-
Notifications
You must be signed in to change notification settings - Fork 103
/
main.parameters.jsonc
129 lines (129 loc) · 4.68 KB
/
main.parameters.jsonc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
// The name of the workload that is being deployed. Up to 10 characters long. This wil be used as part of the naming convention (i.e. as defined here: https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/resource-naming)
"workloadName": {
"value": "lzaaca-udr"
},
//The name of the environment (e.g. "dev", "test", "prod", "preprod", "staging", "uat", "dr", "qa"). Up to 8 characters long.
"environment": {
"value": "dev"
},
"tags": {
"value": {}
},
"deployHub": {
"value": true
},
"enableTelemetry": {
"value": true
},
// The name of the hub resource group to create the resources in. If set, it overrides the name generated by the template.
"hubResourceGroupName": {
"value": ""
},
// The name of the resource group to create the resources in. If set, it overrides the name generated by the template
"spokeResourceGroupName": {
"value": ""
},
"vnetAddressPrefixes": {
"value": ["10.0.0.0/24"]
},
"enableBastion": {
"value": true
},
// Should a dedicated workload profile called default be provisioned?
"dedicatedWorkloadProfile": {
"value": false
},
"gatewaySubnetAddressPrefix": {
"value": "10.0.0.0/27"
},
"azureFirewallSubnetAddressPrefix": {
"value": "10.0.0.64/26"
},
"azureFirewallSubnetManagementAddressPrefix": {
"value": "10.0.0.128/26"
},
"bastionSubnetAddressPrefix": {
"value": "10.0.0.192/26"
},
"vmSize": {
"value": "Standard_B2ms"
},
"vmAdminUsername": {
"value": "azureuser"
},
"vmAdminPassword": {
"value": "Password123"
},
"vmLinuxSshAuthorizedKeys": {
"value": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDpNpoh248rsraL3uejAwKlla+pHaDLbp4DM7bKFoc3Rt1DeXPs0XTutJcNtq4iRq+ooRQ1T7WaK42MfQQxt3qkXwjyv8lPJ4v7aElWkAbxZIRYVYmQVxxwfw+zyB1rFdaCQD/kISg/zXxCWw+gdds4rEy7eq23/bXFM0l7pNvbAULIB6ZY7MRpC304lIAJusuZC59iwvjT3dWsDNWifA1SJtgr39yaxB9Fb01UdacwJNuvfGC35GNYH0VJ56c+iCFeAnMXIT00cYuHf0FCRTP0WvTKl+PQmeD1pwxefdFvKCVpidU2hOARb4ooapT0SDM1SODqjaZ/qwWP18y/qQ/v imported-openssh-key"
},
"vmJumpboxOSType": {
"value": "linux"
},
"vmJumpBoxSubnetAddressPrefix": {
"value": "10.1.2.32/27"
},
"spokeVNetAddressPrefixes": {
"value": ["10.1.0.0/22"]
},
"spokeInfraSubnetAddressPrefix": {
"value": "10.1.0.0/23"
},
"spokePrivateEndpointsSubnetAddressPrefix": {
"value": "10.1.2.0/27"
},
"spokeApplicationGatewaySubnetAddressPrefix": {
"value": "10.1.3.0/24"
},
// If you want to keep spoke-internal traffic for the container apps within the spoke, set this to true
"routeSpokeTrafficInternally": {
"value": false
},
// If you want to deploy Application Insights, set this to true
"enableApplicationInsights": {
"value": true
},
// If you use Dapr, you can setup Dapr telemetry by setting this to true and enableApplicationInsights to true
"enableDaprInstrumentation": {
"value": true
},
// Set this to true if you want to deploy the sample application and the application gateway
"deployHelloWorldSample": {
"value": false
},
// if true Azure Cache for Redis (Premium SKU), together with Private Endpoint and the relavant Private DNS Zone will be deployed
"deployRedisCache": {
"value": false
},
// Deploy (or not) an Azure OpenAI account. ATTENTION: At the time of writing , OpenAI is in preview and only available in limited regions: look here: https://learn.microsoft.com/azure/ai-services/openai/chatgpt-quickstart#prerequisites
"deployOpenAi": {
"value": false
},
// DDoS protection mode for the Public IP of the Application Gateway. allowed values are "VirtualNetworkInherited", "Enabled" and "Disabled"
"ddosProtectionMode": {
"value": "Enabled"
},
// The FQDN of the Application Gateway. Must match the TLS Certificate.
"applicationGatewayFqdn": {
"value": "acahello.demoapp.com"
},
"enableApplicationGatewayCertificate": {
"value": true
},
"applicationGatewayCertificateKeyName": {
"value": "agwcert"
},
//If true, Azure Policies will be deployed
"deployAzurePolicies": {
"value": false
},
//If true, any resources that support AZ will be deployed in all three AZ. However if the selected region is not supporting AZ, this parameter needs to be set to false.
"deployZoneRedundantResources": {
"value": false
}
}
}