azure-quickstart-templates
azure-policy
Our great sponsors
| azure-quickstart-templates | azure-policy | |
|---|---|---|
| 42 | 9 | |
| 13,691 | 1,427 | |
| 0.7% | 1.8% | |
| 9.9 | 8.1 | |
| 4 days ago | 8 days ago | |
| Bicep | Open Policy Agent | |
| MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
azure-quickstart-templates
- Instantly Deploy BrowserBox on Azure Cloud – open-source isolated browser
- Deploy BrowserBox from an Azure Quickstart Template
- Chef extension for Azure VM
-
Chef extension for Azure VM in Bicep
I found a quick start template for this in Arm, I’m sure if you just decompile the ARM json it will give you a good heads start on how it should work.
-
Bicep: Cyclical Dependency Issue (Network resources)
There is a GitHub issue regarding this topic - https://github.com/Azure/azure-quickstart-templates/issues/2786
- Struggling to understand "_artifactsLocation" parameter when using ARM templates
-
Removing secondary disk
I'm using this video (https://www.youtube.com/watch?v=J4NCvIMuzVE) as a guide to start building out Windows VM's, and running into some questions. I'm trying to use the template located here ( azure-quickstart-templates/quickstarts/microsoft.compute/vm-simple-windows at master · Azure/azure-quickstart-templates (github.com)).
- The yaml document from hell
-
ARM / Bicep template development just by hand?
You can use quick start templates (https://github.com/Azure/azure-quickstart-templates/) as a starting point, but not all examples are bicep ready yet. But those can be easily converted to bicep.
-
SFTP for Azure Blob Storage Generally Available - Pricing
I think it was this one https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.containerinstance/aci-sftp-files-existing-storage and this https://github.com/Azure/azure-quickstart-templates/tree/master/quickstarts/microsoft.containerinstance/aci-sftp-files
azure-policy
- VMSS Azure Policy Compliance
-
Automation as key to cloud adoption success
Reference: https://github.com/Azure/azure-policy
-
Favorite cloud provider governance tips and tricks?
I just came across this post over in the Azure subreddit and it gave me a good idea on one way to deal with rogue Azure subscriptions - just have them default into a Management Group where a policy is in-place that basically denies use of any and all services.
-
How can we stop random users in our on-prem AD from creating new Azure subscriptions?
Oooo, that's a nice trick for the use of the root management group which usually has best practice to leave empty. I like that a lot! Could maybe pair that with the "deny all resource types" policy sample, and then even if someone does create a new subscription it's pretty much 100% neutered until someone pulls it out of the root management group and places it somewhere else.
-
Architecture on Decommission huge list of old Azure servers
Found a 2018 Github article - https://github.com/Azure/azure-policy/issues/102
-
Public assets
MS Repo https://github.com/Azure/azure-policy/tree/master/built-in-policies/policyDefinitions
-
How can I resolve this Security center recommendation: "Replace a process level token"
I can see here that is expecting azure-policy/AzureWindowsBaseline.mof at master · Azure/azure-policy · GitHub: "LOCAL SERVICE, NETWORK SERVICE". However, that would exclude the web app pools.
-
Iron Dome = 'Security Policies' at scale for your Multi-Cloud accounts
Azure shared with us a GitHub repository contains built-in samples of Azure Policies that can be used as reference for creating and assigning policies to your subscriptions and resource groups.
-
Compliance with policy or blueprints?
The only real way you'll be able to do this is via an Azure Policy, alongside a deny effect - where your policy would restrict based on the type field, with the values passed in via an array parameter (example)
What are some alternatives?
bicep - Bicep is a declarative language for describing and deploying Azure resources
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.
photoprism-auto-index - Photoprism supercharged with originals folder auto indexing
balanced-employee-ip-agreement - GitHub's employee intellectual property agreement, open sourced and reusable
f5-azure-arm-templates - Azure Resource Manager Templates for quickly deploying BIG-IP services in Azure
shellharden - The corrective bash syntax highlighter
Enterprise-Scale - The Azure Landing Zones (Enterprise-Scale) architecture provides prescriptive guidance coupled with Azure best practices, and it follows design principles across the critical design areas for organizations to define their Azure architecture
opal - Fork of https://github.com/permitio/opal
protonmail-bridge-docker - ProtonMail IMAP/SMTP Bridge Docker container
Community-Policy - This repo is for Microsoft Azure customers and Microsoft teams to collaborate in making custom policies.
opnazure - This template allows you to deploy an OPNsense Firewall Azure VM using the opnsense-bootsrtap installation method
Certified-Kubernetes-Security-Specialist - Curated resources help you prepare for the CNCF/Linux Foundation CKS 2021 "Kubernetes Certified Security Specialist" Certification exam. Please provide feedback or requests by raising issues, or making a pull request. All feedback for improvements are welcome. thank you.