ImageDefault", "patchMode": "ImageDefault" }, "provisionVMAgent": true, "ssh": { "publicKeys": [ { "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQHikRMWS6PAEmjEAiYHgwnufRHsWDWxyIPYDr0RrHXzOdGT+7T3eCgZvuvggGZQkdssziqOLCa2BaA162091/o1JCta8fgfXwl4uFd/j5FNnXH9+f6I6ShwM3cKThd7FYUKZXD6OidudZyMYUNE49bv42GRG1vwNCPpoYF49dfyiWoFqYCd+Mtd5K6VPoA8d/n7o86eS2Ue33Z5HdyPP79ZJbrBquKrQBwCWFSyFkhC1rnaU+m2zMJ8M/+lf/W1cKsQJDMSfYzuu6CUdNHtJ6c+q8CNJJqbBX7QVc34AlR4vBc+dNMyGF+h6i6jU/eNToRrWZqEPfWvEaZQledmeITW5FAYaoCAlCW4r9u+iCKf3ifOMNDcaV+0Bxhni2mX8HrGzlzN3h7nxGzG0oGuvoTIxuAjq9+pY3tn3u2jcNUztEAL9x4Idg0uUom5dFxMN1K42KdttFKnhuWsKJMHe/o1tDPNrWnQ47Yr/jw9k4YTUkBfpHu8zBJS7uErhOyAk= generated-by-azure", "path": "/home/azureuser/.ssh/authorized_keys" } ] } }, "requireGuestProvisionSignal": true, "secrets": [] }, "securityProfile": { "securityType": "TrustedLaunch", "uefiSettings": { "secureBootEnabled": true, "vTpmEnabled": true } }, "storageProfile": { "dataDisks": [], "diskControllerType": "SCSI", "imageReference": { "offer": "0001-com-ubuntu-server-focal", "publisher": "canonical", "sku": "20_04-lts-gen2", "version": "latest" }, "osDisk": { "caching": "ReadWrite", "createOption": "FromImage", "deleteOption": "Delete", "diskSizeGB": 30, "managedDisk": { "id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_deploy_maintenance_name'), '_disk1_1cbaf8f9bfdf4548902316f7be8189ed'))]", "storageAccountType": "Premium_LRS" }, "name": "[concat(parameters('virtualMachines_vm_odms_deploy_maintenance_name'), '_disk1_1cbaf8f9bfdf4548902316f7be8189ed')]", "osType": "Linux" } } }, "tags": { "Project": "OMDS", "environment": "maintenance", "ms-resource-usage": "pipeline-self-hosted-agent" }, "type": "Microsoft.Compute/virtualMachines" }, { "apiVersion": "2023-03-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_maintenance600_name'))]" ], "identity": { "type": "SystemAssigned" }, "location": "japaneast", "name": "[parameters('virtualMachines_vm_odms_maintenance_name')]", "properties": { "diagnosticsProfile": { "bootDiagnostics": { "enabled": true } }, "hardwareProfile": { "vmSize": "Standard_B2s" }, "networkProfile": { "networkInterfaces": [ { "id": "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_maintenance600_name'))]", "properties": { "deleteOption": "Detach" } } ] }, "osProfile": { "adminUsername": "odmsAdmin", "allowExtensionOperations": true, "computerName": "vm-odms-mainten", "requireGuestProvisionSignal": true, "secrets": [], "windowsConfiguration": { "enableAutomaticUpdates": true, "enableVMAgentPlatformUpdates": false, "patchSettings": { "assessmentMode": "ImageDefault", "enableHotpatching": false, "patchMode": "AutomaticByOS" }, "provisionVMAgent": true } }, "storageProfile": { "dataDisks": [], "diskControllerType": "SCSI", "imageReference": { "offer": "WindowsServer", "publisher": "MicrosoftWindowsServer", "sku": "2022-datacenter-azure-edition", "version": "latest" }, "osDisk": { "caching": "ReadWrite", "createOption": "FromImage", "deleteOption": "Delete", "diskSizeGB": 127, "managedDisk": { "id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_maintenance_name'), '_OsDisk_1_fb725b02a0b34e4c997367611eeb9f2f'))]", "storageAccountType": "Premium_LRS" }, "name": "[concat(parameters('virtualMachines_vm_odms_maintenance_name'), '_OsDisk_1_fb725b02a0b34e4c997367611eeb9f2f')]", "osType": "Windows" } } }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Compute/virtualMachines" }, { "apiVersion": "2023-03-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_prod_maintenance7_name'))]" ], "location": "japaneast", "name": "[parameters('virtualMachines_vm_odms_prod_maintenance_name')]", "properties": { "diagnosticsProfile": { "bootDiagnostics": { "enabled": true } }, "hardwareProfile": { "vmSize": "Standard_B2s" }, "networkProfile": { "networkInterfaces": [ { "id": "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_prod_maintenance7_name'))]" } ] }, "osProfile": { "adminUsername": "odmsAdmin", "allowExtensionOperations": true, "computerName": "vm-odms-prod-ma", "requireGuestProvisionSignal": true, "secrets": [], "windowsConfiguration": { "enableAutomaticUpdates": true, "enableVMAgentPlatformUpdates": false, "patchSettings": { "assessmentMode": "ImageDefault", "enableHotpatching": false, "patchMode": "AutomaticByOS" }, "provisionVMAgent": true } }, "securityProfile": { "securityType": "TrustedLaunch", "uefiSettings": { "secureBootEnabled": true, "vTpmEnabled": true } }, "storageProfile": { "dataDisks": [], "diskControllerType": "SCSI", "imageReference": { "offer": "WindowsServer", "publisher": "MicrosoftWindowsServer", "sku": "2022-datacenter-azure-edition", "version": "latest" }, "osDisk": { "caching": "ReadWrite", "createOption": "FromImage", "deleteOption": "Delete", "diskSizeGB": 127, "managedDisk": { "id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_prod_maintenance_name'), '_OsDisk_1_89b0ffad76d44d57a136152577e01483'))]", "storageAccountType": "Premium_LRS" }, "name": "[concat(parameters('virtualMachines_vm_odms_prod_maintenance_name'), '_OsDisk_1_89b0ffad76d44d57a136152577e01483')]", "osType": "Windows" } } }, "tags": { "Environment": "production", "Project": "ODMS" }, "type": "Microsoft.Compute/virtualMachines" }, { "apiVersion": "2023-03-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_staging_maintenance158_name'))]" ], "location": "japaneast", "name": "[parameters('virtualMachines_vm_odms_staging_maintenance_name')]", "properties": { "diagnosticsProfile": { "bootDiagnostics": { "enabled": true } }, "hardwareProfile": { "vmSize": "Standard_B2s" }, "networkProfile": { "networkInterfaces": [ { "id": "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_staging_maintenance158_name'))]", "properties": { "deleteOption": "Delete" } } ] }, "osProfile": { "adminUsername": "odmsAdmin", "allowExtensionOperations": true, "computerName": "vm-odms-staging", "requireGuestProvisionSignal": true, "secrets": [], "windowsConfiguration": { "enableAutomaticUpdates": false, "enableVMAgentPlatformUpdates": false, "patchSettings": { "assessmentMode": "ImageDefault", "enableHotpatching": false, "patchMode": "Manual" }, "provisionVMAgent": true } }, "securityProfile": { "securityType": "TrustedLaunch", "uefiSettings": { "secureBootEnabled": false, "vTpmEnabled": false } }, "storageProfile": { "dataDisks": [], "diskControllerType": "SCSI", "imageReference": { "offer": "WindowsServer", "publisher": "MicrosoftWindowsServer", "sku": "2022-datacenter-azure-edition", "version": "latest" }, "osDisk": { "caching": "ReadWrite", "createOption": "FromImage", "deleteOption": "Delete", "diskSizeGB": 