nik/OMDSCloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
OMDSCloud/configurations/azure/maintenance-rg.json
saito.k 4f0e4f4a74 Merged PR 262: [Sprint13-1着手]Pipelineのbuild/pushを固定IPで行えるようにする 
## 概要
[Task2109: [Sprint13-1着手]Pipelineのbuild/pushを固定IPで行えるようにする](https://paruru.nds-tyo.co.jp:8443/tfs/ReciproCollection/fa4924a4-d079-4fab-9fb5-a9a11eb205f0/_workitems/edit/2109)

- 新たに作成したリソース
  - maintenance-rg
    - vm-odms-deploy-maintenance(Pipeline実行環境のVM)
    - vm-odms-deploy-maintenance_disk1_1cbaf8f9bfdf4548902316f7be8189ed(VMのディスク)
    - nsg-odms-deploy-maintenance(VMがあるサブネットに付与したNSG)
    - vm-odms-deploy-maintenance759(VMに付与されたNIC)
    - vm-odms-deploy-maintenance_key_0720(SSH接続するために割り当てられたアクセスキー)
- 変更したリソース
  - Key Vault
    - PipelineVMがあるサブネットからのアクセスを許可する
  - nsg-odms-private-dev(DBのあるサブネットのNSG)
    - PipelineVMからのアクセスを許可する
  - Pieplineの処理

## レビューポイント
- 特にレビューしてほしい箇所
- 軽微なものや自明なものは記載不要
- 修正範囲が大きい場合などに記載
- 全体的にや仕様を満たしているか等は本当に必要な時のみ記載

## UIの変更
- Before/Afterのスクショなど
- スクショ置き場

## 動作確認状況
- deployされていることを確認

## 補足
- 相談、参考資料などがあれば
2023-07-25 08:08:38 +00:00

3052 lines
123 KiB
JSON
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"bastionHosts_bas_odms_maintenance_name": {
"type": "String"
},
"networkInterfaces_pep_odms_registry_maintenance_nic_name": {
"type": "String"
},
"networkInterfaces_vm_odms_deploy_maintenance759_name": {
"type": "String"
},
"networkInterfaces_vm_odms_maintenance600_name": {
"type": "String"
},
"networkInterfaces_vm_odms_pipeline_maintenance433_name": {
"type": "String"
},
"networkInterfaces_vm_odms_staging_maintenance158_name": {
"type": "String"
},
"networkSecurityGroups_nsg_odms_bas_maintenance_name": {
"type": "String"
},
"networkSecurityGroups_nsg_odms_deploy_maintenance_name": {
"type": "String"
},
"networkSecurityGroups_nsg_odms_pipeline_maintenance_name": {
"type": "String"
},
"networkSecurityGroups_nsg_odms_vm_maintenance_name": {
"type": "String"
},
"privateDnsZones_privatelink_azurecr_io_name": {
"type": "String"
},
"privateEndpoints_pep_odms_registry_maintenance_name": {
"type": "String"
},
"publicIPAddresses_vm_odms_staging_maintenance_ip_name": {
"type": "String"
},
"publicIPAddresses_vnet_odms_network_maintenance_ip_name": {
"type": "String"
},
"registries_crOdmsRegistryMaintenance_name": {
"type": "String"
},
"schedules_shutdown_computevm_vm_odms_maintenance_name": {
"type": "String"
},
"schedules_shutdown_computevm_vm_odms_staging_maintenance_name": {
"type": "String"
},
"sshPublicKeys_vm_odms_deploy_maintenance_key_0720_name": {
"type": "String"
},
"sshPublicKeys_vm_odms_pipeline_maintenance_key_name": {
"type": "String"
},
"storageAccounts_saodmscloudshell_name": {
"type": "String"
},
"virtualMachines_vm_odms_deploy_maintenance_name": {
"type": "String"
},
"virtualMachines_vm_odms_maintenance_name": {
"type": "String"
},
"virtualMachines_vm_odms_pipeline_maintenance_name": {
"type": "String"
},
"virtualMachines_vm_odms_staging_maintenance_name": {
"type": "String"
},
"virtualNetworks_vnet_odms_network_dev_externalid": {
"type": "String"
},
"virtualNetworks_vnet_odms_network_maintenance_name": {
"type": "String"
},
"virtualNetworks_vnet_odms_network_stg_externalid": {
"type": "String"
},
"webhooks_webhookOdmsDictationDev_serviceUri": {
"type": "SecureString"
},
"webhooks_webhookOdmsDictationStg_serviceUri": {
"type": "SecureString"
}
},
"resources": [
{
"apiVersion": "2023-03-01",
"location": "japaneast",
"name": "[parameters('sshPublicKeys_vm_odms_deploy_maintenance_key_0720_name')]",
"properties": {
"publicKey": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQHikRMWS6PAEmjEAiYHgwnufRHsWDWxyIPYDr0RrHXzOdGT+7T3eCgZvuvggGZQkdssziqOLCa2BaA162091/o1JCta8fgfXwl4uFd/j5FNnXH9+f6I6ShwM3cKThd7FYUKZXD6OidudZyMYUNE49bv42GRG1vwNCPpoYF49dfyiWoFqYCd+Mtd5K6VPoA8d/n7o86eS2Ue33Z5HdyPP79ZJbrBquKrQBwCWFSyFkhC1rnaU+m2zMJ8M/+lf/W1cKsQJDMSfYzuu6CUdNHtJ6c+q8CNJJqbBX7QVc34AlR4vBc+dNMyGF+h6i6jU/eNToRrWZqEPfWvEaZQledmeITW5FAYaoCAlCW4r9u+iCKf3ifOMNDcaV+0Bxhni2mX8HrGzlzN3h7nxGzG0oGuvoTIxuAjq9+pY3tn3u2jcNUztEAL9x4Idg0uUom5dFxMN1K42KdttFKnhuWsKJMHe/o1tDPNrWnQ47Yr/jw9k4YTUkBfpHu8zBJS7uErhOyAk= generated-by-azure"
},
"tags": {
"Project": "OMDS",
"environment": "maintenance",
"ms-resource-usage": "pipeline-self-hosted-agent"
},
"type": "Microsoft.Compute/sshPublicKeys"
},
{
"apiVersion": "2023-03-01",
"location": "japaneast",
"name": "[parameters('sshPublicKeys_vm_odms_pipeline_maintenance_key_name')]",
"properties": {
"publicKey": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCb0imUhrem2umlz2VWbspkWxIPoA/N4L5goqLBi8Wj4KH+Fnz95jeGug5aBxlCUiqtYZJJUUOeynXDOws4R0q+mRY/rbsQ02O3QiwVpSH6RWwFeR3xvXpMRJ13W3c1eMTSLOAjLwIYsV9xJDluc3ju26lgUe/WoAeuF0G7ZpceuS4Y1n5Z8ociepESttTfaYV70vgSzT+EzImUbZrHbFj3vcs1Cl9VrnQbotu0x26aVJdtYo3C8DPKXD7g+MCOVbnLqUIs2IML4EIcRAWaefhL7F766gajSwcUn//jZYo6Ei7ec4LcxJYKfRlLb4iU2+Tia2HYJ5LLkejrPImS4xdq6hCSqyKG9yUPI354gJ77tHWzVFMl4BikbjkksJ+mYNqK1KtlluVbhWRaxc5sUpwYjYlzlh05ZfgCRqwKf7k502WkK7IDt01ROEVtD5njEoH+FUlIApT2Y3LlI/y1sZuyi9alhZ5PK9VpQ46a7M/02El0WRbQgoyOTVG+y/Q9EPU= generated-by-azure"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS",
"ms-resource-usage": "pipeline-self-hosted-agent"
},
"type": "Microsoft.Compute/sshPublicKeys"
},
{
"apiVersion": "2023-01-01-preview",
"location": "japaneast",
"name": "[parameters('registries_crOdmsRegistryMaintenance_name')]",
"properties": {
"adminUserEnabled": true,
"anonymousPullEnabled": false,
"dataEndpointEnabled": false,
"encryption": {
"status": "disabled"
},
"networkRuleBypassOptions": "AzureServices",
"networkRuleSet": {
"defaultAction": "Deny",
"ipRules": [
{
"action": "Allow",
"value": "60.97.55.122"
},
{
"action": "Allow",
"value": "118.238.231.215"
},
{
"action": "Allow",
"value": "126.227.194.195"
},
{
"action": "Allow",
"value": "175.177.42.17"
},
{
"action": "Allow",
"value": "4.193.0.0/16"
},
{
"action": "Allow",
"value": "4.194.0.0/16"
},
{
"action": "Allow",
"value": "175.177.42.28"
}
]
},
"policies": {
"azureADAuthenticationAsArmPolicy": {
"status": "enabled"
},
"exportPolicy": {
"status": "enabled"
},
"quarantinePolicy": {
"status": "disabled"
},
"retentionPolicy": {
"days": 7,
"status": "disabled"
},
"softDeletePolicy": {
"retentionDays": 7,
"status": "disabled"
},
"trustPolicy": {
"status": "disabled",
"type": "Notary"
}
},
"publicNetworkAccess": "Enabled",
"zoneRedundancy": "Disabled"
},
"sku": {
"name": "Premium",
"tier": "Premium"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.ContainerRegistry/registries"
},
{
"apiVersion": "2022-11-01",
"location": "japaneast",
"name": "[parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name')]",
"properties": {
"securityRules": [
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowGatewayManagerHTTPSInbound')]",
"name": "AllowGatewayManagerHTTPSInbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 100,
"protocol": "TCP",
"sourceAddressPrefix": "GatewayManager",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowAzureLoadBalancerHTTPSInbound')]",
"name": "AllowAzureLoadBalancerHTTPSInbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 110,
"protocol": "TCP",
"sourceAddressPrefix": "AzureLoadBalancer",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowBastionHostCommunicationInbound')]",
"name": "AllowBastionHostCommunicationInbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "VirtualNetwork",
"destinationAddressPrefixes": [],
"destinationPortRanges": [
"8080",
"5701"
],
"direction": "Inbound",
"priority": 120,
"protocol": "*",
"sourceAddressPrefix": "VirtualNetwork",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'DenyAnyCustomAnyInbound')]",
"name": "DenyAnyCustomAnyInbound",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 4096,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowSSH-RDPOutbound')]",
