Update password requirements to require only 12 characters (#585)

Azure · Dec 17, 2021 · 266c103 · 266c103
1 parent c9dbf8d
commit 266c103
Show file tree

Hide file tree

Showing 8 changed files with 36 additions and 38 deletions.
diff --git a/src/bicep/examples/remoteAccess/main.bicep b/src/bicep/examples/remoteAccess/main.bicep
@@ -32,7 +32,7 @@ param linuxVmAdminUsername string = 'azureuser'
 ])
 param linuxVmAuthenticationType string = 'password'
 @secure()
-@minLength(14)
+@minLength(12)
 param linuxVmAdminPasswordOrKey string
 
 param windowsNetworkInterfaceName string = 'windowsVmNetworkInterface'
@@ -42,7 +42,7 @@ param windowsVmName string = 'windowsVm'
 param windowsVmSize string = 'Standard_DS1_v2'
 param windowsVmAdminUsername string = 'azureuser'
 @secure()
-@minLength(14)
+@minLength(12)
 param windowsVmAdminPassword string
 param windowsVmPublisher string = 'MicrosoftWindowsServer'
 param windowsVmOffer string = 'WindowsServer'

diff --git a/src/bicep/examples/remoteAccess/main.json b/src/bicep/examples/remoteAccess/main.json
@@ -5,7 +5,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.4.1008.15138",
-      "templateHash": "10398940261016449040"
+      "templateHash": "1824009288413854506"
     }
   },
   "parameters": {
@@ -22,7 +22,7 @@
     "hubNetworkSecurityGroupResourceId": {
       "type": "string"
     },
-    "logAnalyticsWorkspaceId": {
+    "logAnalyticsWorkspaceResourceId": {
       "type": "string"
     },
     "bastionHostName": {
@@ -111,7 +111,7 @@
     },
     "linuxVmAdminPasswordOrKey": {
       "type": "secureString",
-      "minLength": 14
+      "minLength": 12
     },
     "windowsNetworkInterfaceName": {
       "type": "string",
@@ -139,7 +139,7 @@
     },
     "windowsVmAdminPassword": {
       "type": "secureString",
-      "minLength": 14
+      "minLength": 12
     },
     "windowsVmPublisher": {
       "type": "string",
@@ -297,7 +297,7 @@
             "value": "[parameters('windowsVmStorageAccountType')]"
           },
           "logAnalyticsWorkspaceId": {
-            "value": "[parameters('logAnalyticsWorkspaceId')]"
+            "value": "[parameters('logAnalyticsWorkspaceResourceId')]"
           }
         },
         "template": {
@@ -307,7 +307,7 @@
             "_generator": {
               "name": "bicep",
               "version": "0.4.1008.15138",
-              "templateHash": "1148831067271080103"
+              "templateHash": "5159353539145495381"
             }
           },
           "parameters": {
@@ -393,7 +393,7 @@
             },
             "linuxVmAdminPasswordOrKey": {
               "type": "secureString",
-              "minLength": 14
+              "minLength": 12
             },
             "windowsNetworkInterfaceName": {
               "type": "string"
@@ -415,7 +415,7 @@
             },
             "windowsVmAdminPassword": {
               "type": "secureString",
-              "minLength": 14
+              "minLength": 12
             },
             "windowsVmPublisher": {
               "type": "string"
@@ -750,7 +750,7 @@
                     "_generator": {
                       "name": "bicep",
                       "version": "0.4.1008.15138",
-                      "templateHash": "16381556259285133052"
+                      "templateHash": "1923864005701002999"
                     }
                   },
                   "parameters": {
@@ -800,7 +800,7 @@
                     },
                     "adminPasswordOrKey": {
                       "type": "secureString",
-                      "minLength": 14
+                      "minLength": 12
                     },
                     "logAnalyticsWorkspaceId": {
                       "type": "string"
@@ -871,14 +871,14 @@
                         "typeHandlerVersion": "1.4"
                       },
                       "dependsOn": [
-                        "[resourceId('Microsoft.Compute/virtualMachines/extensions', split(format('{0}/Microsoft.Azure.AzurePolicyforLinux', parameters('name')), '/')[0], split(format('{0}/Microsoft.Azure.AzurePolicyforLinux', parameters('name')), '/')[1])]",
+                        "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('name'), 'AzurePolicyforLinux')]",
                         "[resourceId('Microsoft.Compute/virtualMachines', parameters('name'))]"
                       ]
                     },
                     {
                       "type": "Microsoft.Compute/virtualMachines/extensions",
-                      "apiVersion": "2020-06-01",
-                      "name": "[format('{0}/Microsoft.Azure.AzurePolicyforLinux', parameters('name'))]",
+                      "apiVersion": "2020-12-01",
+                      "name": "[format('{0}/{1}', parameters('name'), 'AzurePolicyforLinux')]",
                       "location": "[parameters('location')]",
                       "properties": {
                         "publisher": "Microsoft.GuestConfiguration",
@@ -1111,7 +1111,7 @@
                     "_generator": {
                       "name": "bicep",
                       "version": "0.4.1008.15138",
-                      "templateHash": "5398822015781472627"
+                      "templateHash": "18222194463697657474"
                     }
                   },
                   "parameters": {
@@ -1136,7 +1136,7 @@
                     },
                     "adminPassword": {
                       "type": "secureString",
-                      "minLength": 14
+                      "minLength": 12
                     },
                     "publisher": {
                       "type": "string"

