Comments (4)
Hey @ealtili I like this idea! What do you think about generating bicep templates containing the policies resulting from the queries, so that folks can deploy them to their subscriptions?
from review-checklists.
Hi @erjosito Indeed this is what I was going to recommend as well. Deploying policies using Bicep Deployment Stacks
So we can have folder Structure
- Policy
- PolicySet
- PolicyDefinition
- PolicyAssignment
I can create this bicep structure and make a pull request.
I appreciate If you let me know to use an existing branch to use or I can create a branch and make a pull request.
Once we create policy structure we can also discuss about incorporating Azure Well Architected review tool Basically then may be for each service it can be aligned with the checklist.
from review-checklists.
Do you think it is going to be feasible creating the bicep files automatically from the ARG queries in the JSON checklists? I would probably have that in a branch, before the automation works.
from review-checklists.
Hey I have been having a look at https://github.com/robinchapas/ConvertToPolicy/blob/master/GraphToPolicy.ps1, and finding some challenges here:
- The REST API
/providers/Microsoft.ResourceGraph/resources/policy
doesn't seem to be documented in https://learn.microsoft.com/rest/api/azure-resourcegraph/. - I am getting the error message
The query returned an error. Adjust the query directly with Resource Graph to validate expected results, then try again
, but without docs it is hard to troubleshoot. - In any case, the queries stored in the checklist need to be massaged, since they return the extended field
compliant
, which needs to be changed into a valid rule for policies.
from review-checklists.
Related Issues (20)
- Include WAF Pillar in AVS checklist
- [DOCS] Fix grammatical errors in the README file HOT 1
- ARO checklist - having incorrect reference URL & remove default access HOT 1
- Graph query missing from AKV check for soft-delete and purge-protection
- Feature: Adding contributors section to the README.md file. HOT 3
- Individual WAF checklists disappeared from spreadsheet HOT 3
- Azure Lighthouse missing HOT 2
- Duplicate GUIDs HOT 2
- checklist_graph.sh uses a static tree ID
- Import WAF checklists - support for non-English versions HOT 2
- Dashboard metrics misalignment.
- JSON files should be validated according to the schema file automatically on every PR
- Add severity field to the cost checklist
- Resource Organization CheckList Item Error HOT 4
- IoT checklist consolidation? HOT 2
- WAF creation script erroring out
- Duplicate ID (Network Topology and Connectivity) HOT 5
- D09.04 - Link to incorrect data HOT 3
- unable to use checklist_graph HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from review-checklists.