127, "managedDisk": { "id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_staging_maintenance_name'), '_OsDisk_1_903a7540b5a64475b512aedc10487661'))]", "storageAccountType": "Premium_LRS" }, "name": "[concat(parameters('virtualMachines_vm_odms_staging_maintenance_name'), '_OsDisk_1_903a7540b5a64475b512aedc10487661')]", "osType": "Windows" } } }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Compute/virtualMachines" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" ], "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/_repositories_admin')]", "properties": { "actions": [ "repositories/*/metadata/read", "repositories/*/metadata/write", "repositories/*/content/read", "repositories/*/content/write", "repositories/*/content/delete" ], "description": "Can perform all read, write and delete operations on the registry" }, "type": "Microsoft.ContainerRegistry/registries/scopeMaps" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" ], "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/_repositories_pull')]", "properties": { "actions": [ "repositories/*/content/read" ], "description": "Can pull any repository of the registry" }, "type": "Microsoft.ContainerRegistry/registries/scopeMaps" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" ], "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/_repositories_pull_metadata_read')]", "properties": { "actions": [ "repositories/*/content/read", "repositories/*/metadata/read" ], "description": "Can perform all read operations on the registry" }, "type": "Microsoft.ContainerRegistry/registries/scopeMaps" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" ], "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/_repositories_push')]", "properties": { "actions": [ "repositories/*/content/read", "repositories/*/content/write" ], "description": "Can push to any repository of the registry" }, "type": "Microsoft.ContainerRegistry/registries/scopeMaps" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" ], "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/_repositories_push_metadata_write')]", "properties": { "actions": [ "repositories/*/metadata/read", "repositories/*/metadata/write", "repositories/*/content/read", "repositories/*/content/write" ], "description": "Can perform all read and write operations on the registry" }, "type": "Microsoft.ContainerRegistry/registries/scopeMaps" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" ], "location": "japaneast", "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/webappappodmsdictationprod')]", "properties": { "actions": [ "push" ], "scope": "odmscloud/staging/dictation:latest", "serviceUri": "[parameters('webhooks_webappappodmsdictationprod_serviceUri')]", "status": "enabled" }, "type": "Microsoft.ContainerRegistry/registries/webhooks" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" ], "location": "japaneast", "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/webappappodmsdictationtest')]", "properties": { "actions": [ "push" ], "scope": "odmscloud/test/dictation:e60270d6d939b0b48b524622e2fbc91a9867334b", "serviceUri": "[parameters('webhooks_webappappodmsdictationtest_serviceUri')]", "status": "enabled" }, "type": "Microsoft.ContainerRegistry/registries/webhooks" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" ], "location": "japaneast", "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/webappfuncodmsdictationstg')]", "properties": { "actions": [ "push" ], "scope": "odmscloud/staging/dictation_function:latest", "serviceUri": "[parameters('webhooks_webappfuncodmsdictationstg_serviceUri')]", "status": "enabled" }, "type": "Microsoft.ContainerRegistry/registries/webhooks" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" ], "location": "japaneast", "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/webhookOdmsDictationDev')]", "properties": { "actions": [ "push" ], "scope": "odmscloud/dictation:latest", "serviceUri": "[parameters('webhooks_webhookOdmsDictationDev_serviceUri')]", "status": "enabled" }, "type": "Microsoft.ContainerRegistry/registries/webhooks" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" ], "location": "japaneast", "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/webhookOdmsDictationFunctionDev')]", "properties": { "actions": [ "push" ], "scope": "odmscloud/dictation_function:latest", "serviceUri": "[parameters('webhooks_webhookOdmsDictationFunctionDev_serviceUri')]", "status": "enabled" }, "type": "Microsoft.ContainerRegistry/registries/webhooks" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" ], "location": "japaneast", "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/webhookOdmsDictationFunctionStg')]", "properties": { "actions": [ "push" ], "scope": "odmscloud/staging/dictation_function:latest", "serviceUri": "[parameters('webhooks_webhookOdmsDictationFunctionStg_serviceUri')]", "status": "enabled" }, "type": "Microsoft.ContainerRegistry/registries/webhooks" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" ], "location": "japaneast", "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/webhookOdmsDictationStg')]", "properties": { "actions": [ "push" ], "scope": "odmscloud/staging/dictation:latest", "serviceUri": "[parameters('webhooks_webhookOdmsDictationStg_serviceUri')]", "status": "enabled" }, "type": "Microsoft.ContainerRegistry/registries/webhooks" }, { "apiVersion": "2018-09-15", "dependsOn": [ "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_vm_odms_maintenance_name'))]" ], "location": "japaneast", "name": "[parameters('schedules_shutdown_computevm_vm_odms_maintenance_name')]", "properties": { "dailyRecurrence": { "time": "1900" }, "notificationSettings": { "notificationLocale": "ja", "status": "Disabled", "timeInMinutes": 30 }, "status": "Enabled", "targetResourceId": "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_vm_odms_maintenance_name'))]", "taskType": "ComputeVmShutdownTask", "timeZoneId": "Tokyo Standard Time" }, "type": "microsoft.devtestlab/schedules" }, { "apiVersion": "2018-09-15", "dependsOn": [ "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_vm_odms_prod_maintenance_name'))]" ], "location": "japaneast", "name": "[parameters('schedules_shutdown_computevm_vm_odms_prod_maintenance_name')]", "properties": { "dailyRecurrence": { "time": "1900" }, "notificationSettings": { "notificationLocale": "ja", "status": "Disabled", "timeInMinutes": 30 }, "status": "Enabled", "targetResourceId": "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_vm_odms_prod_maintenance_name'))]", "taskType": "ComputeVmShutdownTask", "timeZoneId": "Tokyo Standard Time" }, "tags": { "Environment": "production", "Project": "ODMS" }, "type": "microsoft.devtestlab/schedules" }, { "apiVersion": "2018-09-15", "dependsOn": [ "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_vm_odms_staging_maintenance_name'))]" ], "location": "japaneast", "name": "[parameters('schedules_shutdown_computevm_vm_odms_staging_maintenance_name')]", "properties": { "dailyRecurrence": { "time": "1900" }, "notificationSettings": { "notificationLocale": "ja", "status": "Disabled", "timeInMinutes": 