Skip to content

Commit

Permalink
Merge pull request #611 from Azure/create-pull-request/patch
Browse files Browse the repository at this point in the history 
Automatic translation of checklists/alz_checklist.en.json
  • Loading branch information
@sdolgin
sdolgin authored Jan 10, 2024
2 parents 25ad0ad + 14c95b0 commit 23660d8
Show file tree
Hide file tree
Showing 28 changed files with 2,624 additions and 2,549 deletions.
2 changes: 1 addition & 1 deletion checklists/alz_checklist.en.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2633,6 +2633,6 @@
"name": "Azure Landing Zone Review",
"state": "GA",
"waf": "all",
"timestamp": "December 21, 2023"
"timestamp": "January 10, 2024"
}
}
82 changes: 47 additions & 35 deletions checklists/alz_checklist.es.json
View file

Large diffs are not rendered by default.

114 changes: 63 additions & 51 deletions checklists/alz_checklist.ja.json
View file

Large diffs are not rendered by default.

78 changes: 45 additions & 33 deletions checklists/alz_checklist.ko.json
View file

Large diffs are not rendered by default.

88 changes: 50 additions & 38 deletions checklists/alz_checklist.pt.json
View file

Large diffs are not rendered by default.

80 changes: 46 additions & 34 deletions checklists/alz_checklist.zh-Hant.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -210,7 +210,7 @@
"link": "https://learn.microsoft.com/azure/active-directory/hybrid/how-to-connect-sync-staging-server",
"severity": "中等",
"subcategory": "Microsoft Entra ID",
"text": "部署 AD Connect VM 時,請考慮使用暫存伺服器以實現高可用性/災難恢復",
"text": "部署 Microsoft Entra Connect 時,利用暫存伺服器實現高可用性/災難恢復",
"waf": "可靠性"
},
{
Expand Down Expand Up @@ -330,7 +330,7 @@
"link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access#prerequisites-for-a-landing-zone---design-recommendations",
"severity": "中等",
"subcategory": "身份",
"text": "請考慮將 Azure 自定義角色用於以下關鍵角色:Azure 平臺擁有者、網路管理、安全操作、訂閱擁有者、應用程式擁有者",
"text": " Azure 自定義 RBAC 角色用於以下關鍵角色,以提供跨 ALZ 的精細訪問:Azure 平臺擁有者、網路管理、安全操作、訂閱擁有者、應用程式擁有者。使這些角色與企業中的團隊和職責保持一致。",
"training": "https://learn.microsoft.com/learn/modules/create-custom-azure-roles-with-rbac/",
"waf": "安全"
},
Expand Down Expand Up @@ -376,7 +376,7 @@
"service": "Entra",
"severity": "中等",
"subcategory": "身份",
"text": "請考慮使用 Microsoft Entra ID 應用程式代理作為 VPN 或反向代理替換,以便遠端用戶能夠安全且經過身份驗證地存取內部應用程式(託管在雲中或本地)。",
"text": "如果需要,請使用 Microsoft Entra ID 應用程式代理為遠端使用者提供對內部應用程式(託管在雲中或本地)的安全且經過身份驗證的訪問",
"training": "https://learn.microsoft.com/learn/paths/implement-applications-external-access-azure-ad/",
"waf": "安全"
},
Expand Down Expand Up @@ -587,7 +587,7 @@
"link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/track-costs",
"severity": "中等",
"subcategory": "訂閱",
"text": "確保將標籤用於計費和成本管理",
"text": "確保標籤用於計費和成本管理",
"training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
"waf": "安全"
},
Expand Down Expand Up @@ -651,7 +651,7 @@
"link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-groups-in-the-azure-landing-zone-accelerator",
"severity": "中等",
"subcategory": "應用交付",
"text": "在登陸區域內為面向內部 (公司) 和面向外部的應用 (連線) 執行應用交付。",
"text": "在登陸區域內為面向內部 (corp) 和面向外部的應用 (online) 執行應用交付。",
"training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
"waf": "安全"
},
Expand Down Expand Up @@ -698,7 +698,7 @@
"service": "VNet",
"severity": "中等",
"subcategory": "中心輻射型",
"text": "對於需要最大靈活性的網路方案,請考慮基於傳統中心輻射型網路拓撲的網路設計",
"text": "利用基於傳統中心輻射型網路拓撲的網路設計,實現需要最大靈活性的網路方案",
"training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
"waf": "安全"
},
Expand Down Expand Up @@ -733,7 +733,7 @@
"service": "ExpressRoute",
"severity": "",
"subcategory": "中心輻射型",
"text": "如果需要在中心輻射型方案中在 ExpressRoute 和 VPN 閘道之間傳輸,請使用 Azure 路由伺服器。",
