AzStackHciConnectivity/Targets/AzStackHci.EnvironmentChecker.Arc.Resource.Bridge.Targets.json

[
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Microsoft Container Registry",
    "Name": "Vm_Management_HCI_Microsoft_Container_Registry",
    "Severity": "Warning",
    "Description": "For official Microsoft artifacts such as container images",
    "Endpoint": [
      "mcr.microsoft.com"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": false,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": false,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Notification Service",
    "Name": "Vm_Management_HCI_Notification_Notification_Service",
    "Severity": "Warning",
    "Description": "For guest notification operations",
    "Endpoint": [
      "guestnotificationservice.azure.com/urls/allowlist?api-version=2020-01-01&location=eastus2"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": false,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": false,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Download Agent",
    "Name": "Vm_Management_HCI_Download_Download_Agent",
    "Severity": "Warning",
    "Description": "For downloading Resource bridge (appliance) container images",
    "Endpoint": [
      "ecpacr.azurecr.io"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": false,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": false,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Kubernetes",
    "Name": "Vm_Management_HCI_Kubernetes",
    "Severity": "Warning",
    "Description": "For downloading Azure Arc for Kubernetes container images",
    "Endpoint": [
      "azurearcfork8s.azurecr.io"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": false,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": false,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Telemetry",
    "Name": "Vm_Management_HCI_Telemetry_Mariner",
    "Severity": "Warning",
    "Description": "For Kubernetes control plane nodes on Mariner OS",
    "Endpoint": [
      "adhs.events.data.microsoft.com/ping",
      "gcs.prod.monitoring.core.windows.net/publicapi/agent/v1/"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": false,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": false,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Telemetry",
    "Name": "Vm_Management_HCI_Telemetry",
    "Severity": "Warning",
    "Description": "To periodically send Telemetry from HCI or Windows Server host",
    "Endpoint": [
      "v20.events.data.microsoft.com/ping"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": false,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": false,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Identity",
    "Name": "Vm_Management_HCI_Identity",
    "Severity": "Warning",
    "Description": "Azure Arc identity service Used for identity and access control",
    "Endpoint": [
      "gbl.his.arc.azure.com"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": false,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": false,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Configuration",
    "Name": "Vm_Management_HCI_Configuration",
    "Severity": "Warning",
    "Description": "Kubernetes endpoint used for Azure Arc configuration",
    "Endpoint": [
      "eastus2euap.dp.kubernetesconfiguration.azure.com"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": false,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": false,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Security",
    "Name": "Vm_Management_HCI_Identity",
    "Severity": "Warning",
    "Description": "Secure token service Used for custom locations",
    "Endpoint": [
      "sts.windows.net"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": false,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": false,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Download",
    "Name": "Vm_Management_HCI_Download",
    "Severity": "Warning",
    "Description": "Resource bridge (appliance) image download Used for downloading the Vm Management for HCI OS images",
    "Endpoint": [
      "msk8s.api.cdp.microsoft.com",
      "msk8s.b.tlu.dl.delivery.mp.microsoft.com",
      "msk8s.sb.tlu.dl.delivery.mp.microsoft.com",
      "msk8s.f.tlu.dl.delivery.mp.microsoft.com",
      "msk8s.sf.tlu.dl.delivery.mp.microsoft.com"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": false,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": false,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Download",
    "Name": "Vm_Management_HCI_Download",
    "Severity": "Warning",
    "Description": "Resource bridge components download Required to pull artifacts for Appliance managed components",
    "Endpoint": [
      "kvamanagementoperator.azurecr.io"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": false,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": false,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Diagnostics",
    "Name": "Vm_Management_HCI_Download",
    "Severity": "Warning",
    "Description": "Log collection for Vm Management for HCI Required to push logs for Appliance managed components",
    "Endpoint": [
      "linuxgeneva-microsoft.azurecr.io"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": false,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": false,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null
  }
]