diff --git a/src/bicep/form/mlz.portal.json b/src/bicep/form/mlz.portal.json
@@ -867,9 +867,7 @@
                     "password": "Specify an administrator password for the Windows virtual machine used to remote into the network."
                   },
                   "constraints": {
-                    "required": true,
-                    "customPasswordRegex": "^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{12,128}$",
-                    "customValidationMessage": "The password must be alphanumeric, contain at least 12 characters, and have at least 1 letter, 1 number and one special character."
+                    "required": true
                   },
                   "options": {
                     "hideConfirmation": false

diff --git a/src/bicep/mlz.bicep b/src/bicep/mlz.bicep
@@ -345,7 +345,7 @@ param linuxVmAuthenticationType string = 'password'
 
 @description('The administrator password or public SSH key for the Linux Virtual Machine to Azure Bastion remote into. See https://docs.microsoft.com/en-us/azure/virtual-machines/linux/faq#what-are-the-password-requirements-when-creating-a-vm- for password requirements.')
 @secure()
-@minLength(14)
+@minLength(12)
 param linuxVmAdminPasswordOrKey string = deployRemoteAccess ? '' : newGuid()
 
 @description('The size of the Linux Virtual Machine to Azure Bastion remote into. It defaults to "Standard_B2s".')
@@ -381,9 +381,9 @@ param linuxNetworkInterfacePrivateIPAddressAllocationMethod string = 'Dynamic'
 @description('The administrator username for the Windows Virtual Machine to Azure Bastion remote into. It defaults to "azureuser".')
 param windowsVmAdminUsername string = 'azureuser'
 
-@description('The administrator password the Windows Virtual Machine to Azure Bastion remote into. It must be > 14 characters in length. See https://docs.microsoft.com/en-us/azure/virtual-machines/windows/faq#what-are-the-password-requirements-when-creating-a-vm- for password requirements.')
+@description('The administrator password the Windows Virtual Machine to Azure Bastion remote into. It must be > 12 characters in length. See https://docs.microsoft.com/en-us/azure/virtual-machines/windows/faq#what-are-the-password-requirements-when-creating-a-vm- for password requirements.')
 @secure()
-@minLength(14)
+@minLength(12)
 param windowsVmAdminPassword string = deployRemoteAccess ? '' : newGuid()
 
 @description('The size of the Windows Virtual Machine to Azure Bastion remote into. It defaults to "Standard_DS1_v2".')