"text": "如果需要在中心輻射型方案中的 ExpressRoute 和 VPN 閘道之間傳輸,請使用 Azure 路由伺服器。",
"waf": "安全"
},
{
Expand Down Expand Up @@ -806,7 +806,7 @@
"service": "VNet",
"severity": "",
"subcategory": "中心輻射型",
"text": "配置 VNet 對等互連時,請使用「允許流量流向遠端虛擬網路」設置",
"text": "配置 VNet 對等互連時,使用「允許流量流向遠端虛擬網路」設置",
"waf": "可靠性"
},
{
Expand Down Expand Up @@ -1165,7 +1165,7 @@
"service": "Firewall",
"severity": "",
"subcategory": "互聯網",
"text": "使用 Azure 防火牆管理發往 Internet 的 Azure 出站流量、非 HTTP/S 入站連接和東/西流量篩選(如果組織需要)",
"text": "使用 Azure 防火牆管理發往 Internet、非 HTTP/S 入站連接和東西方流量篩選的 Azure 出站流量(如果組織需要)",
"training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
"waf": "安全"
},
Expand Down Expand Up @@ -1226,7 +1226,7 @@
"service": "WAF",
"severity": "",
"subcategory": "互聯網",
"text": "部署 入站 HTTP/S 連接需要部署 WAF 和其他反向代理,將它們部署在登陸區域虛擬網路中,並將它們與它們保護和公開給 Internet 的應用一起部署。",
"text": "入站 HTTP/S 連接需要部署 WAF 和其他反向代理,將它們部署在登陸區域虛擬網路中,並將它們與它們保護和公開給 Internet 的應用一起部署。",
"training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
"waf": "安全"
},
Expand Down Expand Up @@ -1509,7 +1509,7 @@
"service": "VWAN",
"severity": "",
"subcategory": "虛擬廣域網",
"text": "遵循“Azure 中的流量保留在 Azure 中”的原則,以便通過 Microsoft 主幹網络在 Azure 中的資源之間進行通信",
"text": "遵循“Azure 中的流量保留在 Azure 中”的原則,以便通過 Microsoft 主幹網络跨 Azure 中的資源進行通信",
"waf": "性能"
},
{
Expand Down Expand Up @@ -1713,7 +1713,7 @@
"service": "Policy",
"severity": "中等",
"subcategory": "統轄",
"text": "對於主權登陸區域,主權策略基線的策略計劃在正確的 MG 級別進行部署和分配",
"text": "對於主權登陸區域,主權策略基線的策略計劃在正確的 MG 級別部署和分配",
"waf": "安全"
},
{
Expand Down Expand Up @@ -1874,18 +1874,30 @@
"category": "管理",
"guid": "f9887952-5d62-4688-9d70-ba6c97be9951",
"id": "F03.06",
"link": "https://learn.microsoft.com/azure/automation/update-management/overview",
"link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#update-management-considerations ",
"service": "VM",
"severity": "中等",
"subcategory": "監測",
"text": "使用 Azure 自動化中的更新管理作為 Windows 和 Linux VM 的長期修補機制",
"training": "https://learn.microsoft.com/learn/paths/azure-administrator-manage-compute-resources/",
"subcategory": "運營合規性",
"text": "使用 Azure Update Manager 作為 Azure 中 Windows 和 Linux VM 的修補機制",
"training": "https://learn.microsoft.com/azure/update-manager/overview?tabs=azure-vms",
"waf": "操作"
},
{
"category": "管理",
"guid": "90483845-c986-4cb2-a131-56a12476e49f",
"guid": "c806c048-26b7-4ddf-b4c2-b4f0c476925d",
"id": "F03.07",
"link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#update-management-considerations ",
"service": "VM",
"severity": "中等",
"subcategory": "運營合規性",
"text": "使用 Azure Arc 將 Azure Update Manager 用作 Azure 外部 Windows 和 Linux VM 的修補機制。",
"training": "https://learn.microsoft.com/azure/update-manager/overview?tabs=azure-vms",
"waf": "操作"
},
{
"category": "管理",
"guid": "90483845-c986-4cb2-a131-56a12476e49f",
"id": "F03.08",
"link": "https://learn.microsoft.com/azure/network-watcher/network-watcher-monitoring-overview",
"service": "Network Watcher",
"severity": "中等",
Expand All @@ -1897,7 +1909,7 @@
{
"category": "管理",
"guid": "541acdce-9793-477b-adb3-751ab2ab13ad",
"id": "F03.08",
"id": "F03.09",
"link": "https://learn.microsoft.com/azure/azure-resource-manager/management/lock-resources?tabs=json",
"severity": "中等",
"subcategory": "監測",
Expand All @@ -1908,7 +1920,7 @@
{
"category": "管理",
"guid": "a6e55d7d-8a2a-4db1-87d6-326af625ca44",
"id": "F03.09",
"id": "F03.10",
"link": "https://learn.microsoft.com/azure/governance/policy/overview",
"severity": "",
"subcategory": "監測",
Expand All @@ -1918,7 +1930,7 @@
{
"category": "管理",
"guid": "e5695f22-23ac-4e8c-a123-08ca5017f154",
"id": "F03.10",
"id": "F03.11",
"link": "https://learn.microsoft.com/azure/service-health/alerts-activity-log-service-notifications-portal",
