@@ -91,3 +91,74 @@ Start-TestSleep -Seconds 60
9191foreach ($resourceGroupName in @ ($resourceGroup1 , $resourceGroup2 )) {
9292 New-AzResourceGroupDeployment - ResourceGroupName $resourceGroupName - TemplateFile " $PSScriptRoot /CreateNSGsTemplate.json" - resourceCount 510 - resourceNamePrefix $ (Get-TestResourceNamePrefix )
9393}
94+
95+ # region Attestation Tests Setup
96+ $resourceGroup3 = $ (Get-PSAttestationTestRGName )
97+
98+ # Create the required RG(s) for attestations.
99+ foreach ($resourceGroupName in @ ($resourceGroup3 )) {
100+ Get-AzResourceGroup - Name $resourceGroupName - ErrorVariable rgNotPresent - ErrorAction SilentlyContinue
101+ if ($rgNotPresent ) {
102+ New-AzResourceGroup - Name $resourceGroupName - Location " northcentralus"
103+ }
104+ }
105+
106+ # Create Subscription targetting manual policy
107+ $manualPolicySubcriptionDefinition = New-AzPolicyDefinition - Name $ (Get-TestManualPolicyDefinitonNameSub ) - Policy " $PSScriptRoot /ManualPolicySubDefinition.json" - DisplayName " PS cmdlet tests: Subscription Manual Policy" - Mode All
108+
109+ # Create RG targetting manual policy
110+ $manualPolicyRGDefinition = New-AzPolicyDefinition - Name $ (Get-TestManualPolicyDefinitonNameRG ) - Policy " $PSScriptRoot /ManualPolicyRGDefinition.json" - DisplayName " PS cmdlet tests: RG Manual Policy" - Mode All
111+
112+ # Create Resource targetting manual policy
113+ $manualPolicyResourceDefinition = New-AzPolicyDefinition - Name $ (Get-TestManualPolicyDefinitonNameResource ) - Policy " $PSScriptRoot /ManualPolicyResourceDefinition.json" - DisplayName " PS cmdlet tests: Resource Manual Policy" - Mode All
114+
115+ # Create a network security group for testing resource level attestations.
116+ New-AzResourceGroupDeployment - ResourceGroupName $resourceGroup3 - TemplateFile " $PSScriptRoot /CreateNSGsTemplate.json" - resourceCount 1 - resourceNamePrefix $ (Get-TestResourceNamePrefix )
117+
118+ # Assign the manual policies targetting each of Subscription, Resource Groups and Resource Types to the subscription
119+ $manualPolicySubAssignment = New-AzPolicyAssignment - Name $ (Get-TestAttestationSubscriptionPolicyAssignmentName ) - Scope " /subscriptions/$subscriptionId " - DisplayName " PS cmdlet tests: Subscription Manual Policy" - PolicyDefinition $manualPolicySubcriptionDefinition
120+
121+ $manualPolicyRGAssignment = New-AzPolicyAssignment - Name $ (Get-TestAttestationRGPolicyAssignmentName ) - Scope " /subscriptions/$subscriptionId " - DisplayName " PS cmdlet tests: RG Manual Policy" - PolicyDefinition $manualPolicyRGDefinition
122+
123+ $manualPolicyResourceAssignment = New-AzPolicyAssignment - Name $ (Get-TestAttestationResourcePolicyAssignmentName ) - Scope " /subscriptions/$subscriptionId " - DisplayName " PS cmdlet tests: Resource Manual Policy" - PolicyDefinition $manualPolicyResourceDefinition
124+
125+ # Define Policy Initiatives
126+ $manualpolicyDefinitionsSubscription = @"
127+ [
128+ {
129+ "policyDefinitionId":"$ ( $manualPolicySubcriptionDefinition.ResourceId ) ",
130+ "policyDefinitionReferenceId": "$ ( Get-TestManualPolicyDefinitonNameSub ) _1"
131+ }
132+ ]
133+ "@
134+
135+ $manualpolicyDefinitionsRG = @"
136+ [
137+ {
138+ "policyDefinitionId":"$ ( $manualPolicyRGDefinition.ResourceId ) ",
139+ "policyDefinitionReferenceId": "$ ( Get-TestManualPolicyDefinitonNameRG ) _1"
140+ }
141+ ]
142+ "@
143+
144+ $manualpolicyDefinitionsResource = @"
145+ [
146+ {
147+ "policyDefinitionId":"$ ( $manualPolicyResourceDefinition.ResourceId ) ",
148+ "policyDefinitionReferenceId": "$ ( Get-TestManualPolicyDefinitonNameResource ) _1"
149+ }
150+ ]
151+ "@
152+
153+ $policySetDefinitionSub = New-AzPolicySetDefinition - Name $ (Get-TestManualPolicyInitiativeNameSub ) - DisplayName " PS cmdlet tests: Attestation initiative SUB" - PolicyDefinition $manualpolicyDefinitionsSubscription - SubscriptionId $subscriptionId
154+ $policySetDefinitionRG = New-AzPolicySetDefinition - Name $ (Get-TestManualPolicyInitiativeNameRG ) - DisplayName " PS cmdlet tests: Attestation initiative RG" - PolicyDefinition $manualpolicyDefinitionsRG - SubscriptionId $subscriptionId
155+ $policySetDefinitionResource = New-AzPolicySetDefinition - Name $ (Get-TestManualPolicyInitiativeNameResource ) - DisplayName " PS cmdlet tests: Attestation initiative Resource" - PolicyDefinition $manualpolicyDefinitionsResource - SubscriptionId $subscriptionId
156+
157+ # Assign the initiatives to the subscription
158+ New-AzPolicyAssignment - Name $ (Get-TestInitiativeAttestationSubPolicyAssignmentName ) - Scope " /subscriptions/$subscriptionId " - DisplayName " PS cmdlet tests: Attestation initiative SUB" - PolicySetDefinition $policySetDefinitionSub
159+
160+ New-AzPolicyAssignment - Name $ (Get-TestInitiativeAttestationRGPolicyAssignmentName ) - Scope " /subscriptions/$subscriptionId " - DisplayName " PS cmdlet tests: Attestation initiative RG" - PolicySetDefinition $policySetDefinitionRG
161+
162+ New-AzPolicyAssignment - Name $ (Get-TestAttestationInitiativeResourcePolicyAssignmentName ) - Scope " /subscriptions/$subscriptionId " - DisplayName " PS cmdlet tests: Attestation initiative Resource" - PolicySetDefinition $policySetDefinitionResource
163+
164+ # endregion
0 commit comments