Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AAD Renames #62

Merged
merged 2 commits into from
Dec 30, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions .github/scripts/Wipe-AlzTenant.ps1
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
[CmdletBinding()]
param (
#Added this back into parameters as error occurs if multiple tenants are found when using Get-AzTenant
[Parameter(Mandatory = $true, Position = 1, HelpMessage = "Please the Insert Tenant ID (GUID) of your Azure AD tenant e.g.'f73a2b89-6c0e-4382-899f-ea227cd6b68f'")]
[Parameter(Mandatory = $true, Position = 1, HelpMessage = "Please the Insert Tenant ID (GUID) of your Microsoft Entra tenant e.g.'f73a2b89-6c0e-4382-899f-ea227cd6b68f'")]
[string]
$tenantRootGroupID = "<Insert the Tenant ID (GUID) of your Azure AD tenant>",
$tenantRootGroupID = "<Insert the Tenant ID (GUID) of your Microsoft Entra tenant>",

[Parameter(Mandatory = $true, Position = 2, HelpMessage = "Insert the name of your intermediate root Management Group e.g. 'Contoso'")]
[string]
Expand Down Expand Up @@ -52,12 +52,12 @@ $subDeployments | ForEach-Object -Parallel {
}


# Get all AAD Tenant level deployments
# Get all Microsoft Entra Tenant level deployments
$tenantDeployments = Get-AzTenantDeployment

Write-Information "Removing all Tenant level deployments"

# For each AAD Tenant level deployment, remove it
# For each Microsoft Entra Tenant level deployment, remove it
$tenantDeployments | ForEach-Object -Parallel {
Write-Information "Removing $($_.DeploymentName) ..."
Remove-AzTenantDeployment -Id $_.Id
Expand Down Expand Up @@ -99,4 +99,4 @@ $StopWatch.Stop()

# Display timer output as table
Write-Information "Time taken to complete task:"
$StopWatch.Elapsed | Format-Table
$StopWatch.Elapsed | Format-Table
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
>
> ℹ️ This module is also available on the Bicep Module Registry [here](https://github.com/Azure/bicep-registry-modules/tree/main/modules/lz/sub-vending). Examples also included in our [wiki examples](https://github.com/Azure/bicep-lz-vending/wiki/examples). ℹ️

The landing zone Bicep modules are designed to accelerate deployment of the individual landing zones (aka Subscriptions) within an Azure AD Tenant.
The landing zone Bicep modules are designed to accelerate deployment of the individual landing zones (aka Subscriptions) within an Microsoft Entra Tenant.

> See the different types of landing zones in the Azure Landing Zones documentation here: [What is an Azure landing zone? - Platform vs. application landing zones](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/#platform-vs-application-landing-zones)

Expand Down
31 changes: 29 additions & 2 deletions docs/wiki/ConsumerGuide.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,38 @@

## Background

This repository has been created to help customers and partners to create, deploy and deliver landing zone Subscriptions into an Azure AD Tenant utilizing [Bicep](https://aka.ms/bicep) as the Infrastructure-as-Code (IaC) tooling and language of choice.
This repository has been created to help customers and partners to create, deploy and deliver landing zone Subscriptions into an Microsoft Entra Tenant utilizing [Bicep](https://aka.ms/bicep) as the Infrastructure-as-Code (IaC) tooling and language of choice.

## Ways to Consume `bicep-lz-vending`

There are various ways to consume the Bicep modules included in `bicep-lz-vending`. The options are:
### Recommended Way to Consume

The recommend way is to consume the module directly from the [Bicep public registry](https://github.com/Azure/bicep-registry-modules/tree/main/modules/lz/sub-vending#examples)

```bicep
targetScope = 'managementGroup'

module sub001 'br/public:lz/sub-vending:1.5.1' = {
name: 'sub001'
params: {
subscriptionAliasEnabled: true
subscriptionBillingScope: '/providers/Microsoft.Billing/billingAccounts/1234567/enrollmentAccounts/123456'
subscriptionAliasName: 'sub-test-001'
subscriptionDisplayName: 'sub-test-001'
subscriptionTags: {
example: 'true'
}
subscriptionWorkload: 'Production'
subscriptionManagementGroupAssociationEnabled: true
subscriptionManagementGroupId: 'corp'
// Other parameter inputs available, see docs
}
}
```

### Other Ways to Consume

There are a number of other ways to consume the Bicep modules included in `bicep-lz-vending`. The options are:

- Creating your own GitHub Repository & Utilizing the `Invoke-GitHubReleaseFetcher.ps1` script & `gh-release-checker.yml` GitHub Action Workflow
- See detailed instruction on using this [below](#creating-your-own-github-repository--utilizing-the-invoke-githubreleasefetcherps1-script--gh-release-checkeryml-github-action-workflow)
Expand Down
2 changes: 1 addition & 1 deletion main.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ targetScope = 'managementGroup'

metadata name = '`main.bicep` Parameters'

metadata description = 'This module is designed to accelerate deployment of landing zones (aka Subscriptions) within an Azure AD Tenant.'
metadata description = 'This module is designed to accelerate deployment of landing zones (aka Subscriptions) within an Microsoft Entra Tenant.'

metadata details = '''These are the input parameters for the Bicep module: [`main.bicep`](./main.bicep)

Expand Down
2 changes: 1 addition & 1 deletion main.bicep.parameters.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# `main.bicep` Parameters

This module is designed to accelerate deployment of landing zones (aka Subscriptions) within an Azure AD Tenant.
This module is designed to accelerate deployment of landing zones (aka Subscriptions) within an Microsoft Entra Tenant.

## Parameters

Expand Down
4 changes: 2 additions & 2 deletions tests/pester/full.tests.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ Describe "Bicep Landing Zone (Sub) Vending Tests" {
}

Context "Role-Based Access Control Assignment Tests" {
It "Should Have a Role Assignment for an known AAD Group with the Reader role directly upon the Subscription" {
It "Should Have a Role Assignment for an known Microsoft Entra Group with the Reader role directly upon the Subscription" {
$iterationCount = 0
do {
$roleAssignment = Get-AzRoleAssignment -Scope "/subscriptions/$subId" -RoleDefinitionName "Reader" -ObjectId "7eca0dca-6701-46f1-b7b6-8b424dab50b3" -ErrorAction SilentlyContinue
Expand All @@ -80,7 +80,7 @@ Describe "Bicep Landing Zone (Sub) Vending Tests" {
$roleAssignment.scope | Should -Be "/subscriptions/$subId"
}

It "Should Have a Role Assignment for an known AAD Group with the Network Contributor role directly upon the Resource Group" {
It "Should Have a Role Assignment for an known Microsoft Entra Group with the Network Contributor role directly upon the Resource Group" {
$iterationCount = 0
do {
$roleAssignment = Get-AzRoleAssignment -Scope "/subscriptions/$subId/resourceGroups/rsg-$location-net-hs-pr-$prNumber" -RoleDefinitionName "Network Contributor" -ObjectId "7eca0dca-6701-46f1-b7b6-8b424dab50b3" -ErrorAction SilentlyContinue
Expand Down
Loading