diff --git a/infrastructure/modules/private-link-scope/main.tf b/infrastructure/modules/private-link-scope/main.tf deleted file mode 100644 index b4e8130..0000000 --- a/infrastructure/modules/private-link-scope/main.tf +++ /dev/null @@ -1,38 +0,0 @@ -resource "azurerm_monitor_private_link_scope" "ampls" { - name = var.name - resource_group_name = var.resource_group_name - - ingestion_access_mode = var.ingestion_access_mode - query_access_mode = var.query_access_mode - - tags = var.tags -} - -/* -------------------------------------------------------------------------------------------------- - Private Endpoint Configuration for Private Links --------------------------------------------------------------------------------------------------- */ - -module "private_endpoint_ampls" { - count = var.private_endpoint_properties.private_endpoint_enabled ? 1 : 0 - - source = "../private-endpoint" - - name = "${var.name}-ampls-private-endpoint" - resource_group_name = var.private_endpoint_properties.private_endpoint_resource_group_name - location = var.location - subnet_id = var.private_endpoint_properties.private_endpoint_subnet_id - - private_dns_zone_group = { - name = "${var.name}-ampls-private-endpoint-zone-group" - private_dns_zone_ids = var.private_endpoint_properties.private_dns_zone_ids - } - - private_service_connection = { - name = "${var.name}-ampls-private-endpoint-connection" - private_connection_resource_id = azurerm_monitor_private_link_scope.ampls.id - subresource_names = ["azuremonitor"] - is_manual_connection = var.private_endpoint_properties.private_service_connection_is_manual - } - - tags = var.tags -} diff --git a/infrastructure/modules/private-link-scope/output.tf b/infrastructure/modules/private-link-scope/output.tf deleted file mode 100644 index eed14f9..0000000 --- a/infrastructure/modules/private-link-scope/output.tf +++ /dev/null @@ -1,3 +0,0 @@ -output "scope_name" { - value = azurerm_monitor_private_link_scope.ampls.name -} diff --git a/infrastructure/modules/private-link-scope/variables.tf b/infrastructure/modules/private-link-scope/variables.tf deleted file mode 100644 index 0681a19..0000000 --- a/infrastructure/modules/private-link-scope/variables.tf +++ /dev/null @@ -1,41 +0,0 @@ -variable "name" { - type = string - description = "The name (in FQDN form) of the zone." -} - -variable "resource_group_name" { - type = string - description = "The name of the resource group in which to create the zone. Changing this forces a new resource to be created." -} - -variable "location" { - type = string - description = "The location/region where the LAW is created." -} - -variable "ingestion_access_mode" { - type = string - description = "The access mode for the ingestion endpoint. Possible values are Private and Public." -} - -variable "query_access_mode" { - type = string - description = "The access mode for the query endpoint. Possible values are Private and Public." -} - -variable "private_endpoint_properties" { - description = "Consolidated properties for the Function App Private Endpoint." - type = object({ - private_dns_zone_ids = optional(list(string), []) - private_endpoint_enabled = optional(bool, false) - private_endpoint_subnet_id = optional(string, "") - private_endpoint_resource_group_name = optional(string, "") - private_service_connection_is_manual = optional(bool, false) - }) -} - -variable "tags" { - description = "A mapping of tags to assign to the resource." - type = map(string) - default = {} -} diff --git a/infrastructure/modules/private-link-scoped-service/providers.tf b/infrastructure/modules/private-link-scoped-service/providers.tf new file mode 100644 index 0000000..1d95d57 --- /dev/null +++ b/infrastructure/modules/private-link-scoped-service/providers.tf @@ -0,0 +1,7 @@ +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + } + } +} diff --git