Initial commit of template files, and a (brief) README.md
This commit is contained in:
commit
04cd7211d8
18
README.md
Normal file
18
README.md
Normal file
@ -0,0 +1,18 @@
|
||||
# neogroupmanager
|
||||
|
||||
## what?
|
||||
neogroupmanager is a web-based application for managing on-premise Active Directory groups, similar to [Group Manager]() by [cjwdev]().
|
||||
|
||||
|
||||
## how?
|
||||
_(via [PowerShell]() or a UNIX equivelant)_
|
||||
1. `git clone https://git.wnd.sh/neogroupmanager/az neogroupmanager`
|
||||
2. `cd neogroupmanager`
|
||||
3. `Connect-AzAccount`
|
||||
4. `New-AzResouceGroup -ResourceGroupName groupmanager-p-v1-rg -Location <uksouth>`
|
||||
5. `New-AzResourceGroupDeployment -ResourceGroupName groupmanager-p-v1-rg -TemplateFile ./groupmanager-v1.template.json -TemplateParameterFile ./groupmanager-v1.parameters.json`
|
||||
6. `New-AzResourceGroupDeployment -ResourceGroupName groupmanager-p-v1-rg -TemplateFile ./groupmanager-v1-aa.template.json -TemplateParameterFile ./groupmanager-v1-aa.parameters.json`
|
||||
|
||||
## why?
|
||||
|
||||
|
34
groupmanager-v1-aa.parameters.json
Normal file
34
groupmanager-v1-aa.parameters.json
Normal file
@ -0,0 +1,34 @@
|
||||
{
|
||||
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
|
||||
"contentVersion": "1.0.0.0",
|
||||
"parameters": {
|
||||
"tenantName": {
|
||||
"value": "wndsh"
|
||||
},
|
||||
"projectName": {
|
||||
"value": "groupmanager"
|
||||
},
|
||||
"projectEnvironment": {
|
||||
"value": "p"
|
||||
},
|
||||
"projectVersion": {
|
||||
"value": "v1"
|
||||
},
|
||||
"subscriptionId": {
|
||||
"value": "56aa1670-6826-4e0f-b415-10f242bbd995"
|
||||
},
|
||||
"aaRgName": {
|
||||
"value": "automation-p-rg",
|
||||
"valuex": "UoR-uks-ops-automation-p-rg"
|
||||
},
|
||||
"aaName": {
|
||||
"value": "automation-p-v1-aa"
|
||||
},
|
||||
"hybridWorkerId": {
|
||||
"value": "1719436c-139e-4117-8517-5a2c56df8aeb"
|
||||
},
|
||||
"azTableVersion": {
|
||||
"value": "2.1.0"
|
||||
}
|
||||
}
|
||||
}
|
156
groupmanager-v1-aa.template.json
Normal file
156
groupmanager-v1-aa.template.json
Normal file
@ -0,0 +1,156 @@
|
||||
{
|
||||
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "1.0.0.0",
|
||||
"parameters": {
|
||||
"tenantName": {
|
||||
"defaultValue": "exampleorg",
|
||||
"type": "string"
|
||||
},
|
||||
"projectName": {
|
||||
"defaultValue": "groupmanager",
|
||||
"type": "String"
|
||||
},
|
||||
"projectEnvironment": {
|
||||
"defaultValue": "t",
|
||||
"type": "String"
|
||||
},
|
||||
"projectVersion": {
|
||||
"defaultValue": "v1",
|
||||
"type": "String"
|
||||
},
|
||||
"subscriptionId": {
|
||||
"defaultValue": "00000000-0000-0000-0000-000000000000",
|
||||
"type": "String"
|
||||
},
|
||||
"aaRgName": {
|
||||
"defaultValue": "my-aa-rg-name",
