Pamela Fox
commited on
Commit
·
0bf56a7
1
Parent(s):
669c0b8
Dont use secretOrRandomPassword for username since it keeps changing (bug?)
Browse files- README.md +1 -1
- infra/main.bicep +1 -1
- infra/main.parameters.json +0 -3
README.md
CHANGED
|
@@ -112,7 +112,7 @@ It is important to secure the databases in web applications to prevent unwanted
|
|
| 112 |
This infrastructure uses the following mechanisms to secure the PostgreSQL database:
|
| 113 |
|
| 114 |
* Azure Firewall: The database is accessible only from other Azure IPs, not from public IPs. (Note that includes other customers using Azure).
|
| 115 |
-
* Admin Username:
|
| 116 |
* Admin Password: Randomly generated and stored in Key Vault.
|
| 117 |
* PostgreSQL Version: Latest available on Azure, version 14, which includes security improvements.
|
| 118 |
|
|
|
|
| 112 |
This infrastructure uses the following mechanisms to secure the PostgreSQL database:
|
| 113 |
|
| 114 |
* Azure Firewall: The database is accessible only from other Azure IPs, not from public IPs. (Note that includes other customers using Azure).
|
| 115 |
+
* Admin Username: Unique string generated based on subscription ID and stored in Key Vault.
|
| 116 |
* Admin Password: Randomly generated and stored in Key Vault.
|
| 117 |
* PostgreSQL Version: Latest available on Azure, version 14, which includes security improvements.
|
| 118 |
|
infra/main.bicep
CHANGED
|
@@ -11,7 +11,7 @@ param location string
|
|
| 11 |
|
| 12 |
@secure()
|
| 13 |
@description('PostGreSQL Server administrator username')
|
| 14 |
-
param postgresAdminUser string
|
| 15 |
|
| 16 |
@secure()
|
| 17 |
@description('PostGreSQL Server administrator password')
|
|
|
|
| 11 |
|
| 12 |
@secure()
|
| 13 |
@description('PostGreSQL Server administrator username')
|
| 14 |
+
param postgresAdminUser string = 'admin${uniqueString(subscription().subscriptionId)}'
|
| 15 |
|
| 16 |
@secure()
|
| 17 |
@description('PostGreSQL Server administrator password')
|
infra/main.parameters.json
CHANGED
|
@@ -11,9 +11,6 @@
|
|
| 11 |
"principalId": {
|
| 12 |
"value": "${AZURE_PRINCIPAL_ID}"
|
| 13 |
},
|
| 14 |
-
"postgresAdminUser": {
|
| 15 |
-
"value": "$(secretOrRandomPassword ${AZURE_KEY_VAULT_NAME} postgresAdminUser)"
|
| 16 |
-
},
|
| 17 |
"postgresAdminPassword": {
|
| 18 |
"value": "$(secretOrRandomPassword ${AZURE_KEY_VAULT_NAME} postgresAdminPassword)"
|
| 19 |
},
|
|
|
|
| 11 |
"principalId": {
|
| 12 |
"value": "${AZURE_PRINCIPAL_ID}"
|
| 13 |
},
|
|
|
|
|
|
|
|
|
|
| 14 |
"postgresAdminPassword": {
|
| 15 |
"value": "$(secretOrRandomPassword ${AZURE_KEY_VAULT_NAME} postgresAdminPassword)"
|
| 16 |
},
|