anwather
commented
6 months ago Just duplicate the assignment files and you can have two sets of parameters. I would have a single global settings file with both tenants listed in there - then just use the - PacEnvironmentSelector parameter when you build and deploy. No need to maintain two separate projects.
The sync-alzpolicies command only pulls down the files, you can customise them any way you want.
Get Outlook for Androidhttps://aka.ms/AAb9ysg
From: bozic @.> Sent: Thursday, March 14, 2024 8:13:21 PM To: Azure/enterprise-azure-policy-as-code @.> Cc: Subscribed @.***> Subject: [Azure/enterprise-azure-policy-as-code] Question: multitenancy and ALZ Policies (Issue #508)
Hello, I have searched over documentation but did not really see anywhere what to do in the case where I have 2 (or more) tenants (test and prod) and I want to deploy ALZ Policies - the problem I see is that Sync-ALZPolicies will create set of JSON files that need to be manually enriched with specific tenant data (management groups, log analyticis workspaces, private DNS zones IDs) and since this is tenant specific the deployment will fail for different tenant specified in global-settings.jsonc
I did not find how to make only this assignments json files tenant specific that will also work with update procedure. Is there any workaround for this issue, or do I need to have 2 completely separate projects?
Thanks, Eugen
— Reply to this email directly, view it on GitHubhttps://github.com/Azure/enterprise-azure-policy-as-code/issues/508 or unsubscribehttps://github.com/notifications/unsubscribe-auth/ACWCJVWU6KHZGK4UGJ2R4O3YYFS3DBFKMF2HI4TJMJ2XIZLTSOBKK5TBNR2WLJDUOJ2WLJDOMFWWLO3UNBZGKYLEL5YGC4TUNFRWS4DBNZ2F6YLDORUXM2LUPGBKK5TBNR2WLJLJONZXKZNENZQW2ZNLORUHEZLBMRPXI6LQMWBKK5TBNR2WLJDUOJ2WLJDOMFWWLLTXMF2GG2C7MFRXI2LWNF2HTLDTOVRGUZLDORPXI6LQMWSUS43TOVS2M5DPOBUWG44SQKSHI6LQMWVHEZLQN5ZWS5DPOJ42K5TBNR2WLKJTGM3TCNRSHAZTRAVEOR4XAZNFNFZXG5LFUV3GC3DVMWVDEMJYGU4DGOBQGUZKO5DSNFTWOZLSUZRXEZLBORSQ. You are receiving this email because you are subscribed to this thread.
Triage notifications on the go with GitHub Mobile for iOShttps://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Androidhttps://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
bozic
Hello, I have searched over documentation but did not really see anywhere what to do in the case where I have 2 (or more) tenants (test and prod) and I want to deploy ALZ Policies - the problem I see is that Sync-ALZPolicies will create set of JSON files that need to be manually enriched with specific tenant data (management groups, log analyticis workspaces, private DNS zones IDs) and since this is tenant specific the deployment will fail for different tenant specified in global-settings.jsonc
I did not find how to make only this assignments json files tenant specific that will also work with update procedure. Is there any workaround for this issue, or do I need to have 2 completely separate projects?
Thanks, Eugen