"name": "AllowSSH-RDPOutbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "VirtualNetwork",
"destinationAddressPrefixes": [],
"destinationPortRanges": [
"22",
"3389"
],
"direction": "Outbound",
"priority": 100,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowAzureCloudHTTPSOutbound')]",
"name": "AllowAzureCloudHTTPSOutbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "AzureCloud",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 110,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowSessionInfo')]",
"name": "AllowSessionInfo",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "Internet",
"destinationAddressPrefixes": [],
"destinationPortRange": "80",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 120,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowBastionHostCommunicationOutBound')]",
"name": "AllowBastionHostCommunicationOutBound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "VirtualNetwork",
"destinationAddressPrefixes": [],
"destinationPortRanges": [
"8080",
"5701"
],
"direction": "Outbound",
"priority": 130,
"protocol": "*",
"sourceAddressPrefix": "VirtualNetwork",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-saito.k-HTTPSInbound')]",
"name": "AllowMyIpAddress-saito.k-HTTPSInbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 130,
"protocol": "TCP",
"sourceAddressPrefix": "175.177.42.29",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-okuzawa-HTTPSInbound')]",
"name": "AllowMyIpAddress-okuzawa-HTTPSInbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 140,
"protocol": "TCP",
"sourceAddressPrefix": "211.125.140.87",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-fukunaga-HTTPSInbound')]",
"name": "AllowMyIpAddress-fukunaga-HTTPSInbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 150,
"protocol": "TCP",
"sourceAddressPrefix": "221.252.90.222",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-makabe-HTTPSInbound')]",
"name": "AllowMyIpAddress-makabe-HTTPSInbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 160,
"protocol": "TCP",
"sourceAddressPrefixes": [
"60.97.55.122",
"118.238.231.215"
],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-oura-HTTPSInbound')]",
"name": "AllowMyIpAddress-oura-HTTPSInbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 200,
"protocol": "TCP",
"sourceAddressPrefix": "60.65.231.128",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddressHTTPSInbound-sunamoto')]",
"name": "AllowMyIpAddressHTTPSInbound-sunamoto",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 201,
"protocol": "TCP",
"sourceAddressPrefix": "122.210.18.114",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-maruyama-HTTPSInbound')]",
"name": "AllowMyIpAddress-maruyama-HTTPSInbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 202,
"protocol": "TCP",
"sourceAddressPrefix": "61.87.49.72",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-yumoto-HTTPSInbound')]",
"name": "AllowMyIpAddress-yumoto-HTTPSInbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 131,
"protocol": "TCP",
"sourceAddressPrefix": "153.210.243.72",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), 'AllowMyIpAddress-iwata-HTTPSInbound')]",
"name": "AllowMyIpAddress-iwata-HTTPSInbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 203,
"protocol": "TCP",
"sourceAddressPrefix": "126.74.128.188",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
}
]
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Network/networkSecurityGroups"
},
{
"apiVersion": "2022-11-01",
"location": "japaneast",
"name": "[parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name')]",
"properties": {
"securityRules": [
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'), 'DenyAllInbound')]",
"name": "DenyAllInbound",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 4096,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
}
]
},
"tags": {
"Project": "OMDS",
"environment": "maintenance",
"ms-resource-usage": "pipeline-self-hosted-agent"
},
"type": "Microsoft.Network/networkSecurityGroups"
},
{
"apiVersion": "2022-11-01",
"location": "japaneast",
"name": "[parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name')]",
"properties": {
"securityRules": [
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name'), 'DenyAllInbound')]",
"name": "DenyAllInbound",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 4096,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
}
]
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Network/networkSecurityGroups"
},
{
"apiVersion": "2022-11-01",
"location": "japaneast",
"name": "[parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name')]",
"properties": {
"securityRules": [
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowCidrBlockRDPInbound')]",
"name": "AllowCidrBlockRDPInbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "3389",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 1001,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.1.0/26",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'DenyAnyCustomAnyInbound')]",
"name": "DenyAnyCustomAnyInbound",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 4096,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'DenyCidrBlockCustom4443Outbound')]",
"name": "DenyCidrBlockCustom4443Outbound",
"properties": {
"access": "Deny",
"description": "staging<6E><67><EFBFBD>ݑ䂩<DD91><E482A9>dev<65>‹<EFBFBD><C28B>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD>֎~",
"destinationAddressPrefix": "10.1.0.10",
"destinationAddressPrefixes": [],
"destinationPortRange": "4443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 100,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.2.5",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'DenyCidrBlockCustom4443Outbound_DevToStg')]",
"name": "DenyCidrBlockCustom4443Outbound_DevToStg",
"properties": {
"access": "Deny",
"description": "dev<65><76><EFBFBD>ݑ䂩<DD91><E482A9>staging<6E>‹<EFBFBD><C28B>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD>֎~",
"destinationAddressPrefix": "10.2.0.10",
"destinationAddressPrefixes": [],
"destinationPortRange": "4443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 101,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.2.4",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowDevAppOutbound')]",
"name": "AllowDevAppOutbound",
"properties": {
"access": "Allow",
"description": "Dev<65><76><EFBFBD>ݑ䂩<DD91><E482A9>Dev<65>‹<EFBFBD><C28B>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD><EFBFBD><EFBFBD>",
"destinationAddressPrefix": "10.1.0.10",
"destinationAddressPrefixes": [],
"destinationPortRange": "4443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 102,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.2.4",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowStgAppOutbound')]",
"name": "AllowStgAppOutbound",
"properties": {
"access": "Allow",
"description": "STG<54><47><EFBFBD>ݑ䂩<DD91><E482A9>STG<54>‹<EFBFBD><C28B>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD><EFBFBD><EFBFBD>",
"destinationAddressPrefix": "10.2.0.10",
"destinationAddressPrefixes": [],
"destinationPortRange": "4443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 103,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.2.5",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowDevHTTPSOutbound')]",
"name": "AllowDevHTTPSOutbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "AzureActiveDirectory",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 106,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.2.4",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowStgHTTPSOutbound')]",
"name": "AllowStgHTTPSOutbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "AzureActiveDirectory",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 107,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.2.5",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowAnyMySQLOutbound')]",
