From e9db68708de19c04bd8704942d54e50fc6755c74 Mon Sep 17 00:00:00 2001 From: Marvin Buss Date: Tue, 29 Jun 2021 18:42:31 +0200 Subject: [PATCH 1/7] Added Stream Analytics Custom Policies --- .../armTemplates/auxiliary/policies.json | 106 ++++++++++++++++++ .../armTemplates/auxiliary/policies.json | 106 ++++++++++++++++++ .../armTemplates/auxiliary/policies.json | 106 ++++++++++++++++++ .../armTemplates/auxiliary/policies.json | 106 ++++++++++++++++++ 4 files changed, 424 insertions(+) diff --git a/docs/reference/adventureworks/armTemplates/auxiliary/policies.json b/docs/reference/adventureworks/armTemplates/auxiliary/policies.json index 08fe691717..ac43054c25 100644 --- a/docs/reference/adventureworks/armTemplates/auxiliary/policies.json +++ b/docs/reference/adventureworks/armTemplates/auxiliary/policies.json @@ -18081,6 +18081,112 @@ } }, "name": "Deny-MachineLearning-ComputeCluster-Scale" + }, + { + "properties": { + "displayName": "Deny-StreamAnalytics-ClusterId", + "policyType": "Custom", + "mode": "Indexed", + "description": "Enforces use of stram analytics cluster.", + "metadata": { + "version": "1.0.0", + "category": "Stream Analytics" + }, + "parameters": { + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Enable or disable the execution of the policy" + }, + "allowedValues": [ + "Audit", + "Disabled", + "Deny" + ], + "defaultValue": "Deny" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "anyOf": [ + { + "field": "Microsoft.StreamAnalytics/streamingjobs/cluster.id", + "exists": false + }, + { + "value": "[[empty(field('Microsoft.StreamAnalytics/streamingjobs/cluster.id'))]", + "equals": true + } + ] + } + ] + }, + "then": { + "effect": "[[parameters('effect')]" + } + } + }, + "name": "Deny-StreamAnalytics-ClusterId" + }, + { + "properties": { + "displayName": "Deny-StreamAnalytics-ClusterId", + "policyType": "Custom", + "mode": "Indexed", + "description": "Enforces use of stram analytics cluster.", + "metadata": { + "version": "1.0.0", + "category": "Stream Analytics" + }, + "parameters": { + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Enable or disable the execution of the policy" + }, + "allowedValues": [ + "Audit", + "Disabled", + "Deny" + ], + "defaultValue": "Deny" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "anyOf": [ + { + "field": "Microsoft.StreamAnalytics/streamingjobs/cluster.id", + "exists": false + }, + { + "value": "[[empty(field('Microsoft.StreamAnalytics/streamingjobs/cluster.id'))]", + "equals": true + } + ] + } + ] + }, + "then": { + "effect": "[[parameters('effect')]" + } + } + }, + "name": "Deny-StreamAnalytics-ClusterId" } ] }, diff --git a/docs/reference/contoso/armTemplates/auxiliary/policies.json b/docs/reference/contoso/armTemplates/auxiliary/policies.json index 08fe691717..ac43054c25 100644 --- a/docs/reference/contoso/armTemplates/auxiliary/policies.json +++ b/docs/reference/contoso/armTemplates/auxiliary/policies.json @@ -18081,6 +18081,112 @@ } }, "name": "Deny-MachineLearning-ComputeCluster-Scale" + }, + { + "properties": { + "displayName": "Deny-StreamAnalytics-ClusterId", + "policyType": "Custom", + "mode": "Indexed", + "description": "Enforces use of stram analytics cluster.", + "metadata": { + "version": "1.0.0", + "category": "Stream Analytics" + }, + "parameters": { + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Enable or disable the execution of the policy" + }, + "allowedValues": [ + "Audit", + "Disabled", + "Deny" + ], + "defaultValue": "Deny" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "anyOf": [ + { + "field": "Microsoft.StreamAnalytics/streamingjobs/cluster.id", + "exists": false + }, + { + "value": "[[empty(field('Microsoft.StreamAnalytics/streamingjobs/cluster.id'))]", + "equals": true + } + ] + } + ] + }, + "then": { + "effect": "[[parameters('effect')]" + } + } + }, + "name": "Deny-StreamAnalytics-ClusterId" + }, + { + "properties": { + "displayName": "Deny-StreamAnalytics-ClusterId", + "policyType": "Custom", + "mode": "Indexed", + "description": "Enforces use of stram analytics cluster.", + "metadata": { + "version": "1.0.0", + "category": "Stream