consolidated deployment files and updated documentation#14266
Open
AcceleryntSecurityDev wants to merge 1 commit into
Open
consolidated deployment files and updated documentation#14266AcceleryntSecurityDev wants to merge 1 commit into
AcceleryntSecurityDev wants to merge 1 commit into
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
This PR consolidates four separate ARM templates (table, DCE, DCR, Logic App) into a single azuredeploy.json for the AS-Checkmarx-Audit-Ingestion playbook, adds automatic role assignments (Key Vault Secrets User, Monitoring Metrics Publisher), refactors the audit pagination loop to use parameterized page size and a configurable lookback window, and updates the README to reflect the simplified single-deployment flow.
Changes:
- Merged custom table, DCE, DCR, KV connection, Logic App and role assignments into one template; deleted the three standalone deployment files.
- Added
WorkspaceName,WorkspaceResourceId,WorkspaceLocation,KeyVaultResourceGroup,LookbackDays, andAuditPageSizeparameters; replaced hard-coded pagination constants with variables. - Rewrote README deployment, role-assignment, and troubleshooting sections to describe the consolidated flow.
Reviewed changes
Copilot reviewed 5 out of 24 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| Playbooks/AS-Checkmarx-Audit-Ingestion/azuredeploy.json | Consolidated template adding table/DCE/DCR/role assignments and refactored pagination logic. |
| Playbooks/AS-Checkmarx-Audit-Ingestion/README.md | Rewrote deployment, role assignment, and troubleshooting sections for the single template. |
| Playbooks/AS-Checkmarx-Audit-Ingestion/AzureDeployAuditTable.json | Removed; folded into azuredeploy.json. |
| Playbooks/AS-Checkmarx-Audit-Ingestion/AzureDeployDCE.json | Removed; folded into azuredeploy.json. |
| Playbooks/AS-Checkmarx-Audit-Ingestion/AzureDeployAuditDCR.json | Removed; folded into azuredeploy.json. |
Comment on lines
+122
to
+123
| [](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAccelerynt-Security%2FAS-Checkmarx-Audit-Ingestion%2Fmain%2Fazuredeploy.json) | ||
| [](https://portal.azure.us/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAccelerynt-Security%2FAS-Checkmarx-Audit-Ingestion%2Fmain%2Fazuredeploy.json) |
Comment on lines
+538
to
+540
| "type": "Microsoft.Insights/dataCollectionRules/providers/roleAssignments", | ||
| "apiVersion": "2022-04-01", | ||
| "name": "[concat(variables('dataCollectionRuleName'), '/Microsoft.Authorization/', variables('dcrRoleAssignmentName'))]", |
| "2. Enable the Logic App (deployed in Disabled state) and run it to backfill" | ||
| ], | ||
| "lastUpdateTime": "2026-03-13T00:00:00Z", | ||
| "lastUpdateTime": "2026-04-28T00:00:00Z", |
Comment on lines
+482
to
+484
| "Compose_HasMore": { | ||
| "type": "Compose", | ||
| "inputs": "@greaterOrEquals(outputs('Compose_Page_Length'), variables('AuditPageSize'))", |
|
|
||
| The resources should take around a minute to deploy. Once the deployment is complete, you can expand the "**Deployment details**" section to view them. | ||
| Click the one corresponding to the Logic App. | ||
| The resources should take around two minutes to deploy. Once the deployment is complete, you can expand the "**Deployment details**" section to view them. |
Comment on lines
+123
to
+124
| "dataCollectionEndpointName": "dce-checkmarx-audit-ingestion", | ||
| "dataCollectionRuleName": "dcr-checkmarx-audit-ingestion", |
Comment on lines
+271
to
+275
| { | ||
| "name": "FromDate", | ||
| "type": "string", | ||
| "value": "[concat('@{formatDateTime(addDays(utcNow(), -', parameters('LookbackDays'), '), ''yyyy-MM-ddTHH:mm:ssZ'')}')]" | ||
| }, |
Collaborator
|
Hi @AcceleryntSecurityDev, |
Collaborator
|
Please review the comments above and take the necessary action accordingly. Thanks |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Change(s):
Improved functionality & ease of deployment. Batching and pagination logic. Single deployment file with required role assignments
Reason for Change(s):
Improvement of user experience
Version Updated:
N/A
Testing Completed:
Yes
