Merge pull request #77 from hmcts/ieuanb74-patch-1

Install AMA Extension
hmcts · Oct 8, 2024 · 823a1e9 · 823a1e9
2 parents 874cc05 + 93e2555
commit 823a1e9
Show file tree

Hide file tree

Showing 10 changed files with 309 additions and 235 deletions.
diff --git a/README.md b/README.md
@@ -28,12 +28,17 @@ A virtual machine or virtual machine scale set.
 |------|---------|
 | <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | n/a |
 | <a name="provider_azurerm.cnp"></a> [azurerm.cnp](#provider\_azurerm.cnp) | n/a |
+| <a name="provider_azurerm.dcr"></a> [azurerm.dcr](#provider\_azurerm.dcr) | n/a |
 | <a name="provider_azurerm.soc"></a> [azurerm.soc](#provider\_azurerm.soc) | n/a |
 
 ## Resources
 
 | Name | Type |
 |------|------|
+| [azurerm_monitor_data_collection_rule_association.linux_vm_dcra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule_association) | resource |
+| [azurerm_monitor_data_collection_rule_association.linux_vmss_dcra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule_association) | resource |
+| [azurerm_monitor_data_collection_rule_association.windows_vm_dcra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule_association) | resource |
+| [azurerm_monitor_data_collection_rule_association.windows_vmss_dcra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule_association) | resource |
 | [azurerm_virtual_machine_extension.azure_monitor](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource |
 | [azurerm_virtual_machine_extension.azure_vm_run_command](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource |
 | [azurerm_virtual_machine_extension.custom_script](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource |
@@ -51,6 +56,9 @@ A virtual machine or virtual machine scale set.
 | [azurerm_key_vault_secret.splunk_password](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
 | [azurerm_key_vault_secret.splunk_username](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
 | [azurerm_key_vault_secret.token](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
+| [azurerm_monitor_data_collection_rule.linux_data_collection_rule](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/monitor_data_collection_rule) | data source |
+| [azurerm_monitor_data_collection_rule.windows_data_collection_rule](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/monitor_data_collection_rule) | data source |
+| [azurerm_resource_group.la_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
 
 ## Inputs
 
@@ -81,6 +89,7 @@ A virtual machine or virtual machine scale set.
 | <a name="input_endpoint_protection_upgrade_minor_version"></a> [endpoint\_protection\_upgrade\_minor\_version](#input\_endpoint\_protection\_upgrade\_minor\_version) | Specifies if the platform deploys the latest minor version Endpoint Protection update to the type\_handler\_version specified. | `bool` | `true` | no |
 | <a name="input_env"></a> [env](#input\_env) | Environment name. | `string` | n/a | yes |
 | <a name="input_install_azure_monitor"></a> [install\_azure\_monitor](#input\_install\_azure\_monitor) | Install Azure Monitor Agent. | `bool` | `true` | no |
+| <a name="input_install_docker"></a> [install\_docker](#input\_install\_docker) | Should Docker and Docker Compose be installed -- Ubuntu only | `bool` | `false` | no |
 | <a name="input_install_dynatrace_oneagent"></a> [install\_dynatrace\_oneagent](#input\_install\_dynatrace\_oneagent) | Install Dynatrace OneAgent. | `bool` | `true` | no |
 | <a name="input_install_endpoint_protection"></a> [install\_endpoint\_protection](#input\_install\_endpoint\_protection) | Install Endpoint Protection. | `bool` | `true` | no |
 | <a name="input_install_nessus_agent"></a> [install\_nessus\_agent](#input\_install\_nessus\_agent) | Install Nessus Agent. | `bool` | `true` | no |

diff --git a/azure_monitor.tf b/azure_monitor.tf
@@ -26,55 +26,56 @@ resource "azurerm_virtual_machine_extension" "azure_monitor" {
   tags = var.common_tags
 }
 
