The Azure Landing Zones (Enterprise-Scale) architecture provides prescriptive guidance coupled with Azure best practices, and it follows design principles across the critical design areas for organizations to define their Azure architecture
This pull request introduces significant changes to the documentation and policy definitions used in the project. The changes primarily focus on the deprecation of custom diagnostic settings in favor of using built-in initiative. The changes also include updates to the RBAC roles in the policy assignments and minor updates to the documentation structure.
Updates to documentation:
docs/wiki/ALZ-Deprecated-Services.md: Updated the structure of the document and added a note about the deprecation of all ALZ custom Diagnostic Setting features. [1][2]
docs/wiki/Whats-new.md: Announced the arrival of Diagnostic Settings v2, deprecated the ALZ custom diagnostic settings, and fixed the assignment for a specific policy. [1][2]
Deprecation of custom diagnostic settings:
Multiple files in src/resources/Microsoft.Authorization/policyDefinitions/: Marked various policy definitions as deprecated and updated their descriptions to indicate that they are superseded by the built-in initiative. [1][2][3][4][5][6][7][8]
Overview/Summary
This pull request introduces significant changes to the documentation and policy definitions used in the project. The changes primarily focus on the deprecation of custom diagnostic settings in favor of using built-in initiative. The changes also include updates to the RBAC roles in the policy assignments and minor updates to the documentation structure.
Updates to documentation:
docs/wiki/ALZ-Deprecated-Services.md: Updated the structure of the document and added a note about the deprecation of all ALZ custom Diagnostic Setting features. [1] [2]docs/wiki/Whats-new.md: Announced the arrival of Diagnostic Settings v2, deprecated the ALZ custom diagnostic settings, and fixed the assignment for a specific policy. [1] [2]Deprecation of custom diagnostic settings:
src/resources/Microsoft.Authorization/policyDefinitions/: Marked various policy definitions as deprecated and updated their descriptions to indicate that they are superseded by the built-in initiative. [1] [2] [3] [4] [5] [6] [7] [8]Updates to policy assignments:
eslzArm/managementGroupTemplates/policyAssignments/DINE-ResourceDiagnosticsPolicyAssignment.json: Updated the diagnostic settings assignment to use the new built-in initiative and updated the description and display name accordingly.eslzArm/managementGroupTemplates/policyAssignments/MODIFY-AUM-VMCheckUpdatesPolicyAssignment.json: Updated the RBAC role used in the policy assignment. [1] [2]eslzArm/managementGroupTemplates/policyAssignments/MODIFY-AUM-VMHybridCheckUpdatesPolicyAssignment.json: Updated the RBAC role used in the policy assignment. [1] [2]Minor changes:
eslzArm/managementGroupTemplates/roleDefinitions/customRoleDefinitions.json: Updated the Bicep generator version and template hash.Testing URLs
Azure Public
As part of this Pull Request I have
mainbranch/docs/wiki/whats-new.md)