Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Install AMA Extension #77

Merged
merged 25 commits into from
Oct 8, 2024
Merged

Install AMA Extension #77

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
8fcbfe5
Remove provider config from module
ieuanb74 Sep 6, 2024
03c4eda
Remove locals that are no longer in use
ieuanb74 Sep 6, 2024
c9f05eb
Remove unused variables
ieuanb74 Sep 6, 2024
6ad3c18
Merge branch 'master' into ieuanb74-patch-1
ieuanb74 Sep 6, 2024
85cce3e
terraform-docs: automated action
github-actions[bot] Sep 6, 2024
912a297
uncomment
ieuanb74 Sep 6, 2024
3ebde29
terraform-docs: automated action
github-actions[bot] Sep 6, 2024
1cd59a2
Add provider alias to rg
ieuanb74 Sep 6, 2024
02e173f
Add provider to tests
ieuanb74 Sep 6, 2024
605b151
Adding Docker install steps for Ubuntu to run command script
MartyFox Sep 17, 2024
2d6f58b
terraform-docs: automated action
github-actions[bot] Sep 17, 2024
58752a3
formatting
MartyFox Sep 17, 2024
d09d5bf
Merge branch 'marty/docker-install-option' of github.com:hmcts/terraf…
MartyFox Sep 17, 2024
d926226
Merge branch 'ieuanb74-patch-1' into marty/docker-install-option
MartyFox Sep 17, 2024
9d63fd9
terraform-docs: automated action
github-actions[bot] Sep 17, 2024
9edac10
adding remaining docker install vars
MartyFox Sep 17, 2024
5617fd3
Merge branch 'master' into ieuanb74-patch-1
ieuanb74 Sep 17, 2024
11821a3
docker install unnecessary on windows script
MartyFox Sep 17, 2024
eb035ba
Merge branch 'ieuanb74-patch-1' into marty/docker-install-option
MartyFox Sep 17, 2024
be6cea2
Merge pull request #73 from hmcts/marty/docker-install-option
MartyFox Sep 17, 2024
6ff953e
Adding lower function to xdr_tags
JordanHoey96 Sep 19, 2024
d273849
Update linux_run_script
ieuanb74 Sep 25, 2024
522f134
Merge branch 'master' into ieuanb74-patch-1
ieuanb74 Sep 25, 2024
ff0414c
VERSION in logic, OS_TYPE not guarunteed to contain vers num
danielwilsonkainos Sep 25, 2024
93e2555
fix mismerged script
danielwilsonkainos Sep 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,12 +28,17 @@ A virtual machine or virtual machine scale set.
|------|---------|
| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | n/a |
| <a name="provider_azurerm.cnp"></a> [azurerm.cnp](#provider\_azurerm.cnp) | n/a |
| <a name="provider_azurerm.dcr"></a> [azurerm.dcr](#provider\_azurerm.dcr) | n/a |
| <a name="provider_azurerm.soc"></a> [azurerm.soc](#provider\_azurerm.soc) | n/a |

## Resources

| Name | Type |
|------|------|
| [azurerm_monitor_data_collection_rule_association.linux_vm_dcra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule_association) | resource |
| [azurerm_monitor_data_collection_rule_association.linux_vmss_dcra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule_association) | resource |
| [azurerm_monitor_data_collection_rule_association.windows_vm_dcra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule_association) | resource |
| [azurerm_monitor_data_collection_rule_association.windows_vmss_dcra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule_association) | resource |
| [azurerm_virtual_machine_extension.azure_monitor](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource |
| [azurerm_virtual_machine_extension.azure_vm_run_command](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource |
| [azurerm_virtual_machine_extension.custom_script](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource |
Expand All @@ -51,6 +56,9 @@ A virtual machine or virtual machine scale set.
| [azurerm_key_vault_secret.splunk_password](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
| [azurerm_key_vault_secret.splunk_username](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
| [azurerm_key_vault_secret.token](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
| [azurerm_monitor_data_collection_rule.linux_data_collection_rule](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/monitor_data_collection_rule) | data source |
| [azurerm_monitor_data_collection_rule.windows_data_collection_rule](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/monitor_data_collection_rule) | data source |
| [azurerm_resource_group.la_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |

