templates/azure-local-deployment-template.json
|
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "languageVersion": "2.0", "contentVersion": "1.0.0.0", "parameters": { "deploymentMode": { "defaultValue": "Validate", "type": "string", "allowedValues": [ "Validate", "Deploy" ], "metadata": { "description": "First must pass Validate prior running Deploy" } }, "keyVaultName": { "type": "string", "metadata": { "description": "The KeyVault name used to store the secrets." } }, "createNewKeyVault": { "type": "bool", "defaultValue": true, "metadata": { "description": "Set this value as false, if you are re-using a Keyvault" } }, "softDeleteRetentionDays": { "type": "int", "defaultValue": 30 }, "diagnosticStorageAccountName": { "type": "string", "metadata": { "description": "The name of the storage account used for KV audit logs" } }, "logsRetentionInDays": { "type": "int", "defaultValue": 30, "minValue": 0, "maxValue": 365, "metadata": { "description": "Specifies the number of days that logs are gonna be kept. If you do not want to apply any retention policy and retain data forever, set value to 0." } }, "storageAccountType": { "type": "string", "defaultValue": "Standard_LRS", "allowedValues": [ "Premium_LRS", "Premium_ZRS", "Standard_GRS", "Standard_GZRS", "Standard_LRS", "Standard_RAGRS", "Standard_RAGZRS", "Standard_ZRS" ], "metadata": { "description": "Storage Account type" } }, "clusterName": { "type": "string", "minLength": 3, "maxLength": 15, "metadata": { "description": "This name must be unique from physical node names" } }, "location": { "type": "string", "defaultValue": "[resourceGroup().location]" }, "tenantId": { "type": "string", "defaultValue": "[subscription().tenantId]" }, "witnessType": { "defaultValue": "No Witness", "type": "string", "allowedValues": [ "Cloud", "No Witness" ], "metadata": { "description": "Witness Type must be 'cloud' for a 2 node cluster. It can be empty of other cluster sizes" } }, "clusterWitnessStorageAccountName": { "defaultValue": "", "type": "string", "metadata": { "description": "Storage account name to be created for the cluster witness, required when Witness Type is cloud" } }, "localAdminUserName": { "type": "string", "minLength": 1, "metadata": { "description": "local administrator username" } }, "localAdminPassword": { "type": "securestring", "minLength": 1, "metadata": { "description": "local administrator password" } }, "AzureStackLCMAdminUsername": { "type": "string", "minLength": 1, "metadata": { "description": "Deployment user username" } }, "AzureStackLCMAdminPassword": { "type": "securestring", "minLength": 1, "metadata": { "description": "Deployment user password" } }, "hciResourceProviderObjectID": { "type": "string", "minLength": 1, "metadata": { "description": "Object ID of HCI Resource Provider" } }, "arcNodeResourceIds": { "defaultValue": [], "type": "array", "metadata": { "description": "The arc for server node Ids of the hci cluster" } }, "domainFqdn": { "defaultValue": "", "type": "string", "metadata": { "description": "The domain name of the Active Directory Domain Services" } }, "namingPrefix": { "defaultValue": "hci", "type": "string", "metadata": { "description": "The object name prefix (for future use, post 2402)" } }, "adouPath": { "defaultValue": "", "type": "string", "metadata": { "description": "The ADDS OU path" } }, "securityLevel": { "defaultValue": "Recommended", "type": "string", "allowedValues": [ "Recommended", "Customized" ], "metadata": { "description": "The security level data for deploying a hci cluster" } }, "driftControlEnforced": { "defaultValue": true, "type": "bool", "allowedValues": [ true, false ], "metadata": { "description": "The security setting driftControlEnforced data for deploying a hci