AzStackHciConnectivity/Targets/AzStackHci.EnvironmentChecker.Arc.Resource.Bridge.Targets.json

[
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Container Registries",
    "Name": "Vm_Management_HCI_Container_Registries",
    "Severity": "CRITICAL",
    "Description": "For official Microsoft artifacts such as container images",
    "Endpoint": [
      "mcr.microsoft.com",
      "ecpacr.azurecr.io",
      "kvamanagementoperator.azurecr.io"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": true,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": true,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null,
    "Region": "Global",
    "ARCGateway": false
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Client Telemetry",
    "Name": "Vm_Management_HCI_Telemetry",
    "Severity": "CRITICAL",
    "Description": "To periodically send Telemetry from HCI or Windows Server host",
    "Endpoint": [
      "v20.events.data.microsoft.com/ping",
      "linuxgeneva-microsoft.azurecr.io"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": true,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": true,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null,
    "Region": "Global",
    "ARCGateway": false
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "1p metrics and logging",
    "Name": "Vm_Management_1p_Metrics_Logging",
    "Severity": "CRITICAL",
    "Description": "To periodically send metrics and logs from appliance to 1p endpoints",
    "Endpoint": [
      "gcs.prod.monitoring.core.windows.net/healthcheck",
      "global.prod.microsoftmetrics.com",
      "prod5.prod.microsoftmetrics.com"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": true,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": true,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null,
    "Region": "Global",
    "ARCGateway": false
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Download",
    "Name": "Vm_Management_HCI_Download",
    "Severity": "CRITICAL",
    "Description": "Resource bridge (appliance) client needs to Validate python package versions",
    "Endpoint": [
      "pypi.org",
      "pythonhosted.org",
      "packages.microsoft.com"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": true,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": true,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null,
    "Region": "Global",
    "ARCGateway": false
  },
  {
    "Service": [
      "Vm Management for HCI"
    ],
    "Title": "Azure Arc Urls",
    "Name": "Azure_Arc_Urls",
    "Severity": "CRITICAL",
    "Description": "Azure Resource Manager - to create or delete the Arc enabled components",
    "Endpoint": [
      "graph.microsoft.com",
      "sts.windows.net",
      "login.windows.net",
      "login.microsoft.com",
      "login.microsoftonline.com"
    ],
    "Protocol": [
      "https"
    ],
    "Mandatory": true,
    "OperationType": [
      "Workload"
    ],
    "Group": "ReadinessChecks",
    "Remediation": "https://learn.microsoft.com/en-us/azure-stack/hci/manage/azure-arc-enabled-virtual-machines#firewall-url-exceptions",
    "TargetResourceID": "",
    "TargetResourceName": "",
    "TargetResourceType": "",
    "Tags": {
      "Group": "ReadinessChecks",
      "Mandatory": true,
      "OperationType": [
        "Workload"
      ]
    },
    "AdditionalData": null,
    "Region": "Global",
    "ARCGateway": false
  }
]