|
||||
"type": "String"
|
||||
},
|
||||
"aaName": {
|
||||
"defaultValue": "my-aa-name",
|
||||
"type": "String"
|
||||
},
|
||||
"hybridWorkerId": {
|
||||
"defaultValue": "00000000-0000-0000-0000-000000000000",
|
||||
"type": "string"
|
||||
},
|
||||
"azTableVersion": {
|
||||
"defaultValue": "2.1.0",
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"variables": {
|
||||
"projectPrefix": "[concat(parameters('projectName'), '-', parameters('projectEnvironment'), '-', parameters('projectVersion'))]",
|
||||
"aaName": "[concat(variables('projectPrefix'), '-aa')]",
|
||||
"miName": "[concat(variables('projectPrefix'), '-mi')]",
|
||||
"reName": "[concat(variables('aaName'), 're')]",
|
||||
"hwgwName": "[concat(variables('aaName'), '/', '001-hwgw')]"
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"type": "Microsoft.Automation/automationAccounts",
|
||||
"apiVersion": "2023-11-01",
|
||||
"name": "[variables('aaName')]",
|
||||
"location": "uksouth",
|
||||
"identity": {
|
||||
"type": "UserAssigned",
|
||||
"userAssignedIdentities": {
|
||||
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('miName'))]": {}
|
||||
}
|
||||
},
|
||||
"properties": {
|
||||
"publicNetworkAccess": true,
|
||||
"disableLocalAuth": false,
|
||||
"sku": {
|
||||
"name": "Basic"
|
||||
},
|
||||
"encryption": {
|
||||
"keySource": "Microsoft.Automation",
|
||||
"identity": {}
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Automation/automationAccounts/connectionTypes",
|
||||
"apiVersion": "2023-11-01",
|
||||
"name": "[concat(variables('aaName'), '/Azure')]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Automation/automationAccounts', variables('aaName'))]"
|
||||
],
|
||||
"properties": {
|
||||
"isGlobal": false,
|
||||
"fieldDefinitions": {
|
||||
"AutomationCertificateName": {
|
||||
"isEncrypted": false,
|
||||
"isOptional": false,
|
||||
"type": "System.String"
|
||||
},
|
||||
"SubscriptionID": {
|
||||
"isEncrypted": false,
|
||||
"isOptional": false,
|
||||
"type": "System.String"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Automation/automationAccounts/runtimeEnvironments",
|
||||
"apiVersion": "2023-05-15-preview",
|
||||
"name": "[concat(variables('aaName'), '/', variables('reName'))]",
|
||||
"location": "uksouth",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Automation/automationAccounts', variables('aaName'))]"
|
||||
],
|
||||
"properties": {
|
||||
"runtime": {
|
||||
"language": "PowerShell",
|
||||
"version": "7.2"
|
||||
},
|
||||
"defaultPackages": {
|
||||
"az": "11.2.0",
|
||||
"azure cli": "2.56.0"
|
||||
},
|
||||
"packages": {
|
||||
"aztable": "[parameters('azTableVersion')]"
|
||||
},
|
||||
"description": "The main runtime environment used for managing UoR Group Manager."