-# data "azurerm_resource_group" "la_rg" {
-#   name = "oms-automation"
-# }
-
-# data "azurerm_monitor_data_collection_rule" "linux_data_collection_rule" {
-#   provider            = azurerm.dcr
-#   name                = "ama-linux-vm-logs"
-#   resource_group_name = data.azurerm_resource_group.la_rg.name
-# }
-
-# data "azurerm_monitor_data_collection_rule" "windows_data_collection_rule" {
-#   provider            = azurerm.dcr
-#   name                = "ama-windows-vm-logs"
-#   resource_group_name = data.azurerm_resource_group.la_rg.name
-# }
-
-
-# resource "azurerm_monitor_data_collection_rule_association" "linux_vm_dcra" {
-#   count = var.install_azure_monitor == true && lower(var.os_type) == "linux" && var.virtual_machine_type == "vm" ? 1 : 0
-
-#   name                    = "vm-${local.vm_name}-dcra"
-#   target_resource_id      = var.virtual_machine_id
-#   data_collection_rule_id = data.azurerm_monitor_data_collection_rule.linux_data_collection_rule.id
-#   description             = "Association between a linux VM and the appropriate data collection rule."
-# }
-
-# resource "azurerm_monitor_data_collection_rule_association" "linux_vmss_dcra" {
-#   count = var.install_azure_monitor == true && lower(var.os_type) == "linux" && var.virtual_machine_type == "vmss" ? 1 : 0
-
-#   name                    = "vmss-${local.vmss_name}-dcra"
-#   target_resource_id      = var.virtual_machine_scale_set_id
-#   data_collection_rule_id = data.azurerm_monitor_data_collection_rule.linux_data_collection_rule.id
-#   description             = "Association between a linux VMSS and the appropriate data collection rule."
-# }
-
-# resource "azurerm_monitor_data_collection_rule_association" "windows_vm_dcra" {
-#   count = var.install_azure_monitor == true && lower(var.os_type) == "windows" && var.virtual_machine_type == "vm" ? 1 : 0
-
-#   name                    = "vm-${local.vm_name}-dcra"
-#   target_resource_id      = var.virtual_machine_id
-#   data_collection_rule_id = data.azurerm_monitor_data_collection_rule.windows_data_collection_rule.id
-#   description             = "Association between a windows VM and the appropriate data collection rule."
-# }
-
-# resource "azurerm_monitor_data_collection_rule_association" "windows_vmss_dcra" {
-#   count = var.install_azure_monitor == true && lower(var.os_type) == "windows" && var.virtual_machine_type == "vmss" ? 1 : 0
-
-#   name                    = "vmss-${local.vmss_name}-dcra"
-#   target_resource_id      = var.virtual_machine_scale_set_id
-#   data_collection_rule_id = data.azurerm_monitor_data_collection_rule.windows_data_collection_rule.id
-#   description             = "Association between a windows VMSS and the appropriate data collection rule."
-# }
+data "azurerm_resource_group" "la_rg" {
+  provider = azurerm.dcr
+  name     = "oms-automation"
+}
+
+data "azurerm_monitor_data_collection_rule" "linux_data_collection_rule" {
+  provider            = azurerm.dcr
+  name                = "ama-linux-vm-logs"
+  resource_group_name = data.azurerm_resource_group.la_rg.name
+}
+
+data "azurerm_monitor_data_collection_rule" "windows_data_collection_rule" {
+  provider            = azurerm.dcr
+  name                = "ama-windows-vm-logs"
+  resource_group_name = data.azurerm_resource_group.la_rg.name
+}
+
+
+resource "azurerm_monitor_data_collection_rule_association" "linux_vm_dcra" {
+  count = var.install_azure_monitor == true && lower(var.os_type) == "linux" && var.virtual_machine_type == "vm" ? 1 : 0
+
+  name                    = "vm-${local.vm_name}-dcra"
+  target_resource_id      = var.virtual_machine_id
+  data_collection_rule_id = data.azurerm_monitor_data_collection_rule.linux_data_collection_rule.id
+  description             = "Association between a linux VM and the appropriate data collection rule."
+}
+
+resource "azurerm_monitor_data_collection_rule_association" "linux_vmss_dcra" {
+  count = var.install_azure_monitor == true && lower(var.os_type) == "linux" && var.virtual_machine_type == "vmss" ? 1 : 0
+
+  name                    = "vmss-${local.vmss_name}-dcra"
+  target_resource_id      = var.virtual_machine_scale_set_id
+  data_collection_rule_id = data.azurerm_monitor_data_collection_rule.linux_data_collection_rule.id
+  description             = "Association between a linux VMSS and the appropriate data collection rule."
+}
+
+resource "azurerm_monitor_data_collection_rule_association" "windows_vm_dcra" {
+  count = var.install_azure_monitor == true && lower(var.os_type) == "windows" && var.virtual_machine_type == "vm" ? 1 : 0
+
+  name                    = "vm-${local.vm_name}-dcra"
+  target_resource_id      = var.virtual_machine_id
+  data_collection_rule_id = data.azurerm_monitor_data_collection_rule.windows_data_collection_rule.id
+  description             = "Association between a windows VM and the appropriate data collection rule."
+}
+
+resource "azurerm_monitor_data_collection_rule_association" "windows_vmss_dcra" {
+  count = var.install_azure_monitor == true && lower(var.os_type) == "windows" && var.virtual_machine_type == "vmss" ? 1 : 0
+
+  name                    = "vmss-${local.vmss_name}-dcra"
+  target_resource_id      = var.virtual_machine_scale_set_id
+  data_collection_rule_id = data.azurerm_monitor_data_collection_rule.windows_data_collection_rule.id
+  description             = "Association between a windows VMSS and the appropriate data collection rule."
+}
diff --git a/providers.tf b/providers.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     azurerm = {
       source                = "hashicorp/azurerm"
-      configuration_aliases = [azurerm.cnp, azurerm.soc]
+      configuration_aliases = [azurerm.cnp, azurerm.soc, azurerm.dcr]
     }
   }
 }
diff --git a/run_command.tf b/run_command.tf
@@ -14,6 +14,7 @@ resource "azurerm_virtual_machine_scale_set_extension" "azure_vmss_run_command"
     RUN_XDR_AGENT       = var.run_xdr_agent ? "true" : "false"
     ENV                 = var.xdr_env == "prod" ? var.xdr_env : "nonprod"
     XDR_TAGS            = lower(local.xdr_tags_list)
+    INSTALL_DOCKER      = var.install_docker ? "true" : "false"
     })) }) : jsonencode({ script = compact(tolist([templatefile("${path.module}/scripts/windows_run_script.ps1", {
       STORAGE_ACCOUNT_KEY = var.run_command_sa_key
       RUN_CIS             = var.rc_script_file == "scripts/windows_cis.ps1" || var.run_cis ? "true" : "false"
@@ -44,6 +45,7 @@ resource "azurerm_virtual_machine_extension" "azure_vm_run_command" {
     RUN_XDR_AGENT       = var.run_xdr_agent ? "true" : "false"
     ENV                 = var.xdr_env == "prod" ? var.xdr_env : "nonprod"
     XDR_TAGS            = lower(local.xdr_tags_list)
+    INSTALL_DOCKER      = var.install_docker ? "true" : "false"
     })) }) : jsonencode({ script = compact(tolist([templatefile("${path.module}/scripts/windows_run_script.ps1", {
       STORAGE_ACCOUNT_KEY = var.run_command_sa_key
       RUN_CIS             = var.rc_script_file == "scripts/windows_cis.ps1" || var.run_cis ? "true" : "false"