diff --git a/0_core-infrastructure/azure-bastion/main.tf b/0_core-infrastructure/azure-bastion/main.tf index 4ed4012..e8d974d 100644 --- a/0_core-infrastructure/azure-bastion/main.tf +++ b/0_core-infrastructure/azure-bastion/main.tf @@ -20,7 +20,7 @@ resource "azurerm_virtual_network" "example" { } resource "azurerm_subnet" "example" { - name = "AzureBastionSubnet" # Required name for the Bastion subnet + name = "AzureBastionSubnet" # Required name for the Bastion subnet resource_group_name = azurerm_resource_group.example.name virtual_network_name = azurerm_virtual_network.example.name address_prefixes = var.subnet_address_prefixes diff --git a/0_core-infrastructure/azure-bastion/provider.tf b/0_core-infrastructure/azure-bastion/provider.tf index 8cf2ee9..b64c29f 100644 --- a/0_core-infrastructure/azure-bastion/provider.tf +++ b/0_core-infrastructure/azure-bastion/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Add your subscription ID here + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Add your subscription ID here } \ No newline at end of file diff --git a/0_core-infrastructure/azure-bastion/terraform.tfvars b/0_core-infrastructure/azure-bastion/terraform.tfvars index 7d326b6..902bd6d 100644 --- a/0_core-infrastructure/azure-bastion/terraform.tfvars +++ b/0_core-infrastructure/azure-bastion/terraform.tfvars @@ -2,15 +2,15 @@ # This file provides default values for the variables defined in variables.tf. # These values can be overridden by specifying different values during Terraform execution. -resource_group_name = "my-resource-group" -location = "East US" -vnet_name = "my-vnet" -vnet_address_space = ["10.0.0.0/16"] -subnet_name = "my-subnet" +resource_group_name = "my-resource-group" +location = "East US" +vnet_name = "my-vnet" +vnet_address_space = ["10.0.0.0/16"] +subnet_name = "my-subnet" subnet_address_prefixes = ["10.0.1.0/24"] -public_ip_name = "my-public-ip" -bastion_name = "my-bastion" -subscription_id = "your-subscription-id" +public_ip_name = "my-public-ip" +bastion_name = "my-bastion" +subscription_id = "your-subscription-id" tags = { env = "dev" } \ No newline at end of file diff --git a/0_core-infrastructure/network-security-group/provider.tf b/0_core-infrastructure/network-security-group/provider.tf index 8cf2ee9..b64c29f 100644 --- a/0_core-infrastructure/network-security-group/provider.tf +++ b/0_core-infrastructure/network-security-group/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Add your subscription ID here + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Add your subscription ID here } \ No newline at end of file diff --git a/0_core-infrastructure/public-ip/provider.tf b/0_core-infrastructure/public-ip/provider.tf index 8cf2ee9..b64c29f 100644 --- a/0_core-infrastructure/public-ip/provider.tf +++ b/0_core-infrastructure/public-ip/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Add your subscription ID here + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Add your subscription ID here } \ No newline at end of file diff --git a/0_core-infrastructure/resource-group/provider.tf b/0_core-infrastructure/resource-group/provider.tf index eab51a2..bbdd1ba 100644 --- a/0_core-infrastructure/resource-group/provider.tf +++ b/0_core-infrastructure/resource-group/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Add your subscription ID here + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Add your subscription ID here } diff --git a/0_core-infrastructure/subnet/provider.tf b/0_core-infrastructure/subnet/provider.tf index 8cf2ee9..b64c29f 100644 --- a/0_core-infrastructure/subnet/provider.tf +++ b/0_core-infrastructure/subnet/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Add your subscription ID here + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Add your subscription ID here } \ No newline at end of file diff --git a/0_core-infrastructure/subnet/terraform.tfvars b/0_core-infrastructure/subnet/terraform.tfvars index c615201..b565a16 100644 --- a/0_core-infrastructure/subnet/terraform.tfvars +++ b/0_core-infrastructure/subnet/terraform.tfvars @@ -2,13 +2,13 @@ # This file provides default values for the variables defined in variables.tf. # It allows you to customize the configuration without modifying the variables file. -resource_group_name = "example-resource-group" -vnet_name = "example-vnet" -subnet_name = "example-subnet" -location = "East US" -address_space = ["10.0.0.0/16"] +resource_group_name = "example-resource-group" +vnet_name = "example-vnet" +subnet_name = "example-subnet" +location = "East US" +address_space = ["10.0.0.0/16"] subnet_address_prefixes = ["10.0.1.0/24"] -subscription_id = "your-subscription-id-here" +subscription_id = "your-subscription-id-here" tags = { "project" = "example-project" "owner" = "team-name" diff --git a/0_core-infrastructure/virtual-network/provider.tf b/0_core-infrastructure/virtual-network/provider.tf index 8cf2ee9..b64c29f 100644 --- a/0_core-infrastructure/virtual-network/provider.tf +++ b/0_core-infrastructure/virtual-network/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Add your subscription ID here + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Add your subscription ID here } \ No newline at end of file diff --git a/10_migration-backup/backup/provider.tf b/10_migration-backup/backup/provider.tf index f3f9b2d..4422763 100644 --- a/10_migration-backup/backup/provider.tf +++ b/10_migration-backup/backup/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/10_migration-backup/backup/terraform.tfvars b/10_migration-backup/backup/terraform.tfvars index 27547a2..4621492 100644 --- a/10_migration-backup/backup/terraform.tfvars +++ b/10_migration-backup/backup/terraform.tfvars @@ -10,8 +10,8 @@ resource_group_name = "RG-backupvault-test" location = "eastus" # Backup Vault -backup_vault_name = "my-backup-vault" -redundancy = "LocallyRedundant" +backup_vault_name = "my-backup-vault" +redundancy = "LocallyRedundant" tags = { Environment = "Backup" Owner = "IT" diff --git a/10_migration-backup/site-recovery/provider.tf b/10_migration-backup/site-recovery/provider.tf index f3f9b2d..4422763 100644 --- a/10_migration-backup/site-recovery/provider.tf +++ b/10_migration-backup/site-recovery/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/10_migration-backup/site-recovery/terraform.tfvars b/10_migration-backup/site-recovery/terraform.tfvars index c5e4135..5f7cede 100644 --- a/10_migration-backup/site-recovery/terraform.tfvars +++ b/10_migration-backup/site-recovery/terraform.tfvars @@ -10,8 +10,8 @@ resource_group_name = "RG-siterecorvery-test" location = "eastus" # Recovery Services Vault Configuration -vault_name = "my-siterecovery-vault" -sku = "Standard" +vault_name = "my-siterecovery-vault" +sku = "Standard" tags = { Environment = "SiteRecovery" Owner = "IT" diff --git a/1_storage-databases/blob-storage/provider.tf b/1_storage-databases/blob-storage/provider.tf index 8274611..dc659fb 100644 --- a/1_storage-databases/blob-storage/provider.tf +++ b/1_storage-databases/blob-storage/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/1_storage-databases/cosmos-db/provider.tf b/1_storage-databases/cosmos-db/provider.tf index 414d072..880d4fe 100644 --- a/1_storage-databases/cosmos-db/provider.tf +++ b/1_storage-databases/cosmos-db/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } \ No newline at end of file diff --git a/1_storage-databases/cosmos-db/terraform.tfvars b/1_storage-databases/cosmos-db/terraform.tfvars index e662f7a..bcf54b3 100644 --- a/1_storage-databases/cosmos-db/terraform.tfvars +++ b/1_storage-databases/cosmos-db/terraform.tfvars @@ -2,10 +2,10 @@ # This file provides default values for the variables defined in variables.tf. # These values can be overridden by specifying different values during Terraform execution. -resource_group_name = "my-resource-group" -location = "East US 2" -cosmosdb_account_name = "mycosmosdbaccount" -subscription_id = "your-subscription-id" +resource_group_name = "my-resource-group" +location = "East US 2" +cosmosdb_account_name = "mycosmosdbaccount" +subscription_id = "your-subscription-id" tags = { env = "dev" } \ No newline at end of file diff --git a/1_storage-databases/data-lake-storage/main.tf b/1_storage-databases/data-lake-storage/main.tf index 3f5f96c..488996a 100644 --- a/1_storage-databases/data-lake-storage/main.tf +++ b/1_storage-databases/data-lake-storage/main.tf @@ -28,8 +28,8 @@ resource "azurerm_storage_account" "example" { } resource "azurerm_storage_data_lake_gen2_filesystem" "example" { - name = var.filesystem_name - storage_account_id = azurerm_storage_account.example.id + name = var.filesystem_name + storage_account_id = azurerm_storage_account.example.id # Ensure the Data Lake Gen2 File System depends on the Storage Account depends_on = [ diff --git a/1_storage-databases/data-lake-storage/provider.tf b/1_storage-databases/data-lake-storage/provider.tf index 414d072..880d4fe 100644 --- a/1_storage-databases/data-lake-storage/provider.tf +++ b/1_storage-databases/data-lake-storage/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } \ No newline at end of file diff --git a/1_storage-databases/data-lake-storage/terraform.tfvars b/1_storage-databases/data-lake-storage/terraform.tfvars index 675d901..f04fb09 100644 --- a/1_storage-databases/data-lake-storage/terraform.tfvars +++ b/1_storage-databases/data-lake-storage/terraform.tfvars @@ -2,11 +2,11 @@ # This file provides default values for the variables defined in variables.tf. # These values can be overridden by specifying different values during Terraform execution. -resource_group_name = "my-resource-group" -location = "East US" -storage_account_name = "mystorageaccount" -filesystem_name = "myfilesystem" -subscription_id = "your-subscription-id" +resource_group_name = "my-resource-group" +location = "East US" +storage_account_name = "mystorageaccount" +filesystem_name = "myfilesystem" +subscription_id = "your-subscription-id" tags = { env = "dev" } \ No newline at end of file diff --git a/1_storage-databases/file-storage/provider.tf b/1_storage-databases/file-storage/provider.tf index 414d072..880d4fe 100644 --- a/1_storage-databases/file-storage/provider.tf +++ b/1_storage-databases/file-storage/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } \ No newline at end of file diff --git a/1_storage-databases/mongo-atlas/terraform.tfvars b/1_storage-databases/mongo-atlas/terraform.tfvars index 00aed8f..e7ee2f7 100644 --- a/1_storage-databases/mongo-atlas/terraform.tfvars +++ b/1_storage-databases/mongo-atlas/terraform.tfvars @@ -1,10 +1,10 @@ -azure_subscription_id = "your-subscription-id" -resource_group_name = "your-resource-group" -vnet_name = "your-vnet-name" -azure_vnet_cidr_block = "10.3.0.0/16" -atlas_cidr_block = "192.168.4.0/24" # Ensure this CIDR block does not overlap with the Azure virtual network CIDR block -location = "your-location" # e.g "East US 2" -mongodbatlas_org_id = "your-org-id" -azure_directory_id = "your-directory-id" -mongodbatlas_public_key = "your-public-key" -mongodbatlas_private_key = "your-private-key" +azure_subscription_id = "your-subscription-id" +resource_group_name = "your-resource-group" +vnet_name = "your-vnet-name" +azure_vnet_cidr_block = "10.3.0.0/16" +atlas_cidr_block = "192.168.4.0/24" # Ensure this CIDR block does not overlap with the Azure virtual network CIDR block +location = "your-location" # e.g "East US 2" +mongodbatlas_org_id = "your-org-id" +azure_directory_id = "your-directory-id" +mongodbatlas_public_key = "your-public-key" +mongodbatlas_private_key = "your-private-key" diff --git a/1_storage-databases/mysql-flexible-server/provider.tf b/1_storage-databases/mysql-flexible-server/provider.tf index c5e0f73..801b246 100644 --- a/1_storage-databases/mysql-flexible-server/provider.tf +++ b/1_storage-databases/mysql-flexible-server/provider.tf @@ -7,8 +7,8 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } time = { source = "hashicorp/time" @@ -19,6 +19,6 @@ terraform { } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/1_storage-databases/mysql-flexible-server/terraform.tfvars b/1_storage-databases/mysql-flexible-server/terraform.tfvars index 44d3f3b..bfbb48d 100644 --- a/1_storage-databases/mysql-flexible-server/terraform.tfvars +++ b/1_storage-databases/mysql-flexible-server/terraform.tfvars @@ -2,18 +2,18 @@ # This file provides default values for the variables defined in variables.tf. # These values can be overridden by specifying different values during Terraform execution. -resource_group_name = "example-resources" -location = "West US" -mysql_flexible_server_name = "mysqlflexbrownx0" -administrator_login = "adminuser" -administrator_password = "P@ssw0rd1234!" -sku_name = "GP_Standard_D2ds_v4" -mysql_version = "8.0.21" -backup_retention_days = 7 -high_availability_mode = "SameZone" -maintenance_window_day_of_week = 0 -maintenance_window_start_hour = 8 +resource_group_name = "example-resources" +location = "West US" +mysql_flexible_server_name = "mysqlflexbrownx0" +administrator_login = "adminuser" +administrator_password = "P@ssw0rd1234!" +sku_name = "GP_Standard_D2ds_v4" +mysql_version = "8.0.21" +backup_retention_days = 7 +high_availability_mode = "SameZone" +maintenance_window_day_of_week = 0 +maintenance_window_start_hour = 8 maintenance_window_start_minute = 0 -storage_iops = 360 -storage_size_gb = 20 -subscription_id = "your-subscription-id" +storage_iops = 360 +storage_size_gb = 20 +subscription_id = "your-subscription-id" diff --git a/1_storage-databases/postgresql/provider.tf b/1_storage-databases/postgresql/provider.tf index 4fee279..2fcc8eb 100644 --- a/1_storage-databases/postgresql/provider.tf +++ b/1_storage-databases/postgresql/provider.tf @@ -7,8 +7,8 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } time = { source = "hashicorp/time" @@ -19,7 +19,7 @@ terraform { } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/1_storage-databases/postgresql/terraform.tfvars b/1_storage-databases/postgresql/terraform.tfvars index ffab756..fe5a6ba 100644 --- a/1_storage-databases/postgresql/terraform.tfvars +++ b/1_storage-databases/postgresql/terraform.tfvars @@ -1,10 +1,10 @@ # File for setting values for the variables -subscription_id = "your-subscription_id" -resource_group_name = "rg-example-test" -location = "West US" -postgresql_server_name = "postgresqlbrowntestserver" -admin_username = "adminuser" -admin_password = "P@ssw0rd1234!" -ssl_enforcement_enabled = true +subscription_id = "your-subscription_id" +resource_group_name = "rg-example-test" +location = "West US" +postgresql_server_name = "postgresqlbrowntestserver" +admin_username = "adminuser" +admin_password = "P@ssw0rd1234!" +ssl_enforcement_enabled = true diff --git a/1_storage-databases/sql-database/main.tf b/1_storage-databases/sql-database/main.tf index 48f2974..4512e42 100644 --- a/1_storage-databases/sql-database/main.tf +++ b/1_storage-databases/sql-database/main.tf @@ -12,13 +12,13 @@ resource "azurerm_resource_group" "example" { # Create an MSSQL Server resource "azurerm_mssql_server" "example" { - name = var.sql_server_name # Name of the SQL Server - resource_group_name = azurerm_resource_group.example.name # Resource group name - location = azurerm_resource_group.example.location # Location of the SQL Server - version = "12.0" # SQL Server version - administrator_login = var.admin_username # Administrator username - administrator_login_password = var.admin_password # Administrator password - depends_on = [azurerm_resource_group.example] # Ensure resource group is created first + name = var.sql_server_name # Name of the SQL Server + resource_group_name = azurerm_resource_group.example.name # Resource group name + location = azurerm_resource_group.example.location # Location of the SQL Server + version = "12.0" # SQL Server version + administrator_login = var.admin_username # Administrator username + administrator_login_password = var.admin_password # Administrator password + depends_on = [azurerm_resource_group.example] # Ensure resource group is created first } # Add a null resource to introduce a delay @@ -26,15 +26,15 @@ resource "null_resource" "wait_for_sql_server" { depends_on = [azurerm_mssql_server.example] provisioner "local-exec" { - command = "Start-Sleep -Seconds 60" + command = "Start-Sleep -Seconds 60" interpreter = ["PowerShell", "-Command"] } } # Create an MSSQL Database resource "azurerm_mssql_database" "example" { - name = var.sql_database_name # Name of the SQL Database - server_id = azurerm_mssql_server.example.id # ID of the SQL Server - sku_name = "Basic" # SKU name for the SQL Database - depends_on = [null_resource.wait_for_sql_server] # Ensure SQL Server is fully provisioned first + name = var.sql_database_name # Name of the SQL Database + server_id = azurerm_mssql_server.example.id # ID of the SQL Server + sku_name = "Basic" # SKU name for the SQL Database + depends_on = [null_resource.wait_for_sql_server] # Ensure SQL Server is fully provisioned first } \ No newline at end of file diff --git a/1_storage-databases/sql-database/provider.tf b/1_storage-databases/sql-database/provider.tf index a6e32e5..568eb52 100644 --- a/1_storage-databases/sql-database/provider.tf +++ b/1_storage-databases/sql-database/provider.tf @@ -3,13 +3,13 @@ terraform { # Specify the required providers and their versions required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Add your subscription ID here + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Add your subscription ID here } \ No newline at end of file diff --git a/1_storage-databases/sql-database/terraform.tfvars b/1_storage-databases/sql-database/terraform.tfvars index 285417f..2f19856 100644 --- a/1_storage-databases/sql-database/terraform.tfvars +++ b/1_storage-databases/sql-database/terraform.tfvars @@ -2,14 +2,14 @@ # This file provides default values for the variables defined in variables.tf. # These values can be overridden by specifying different values during Terraform execution. -resource_group_name = "my-resource-group" -location = "East US" -sql_server_name = "my-sql-server" -admin_username = "adminuser" -admin_password = "P@ssw0rd123" -sql_database_name = "mydatabase" -sku_name = "Basic" -subscription_id = "your-subscription-id" +resource_group_name = "my-resource-group" +location = "East US" +sql_server_name = "my-sql-server" +admin_username = "adminuser" +admin_password = "P@ssw0rd123" +sql_database_name = "mydatabase" +sku_name = "Basic" +subscription_id = "your-subscription-id" tags = { env = "dev" } \ No newline at end of file diff --git a/1_storage-databases/storage-account/provider.tf b/1_storage-databases/storage-account/provider.tf index 414d072..880d4fe 100644 --- a/1_storage-databases/storage-account/provider.tf +++ b/1_storage-databases/storage-account/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } \ No newline at end of file diff --git a/2_compute-containers/app-service/provider.tf b/2_compute-containers/app-service/provider.tf index 8274611..dc659fb 100644 --- a/2_compute-containers/app-service/provider.tf +++ b/2_compute-containers/app-service/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/2_compute-containers/app-service/terraform.tfvars b/2_compute-containers/app-service/terraform.tfvars index 09e2a70..4d505c9 100644 --- a/2_compute-containers/app-service/terraform.tfvars +++ b/2_compute-containers/app-service/terraform.tfvars @@ -1,10 +1,10 @@ -resource_group_name = "my-resource-group" -location = "East US 2" -app_service_plan_name = "my-app-service-planbrown" -app_service_name = "my-app-servicebrown" -app_service_sku = "B1" -runtime_stack = "NODE|14-lts" -subscription_id = "your-subscription-id" -tags = { +resource_group_name = "my-resource-group" +location = "East US 2" +app_service_plan_name = "my-app-service-planbrown" +app_service_name = "my-app-servicebrown" +app_service_sku = "B1" +runtime_stack = "NODE|14-lts" +subscription_id = "your-subscription-id" +tags = { env = "dev" } diff --git a/2_compute-containers/batch/provider.tf b/2_compute-containers/batch/provider.tf index 414d072..880d4fe 100644 --- a/2_compute-containers/batch/provider.tf +++ b/2_compute-containers/batch/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } \ No newline at end of file diff --git a/2_compute-containers/container-instances/provider.tf b/2_compute-containers/container-instances/provider.tf index 8274611..dc659fb 100644 --- a/2_compute-containers/container-instances/provider.tf +++ b/2_compute-containers/container-instances/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/2_compute-containers/container-instances/terraform.tfvars b/2_compute-containers/container-instances/terraform.tfvars index 474b58a..786f5b1 100644 --- a/2_compute-containers/container-instances/terraform.tfvars +++ b/2_compute-containers/container-instances/terraform.tfvars @@ -1,12 +1,12 @@ -resource_group_name = "my-resource-group" -location = "East US 2" -container_group_name = "my-container-group" -container_name = "my-container" -image = "nginx:latest" -cpu_cores = 1 -memory_in_gb = 1.5 -port = 80 -subscription_id = "your-subscription-id" -tags = { +resource_group_name = "my-resource-group" +location = "East US 2" +container_group_name = "my-container-group" +container_name = "my-container" +image = "nginx:latest" +cpu_cores = 1 +memory_in_gb = 1.5 +port = 80 +subscription_id = "your-subscription-id" +tags = { env = "dev" } diff --git a/2_compute-containers/function-app/main.tf b/2_compute-containers/function-app/main.tf index 9af90ef..c3398e5 100644 --- a/2_compute-containers/function-app/main.tf +++ b/2_compute-containers/function-app/main.tf @@ -20,13 +20,13 @@ resource "azurerm_service_plan" "example" { } resource "azurerm_linux_function_app" "example" { - name = var.function_app_name - location = azurerm_resource_group.example.location - resource_group_name = azurerm_resource_group.example.name - service_plan_id = azurerm_service_plan.example.id - storage_account_name = azurerm_storage_account.example.name + name = var.function_app_name + location = azurerm_resource_group.example.location + resource_group_name = azurerm_resource_group.example.name + service_plan_id = azurerm_service_plan.example.id + storage_account_name = azurerm_storage_account.example.name storage_account_access_key = azurerm_storage_account.example.primary_access_key - https_only = true + https_only = true site_config { } diff --git a/2_compute-containers/function-app/provider.tf b/2_compute-containers/function-app/provider.tf index 414d072..880d4fe 100644 --- a/2_compute-containers/function-app/provider.tf +++ b/2_compute-containers/function-app/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } \ No newline at end of file diff --git a/2_compute-containers/function-app/terraform.tfvars b/2_compute-containers/function-app/terraform.tfvars index c29c576..25132ab 100644 --- a/2_compute-containers/function-app/terraform.tfvars +++ b/2_compute-containers/function-app/terraform.tfvars @@ -1,10 +1,10 @@ -resource_group_name = "my-resource-group" -location = "East US 2" -storage_account_name = "mystorageaccountbr2" -app_service_plan_name = "my-app-service-planbr2" -function_app_name = "my-function-appbr2" -runtime_stack = "14-lts" -subscription_id = "your-subscription-id" -tags = { +resource_group_name = "my-resource-group" +location = "East US 2" +storage_account_name = "mystorageaccountbr2" +app_service_plan_name = "my-app-service-planbr2" +function_app_name = "my-function-appbr2" +runtime_stack = "14-lts" +subscription_id = "your-subscription-id" +tags = { env = "dev" } diff --git a/2_compute-containers/kubernetes-service/main.tf b/2_compute-containers/kubernetes-service/main.tf index 58447f4..769d3a0 100644 --- a/2_compute-containers/kubernetes-service/main.tf +++ b/2_compute-containers/kubernetes-service/main.tf @@ -41,8 +41,8 @@ resource "azurerm_kubernetes_cluster" "example" { network_plugin = "azure" load_balancer_sku = "standard" network_policy = "calico" - service_cidr = "10.1.0.0/16" # Updated service CIDR to avoid overlap - dns_service_ip = "10.1.0.10" # Set DNS service IP within the service CIDR range + service_cidr = "10.1.0.0/16" # Updated service CIDR to avoid overlap + dns_service_ip = "10.1.0.10" # Set DNS service IP within the service CIDR range } tags = var.tags diff --git a/2_compute-containers/kubernetes-service/provider.tf b/2_compute-containers/kubernetes-service/provider.tf index 8274611..dc659fb 100644 --- a/2_compute-containers/kubernetes-service/provider.tf +++ b/2_compute-containers/kubernetes-service/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/2_compute-containers/kubernetes-service/terraform.tfvars b/2_compute-containers/kubernetes-service/terraform.tfvars index 6bc3696..cb328aa 100644 --- a/2_compute-containers/kubernetes-service/terraform.tfvars +++ b/2_compute-containers/kubernetes-service/terraform.tfvars @@ -1,12 +1,12 @@ -resource_group_name = "my-resource-groupx3" -location = "East US 2" -virtual_network_name = "my-vnet" -subnet_name = "my-subnet" -aks_cluster_name = "my-aks-cluster" -kubernetes_version = "1.32" -node_count = 3 -node_vm_size = "Standard_DS2_v2" -subscription_id = "your-subscription_id" -tags = { +resource_group_name = "my-resource-groupx3" +location = "East US 2" +virtual_network_name = "my-vnet" +subnet_name = "my-subnet" +aks_cluster_name = "my-aks-cluster" +kubernetes_version = "1.32" +node_count = 3 +node_vm_size = "Standard_DS2_v2" +subscription_id = "your-subscription_id" +tags = { env = "dev" } diff --git a/2_compute-containers/virtual-desktop/main.tf b/2_compute-containers/virtual-desktop/main.tf index 781f594..7ab3e72 100644 --- a/2_compute-containers/virtual-desktop/main.tf +++ b/2_compute-containers/virtual-desktop/main.tf @@ -26,14 +26,14 @@ resource "azurerm_virtual_desktop_workspace" "example" { } resource "azurerm_virtual_desktop_host_pool" "example" { - name = var.host_pool_name - resource_group_name = azurerm_resource_group.example.name - location = azurerm_resource_group.example.location - type = "Pooled" - load_balancer_type = "BreadthFirst" + name = var.host_pool_name + resource_group_name = azurerm_resource_group.example.name + location = azurerm_resource_group.example.location + type = "Pooled" + load_balancer_type = "BreadthFirst" preferred_app_group_type = "Desktop" - friendly_name = "${var.host_pool_name} Friendly" - description = "${var.host_pool_name} Description" + friendly_name = "${var.host_pool_name} Friendly" + description = "${var.host_pool_name} Description" } resource "azurerm_virtual_desktop_application_group" "example" { @@ -47,8 +47,8 @@ resource "azurerm_virtual_desktop_application_group" "example" { } resource "azurerm_virtual_desktop_workspace_application_group_association" "example" { - workspace_id = azurerm_virtual_desktop_workspace.example.id - application_group_id = azurerm_virtual_desktop_application_group.example.id + workspace_id = azurerm_virtual_desktop_workspace.example.id + application_group_id = azurerm_virtual_desktop_application_group.example.id } resource "azurerm_network_interface" "example" { @@ -65,18 +65,18 @@ resource "azurerm_network_interface" "example" { } resource "azurerm_windows_virtual_machine" "example" { - count = 2 - name = "${var.host_pool_name}-vm-${count.index}" - resource_group_name = azurerm_resource_group.example.name - location = azurerm_resource_group.example.location - size = var.vm_size - admin_username = var.admin_username - admin_password = var.admin_password + count = 2 + name = "${var.host_pool_name}-vm-${count.index}" + resource_group_name = azurerm_resource_group.example.name + location = azurerm_resource_group.example.location + size = var.vm_size + admin_username = var.admin_username + admin_password = var.admin_password network_interface_ids = [element(azurerm_network_interface.example.*.id, count.index)] os_disk { - name = "${var.host_pool_name}-osdisk-${count.index}" - caching = "ReadWrite" + name = "${var.host_pool_name}-osdisk-${count.index}" + caching = "ReadWrite" storage_account_type = "Standard_LRS" } diff --git a/2_compute-containers/virtual-desktop/provider.tf b/2_compute-containers/virtual-desktop/provider.tf index 414d072..880d4fe 100644 --- a/2_compute-containers/virtual-desktop/provider.tf +++ b/2_compute-containers/virtual-desktop/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } \ No newline at end of file diff --git a/2_compute-containers/virtual-desktop/terraform.tfvars b/2_compute-containers/virtual-desktop/terraform.tfvars index 7896bb0..79fe569 100644 --- a/2_compute-containers/virtual-desktop/terraform.tfvars +++ b/2_compute-containers/virtual-desktop/terraform.tfvars @@ -1,13 +1,13 @@ -resource_group_name = "my-resource-group" -location = "East US 2" -virtual_network_name = "my-vnetbr" -subnet_name = "my-subnetbr" -workspace_name = "my-avd-workspacebr" -host_pool_name = "vmhpoolbr" -vm_size = "Standard_DS2_v2" -admin_username = "adminuser" -admin_password = "P@ssw0rd1234" -subscription_id = "your-subscription-id" -tags = { +resource_group_name = "my-resource-group" +location = "East US 2" +virtual_network_name = "my-vnetbr" +subnet_name = "my-subnetbr" +workspace_name = "my-avd-workspacebr" +host_pool_name = "vmhpoolbr" +vm_size = "Standard_DS2_v2" +admin_username = "adminuser" +admin_password = "P@ssw0rd1234" +subscription_id = "your-subscription-id" +tags = { env = "dev" } diff --git a/2_compute-containers/virtual-machine/provider.tf b/2_compute-containers/virtual-machine/provider.tf index 414d072..880d4fe 100644 --- a/2_compute-containers/virtual-machine/provider.tf +++ b/2_compute-containers/virtual-machine/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } \ No newline at end of file diff --git a/2_compute-containers/virtual-machine/terraform.tfvars b/2_compute-containers/virtual-machine/terraform.tfvars index eac6acb..56acc96 100644 --- a/2_compute-containers/virtual-machine/terraform.tfvars +++ b/2_compute-containers/virtual-machine/terraform.tfvars @@ -1,12 +1,12 @@ -resource_group_name = "my-resource-group" -location = "East US" -virtual_network_name = "my-vnet" -subnet_name = "my-subnet" -vm_name = "my-vm" -vm_size = "Standard_DS1_v2" -admin_username = "adminuser" -admin_password = "P@ssw0rd1234" -subscription_id = "your-subscription-id" -tags = { +resource_group_name = "my-resource-group" +location = "East US" +virtual_network_name = "my-vnet" +subnet_name = "my-subnet" +vm_name = "my-vm" +vm_size = "Standard_DS1_v2" +admin_username = "adminuser" +admin_password = "P@ssw0rd1234" +subscription_id = "your-subscription-id" +tags = { env = "dev" } diff --git a/3_networking/application-gateway/main.tf b/3_networking/application-gateway/main.tf index 4b4217d..3c83945 100644 --- a/3_networking/application-gateway/main.tf +++ b/3_networking/application-gateway/main.tf @@ -59,18 +59,18 @@ resource "azurerm_application_gateway" "agw" { } http_listener { name = "httpListener" - frontend_ip_configuration_name = "frontendIpConfig" - frontend_port_name = "frontendPort" + frontend_ip_configuration_name = "frontendIpConfig" + frontend_port_name = "frontendPort" protocol = "Http" } request_routing_rule { - name = "rule1" - rule_type = "Basic" - http_listener_name = "httpListener" - backend_address_pool_name = "backendPool" - backend_http_settings_name = "httpSettings" - priority = 320 # Add a priority value (1-20000) -} + name = "rule1" + rule_type = "Basic" + http_listener_name = "httpListener" + backend_address_pool_name = "backendPool" + backend_http_settings_name = "httpSettings" + priority = 320 # Add a priority value (1-20000) + } } diff --git a/3_networking/application-gateway/provider.tf b/3_networking/application-gateway/provider.tf index 8274611..dc659fb 100644 --- a/3_networking/application-gateway/provider.tf +++ b/3_networking/application-gateway/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/3_networking/application-gateway/terraform.tfvars b/3_networking/application-gateway/terraform.tfvars index 435adac..01db532 100644 --- a/3_networking/application-gateway/terraform.tfvars +++ b/3_networking/application-gateway/terraform.tfvars @@ -6,15 +6,15 @@ subscription_id = "" # your-subscription-id # Resource Group -resource_group_name = "RG-appgateway-test" # your-resource-group-name -location = "eastus" +resource_group_name = "RG-appgateway-test" # your-resource-group-name +location = "eastus" # Application Gateway Configuration -public_ip_name = "demo-public-ip" -app_gateway_name = "demo-app-gateway" +public_ip_name = "demo-public-ip" +app_gateway_name = "demo-app-gateway" -vnet_name = "demo-vnet" -vnet_address_space = ["10.0.0.0/16"] # your-vnet-address-space +vnet_name = "demo-vnet" +vnet_address_space = ["10.0.0.0/16"] # your-vnet-address-space -subnet_name = "demo-subnet" +subnet_name = "demo-subnet" subnet_address_prefixes = ["10.0.1.0/24"] # your-subnet-address-prefix diff --git a/3_networking/cdn/main.tf b/3_networking/cdn/main.tf index 7ed7c01..addad23 100644 --- a/3_networking/cdn/main.tf +++ b/3_networking/cdn/main.tf @@ -27,9 +27,9 @@ resource "azurerm_cdn_endpoint" "cdn" { is_https_allowed = true origin { - name = "origin1" - host_name = var.origin_host - http_port = 80 + name = "origin1" + host_name = var.origin_host + http_port = 80 https_port = 443 } } \ No newline at end of file diff --git a/3_networking/cdn/provider.tf b/3_networking/cdn/provider.tf index f3f9b2d..4422763 100644 --- a/3_networking/cdn/provider.tf +++ b/3_networking/cdn/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/3_networking/cdn/terraform.tfvars b/3_networking/cdn/terraform.tfvars index 5804aee..85ca0bf 100644 --- a/3_networking/cdn/terraform.tfvars +++ b/3_networking/cdn/terraform.tfvars @@ -10,10 +10,10 @@ resource_group_name = "RG-cdn-test" location = "eastus" # CDN Configuration -cdn_profile_name = "mycdnprofiletestbr" -cdn_sku = "Standard_Microsoft" -cdn_endpoint_name = "mycdnendpointtestbr" -origin_host = "myorigintestbr.example.com" +cdn_profile_name = "mycdnprofiletestbr" +cdn_sku = "Standard_Microsoft" +cdn_endpoint_name = "mycdnendpointtestbr" +origin_host = "myorigintestbr.example.com" tags = { Environment = "CDN" Owner = "IT" diff --git a/3_networking/expressroute/provider.tf b/3_networking/expressroute/provider.tf index f3f9b2d..4422763 100644 --- a/3_networking/expressroute/provider.tf +++ b/3_networking/expressroute/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/3_networking/expressroute/terraform.tfvars b/3_networking/expressroute/terraform.tfvars index 55f03a5..41ac953 100644 --- a/3_networking/expressroute/terraform.tfvars +++ b/3_networking/expressroute/terraform.tfvars @@ -10,9 +10,9 @@ resource_group_name = "RG-expressroute-test" location = "eastus" # ExpressRoute Configuration -expressroute_name = "my-expressroute" -service_provider_name = "Equinix" -peering_location = "Silicon Valley" -bandwidth_in_mbps = 200 -sku_tier = "Standard" -sku_family = "MeteredData" \ No newline at end of file +expressroute_name = "my-expressroute" +service_provider_name = "Equinix" +peering_location = "Silicon Valley" +bandwidth_in_mbps = 200 +sku_tier = "Standard" +sku_family = "MeteredData" \ No newline at end of file diff --git a/3_networking/firewall/provider.tf b/3_networking/firewall/provider.tf index f3f9b2d..4422763 100644 --- a/3_networking/firewall/provider.tf +++ b/3_networking/firewall/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/3_networking/firewall/terraform.tfvars b/3_networking/firewall/terraform.tfvars index 01ad5f6..a252034 100644 --- a/3_networking/firewall/terraform.tfvars +++ b/3_networking/firewall/terraform.tfvars @@ -16,5 +16,5 @@ vnet_name = "my-azfw-vnet" vnet_address_space = ["10.0.0.0/16"] # Subnet Configuration -subnet_name = "AzureFirewallSubnet" +subnet_name = "AzureFirewallSubnet" subnet_address_prefixes = ["10.0.1.0/26"] diff --git a/3_networking/front-door/main.tf b/3_networking/front-door/main.tf index 1b1eb2f..86ae95b 100644 --- a/3_networking/front-door/main.tf +++ b/3_networking/front-door/main.tf @@ -29,21 +29,21 @@ resource "azurerm_cdn_frontdoor_origin_group" "fd" { } load_balancing { - sample_size = 4 + sample_size = 4 successful_samples_required = 3 } } resource "azurerm_cdn_frontdoor_origin" "fd" { - name = "origin1" - cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.fd.id - host_name = var.backend_host - http_port = 80 - https_port = 443 - enabled = true - origin_host_header = var.backend_host - priority = 1 - weight = 1000 + name = "origin1" + cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.fd.id + host_name = var.backend_host + http_port = 80 + https_port = 443 + enabled = true + origin_host_header = var.backend_host + priority = 1 + weight = 1000 certificate_name_check_enabled = true } diff --git a/3_networking/front-door/provider.tf b/3_networking/front-door/provider.tf index f3f9b2d..4422763 100644 --- a/3_networking/front-door/provider.tf +++ b/3_networking/front-door/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/3_networking/front-door/terraform.tfvars b/3_networking/front-door/terraform.tfvars index ca6fdb3..951c85a 100644 --- a/3_networking/front-door/terraform.tfvars +++ b/3_networking/front-door/terraform.tfvars @@ -10,8 +10,8 @@ resource_group_name = "RG-frontdoor-test" location = "eastus" # Front Door Configuration -front_door_name = "myfrontdoorprofilebrown" -backend_host = "mybackendtestbrown.example.com" +front_door_name = "myfrontdoorprofilebrown" +backend_host = "mybackendtestbrown.example.com" # Frontend Endpoint Configuration frontend_endpoint_name = "frontendEndpoint" @@ -21,6 +21,6 @@ health_probe_path = "/" health_probe_protocol = "Http" # Routing Rule Configuration -routing_rule_name = "routingRule1" -accepted_protocols = ["Http", "Https"] -patterns_to_match = ["/*"] +routing_rule_name = "routingRule1" +accepted_protocols = ["Http", "Https"] +patterns_to_match = ["/*"] diff --git a/3_networking/load-balancer/main.tf b/3_networking/load-balancer/main.tf index 46c47e7..41774aa 100644 --- a/3_networking/load-balancer/main.tf +++ b/3_networking/load-balancer/main.tf @@ -51,14 +51,14 @@ resource "azurerm_lb_probe" "lb" { # Load Balancer Rule resource "azurerm_lb_rule" "lb" { - name = var.lb_rule_name - loadbalancer_id = azurerm_lb.lb.id - protocol = "Tcp" - frontend_port = var.frontend_port - backend_port = var.backend_port - frontend_ip_configuration_name = var.frontend_ip_configuration_name - backend_address_pool_ids = [azurerm_lb_backend_address_pool.lb.id] - probe_id = azurerm_lb_probe.lb.id - enable_floating_ip = false - idle_timeout_in_minutes = 4 + name = var.lb_rule_name + loadbalancer_id = azurerm_lb.lb.id + protocol = "Tcp" + frontend_port = var.frontend_port + backend_port = var.backend_port + frontend_ip_configuration_name = var.frontend_ip_configuration_name + backend_address_pool_ids = [azurerm_lb_backend_address_pool.lb.id] + probe_id = azurerm_lb_probe.lb.id + enable_floating_ip = false + idle_timeout_in_minutes = 4 } diff --git a/3_networking/load-balancer/provider.tf b/3_networking/load-balancer/provider.tf index 8274611..dc659fb 100644 --- a/3_networking/load-balancer/provider.tf +++ b/3_networking/load-balancer/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/3_networking/load-balancer/terraform.tfvars b/3_networking/load-balancer/terraform.tfvars index 215bc53..64a9fd7 100644 --- a/3_networking/load-balancer/terraform.tfvars +++ b/3_networking/load-balancer/terraform.tfvars @@ -7,20 +7,20 @@ subscription_id = "" # Resource Group resource_group_name = "your-resource-group-name" -location = "eastus" +location = "eastus" # Load Balancer Configuration -load_balancer_name = "my-load-balancer" -public_ip_name = "my-lb-public-ip" +load_balancer_name = "my-load-balancer" +public_ip_name = "my-lb-public-ip" frontend_ip_configuration_name = "frontend-ip-config" -backend_pool_name = "backend-pool" -health_probe_name = "health-probe" -lb_rule_name = "lb-rule" -lb_sku = "Standard" -probe_protocol = "Tcp" -probe_port = 80 -frontend_port = 80 -backend_port = 80 +backend_pool_name = "backend-pool" +health_probe_name = "health-probe" +lb_rule_name = "lb-rule" +lb_sku = "Standard" +probe_protocol = "Tcp" +probe_port = 80 +frontend_port = 80 +backend_port = 80 # Tags tags = { diff --git a/3_networking/traffic-manager/main.tf b/3_networking/traffic-manager/main.tf index 9351aea..ed59c9d 100644 --- a/3_networking/traffic-manager/main.tf +++ b/3_networking/traffic-manager/main.tf @@ -9,8 +9,8 @@ resource "azurerm_resource_group" "tm" { # Traffic Manager Profile resource "azurerm_traffic_manager_profile" "tm" { - name = var.traffic_manager_name - resource_group_name = azurerm_resource_group.tm.name + name = var.traffic_manager_name + resource_group_name = azurerm_resource_group.tm.name traffic_routing_method = var.traffic_routing_method dns_config { diff --git a/3_networking/traffic-manager/provider.tf b/3_networking/traffic-manager/provider.tf index f3f9b2d..4422763 100644 --- a/3_networking/traffic-manager/provider.tf +++ b/3_networking/traffic-manager/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/3_networking/traffic-manager/terraform.tfvars b/3_networking/traffic-manager/terraform.tfvars index ea982be..667e17b 100644 --- a/3_networking/traffic-manager/terraform.tfvars +++ b/3_networking/traffic-manager/terraform.tfvars @@ -6,8 +6,8 @@ subscription_id = "" # your-subscription-id # Resource Group -resource_group_name = "RG-trafficmanager-test" # your-resource-group-name -location = "eastus" +resource_group_name = "RG-trafficmanager-test" # your-resource-group-name +location = "eastus" # Traffic Manager Configuration traffic_manager_name = "my-tm-profile" diff --git a/3_networking/vpn-gateway/provider.tf b/3_networking/vpn-gateway/provider.tf index f3f9b2d..4422763 100644 --- a/3_networking/vpn-gateway/provider.tf +++ b/3_networking/vpn-gateway/provider.tf @@ -7,13 +7,13 @@ terraform { # Specify the required provider and its version required_providers { azurerm = { - source = "hashicorp/azurerm" # Source of the AzureRM provider - version = "~> 4.16.0" # Version of the AzureRM provider + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider } } } provider "azurerm" { - features {} # Enable all features for the AzureRM provider - subscription_id = var.subscription_id # Use the subscription ID variable + features {} # Enable all features for the AzureRM provider + subscription_id = var.subscription_id # Use the subscription ID variable } diff --git a/3_networking/vpn-gateway/terraform.tfvars b/3_networking/vpn-gateway/terraform.tfvars index f768b04..d77927a 100644 --- a/3_networking/vpn-gateway/terraform.tfvars +++ b/3_networking/vpn-gateway/terraform.tfvars @@ -10,6 +10,6 @@ resource_group_name = "RG-vpn-gateway-test" location = "eastus" # VPN Gateway Configuration -public_ip_name = "my-vpngw-pip" -vpn_gateway_name = "my-vpngw" -vpn_gateway_sku = "VpnGw1" \ No newline at end of file +public_ip_name = "my-vpngw-pip" +vpn_gateway_name = "my-vpngw" +vpn_gateway_sku = "VpnGw1" \ No newline at end of file diff --git a/4_identity-security/entra_id/main.tf b/4_identity-security/entra_id/main.tf index 883c564..1c24789 100644 --- a/4_identity-security/entra_id/main.tf +++ b/4_identity-security/entra_id/main.tf @@ -24,8 +24,8 @@ resource "azuread_service_principal" "this" { } resource "azuread_application_password" "this" { - count = var.create_client_secret ? 