updates

Azure · Jan 25, 2025 · 3ff1094 · 3ff1094
1 parent 1f7daac
commit 3ff1094
Show file tree

Hide file tree

Showing 7 changed files with 31 additions and 27 deletions.
diff --git a/workload/arm/deploy-baseline.json b/workload/arm/deploy-baseline.json
@@ -5,7 +5,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.33.13.18514",
-      "templateHash": "8652180792809102176"
+      "templateHash": "14778212305260835432"
     },
     "name": "AVD Accelerator - Baseline Deployment",
     "description": "AVD Accelerator - Deployment Baseline",
@@ -1364,11 +1364,9 @@
     "varManagementPlaneLocationAcronym": "[variables('varLocations')[variables('varManagementPlaneLocationLowercase')].acronym]",
     "varLocations": "[variables('$fxv#0')]",
     "varTimeZoneSessionHosts": "[variables('varLocations')[variables('varSessionHostLocationLowercase')].timeZone]",
-    "varTimeZoneManagementPlane": "[variables('varLocations')[variables('varManagementPlaneLocationLowercase')].timeZone]",
     "varManagementPlaneNamingStandard": "[format('{0}-{1}-{2}', variables('varDeploymentPrefixLowercase'), variables('varDeploymentEnvironmentLowercase'), variables('varManagementPlaneLocationAcronym'))]",
     "varComputeStorageResourcesNamingStandard": "[format('{0}-{1}-{2}', variables('varDeploymentPrefixLowercase'), variables('varDeploymentEnvironmentLowercase'), variables('varSessionHostLocationAcronym'))]",
     "varDiskEncryptionSetName": "[if(parameters('avdUseCustomNaming'), format('{0}-{1}-001', parameters('ztDiskEncryptionSetCustomNamePrefix'), variables('varComputeStorageResourcesNamingStandard')), format('des-zt-{0}-001', variables('varComputeStorageResourcesNamingStandard')))]",
-    "varZtManagedIdentityName": "[if(parameters('avdUseCustomNaming'), format('{0}-{1}-001', parameters('ztManagedIdentityCustomName'), variables('varComputeStorageResourcesNamingStandard')), format('id-zt-{0}-001', variables('varComputeStorageResourcesNamingStandard')))]",
     "varSessionHostLocationLowercase": "[toLower(replace(parameters('avdSessionHostLocation'), ' ', ''))]",
     "varManagementPlaneLocationLowercase": "[toLower(replace(parameters('avdManagementPlaneLocation'), ' ', ''))]",
     "varServiceObjectsRgName": "[if(parameters('avdUseCustomNaming'), parameters('avdServiceObjectsRgCustomName'), format('rg-avd-{0}-service-objects', variables('varManagementPlaneNamingStandard')))]",
@@ -19865,7 +19863,6 @@
         "baselineResourceGroups",
         "[subscriptionResourceId(parameters('avdWorkloadSubsId'), 'Microsoft.Resources/deployments', format('Storage-RG-{0}', parameters('time')))]",
         "[subscriptionResourceId('Microsoft.Resources/deployments', format('Identities-And-RoleAssign-{0}', parameters('time')))]",
-        "[subscriptionResourceId('Microsoft.Resources/deployments', format('Monitoring-{0}', parameters('time')))]",
         "[subscriptionResourceId('Microsoft.Resources/deployments', format('Networking-{0}', parameters('time')))]"
       ]
     },