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Automation/automationAccounts/runtimeEnvironments/packages",
|
||||
"apiVersion": "2023-05-15-preview",
|
||||
"name": "[concat(variables('aaName'), '/', variables('aaName'), 're/AzTable')]",
|
||||
"location": "uksouth",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Automation/automationAccounts/runtimeEnvironments', variables('aaName'), concat(variables('aaName'), 're'))]",
|
||||
"[resourceId('Microsoft.Automation/automationAccounts', variables('aaName'))]"
|
||||
],
|
||||
"properties": {
|
||||
"contentLink": {
|
||||
"uri": "[concat('https://devopsgallerystorage.blob.core.windows.net/packages/aztable.', parameters('azTableVersion'), '.nupkg')]",
|
||||
"version": "[parameters('azTableVersion')]"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Automation/automationAccounts/runbooks",
|
||||
"apiVersion": "2023-11-01",
|
||||
"name": "[concat(variables('aaName'), '/groupmanager-update-membership-t-v1-aar')]",
|
||||
"location": "uksouth",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Automation/automationAccounts', variables('aaName'))]"
|
||||
],
|
||||
"properties": {
|
||||
"description": "This runbook updates the membership of a group, by using the associated message queues to process requests.",
|
||||
"runbookType": "PowerShell",
|
||||
"publishContentLink": {
|
||||
"uri": "https://git.wnd.sh/neogroupmanager/neogroupmanager/branch/main/update-membership.ps1",
|
||||
"version": "1.0.0"
|
||||
},
|
||||
"logVerbose": false,
|
||||
"logProgress": false,
|
||||
"logActivityTrace": 0
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
21
groupmanager-v1.parameters.json
Normal file
21
groupmanager-v1.parameters.json
Normal file
@ -0,0 +1,21 @@
|
||||
{
|
||||
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
|
||||
"contentVersion": "1.0.0.0",
|
||||
"parameters": {
|
||||
"tenantName": {
|
||||
"value": "wndsh"
|
||||
},
|
||||
"projectName": {
|
||||
"value": "groupmanager"
|
||||
},
|
||||
"projectEnvironment": {
|
||||
"value": "p"
|
||||
},
|
||||
"projectVersion": {
|
||||
"value": "v1"
|
||||
},
|
||||
"subscriptionId": {
|
||||
"value": "56aa1670-6826-4e0f-b415-10f242bbd995"
|
||||
}
|
||||
}
|
||||
}
|
264
groupmanager-v1.template.json
Normal file
264
groupmanager-v1.template.json
Normal file
@ -0,0 +1,264 @@
|
||||
{
|
||||
"$schema": "http://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
|
||||
"contentVersion": "1.0.0.0",
|
||||
"parameters": {
|
||||
"tenantName": {
|
||||
"defaultValue": "exampleorg",
|
||||
"type": "string"
|
||||
},
|
||||
"projectName": {
|
||||
"defaultValue": "groupmanager",
|
||||
"type": "string"
|
||||
},
|
||||
"projectEnvironment": {
|
||||
"defaultValue": "d",
|
||||
"type": "string"
|
||||
},
|
||||
"projectVersion": {
|
||||
"defaultValue": "v1",
|
||||
"type": "string"
|
||||
},
|
||||
"subscriptionId": {
|
||||
"defaultValue": "00000000-0000-0000-0000-000000000000",
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"variables": {
|
||||
"projectPrefix": "[concat(parameters('projectName'), '-', parameters('projectEnvironment'), '-', parameters('projectVersion'))]",
|
||||
"swaName": "[concat(parameters('tenantName'), '-', variables('projectPrefix'), '-swa')]",
|
||||
"miName": "[concat(variables('projectPrefix'), '-mi')]",
|
||||
"saName": "[concat(parameters('tenantName'), parameters('projectName'), parameters('projectEnvironment'), parameters('projectVersion'), 'sa')]",
|
||||
"fsName": "[concat(parameters('tenantName'), '-', variables('projectPrefix'), '-func')]"
|
||||
},
|
||||
"resources": [
|
||||
{
|
||||
"type": "Microsoft.ManagedIdentity/userAssignedIdentities",
|
||||
"apiVersion": "2023-07-31-preview",
|
||||