"severity": "中等",
"subcategory": "監測",
Expand All @@ -1928,7 +1940,7 @@
{
"category": "管理",
"guid": "d5f345bf-97ab-41a7-819c-6104baa7d48c",
"id": "F03.11",
"id": "F03.12",
"link": "https://learn.microsoft.com/azure/azure-monitor/alerts/action-groups",
"severity": "中等",
"subcategory": "監測",
Expand All @@ -1938,7 +1950,7 @@
{
"category": "管理",
"guid": "e3ab3693-829e-47e3-8618-3687a0477a20",
"id": "F03.12",
"id": "F03.13",
"link": "https://learn.microsoft.com/azure/sentinel/quickstart-onboard",
"severity": "中等",
"subcategory": "監測",
Expand All @@ -1948,7 +1960,7 @@
{
"category": "管理",
"guid": "9945bda4-3334-4f24-a116-34182ba52752",
"id": "F03.13",
"id": "F03.14",
"link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
"service": "Monitor",
"severity": "中等",
Expand All @@ -1959,7 +1971,7 @@
{
"category": "管理",
"guid": "6944008b-e7d7-4e48-9327-6d8bdc055bcf",
"id": "F03.14",
"id": "F03.15",
"link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-setup-guide/monitoring-reporting?tabs=AzureMonitor",
"service": "Monitor",
"severity": "中等",
Expand All @@ -1970,7 +1982,7 @@
{
"category": "管理",
"guid": "619e8a13-f988-4795-85d6-26886d70ba6c",
"id": "F03.15",
"id": "F03.16",
"link": "https://learn.microsoft.com/azure/azure-monitor/agents/diagnostics-extension-overview",
"severity": "中等",
"subcategory": "監測",
Expand All @@ -1980,7 +1992,7 @@
{
"category": "管理",
"guid": "97be9951-9048-4384-9c98-6cb2913156a1",
"id": "F03.16",
"id": "F03.17",
"link": "https://learn.microsoft.com/azure/azure-monitor/alerts/alerts-overview",
"service": "Monitor",
"severity": "中等",
Expand All @@ -1991,7 +2003,7 @@
{
"category": "管理",
"guid": "859c3900-4514-41eb-b010-475d695abd74",
"id": "F03.17",
"id": "F03.18",
"link": "https://learn.microsoft.com/azure/architecture/best-practices/monitoring",
"severity": "中等",
"subcategory": "監測",
Expand All @@ -2001,12 +2013,12 @@
{
"category": "管理",
"guid": "fed3c55f-a67e-4875-aadd-3aba3f9fde31",
"id": "F03.18",
"id": "F03.19",
"link": "https://learn.microsoft.com/azure/automation/how-to/region-mappings",
"service": "Monitor",
"severity": "中等",
"subcategory": "監測",
"text": "考慮連結的Log Analytics工作區和自動化帳戶支援的區域",
"text": "通過 Azure 自動化帳戶使用更改和清單跟蹤時,請確保已選擇支持的區域,以便將 Log Analytics 工作區和自動化帳戶連結在一起。",
"waf": "操作"
},
{
Expand Down Expand Up @@ -2151,7 +2163,7 @@
"service": "Key Vault",
"severity": "中等",
"subcategory": "加密和金鑰",
"text": "預配 Azure Key Vault 並啟用軟刪除和清除策略,以允許對已刪除物件進行保留保護。",
"text": "預配啟用軟刪除和清除策略的 Azure Key Vault,以允許對已刪除物件進行保留保護。",
"waf": "安全"
},
{
Expand All @@ -2173,7 +2185,7 @@
"service": "Key Vault",
"severity": "中等",
"subcategory": "加密和金鑰",
"text": "使用公共證書頒發機構自動執行證書管理和續訂流程,以簡化管理。",
"text": "使用公共證書頒發機構自動執行證書管理和續訂過程,以簡化管理。",
"waf": "安全"
},
{
Expand Down Expand Up @@ -2439,7 +2451,7 @@
"link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/platform-automation-devops",
"severity": "",
"subcategory": "DevOps 團隊拓撲",
"text": "確保你有一個跨職能的DevOps平臺團隊來構建、管理和維護 Azure 登陸區域體系結構。",
"text": "確保有一個跨職能的DevOps平臺團隊來構建、管理和維護 Azure 登陸區域體系結構。",
"waf": "操作"
},
{
Expand All @@ -2459,7 +2471,7 @@
"link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/devops-teams-topologies#design-recommendations",
"severity": "",
"subcategory": "DevOps 團隊拓撲",
"text": "旨在為應用程式工作負載團隊定義功能,使其自給自足,並且不需要 DevOps 平台團隊的支援。通過使用自定義 RBAC 角色來實現此目的。",
"text": "旨在為應用程式工作負載團隊定義功能,使其自給自足,不需要DevOps平臺團隊支援。通過使用自定義 RBAC 角色來實現此目的。",
"waf": "操作"
},
{
Expand Down Expand Up @@ -2562,7 +2574,7 @@
"metadata": {
"name": "Azure Landing Zone Review",
"state": "GA",
"timestamp": "December 21, 2023",
"timestamp": "January 10, 2024",
"waf": "all"
},
"severities": [
Expand Down
Loading

0 comments on commit 23660d8

Please sign in to comment.