settings.yaml

common_tags:
  Program: MyLab
  Owner: smithdavid
  Department: "US CS FSI COGS"

core_tags:
  Environment: "Core"

prod_tags:
  Environment: "Prod"

dev_tags:
  Environment: "Dev"

adds:
  ussc-adds-ip_address: ["10.0.0.68"] # Add more IP addresses to create more domain controllers
  euw-adds-ip_address: ["10.1.0.68"] # Add more IP addresses to create more domain controllers
  publisher: MicrosoftWindowsServer
  offer: WindowsServer
  sku: 2019-Datacenter
  version: latest
  vm_size: Standard_B2s
  admin_username: azadmin

ckalab:
  ussc-ckalab-ip_address: ["10.0.4.4", "10.0.4.5", "10.0.4.6", "10.0.4.7"] # Add more IP addresses to create more domain controllers
  publisher: OpenLogic
  offer: CentOS
  sku: 7.7
  version: latest
  vm_size: Standard_Ds2_v2
  admin_username: azroot

loganalytics:
  monitor_solutions:
    [
      ADReplication,
      ADAssessment,
      AntiMalware,
      AgentHealthAssessment,
      Updates,
      NetworkMonitoring,
      KeyVaultAnalytics,
      ServiceDesk,
      AzureActivity,
      AzureAutomation,
      AzureSQLAnalytics,
      ChangeTracking,
      Security,
    ]

policies:
  policy0:
    name: "Enable Azure Monitor for VMs - EUW"
    policy_id: "/providers/Microsoft.Authorization/policySetDefinitions/55f3eceb-5573-4f18-9695-226972c6d74a"
    parameters: '{"logAnalytics_1": {"value": "/subscriptions/a086e6e3-3a0f-45fb-aa14-1d53e4308040/resourcegroups/rg-euw-core-log/providers/microsoft.operationalinsights/workspaces/euw-core-log"}}'
    location: "westeurope"
    identity: true
  policy1:
    name: "Enable Azure Monitor for VMs - USSC"
    policy_id: "/providers/Microsoft.Authorization/policySetDefinitions/55f3eceb-5573-4f18-9695-226972c6d74a"
    parameters: '{"logAnalytics_1": {"value": "/subscriptions/a086e6e3-3a0f-45fb-aa14-1d53e4308040/resourcegroups/rg-ussc-core-log/providers/microsoft.operationalinsights/workspaces/ussc-core-log"}}'
    location: "southcentralus"
    identity: true
  policy2:
    name: "Storage accounts should restrict network access"
    policy_id: "/providers/Microsoft.Authorization/policyDefinitions/2a1a9cdf-e04d-429a-8416-3bfb72a1b26f"
    parameters: null
    location: ""
    identity: false
  policy3:
    name: "Allowed virtual machine size SKUs"
    policy_id: "/providers/Microsoft.Authorization/policyDefinitions/cccc23c7-8427-4f53-ad12-b6a63eb452b3"
    parameters: '{"listOfAllowedSKUs": {"value": ["Standard_D2s_V3","Standard_B2s"]}}'
    location: ""
    identity: false