diff --git a/src/bicep/mlz.json b/src/bicep/mlz.json
@@ -5,7 +5,7 @@
     "_generator": {
       "name": "bicep",
       "version": "0.4.1124.51302",
-      "templateHash": "13546296569054440129"
+      "templateHash": "16835281694778509752"
     }
   },
   "parameters": {
@@ -577,7 +577,7 @@
     "linuxVmAdminPasswordOrKey": {
       "type": "secureString",
       "defaultValue": "[if(parameters('deployRemoteAccess'), '', newGuid())]",
-      "minLength": 14,
+      "minLength": 12,
       "metadata": {
         "description": "The administrator password or public SSH key for the Linux Virtual Machine to Azure Bastion remote into. See https://docs.microsoft.com/en-us/azure/virtual-machines/linux/faq#what-are-the-password-requirements-when-creating-a-vm- for password requirements."
       }
@@ -652,9 +652,9 @@
     "windowsVmAdminPassword": {
       "type": "secureString",
       "defaultValue": "[if(parameters('deployRemoteAccess'), '', newGuid())]",
-      "minLength": 14,
+      "minLength": 12,
       "metadata": {
-        "description": "The administrator password the Windows Virtual Machine to Azure Bastion remote into. It must be > 14 characters in length. See https://docs.microsoft.com/en-us/azure/virtual-machines/windows/faq#what-are-the-password-requirements-when-creating-a-vm- for password requirements."
+        "description": "The administrator password the Windows Virtual Machine to Azure Bastion remote into. It must be > 12 characters in length. See https://docs.microsoft.com/en-us/azure/virtual-machines/windows/faq#what-are-the-password-requirements-when-creating-a-vm- for password requirements."
       }
     },
     "windowsVmSize": {
@@ -4996,7 +4996,7 @@
             "_generator": {
               "name": "bicep",
               "version": "0.4.1124.51302",
-              "templateHash": "5493952578857184506"
+              "templateHash": "1358220533990268216"
             }
           },
           "parameters": {
@@ -5082,7 +5082,7 @@
             },
             "linuxVmAdminPasswordOrKey": {
               "type": "secureString",
-              "minLength": 14
+              "minLength": 12
             },
             "windowsNetworkInterfaceName": {
               "type": "string"
@@ -5104,7 +5104,7 @@
             },
             "windowsVmAdminPassword": {
               "type": "secureString",
-              "minLength": 14
+              "minLength": 12
             },
             "windowsVmPublisher": {
               "type": "string"
@@ -5436,7 +5436,7 @@
                     "_generator": {
                       "name": "bicep",
                       "version": "0.4.1124.51302",
-                      "templateHash": "6195638442308081265"
+                      "templateHash": "16581269896210557617"
                     }
                   },
                   "parameters": {
@@ -5486,7 +5486,7 @@
                     },
                     "adminPasswordOrKey": {
                       "type": "secureString",
-                      "minLength": 14
+                      "minLength": 12
                     },
                     "logAnalyticsWorkspaceId": {
                       "type": "string"
@@ -5795,7 +5795,7 @@
                     "_generator": {
                       "name": "bicep",
                       "version": "0.4.1124.51302",
-                      "templateHash": "10579512088546693511"
+                      "templateHash": "5877468865897065265"
                     }
                   },
                   "parameters": {
@@ -5820,7 +5820,7 @@
                     },
                     "adminPassword": {
                       "type": "secureString",
-                      "minLength": 14
+                      "minLength": 12
                     },
                     "publisher": {
                       "type": "string"

diff --git a/src/bicep/modules/linuxVirtualMachine.bicep b/src/bicep/modules/linuxVirtualMachine.bicep
@@ -18,7 +18,7 @@ param adminUsername string
 ])
 param authenticationType string
 @secure()
-@minLength(14)
+@minLength(12)
 param adminPasswordOrKey string
 
 var linuxConfiguration = {

diff --git a/src/bicep/modules/remoteAccess.bicep b/src/bicep/modules/remoteAccess.bicep
@@ -32,7 +32,7 @@ param linuxVmAdminUsername string
 ])
 param linuxVmAuthenticationType string
 @secure()
-@minLength(14)
+@minLength(12)
 param linuxVmAdminPasswordOrKey string
 
 param windowsNetworkInterfaceName string
@@ -43,7 +43,7 @@ param windowsVmName string
 param windowsVmSize string
 param windowsVmAdminUsername string
 @secure()
-@minLength(14)
+@minLength(12)
 param windowsVmAdminPassword string
 param windowsVmPublisher string
 param windowsVmOffer string

diff --git a/src/bicep/modules/windowsVirtualMachine.bicep b/src/bicep/modules/windowsVirtualMachine.bicep
@@ -7,7 +7,7 @@ param networkInterfaceName string
 param size string
 param adminUsername string
 @secure()
-@minLength(14)
+@minLength(12)
 param adminPassword string
 param publisher string
 param offer string