## Inputs

Expand Down Expand Up @@ -81,6 +89,7 @@ A virtual machine or virtual machine scale set.
| <a name="input_endpoint_protection_upgrade_minor_version"></a> [endpoint\_protection\_upgrade\_minor\_version](#input\_endpoint\_protection\_upgrade\_minor\_version) | Specifies if the platform deploys the latest minor version Endpoint Protection update to the type\_handler\_version specified. | `bool` | `true` | no |
| <a name="input_env"></a> [env](#input\_env) | Environment name. | `string` | n/a | yes |
| <a name="input_install_azure_monitor"></a> [install\_azure\_monitor](#input\_install\_azure\_monitor) | Install Azure Monitor Agent. | `bool` | `true` | no |
| <a name="input_install_docker"></a> [install\_docker](#input\_install\_docker) | Should Docker and Docker Compose be installed -- Ubuntu only | `bool` | `false` | no |
| <a name="input_install_dynatrace_oneagent"></a> [install\_dynatrace\_oneagent](#input\_install\_dynatrace\_oneagent) | Install Dynatrace OneAgent. | `bool` | `true` | no |
| <a name="input_install_endpoint_protection"></a> [install\_endpoint\_protection](#input\_install\_endpoint\_protection) | Install Endpoint Protection. | `bool` | `true` | no |
| <a name="input_install_nessus_agent"></a> [install\_nessus\_agent](#input\_install\_nessus\_agent) | Install Nessus Agent. | `bool` | `true` | no |
Expand Down
105 changes: 53 additions & 52 deletions azure_monitor.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,55 +26,56 @@ resource "azurerm_virtual_machine_extension" "azure_monitor" {
tags = var.common_tags
}

# data "azurerm_resource_group" "la_rg" {
# name = "oms-automation"
# }

# data "azurerm_monitor_data_collection_rule" "linux_data_collection_rule" {
# provider = azurerm.dcr
# name = "ama-linux-vm-logs"
# resource_group_name = data.azurerm_resource_group.la_rg.name
# }

# data "azurerm_monitor_data_collection_rule" "windows_data_collection_rule" {
# provider = azurerm.dcr
# name = "ama-windows-vm-logs"
# resource_group_name = data.azurerm_resource_group.la_rg.name
# }


# resource "azurerm_monitor_data_collection_rule_association" "linux_vm_dcra" {
# count = var.install_azure_monitor == true && lower(var.os_type) == "linux" && var.virtual_machine_type == "vm" ? 1 : 0

# name = "vm-${local.vm_name}-dcra"
# target_resource_id = var.virtual_machine_id
# data_collection_rule_id = data.azurerm_monitor_data_collection_rule.linux_data_collection_rule.id
# description = "Association between a linux VM and the appropriate data collection rule."
# }

# resource "azurerm_monitor_data_collection_rule_association" "linux_vmss_dcra" {
# count = var.install_azure_monitor == true && lower(var.os_type) == "linux" && var.virtual_machine_type == "vmss" ? 1 : 0

# name = "vmss-${local.vmss_name}-dcra"
# target_resource_id = var.virtual_machine_scale_set_id
# data_collection_rule_id = data.azurerm_monitor_data_collection_rule.linux_data_collection_rule.id
# description = "Association between a linux VMSS and the appropriate data collection rule."
# }

# resource "azurerm_monitor_data_collection_rule_association" "windows_vm_dcra" {
# count = var.install_azure_monitor == true && lower(var.os_type) == "windows" && var.virtual_machine_type == "vm" ? 1 : 0

# name = "vm-${local.vm_name}-dcra"
# target_resource_id = var.virtual_machine_id
# data_collection_rule_id = data.azurerm_monitor_data_collection_rule.windows_data_collection_rule.id
# description = "Association between a windows VM and the appropriate data collection rule."
# }

# resource "azurerm_monitor_data_collection_rule_association" "windows_vmss_dcra" {
# count = var.install_azure_monitor == true && lower(var.os_type) == "windows" && var.virtual_machine_type == "vmss" ? 1 : 0

