Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Policy Refresh Q2 FY25 #1880

Open
wants to merge 21 commits into
base: main
Choose a base branch
from
Open

Policy Refresh Q2 FY25 #1880

wants to merge 21 commits into from

Conversation

Springstone
Copy link
Member

Overview/Summary

This pull request includes several updates and improvements to the Azure Landing Zones (ALZ) documentation and deployment scripts. The changes primarily focus on adding new policies, updating existing ones, and introducing new deployment options.

Documentation Updates:

  • Added new policies to the ALZ-Policies-Extra.md file, including Audit-Tags-Mandatory, Audit-Tags-Mandatory-RG, Deny-Subnet-Without-Penp, and Deploy-Sql-Security_20240529.
  • Corrected the description of the Enforce enhanced recovery and backup policies initiative to specify that it applies to Recovery Services Vaults instead of Azure Key Vault [1] [2].
  • Updated the Whats-new.md file to include a new section for the Q2 FY25 policy refresh, detailing various updates and fixes [1] [2].

Deployment Script Enhancements:

  • Introduced a new checkbox option in the eslz-portal.json file to deploy the Azure Virtual Network Manager (AVNM) in preview mode.
  • Modified visibility conditions for certain deployment options in the eslz-portal.json file to improve deployment logic [1] [2].
  • Added parameters and deployment names related to AVNM in the eslzArm.json file to support the new deployment feature [1] [2] [3].

Azure Public

Deploy To Azure

anwather and others added 11 commits November 4, 2024 12:35
@anwather @Springstone
Minor grammar fix (#1798)
d094fbe 
Co-authored-by: Anthony Watherston <[email protected]>
Co-authored-by: Sacha Narinx <[email protected]>
@Springstone
Ab36748 Identity Policy / Subscription Bug Fix (#1823)
b6069b2
@Springstone
Ab37721 KV Update Effect Names and Initial updates to support policy …
b99d4c9 
…versioning (#1824)
@Springstone
ALZ Policies Extra Wiki Entry (#1825)
b0c7f8e
@Springstone
Update EncryptTransit AppServiceTLS param to include 1.3 (#1827)
601f53a
@Springstone
Merge branch 'main' of https://github.com/Azure/Enterprise-Scale into…
af41ba7 
… policy-refresh-q2fy25
@cassiekays @Springstone
added SQL security policy into the wiki (#1829)
193fb37 
Co-authored-by: Sacha Narinx <[email protected]>
@Springstone
Fix NVA VPN Regional (#1830)
2a75239
@Springstone
Policy: Audit for mandatory tags on resources/resource groups (#1843)
73d6e73
@Springstone
ALZ Policy Version Pinning Update (#1853)
4458a51
@Springstone
AVNM (#1803)
1bd7954
@Springstone Springstone added this to the policy-refresh-fy25-q2 milestone Jan 10, 2025
@Springstone Springstone requested a review from a team as a code owner January 10, 2025 08:35
@Springstone Springstone mentioned this pull request Jan 16, 2025
Closed
jtracey93
jtracey93 requested changes Jan 20, 2025
View reviewed changes
Copy link
Collaborator

@jtracey93 jtracey93 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Springstone couple of minor comments to review and resolve please 👍

src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-EncryptTransit_20240509.json Outdated Show resolved Hide resolved
src/resources/Microsoft.Authorization/policySetDefinitions/Enforce-EncryptTransit_20241211.json Outdated Show resolved Hide resolved
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jtracey93 jtracey93 jtracey93 requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
policy-refresh-fy25-q2
Development

Successfully merging this pull request may close these issues.
5 participants
@Springstone @jtracey93 @matt-FFFFFF @anwather @cassiekays