diff --git a/samples/features/azure-arc/configuration/sql-arc-license-configuration-policy.json b/samples/features/azure-arc/configuration/sql-arc-license-configuration-policy.json new file mode 100644 index 000000000..69ac52311 --- /dev/null +++ b/samples/features/azure-arc/configuration/sql-arc-license-configuration-policy.json @@ -0,0 +1,260 @@ +{ + "displayName": "Set Arc-enabled SQL Server license type to 'License With Software Assurance'", + "policyType": "Custom", + "mode": "Indexed", + "description": "This policy sets the license type for Arc-enabled SQL Server to 'License With Software Assurance'. ", + "metadata": { + "category": "" + }, + "version": "1.0.0", + "parameters": { + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Enable or disable the execution of the policy." + }, + "allowedValues": [ + "DeployIfNotExists", + "Disabled" + ], + "defaultValue": "DeployIfNotExists" + }, + "sqlServerExtensionType": { + "type": "String", + "metadata": { + "displayName": "SQL Server extension type", + "description": "Arc-enabled SQL Server extension name to target." + }, + "allowedValues": [ + "WindowsAgent.SqlServer", + "LinuxAgent.SqlServer" + ], + "defaultValue": "WindowsAgent.SqlServer" + }, + "targetLicenseType": { + "type": "String", + "metadata": { + "displayName": "Target license type", + "description": "LicenseType value to enforce on the Arc-enabled SQL Server extension settings." + }, + "allowedValues": [ + "Paid", + "PAYG" + ], + "defaultValue": "Paid" + }, + "licenseTypesToOverwrite": { + "type": "Array", + "metadata": { + "displayName": "Current license types to overwrite", + "description": "Select which current LicenseType states are eligible for update. Use 'Unspecified' to include resources where LicenseType is missing." + }, + "allowedValues": [ + "Unspecified", + "Paid", + "PAYG", + "LicenseOnly" + ], + "defaultValue": [ + "Unspecified", + "Paid", + "PAYG", + "LicenseOnly" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.HybridCompute/machines/extensions" + }, + { + "anyOf": [ + { + "field": "name", + "equals": "[parameters('sqlServerExtensionType')]" + }, + { + "field": "name", + "like": "[concat('*/', parameters('sqlServerExtensionType'))]" + } + ] + }, + { + "field": "Microsoft.HybridCompute/machines/extensions/type", + "equals": "[parameters('sqlServerExtensionType')]" + } + ] + }, + "then": { + "effect": "[parameters('effect')]", + "details": { + "type": "Microsoft.HybridCompute/machines/extensions", + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/7392c568-9289-4bde-aaaa-b7131215889d", + "/providers/Microsoft.Authorization/roleDefinitions/acdd72a7-3385-48ef-bd42-f606fba81ae7" + ], + "name": "[field('fullName')]", + "existenceCondition": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.HybridCompute/machines/extensions/settings", + "ContainsKey": "LicenseType" + }, + { + "value": "[length(intersection(field('Microsoft.HybridCompute/machines/extensions/settings'), createObject('LicenseType', parameters('targetLicenseType'))))]", + "equals": 1 + } + ] + }, + { + "allOf": [ + { + "field": "Microsoft.HybridCompute/machines/extensions/settings", + "notContainsKey": "LicenseType" + }, + { + "value": "[contains(parameters('licenseTypesToOverwrite'), 'Unspecified')]", + "equals": false + } + ] + }, + { + "allOf": [ + { + "field": "Microsoft.HybridCompute/machines/extensions/settings", + "ContainsKey": "LicenseType" + }, + { + "value": "[length(intersection(field('Microsoft.HybridCompute/machines/extensions/settings'), createObject('LicenseType', 'Paid')))]", + "equals": 1 + }, + { + "value": "[contains(parameters('licenseTypesToOverwrite'), 'Paid')]", + "equals": false + } + ] + }, + { + "allOf": [ + { + "field": "Microsoft.HybridCompute/machines/extensions/settings", + "ContainsKey": "LicenseType" + }, + { + "value": "[length(intersection(field('Microsoft.HybridCompute/machines/extensions/settings'), createObject('LicenseType', 'PAYG')))]", + "equals": 1 + }, + { + "value": "[contains(parameters('licenseTypesToOverwrite'), 'PAYG')]", + "equals": false + } + ] + }, + { + "allOf": [ + { + "field": "Microsoft.HybridCompute/machines/extensions/settings", + "ContainsKey": "LicenseType" + }, + { + "value": "[length(intersection(field('Microsoft.HybridCompute/machines/extensions/settings'), createObject('LicenseType', 'LicenseOnly')))]", + "equals": 1 + }, + { + "value": "[contains(parameters('licenseTypesToOverwrite'), 'LicenseOnly')]", + "equals": false + } + ] + } + ] + }, + "evaluationDelay": "AfterProvisioningSuccess", + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "extensionName": { + "type": "string", + "metadata": { + "description": "The Resource name of the Arc server extension." + } + }, + "vmLocation": { + "type": "string", + "metadata": { + "description": "The location of the Arc server." + } + }, + "agentName": { + "type": "string", + "metadata": { + "description": "Name of the agent, i.e. WindowsAgent.SQLServer." + } + }, + "existingSettings": { + "type": "object", + "metadata": { + "description": "The existing settings on the extension." + } + }, + "targetLicenseType": { + "type": "string", + "metadata": { + "description": "LicenseType value to set on the extension." + } + } + }, + "functions": [], + "variables": { + "vmExtensionPublisher": "Microsoft.AzureData", + "licenseSettings": { + "LicenseType": "[parameters('targetLicenseType')]" + } + }, + "resources": [ + { + "name": "[parameters('extensionName')]", + "type": "Microsoft.HybridCompute/machines/extensions", + "location": "[parameters('vmLocation')]", + "apiVersion": "2022-11-10", + "properties": { + "publisher": "[variables('vmExtensionPublisher')]", + "type": "[parameters('agentName')]", + "settings": "[union(parameters('existingSettings'), variables('licenseSettings'))]" + } + } + ], + "outputs": {} + }, + "parameters": { + "extensionName": { + "value": "[field('fullName')]" + }, + "vmLocation": { + "value": "[field('location')]" + }, + "agentName": { + "value": "[field('name')]" + }, + "existingSettings": { + "value": "[field('Microsoft.HybridCompute/machines/extensions/settings')]" + }, + "targetLicenseType": { + "value": "[parameters('targetLicenseType')]" + } + } + } + } + } + } + } +} \ No newline at end of file