# name = "vmss-${local.vmss_name}-dcra"
# target_resource_id = var.virtual_machine_scale_set_id
# data_collection_rule_id = data.azurerm_monitor_data_collection_rule.windows_data_collection_rule.id
# description = "Association between a windows VMSS and the appropriate data collection rule."
# }
data "azurerm_resource_group" "la_rg" {
provider = azurerm.dcr
name = "oms-automation"
}

data "azurerm_monitor_data_collection_rule" "linux_data_collection_rule" {
provider = azurerm.dcr
name = "ama-linux-vm-logs"
resource_group_name = data.azurerm_resource_group.la_rg.name
}

data "azurerm_monitor_data_collection_rule" "windows_data_collection_rule" {
provider = azurerm.dcr
name = "ama-windows-vm-logs"
resource_group_name = data.azurerm_resource_group.la_rg.name
}


resource "azurerm_monitor_data_collection_rule_association" "linux_vm_dcra" {
count = var.install_azure_monitor == true && lower(var.os_type) == "linux" && var.virtual_machine_type == "vm" ? 1 : 0

name = "vm-${local.vm_name}-dcra"
target_resource_id = var.virtual_machine_id
data_collection_rule_id = data.azurerm_monitor_data_collection_rule.linux_data_collection_rule.id
description = "Association between a linux VM and the appropriate data collection rule."
}

resource "azurerm_monitor_data_collection_rule_association" "linux_vmss_dcra" {
count = var.install_azure_monitor == true && lower(var.os_type) == "linux" && var.virtual_machine_type == "vmss" ? 1 : 0

name = "vmss-${local.vmss_name}-dcra"
target_resource_id = var.virtual_machine_scale_set_id
data_collection_rule_id = data.azurerm_monitor_data_collection_rule.linux_data_collection_rule.id
description = "Association between a linux VMSS and the appropriate data collection rule."
}

resource "azurerm_monitor_data_collection_rule_association" "windows_vm_dcra" {
count = var.install_azure_monitor == true && lower(var.os_type) == "windows" && var.virtual_machine_type == "vm" ? 1 : 0

name = "vm-${local.vm_name}-dcra"
target_resource_id = var.virtual_machine_id
data_collection_rule_id = data.azurerm_monitor_data_collection_rule.windows_data_collection_rule.id
description = "Association between a windows VM and the appropriate data collection rule."
}

resource "azurerm_monitor_data_collection_rule_association" "windows_vmss_dcra" {
count = var.install_azure_monitor == true && lower(var.os_type) == "windows" && var.virtual_machine_type == "vmss" ? 1 : 0

name = "vmss-${local.vmss_name}-dcra"
target_resource_id = var.virtual_machine_scale_set_id
data_collection_rule_id = data.azurerm_monitor_data_collection_rule.windows_data_collection_rule.id
description = "Association between a windows VMSS and the appropriate data collection rule."
}
2 changes: 1 addition & 1 deletion providers.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
configuration_aliases = [azurerm.cnp, azurerm.soc]
configuration_aliases = [azurerm.cnp, azurerm.soc, azurerm.dcr]
}
}
}
2 changes: 2 additions & 0 deletions run_command.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ resource "azurerm_virtual_machine_scale_set_extension" "azure_vmss_run_command"
RUN_XDR_AGENT = var.run_xdr_agent ? "true" : "false"
ENV = var.xdr_env == "prod" ? var.xdr_env : "nonprod"
XDR_TAGS = lower(local.xdr_tags_list)
INSTALL_DOCKER = var.install_docker ? "true" : "false"
})) }) : jsonencode({ script = compact(tolist([templatefile("${path.module}/scripts/windows_run_script.ps1", {
STORAGE_ACCOUNT_KEY = var.run_command_sa_key
RUN_CIS = var.rc_script_file == "scripts/windows_cis.ps1" || var.run_cis ? "true" : "false"
Expand Down Expand Up @@ -44,6 +45,7 @@ resource "azurerm_virtual_machine_extension" "azure_vm_run_command" {
RUN_XDR_AGENT = var.run_xdr_agent ? "true" : "false"
ENV = var.xdr_env == "prod" ? var.xdr_env : "nonprod"
XDR_TAGS = lower(local.xdr_tags_list)
INSTALL_DOCKER = var.install_docker ? "true" : "false"
})) }) : jsonencode({ script = compact(tolist([templatefile("${path.module}/scripts/windows_run_script.ps1", {
STORAGE_ACCOUNT_KEY = var.run_command_sa_key
RUN_CIS = var.rc_script_file == "scripts/windows_cis.ps1" || var.run_cis ? "true" : "false"
Expand Down
Loading
Loading