Analytics" + }, + "parameters": { + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Enable or disable the execution of the policy" + }, + "allowedValues": [ + "Audit", + "Disabled", + "Deny" + ], + "defaultValue": "Deny" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "anyOf": [ + { + "field": "Microsoft.StreamAnalytics/streamingjobs/cluster.id", + "exists": false + }, + { + "value": "[[empty(field('Microsoft.StreamAnalytics/streamingjobs/cluster.id'))]", + "equals": true + } + ] + } + ] + }, + "then": { + "effect": "[[parameters('effect')]" + } + } + }, + "name": "Deny-StreamAnalytics-ClusterId" } ] }, diff --git a/docs/reference/treyresearch/armTemplates/auxiliary/policies.json b/docs/reference/treyresearch/armTemplates/auxiliary/policies.json index 08fe691717..ac43054c25 100644 --- a/docs/reference/treyresearch/armTemplates/auxiliary/policies.json +++ b/docs/reference/treyresearch/armTemplates/auxiliary/policies.json @@ -18081,6 +18081,112 @@ } }, "name": "Deny-MachineLearning-ComputeCluster-Scale" + }, + { + "properties": { + "displayName": "Deny-StreamAnalytics-ClusterId", + "policyType": "Custom", + "mode": "Indexed", + "description": "Enforces use of stram analytics cluster.", + "metadata": { + "version": "1.0.0", + "category": "Stream Analytics" + }, + "parameters": { + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Enable or disable the execution of the policy" + }, + "allowedValues": [ + "Audit", + "Disabled", + "Deny" + ], + "defaultValue": "Deny" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "anyOf": [ + { + "field": "Microsoft.StreamAnalytics/streamingjobs/cluster.id", + "exists": false + }, + { + "value": "[[empty(field('Microsoft.StreamAnalytics/streamingjobs/cluster.id'))]", + "equals": true + } + ] + } + ] + }, + "then": { + "effect": "[[parameters('effect')]" + } + } + }, + "name": "Deny-StreamAnalytics-ClusterId" + }, + { + "properties": { + "displayName": "Deny-StreamAnalytics-ClusterId", + "policyType": "Custom", + "mode": "Indexed", + "description": "Enforces use of stram analytics cluster.", + "metadata": { + "version": "1.0.0", + "category": "Stream Analytics" + }, + "parameters": { + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Enable or disable the execution of the policy" + }, + "allowedValues": [ + "Audit", + "Disabled", + "Deny" + ], + "defaultValue": "Deny" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "anyOf": [ + { + "field": "Microsoft.StreamAnalytics/streamingjobs/cluster.id", + "exists": false + }, + { + "value": "[[empty(field('Microsoft.StreamAnalytics/streamingjobs/cluster.id'))]", + "equals": true + } + ] + } + ] + }, + "then": { + "effect": "[[parameters('effect')]" + } + } + }, + "name": "Deny-StreamAnalytics-ClusterId" } ] }, diff --git a/docs/reference/wingtip/armTemplates/auxiliary/policies.json b/docs/reference/wingtip/armTemplates/auxiliary/policies.json index 08fe691717..ac43054c25 100644 --- a/docs/reference/wingtip/armTemplates/auxiliary/policies.json +++ b/docs/reference/wingtip/armTemplates/auxiliary/policies.json @@ -18081,6 +18081,112 @@ } }, "name": "Deny-MachineLearning-ComputeCluster-Scale" + }, + { + "properties": { + "displayName": "Deny-StreamAnalytics-ClusterId", + "policyType": "Custom", + "mode": "Indexed", + "description": "Enforces use of stram analytics cluster.", + "metadata": { + "version": "1.0.0", + "category": "Stream Analytics" + }, + "parameters": { + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Enable or disable the execution of the policy" + }, + "allowedValues": [ + "Audit", + "Disabled", + "Deny" + ], + "defaultValue": "Deny" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "anyOf": [ + { + "field": "Microsoft.StreamAnalytics/streamingjobs/cluster.id", + "exists": false + }, + { + "value": "[[empty(field('Microsoft.StreamAnalytics/streamingjobs/cluster.id'))]", + "equals": true + } + ] + } + ] + }, + "then": { + "effect": "[[parameters('effect')]" + } + } + }, + "name": "Deny-StreamAnalytics-ClusterId" + }, + { + "properties": { + "displayName": "Deny-StreamAnalytics-ClusterId", + "policyType": "Custom", + "mode": "Indexed", + "description": "Enforces