diff --git a/workload/bicep/deploy-baseline.bicep b/workload/bicep/deploy-baseline.bicep
@@ -528,11 +528,9 @@ var varSessionHostLocationAcronym = varLocations[varSessionHostLocationLowercase
 var varManagementPlaneLocationAcronym = varLocations[varManagementPlaneLocationLowercase].acronym
 var varLocations = loadJsonContent('../variables/locations.json')
 var varTimeZoneSessionHosts = varLocations[varSessionHostLocationLowercase].timeZone
-var varTimeZoneManagementPlane = varLocations[varManagementPlaneLocationLowercase].timeZone
 var varManagementPlaneNamingStandard = '${varDeploymentPrefixLowercase}-${varDeploymentEnvironmentLowercase}-${varManagementPlaneLocationAcronym}'
 var varComputeStorageResourcesNamingStandard = '${varDeploymentPrefixLowercase}-${varDeploymentEnvironmentLowercase}-${varSessionHostLocationAcronym}'
 var varDiskEncryptionSetName = avdUseCustomNaming ? '${ztDiskEncryptionSetCustomNamePrefix}-${varComputeStorageResourcesNamingStandard}-001': 'des-zt-${varComputeStorageResourcesNamingStandard}-001'
-var varZtManagedIdentityName = avdUseCustomNaming ? '${ztManagedIdentityCustomName}-${varComputeStorageResourcesNamingStandard}-001' : 'id-zt-${varComputeStorageResourcesNamingStandard}-001'
 var varSessionHostLocationLowercase = toLower(replace(avdSessionHostLocation, ' ', ''))
 var varManagementPlaneLocationLowercase = toLower(replace(avdManagementPlaneLocation, ' ', ''))
 var varServiceObjectsRgName = avdUseCustomNaming ? avdServiceObjectsRgCustomName : 'rg-avd-${varManagementPlaneNamingStandard}-service-objects' // max length limit 90 characters
@@ -1062,7 +1060,6 @@ module networking './modules/networking/deploy.bicep' = if (createAvdVnet || cre
   }
   dependsOn: [
     baselineNetworkResourceGroup
-    monitoringDiagnosticSettings
     baselineResourceGroups
   ]
 }
@@ -1128,8 +1125,6 @@ module managementPLane './modules/avdManagementPlane/deploy.bicep' = {
   dependsOn: [
     baselineResourceGroups
     identity
-    monitoringDiagnosticSettings
-    wrklKeyVault
   ]
 }
 
@@ -1188,7 +1183,6 @@ module zeroTrust './modules/zeroTrust/deploy.bicep' = if (diskZeroTrust && avdDe
   dependsOn: [
     baselineResourceGroups
     baselineStorageResourceGroup
-    monitoringDiagnosticSettings
     identity
   ]
 }
@@ -1321,7 +1315,6 @@ module managementVm './modules/storageAzureFiles/.bicep/managementVm.bicep' = if
   }
   dependsOn: [
     baselineStorageResourceGroup
-    networking
     wrklKeyVault
   ]
 }
@@ -1372,10 +1365,8 @@ module fslogixAzureFilesStorage './modules/storageAzureFiles/deploy.bicep' = if
   }
   dependsOn: [
     baselineStorageResourceGroup
-    networking
     wrklKeyVault
-    managementVm
-    monitoringDiagnosticSettings
+    // managementVm
   ]
 }
 
@@ -1426,10 +1417,8 @@ module appAttachAzureFilesStorage './modules/storageAzureFiles/deploy.bicep' = i
   dependsOn: [
     fslogixAzureFilesStorage
     baselineStorageResourceGroup
-    networking
     wrklKeyVault
-    managementVm
-    monitoringDiagnosticSettings
+    // managementVm
   ]
 }
 
@@ -1517,9 +1506,7 @@ module sessionHosts './modules/avdSessionHosts/deploy.bicep' = [
     dependsOn: [
       fslogixAzureFilesStorage
       baselineResourceGroups
-      networking
       wrklKeyVault
-      monitoringDiagnosticSettings
       vmScaleSetFlex
       managementPLane
     ]