30 }, "status": "Enabled", "targetResourceId": "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_vm_odms_staging_maintenance_name'))]", "taskType": "ComputeVmShutdownTask", "timeZoneId": "Tokyo Standard Time" }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "microsoft.devtestlab/schedules" }, { "apiVersion": "2023-01-31", "dependsOn": [ "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('userAssignedIdentities_id_odms_deploy_stg_name'))]" ], "name": "[concat(parameters('userAssignedIdentities_id_odms_deploy_stg_name'), '/fd-odms-deploy-stg')]", "properties": { "audiences": [ "api://AzureADTokenExchange" ], "issuer": "https://vstoken.dev.azure.com/bdb09083-1a6f-492a-bbd6-98e64884add5", "subject": "sc://ODMSCloud/ODMS Cloud/omds-service-connection-stg" }, "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-deploy-maintenance')]" ], "kind": "Regular", "location": "japaneast", "name": "[parameters('networkInterfaces_vm_odms_deploy_maintenance759_name')]", "properties": { "auxiliaryMode": "None", "auxiliarySku": "None", "disableTcpStateTracking": false, "dnsSettings": { "dnsServers": [] }, "enableAcceleratedNetworking": false, "enableIPForwarding": false, "ipConfigurations": [ { "etag": "W/\"3b03eaab-5c17-48b0-a1ec-ee189ad93648\"", "id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance759_name')), '/ipConfigurations/ipconfig1')]", "name": "ipconfig1", "properties": { "primary": true, "privateIPAddress": "10.0.4.4", "privateIPAddressVersion": "IPv4", "privateIPAllocationMethod": "Dynamic", "provisioningState": "Succeeded", "subnet": { "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-deploy-maintenance')]" } }, "type": "Microsoft.Network/networkInterfaces/ipConfigurations" } ], "nicType": "Standard" }, "tags": { "Project": "OMDS", "environment": "maintenance", "ms-resource-usage": "pipeline-self-hosted-agent" }, "type": "Microsoft.Network/networkInterfaces" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]" ], "kind": "Regular", "location": "japaneast", "name": "[parameters('networkInterfaces_vm_odms_maintenance600_name')]", "properties": { "auxiliaryMode": "None", "auxiliarySku": "None", "disableTcpStateTracking": false, "dnsSettings": { "dnsServers": [] }, "enableAcceleratedNetworking": false, "enableIPForwarding": false, "ipConfigurations": [ { "etag": "W/\"0d30768f-b7ba-4129-bea1-edda57803956\"", "id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_maintenance600_name')), '/ipConfigurations/ipconfig1')]", "name": "ipconfig1", "properties": { "primary": true, "privateIPAddress": "10.0.2.4", "privateIPAddressVersion": "IPv4", "privateIPAllocationMethod": "Dynamic", "provisioningState": "Succeeded", "subnet": { "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]" } }, "type": "Microsoft.Network/networkInterfaces/ipConfigurations" } ], "nicType": "Standard" }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Network/networkInterfaces" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]" ], "kind": "Regular", "location": "japaneast", "name": "[parameters('networkInterfaces_vm_odms_prod_maintenance7_name')]", "properties": { "auxiliaryMode": "None", "auxiliarySku": "None", "disableTcpStateTracking": false, "dnsSettings": { "dnsServers": [] }, "enableAcceleratedNetworking": false, "enableIPForwarding": false, "ipConfigurations": [ { "etag": "W/\"8f072b45-c919-4b7f-b253-4cd79d118c09\"", "id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_prod_maintenance7_name')), '/ipConfigurations/ipconfig1')]", "name": "ipconfig1", "properties": { "primary": true, "privateIPAddress": "10.0.2.6", "privateIPAddressVersion": "IPv4", "privateIPAllocationMethod": "Dynamic", "provisioningState": "Succeeded", "subnet": { "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]" } }, "type": "Microsoft.Network/networkInterfaces/ipConfigurations" } ], "nicType": "Standard" }, "tags": { "Environment": "production", "Project": "ODMS" }, "type": "Microsoft.Network/networkInterfaces" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]" ], "kind": "Regular", "location": "japaneast", "name": "[parameters('networkInterfaces_vm_odms_staging_maintenance158_name')]", "properties": { "auxiliaryMode": "None", "auxiliarySku": "None", "disableTcpStateTracking": false, "dnsSettings": { "dnsServers": [] }, "enableAcceleratedNetworking": false, "enableIPForwarding": false, "ipConfigurations": [ { "etag": "W/\"a9e370ca-707b-4a71-bbed-32519959c35b\"", "id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_staging_maintenance158_name')), '/ipConfigurations/ipconfig1')]", "name": "ipconfig1", "properties": { "primary": true, "privateIPAddress": "10.0.2.5", "privateIPAddressVersion": "IPv4", "privateIPAllocationMethod": "Dynamic", "provisioningState": "Succeeded", "subnet": { "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]" } }, "type": "Microsoft.Network/networkInterfaces/ipConfigurations" } ], "nicType": "Standard" }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Network/networkInterfaces" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowAnyMySQLOutbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "3306", "destinationPortRanges": [], "direction": "Outbound", "priority": 108, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowAzureCloudHTTPSOutbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "AzureCloud", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 110, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowAzureLoadBalancerHTTPSInbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 110, "protocol": "TCP", "sourceAddressPrefix": "AzureLoadBalancer", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowBastionHostCommunicationInbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "VirtualNetwork", "destinationAddressPrefixes": [], "destinationPortRanges": [ "8080", "5701" ], "direction": "Inbound", "priority": 120, "protocol": "*", "sourceAddressPrefix": "VirtualNetwork", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowBastionHostCommunicationOutBound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "VirtualNetwork", "destinationAddressPrefixes": [], "destinationPortRanges": [ "8080", "5701" ], "direction": "Outbound", "priority": 130, "protocol": "*", "sourceAddressPrefix": "VirtualNetwork", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowCidrBlockRDPInbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "3389", "destinationPortRanges": [], "direction": "Inbound", "priority": 1001, "protocol": "TCP", "sourceAddressPrefix": "10.0.1.0/26", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowDevAppOutbound')]", "properties": { "access": "Allow", "description": "Dev踏み台からDev環境へのアクセスを許可", "destinationAddressPrefix": "10.1.0.10", "destinationAddressPrefixes": [], "destinationPortRange": "4443", "destinationPortRanges": [], "direction": "Outbound", "priority": 102, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.4", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowDevBastionToRedisOutbound')]", "properties": { "access": "Allow", "description": "DEV環境踏み台PCからDEV環境Redisへのoutbound", "destinationAddressPrefix": "10.1.1.7", "destinationAddressPrefixes": [], "destinationPortRange": "6380", "destinationPortRanges": [], "direction": "Outbound", "priority": 120, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.4", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowDevHTTPSOutbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "AzureActiveDirectory", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 106, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.4", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowGatewayManagerHTTPSInbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 100, "protocol": "TCP", "sourceAddressPrefix": "GatewayManager", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-fukunaga-HTTPSInbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 150, "protocol": "TCP", "sourceAddressPrefix": "221.252.90.222", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddressHTTPSInbound-sunamoto')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 201, "protocol": "TCP", "sourceAddressPrefix": "122.210.18.114", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-iwata-HTTPSInbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 203, "protocol": "TCP", "sourceAddressPrefix": "126.12.45.45", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-makabe-HTTPSInbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 160, "protocol": "TCP", "sourceAddressPrefixes": [ "60.97.55.122", "118.238.231.215" ], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-maruyama-HTTPSInbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 202, "protocol": "TCP", "sourceAddressPrefix": "61.87.49.72", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-okuzawa-HTTPSInbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 140, "protocol": "TCP", "sourceAddressPrefix": "211.125.140.0/24", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-oura-HTTPSInbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 200, "protocol": "TCP", "sourceAddressPrefix": "60.65.231.128", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-saito.k-HTTPSInbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 130, "protocol": "TCP", "sourceAddressPrefix": "220.215.248.24", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-yumoto-HTTPSInbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Inbound", "priority": 131, "protocol": "TCP", "sourceAddressPrefix": "180.39.76.100", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowProdAppOutbound')]", "properties": { "access": "Allow", "description": "PROD踏み台からPROD環境へのアクセスを許可", "destinationAddressPrefix": "10.3.0.10", "destinationAddressPrefixes": [], "destinationPortRange": "4443", "destinationPortRanges": [], "direction": "Outbound", "priority": 113, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.6", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowProdBastionToRedisOutbound')]", "properties": { "access": "Allow", "description": "本番環境踏み台PCから本番環境Redisへのoutbound", "destinationAddressPrefix": "10.3.1.4", "destinationAddressPrefixes": [], "destinationPortRange": "6380", "destinationPortRanges": [], "direction": "Outbound", "priority": 122, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.6", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowProdHTTPSOutbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "AzureActiveDirectory", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 112, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.6", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowSessionInfo')]", "properties": { "access": "Allow", "destinationAddressPrefix": "Internet", "destinationAddressPrefixes": [], "destinationPortRange": "80", "destinationPortRanges": [], "direction": "Outbound", "priority": 120, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowSSH-RDPOutbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "VirtualNetwork", "destinationAddressPrefixes": [], "destinationPortRanges": [ "22", "3389" ], "direction": "Outbound", "priority": 100, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowStgAppOutbound')]", "properties": { "access": "Allow", "description": "STG踏み台からSTG環境へのアクセスを許可", "destinationAddressPrefix": "10.2.0.10", "destinationAddressPrefixes": [], "destinationPortRange": "4443", "destinationPortRanges": [], "direction": "Outbound", "priority": 103, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.5", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowStgBastionToRedisOutbound')]", "properties": { "access": "Allow", "description": "STG環境踏み台PCからSTG環境Redisへのoutbound", "destinationAddressPrefix": "10.2.1.7", "destinationAddressPrefixes": [], "destinationPortRange": "6380", "destinationPortRanges": [], "direction": "Outbound", "priority": 121, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.5", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowStgHTTPSOutbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "AzureActiveDirectory", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 107, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.5", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowStorageAccountAustraliaEastOutbound')]", "properties": { "access": "Allow", "description": "AU用のStorageAccountへのアクセスを許可する", "destinationAddressPrefix": "Storage.AustraliaEast", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 111, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowStorageAccountEastUSOutbound')]", "properties": { "access": "Allow", "description": "US用のStorageAccountへのアクセスを許可する", "destinationAddressPrefix": "Storage.EastUS", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 109, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowStorageAccountNorthEuropeOutbound')]", "properties": { "access": "Allow", "description": "EU用のStorageAccountへのアクセスを許可する", "destinationAddressPrefix": "Storage.NorthEurope", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 110, "protocol": "TCP", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowToolInstallerStorageOutbound')]", "properties": { "access": "Allow", "destinationAddressPrefix": "10.0.2.7", "destinationAddressPrefixes": [], "destinationPortRange": "443", "destinationPortRanges": [], "direction": "Outbound", "priority": 1001, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.0/24", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'), '/DenyAllInbound')]", "properties": { "access": "Deny", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "*", "destinationPortRanges": [], "direction": "Inbound", "priority": 