AzStackHciConnectivity/Targets/AzStackHci.EnvironmentChecker.Arc.Resource.Bridge.Targets.json
[
{ "Service": [ "Vm Management for HCI" ], "Title": "Microsoft Container Registry", "Name": "Vm_Management_HCI_Microsoft_Container_Registry", "Severity": "Warning", "Description": "For official Microsoft artifacts such as container images", "Endpoint": [ "mcr.microsoft.com" ], "Protocol": [ "https" ], "Mandatory": false, "OperationType": [ "Workload" ], "Group": "ReadinessChecks", "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions", "TargetResourceID": "", "TargetResourceName": "", "TargetResourceType": "", "Tags": { "Group": "ReadinessChecks", "Mandatory": false, "OperationType": [ "Workload" ] }, "AdditionalData": null }, { "Service": [ "Vm Management for HCI" ], "Title": "Notification Service", "Name": "Vm_Management_HCI_Notification_Notification_Service", "Severity": "Warning", "Description": "For guest notification operations", "Endpoint": [ "guestnotificationservice.azure.com/urls/allowlist?api-version=2020-01-01&location=eastus2" ], "Protocol": [ "https" ], "Mandatory": false, "OperationType": [ "Workload" ], "Group": "ReadinessChecks", "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions", "TargetResourceID": "", "TargetResourceName": "", "TargetResourceType": "", "Tags": { "Group": "ReadinessChecks", "Mandatory": false, "OperationType": [ "Workload" ] }, "AdditionalData": null }, { "Service": [ "Vm Management for HCI" ], "Title": "Download Agent", "Name": "Vm_Management_HCI_Download_Download_Agent", "Severity": "Warning", "Description": "For downloading Resource bridge (appliance) container images", "Endpoint": [ "ecpacr.azurecr.io" ], "Protocol": [ "https" ], "Mandatory": false, "OperationType": [ "Workload" ], "Group": "ReadinessChecks", "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions", "TargetResourceID": "", "TargetResourceName": "", "TargetResourceType": "", "Tags": { "Group": "ReadinessChecks", "Mandatory": false, "OperationType": [ "Workload" ] }, "AdditionalData": null }, { "Service": [ "Vm Management for HCI" ], "Title": "Kubernetes", "Name": "Vm_Management_HCI_Kubernetes", "Severity": "Warning", "Description": "For downloading Azure Arc for Kubernetes container images", "Endpoint": [ "azurearcfork8s.azurecr.io" ], "Protocol": [ "https" ], "Mandatory": false, "OperationType": [ "Workload" ], "Group": "ReadinessChecks", "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions", "TargetResourceID": "", "TargetResourceName": "", "TargetResourceType": "", "Tags": { "Group": "ReadinessChecks", "Mandatory": false, "OperationType": [ "Workload" ] }, "AdditionalData": null }, { "Service": [ "Vm Management for HCI" ], "Title": "Telemetry", "Name": "Vm_Management_HCI_Telemetry_Mariner", "Severity": "Warning", "Description": "For Kubernetes control plane nodes on Mariner OS", "Endpoint": [ "adhs.events.data.microsoft.com/ping", "gcs.prod.monitoring.core.windows.net/publicapi/agent/v1/" ], "Protocol": [ "https" ], "Mandatory": false, "OperationType": [ "Workload" ], "Group": "ReadinessChecks", "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions", "TargetResourceID": "", "TargetResourceName": "", "TargetResourceType": "", "Tags": { "Group": "ReadinessChecks", "Mandatory": false, "OperationType": [ "Workload" ] }, "AdditionalData": null }, { "Service": [ "Vm Management for HCI" ], "Title": "Telemetry", "Name": "Vm_Management_HCI_Telemetry", "Severity": "Warning", "Description": "To periodically send Telemetry from HCI or Windows Server host", "Endpoint": [ "v20.events.data.microsoft.com/ping" ], "Protocol": [ "https" ], "Mandatory": false, "OperationType": [ "Workload" ], "Group": "ReadinessChecks", "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions", "TargetResourceID": "", "TargetResourceName": "", "TargetResourceType": "", "Tags": { "Group": "ReadinessChecks", "Mandatory": false, "OperationType": [ "Workload" ] }, "AdditionalData": null }, { "Service": [ "Vm Management for HCI" ], "Title": "Identity", "Name": "Vm_Management_HCI_Identity", "Severity": "Warning", "Description": "Azure Arc identity service Used for identity and access control", "Endpoint": [ "gbl.his.arc.azure.com" ], "Protocol": [ "https" ], "Mandatory": false, "OperationType": [ "Workload" ], "Group": "ReadinessChecks", "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions", "TargetResourceID": "", "TargetResourceName": "", "TargetResourceType": "", "Tags": { "Group": "ReadinessChecks", "Mandatory": false, "OperationType": [ "Workload" ] }, "AdditionalData": null }, { "Service": [ "Vm Management for HCI" ], "Title": "Configuration", "Name": "Vm_Management_HCI_Configuration", "Severity": "Warning", "Description": "Kubernetes endpoint used for Azure Arc configuration", "Endpoint": [ "eastus2euap.dp.kubernetesconfiguration.azure.com" ], "Protocol": [ "https" ], "Mandatory": false, "OperationType": [ "Workload" ], "Group": "ReadinessChecks", "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions", "TargetResourceID": "", "TargetResourceName": "", "TargetResourceType": "", "Tags": { "Group": "ReadinessChecks", "Mandatory": false, "OperationType": [ "Workload" ] }, "AdditionalData": null }, { "Service": [ "Vm Management for HCI" ], "Title": "Security", "Name": "Vm_Management_HCI_Identity", "Severity": "Warning", "Description": "Secure token service Used for custom locations", "Endpoint": [ "sts.windows.net" ], "Protocol": [ "https" ], "Mandatory": false, "OperationType": [ "Workload" ], "Group": "ReadinessChecks", "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions", "TargetResourceID": "", "TargetResourceName": "", "TargetResourceType": "", "Tags": { "Group": "ReadinessChecks", "Mandatory": false, "OperationType": [ "Workload" ] }, "AdditionalData": null }, { "Service": [ "Vm Management for HCI" ], "Title": "Download", "Name": "Vm_Management_HCI_Download", "Severity": "Warning", "Description": "Resource bridge (appliance) image download Used for downloading the Vm Management for HCI OS images", "Endpoint": [ "msk8s.api.cdp.microsoft.com", "msk8s.b.tlu.dl.delivery.mp.microsoft.com", "msk8s.sb.tlu.dl.delivery.mp.microsoft.com", "msk8s.f.tlu.dl.delivery.mp.microsoft.com", "msk8s.sf.tlu.dl.delivery.mp.microsoft.com" ], "Protocol": [ "https" ], "Mandatory": false, "OperationType": [ "Workload" ], "Group": "ReadinessChecks", "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions", "TargetResourceID": "", "TargetResourceName": "", "TargetResourceType": "", "Tags": { "Group": "ReadinessChecks", "Mandatory": false, "OperationType": [ "Workload" ] }, "AdditionalData": null }, { "Service": [ "Vm Management for HCI" ], "Title": "Download", "Name": "Vm_Management_HCI_Download", "Severity": "Warning", "Description": "Resource bridge components download Required to pull artifacts for Appliance managed components", "Endpoint": [ "kvamanagementoperator.azurecr.io" ], "Protocol": [ "https" ], "Mandatory": false, "OperationType": [ "Workload" ], "Group": "ReadinessChecks", "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions", "TargetResourceID": "", "TargetResourceName": "", "TargetResourceType": "", "Tags": { "Group": "ReadinessChecks", "Mandatory": false, "OperationType": [ "Workload" ] }, "AdditionalData": null }, { "Service": [ "Vm Management for HCI" ], "Title": "Diagnostics", "Name": "Vm_Management_HCI_Download", "Severity": "Warning", "Description": "Log collection for Vm Management for HCI Required to push logs for Appliance managed components", "Endpoint": [ "linuxgeneva-microsoft.azurecr.io" ], "Protocol": [ "https" ], "Mandatory": false, "OperationType": [ "Workload" ], "Group": "ReadinessChecks", "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions", "TargetResourceID": "", "TargetResourceName": "", "TargetResourceType": "", "Tags": { "Group": "ReadinessChecks", "Mandatory": false, "OperationType": [ "Workload" ] }, "AdditionalData": null } ] |