diff --git a/workload/bicep/deploy-baseline.bicepparam b/workload/bicep/deploy-baseline.bicepparam
@@ -0,0 +1,21 @@
+using './deploy-baseline.bicep'
+
+param deploymentPrefix = 'e010'
+param deploymentEnvironment = 'Dev'
+param avdSessionHostLocation = ''
+param avdManagementPlaneLocation = ''
+param avdWorkloadSubsId = ''
+param avdVmLocalUserName = ''
+param avdVmLocalUserPassword = ''
+param avdIdentityServiceProvider = 'ADDS'
+param identityDomainName = 'none'
+param avdDomainJoinUserName = 'none'
+param avdDomainJoinUserPassword = 'none'
+param createAvdVnet = false
+param existingVnetAvdSubnetResourceId = ''
+param deployPrivateEndpointKeyvaultStorage = false
+param deployAvdPrivateLinkService = false
+param createPrivateDnsZones = false
+param createAvdFslogixDeployment = true
+param avdDeploySessionHosts = false
+
diff --git a/workload/bicep/modules/storageAzureFiles/deploy.bicep b/workload/bicep/modules/storageAzureFiles/deploy.bicep
@@ -139,8 +139,7 @@ module storageAndFile '../../../../avm/1.0.0/res/storage/storage-account/main.bi
         location: location
         skuName: storageSku
         allowBlobPublicAccess: false
-        //publicNetworkAccess: deployPrivateEndpoint ? 'Disabled' : 'Enabled'
-        publicNetworkAccess: 'Disabled'
+        publicNetworkAccess: deployPrivateEndpoint ? 'Disabled' : 'Enabled'
         kind: ((storageSku == 'Premium_LRS') || (storageSku == 'Premium_ZRS')) ? 'FileStorage' : 'StorageV2'
         largeFileSharesState: (storageSku == 'Standard_LRS') || (storageSku == 'Standard_ZRS') ? 'Enabled': 'Disabled'
         azureFilesIdentityBasedAuthentication: {
@@ -156,7 +155,7 @@ module storageAndFile '../../../../avm/1.0.0/res/storage/storage-account/main.bi
             defaultAction: 'Deny'
             virtualNetworkRules: []
             ipRules: []
-        } : {
+        }: {
             bypass: 'AzureServices'
             defaultAction: 'Deny'
             virtualNetworkRules: [

diff --git a/workload/scripts/DSCStorageScripts/1.0.2/Configuration.ps1 b/workload/scripts/DSCStorageScripts/1.0.2/Configuration.ps1
@@ -66,7 +66,7 @@ param
 
     [Parameter(Mandatory = $true)]
     [ValidateNotNullOrEmpty()]
-    [SecureString] $AdminUserPassword
+    [string] $AdminUserPassword
 )
 
 
@@ -132,15 +132,15 @@ Configuration DomainJoinFileShare
 
         [Parameter(Mandatory = $true)]
         [ValidateNotNullOrEmpty()]
-        [SecureString] $AdminUserPassword
+        [string] $AdminUserPassword
     )
 
     # Import the module that contains the File resource.
     Import-DscResource -ModuleName PsDesiredStateConfiguration
 
-    #$secStringPassword = ConvertTo-SecureString $AdminUserPassword #-AsPlainText -Force
-    #$AdminCred = New-Object System.Management.Automation.PSCredential ($AdminUserName, $secStringPassword)
-    $AdminCred = New-Object System.Management.Automation.PSCredential ($AdminUserName, $AdminUserPassword)
+    $secStringPassword = ConvertTo-SecureString $AdminUserPassword #-AsPlainText -Force
+    $AdminCred = New-Object System.Management.Automation.PSCredential ($AdminUserName, $secStringPassword)
+    # $AdminCred = New-Object System.Management.Automation.PSCredential ($AdminUserName, $AdminUserPassword)
 
     $ErrorActionPreference = 'Stop'
 

diff --git a/workload/scripts/DSCStorageScripts/1.0.2/DSCStorageScripts-secureString.zip b/workload/scripts/DSCStorageScripts/1.0.2/DSCStorageScripts-secureString.zip
diff --git a/workload/scripts/DSCStorageScripts/1.0.2/DSCStorageScripts.zip b/workload/scripts/DSCStorageScripts/1.0.2/DSCStorageScripts.zip