use of stram analytics cluster.", + "metadata": { + "version": "1.0.0", + "category": "Stream Analytics" + }, + "parameters": { + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Enable or disable the execution of the policy" + }, + "allowedValues": [ + "Audit", + "Disabled", + "Deny" + ], + "defaultValue": "Deny" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "anyOf": [ + { + "field": "Microsoft.StreamAnalytics/streamingjobs/cluster.id", + "exists": false + }, + { + "value": "[[empty(field('Microsoft.StreamAnalytics/streamingjobs/cluster.id'))]", + "equals": true + } + ] + } + ] + }, + "then": { + "effect": "[[parameters('effect')]" + } + } + }, + "name": "Deny-StreamAnalytics-ClusterId" } ] }, From 47cf3cd5584b65b3d1c4788397b98ec988e23e32 Mon Sep 17 00:00:00 2001 From: Marvin Buss Date: Thu, 26 Aug 2021 12:36:54 +0200 Subject: [PATCH 2/7] update to be consistent with eslz --- .../policyDefinitions/policies.json | 106 ------------------ 1 file changed, 106 deletions(-) diff --git a/eslzArm/managementGroupTemplates/policyDefinitions/policies.json b/eslzArm/managementGroupTemplates/policyDefinitions/policies.json index 03d5c34f5f..ae57164bc4 100644 --- a/eslzArm/managementGroupTemplates/policyDefinitions/policies.json +++ b/eslzArm/managementGroupTemplates/policyDefinitions/policies.json @@ -14412,112 +14412,6 @@ } }, "name": "Deny-MachineLearning-ComputeCluster-Scale" - }, - { - "properties": { - "displayName": "Deny-StreamAnalytics-ClusterId", - "policyType": "Custom", - "mode": "Indexed", - "description": "Enforces use of stram analytics cluster.", - "metadata": { - "version": "1.0.0", - "category": "Stream Analytics" - }, - "parameters": { - "effect": { - "type": "String", - "metadata": { - "displayName": "Effect", - "description": "Enable or disable the execution of the policy" - }, - "allowedValues": [ - "Audit", - "Disabled", - "Deny" - ], - "defaultValue": "Deny" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "field": "type", - "equals": "Microsoft.StreamAnalytics/streamingjobs" - }, - { - "anyOf": [ - { - "field": "Microsoft.StreamAnalytics/streamingjobs/cluster.id", - "exists": false - }, - { - "value": "[[empty(field('Microsoft.StreamAnalytics/streamingjobs/cluster.id'))]", - "equals": true - } - ] - } - ] - }, - "then": { - "effect": "[[parameters('effect')]" - } - } - }, - "name": "Deny-StreamAnalytics-ClusterId" - }, - { - "properties": { - "displayName": "Deny-StreamAnalytics-ClusterId", - "policyType": "Custom", - "mode": "Indexed", - "description": "Enforces use of stram analytics cluster.", - "metadata": { - "version": "1.0.0", - "category": "Stream Analytics" - }, - "parameters": { - "effect": { - "type": "String", - "metadata": { - "displayName": "Effect", - "description": "Enable or disable the execution of the policy" - }, - "allowedValues": [ - "Audit", - "Disabled", - "Deny" - ], - "defaultValue": "Deny" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "field": "type", - "equals": "Microsoft.StreamAnalytics/streamingjobs" - }, - { - "anyOf": [ - { - "field": "Microsoft.StreamAnalytics/streamingjobs/cluster.id", - "exists": false - }, - { - "value": "[[empty(field('Microsoft.StreamAnalytics/streamingjobs/cluster.id'))]", - "equals": true - } - ] - } - ] - }, - "then": { - "effect": "[[parameters('effect')]" - } - } - }, - "name": "Deny-StreamAnalytics-ClusterId" } ] }, From 394820b5fdc28a6f7c8548f2e833fbf70ad06aca Mon Sep 17 00:00:00 2001 From: Marvin Buss Date: Thu, 26 Aug 2021 14:03:09 +0200 Subject: [PATCH 3/7] synch with azure main --- .../armTemplates/auxiliary/policies.json | 106 ------------------ 1 file changed, 106 deletions(-) diff --git a/docs/reference/treyresearch/armTemplates/auxiliary/policies.json b/docs/reference/treyresearch/armTemplates/auxiliary/policies.json index 45ea896b94..1fc396dfa9 100644 --- a/docs/reference/treyresearch/armTemplates/auxiliary/policies.json +++ b/docs/reference/treyresearch/armTemplates/auxiliary/policies.json @@ -18097,112 +18097,6 @@ } }, "name": "Deny-MachineLearning-ComputeCluster-Scale" - }, - { - "properties": { - "displayName": "Deny-StreamAnalytics-ClusterId", - "policyType": "Custom", - "mode": "Indexed", - "description": "Enforces