cluster" } }, "credentialGuardEnforced": { "defaultValue": true, "type": "bool", "allowedValues": [ true, false ], "metadata": { "description": "The security setting credentialGuardEnforced data for deploying a hci cluster" } }, "smbSigningEnforced": { "defaultValue": true, "type": "bool", "allowedValues": [ true, false ], "metadata": { "description": "The security setting smbSigningEnforced data for deploying a hci cluster" } }, "smbClusterEncryption": { "defaultValue": false, "type": "bool", "allowedValues": [ true, false ], "metadata": { "description": "The security setting smbClusterEncryption data for deploying a hci cluster" } }, "bitlockerBootVolume": { "defaultValue": true, "type": "bool", "allowedValues": [ true, false ], "metadata": { "description": "The security setting bitlockerBootVolume data for deploying a hci cluster" } }, "bitlockerDataVolumes": { "defaultValue": true, "type": "bool", "allowedValues": [ true, false ], "metadata": { "description": "The security setting bitlockerDataVolumes data for deploying a hci cluster" } }, "wdacEnforced": { "defaultValue": true, "type": "bool", "allowedValues": [ true, false ], "metadata": { "description": "The security setting wdacEnforced data for deploying a hci cluster" } }, "streamingDataClient": { "defaultValue": true, "type": "bool", "allowedValues": [ true, false ], "metadata": { "description": "The metrics data for deploying a hci cluster" } }, "euLocation": { "defaultValue": false, "type": "bool", "allowedValues": [ true, false ], "metadata": { "description": "The location data for deploying a hci cluster" } }, "episodicDataUpload": { "defaultValue": true, "type": "bool", "allowedValues": [ true, false ], "metadata": { "description": "The diagnostic data for deploying a hci cluster" } }, "configurationMode": { "defaultValue": "Express", "type": "string", "allowedValues": [ "Express", "InfraOnly", "KeepStorage" ], "metadata": { "description": "The storage volume configuration mode" } }, "subnetMask": { "defaultValue": "", "type": "string", "metadata": { "description": "The subnet mask for deploying a hci cluster" } }, "defaultGateway": { "defaultValue": "", "type": "string", "metadata": { "description": "The default gateway for deploying a hci cluster" } }, "startingIPAddress": { "defaultValue": "", "type": "string", "metadata": { "description": "The starting ip address for deploying a hci cluster" } }, "endingIPAddress": { "defaultValue": "", "type": "string", "metadata": { "description": "The ending ip address for deploying a hci cluster" } }, "dnsServers": { "defaultValue": [ "" ], "type": "array", "metadata": { "description": "The dns servers for deploying a hci cluster" } }, "useDhcp": { "type": "bool", "allowedValues": [ true, false ], "defaultValue": false, "metadata": { "description": "Allows customers to use DHCP for Hosts and Cluster IPs. If not declared, the deployment will default to static IPs. When true, GW and DNS servers are not required" } }, "physicalNodesSettings": { "defaultValue": [ { "name": "node1", "ipv4Address": "100.69.32.64" }, { "name": "node2", "ipv4Address": "100.69.32.65" } ], "type": "array", "metadata": { "description": "The physical nodes settings for deploying a hci cluster" } }, "networkingType": { "defaultValue": "switchedMultiServerDeployment", "type": "string", "allowedValues": [ "switchedMultiServerDeployment", "switchlessMultiServerDeployment", "singleServerDeployment" ], "metadata": { "description": "The networking type for deploying a hci cluster" } }, "networkingPattern": { "defaultValue": "hyperConverged", "type": "string", "allowedValues": [ "hyperConverged", "convergedManagementCompute", "convergedComputeStorage", "custom" ], "metadata": { "description": "The networking pattern for deploying a hci