"name": "AllowAnyMySQLOutbound",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "3306",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 108,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowStorageAccountEastUSOutbound')]",
"name": "AllowStorageAccountEastUSOutbound",
"properties": {
"access": "Allow",
"description": "US<55>p<EFBFBD><70>StorageAccount<6E>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD><EFBFBD>‚<EFBFBD><C282><EFBFBD>",
"destinationAddressPrefix": "Storage.EastUS",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 109,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowStorageAccountNorthEuropeOutbound')]",
"name": "AllowStorageAccountNorthEuropeOutbound",
"properties": {
"access": "Allow",
"description": "EU<45>p<EFBFBD><70>StorageAccount<6E>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD><EFBFBD>‚<EFBFBD><C282><EFBFBD>",
"destinationAddressPrefix": "Storage.NorthEurope",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 110,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'AllowStorageAccountAustraliaEastOutbound')]",
"name": "AllowStorageAccountAustraliaEastOutbound",
"properties": {
"access": "Allow",
"description": "AU<41>p<EFBFBD><70>StorageAccount<6E>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD><EFBFBD>‚<EFBFBD><C282><EFBFBD>",
"destinationAddressPrefix": "Storage.AustraliaEast",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 111,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"id": "[resourceId('Microsoft.Network/networkSecurityGroups/securityRules', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), 'DenyAllOutbound')]",
"name": "DenyAllOutbound",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 4096,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
}
]
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Network/networkSecurityGroups"
},
{
"apiVersion": "2018-09-01",
"location": "global",
"name": "[parameters('privateDnsZones_privatelink_azurecr_io_name')]",
"properties": {
"maxNumberOfRecordSets": 25000,
"maxNumberOfVirtualNetworkLinks": 1000,
"maxNumberOfVirtualNetworkLinksWithRegistration": 100,
"numberOfRecordSets": 3,
"numberOfVirtualNetworkLinks": 3,
"numberOfVirtualNetworkLinksWithRegistration": 0,
"provisioningState": "Succeeded"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Network/privateDnsZones"
},
{
"apiVersion": "2022-11-01",
"location": "japaneast",
"name": "[parameters('publicIPAddresses_vm_odms_staging_maintenance_ip_name')]",
"properties": {
"idleTimeoutInMinutes": 4,
"ipAddress": "20.243.50.100",
"ipTags": [],
"publicIPAddressVersion": "IPv4",
"publicIPAllocationMethod": "Static"
},
"sku": {
"name": "Standard",
"tier": "Regional"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Network/publicIPAddresses"
},
{
"apiVersion": "2022-11-01",
"location": "japaneast",
"name": "[parameters('publicIPAddresses_vnet_odms_network_maintenance_ip_name')]",
"properties": {
"idleTimeoutInMinutes": 4,
"ipAddress": "20.63.184.157",
"ipTags": [],
"publicIPAddressVersion": "IPv4",
"publicIPAllocationMethod": "Static"
},
"sku": {
"name": "Standard",
"tier": "Regional"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Network/publicIPAddresses"
},
{
"apiVersion": "2022-09-01",
"kind": "StorageV2",
"location": "japaneast",
"name": "[parameters('storageAccounts_saodmscloudshell_name')]",
"properties": {
"accessTier": "Hot",
"allowBlobPublicAccess": false,
"encryption": {
"keySource": "Microsoft.Storage",
"services": {
"blob": {
"enabled": true,
"keyType": "Account"
},
"file": {
"enabled": true,
"keyType": "Account"
}
}
},
"minimumTlsVersion": "TLS1_2",
"networkAcls": {
"bypass": "AzureServices",
"defaultAction": "Allow",
"ipRules": [],
"virtualNetworkRules": []
},
"supportsHttpsTrafficOnly": true
},
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"tags": {
"ms-resource-usage": "azure-cloud-shell"
},
"type": "Microsoft.Storage/storageAccounts"
},
{
"apiVersion": "2023-03-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance759_name'))]"
],
"location": "japaneast",
"name": "[parameters('virtualMachines_vm_odms_deploy_maintenance_name')]",
"properties": {
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true
}
},
"hardwareProfile": {
"vmSize": "Standard_B2s"
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance759_name'))]",
"properties": {
"deleteOption": "Detach"
}
}
]
},
"osProfile": {
"adminUsername": "azureuser",
"allowExtensionOperations": true,
"computerName": "[parameters('virtualMachines_vm_odms_deploy_maintenance_name')]",
"linuxConfiguration": {
"disablePasswordAuthentication": true,
"enableVMAgentPlatformUpdates": false,
"patchSettings": {
"assessmentMode": "ImageDefault",
"patchMode": "ImageDefault"
},
"provisionVMAgent": true,
"ssh": {
"publicKeys": [
{
"keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQHikRMWS6PAEmjEAiYHgwnufRHsWDWxyIPYDr0RrHXzOdGT+7T3eCgZvuvggGZQkdssziqOLCa2BaA162091/o1JCta8fgfXwl4uFd/j5FNnXH9+f6I6ShwM3cKThd7FYUKZXD6OidudZyMYUNE49bv42GRG1vwNCPpoYF49dfyiWoFqYCd+Mtd5K6VPoA8d/n7o86eS2Ue33Z5HdyPP79ZJbrBquKrQBwCWFSyFkhC1rnaU+m2zMJ8M/+lf/W1cKsQJDMSfYzuu6CUdNHtJ6c+q8CNJJqbBX7QVc34AlR4vBc+dNMyGF+h6i6jU/eNToRrWZqEPfWvEaZQledmeITW5FAYaoCAlCW4r9u+iCKf3ifOMNDcaV+0Bxhni2mX8HrGzlzN3h7nxGzG0oGuvoTIxuAjq9+pY3tn3u2jcNUztEAL9x4Idg0uUom5dFxMN1K42KdttFKnhuWsKJMHe/o1tDPNrWnQ47Yr/jw9k4YTUkBfpHu8zBJS7uErhOyAk= generated-by-azure",
"path": "/home/azureuser/.ssh/authorized_keys"
}
]
}
},
"requireGuestProvisionSignal": true,
"secrets": []
},
"securityProfile": {
"securityType": "TrustedLaunch",
"uefiSettings": {
"secureBootEnabled": true,
"vTpmEnabled": true
}
},
"storageProfile": {
"dataDisks": [],
"diskControllerType": "SCSI",
"imageReference": {
"offer": "0001-com-ubuntu-server-focal",
"publisher": "canonical",
"sku": "20_04-lts-gen2",
"version": "latest"
},
"osDisk": {
"caching": "ReadWrite",
"createOption": "FromImage",
"deleteOption": "Delete",
"diskSizeGB": 30,
"managedDisk": {
"id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_deploy_maintenance_name'), '_disk1_1cbaf8f9bfdf4548902316f7be8189ed'))]",
"storageAccountType": "Premium_LRS"
},
"name": "[concat(parameters('virtualMachines_vm_odms_deploy_maintenance_name'), '_disk1_1cbaf8f9bfdf4548902316f7be8189ed')]",
"osType": "Linux"
}
}
},
"tags": {
"Project": "OMDS",
"environment": "maintenance",
"ms-resource-usage": "pipeline-self-hosted-agent"
},
"type": "Microsoft.Compute/virtualMachines"
},
{
"apiVersion": "2023-03-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_maintenance600_name'))]"
],
"location": "japaneast",
"name": "[parameters('virtualMachines_vm_odms_maintenance_name')]",
"properties": {
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true
}
},
"hardwareProfile": {
"vmSize": "Standard_B2s"
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_maintenance600_name'))]",
"properties": {
"deleteOption": "Detach"
}
}
]
},
"osProfile": {
"adminUsername": "odmsAdmin",
"allowExtensionOperations": true,
"computerName": "vm-odms-mainten",
"requireGuestProvisionSignal": true,
"secrets": [],
"windowsConfiguration": {
"enableAutomaticUpdates": true,
"enableVMAgentPlatformUpdates": false,
"patchSettings": {
"assessmentMode": "ImageDefault",
"enableHotpatching": false,
"patchMode": "AutomaticByOS"
},
"provisionVMAgent": true
}
},
"storageProfile": {
"dataDisks": [],
"diskControllerType": "SCSI",
"imageReference": {
"offer": "WindowsServer",
"publisher": "MicrosoftWindowsServer",
"sku": "2022-datacenter-azure-edition",
"version": "latest"
},
"osDisk": {
"caching": "ReadWrite",
"createOption": "FromImage",
"deleteOption": "Delete",
"diskSizeGB": 127,
"managedDisk": {