4096, "protocol": "*", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/DenyAllOutbound')]", "properties": { "access": "Deny", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "*", "destinationPortRanges": [], "direction": "Outbound", "priority": 4096, "protocol": "*", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/DenyAnyCustomAnyInbound')]", "properties": { "access": "Deny", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "*", "destinationPortRanges": [], "direction": "Inbound", "priority": 4096, "protocol": "*", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/DenyAnyCustomAnyInbound')]", "properties": { "access": "Deny", "destinationAddressPrefix": "*", "destinationAddressPrefixes": [], "destinationPortRange": "*", "destinationPortRanges": [], "direction": "Inbound", "priority": 4096, "protocol": "*", "sourceAddressPrefix": "*", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/DenyCidrBlockCustom4443Outbound')]", "properties": { "access": "Deny", "description": "staging踏み台からdev環境へのアクセスを禁止", "destinationAddressPrefix": "10.1.0.10", "destinationAddressPrefixes": [], "destinationPortRange": "4443", "destinationPortRanges": [], "direction": "Outbound", "priority": 100, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.5", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/DenyCidrBlockCustom4443Outbound_DevToStg')]", "properties": { "access": "Deny", "description": "dev踏み台からstaging環境へのアクセスを禁止", "destinationAddressPrefix": "10.2.0.10", "destinationAddressPrefixes": [], "destinationPortRange": "4443", "destinationPortRanges": [], "direction": "Outbound", "priority": 101, "protocol": "TCP", "sourceAddressPrefix": "10.0.2.4", "sourceAddressPrefixes": [], "sourcePortRange": "*", "sourcePortRanges": [] }, "type": "Microsoft.Network/networkSecurityGroups/securityRules" }, { "apiVersion": "2018-09-01", "dependsOn": [ "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]" ], "name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/crodmsregistrymaintenance')]", "properties": { "aRecords": [ { "ipv4Address": "10.0.0.5" } ], "metadata": { "creator": "created by private endpoint pep-odms-registry-maintenance with resource guid e9468193-6a2f-4a20-8770-b2de1c5454d2" }, "ttl": 10 }, "type": "Microsoft.Network/privateDnsZones/A" }, { "apiVersion": "2018-09-01", "dependsOn": [ "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]" ], "name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/crodmsregistrymaintenance.japaneast.data')]", "properties": { "aRecords": [ { "ipv4Address": "10.0.0.4" } ], "metadata": { "creator": "created by private endpoint pep-odms-registry-maintenance with resource guid e9468193-6a2f-4a20-8770-b2de1c5454d2" }, "ttl": 10 }, "type": "Microsoft.Network/privateDnsZones/A" }, { "apiVersion": "2018-09-01", "dependsOn": [ "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_blob_core_windows_net_name'))]" ], "name": "[concat(parameters('privateDnsZones_privatelink_blob_core_windows_net_name'), '/saomdsbastion')]", "properties": { "aRecords": [ { "ipv4Address": "10.0.2.7" } ], "ttl": 3600 }, "type": "Microsoft.Network/privateDnsZones/A" }, { "apiVersion": "2018-09-01", "dependsOn": [ "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]" ], "name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/@')]", "properties": { "soaRecord": { "email": "azureprivatedns-host.microsoft.com", "expireTime": 2419200, "host": "azureprivatedns.net", "minimumTtl": 10, "refreshTime": 3600, "retryTime": 300, "serialNumber": 1 }, "ttl": 3600 }, "type": "Microsoft.Network/privateDnsZones/SOA" }, { "apiVersion": "2018-09-01", "dependsOn": [ "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_blob_core_windows_net_name'))]" ], "name": "[concat(parameters('privateDnsZones_privatelink_blob_core_windows_net_name'), '/@')]", "properties": { "soaRecord": { "email": "azureprivatedns-host.microsoft.com", "expireTime": 2419200, "host": "azureprivatedns.net", "minimumTtl": 10, "refreshTime": 3600, "retryTime": 300, "serialNumber": 1 }, "ttl": 3600 }, "type": "Microsoft.Network/privateDnsZones/SOA" }, { "apiVersion": "2018-09-01", "dependsOn": [ "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]" ], "location": "global", "name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/link-odms-vnet-dev')]", "properties": { "registrationEnabled": false, "virtualNetwork": { "id": "[parameters('virtualNetworks_vnet_odms_network_dev_externalid')]" } }, "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks" }, { "apiVersion": "2018-09-01", "dependsOn": [ "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]" ], "location": "global", "name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/link-odms-vnet-prod')]", "properties": { "registrationEnabled": false, "virtualNetwork": { "id": "[parameters('virtualNetworks_vnet_odms_network_prod_externalid')]" } }, "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks" }, { "apiVersion": "2018-09-01", "dependsOn": [ "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]" ], "location": "global", "name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/link-odms-vnet-stg')]", "properties": { "registrationEnabled": false, "virtualNetwork": { "id": "[parameters('virtualNetworks_vnet_odms_network_stg_externalid')]" } }, "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]" ], "name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/snet-odms-acr-maintenance')]", "properties": { "addressPrefix": "10.0.0.0/24", "delegations": [], "privateEndpointNetworkPolicies": "Disabled", "privateLinkServiceNetworkPolicies": "Enabled", "serviceEndpoints": [ { "locations": [ "*" ], "service": "Microsoft.KeyVault" } ] }, "type": "Microsoft.Network/virtualNetworks/subnets" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]" ], "name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/peer-odms-dev-maintenance')]", "properties": { "allowForwardedTraffic": true, "allowGatewayTransit": false, "allowVirtualNetworkAccess": true, "doNotVerifyRemoteGateways": false, "peeringState": "Connected", "peeringSyncLevel": "FullyInSync", "remoteAddressSpace": { "addressPrefixes": [ "10.1.0.0/16" ] }, "remoteVirtualNetwork": { "id": "[parameters('virtualNetworks_vnet_odms_network_dev_externalid')]" }, "remoteVirtualNetworkAddressSpace": { "addressPrefixes": [ "10.1.0.0/16" ] }, "useRemoteGateways": false }, "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]" ], "name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/peer-odms-prod-maintenance')]", "properties": { "allowForwardedTraffic": true, "allowGatewayTransit": false, "allowVirtualNetworkAccess": true, "doNotVerifyRemoteGateways": false, "peeringState": "Connected", "peeringSyncLevel": "FullyInSync", "remoteAddressSpace": { "addressPrefixes": [ "10.3.0.0/16" ] }, "remoteVirtualNetwork": { "id": "[parameters('virtualNetworks_vnet_odms_network_prod_externalid')]" }, "remoteVirtualNetworkAddressSpace": { "addressPrefixes": [ "10.3.0.0/16" ] }, "useRemoteGateways": false }, "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]" ], "name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/peer-odms-stg-maintenance')]", "properties": { "allowForwardedTraffic": true, "allowGatewayTransit": false, "allowVirtualNetworkAccess": true, "doNotVerifyRemoteGateways": false, "peeringState": "Connected", "peeringSyncLevel": "FullyInSync", "remoteAddressSpace": { "addressPrefixes": [ "10.2.0.0/16" ] }, "remoteVirtualNetwork": { "id": "[parameters('virtualNetworks_vnet_odms_network_stg_externalid')]" }, "remoteVirtualNetworkAddressSpace": { "addressPrefixes": [ "10.2.0.0/16" ] }, "useRemoteGateways": false }, "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saodmscloudshell_name'))]" ], "name": "[concat(parameters('storageAccounts_saodmscloudshell_name'), '/default')]", "properties": { "cors": { "corsRules": [] }, "deleteRetentionPolicy": { "allowPermanentDelete": false, "enabled": false } }, "sku": { "name": "Standard_LRS", "tier": "Standard" }, "type": "Microsoft.Storage/storageAccounts/blobServices" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdsbastion_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdsbastion_name'), '/default')]", "properties": { "changeFeed": { "enabled": false }, "containerDeleteRetentionPolicy": { "days": 7, "enabled": true }, "cors": { "corsRules": [] }, "deleteRetentionPolicy": { "allowPermanentDelete": false, "days": 7, "enabled": true }, "isVersioningEnabled": true, "restorePolicy": { "enabled": false } }, "sku": { "name": "Standard_LRS", "tier": "Standard" }, "type": "Microsoft.Storage/storageAccounts/blobServices" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdspipeline_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdspipeline_name'), '/default')]", "properties": { "changeFeed": { "enabled": false }, "containerDeleteRetentionPolicy": { "days": 7, "enabled": true }, "cors": { "corsRules": [] }, "deleteRetentionPolicy": { "allowPermanentDelete": false, "days": 7, "enabled": true }, "isVersioningEnabled": false, "restorePolicy": { "enabled": false } }, "sku": { "name": "Standard_RAGRS", "tier": "Standard" }, "type": "Microsoft.Storage/storageAccounts/blobServices" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saodmscloudshell_name'))]" ], "name": "[concat(parameters('storageAccounts_saodmscloudshell_name'), '/default')]", "properties": { "cors": { "corsRules": [] }, "protocolSettings": { "smb": {} }, "shareDeleteRetentionPolicy": { "days": 7, "enabled": true } }, "sku": { "name": "Standard_LRS", "tier": "Standard" }, "type": "Microsoft.Storage/storageAccounts/fileServices" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdsbastion_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdsbastion_name'), '/default')]", "properties": { "cors": { "corsRules": [] }, "protocolSettings": { "smb": {} }, "shareDeleteRetentionPolicy": { "days": 7, "enabled": true } }, "sku": { "name": "Standard_LRS", "tier": "Standard" }, "type": "Microsoft.Storage/storageAccounts/fileServices" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdspipeline_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdspipeline_name'), '/default')]", "properties": { "cors": { "corsRules": [] }, "protocolSettings": { "smb": {} }, "shareDeleteRetentionPolicy": { "days": 7, "enabled": true } }, "sku": { "name": "Standard_RAGRS", "tier": "Standard" }, "type": "Microsoft.Storage/storageAccounts/fileServices" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdsbastion_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdsbastion_name'), '/', parameters('storageAccounts_saomdsbastion_name'), '.9d0044b4-3ec4-4ef1-9c5f-dee9d7e813fb')]", "properties": { "privateEndpoint": {}, "privateLinkServiceConnectionState": { "actionRequired": "None", "description": "Auto-Approved", "status": "Approved" }, "provisioningState": "Succeeded" }, "type": "Microsoft.Storage/storageAccounts/privateEndpointConnections" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saodmscloudshell_name'))]" ], "name": "[concat(parameters('storageAccounts_saodmscloudshell_name'), '/default')]", "properties": { "cors": { "corsRules": [] } }, "type": "Microsoft.Storage/storageAccounts/queueServices" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdsbastion_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdsbastion_name'), '/default')]", "properties": { "cors": { "corsRules": [] } }, "type": "Microsoft.Storage/storageAccounts/queueServices" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdspipeline_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdspipeline_name'), '/default')]", "properties": { "cors": { "corsRules": [] } }, "type": "Microsoft.Storage/storageAccounts/queueServices" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saodmscloudshell_name'))]" ], "name": "[concat(parameters('storageAccounts_saodmscloudshell_name'), '/default')]", "properties": { "cors": { "corsRules": [] } }, "type": "Microsoft.Storage/storageAccounts/tableServices" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdsbastion_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdsbastion_name'), '/default')]", "properties": { "cors": { "corsRules": [] } }, "type": "Microsoft.Storage/storageAccounts/tableServices" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdspipeline_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdspipeline_name'), '/default')]", "properties": { "cors": { "corsRules": [] } }, "type": "Microsoft.Storage/storageAccounts/tableServices" }, { "apiVersion": "2023-08-01-preview", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]", "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_pep_odms_registry_maintenance_name'))]" ], "name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/', parameters('registries_crOdmsRegistryMaintenance_name'), '.2929ec3b09904ec0ac913ec80e26fe7a')]", "properties": { "privateEndpoint": { "id": "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_pep_odms_registry_maintenance_name'))]" }, "privateLinkServiceConnectionState": { "description": "Auto-Approved", "status": "Approved" } }, "type": "Microsoft.ContainerRegistry/registries/privateEndpointConnections" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIPAddresses_vnet_odms_network_maintenance_ip_name'))]", "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'AzureBastionSubnet')]" ], "location": "japaneast", "name": "[parameters('bastionHosts_bas_odms_maintenance_name')]", "properties": { "disableCopyPaste": false, "dnsName": "bst-cd02e9dc-3e4a-423f-b77e-46b479c9b14d.bastion.azure.com", "enableIpConnect": false, "enableKerberos": false, "enableShareableLink": false, "enableTunneling": true, "ipConfigurations": [ { "id": "[concat(resourceId('Microsoft.Network/bastionHosts', parameters('bastionHosts_bas_odms_maintenance_name')), '/bastionHostIpConfigurations/IpConf')]", "name": "IpConf", "properties": { "privateIPAllocationMethod": "Dynamic", "publicIPAddress": { "id": "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIPAddresses_vnet_odms_network_maintenance_ip_name'))]" }, "subnet": { "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'AzureBastionSubnet')]" } } } ], "scaleUnits": 3 }, "sku": { "name": "Standard" }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Network/bastionHosts" }, { "apiVersion": "2018-09-01", "dependsOn": [ "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]", "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]" ], "location": "global", "name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/e3fkm7ajqovu6')]", "properties": { "registrationEnabled": false, "virtualNetwork": { "id": "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]" } }, "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks" }, { "apiVersion": "2018-09-01", "dependsOn": [ "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_blob_core_windows_net_name'))]", "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]" ], "location": "global", "name": "[concat(parameters('privateDnsZones_privatelink_blob_core_windows_net_name'), '/e3fkm7ajqovu6')]", "properties": { "registrationEnabled": false, "virtualNetwork": { "id": "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]" } }, "type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdsbastion_name'))]", "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]" ], "location": "japaneast", "name": "[parameters('privateEndpoints_pep_odms_bastion_maintenance_name')]", "properties": { "customDnsConfigs": [ { "fqdn": "saomdsbastion.blob.core.windows.net", "ipAddresses": [ "10.0.2.7" ] } ], "ipConfigurations": [], "manualPrivateLinkServiceConnections": [], "privateLinkServiceConnections": [ { "id": "[concat(resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_pep_odms_bastion_maintenance_name')), concat('/privateLinkServiceConnections/', parameters('privateEndpoints_pep_odms_bastion_maintenance_name'), '_ac9d69cb-cf72-4b78-8163-0d902150b027'))]", "name": "[concat(parameters('privateEndpoints_pep_odms_bastion_maintenance_name'), '_ac9d69cb-cf72-4b78-8163-0d902150b027')]", "properties": { "groupIds": [ "blob" ], "privateLinkServiceConnectionState": { "actionsRequired": "None", "description": "Auto-Approved", "status": "Approved" }, "privateLinkServiceId": "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdsbastion_name'))]" } } ], "subnet": { "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]" } }, "tags": { "Environment": "maintenance", "Project": "ODMS" }, "type": "Microsoft.Network/privateEndpoints" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]", "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-acr-maintenance')]" ], "location": "japaneast", "name": "[parameters('privateEndpoints_pep_odms_registry_maintenance_name')]", "properties": { "customDnsConfigs": [], "customNetworkInterfaceName": "[concat(parameters('privateEndpoints_pep_odms_registry_maintenance_name'), '-nic')]", "ipConfigurations": [], "manualPrivateLinkServiceConnections": [], "privateLinkServiceConnections": [ { "id": "[concat(resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_pep_odms_registry_maintenance_name')), concat('/privateLinkServiceConnections/', parameters('privateEndpoints_pep_odms_registry_maintenance_name')))]", "name": "[parameters('privateEndpoints_pep_odms_registry_maintenance_name')]", "properties": { "groupIds": [ "registry" ], "privateLinkServiceConnectionState": { "actionsRequired": "None", "description": "Auto-Approved", "status": "Approved" }, "privateLinkServiceId": "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]" } } ], "subnet": { "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-acr-maintenance')]" } }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Network/privateEndpoints" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_pep_odms_registry_maintenance_name'))]", "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]" ], "name": "[concat(parameters('privateEndpoints_pep_odms_registry_maintenance_name'), '/default')]", "properties": { "privateDnsZoneConfigs": [ { "name": "privatelink-azurecr-io", "properties": { "privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]" } } ] }, "type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]", "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" ], "name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/AzureBastionSubnet')]", "properties": { "addressPrefix": "10.0.1.0/26", "delegations": [], "networkSecurityGroup": { "id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" }, "privateEndpointNetworkPolicies": "Disabled", "privateLinkServiceNetworkPolicies": "Enabled", "serviceEndpoints": [] }, "type": "Microsoft.Network/virtualNetworks/subnets" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]", "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]" ], "name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/snet-odms-deploy-maintenance')]", "properties": { "addressPrefix": "10.0.4.0/24", "delegations": [], "networkSecurityGroup": { "id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]" }, "privateEndpointNetworkPolicies": "Disabled", "privateLinkServiceNetworkPolicies": "Enabled", "serviceEndpoints": [ { "locations": [ "*" ], "service": "Microsoft.KeyVault" } ] }, "type": "Microsoft.Network/virtualNetworks/subnets" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]", "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" ], "name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/snet-odms-vm-maintenance')]", "properties": { "addressPrefix": "10.0.2.0/24", "delegations": [], "networkSecurityGroup": { "id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" }, "privateEndpointNetworkPolicies": "Disabled", "privateLinkServiceNetworkPolicies": "Enabled", "serviceEndpoints": [] }, "type": "Microsoft.Network/virtualNetworks/subnets" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts/blobServices', parameters('storageAccounts_saomdsbastion_name'), 'default')]", "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdsbastion_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdsbastion_name'), '/default/develop')]", "properties": { "defaultEncryptionScope": "$account-encryption-key", "denyEncryptionScopeOverride": false, "immutableStorageWithVersioning": { "enabled": false }, "publicAccess": "None" }, "type": "Microsoft.Storage/storageAccounts/blobServices/containers" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts/blobServices', parameters('storageAccounts_saomdsbastion_name'), 