"name": "[variables('miName')]",
|
||||
"location": "uksouth"
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts",
|
||||
"apiVersion": "2023-05-01",
|
||||
"name": "[variables('saName')]",
|
||||
"location": "uksouth",
|
||||
"sku": {
|
||||
"name": "Standard_LRS",
|
||||
"tier": "Standard"
|
||||
},
|
||||
"kind": "Storage",
|
||||
"properties": {
|
||||
"allowedCopyScope": "AAD",
|
||||
"defaultToOAuthAuthentication": true,
|
||||
"allowCrossTenantReplication": false,
|
||||
"minimumTlsVersion": "TLS1_2",
|
||||
"allowBlobPublicAccess": false,
|
||||
"allowSharedKeyAccess": true,
|
||||
"networkAcls": {
|
||||
"bypass": "AzureServices",
|
||||
"virtualNetworkRules": [],
|
||||
"ipRules": [],
|
||||
"defaultAction": "Allow"
|
||||
},
|
||||
"supportsHttpsTrafficOnly": true,
|
||||
"encryption": {
|
||||
"services": {
|
||||
"file": {
|
||||
"keyType": "Account",
|
||||
"enabled": true
|
||||
},
|
||||
"blob": {
|
||||
"keyType": "Account",
|
||||
"enabled": true
|
||||
}
|
||||
},
|
||||
"keySource": "Microsoft.Storage"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Web/staticSites",
|
||||
"apiVersion": "2023-12-01",
|
||||
"name": "[variables('swaName')]",
|
||||
"location": "West Europe",
|
||||
"tags": {
|
||||
"hidden-link: /app-insights-resource-id": "/subscriptions/56aa1670-6826-4e0f-b415-10f242bbd995/resourceGroups/general-p-rg/providers/microsoft.insights/components/wndsh-openapi-function-test-v1-func",
|
||||
"hidden-link: /app-insights-instrumentation-key": "a5699918-8985-4069-8fa3-252aaeac0ac5",
|
||||
"hidden-link: /app-insights-conn-string": "InstrumentationKey=a5699918-8985-4069-8fa3-252aaeac0ac5;IngestionEndpoint=https://uksouth-1.in.applicationinsights.azure.com/;LiveEndpoint=https://uksouth.livediagnostics.monitor.azure.com/;ApplicationId=e8916dde-8ac7-4ee5-ac81-d35013aa9750"
|
||||
},
|
||||
"sku": {
|
||||
"name": "Free",
|
||||
"tier": "Free"
|
||||
},
|
||||
"properties": {
|
||||
"repositoryUrl": "https://github.com/NathanWindisch/group-manager-swa",
|
||||
"branch": "main",
|
||||
"stagingEnvironmentPolicy": "Enabled",
|
||||
"allowConfigFileUpdates": true,
|
||||
"provider": "GitHub",
|
||||
"enterpriseGradeCdnStatus": "Disabled"
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts/blobServices",
|
||||
"apiVersion": "2023-05-01",
|
||||
"name": "[concat(variables('saName'), '/default')]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Storage/storageAccounts', variables('saName'))]"
|
||||
],
|
||||
"sku": {
|
||||
"name": "Standard_LRS",
|
||||
"tier": "Standard"
|
||||
},
|
||||
"properties": {
|
||||
"cors": {
|
||||
"corsRules": []
|
||||
},
|
||||
"deleteRetentionPolicy": {
|
||||
"allowPermanentDelete": false,
|
||||
"enabled": false
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts/fileServices",
|
||||
"apiVersion": "2023-05-01",
|
||||
"name": "[concat(variables('saName'), '/default')]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Storage/storageAccounts', variables('saName'))]"
|
||||
],
|
||||
"sku": {
|
||||
"name": "Standard_LRS",
|
||||
"tier": "Standard"
|
||||
},
|
||||
"properties": {
|
||||
"protocolSettings": {
|
||||
"smb": {}
|
||||
},
|
||||
"cors": {
|
||||
"corsRules": []
|
||||
},
|
||||
"shareDeleteRetentionPolicy": {
|
||||
"enabled": true,
|
||||
"days": 7
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts/queueServices",
|
||||
"apiVersion": "2023-05-01",
|
||||
"name": "[concat(variables('saName'), '/default')]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Storage/storageAccounts', variables('saName'))]"
|
||||
],
|
||||
"properties": {
|
||||
"cors": {
|
||||
"corsRules": []
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts/tableServices",
|
||||
"apiVersion": "2023-05-01",
|
||||
