[Enhancement] GR8 V1 Update control for Network diagram and high leve…

…l design doc (#213) * ItemName update * updating for required document * adding new additional module for the control * test deploy * messages update * changed storage filename * workflow main * msg update * deleted commented line * removed extra line
ssc-spc-ccoe-cei · Sep 19, 2024 · 585649b · 585649b
1 parent 29c1150
commit 585649b
Show file tree

Hide file tree

Showing 7 changed files with 40 additions and 8 deletions.
diff --git a/psmodules/GR-Common.zip b/psmodules/GR-Common.zip
diff --git a/setup/IaC/modules/automationaccount.bicep b/setup/IaC/modules/automationaccount.bicep
@@ -150,7 +150,7 @@ resource module11 'modules' = if (newDeployment || updatePSModules) {
     properties: {
       contentLink: {
         uri: '${ModuleBaseURL}/GR-Common.zip'
-        version: '1.1.20'
+        version: '1.1.21'
       }
     }
   }

diff --git a/setup/modules.json b/setup/modules.json
@@ -514,7 +514,36 @@
     "localVariables": [
       {
         "Name": "DocumentName",
-        "Value": "ConfirmNetworkDiagramExists"
+        "Value": "NetworkArchitectureDiagram"
+      },
+      {
+        "Name": "itsgcode",
+        "Value": "SC7"
+      }
+    ]
+  },
+  {
+    "ModuleName": "Check-DocumentExistsInStorage",
+    "Control": "Guardrails8",
+    "ModuleType": "Builtin",
+    "Status": "Enabled",
+    "Required": "True",
+    "Profiles": [1, 2, 3, 4, 5, 6],
+    "Script": "Check-DocumentExistsInStorage -StorageAccountName $vars.storageaccountname -ContainerName $vars.containerName -ResourceGroupName $ResourceGroupName -SubscriptionID $SubID -DocumentName $vars.DocumentName -ControlName $msgTable.CtrName8 -ItemName $msgTable.highLevelDesign -MsgTable $msgTable -ReportTime $ReportTime -itsgcode $vars.itsgcode -CloudUsageProfiles $cloudUsageProfilesString -ModuleProfiles $ModuleProfilesString",
+    "variables": [
+      {
+        "Name": "storageAccountName",
+        "Value": "StorageAccountName"
+      },
+      {
+        "Name": "containerName",
+        "Value": "ContainerName"
+      }
+    ],
+    "localVariables": [
+      {
+        "Name": "DocumentName",
+        "Value": "HighLevelDesign"
       },
       {
         "Name": "itsgcode",

diff --git a/src/GuardRails-Localization/GR-ComplianceChecks-Msgs.psd1 b/src/GuardRails-Localization/GR-ComplianceChecks-Msgs.psd1
@@ -150,7 +150,8 @@ noUDRMitigation = Please apply a custom route to this subnet, pointing to a virt
 subnetExcludedByTag = Subnet '{0}' is excluded from compliance because VNET '{1}' has tag '{2}' with a value of 'true'
 subnetExcludedByReservedName = Subnet '{0}' is excluded from compliance because its name is in the reserved subnet list '{1}'
 subnetExcludedByVNET = Subnet '{0}' is not being checked for compliance because the VNET '{1}' has tag '{2}' with a value of 'true'
-networkDiagram = Network architecture diagram 
+networkDiagram = Network architecture diagram
+highLevelDesign = High level design documentation
 noSubnets = No subnets found in the subscription.
 cloudInfrastructureDeployGuide = Cloud Infrastructure Deployment Guide or Applicable Landing Zone Details
 

diff --git a/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1 b/src/GuardRails-Localization/fr-CA/GR-ComplianceChecks-Msgs.psd1
@@ -150,7 +150,8 @@ noUDRMitigation = Veuillez appliquer une route personnalisée à ce sous-réseau
 subnetExcludedByTag = Subnet '{0}' is excluded from compliance because VNET '{1}' has tag '{2}' with a value of 'true'
 subnetExcludedByReservedName = Subnet '{0}' is excluded from compliance because its name is in the reserved subnet list '{1}'
 subnetExcludedByVNET = Subnet '{0}' is not being checked for compliance because the VNET '{1}' has tag '{2}' with a value of 'true'
-networkDiagram = Diagramme d'architecture réseau 
+networkDiagram = Diagramme d'architecture réseau
+highLevelDesign = Documentation de Conception de haut niveau
 noSubnets = Aucun sous-réseau n'est présent.
 cloudInfrastructureDeployGuide = Guide de déploiement de l'infrastructure cloud ou détails de la zone d'atterrissage applicable
 
@@ -236,8 +237,9 @@ bgAccountNoManager =  Le compte BG {0} n'a pas de gestionnaire
 bgBothHaveManager =  Les deux comptes brise-glace ont un gestionnaire
 
 # GR-Common
-procedureFileFound = Compliant. Required file has been uploaded for review by Cloud Security Compliance assessors. '{0}' found.
-procedureFileNotFound = Non conforme. N'a pas trouvé '{0}' créer et télécharger le fichier approprié dans le conteneur '{1}' dans le compte de stockage '{2}' pour devenir conforme.
+procedureFileFound = Conforme. Le fichier requis a été téléchargé pour examen par les évaluateurs de Conformité à la sécurité infonuagique. « {0} » trouvé.
+procedureFileNotFound = Non conforme. N'a pas trouvé « {0} » créer et télécharger le fichier approprié dans le conteneur « {1} » dans le compte de stockage « {2} » pour devenir conforme.
+
 
 procedureFileDataInvalid = Le(s) fichier(s) d'administrateur général contiennent des noms principaux d'utilisateur non valides. Assurez-vous que les noms principaux d'utilisateur commencent par un trait d'union et tapez chacun d'eux sur une nouvelle ligne.
 globalAdminFileFound = Fichier {0} trouvé dans le conteneur.

diff --git a/src/Guardrails-Common/GR-Common.psd1 b/src/Guardrails-Common/GR-Common.psd1
@@ -14,7 +14,7 @@
 RootModule = 'GR-Common'
 
 # Version number of this module.
-ModuleVersion = '1.1.20'
+ModuleVersion = '1.1.21'
 
 # Supported PSEditions
 # CompatiblePSEditions = @()

diff --git a/src/Guardrails-Common/GR-Common.psm1 b/src/Guardrails-Common/GR-Common.psm1
@@ -388,7 +388,7 @@ function Check-DocumentExistsInStorage {
     else {
         # no blob with the name $attestationFileName was found in the specified storage account
         $docMissing = $true
-        $commentsArray += $msgTable.procedureFileNotFound -f $ItemName, $DocumentName[0], $ContainerName, $StorageAccountName
+        $commentsArray += $msgTable.procedureFileNotFound -f $ItemName, $ContainerName, $StorageAccountName
     }
 
     $Comments = $commentsArray -join ";"