Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Sub ID array for Role assignment #76

Merged
merged 4 commits into from
Mar 16, 2021
Merged

Implement Sub ID array for Role assignment #76

merged 4 commits into from
Mar 16, 2021

Conversation

Phydeauxman
Copy link
Contributor

Description

  • Added code to create sub id array
  • Modified service principal role assignment code to use the sub array ensuring that role assignment is only attempted once per unique sub ID
  • Updated bullet numbering in README

Issue reference

The issue this PR will close: #75

Checklist

Please make sure you've completed the relevant tasks for this PR, out of the following list:

  • Code compiles or validates correctly
  • BASH scripts have been validated using shellcheck
  • All tests pass (manual and automated)
  • The documentation is updated to cover any new or changed features
  • Markdown files have been linted using the recommended linter. (See .vscode/extensions.json.)
  • Relevant issues are linked to this PR

@Phydeauxman
- Updated bullet numbering in README
f75a413 
- Added code to create sub id array
glennmusa
glennmusa reviewed Mar 12, 2021
View reviewed changes
README.md Outdated Show resolved Hide resolved
glennmusa
glennmusa reviewed Mar 12, 2021
View reviewed changes
Copy link
Contributor

@glennmusa glennmusa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Everything seems to work. I added some feedback for your consideration and think we can suppress the WARNING when creating the service principal.

Dunno if there are conflicts, but be sure to take care when merging your other open PR that is approved and not yet merged.

scripts/config/mlz_config_create.sh Outdated Show resolved Hide resolved
@Phydeauxman Phydeauxman merged commit c439941 into main Mar 16, 2021
@Phydeauxman Phydeauxman deleted the byboudre/subid_array branch March 16, 2021 13:53
Breanna-Stryker added a commit that referenced this pull request Mar 19, 2021
@Breanna-Stryker @glennmusa
@Phydeauxman @brooke-hamilton
Uptake current work (#91)
b8114aa 
* add the shellcheck extension to the devcontainer (#70)

Co-authored-by: Glenn Musa <glennmusa@users.noreply.github.com>

* Enable Azure Security Center in MLZ subscriptions (#55)

* Updated documentation in script

* - Added execution flag to shell scripts
- Added configure_asc.sh script
- Added code to create subs array to mlz_tf_setup.sh
- Added code to call configure_asc.sh from mlz_tf_setup.sh

* - Added executable flag to unzipprovider.sh script

* - Added executable flag to check scripts

* - Updated loop code for workspace setting

* - Created folder for ASC scripts
- Copied generate_names.sh script into ASC folder

* - Removed ASC calling code from setup script
- Updated naming in asc script
- Added ASC naming to generate script

* - Moved LAWS name generation into generate names
- Moved generate names call into loop
- Updated wait loop to use variables

* - Removed message for elapsed time
- Added quotes consistently for echo's

* - Updated Copyright statement
- Added set -e
- Modified variables to use env & location from vars file

* - Corrected counter logic
- Corrected description in names script

* output number of attempts remaining

* add a comment that this may fail

* - Removed creater comment

* unusually typo

Co-authored-by: Glenn Musa <glennmusa@users.noreply.github.com>

* Add persona and business justification to the Issue template (#73)

* issue template update

* Implement error handling into shell scripts (#72)

* - Added error handling to configure_asc script
- Suppressed "create" output in configure_asc script

* - Added error handling to config_create script
- Remove commented lines from configure_asc script

* - Added error handling to config_validate script

* - Added error handling to get_sp_identity script
- Corrected SP lookup

* - Added error handling to mlz_config_create script

* - Updated echo lines

* Implement Sub ID array for Role assignment (#76)

* - Updated bullet numbering in README
- Added code to create sub id array

* - Reverted numbering changes made to README.md

* - Added description of sed command

* - Added parameter to suppress WARNING on sp create

* Remove providers (#84)

* use azurerm 2.50 in src/core

* removing provider files

* updates to readme and scripts for local providers

* set tf provider folder

Co-authored-by: Glenn Musa <glennmusa@users.noreply.github.com>

* unique diagnostic settings names (#82)

Co-authored-by: Glenn Musa <glennmusa@users.noreply.github.com>

* move scripts to src/scripts (#87)

* add a workflow for apply and destroy terraform (#83)

* add retries for apply and destroy

* update readmes

Co-authored-by: Glenn Musa <4622125+glennmusa@users.noreply.github.com>
Co-authored-by: Glenn Musa <glennmusa@users.noreply.github.com>
Co-authored-by: Byron Boudreaux <16844071+Phydeauxman@users.noreply.github.com>
Co-authored-by: Brooke Hamilton <45323234+brooke-hamilton@users.noreply.github.com>
Co-authored-by: Breanna-Stryker <>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@glennmusa glennmusa glennmusa approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Apply role assignment to Service Principal only once per sub
2 participants
@Phydeauxman @glennmusa