Skip to content

Commit

Permalink
AAD Renames (#62) (#66)
Browse files Browse the repository at this point in the history
* aad renames

* Update consumer guide

Co-authored-by: Jack Tracey <[email protected]>
  • Loading branch information
sebassem and jtracey93 authored Mar 25, 2024
1 parent 0c25c3f commit a45f223
Show file tree
Hide file tree
Showing 6 changed files with 39 additions and 12 deletions.
10 changes: 5 additions & 5 deletions .github/scripts/Wipe-AlzTenant.ps1
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
[CmdletBinding()]
param (
#Added this back into parameters as error occurs if multiple tenants are found when using Get-AzTenant
[Parameter(Mandatory = $true, Position = 1, HelpMessage = "Please the Insert Tenant ID (GUID) of your Azure AD tenant e.g.'f73a2b89-6c0e-4382-899f-ea227cd6b68f'")]
[Parameter(Mandatory = $true, Position = 1, HelpMessage = "Please the Insert Tenant ID (GUID) of your Microsoft Entra tenant e.g.'f73a2b89-6c0e-4382-899f-ea227cd6b68f'")]
[string]
$tenantRootGroupID = "<Insert the Tenant ID (GUID) of your Azure AD tenant>",
$tenantRootGroupID = "<Insert the Tenant ID (GUID) of your Microsoft Entra tenant>",

[Parameter(Mandatory = $true, Position = 2, HelpMessage = "Insert the name of your intermediate root Management Group e.g. 'Contoso'")]
[string]
Expand Down Expand Up @@ -52,12 +52,12 @@ $subDeployments | ForEach-Object -Parallel {
}


# Get all AAD Tenant level deployments
# Get all Microsoft Entra Tenant level deployments
$tenantDeployments = Get-AzTenantDeployment

Write-Information "Removing all Tenant level deployments"

# For each AAD Tenant level deployment, remove it
# For each Microsoft Entra Tenant level deployment, remove it
$tenantDeployments | ForEach-Object -Parallel {
Write-Information "Removing $($_.DeploymentName) ..."
Remove-AzTenantDeployment -Id $_.Id
Expand Down Expand Up @@ -99,4 +99,4 @@ $StopWatch.Stop()

# Display timer output as table
Write-Information "Time taken to complete task:"
$StopWatch.Elapsed | Format-Table
$StopWatch.Elapsed | Format-Table
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
>
> ℹ️ This module is also available on the Bicep Module Registry [here](https://github.com/Azure/bicep-registry-modules/tree/main/modules/lz/sub-vending). Examples also included in our [wiki examples](https://github.com/Azure/bicep-lz-vending/wiki/examples). ℹ️
The landing zone Bicep modules are designed to accelerate deployment of the individual landing zones (aka Subscriptions) within an Azure AD Tenant.
The landing zone Bicep modules are designed to accelerate deployment of the individual landing zones (aka Subscriptions) within an Microsoft Entra Tenant.

> See the different types of landing zones in the Azure Landing Zones documentation here: [What is an Azure landing zone? - Platform vs. application landing zones](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/#platform-vs-application-landing-zones)
Expand Down
31 changes: 29 additions & 2 deletions docs/wiki/ConsumerGuide.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,38 @@

## Background

This repository has been created to help customers and partners to create, deploy and deliver landing zone Subscriptions into an Azure AD Tenant utilizing [Bicep](https://aka.ms/bicep) as the Infrastructure-as-Code (IaC) tooling and language of choice.
This repository has been created to help customers and partners to create, deploy and deliver landing zone Subscriptions into an Microsoft Entra Tenant utilizing [Bicep](https://aka.ms/bicep) as the Infrastructure-as-Code (IaC) tooling and language of choice.

## Ways to Consume `bicep-lz-vending`

There are various ways to consume the Bicep modules included in `bicep-lz-vending`. The options are:
### Recommended Way to Consume

The recommend way is to consume the module directly from the [Bicep public registry](https://github.com/Azure/bicep-registry-modules/tree/main/modules/lz/sub-vending#examples)

```bicep
targetScope = 'managementGroup'
module sub001 'br/public:lz/sub-vending:1.5.1' = {
name: 'sub001'
params: {
subscriptionAliasEnabled: true
subscriptionBillingScope: '/providers/Microsoft.Billing/billingAccounts/1234567/enrollmentAccounts/123456'
subscriptionAliasName: 'sub-test-001'
subscriptionDisplayName: 'sub-test-001'
subscriptionTags: {
example: 'true'
}
subscriptionWorkload: 'Production'
subscriptionManagementGroupAssociationEnabled: true
subscriptionManagementGroupId: 'corp'
// Other parameter inputs available, see docs
}
}
```

### Other Ways to Consume

There are a number of other ways to consume the Bicep modules included in `bicep-lz-vending`. The options are:

- Creating your own GitHub Repository & Utilizing the `Invoke-GitHubReleaseFetcher.ps1` script & `gh-release-checker.yml` GitHub Action Workflow
- See detailed instruction on using this [below](#creating-your-own-github-repository--utilizing-the-invoke-githubreleasefetcherps1-script--gh-release-checkeryml-github-action-workflow)
Expand Down
2 changes: 1 addition & 1 deletion main.bicep
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ targetScope = 'managementGroup'

metadata name = '`main.bicep` Parameters'

metadata description = 'This module is designed to accelerate deployment of landing zones (aka Subscriptions) within an Azure AD Tenant.'
metadata description = 'This module is designed to accelerate deployment of landing zones (aka Subscriptions) within an Microsoft Entra Tenant.'

metadata details = '''These are the input parameters for the Bicep module: [`main.bicep`](./main.bicep)
Expand Down
2 changes: 1 addition & 1 deletion main.bicep.parameters.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# `main.bicep` Parameters

This module is designed to accelerate deployment of landing zones (aka Subscriptions) within an Azure AD Tenant.
This module is designed to accelerate deployment of landing zones (aka Subscriptions) within an Microsoft Entra Tenant.

## Parameters

Expand Down
4 changes: 2 additions & 2 deletions tests/pester/full.tests.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ Describe "Bicep Landing Zone (Sub) Vending Tests" {
}

Context "Role-Based Access Control Assignment Tests" {
It "Should Have a Role Assignment for an known AAD Group with the Reader role directly upon the Subscription" {
It "Should Have a Role Assignment for an known Microsoft Entra Group with the Reader role directly upon the Subscription" {
$iterationCount = 0
do {
$roleAssignment = Get-AzRoleAssignment -Scope "/subscriptions/$subId" -RoleDefinitionName "Reader" -ObjectId "7eca0dca-6701-46f1-b7b6-8b424dab50b3" -ErrorAction SilentlyContinue
Expand All @@ -80,7 +80,7 @@ Describe "Bicep Landing Zone (Sub) Vending Tests" {
$roleAssignment.scope | Should -Be "/subscriptions/$subId"
}

It "Should Have a Role Assignment for an known AAD Group with the Network Contributor role directly upon the Resource Group" {
It "Should Have a Role Assignment for an known Microsoft Entra Group with the Network Contributor role directly upon the Resource Group" {
$iterationCount = 0
do {
$roleAssignment = Get-AzRoleAssignment -Scope "/subscriptions/$subId/resourceGroups/rsg-$location-net-hs-pr-$prNumber" -RoleDefinitionName "Network Contributor" -ObjectId "7eca0dca-6701-46f1-b7b6-8b424dab50b3" -ErrorAction SilentlyContinue
Expand Down

0 comments on commit a45f223

Please sign in to comment.