"id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_maintenance_name'), '_OsDisk_1_fb725b02a0b34e4c997367611eeb9f2f'))]",
"storageAccountType": "Premium_LRS"
},
"name": "[concat(parameters('virtualMachines_vm_odms_maintenance_name'), '_OsDisk_1_fb725b02a0b34e4c997367611eeb9f2f')]",
"osType": "Windows"
}
}
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Compute/virtualMachines"
},
{
"apiVersion": "2023-03-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_pipeline_maintenance433_name'))]"
],
"location": "japaneast",
"name": "[parameters('virtualMachines_vm_odms_pipeline_maintenance_name')]",
"properties": {
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true
}
},
"hardwareProfile": {
"vmSize": "Standard_B1s"
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_pipeline_maintenance433_name'))]",
"properties": {
"deleteOption": "Detach"
}
}
]
},
"osProfile": {
"adminUsername": "azureuser",
"allowExtensionOperations": true,
"computerName": "[parameters('virtualMachines_vm_odms_pipeline_maintenance_name')]",
"linuxConfiguration": {
"disablePasswordAuthentication": true,
"enableVMAgentPlatformUpdates": false,
"patchSettings": {
"assessmentMode": "ImageDefault",
"patchMode": "ImageDefault"
},
"provisionVMAgent": true,
"ssh": {
"publicKeys": [
{
"keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCb0imUhrem2umlz2VWbspkWxIPoA/N4L5goqLBi8Wj4KH+Fnz95jeGug5aBxlCUiqtYZJJUUOeynXDOws4R0q+mRY/rbsQ02O3QiwVpSH6RWwFeR3xvXpMRJ13W3c1eMTSLOAjLwIYsV9xJDluc3ju26lgUe/WoAeuF0G7ZpceuS4Y1n5Z8ociepESttTfaYV70vgSzT+EzImUbZrHbFj3vcs1Cl9VrnQbotu0x26aVJdtYo3C8DPKXD7g+MCOVbnLqUIs2IML4EIcRAWaefhL7F766gajSwcUn//jZYo6Ei7ec4LcxJYKfRlLb4iU2+Tia2HYJ5LLkejrPImS4xdq6hCSqyKG9yUPI354gJ77tHWzVFMl4BikbjkksJ+mYNqK1KtlluVbhWRaxc5sUpwYjYlzlh05ZfgCRqwKf7k502WkK7IDt01ROEVtD5njEoH+FUlIApT2Y3LlI/y1sZuyi9alhZ5PK9VpQ46a7M/02El0WRbQgoyOTVG+y/Q9EPU= generated-by-azure",
"path": "/home/azureuser/.ssh/authorized_keys"
}
]
}
},
"requireGuestProvisionSignal": true,
"secrets": []
},
"securityProfile": {
"securityType": "TrustedLaunch",
"uefiSettings": {
"secureBootEnabled": true,
"vTpmEnabled": true
}
},
"storageProfile": {
"dataDisks": [],
"diskControllerType": "SCSI",
"imageReference": {
"offer": "0001-com-ubuntu-server-focal",
"publisher": "canonical",
"sku": "20_04-lts-gen2",
"version": "latest"
},
"osDisk": {
"caching": "ReadWrite",
"createOption": "FromImage",
"deleteOption": "Delete",
"diskSizeGB": 30,
"managedDisk": {
"id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_pipeline_maintenance_name'), '_OsDisk_1_44286493b6da484b851af53dcaffb460'))]",
"storageAccountType": "Premium_LRS"
},
"name": "[concat(parameters('virtualMachines_vm_odms_pipeline_maintenance_name'), '_OsDisk_1_44286493b6da484b851af53dcaffb460')]",
"osType": "Linux"
}
}
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS",
"ms-resource-usage": "pipeline-self-hosted-agent"
},
"type": "Microsoft.Compute/virtualMachines"
},
{
"apiVersion": "2023-03-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_staging_maintenance158_name'))]"
],
"location": "japaneast",
"name": "[parameters('virtualMachines_vm_odms_staging_maintenance_name')]",
"properties": {
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true
}
},
"hardwareProfile": {
"vmSize": "Standard_B2s"
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_staging_maintenance158_name'))]",
"properties": {
"deleteOption": "Delete"
}
}
]
},
"osProfile": {
"adminUsername": "odmsAdmin",
"allowExtensionOperations": true,
"computerName": "vm-odms-staging",
"requireGuestProvisionSignal": true,
"secrets": [],
"windowsConfiguration": {
"enableAutomaticUpdates": false,
"enableVMAgentPlatformUpdates": false,
"patchSettings": {
"assessmentMode": "ImageDefault",
"enableHotpatching": false,
"patchMode": "Manual"
},
"provisionVMAgent": true
}
},
"securityProfile": {
"securityType": "TrustedLaunch",
"uefiSettings": {
"secureBootEnabled": false,
"vTpmEnabled": false
}
},
"storageProfile": {
"dataDisks": [],
"diskControllerType": "SCSI",
"imageReference": {
"offer": "WindowsServer",
"publisher": "MicrosoftWindowsServer",
"sku": "2022-datacenter-azure-edition",
"version": "latest"
},
"osDisk": {
"caching": "ReadWrite",
"createOption": "FromImage",
"deleteOption": "Delete",
"diskSizeGB": 127,
"managedDisk": {
"id": "[resourceId('Microsoft.Compute/disks', concat(parameters('virtualMachines_vm_odms_staging_maintenance_name'), '_OsDisk_1_903a7540b5a64475b512aedc10487661'))]",
"storageAccountType": "Premium_LRS"
},
"name": "[concat(parameters('virtualMachines_vm_odms_staging_maintenance_name'), '_OsDisk_1_903a7540b5a64475b512aedc10487661')]",
"osType": "Windows"
}
}
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Compute/virtualMachines"
},
{
"apiVersion": "2023-01-01-preview",
"dependsOn": [
"[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]"
],
"name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/_repositories_admin')]",
"properties": {
"actions": [
"repositories/*/metadata/read",
"repositories/*/metadata/write",
"repositories/*/content/read",
"repositories/*/content/write",
"repositories/*/content/delete"
],
"description": "Can perform all read, write and delete operations on the registry"
},
"type": "Microsoft.ContainerRegistry/registries/scopeMaps"
},
{
"apiVersion": "2023-01-01-preview",
"dependsOn": [
"[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]"
],
"name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/_repositories_pull')]",
"properties": {
"actions": [
"repositories/*/content/read"
],
"description": "Can pull any repository of the registry"
},
"type": "Microsoft.ContainerRegistry/registries/scopeMaps"
},
{
"apiVersion": "2023-01-01-preview",
"dependsOn": [
"[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]"
],
"name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/_repositories_push')]",
"properties": {
"actions": [
"repositories/*/content/read",
"repositories/*/content/write"
],
"description": "Can push to any repository of the registry"
},
"type": "Microsoft.ContainerRegistry/registries/scopeMaps"
},
{
"apiVersion": "2023-01-01-preview",
"dependsOn": [
"[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]"
],
"location": "japaneast",
"name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/webhookOdmsDictationDev')]",
"properties": {
"actions": [
"push"
],
"scope": "odmscloud/dictation:latest",
"serviceUri": "[parameters('webhooks_webhookOdmsDictationDev_serviceUri')]",
"status": "enabled"
},
"type": "Microsoft.ContainerRegistry/registries/webhooks"
},
{
"apiVersion": "2023-01-01-preview",
"dependsOn": [
"[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]"
],
"location": "japaneast",
"name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/webhookOdmsDictationStg')]",
"properties": {
"actions": [
"push"
],
"scope": "odmscloud/staging/dictation:latest",
"serviceUri": "[parameters('webhooks_webhookOdmsDictationStg_serviceUri')]",
"status": "enabled"
},
"type": "Microsoft.ContainerRegistry/registries/webhooks"
},
{
"apiVersion": "2018-09-15",
"dependsOn": [
"[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_vm_odms_maintenance_name'))]"
],
"location": "japaneast",
"name": "[parameters('schedules_shutdown_computevm_vm_odms_maintenance_name')]",
"properties": {
"dailyRecurrence": {
"time": "1900"
},
"notificationSettings": {
"notificationLocale": "ja",
"status": "Disabled",
"timeInMinutes": 30
},
"status": "Enabled",
"targetResourceId": "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_vm_odms_maintenance_name'))]",
"taskType": "ComputeVmShutdownTask",
"timeZoneId": "Tokyo Standard Time"
},
"type": "microsoft.devtestlab/schedules"
},
{
"apiVersion": "2018-09-15",
"dependsOn": [
"[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_vm_odms_staging_maintenance_name'))]"
],
