From c4528ccbbfda7b0e505215f707a20f5c37a52b73 Mon Sep 17 00:00:00 2001 From: Niranjan B Date: Mon, 4 Nov 2024 23:43:18 +0530 Subject: [PATCH 1/2] include EdgeDevice creation as part of Deployment --- .../create-cluster/azuredeploy.json | 74 ++++++++++++------- 1 file changed, 49 insertions(+), 25 deletions(-) diff --git a/quickstarts/microsoft.azurestackhci/create-cluster/azuredeploy.json b/quickstarts/microsoft.azurestackhci/create-cluster/azuredeploy.json index ecfceecd7c2f..49ddd4d70d56 100644 --- a/quickstarts/microsoft.azurestackhci/create-cluster/azuredeploy.json +++ b/quickstarts/microsoft.azurestackhci/create-cluster/azuredeploy.json @@ -1,5 +1,6 @@ { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "languageVersion": "2.0", "contentVersion": "1.0.0.0", "parameters": { "deploymentMode": { @@ -544,8 +545,8 @@ ] }, - "resources": [ - { + "resources":{ + "witnessStorageAcc" : { "type": "Microsoft.Storage/storageAccounts", "apiVersion": "2023-01-01", "name": "[parameters('clusterWitnessStorageAccountName')]", @@ -560,7 +561,7 @@ "minimumTlsVersion": "TLS1_2" } }, - { + "ARBSPNRoleAssignment":{ "type": "Microsoft.Resources/deployments", "apiVersion": "2021-04-01", "name": "[concat('MOC-ARB-Role-Assignment',guid(concat('MOCARB-SPN-Subscription-Scope-Role-Assignment',resourceGroup().id,parameters('location'), parameters('arbDeploymentSPNObjectID'))))]", @@ -571,24 +572,33 @@ "template": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", - "parameters": {}, + "parameters": { + "arbDeploymentSPNObjectID1": { + "type": "string" + } + }, "variables": {}, "resources": [ { "type": "Microsoft.Authorization/roleAssignments", "apiVersion": "2022-04-01", - "name": "[guid(concat('ARB-', parameters('arbDeploymentSPNObjectID')))]", + "name": "[guid(concat('ARB-', parameters('arbDeploymentSPNObjectID1')))]", "properties": { "mode": "Incremental", "roleDefinitionId": "[concat(subscription().id, '/providers/Microsoft.Authorization/roleDefinitions/', '7b1f81f9-4196-4058-8aae-762e593270df')]", - "principalId": "[parameters('arbDeploymentSPNObjectID')]" + "principalId": "[parameters('arbDeploymentSPNObjectID1')]" } } ] + }, + "parameters": { + "arbDeploymentSPNObjectID1": { + "value": "[parameters('arbDeploymentSPNObjectID')]" + } } } }, - { + "hcirproleassignment": { "type": "Microsoft.Authorization/roleAssignments", "apiVersion": "2022-04-01", "name": "[guid(concat('HCIRP-',resourceGroup().id, parameters('hciResourceProviderObjectID')))]", @@ -600,9 +610,22 @@ "description": "Azure Connected Machine Resource Manager role assignment to HCI Resource Provider" } }, - { + "edgeDevices" : { + "condition": "[equals(parameters('deploymentMode'), 'Validate')]", + "copy": { + "name": "edgeDeviceCopy", + "count": "[length(parameters('arcNodeResourceIds'))]" + }, + "type": "Microsoft.AzureStackHCI/edgeDevices", + "apiVersion": "[parameters('apiVersion')]", + "name": "default", + "scope": "[concat('Microsoft.HybridCompute/machines', '/', last(split(parameters('arcNodeResourceIds')[copyindex()], '/')))]", + "kind": "HCI", + "properties": {} + }, + "arcMachineRoleAssignment" :{ "copy": { - "name": "roleAssignmentCopy", + "name": "DVMroleAssignmentCopy", "count": "[length(parameters('arcNodeResourceIds'))]" }, "type": "Microsoft.Authorization/roleAssignments", @@ -616,9 +639,9 @@ "description": "[concat(substring(parameters('arcNodeResourceIds')[copyIndex()],lastIndexOf(parameters('arcNodeResourceIds')[copyIndex()],'/')),'- Azure Stack HCI Device Management Role')]" } }, - { + "ArcMachineKVRoleAssignment":{ "copy": { - "name": "roleAssignmentCopy", + "name": "KVroleAssignmentCopy", "count": "[length(parameters('arcNodeResourceIds'))]" }, "type": "Microsoft.Authorization/roleAssignments", @@ -632,9 +655,9 @@ "description": "[concat(substring(parameters('arcNodeResourceIds')[copyIndex()],lastIndexOf(parameters('arcNodeResourceIds')[copyIndex()],'/')),'- Key Vault Secrets User')]" } }, - { + "ArcMachineInfraVMRoleAssignment":{ "copy": { - "name": "roleAssignmentCopy", + "name": "IfraVMroleAssignmentCopy", "count": "[length(parameters('arcNodeResourceIds'))]" }, "type": "Microsoft.Authorization/roleAssignments", @@ -648,7 +671,7 @@ "description": "[concat(substring(parameters('arcNodeResourceIds')[copyIndex()],lastIndexOf(parameters('arcNodeResourceIds')[copyIndex()],'/')),'- Azure Stack HCI Connected InfraVMs')]" } }, - { + "StorageAccountConfigurations":{ "type": "Microsoft.Storage/storageAccounts", "apiVersion": "2023-01-01", "name": "[parameters('diagnosticStorageAccountName')]", @@ -668,7 +691,7 @@ } } }, - { + "KVConfigurations":{ "type": "Microsoft.KeyVault/vaults", "apiVersion": "2021-06-01-preview", "name": "[parameters('keyVaultName')]", @@ -694,7 +717,7 @@ } } }, - { + "KVDiagnosticsConfig":{ "type": "Microsoft.KeyVault/vaults/providers/diagnosticsettings", "name": "[concat(parameters('keyVaultName'), '/Microsoft.Insights/service')]", "apiVersion": "2016-09-01", @@ -718,13 +741,14 @@ ] } }, - { + "HCICluster":{ "condition": "[equals(parameters('deploymentMode'), 'Validate')]", "type": "Microsoft.AzureStackHCI/clusters", "apiVersion": "[parameters('apiVersion')]", "name": "[parameters('clusterName')]", "dependsOn": [ - "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" + "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]", + "edgeDevices" ], "identity": { "type": "SystemAssigned" @@ -732,7 +756,7 @@ "location": "[parameters('location')]", "properties": {} }, - { + "KVDomainAdminSecret":{ "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', variables('domainAdminSecretName'))]", @@ -749,7 +773,7 @@ } } }, - { + "KVLocalAdminSecret":{ "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', variables('LocalAdminCredentialSecretName'))]", @@ -766,7 +790,7 @@ } } }, - { + "KVARBSPNSecret":{ "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', variables('arbDeploymentSpnSecretName'))]", @@ -783,7 +807,7 @@ } } }, - { + "KVWitnessSecret":{ "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', variables('storageWitnessSecretName'))]", @@ -800,7 +824,7 @@ } } }, - { + "KVPartnerCreds":{ "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', parameters('partnerCredentialList')[copyIndex()].secretName)]", @@ -821,7 +845,7 @@ } } }, - { + "DeploymentSettings": { "type": "microsoft.azurestackhci/clusters/deploymentSettings", "apiVersion": "[parameters('apiVersion')]", "name": "[format('{0}/default', parameters('clusterName'))]", @@ -908,5 +932,5 @@ } } } - ] +} } \ No newline at end of file From 0e595162f5c90d204741293145c47e2490fc575c Mon Sep 17 00:00:00 2001 From: Niranjan B Date: Tue, 5 Nov 2024 11:11:52 +0530 Subject: [PATCH 2/2] add dependency for safety --- .../microsoft.azurestackhci/create-cluster/azuredeploy.json | 3 +++ 1 file changed, 3 insertions(+) diff --git a/quickstarts/microsoft.azurestackhci/create-cluster/azuredeploy.json b/quickstarts/microsoft.azurestackhci/create-cluster/azuredeploy.json index 49ddd4d70d56..6b85304129c2 100644 --- a/quickstarts/microsoft.azurestackhci/create-cluster/azuredeploy.json +++ b/quickstarts/microsoft.azurestackhci/create-cluster/azuredeploy.json @@ -612,6 +612,9 @@ }, "edgeDevices" : { "condition": "[equals(parameters('deploymentMode'), 'Validate')]", + "dependsOn": [ + "hcirproleassignment" + ], "copy": { "name": "edgeDeviceCopy", "count": "[length(parameters('arcNodeResourceIds'))]"