functions/New-HydrationGlobalSettingsFile.ps1
|
function New-HydrationGlobalSettingsFile { <# .SYNOPSIS This function creates a new EPAC Global Settings File. .DESCRIPTION The New-HydrationGlobalSettingsFile function creates a new Hydration Global Settings File based on the provided parameters. It takes three parameters: AnswerFilePath, Answers, and RepoRootPath. .PARAMETER AnswerFilePath The path to the Answer file, which is generated using the New-HydrationAnswerFile function. .PARAMETER Answers The hashtable of answers. This parameter consumes the file output by New-HydrationAnswerFIle. .PARAMETER RepoRootPath The root path of the repository. This parameter is mandatory. .EXAMPLE New-HydrationGlobalSettingsFile -AnswerFilePath "./AnswerFile.txt" -RepoRootPath "./Repo" This example creates a new Hydration Global Settings File using the Answer file at "./AnswerFile.txt" and the repository at "./Repo". .NOTES The function first checks if the Definitions directory exists in the repository. If it does not, it creates the directory. It then reads the Answer file and converts it to a hashtable. It then creates the Global Settings object by iterating over the environments in the answers. .LINK https://aka.ms/epac https://github.com/Azure/enterprise-azure-policy-as-code/tree/main/Docs/start-hydration-kit.md #> [CmdletBinding()] param ( [Parameter(Mandatory = $true, ParameterSetName = 'AnswerFile')] [string] $AnswerFilePath, [Parameter(Mandatory = $true, ParameterSetName = 'Answers')] [System.Management.Automation.OrderedHashtable] $Answers, [Parameter(Mandatory = $true)] $RepoRootPath ) $InformationPreference = "Continue" $mgBaseString = "/providers/Microsoft.Management/managementGroups/" $definitionsPath = Join-Path $RepoRootPath "Definitions" if (!(Test-Path $definitionsPath)) { New-HydrationDefinitionFolder -DefinitionsRootFolder $definitionsPath } if ($AnswerFilePath) { $Answers = Get-Content $AnswerFilePath -Encoding ascii | convertfrom-json -Depth 10 -AsHashtable } # Test to see if we need an exclusion for the epac root group Write-Information "`nCreating Global Settings..." # Build GlobalSettings object $environmentBlock = @() foreach ($env in $answers.environments.Keys) { $ebEntry = [ordered]@{ pacSelector = $answers.environments.$env.pacSelector cloud = $answers.environments.$env.cloud tenantId = $answers.environments.$env.tenantId deploymentRootScope = $($mgBaseString + $answers.environments.$env.intermediateRootGroupName) desiredState = @{ strategy = $answers.environments.$env.strategy keepDfcSecurityAssignments = $false excludedScopes = @() # TODO: No setting support yet excludedPolicyDefinitions = @() # TODO: No setting support yet excludedPolicySetDefinitions = @() # TODO: No setting support yet excludedPolicyAssignments = @() # TODO: No setting support yet } globalNotScopes = @() # TODO: No setting support yet managedIdentityLocation = $answers.managedIdentityLocations # keepDfcSecurityAssignments = $false # Old location } $environmentBlock += $ebEntry } $globalSettings = [ordered]@{ '$schema' = "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/global-settings-schema.json" pacOwnerId = $answers.pacOwnerId pacEnvironments = $environmentBlock } $globalSettingsPath = Join-Path $definitionsPath "global-settings.jsonc" Write-Information "Writing Global Settings to $globalSettingsPath`n" if (!(test-path $(Split-Path $globalSettingsPath))) { New-Item -ItemType Directory -Path $definitionsPath -Force } $globalSettings | ConvertTo-Json -Depth 10 | Out-File -FilePath $globalSettingsPath -Encoding ascii -Force return $globalSettings } |