"location": "japaneast",
"name": "[parameters('schedules_shutdown_computevm_vm_odms_staging_maintenance_name')]",
"properties": {
"dailyRecurrence": {
"time": "1900"
},
"notificationSettings": {
"notificationLocale": "ja",
"status": "Disabled",
"timeInMinutes": 30
},
"status": "Enabled",
"targetResourceId": "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_vm_odms_staging_maintenance_name'))]",
"taskType": "ComputeVmShutdownTask",
"timeZoneId": "Tokyo Standard Time"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "microsoft.devtestlab/schedules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-acr-maintenance')]"
],
"kind": "Regular",
"location": "japaneast",
"name": "[parameters('networkInterfaces_pep_odms_registry_maintenance_nic_name')]",
"properties": {
"disableTcpStateTracking": false,
"dnsSettings": {
"dnsServers": []
},
"enableAcceleratedNetworking": false,
"enableIPForwarding": false,
"ipConfigurations": [
{
"etag": "W/\"5846ac61-2981-4606-9b38-994c8266be61\"",
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_pep_odms_registry_maintenance_nic_name')), '/ipConfigurations/privateEndpointIpConfig.e837d736-6ca6-475e-ba00-e60830a12973')]",
"name": "privateEndpointIpConfig.e837d736-6ca6-475e-ba00-e60830a12973",
"properties": {
"primary": true,
"privateIPAddress": "10.0.0.4",
"privateIPAddressVersion": "IPv4",
"privateIPAllocationMethod": "Dynamic",
"privateLinkConnectionProperties": {
"fqdns": [
"crodmsregistrymaintenance.japaneast.data.azurecr.io"
],
"groupId": "registry",
"requiredMemberName": "registry_data_japaneast"
},
"provisioningState": "Succeeded",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-acr-maintenance')]"
}
},
"type": "Microsoft.Network/networkInterfaces/ipConfigurations"
},
{
"etag": "W/\"5846ac61-2981-4606-9b38-994c8266be61\"",
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_pep_odms_registry_maintenance_nic_name')), '/ipConfigurations/privateEndpointIpConfig.6f95d8a1-fca5-4a54-8d86-5d660a9ae193')]",
"name": "privateEndpointIpConfig.6f95d8a1-fca5-4a54-8d86-5d660a9ae193",
"properties": {
"primary": false,
"privateIPAddress": "10.0.0.5",
"privateIPAddressVersion": "IPv4",
"privateIPAllocationMethod": "Dynamic",
"privateLinkConnectionProperties": {
"fqdns": [
"crodmsregistrymaintenance.azurecr.io"
],
"groupId": "registry",
"requiredMemberName": "registry"
},
"provisioningState": "Succeeded",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-acr-maintenance')]"
}
},
"type": "Microsoft.Network/networkInterfaces/ipConfigurations"
}
],
"nicType": "Standard"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-deploy-maintenance')]"
],
"kind": "Regular",
"location": "japaneast",
"name": "[parameters('networkInterfaces_vm_odms_deploy_maintenance759_name')]",
"properties": {
"disableTcpStateTracking": false,
"dnsSettings": {
"dnsServers": []
},
"enableAcceleratedNetworking": false,
"enableIPForwarding": false,
"ipConfigurations": [
{
"etag": "W/\"8b476f19-5be7-4912-b266-c571f58f54d8\"",
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_deploy_maintenance759_name')), '/ipConfigurations/ipconfig1')]",
"name": "ipconfig1",
"properties": {
"primary": true,
"privateIPAddress": "10.0.4.4",
"privateIPAddressVersion": "IPv4",
"privateIPAllocationMethod": "Dynamic",
"provisioningState": "Succeeded",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-deploy-maintenance')]"
}
},
"type": "Microsoft.Network/networkInterfaces/ipConfigurations"
}
],
"nicType": "Standard"
},
"tags": {
"Project": "OMDS",
"environment": "maintenance",
"ms-resource-usage": "pipeline-self-hosted-agent"
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]"
],
"kind": "Regular",
"location": "japaneast",
"name": "[parameters('networkInterfaces_vm_odms_maintenance600_name')]",
"properties": {
"disableTcpStateTracking": false,
"dnsSettings": {
"dnsServers": []
},
"enableAcceleratedNetworking": false,
"enableIPForwarding": false,
"ipConfigurations": [
{
"etag": "W/\"c9ca18a9-39d8-41b0-8a66-c58e6548c7f7\"",
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_maintenance600_name')), '/ipConfigurations/ipconfig1')]",
"name": "ipconfig1",
"properties": {
"primary": true,
"privateIPAddress": "10.0.2.4",
"privateIPAddressVersion": "IPv4",
"privateIPAllocationMethod": "Dynamic",
"provisioningState": "Succeeded",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]"
}
},
"type": "Microsoft.Network/networkInterfaces/ipConfigurations"
}
],
"nicType": "Standard"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-pipeline-maintenance')]"
],
"kind": "Regular",
"location": "japaneast",
"name": "[parameters('networkInterfaces_vm_odms_pipeline_maintenance433_name')]",
"properties": {
"disableTcpStateTracking": false,
"dnsSettings": {
"dnsServers": []
},
"enableAcceleratedNetworking": false,
"enableIPForwarding": false,
"ipConfigurations": [
{
"etag": "W/\"579f5ca6-b4d4-4ad0-afa0-ab28aa57d9f9\"",
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_pipeline_maintenance433_name')), '/ipConfigurations/ipconfig1')]",
"name": "ipconfig1",
"properties": {
"primary": true,
"privateIPAddress": "10.0.3.4",
"privateIPAddressVersion": "IPv4",
"privateIPAllocationMethod": "Dynamic",
"provisioningState": "Succeeded",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-pipeline-maintenance')]"
}
},
"type": "Microsoft.Network/networkInterfaces/ipConfigurations"
}
],
"nicType": "Standard"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS",
"ms-resource-usage": "pipeline-self-hosted-agent"
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]"
],
"kind": "Regular",
"location": "japaneast",
"name": "[parameters('networkInterfaces_vm_odms_staging_maintenance158_name')]",
"properties": {
"disableTcpStateTracking": false,
"dnsSettings": {
"dnsServers": []
},
"enableAcceleratedNetworking": false,
"enableIPForwarding": false,
"ipConfigurations": [
{
"etag": "W/\"b1ccd000-f216-4102-8493-ca82ec2ded02\"",
"id": "[concat(resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_vm_odms_staging_maintenance158_name')), '/ipConfigurations/ipconfig1')]",
"name": "ipconfig1",
"properties": {
"primary": true,
"privateIPAddress": "10.0.2.5",
"privateIPAddressVersion": "IPv4",
"privateIPAllocationMethod": "Dynamic",
"provisioningState": "Succeeded",
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]"
}
},
"type": "Microsoft.Network/networkInterfaces/ipConfigurations"
}
],
"nicType": "Standard"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowAnyMySQLOutbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "3306",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 108,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowAzureCloudHTTPSOutbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "AzureCloud",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 110,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowAzureLoadBalancerHTTPSInbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 110,
"protocol": "TCP",
"sourceAddressPrefix": "AzureLoadBalancer",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowBastionHostCommunicationInbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "VirtualNetwork",
"destinationAddressPrefixes": [],
"destinationPortRanges": [
"8080",
"5701"
],
"direction": "Inbound",
"priority": 120,
"protocol": "*",
"sourceAddressPrefix": "VirtualNetwork",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowBastionHostCommunicationOutBound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "VirtualNetwork",
"destinationAddressPrefixes": [],
"destinationPortRanges": [
"8080",
"5701"
],
"direction": "Outbound",
"priority": 130,
"protocol": "*",