a/infrastructure/modules/shared-config/output.tf b/infrastructure/modules/shared-config/output.tf index 49a741d..41dc3bf 100644 --- a/infrastructure/modules/shared-config/output.tf +++ b/infrastructure/modules/shared-config/output.tf @@ -46,67 +46,68 @@ locals { } } - app-insights = lower("APPI-${var.env}-${var.location_map[var.location]}-${var.application}") - app-service-plan = lower("ASP-${var.env}-${var.location_map[var.location]}-${var.application}") - app-service = lower("AS-${var.env}-${var.location_map[var.location]}-${var.application}") - availability-set = lower("AVS-${var.env}-${var.location_map[var.location]}-${var.application}") - avd-dag = lower("AVDDAG-${var.env}-${var.location_map[var.location]}") - avd-host = lower("AVDSH-${var.env}-${var.location_map[var.location]}") - avd-host-pool = lower("AVDHP-${var.env}-${var.location_map[var.location]}") - avd-workspace = lower("AVDWS-${var.env}-${var.location_map[var.location]}") - azure-container-registry = lower("ACR${var.location_map[var.location]}${var.application}${var.env}") - connection = lower("CON-${var.env}-${var.location_map[var.location]}-${var.application}") - custom-image = lower("IMAGE-${var.env}-${var.location_map[var.location]}") - dev-center = lower("DEVC-${var.env}-${var.location_map[var.location]}") - dev-center-project = lower("prj-${var.env}-${var.location_map[var.location]}") - dns-zone = "${lower(var.application)}.${lower(var.env)}.net" - docker-dtr = lower("DTR-${var.env}-${var.location_map[var.location]}-${var.application}") - docker-manager = lower("UCP-${var.env}-${var.location_map[var.location]}-${var.application}") - docker-worker = lower("LWK-${var.env}-${var.location_map[var.location]}-${var.application}") - docker-worker-windows = lower("WWK-${var.env}-${var.location_map[var.location]}-${var.application}") - docker-worker-windows-nb = lower("WWK${var.env}${var.location_map[var.location]}${var.application}") - external-load-balancer = lower("ELB-${var.env}-${var.location_map[var.location]}-${var.application}") - event-grid-topic = lower("EVGT-${var.env}-${var.location_map[var.location]}") - event-hub-namespace = lower("EVHNS-${var.env}-${var.location_map[var.location]}-${var.application}") - firewall = lower("FW-${var.env}-${var.location_map[var.location]}-${var.application}") - function-app = lower("${var.env}-${var.location_map[var.location]}") - internal-load-balancer = lower("ILB-${var.env}-${var.location_map[var.location]}-${var.application}") - key-vault = upper("KV-${var.application}-${var.env}-${var.location_map[var.location]}") - kubernetes-service = lower("AKS-${var.env}-${var.location_map[var.location]}-${var.application}") - load-balancer = lower("LB-${var.env}-${var.location_map[var.location]}-${var.application}") - local-network-gateway = lower("LNG-${var.env}-${var.location_map[var.location]}-${var.application}") - log-analytics-workspace = lower("LAW-${var.env}-${var.location_map[var.location]}-${var.application}") - logic-app = lower("LA-${var.env}-${var.location_map[var.location]}-${var.application}") - managed-devops-pool = lower("private-pool-${var.env}-${var.location_map[var.location]}") - network-interface = upper("${var.env}-${var.location_map[var.location]}-${var.application}") - network-security-group = upper("NSG-${var.env}-${var.location_map[var.location]}-${var.application}") - postgres-sql-server = lower("postgres-${var.application}-${var.env}-${var.location_map[var.location]}") - private-ssh-key = lower("ssh-pri-${var.env}${var.location_map[var.location]}${var.application}") - private-link-scope = lower("ampls-${var.env}${var.location_map[var.location]}${var.application}") - private-link-scoped-service = lower("ampls-svc-${var.env}${var.location_map[var.location]}${var.application}") - public-ip-address = lower("PIP-${var.env}-${var.location_map[var.location]}-${var.application}") - public-ip-dns = lower("${var.env}${var.location_map[var.location]}${var.application}") - public-ssh-key = lower("ssh-pub-${var.env}${var.location_map[var.location]}${var.application}") - redis-cache = lower("RC-${var.location_map[var.location]}-${var.env}-${var.application}") - resource-group = lower("RG-${var.application}-${var.env}-${var.location_map[var.location]}") - resource-application = lower("${var.env}-${var.location_map[var.location]}-${var.application}") - route-table = lower("RT-${var.env}-${var.location_map[var.location]}-${var.application}") - service-bus = lower("SB-${var.location_map[var.location]}-${var.env}-${var.application}") - service-principal = upper("SP-${var.env}-${var.application}") - sql-server = lower("SQLSVR-${var.application}-${var.env}-${var.location_map[var.location]}") - sql-server-db = lower("SQLDB-${var.application}-${var.env}-${var.location_map[var.location]}") - sql-server-managed-instance = lower("SQLMI-${var.env}-${var.location_map[var.location]}-${var.application}") - stack-dns-suffix = "${lower(var.env)}${lower(var.application)}" - storage-account = substr(lower("ST${var.application}${var.env}${var.location_map[var.location]}"), 0, 24) - storage-alerts = lower("STALERT${var.env}${var.location_map[var.location]}${var.application}") - storage-boot-diags = lower("STDIAG${var.env}${var.location_map[var.location]}${var.application}") - storage-flow-logs = lower("STFLOW${var.env}${var.location_map[var.location]}${var.application}") - storage-shared-state = lower("STSTATE${var.env}${var.location_map[var.location]}${var.application}") - subnet = upper("SN-${var.env}-${var.location_map[var.location]}-${var.application}") - virtual-machine = lower("${var.env}-${var.application}") - win-virtual-machine = lower("${var.env}-${var.application}") - virtual-network = upper("VNET-${var.env}-${var.location_map[var.location]}-${var.application}") - vnet-gateway = lower("GWY-${var.env}-${var.location_map[var.location]}-${var.application}") + app-insights = lower("APPI-${var.env}-${var.location_map[var.location]}-${var.application}") + app-service-plan = lower("ASP-${var.env}-${var.location_map[var.location]}-${var.application}") + app-service = lower("AS-${var.env}-${var.location_map[var.location]}-${var.application}") + availability-set = lower("AVS-${var.env}-${var.location_map[var.location]}-${var.application}") + avd-dag = lower("AVDDAG-${var.env}-${var.location_map[var.location]}") + avd-host = lower("AVDSH-${var.env}-${var.location_map[var.location]}") + avd-host-pool = lower("AVDHP-${var.env}-${var.location_map[var.location]}") + avd-workspace = lower("AVDWS-${var.env}-${var.location_map[var.location]}") + azure-container-registry = lower("ACR${var.location_map[var.location]}${var.application}${var.env}") + connection = lower("CON-${var.env}-${var.location_map[var.location]}-${var.application}") + custom-image = lower("IMAGE-${var.env}-${var.location_map[var.location]}") + dev-center = lower("DEVC-${var.env}-${var.location_map[var.location]}") + dev-center-project = lower("prj-${var.env}-${var.location_map[var.location]}") + dns-zone = "${lower(var.application)}.${lower(var.env)}.net" + docker-dtr = lower("DTR-${var.env}-${var.location_map[var.location]}-${var.application}") + docker-manager = lower("UCP-${var.env}-${var.location_map[var.location]}-${var.application}") + docker-worker = lower("LWK-${var.env}-${var.location_map[var.location]}-${var.application}") + docker-worker-windows = lower("WWK-${var.env}-${var.location_map[var.location]}-${var.application}") + docker-worker-windows-nb = lower("WWK${var.env}${var.location_map[var.location]}${var.application}") + external-load-balancer = lower("ELB-${var.env}-${var.location_map[var.location]}-${var.application}") + event-grid-topic = lower("EVGT-${var.env}-${var.location_map[var.location]}") + event-hub-namespace = lower("EVHNS-${var.env}-${var.location_map[var.location]}-${var.application}") + firewall = lower("FW-${var.env}-${var.location_map[var.location]}-${var.application}") + function-app = lower("${var.env}-${var.location_map[var.location]}") + internal-load-balancer = lower("ILB-${var.env}-${var.location_map[var.location]}-${var.application}") + key-vault = upper("KV-${var.application}-${var.env}-${var.location_map[var.location]}") + kubernetes-service = lower("AKS-${var.env}-${var.location_map[var.location]}-${var.application}") + load-balancer = lower("LB-${var.env}-${var.location_map[var.location]}-${var.application}") + local-network-gateway = lower("LNG-${var.env}-${var.location_map[var.location]}-${var.application}") + log-analytics-workspace = lower("LAW-${var.env}-${var.location_map[var.location]}-${var.application}") + logic-app = lower("LA-${var.env}-${var.location_map[var.location]}-${var.application}") + managed-devops-pool = lower("private-pool-${var.env}-${var.location_map[var.location]}") + network-interface = upper("${var.env}-${var.location_map[var.location]}-${var.application}") + network-security-group = upper("NSG-${var.env}-${var.location_map[var.location]}-${var.application}") + postgres-sql-server = lower("postgres-${var.application}-${var.env}-${var.location_map[var.location]}") + private-ssh-key = lower("ssh-pri-${var.env}${var.location_map[var.location]}${var.application}") + private-link-scope = lower("ampls-${var.env}${var.application}") + private-link-scope-private-endpoint = lower("ampls-${var.env}${var.location_map[var.location]}${var.application}-private-endpoint") + private-link-scoped-service = lower("ampls-svc-${var.env}${var.location_map[var.location]}${var.application}") + public-ip-address = lower("PIP-${var.env}-${var.location_map[var.location]}-${var.application}") + public-ip-dns = lower("${var.env}${var.location_map[var.location]}${var.application}") + public-ssh-key = lower("ssh-pub-${var.env}${var.location_map[var.location]}${var.application}") + redis-cache = lower("RC-${var.location_map[var.location]}-${var.env}-${var.application}") + resource-group = lower("RG-${var.application}-${var.env}-${var.location_map[var.location]}") + resource-application = lower("${var.env}-${var.location_map[var.location]}-${var.application}") + route-table = lower("RT-${var.env}-${var.location_map[var.location]}-${var.application}") + service-bus = lower("SB-${var.location_map[var.location]}-${var.env}-${var.application}") + service-principal = upper("SP-${var.env}-${var.application}") + sql-server = lower("SQLSVR-${var.application}-${var.env}-${var.location_map[var.location]}") + sql-server-db = lower("SQLDB-${var.application}-${var.env}-${var.location_map[var.location]}") + sql-server-managed-instance = lower("SQLMI-${var.env}-${var.location_map[var.location]}-${var.application}") + stack-dns-suffix = "${lower(var.env)}${lower(var.application)}" + storage-account = substr(lower("ST${var.application}${var.env}${var.location_map[var.location]}"), 0, 24) + storage-alerts = lower("STALERT${var.env}${var.location_map[var.location]}${var.application}") + storage-boot-diags = lower("STDIAG${var.env}${var.location_map[var.location]}${var.application}") + storage-flow-logs = lower("STFLOW${var.env}${var.location_map[var.location]}${var.application}") + storage-shared-state = lower("STSTATE${var.env}${var.location_map[var.location]}${var.application}") + subnet = upper("SN-${var.env}-${var.location_map[var.location]}-${var.application}") + virtual-machine = lower("${var.env}-${var.application}") + win-virtual-machine = lower("${var.env}-${var.application}") + virtual-network = upper("VNET-${var.env}-${var.location_map[var.location]}-${var.application}") + vnet-gateway = lower("GWY-${var.env}-${var.location_map[var.location]}-${var.application}") } }