Skip to content

Commit

Permalink
Add network rule to whitelist GitHub
Browse files Browse the repository at this point in the history
  • Loading branch information
@yahanda
yahanda committed Oct 4, 2023
1 parent 0481461 commit dbfe56e
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 2 deletions.
24 changes: 22 additions & 2 deletions workload/arm/deploy-baseline.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"_generator": {
"name": "bicep",
"version": "0.21.1.54444",
"templateHash": "2710012389240087448"
"templateHash": "15466667802386589012"
},
"name": "AVD Accelerator - Baseline Deployment",
"description": "AVD Accelerator - Deployment Baseline"
Expand Down Expand Up @@ -8399,7 +8399,7 @@
"_generator": {
"name": "bicep",
"version": "0.21.1.54444",
"templateHash": "744206307789280632"
"templateHash": "11738074428347052620"
}
},
"parameters": {
Expand Down Expand Up @@ -13757,6 +13757,26 @@
"destinationPorts": [
"443"
]
},
{
"ruleType": "NetworkRule",
"name": "GitHub",
"ipProtocols": [
"TCP"
],
"sourceAddresses": [
"[parameters('vnetAvdSubnetAddressPrefix')]"
],
"sourceIpGroups": [],
"destinationAddresses": [],
"destinationIpGroups": [],
"destinationFqdns": [
"github.com",
"raw.githubusercontent.com"
],
"destinationPorts": [
"443"
]
}
]
},
Expand Down
20 changes: 20 additions & 0 deletions workload/bicep/modules/networking/deploy.bicep
View file
Original file line number Diff line number Diff line change
Expand Up @@ -725,6 +725,26 @@ module firewallPolicyOptionalRuleCollectionGroup '../../../../carml/1.3.0/Micros
'443'
]
}
{
ruleType: 'NetworkRule'
name: 'GitHub'
ipProtocols: [
'TCP'
]
sourceAddresses: [
vnetAvdSubnetAddressPrefix
]
sourceIpGroups: []
destinationAddresses: []
destinationIpGroups: []
destinationFqdns: [
'github.com'
'raw.githubusercontent.com'
]
destinationPorts: [
'443'
]
}
]
}
{
Expand Down

0 comments on commit dbfe56e

Please sign in to comment.