"sourceAddressPrefix": "VirtualNetwork",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowCidrBlockRDPInbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "3389",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 1001,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.1.0/26",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowDevAppOutbound')]",
"properties": {
"access": "Allow",
"description": "Dev<65><76><EFBFBD>ݑ䂩<DD91><E482A9>Dev<65>‹<EFBFBD><C28B>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD><EFBFBD><EFBFBD>",
"destinationAddressPrefix": "10.1.0.10",
"destinationAddressPrefixes": [],
"destinationPortRange": "4443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 102,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.2.4",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowDevHTTPSOutbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "AzureActiveDirectory",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 106,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.2.4",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowGatewayManagerHTTPSInbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 100,
"protocol": "TCP",
"sourceAddressPrefix": "GatewayManager",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-fukunaga-HTTPSInbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 150,
"protocol": "TCP",
"sourceAddressPrefix": "221.252.90.222",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddressHTTPSInbound-sunamoto')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 201,
"protocol": "TCP",
"sourceAddressPrefix": "122.210.18.114",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-iwata-HTTPSInbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 203,
"protocol": "TCP",
"sourceAddressPrefix": "126.74.128.188",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-makabe-HTTPSInbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 160,
"protocol": "TCP",
"sourceAddressPrefixes": [
"60.97.55.122",
"118.238.231.215"
],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-maruyama-HTTPSInbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 202,
"protocol": "TCP",
"sourceAddressPrefix": "61.87.49.72",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-okuzawa-HTTPSInbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 140,
"protocol": "TCP",
"sourceAddressPrefix": "211.125.140.87",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-oura-HTTPSInbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 200,
"protocol": "TCP",
"sourceAddressPrefix": "60.65.231.128",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-saito.k-HTTPSInbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 130,
"protocol": "TCP",
"sourceAddressPrefix": "175.177.42.29",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowMyIpAddress-yumoto-HTTPSInbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 131,
"protocol": "TCP",
"sourceAddressPrefix": "153.210.243.72",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowSessionInfo')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "Internet",
"destinationAddressPrefixes": [],
"destinationPortRange": "80",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 120,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/AllowSSH-RDPOutbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "VirtualNetwork",
"destinationAddressPrefixes": [],
"destinationPortRanges": [
"22",
"3389"
],
"direction": "Outbound",
"priority": 100,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowStgAppOutbound')]",
"properties": {
"access": "Allow",
"description": "STG<54><47><EFBFBD>ݑ䂩<DD91><E482A9>STG<54>‹<EFBFBD><C28B>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD><EFBFBD><EFBFBD>",
"destinationAddressPrefix": "10.2.0.10",
"destinationAddressPrefixes": [],
"destinationPortRange": "4443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 103,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.2.5",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowStgHTTPSOutbound')]",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "AzureActiveDirectory",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 107,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.2.5",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowStorageAccountAustraliaEastOutbound')]",
"properties": {
"access": "Allow",
"description": "AU<41>p<EFBFBD><70>StorageAccount<6E>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD><EFBFBD>‚<EFBFBD><C282><EFBFBD>",
"destinationAddressPrefix": "Storage.AustraliaEast",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 111,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowStorageAccountEastUSOutbound')]",
"properties": {
"access": "Allow",
"description": "US<55>p<EFBFBD><70>StorageAccount<6E>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD><EFBFBD>‚<EFBFBD><C282><EFBFBD>",
"destinationAddressPrefix": "Storage.EastUS",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 109,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/AllowStorageAccountNorthEuropeOutbound')]",
"properties": {
"access": "Allow",
"description": "EU<45>p<EFBFBD><70>StorageAccount<6E>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD><EFBFBD>‚<EFBFBD><C282><EFBFBD>",
"destinationAddressPrefix": "Storage.NorthEurope",
"destinationAddressPrefixes": [],
"destinationPortRange": "443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 110,
"protocol": "TCP",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'), '/DenyAllInbound')]",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 4096,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name'), '/DenyAllInbound')]",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 4096,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/DenyAllOutbound')]",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 4096,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'), '/DenyAnyCustomAnyInbound')]",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 4096,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/DenyAnyCustomAnyInbound')]",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationAddressPrefixes": [],
"destinationPortRange": "*",
"destinationPortRanges": [],
"direction": "Inbound",
"priority": 4096,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/DenyCidrBlockCustom4443Outbound')]",
"properties": {
"access": "Deny",
"description": "staging<6E><67><EFBFBD>ݑ䂩<DD91><E482A9>dev<65>‹<EFBFBD><C28B>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD>֎~",
"destinationAddressPrefix": "10.1.0.10",
"destinationAddressPrefixes": [],
"destinationPortRange": "4443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 100,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.2.5",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'), '/DenyCidrBlockCustom4443Outbound_DevToStg')]",
"properties": {
"access": "Deny",
"description": "dev<65><76><EFBFBD>ݑ䂩<DD91><E482A9>staging<6E>‹<EFBFBD><C28B>ւ̃A<CC83>N<EFBFBD>Z<EFBFBD>X<EFBFBD><58><EFBFBD>֎~",
"destinationAddressPrefix": "10.2.0.10",
"destinationAddressPrefixes": [],
"destinationPortRange": "4443",
"destinationPortRanges": [],
"direction": "Outbound",
"priority": 101,
"protocol": "TCP",
"sourceAddressPrefix": "10.0.2.4",
"sourceAddressPrefixes": [],
"sourcePortRange": "*",
"sourcePortRanges": []
},
"type": "Microsoft.Network/networkSecurityGroups/securityRules"
},
{
"apiVersion": "2018-09-01",
"dependsOn": [
"[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]"
],
"name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/crodmsregistrymaintenance')]",
"properties": {
"aRecords": [
{
"ipv4Address": "10.0.0.5"
}
],
"metadata": {
"creator": "created by private endpoint pep-odms-registry-maintenance with resource guid e9468193-6a2f-4a20-8770-b2de1c5454d2"
},
"ttl": 10
},
"type": "Microsoft.Network/privateDnsZones/A"
},
{
"apiVersion": "2018-09-01",
"dependsOn": [
"[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]"