use of stram analytics cluster.", - "metadata": { - "version": "1.0.0", - "category": "Stream Analytics" - }, - "parameters": { - "effect": { - "type": "String", - "metadata": { - "displayName": "Effect", - "description": "Enable or disable the execution of the policy" - }, - "allowedValues": [ - "Audit", - "Disabled", - "Deny" - ], - "defaultValue": "Deny" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "field": "type", - "equals": "Microsoft.StreamAnalytics/streamingjobs" - }, - { - "anyOf": [ - { - "field": "Microsoft.StreamAnalytics/streamingjobs/cluster.id", - "exists": false - }, - { - "value": "[[empty(field('Microsoft.StreamAnalytics/streamingjobs/cluster.id'))]", - "equals": true - } - ] - } - ] - }, - "then": { - "effect": "[[parameters('effect')]" - } - } - }, - "name": "Deny-StreamAnalytics-ClusterId" - }, - { - "properties": { - "displayName": "Deny-StreamAnalytics-ClusterId", - "policyType": "Custom", - "mode": "Indexed", - "description": "Enforces use of stram analytics cluster.", - "metadata": { - "version": "1.0.0", - "category": "Stream Analytics" - }, - "parameters": { - "effect": { - "type": "String", - "metadata": { - "displayName": "Effect", - "description": "Enable or disable the execution of the policy" - }, - "allowedValues": [ - "Audit", - "Disabled", - "Deny" - ], - "defaultValue": "Deny" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "field": "type", - "equals": "Microsoft.StreamAnalytics/streamingjobs" - }, - { - "anyOf": [ - { - "field": "Microsoft.StreamAnalytics/streamingjobs/cluster.id", - "exists": false - }, - { - "value": "[[empty(field('Microsoft.StreamAnalytics/streamingjobs/cluster.id'))]", - "equals": true - } - ] - } - ] - }, - "then": { - "effect": "[[parameters('effect')]" - } - } - }, - "name": "Deny-StreamAnalytics-ClusterId" } ] }, From 13f33ba5d439a934083e6769880817d9751be641 Mon Sep 17 00:00:00 2001 From: Marvin Buss Date: Thu, 26 Aug 2021 17:06:23 +0200 Subject: [PATCH 4/7] Improved Network Range Validation in Portal --- eslzArm/eslz-portal.json | 37 ++++++++++++++++++++++++++++++++++--- 1 file changed, 34 insertions(+), 3 deletions(-) diff --git a/eslzArm/eslz-portal.json b/eslzArm/eslz-portal.json index c6091ded5f..7d13d4b6ab 100644 --- a/eslzArm/eslz-portal.json +++ b/eslzArm/eslz-portal.json @@ -842,7 +842,12 @@ "visible": "[and(not(equals(steps('esConnectivityGoalState').esHub, 'No')), not(equals(steps('esConnectivityGoalState').esHub, 'nva')), not(equals(steps('esConnectivityGoalState').esHub, 'vhub')))]", "constraints": { "required": true, - "validationMessage": "The vWAN hub network address space, specified as one address prefix in CIDR notation (e.g. 10.100.0.0/23)" + "validations": [ + { + "regex": "^(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(?:$|/(1[0-9]|2[0-4]))$", + "message": "Invalid CIDR range. The address prefix must be in the range [10,24]." + } + ] } }, { @@ -854,7 +859,12 @@ "visible": "[and(not(equals(steps('esConnectivityGoalState').esHub, 'No')), not(equals(steps('esConnectivityGoalState').esHub, 'vwan')))]", "constraints": { "required": true, - "validationMessage": "The hub virtual network address space, specified as one address prefix in CIDR notation (e.g. 10.100.0.0/16)" + "validations": [ + { + "regex": "^(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(?:$|/(1[0-9]|2[0-4]))$", + "message": "Invalid CIDR range. The address prefix must be in the range [10,24]." + } + ] } }, { @@ -1468,7 +1478,28 @@ "visible": "[and(equals(steps('esConnectivityGoalState').esAzFw, 'Yes'), not(equals(steps('esConnectivityGoalState').esHub, 'vwan')))]", "constraints": { "required": true, - "validationMessage": "The subnet for Azure Firewall inside the hub virtual network address space, specified as one address prefixes in CIDR notation (e.g. 10.100.0.0/24)" + "validations": [ + { + "regex": "^(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(?:$|/(2[0-8]))$", + "message": "Invalid CIDR range. The address prefix must be in the range [20,28]." + }, + { + "isValid": "[if(greaterOrEquals(last(split(steps('esConnectivityGoalState').esAddressHubHS, '/')), 8), equals(last(take(split(first(split(steps('esConnectivityGoalState').esAddressHubHS, '/')), '.'), 1)), last(take(split(first(split(steps('esConnectivityGoalState').esAddressFw, '/')), '.'), 1))), true)]", + "message": "CIDR range not within virtual network CIDR range (first octet)." + }, + { + "isValid": "[if(greaterOrEquals(last(split(steps('esConnectivityGoalState').esAddressHubHS, '/')), 16), equals(last(take(split(first(split(steps('esConnectivityGoalState').esAddressHubHS, '/')), '.'), 2)), last(take(split(first(split(steps('esConnectivityGoalState').esAddressFw, '/')), '.'), 2))), true)]", + "message": "CIDR range not within virtual network CIDR range (second octet)." + }, + { + "isValid": "[if(greaterOrEquals(last(split(steps('esConnectivityGoalState').esAddressHubHS, '/')), 24), equals(last(take(split(first(split(steps('esConnectivityGoalState').esAddressHubHS, '/')), '.'), 3)), last(take(split(first(split(steps('esConnectivityGoalState').esAddressFw, '/')), '.'), 3))), true)]", + "message": "CIDR range not within virtual network CIDR range (third octet)." + }, + { + "isValid": "[lessOrEquals(last(split(steps('esConnectivityGoalState').esAddressHubHS, '/')), last(split(steps('esConnectivityGoalState').esAddressFw, '/')))]", + "message": "CIDR range not within virtual network CIDR range (subnet mask)." + } + ] } } ] From 9644528bac0310d07efa775e8a3b84339c156922 Mon Sep 17 00:00:00 2001 From: Marvin Buss Date: Fri, 27 Aug 2021 11:31:11 +0200 Subject: [PATCH 5/7] added note to whats new --- docs/wiki/Whats-new.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/wiki/Whats-new.md b/docs/wiki/Whats-new.md index 880d3b3d0d..a09a162165 100644 --- a/docs/wiki/Whats-new.md +++ b/docs/wiki/Whats-new.md @@ -54,7 +54,7 @@ Here's what's changed in Enterprise Scale: #### Other -*No updates, yet.* +- Improved Network CIDR Range Validation within the Azure Portal experience (https://github.com/Azure/Enterprise-Scale/pull/767). ### July 2021 From 883a992d4acd53392cb88b3474334fe4f56cde1c Mon Sep 17 00:00:00 2001 From: Marvin Buss Date: Fri, 27 Aug 2021 12:34:54 +0200 Subject: [PATCH 6/7] update whats new --- docs/wiki/Whats-new.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/wiki/Whats-new.md b/docs/wiki/Whats-new.md index a09a162165..48bb1858c6 100644 --- a/docs/wiki/Whats-new.md +++ b/docs/wiki/Whats-new.md @@ -46,6 +46,7 @@ Here's what's changed in Enterprise Scale: - [Do-It-Yourself deployment instructions for Enterprise-Scale using Azure PowerShell released](https://github.com/Azure/Enterprise-Scale/tree/main/eslzArm) - Update subscription filter in reference implementation UI experience. Subscriptions with state != "Enabled" will be excluded from the list of available subscriptions. - Removed old codebase for the different reference implementations, and converged to a single [ARM codebase](https://github.com/Azure/Enterprise-Scale/tree/main/eslzArm) +- Improved Network CIDR Range Validation within the Azure Portal experience (https://github.com/Azure/Enterprise-Scale/pull/767). #### Policy @@ -54,7 +55,7 @@ Here's what's changed in Enterprise Scale: #### Other -- Improved Network CIDR Range Validation within the Azure Portal experience (https://github.com/Azure/Enterprise-Scale/pull/767). +*No updates, yet.* ### July 2021 From 777324b7beca950832a79492e012267e356b7f2b Mon Sep 17 00:00:00 2001 From: Marvin Buss Date: Fri, 27 Aug 2021 12:53:15 +0200 Subject: [PATCH 7/7] added validation to landing zone config --- eslzArm/eslz-portal.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/eslzArm/eslz-portal.json b/eslzArm/eslz-portal.json index 7d13d4b6ab..1e75ec9087 100644 --- a/eslzArm/eslz-portal.json +++ b/eslzArm/eslz-portal.json @@ -1814,7 +1814,8 @@ "required": true, "validations": [ { - "message": "Only CIDR notation is allowed, and address space must be unique." + "regex": "^(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)\\.(25[0-5]|2[0-4]\\d|1\\d\\d|[1-9]?\\d)(?:$|/(1[0-9]|2[0-4]))$", + "message": "Invalid CIDR range. The address prefix must be in the range [10,24]." } ] }