'default')]", "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdsbastion_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdsbastion_name'), '/default/prod')]", "properties": { "defaultEncryptionScope": "$account-encryption-key", "denyEncryptionScopeOverride": false, "immutableStorageWithVersioning": { "enabled": false }, "publicAccess": "None" }, "type": "Microsoft.Storage/storageAccounts/blobServices/containers" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts/blobServices', parameters('storageAccounts_saomdspipeline_name'), 'default')]", "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdspipeline_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdspipeline_name'), '/default/production')]", "properties": { "defaultEncryptionScope": "$account-encryption-key", "denyEncryptionScopeOverride": false, "immutableStorageWithVersioning": { "enabled": false }, "publicAccess": "None" }, "type": "Microsoft.Storage/storageAccounts/blobServices/containers" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts/blobServices', parameters('storageAccounts_saomdspipeline_name'), 'default')]", "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saomdspipeline_name'))]" ], "name": "[concat(parameters('storageAccounts_saomdspipeline_name'), '/default/staging')]", "properties": { "defaultEncryptionScope": "$account-encryption-key", "denyEncryptionScopeOverride": false, "immutableStorageWithVersioning": { "enabled": false }, "publicAccess": "None" }, "type": "Microsoft.Storage/storageAccounts/blobServices/containers" }, { "apiVersion": "2023-01-01", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts/fileServices', parameters('storageAccounts_saodmscloudshell_name'), 'default')]", "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saodmscloudshell_name'))]" ], "name": "[concat(parameters('storageAccounts_saodmscloudshell_name'), '/default/sfodmscloudshell')]", "properties": { "accessTier": "TransactionOptimized", "enabledProtocols": "SMB", "shareQuota": 6 }, "type": "Microsoft.Storage/storageAccounts/fileServices/shares" }, { "apiVersion": "2023-05-01", "dependsOn": [ "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]", "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]", "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]" ], "location": "japaneast", "name": "[parameters('virtualNetworks_vnet_odms_network_maintenance_name')]", "properties": { "addressSpace": { "addressPrefixes": [ "10.0.0.0/16" ] }, "enableDdosProtection": false, "subnets": [ { "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-acr-maintenance')]", "name": "snet-odms-acr-maintenance", "properties": { "addressPrefix": "10.0.0.0/24", "delegations": [], "privateEndpointNetworkPolicies": "Disabled", "privateLinkServiceNetworkPolicies": "Enabled", "serviceEndpoints": [ { "locations": [ "*" ], "service": "Microsoft.KeyVault" } ] }, "type": "Microsoft.Network/virtualNetworks/subnets" }, { "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'AzureBastionSubnet')]", "name": "AzureBastionSubnet", "properties": { "addressPrefix": "10.0.1.0/26", "delegations": [], "networkSecurityGroup": { "id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]" }, "privateEndpointNetworkPolicies": "Disabled", "privateLinkServiceNetworkPolicies": "Enabled", "serviceEndpoints": [] }, "type": "Microsoft.Network/virtualNetworks/subnets" }, { "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]", "name": "snet-odms-vm-maintenance", "properties": { "addressPrefix": "10.0.2.0/24", "delegations": [], "networkSecurityGroup": { "id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]" }, "privateEndpointNetworkPolicies": "Disabled", "privateLinkServiceNetworkPolicies": "Enabled", "serviceEndpoints": [] }, "type": "Microsoft.Network/virtualNetworks/subnets" }, { "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-deploy-maintenance')]", "name": "snet-odms-deploy-maintenance", "properties": { "addressPrefix": "10.0.4.0/24", "delegations": [], "networkSecurityGroup": { "id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]" }, "privateEndpointNetworkPolicies": "Disabled", "privateLinkServiceNetworkPolicies": "Enabled", "serviceEndpoints": [ { "locations": [ "*" ], "service": "Microsoft.KeyVault" } ] }, "type": "Microsoft.Network/virtualNetworks/subnets" } ], "virtualNetworkPeerings": [ { "id": "[resourceId('Microsoft.Network/virtualNetworks/virtualNetworkPeerings', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'peer-odms-dev-maintenance')]", "name": "peer-odms-dev-maintenance", "properties": { "allowForwardedTraffic": true, "allowGatewayTransit": false, "allowVirtualNetworkAccess": true, "doNotVerifyRemoteGateways": false, "peeringState": "Connected", "peeringSyncLevel": "FullyInSync", "remoteAddressSpace": { "addressPrefixes": [ "10.1.0.0/16" ] }, "remoteVirtualNetwork": { "id": "[parameters('virtualNetworks_vnet_odms_network_dev_externalid')]" }, "remoteVirtualNetworkAddressSpace": { "addressPrefixes": [ "10.1.0.0/16" ] }, "useRemoteGateways": false }, "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings" }, { "id": "[resourceId('Microsoft.Network/virtualNetworks/virtualNetworkPeerings', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'peer-odms-stg-maintenance')]", "name": "peer-odms-stg-maintenance", "properties": { "allowForwardedTraffic": true, "allowGatewayTransit": false, "allowVirtualNetworkAccess": true, "doNotVerifyRemoteGateways": false, "peeringState": "Connected", "peeringSyncLevel": "FullyInSync", "remoteAddressSpace": { "addressPrefixes": [ "10.2.0.0/16" ] }, "remoteVirtualNetwork": { "id": "[parameters('virtualNetworks_vnet_odms_network_stg_externalid')]" }, "remoteVirtualNetworkAddressSpace": { "addressPrefixes": [ "10.2.0.0/16" ] }, "useRemoteGateways": false }, "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings" }, { "id": "[resourceId('Microsoft.Network/virtualNetworks/virtualNetworkPeerings', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'peer-odms-prod-maintenance')]", "name": "peer-odms-prod-maintenance", "properties": { "allowForwardedTraffic": true, "allowGatewayTransit": false, "allowVirtualNetworkAccess": true, "doNotVerifyRemoteGateways": false, "peeringState": "Connected", "peeringSyncLevel": "FullyInSync", "remoteAddressSpace": { "addressPrefixes": [ "10.3.0.0/16" ] }, "remoteVirtualNetwork": { "id": "[parameters('virtualNetworks_vnet_odms_network_prod_externalid')]" }, "remoteVirtualNetworkAddressSpace": { "addressPrefixes": [ "10.3.0.0/16" ] }, "useRemoteGateways": false }, "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings" } ] }, "tags": { "Environment": "maintenance", "Project": "OMDS" }, "type": "Microsoft.Network/virtualNetworks" } ], "variables": {} }