cluster" } }, "intentList": { "defaultValue": [], "type": "array", "metadata": { "description": "The intent list for deploying a hci cluster" } }, "storageNetworkList": { "defaultValue": [], "type": "array", "metadata": { "description": "The storage network list for deploying a hci cluster" } }, "storageConnectivitySwitchless": { "defaultValue": false, "type": "bool", "metadata": { "description": "The storage connectivity switchless value for deploying a hci cluster" } }, "enableStorageAutoIp": { "defaultvalue": true, "type": "bool", "metadata": { "description": "The enable storage auto ip value for deploying a hci cluster" } }, "clusterPattern": { "defaultValue": "Standard", "type": "string", "metadata": { "description": "Supported Storage Type for HCI Cluster: Standard and RackAware" } }, "localAvailabilityZones": { "defaultValue": [], "type": "array", "metadata": { "description": "Local Availability Zone information for HCI cluster" } }, "customLocation": { "defaultValue": "", "type": "string", "metadata": { "description": "The custom location for deploying a hci cluster" } }, "sbeVersion": { "defaultValue": "", "type": "string", "metadata": { "description": "Solution builder extension (SBE) version" } }, "sbeFamily": { "defaultValue": "", "type": "string", "metadata": { "description": "Solution builder extension (SBE) family value" } }, "sbePublisher": { "defaultValue": "", "type": "string", "metadata": { "description": "Solution builder extension (SBE) publisher name" } }, "sbeManifestSource": { "defaultValue": "", "type": "string", "metadata": { "description": "Solution builder extension (SBE) manifest source" } }, "sbeManifestCreationDate": { "defaultValue": "", "type": "string", "metadata": { "description": "Solution builder extension (SBE) creation date" } }, "partnerProperties": { "defaultValue": [], "type": "array", "metadata": { "description": "Solution builder extension (SBE) partner properties" } }, "partnerCredentiallist": { "defaultValue": [], "type": "array", "metadata": { "description": "Solution builder extension (SBE) partner credential properties" } } }, "variables": { "storageWitnessECEName": "WitnessStorageKey", "LocalAdminCredentialECEName": "LocalAdminCredential", "domainAdminCredentialECEName": "AzureStackLCMUserCredential", "storageWitnessSecretName": "[concat( parameters('clusterName'), '-', 'WitnessStorageKey')]", "LocalAdminCredentialSecretName": "[concat( parameters('clusterName'), '-', 'LocalAdminCredential')]", "domainAdminSecretName": "[concat( parameters('clusterName'), '-', 'AzureStackLCMUserCredential')]", "witnessTypeVar": "[if(equals(parameters('witnessType'), 'No Witness'), '','Cloud')]", "clusterWitnessStorageAccountNameVar": "[if(equals(parameters('witnessType'), 'No Witness'), '', parameters('clusterWitnessStorageAccountName'))]", "AzureServiceEndpointVar": "[if(equals(parameters('witnessType'), 'No Witness'), '', if(equals(environment().name, 'AzureCloud'), 'core.windows.net', 'core.usgovcloudapi.net'))]", "localAdminSecretValue": "[base64(concat(parameters('localAdminUserName'),':',parameters('localAdminPassword')))]", "domainAdminSecretValueVar": "[base64(concat(parameters('AzureStackLCMAdminUsername'),':',parameters('AzureStackLCMAdminPassword')))]", "CloudWithnessStorageAccountIdVar": "[resourceId('Microsoft.Storage/storageAccounts', parameters('clusterWitnessStorageAccountName'))]", "KeyVaultDNS": "[if(equals(environment().name, 'AzureCloud'), 'vault.azure.net', 'vault.usgovcloudapi.net')]", "copy": [ { "name": "answerfileSBESecrets", "count": "[length(parameters('partnerCredentialList'))]", "input": { "secretName": "[parameters('partnerCredentialList')[copyIndex('answerfileSBESecrets')].secretName]", "eceSecretName": "[parameters('partnerCredentialList')[copyIndex('answerfileSBESecrets')].secretName]", "secretLocation": "[concat('https://', parameters('keyVaultName'), '.', variables('KeyVaultDNS'), '/secrets/', parameters('partnerCredentialList')[copyIndex('answerfileSBESecrets')].secretName)]" } }, { "name": "isNodeNameValid", "count": "[length(parameters('physicalNodesSettings'))]", "input": "[if(equals(parameters('clusterName'), parameters('physicalNodesSettings')[copyIndex('isNodeNameValid')].name), 'false', 'true')]" } ], "deploymentSecretsList":[ { "secretName": "[variables('storageWitnessSecretName')]", "eceSecretName" : "[variables('storageWitnessECEName')]", "secretLocation": "[concat('https://', parameters('keyVaultName'), '.', variables('KeyVaultDNS'), '/secrets/', variables('storageWitnessSecretName'))]" }, { "secretName": "[variables('LocalAdminCredentialSecretName')]", "eceSecretName" : "[variables('LocalAdminCredentialECEName')]", "secretLocation": "[concat('https://', parameters('keyVaultName'), '.', variables('KeyVaultDNS'), '/secrets/', variables('LocalAdminCredentialSecretName'))]" }, { "secretName": "[variables('domainAdminSecretName')]", "eceSecretName" : "[variables('domainAdminCredentialECEName')]", "secretLocation": "[concat('https://', parameters('keyVaultName'), '.', variables('KeyVaultDNS'), '/secrets/', variables('domainAdminSecretName'))]" } ] }, "resources":{ "witnessStorageAcc" : { "type": "Microsoft.Storage/storageAccounts", "apiVersion": "2023-01-01", "name": "[parameters('clusterWitnessStorageAccountName')]", "location": "[parameters('location')]", "sku": { "name": "[parameters('storageAccountType')]", "tier": "Standard" }, "kind": "StorageV2", "properties": { "supportsHttpsTrafficOnly": true, "minimumTlsVersion": "TLS1_2" } }, "hcirproleassignment": { "type": "Microsoft.Resources/deployments", "apiVersion": "2021-04-01", "name": "AzureConnectedMachineResourceManager-RoleAssignment", "subscriptionId": "[subscription().subscriptionId]", "resourceGroup": "[resourceGroup().name]", "properties": { "mode": "Incremental", "template": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "hciResourceProviderObjectID1": { "type": "string" } }, "variables": {}, "resources": [ { "type": "Microsoft.Authorization/roleAssignments", "apiVersion": "2022-04-01", "name": "[guid(concat('HCIRP-',resourceGroup().id, parameters('hciResourceProviderObjectID1')))]", "properties": { "mode": "Incremental", "roleDefinitionId": "[concat(subscription().id, '/providers/Microsoft.Authorization/roleDefinitions/', 'f5819b54-e033-4d82-ac66-4fec3cbf3f4c')]", "principalId": "[parameters('hciResourceProviderObjectID1')]", "scope": "[resourceGroup().id]", "description": "Azure Connected Machine Resource Manager role assignment to HCI Resource Provider" } } ] }, "parameters": { "hciResourceProviderObjectID1": { "value": "[parameters('hciResourceProviderObjectID')]" } } } }, "edgeDevices" : { "condition": "[equals(parameters('deploymentMode'), 'Validate')]", "dependsOn": [ "hcirproleassignment" ], "copy": { "name": "edgeDeviceCopy", "count": "[length(parameters('arcNodeResourceIds'))]" }, "type": "Microsoft.AzureStackHCI/edgeDevices", "apiVersion": "2025-02-01-preview", "name": "default", "scope": "[concat('Microsoft.HybridCompute/machines', '/', last(split(parameters('arcNodeResourceIds')[copyindex()], '/')))]", "kind": "HCI", "properties": {} }, "arcMachineRoleAssignment": { "type": "Microsoft.Resources/deployments", "apiVersion": "2021-04-01", "name": "AzureStackHCIDeviceManagementRole-RoleAssignment", "subscriptionId": "[subscription().subscriptionId]", "resourceGroup": "[resourceGroup().name]", "properties": { "mode": "Incremental", "template": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "arcNodeResourceIds1": { "type": "array" } }, "variables": {}, "resources": [ { "copy": { "name": "DVMroleAssignmentCopy", "count": "[length(parameters('arcNodeResourceIds1'))]" }, "type": "Microsoft.Authorization/roleAssignments", "apiVersion": "2022-04-01", "name": "[guid(concat('DMR-', parameters('arcNodeResourceIds1')[copyIndex()]))]", "properties": { "mode": "Incremental", "roleDefinitionId": "[concat(subscription().id, '/providers/Microsoft.Authorization/roleDefinitions/', '865ae368-6a45-4bd1-8fbf-0d5151f56fc1')]", "principalId": "[reference(parameters('arcNodeResourceIds1')[copyIndex()], '2023-10-03-preview', 'full').identity.principalId]", "scope": "[resourceGroup().id]", "description": "[concat(substring(parameters('arcNodeResourceIds1')[copyIndex()],lastIndexOf(parameters('arcNodeResourceIds1')[copyIndex()],'/')),'- Azure Stack HCI Device Management Role')]" } } ] }, "parameters": { "arcNodeResourceIds1": { "value": "[parameters('arcNodeResourceIds')]" } } } }, "ArcMachineKVRoleAssignment": { "type": "Microsoft.Resources/deployments", "apiVersion": "2021-04-01", "name": "KeyVaultSecretsUser-RoleAssignment", "subscriptionId": "[subscription().subscriptionId]", "resourceGroup": "[resourceGroup().name]", "properties": { "mode": "Incremental", "template": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "arcNodeResourceIds1": { "type": "array" } }, "variables": {}, "resources": [ { "copy": { "name": "KVroleAssignmentCopy", "count": "[length(parameters('arcNodeResourceIds1'))]" }, "type": "Microsoft.Authorization/roleAssignments", "apiVersion": "2022-04-01", "name": "[guid(concat('KVSU-RoleAssign', parameters('arcNodeResourceIds1')[copyIndex()]))]", "properties": { "mode": "Incremental", "roleDefinitionId": "[concat(subscription().id, '/providers/Microsoft.Authorization/roleDefinitions/', '4633458b-17de-408a-b874-0445c86b69e6')]", "principalId": "[reference(parameters('arcNodeResourceIds1')[copyIndex()], '2023-10-03-preview', 'full').identity.principalId]", "scope": "[resourceGroup().id]", "description": "[concat(substring(parameters('arcNodeResourceIds1')[copyIndex()],lastIndexOf(parameters('arcNodeResourceIds1')[copyIndex()],'/')),'- Key Vault Secrets User')]" } } ] }, "parameters": { "arcNodeResourceIds1": { "value": "[parameters('arcNodeResourceIds')]" } } } }, "ArcMachineInfraVMRoleAssignment": { "type": "Microsoft.Resources/deployments", "apiVersion": "2021-04-01", "name": "AzureStackHCIConnectedInfraVMs-RoleAssignment", "subscriptionId": "[subscription().subscriptionId]", "resourceGroup": "[resourceGroup().name]", "properties": { "mode": "Incremental", "template": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "arcNodeResourceIds1": { "type": "array" } }, "variables": {}, "resources": [ { "copy": { "name": "IfraVMroleAssignmentCopy", "count": "[length(parameters('arcNodeResourceIds1'))]" }, "type": "Microsoft.Authorization/roleAssignments", "apiVersion": "2022-04-01", "name": "[guid(concat('INFRAVM-RoleAssign', parameters('arcNodeResourceIds1')[copyIndex()]))]", "properties": { "mode": "Incremental", "roleDefinitionId": "[concat(subscription().id, '/providers/Microsoft.Authorization/roleDefinitions/', 'c99c945f8bd14fb1a90301460aae6068')]", "principalId": "[reference(parameters('arcNodeResourceIds1')[copyIndex()], '2023-10-03-preview', 'full').identity.principalId]", "scope": "[resourceGroup().id]", "description": "[concat(substring(parameters('arcNodeResourceIds1')[copyIndex()],lastIndexOf(parameters('arcNodeResourceIds1')[copyIndex()],'/')),'- Azure Stack HCI Connected InfraVMs')]" } } ] }, "parameters": { "arcNodeResourceIds1": { "value": "[parameters('arcNodeResourceIds')]" } } } }, "StorageAccountConfigurations":{ "type": "Microsoft.Storage/storageAccounts", "apiVersion": "2023-01-01", "name": "[parameters('diagnosticStorageAccountName')]", "location": "[parameters('location')]", "condition": "[parameters('createNewKeyVault')]", "sku": { "name": "[parameters('storageAccountType')]", "tier": "Standard" }, "kind": "StorageV2", "properties": { "publicNetworkAccess": "Disabled", "allowSharedKeyAccess": false, "supportsHttpsTrafficOnly": true, "minimumTlsVersion": "TLS1_2", "networkAcls": { "defaultAction": "Deny" } } }, "KVConfigurations":{ "type": "Microsoft.KeyVault/vaults", "apiVersion": "2021-06-01-preview", "name": "[parameters('keyVaultName')]", "location": "[parameters('location')]", "condition": "[parameters('createNewKeyVault')]", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', parameters('clusterWitnessStorageAccountName'))]", "[resourceId('Microsoft.Storage/storageAccounts', parameters('diagnosticStorageAccountName'))]" ], "properties": { "enabledForDeployment": true, "enabledForTemplateDeployment": true, "enabledForDiskEncryption": true, "enableSoftDelete": false, "softDeleteRetentionInDays": "[parameters('softDeleteRetentionDays')]", "enableRbacAuthorization": true, "publicNetworkAccess": "Enabled", "accessPolicies": [], "tenantId": "[parameters('tenantId')]", "sku": { "name": "standard", "family": "A" } } }, "KVDiagnosticsConfig":{ "type": "Microsoft.KeyVault/vaults/providers/diagnosticsettings", "name": "[concat(parameters('keyVaultName'), '/Microsoft.Insights/service')]", "apiVersion": "2016-09-01", "Location": "[resourceGroup().location]", "condition": "[parameters('createNewKeyVault')]", "dependsOn": [ "[concat('Microsoft.KeyVault/vaults/', parameters('keyVaultName'))]", "[concat('Microsoft.Storage/storageAccounts/', parameters('diagnosticStorageAccountName'))]" ], "properties": { "storageAccountId": "[resourceId('Microsoft.Storage/storageAccounts', parameters('diagnosticStorageAccountName'))]", "logs": [ { "category": "AuditEvent", "enabled": true, "retentionPolicy": { "enabled": true, "days": "[parameters('LogsRetentionInDays')]" } } ] } }, "nodeNameValidation":{ "type": "Microsoft.Resources/deployments", "apiVersion": "2021-04-01", "name": "[if(contains(variables('isNodeNameValid'), 'false'), '##ClusterNameIsSameAsNodeName##', 'NodeNameIsValid')]", "properties":{ "mode": "Incremental", "template": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "resources": [] } } }, "HCICluster":{ "condition": "[equals(parameters('deploymentMode'), 'Validate')]", "type": "Microsoft.AzureStackHCI/clusters", "apiVersion": "2025-02-01-preview", "name": "[parameters('clusterName')]", "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]", "edgeDevices", "nodeNameValidation" ], "identity": { "type": "SystemAssigned" }, "location": "[parameters('location')]", "properties": {} }, "KVDomainAdminSecret":{ "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', variables('domainAdminSecretName'))]", "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" ], "location": "[parameters('location')]", "scale": null, "properties": { "contentType": "Secret", "value": "[variables('domainAdminSecretValueVar')]", "attributes": { "enabled": true } } }, "KVLocalAdminSecret":{ "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', variables('LocalAdminCredentialSecretName'))]", "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" ], "location": "[parameters('location')]", "scale": null, "properties": { "contentType": "Secret", "value": "[variables('localAdminSecretValue')]", "attributes": { "enabled": true } } }, "KVWitnessSecret":{ "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', variables('storageWitnessSecretName'))]", "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" ], "location": "[parameters('location')]", "scale": null, "properties": { "contentType": "Secret", "value": "[base64(listKeys(variables('CloudWithnessStorageAccountIdVar'), '2019-04-01').keys[0].value)]", "attributes": { "enabled": true } } }, "KVPartnerCreds":{ "type": "Microsoft.KeyVault/vaults/secrets", "apiVersion": "2021-06-01-preview", "name": "[concat(parameters('keyVaultName'), '/', parameters('partnerCredentialList')[copyIndex()].secretName)]", "dependsOn": [ "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" ], "location": "[parameters('location')]", "condition": "[not(empty(parameters('partnerCredentialList')))]", "copy": { "name": "partnerCredsLoop", "count": "[length(parameters('partnerCredentialList'))]" }, "properties": { "contentType": "Secret", "value": "[base64(parameters('partnerCredentialList')[copyIndex()].secretValue)]", "attributes": { "enabled": true } } }, "DeploymentSettings": { "type": "microsoft.azurestackhci/clusters/deploymentSettings", "apiVersion": "2025-02-01-preview", "name": "[format('{0}/default', parameters('clusterName'))]", "dependsOn": [ "[resourceId('Microsoft.AzureStackHCI/clusters', parameters('clusterName'))]" ], "properties": { "arcNodeResourceIds": "[parameters('arcNodeResourceIds')]", "deploymentMode": "[parameters('deploymentMode')]", "deploymentConfiguration": { "version": "10.0.0.0", "scaleUnits": [ { "deploymentData": { "securitySettings": { "hvciProtection": true, "drtmProtection": true, "driftControlEnforced": "[parameters('driftControlEnforced')]", "credentialGuardEnforced": "[parameters('credentialGuardEnforced')]", "smbSigningEnforced": "[parameters('smbSigningEnforced')]", "smbClusterEncryption": "[parameters('smbClusterEncryption')]", "sideChannelMitigationEnforced": true, "bitlockerBootVolume": "[parameters('bitlockerBootVolume')]", "bitlockerDataVolumes": "[parameters('bitlockerDataVolumes')]", "wdacEnforced": "[parameters('wdacEnforced')]" }, "observability": { "streamingDataClient": "[parameters('streamingDataClient')]", "euLocation": "[parameters('euLocation')]", "episodicDataUpload": "[parameters('episodicDataUpload')]" }, "cluster": { "name": "[parameters('clusterName')]", "witnessType": "[variables('witnessTypeVar')]", "witnessPath": "", "cloudAccountName": "[variables('clusterWitnessStorageAccountNameVar')]", "azureServiceEndpoint": "[variables('AzureServiceEndpointVar')]", "clusterPattern": "[parameters('clusterPattern')]" }, "storage": { "configurationMode": "[parameters('configurationMode')]" }, "namingPrefix": "[parameters('namingPrefix')]", "domainFqdn": "[parameters('domainFqdn')]", "infrastructureNetwork": [ { "subnetMask": "[parameters('subnetMask')]", "gateway": "[parameters('defaultGateway')]", "ipPools": [ { "startingAddress": "[parameters('startingIPAddress')]", "endingAddress": "[parameters('endingIPAddress')]" } ], "dnsServers": "[parameters('dnsServers')]", "useDhcp": "[parameters('useDhcp')]" } ], "physicalNodes": "[parameters('physicalNodesSettings')]", "hostNetwork": { "intents": "[parameters('intentList')]", "storageNetworks": "[parameters('storageNetworkList')]", "storageConnectivitySwitchless": "[parameters('storageConnectivitySwitchless')]", "enableStorageAutoIp": "[parameters('enableStorageAutoIp')]" }, "adouPath": "[parameters('adouPath')]", "secrets": "[variables('deploymentSecretsList')]", "optionalServices": { "customLocation": "[parameters('customLocation')]" }, "localAvailabilityZones": "[parameters('localAvailabilityZones')]" }, "sbePartnerInfo": { "sbeDeploymentInfo": { "version": "[parameters('sbeVersion')]", "family": "[parameters('sbeFamily')]", "publisher": "[parameters('sbePublisher')]", "sbeManifestSource": "[parameters('sbeManifestSource')]", "sbeManifestCreationDate": "[if(not(empty(parameters('sbeManifestCreationDate'))), parameters('sbeManifestCreationDate'), json('null'))]" }, "partnerProperties": "[parameters('partnerProperties')]", "credentialList": "[variables('answerfileSBESecrets')]" } } ] } } } } } |