],
"name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/crodmsregistrymaintenance.japaneast.data')]",
"properties": {
"aRecords": [
{
"ipv4Address": "10.0.0.4"
}
],
"metadata": {
"creator": "created by private endpoint pep-odms-registry-maintenance with resource guid e9468193-6a2f-4a20-8770-b2de1c5454d2"
},
"ttl": 10
},
"type": "Microsoft.Network/privateDnsZones/A"
},
{
"apiVersion": "2018-09-01",
"dependsOn": [
"[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]"
],
"name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/@')]",
"properties": {
"soaRecord": {
"email": "azureprivatedns-host.microsoft.com",
"expireTime": 2419200,
"host": "azureprivatedns.net",
"minimumTtl": 10,
"refreshTime": 3600,
"retryTime": 300,
"serialNumber": 1
},
"ttl": 3600
},
"type": "Microsoft.Network/privateDnsZones/SOA"
},
{
"apiVersion": "2018-09-01",
"dependsOn": [
"[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]"
],
"location": "global",
"name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/link-odms-vnet-dev')]",
"properties": {
"registrationEnabled": false,
"virtualNetwork": {
"id": "[parameters('virtualNetworks_vnet_odms_network_dev_externalid')]"
}
},
"type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks"
},
{
"apiVersion": "2018-09-01",
"dependsOn": [
"[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]"
],
"location": "global",
"name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/link-odms-vnet-stg')]",
"properties": {
"registrationEnabled": false,
"virtualNetwork": {
"id": "[parameters('virtualNetworks_vnet_odms_network_stg_externalid')]"
}
},
"type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]"
],
"name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/snet-odms-acr-maintenance')]",
"properties": {
"addressPrefix": "10.0.0.0/24",
"delegations": [],
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpoints": [
{
"locations": [
"*"
],
"service": "Microsoft.KeyVault"
}
]
},
"type": "Microsoft.Network/virtualNetworks/subnets"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]"
],
"name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/peer-odms-dev-maintenance')]",
"properties": {
"allowForwardedTraffic": true,
"allowGatewayTransit": false,
"allowVirtualNetworkAccess": true,
"doNotVerifyRemoteGateways": false,
"peeringState": "Connected",
"peeringSyncLevel": "FullyInSync",
"remoteAddressSpace": {
"addressPrefixes": [
"10.1.0.0/16"
]
},
"remoteVirtualNetwork": {
"id": "[parameters('virtualNetworks_vnet_odms_network_dev_externalid')]"
},
"remoteVirtualNetworkAddressSpace": {
"addressPrefixes": [
"10.1.0.0/16"
]
},
"useRemoteGateways": false
},
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]"
],
"name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/peer-odms-stg-maintenance')]",
"properties": {
"allowForwardedTraffic": true,
"allowGatewayTransit": false,
"allowVirtualNetworkAccess": true,
"doNotVerifyRemoteGateways": false,
"peeringState": "Connected",
"peeringSyncLevel": "FullyInSync",
"remoteAddressSpace": {
"addressPrefixes": [
"10.2.0.0/16"
]
},
"remoteVirtualNetwork": {
"id": "[parameters('virtualNetworks_vnet_odms_network_stg_externalid')]"
},
"remoteVirtualNetworkAddressSpace": {
"addressPrefixes": [
"10.2.0.0/16"
]
},
"useRemoteGateways": false
},
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings"
},
{
"apiVersion": "2022-09-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saodmscloudshell_name'))]"
],
"name": "[concat(parameters('storageAccounts_saodmscloudshell_name'), '/default')]",
"properties": {
"cors": {
"corsRules": []
},
"deleteRetentionPolicy": {
"allowPermanentDelete": false,
"enabled": false
}
},
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"type": "Microsoft.Storage/storageAccounts/blobServices"
},
{
"apiVersion": "2022-09-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saodmscloudshell_name'))]"
],
"name": "[concat(parameters('storageAccounts_saodmscloudshell_name'), '/default')]",
"properties": {
"cors": {
"corsRules": []
},
"protocolSettings": {
"smb": {}
},
"shareDeleteRetentionPolicy": {
"days": 7,
"enabled": true
}
},
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"type": "Microsoft.Storage/storageAccounts/fileServices"
},
{
"apiVersion": "2022-09-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saodmscloudshell_name'))]"
],
"name": "[concat(parameters('storageAccounts_saodmscloudshell_name'), '/default')]",
"properties": {
"cors": {
"corsRules": []
}
},
"type": "Microsoft.Storage/storageAccounts/queueServices"
},
{
"apiVersion": "2022-09-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saodmscloudshell_name'))]"
],
"name": "[concat(parameters('storageAccounts_saodmscloudshell_name'), '/default')]",
"properties": {
"cors": {
"corsRules": []
}
},
"type": "Microsoft.Storage/storageAccounts/tableServices"
},
{
"apiVersion": "2023-01-01-preview",
"dependsOn": [
"[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]",
"[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_pep_odms_registry_maintenance_name'))]"
],
"name": "[concat(parameters('registries_crOdmsRegistryMaintenance_name'), '/', parameters('registries_crOdmsRegistryMaintenance_name'), '.2929ec3b09904ec0ac913ec80e26fe7a')]",
"properties": {
"privateEndpoint": {
"id": "[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_pep_odms_registry_maintenance_name'))]"
},
"privateLinkServiceConnectionState": {
"description": "Auto-Approved",
"status": "Approved"
}
},
"type": "Microsoft.ContainerRegistry/registries/privateEndpointConnections"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIPAddresses_vnet_odms_network_maintenance_ip_name'))]",
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'AzureBastionSubnet')]"
],
"location": "japaneast",
"name": "[parameters('bastionHosts_bas_odms_maintenance_name')]",
"properties": {
"disableCopyPaste": false,
"dnsName": "bst-cd02e9dc-3e4a-423f-b77e-46b479c9b14d.bastion.azure.com",
"enableIpConnect": false,
"enableKerberos": false,
"enableShareableLink": false,
"enableTunneling": true,
"ipConfigurations": [
{
"id": "[concat(resourceId('Microsoft.Network/bastionHosts', parameters('bastionHosts_bas_odms_maintenance_name')), '/bastionHostIpConfigurations/IpConf')]",
"name": "IpConf",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', parameters('publicIPAddresses_vnet_odms_network_maintenance_ip_name'))]"
},
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'AzureBastionSubnet')]"
}
}
}
],
"scaleUnits": 3
},
"sku": {
"name": "Standard"
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Network/bastionHosts"
},
{
"apiVersion": "2018-09-01",
"dependsOn": [
"[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]",
"[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]"
],
"location": "global",
"name": "[concat(parameters('privateDnsZones_privatelink_azurecr_io_name'), '/e3fkm7ajqovu6')]",
"properties": {
"registrationEnabled": false,
"virtualNetwork": {
"id": "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]"
}
},
"type": "Microsoft.Network/privateDnsZones/virtualNetworkLinks"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]",
"[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-acr-maintenance')]"
],
"location": "japaneast",
"name": "[parameters('privateEndpoints_pep_odms_registry_maintenance_name')]",
"properties": {
"customDnsConfigs": [],
"customNetworkInterfaceName": "[concat(parameters('privateEndpoints_pep_odms_registry_maintenance_name'), '-nic')]",
"ipConfigurations": [],
"manualPrivateLinkServiceConnections": [],
"privateLinkServiceConnections": [
{
"id": "[concat(resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_pep_odms_registry_maintenance_name')), concat('/privateLinkServiceConnections/', parameters('privateEndpoints_pep_odms_registry_maintenance_name')))]",