"name": "[concat(variables('saName'), '/default')]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Storage/storageAccounts', variables('saName'))]"
|
||||
],
|
||||
"properties": {
|
||||
"cors": {
|
||||
"corsRules": []
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Web/staticSites/basicAuth",
|
||||
"apiVersion": "2023-12-01",
|
||||
"name": "[concat(variables('swaName'), '/default')]",
|
||||
"location": "West Europe",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Web/staticSites', variables('swaName'))]"
|
||||
],
|
||||
"properties": {
|
||||
"applicableEnvironmentsMode": "SpecifiedEnvironments"
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts/blobServices/containers",
|
||||
"apiVersion": "2023-05-01",
|
||||
"name": "[concat(variables('saName'), '/default/azure-webjobs-hosts')]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Storage/storageAccounts/blobServices', variables('saName'), 'default')]",
|
||||
"[resourceId('Microsoft.Storage/storageAccounts', variables('saName'))]"
|
||||
],
|
||||
"properties": {
|
||||
"immutableStorageWithVersioning": {
|
||||
"enabled": false
|
||||
},
|
||||
"defaultEncryptionScope": "$account-encryption-key",
|
||||
"denyEncryptionScopeOverride": false,
|
||||
"publicAccess": "None"
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts/blobServices/containers",
|
||||
"apiVersion": "2023-05-01",
|
||||
"name": "[concat(variables('saName'), '/default/azure-webjobs-secrets')]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Storage/storageAccounts/blobServices', variables('saName'), 'default')]",
|
||||
"[resourceId('Microsoft.Storage/storageAccounts', variables('saName'))]"
|
||||
],
|
||||
"properties": {
|
||||
"immutableStorageWithVersioning": {
|
||||
"enabled": false
|
||||
},
|
||||
"defaultEncryptionScope": "$account-encryption-key",
|
||||
"denyEncryptionScopeOverride": false,
|
||||
"publicAccess": "None"
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts/queueServices/queues",
|
||||
"apiVersion": "2023-05-01",
|
||||
"name": "[concat(variables('saName'), '/default/members')]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Storage/storageAccounts/queueServices', variables('saName'), 'default')]",
|
||||
"[resourceId('Microsoft.Storage/storageAccounts', variables('saName'))]"
|
||||
],
|
||||
"properties": {
|
||||
"metadata": {}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts/queueServices/queues",
|
||||
"apiVersion": "2023-05-01",
|
||||
"name": "[concat(variables('saName'), '/default/permissions')]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Storage/storageAccounts/queueServices', variables('saName'), 'default')]",
|
||||
"[resourceId('Microsoft.Storage/storageAccounts', variables('saName'))]"
|
||||
],
|
||||
"properties": {
|
||||
"metadata": {}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts/tableServices/tables",
|
||||
"apiVersion": "2023-05-01",
|
||||
"name": "[concat(variables('saName'), '/default/permissions')]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Storage/storageAccounts/tableServices', variables('saName'), 'default')]",
|
||||
"[resourceId('Microsoft.Storage/storageAccounts', variables('saName'))]"
|
||||
],
|
||||
"properties": {}
|
||||
},
|
||||
{
|
||||
"type": "Microsoft.Storage/storageAccounts/tableServices/tables",
|
||||
"apiVersion": "2023-05-01",
|
||||
"name": "[concat(variables('saName'), '/default/users')]",
|
||||
"dependsOn": [
|
||||
"[resourceId('Microsoft.Storage/storageAccounts/tableServices', variables('saName'), 'default')]",
|
||||
"[resourceId('Microsoft.Storage/storageAccounts', variables('saName'))]"
|
||||
],
|
||||
"properties": {}
|
||||
}
|
||||
]
|
||||
}
|
Loading…
Reference in New Issue
Block a user