"name": "[parameters('privateEndpoints_pep_odms_registry_maintenance_name')]",
"properties": {
"groupIds": [
"registry"
],
"privateLinkServiceConnectionState": {
"actionsRequired": "None",
"description": "Auto-Approved",
"status": "Approved"
},
"privateLinkServiceId": "[resourceId('Microsoft.ContainerRegistry/registries', parameters('registries_crOdmsRegistryMaintenance_name'))]"
}
}
],
"subnet": {
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-acr-maintenance')]"
}
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Network/privateEndpoints"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/privateEndpoints', parameters('privateEndpoints_pep_odms_registry_maintenance_name'))]",
"[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]"
],
"name": "[concat(parameters('privateEndpoints_pep_odms_registry_maintenance_name'), '/default')]",
"properties": {
"privateDnsZoneConfigs": [
{
"name": "privatelink-azurecr-io",
"properties": {
"privateDnsZoneId": "[resourceId('Microsoft.Network/privateDnsZones', parameters('privateDnsZones_privatelink_azurecr_io_name'))]"
}
}
]
},
"type": "Microsoft.Network/privateEndpoints/privateDnsZoneGroups"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
],
"name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/AzureBastionSubnet')]",
"properties": {
"addressPrefix": "10.0.1.0/26",
"delegations": [],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
},
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpoints": []
},
"type": "Microsoft.Network/virtualNetworks/subnets"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]"
],
"name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/snet-odms-deploy-maintenance')]",
"properties": {
"addressPrefix": "10.0.4.0/24",
"delegations": [],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]"
},
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpoints": [
{
"locations": [
"*"
],
"service": "Microsoft.KeyVault"
}
]
},
"type": "Microsoft.Network/virtualNetworks/subnets"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name'))]"
],
"name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/snet-odms-pipeline-maintenance')]",
"properties": {
"addressPrefix": "10.0.3.0/24",
"delegations": [],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name'))]"
},
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpoints": [
{
"locations": [
"*"
],
"service": "Microsoft.KeyVault"
}
]
},
"type": "Microsoft.Network/virtualNetworks/subnets"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_vnet_odms_network_maintenance_name'))]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
],
"name": "[concat(parameters('virtualNetworks_vnet_odms_network_maintenance_name'), '/snet-odms-vm-maintenance')]",
"properties": {
"addressPrefix": "10.0.2.0/24",
"delegations": [],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
},
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpoints": []
},
"type": "Microsoft.Network/virtualNetworks/subnets"
},
{
"apiVersion": "2022-09-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts/fileServices', parameters('storageAccounts_saodmscloudshell_name'), 'default')]",
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccounts_saodmscloudshell_name'))]"
],
"name": "[concat(parameters('storageAccounts_saodmscloudshell_name'), '/default/sfodmscloudshell')]",
"properties": {
"accessTier": "TransactionOptimized",
"enabledProtocols": "SMB",
"shareQuota": 6
},
"type": "Microsoft.Storage/storageAccounts/fileServices/shares"
},
{
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name'))]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]",
"[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]"
],
"location": "japaneast",
"name": "[parameters('virtualNetworks_vnet_odms_network_maintenance_name')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"10.0.0.0/16"
]
},
"enableDdosProtection": false,
"subnets": [
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-acr-maintenance')]",
"name": "snet-odms-acr-maintenance",
"properties": {
"addressPrefix": "10.0.0.0/24",
"delegations": [],
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpoints": [
{
"locations": [
"*"
],
"service": "Microsoft.KeyVault"
}
]
},
"type": "Microsoft.Network/virtualNetworks/subnets"
},
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'AzureBastionSubnet')]",
"name": "AzureBastionSubnet",
"properties": {
"addressPrefix": "10.0.1.0/26",
"delegations": [],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_bas_maintenance_name'))]"
},
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpoints": []
},
"type": "Microsoft.Network/virtualNetworks/subnets"
},
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-pipeline-maintenance')]",
"name": "snet-odms-pipeline-maintenance",
"properties": {
"addressPrefix": "10.0.3.0/24",
"delegations": [],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_pipeline_maintenance_name'))]"
},
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpoints": [
{
"locations": [
"*"
],
"service": "Microsoft.KeyVault"
}
]
},
"type": "Microsoft.Network/virtualNetworks/subnets"
},
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-vm-maintenance')]",
"name": "snet-odms-vm-maintenance",
"properties": {
"addressPrefix": "10.0.2.0/24",
"delegations": [],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_vm_maintenance_name'))]"
},
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpoints": []
},
"type": "Microsoft.Network/virtualNetworks/subnets"
},
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'snet-odms-deploy-maintenance')]",
"name": "snet-odms-deploy-maintenance",
"properties": {
"addressPrefix": "10.0.4.0/24",
"delegations": [],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_nsg_odms_deploy_maintenance_name'))]"
},
"privateEndpointNetworkPolicies": "Disabled",
"privateLinkServiceNetworkPolicies": "Enabled",
"serviceEndpoints": [
{
"locations": [
"*"
],
"service": "Microsoft.KeyVault"
}
]
},
"type": "Microsoft.Network/virtualNetworks/subnets"
}
],
"virtualNetworkPeerings": [
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/virtualNetworkPeerings', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'peer-odms-dev-maintenance')]",
"name": "peer-odms-dev-maintenance",
"properties": {
"allowForwardedTraffic": true,
"allowGatewayTransit": false,
"allowVirtualNetworkAccess": true,
"doNotVerifyRemoteGateways": false,
"peeringState": "Connected",
"peeringSyncLevel": "FullyInSync",
"remoteAddressSpace": {
"addressPrefixes": [
"10.1.0.0/16"
]
},
"remoteVirtualNetwork": {
"id": "[parameters('virtualNetworks_vnet_odms_network_dev_externalid')]"
},
"remoteVirtualNetworkAddressSpace": {
"addressPrefixes": [
"10.1.0.0/16"
]
},
"useRemoteGateways": false
},
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings"
},
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/virtualNetworkPeerings', parameters('virtualNetworks_vnet_odms_network_maintenance_name'), 'peer-odms-stg-maintenance')]",
"name": "peer-odms-stg-maintenance",
"properties": {
"allowForwardedTraffic": true,
"allowGatewayTransit": false,
"allowVirtualNetworkAccess": true,
"doNotVerifyRemoteGateways": false,
"peeringState": "Connected",
"peeringSyncLevel": "FullyInSync",
"remoteAddressSpace": {
"addressPrefixes": [
"10.2.0.0/16"
]
},
"remoteVirtualNetwork": {
"id": "[parameters('virtualNetworks_vnet_odms_network_stg_externalid')]"
},
"remoteVirtualNetworkAddressSpace": {
"addressPrefixes": [
"10.2.0.0/16"
]
},
"useRemoteGateways": false
},
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings"
}
]
},
"tags": {
"Environment": "maintenance",
"Project": "OMDS"
},
"type": "Microsoft.Network/virtualNetworks"
}
],
"variables": {}
}
Reference in New Issue View Git Blame Copy Permalink