1 : 0 - application_id = azuread_application.this.id - display_name = var.client_secret_display_name - end_date = timeadd(timestamp(), var.client_secret_end_date_relative) + count = var.create_client_secret ? 1 : 0 + application_id = azuread_application.this.id + display_name = var.client_secret_display_name + end_date = timeadd(timestamp(), var.client_secret_end_date_relative) } diff --git a/4_identity-security/managed-identity/terraform.tfvars b/4_identity-security/managed-identity/terraform.tfvars index d809af9..9da2b0c 100644 --- a/4_identity-security/managed-identity/terraform.tfvars +++ b/4_identity-security/managed-identity/terraform.tfvars @@ -1,8 +1,8 @@ # Example values for the Managed Identity template -resource_group_name = "rg-identity-security-dev" -location = "East US" -managed_identity_name = "id-identity-security-dev-001" +resource_group_name = "rg-identity-security-dev" +location = "East US" +managed_identity_name = "id-identity-security-dev-001" tags = { env = "dev" diff --git a/6_monitoring-management/README.md b/6_monitoring-management/README.md index 52f717d..252062c 100644 --- a/6_monitoring-management/README.md +++ b/6_monitoring-management/README.md @@ -5,13 +5,20 @@ Costa Rica [![GitHub](https://img.shields.io/badge/--181717?logo=github&logoColor=ffffff)](https://github.com/) [brown9804](https://github.com/brown9804) -Last updated: 2026-02-09 +Last updated: 2026-02-16 ------------------------------------------ > [!IMPORTANT] > This folder contains sample Terraform templates for Azure monitoring and management services. These templates are starting points and should be customized based on your application needs. +## Templates available + +- [Azure Monitor (Action Group)](./monitor) +- [Log Analytics (Workspace)](./log-analytics) +- [Azure Automation (Automation Account)](./automation) +- [Azure Advisor (Activity Log Alerts)](./advisor) +
Total views diff --git a/6_monitoring-management/log-analytics/README.md b/6_monitoring-management/log-analytics/README.md new file mode 100644 index 0000000..cc4fd10 --- /dev/null +++ b/6_monitoring-management/log-analytics/README.md @@ -0,0 +1,51 @@ +# Terraform Template - Log Analytics Workspace + +Costa Rica + +[![GitHub](https://img.shields.io/badge/--181717?logo=github&logoColor=ffffff)](https://github.com/) +[brown9804](https://github.com/brown9804) + +Last updated: 2026-02-16 + +------------------------------------------ + +> This template contains Terraform configurations to create an Azure Log Analytics workspace. + +image + +image + +## File Descriptions + +- **main.tf**: Creates the Resource Group (AzAPI) and Log Analytics workspace. +- **variables.tf**: Input variables. +- **provider.tf**: AzureRM + AzAPI providers. +- **terraform.tfvars**: Example values. +- **outputs.tf**: Outputs (IDs/names). + +## Variables + +| Variable Name | Description | Type | Example Value | +| --- | --- | --- | --- | +| `resource_group_name` | Resource Group name to create/deploy into. | string | `"rg-monitoring-dev-law"` | +| `location` | Azure region for the deployment. | string | `"eastus"` | +| `workspace_name` | Base workspace name (suffix optional). | string | `"law-monitoring-dev"` | +| `sku` | Workspace SKU. | string | `"PerGB2018"` | +| `retention_in_days` | Retention in days (30-730). | number | `30` | +| `daily_quota_gb` | Daily ingestion cap (-1 unlimited). | number | `-1` | +| `append_random_suffix` | Append random suffix. | bool | `true` | +| `random_suffix_length` | Suffix length. | number | `6` | +| `use_current_user_as_admin` | Grant workspace role to current user if `admin_members` empty. | bool | `true` | +| `admin_members` | Optional UPN list to grant workspace role to. | list(string) | `["user@domain.com"]` | +| `admin_role_definition_name` | Role assigned to admin members. | string | `"Log Analytics Contributor"` | +| `tags` | Tags applied to resources. | map(string) | `{ "env": "dev" }` | + +## Usage + +```sh +az login +terraform init -upgrade +terraform validate +terraform plan +terraform apply -auto-approve +``` diff --git a/6_monitoring-management/log-analytics/main.tf b/6_monitoring-management/log-analytics/main.tf new file mode 100644 index 0000000..3c3fafc --- /dev/null +++ b/6_monitoring-management/log-analytics/main.tf @@ -0,0 +1,92 @@ +# main.tf +# Creates an Azure Log Analytics workspace. + +data "azurerm_client_config" "current" {} +data "azuread_client_config" "current" {} + +data "azuread_user" "current" { + count = var.use_current_user_as_admin && length(var.admin_members) == 0 ? 1 : 0 + object_id = data.azuread_client_config.current.object_id +} + +resource "azapi_resource" "resource_group" { + type = "Microsoft.Resources/resourceGroups@2022-09-01" + name = var.resource_group_name + location = var.location + parent_id = "/subscriptions/${data.azurerm_client_config.current.subscription_id}" + + body = jsonencode({ + tags = var.tags + }) + + response_export_values = [ + "id", + "name" + ] +} + +resource "random_string" "suffix" { + length = var.random_suffix_length + upper = false + special = false + numeric = true + + keepers = { + resource_group_name = var.resource_group_name + location = var.location + workspace_base = var.workspace_name + sku = var.sku + } +} + +locals { + workspace_name = var.append_random_suffix ? "${var.workspace_name}-${random_string.suffix.result}" : var.workspace_name +} + +resource "azurerm_log_analytics_workspace" "law" { + name = local.workspace_name + location = var.location + resource_group_name = var.resource_group_name + + sku = var.sku + retention_in_days = var.retention_in_days + daily_quota_gb = var.daily_quota_gb + + tags = var.tags + + depends_on = [ + azapi_resource.resource_group + ] +} + +locals { + current_user_upn = try(data.azuread_user.current[0].user_principal_name, null) + admin_upns_list = ( + length(var.admin_members) > 0 + ? var.admin_members + : ( + var.use_current_user_as_admin && local.current_user_upn != null + ? [local.current_user_upn] + : [] + ) + ) + admin_upns = toset([for upn in local.admin_upns_list : trimspace(upn) if trimspace(upn) != ""]) +} + +data "azuread_user" "admins" { + for_each = local.admin_upns + user_principal_name = each.value +} + +data "azurerm_role_definition" "admin_role" { + name = var.admin_role_definition_name + scope = azurerm_log_analytics_workspace.law.id +} + +resource "azurerm_role_assignment" "law_admins" { + for_each = data.azuread_user.admins + + scope = azurerm_log_analytics_workspace.law.id + role_definition_id = data.azurerm_role_definition.admin_role.id + principal_id = each.value.object_id +} diff --git a/6_monitoring-management/log-analytics/outputs.tf b/6_monitoring-management/log-analytics/outputs.tf new file mode 100644 index 0000000..dbfae8b --- /dev/null +++ b/6_monitoring-management/log-analytics/outputs.tf @@ -0,0 +1,19 @@ +output "resource_group_id" { + description = "The resource ID of the Resource Group." + value = azapi_resource.resource_group.id +} + +output "log_analytics_workspace_id" { + description = "The resource ID of the Log Analytics workspace." + value = azurerm_log_analytics_workspace.law.id +} + +output "log_analytics_workspace_name" { + description = "The name of the Log Analytics workspace." + value = azurerm_log_analytics_workspace.law.name +} + +output "log_analytics_workspace_workspace_id" { + description = "The workspace ID (GUID) used for agent ingestion." + value = azurerm_log_analytics_workspace.law.workspace_id +} diff --git a/6_monitoring-management/log-analytics/provider.tf b/6_monitoring-management/log-analytics/provider.tf new file mode 100644 index 0000000..aaa21a9 --- /dev/null +++ b/6_monitoring-management/log-analytics/provider.tf @@ -0,0 +1,46 @@ +# provider.tf + +terraform { + required_version = ">= 1.8, < 2.0" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~> 3.116" + } + + azapi = { + source = "Azure/azapi" + version = "~> 1.13" + } + + random = { + source = "hashicorp/random" + version = "~> 3.6" + } + + azuread = { + source = "hashicorp/azuread" + version = "~> 3.0" + } + } +} + +provider "azurerm" { + features { + resource_group { + prevent_deletion_if_contains_resources = false + } + } + + # Uses the current Azure CLI context (az login + az account set) + skip_provider_registration = false +} + +provider "azapi" { + # Uses the current Azure CLI context (az login + az account set) +} + +provider "azuread" { + # Uses the current Azure CLI context (az login + az account set) +} diff --git a/6_monitoring-management/log-analytics/terraform.tfvars b/6_monitoring-management/log-analytics/terraform.tfvars new file mode 100644 index 0000000..b7c9b4a --- /dev/null +++ b/6_monitoring-management/log-analytics/terraform.tfvars @@ -0,0 +1,23 @@ +resource_group_name = "rg-monitoring-dev-law" +location = "eastus" + +append_random_suffix = true +random_suffix_length = 6 + +workspace_name = "law-monitoring-dev" +sku = "PerGB2018" +retention_in_days = 30 +daily_quota_gb = -1 + +use_current_user_as_admin = true + +# Optional override (UPNs): +# admin_members = [ +# "user@domain.com" +# ] + +tags = { + env = "dev" + area = "monitoring-management" + iac = "terraform" +} diff --git a/6_monitoring-management/log-analytics/variables.tf b/6_monitoring-management/log-analytics/variables.tf new file mode 100644 index 0000000..d62d5bc --- /dev/null +++ b/6_monitoring-management/log-analytics/variables.tf @@ -0,0 +1,99 @@ +# variables.tf + +variable "resource_group_name" { + description = "The name of the Azure Resource Group to deploy into. This template will create the RG if it does not exist (idempotent ARM PUT)." + type = string + + validation { + condition = length(trimspace(var.resource_group_name)) > 0 + error_message = "resource_group_name must not be empty." + } +} + +variable "location" { + description = "The Azure region where the Resource Group and Log Analytics workspace will be created." + type = string + + validation { + condition = length(trimspace(var.location)) > 0 + error_message = "location must not be empty." + } +} + +variable "append_random_suffix" { + description = "Whether to append a random suffix to the workspace name to reduce naming collisions." + type = bool + default = true +} + +variable "random_suffix_length" { + description = "Length of the random suffix appended when append_random_suffix is true." + type = number + default = 6 + + validation { + condition = var.random_suffix_length >= 4 && var.random_suffix_length <= 16 + error_message = "random_suffix_length must be between 4 and 16." + } +} + +variable "workspace_name" { + description = "Base name of the Log Analytics workspace. If append_random_suffix is true, the final name will be '-'." + type = string + + validation { + condition = ( + length(trimspace(var.workspace_name)) >= 4 + && length(var.workspace_name) <= (var.append_random_suffix ? (63 - 1 - var.random_suffix_length) : 63) + && can(regex("^[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$", var.workspace_name)) + ) + error_message = "workspace_name must be 4-63 chars, contain only alphanumeric or '-', start/end with alphanumeric, and leave room for '-' when append_random_suffix is true." + } +} + +variable "sku" { + description = "The Log Analytics workspace SKU." + type = string + default = "PerGB2018" +} + +variable "retention_in_days" { + description = "Data retention in days." + type = number + default = 30 + + validation { + condition = var.retention_in_days >= 30 && var.retention_in_days <= 730 + error_message = "retention_in_days must be between 30 and 730." + } +} + +variable "daily_quota_gb" { + description = "Daily ingestion cap in GB. Use -1 for unlimited." + type = number + default = -1 +} + +variable "tags" { + description = "A map of tags to assign to the resources." + type = map(string) + default = {} +} + +variable "use_current_user_as_admin" { + description = "If true (and admin_members is empty), assigns Log Analytics Contributor on the workspace to the currently signed-in user." + type = bool + default = true +} + +variable "admin_members" { + description = "Optional override list of Entra ID user principal names (UPNs) to grant Log Analytics Contributor on the workspace. If provided, use_current_user_as_admin is ignored." + type = list(string) + default = [] +} + +variable "admin_role_definition_name" { + description = "Built-in role to grant to admin members on the Log Analytics workspace." + type = string + default = "Log Analytics Contributor" +} diff --git a/6_monitoring-management/monitor/README.md b/6_monitoring-management/monitor/README.md new file mode 100644 index 0000000..4fe8344 --- /dev/null +++ b/6_monitoring-management/monitor/README.md @@ -0,0 +1,24 @@ +# Terraform Template - Azure Monitor Action Group + +Costa Rica + +[![GitHub](https://img.shields.io/badge/--181717?logo=github&logoColor=ffffff)](https://github.com/) +[brown9804](https://github.com/brown9804) + +Last updated: 2026-02-16 + +------------------------------------------ + +> This template contains Terraform configurations to create an Azure Monitor Action Group (email receiver). + +image + +## Usage + +```sh +az login +terraform init -upgrade +terraform validate +terraform plan +terraform apply -auto-approve +``` diff --git a/6_monitoring-management/monitor/main.tf b/6_monitoring-management/monitor/main.tf new file mode 100644 index 0000000..1eb84fe --- /dev/null +++ b/6_monitoring-management/monitor/main.tf @@ -0,0 +1,100 @@ +# main.tf +# Creates an Azure Monitor Action Group (email receiver). + +data "azurerm_client_config" "current" {} +data "azuread_client_config" "current" {} + +data "azuread_user" "current" { + count = var.use_current_user_as_admin && length(var.admin_members) == 0 && trimspace(var.email_address != null ? var.email_address : "") == "" ? 1 : 0 + object_id = data.azuread_client_config.current.object_id +} + +resource "azapi_resource" "resource_group" { + type = "Microsoft.Resources/resourceGroups@2022-09-01" + name = var.resource_group_name + location = var.location + parent_id = "/subscriptions/${data.azurerm_client_config.current.subscription_id}" + + body = jsonencode({ + tags = var.tags + }) + + response_export_values = [ + "id", + "name" + ] +} + +resource "random_string" "suffix" { + length = var.random_suffix_length + upper = false + special = false + numeric = true + + keepers = { + resource_group_name = var.resource_group_name + location = var.location + base_name = var.action_group_name + short_name = var.action_group_short_name + email = trimspace(var.email_address != null ? var.email_address : "") + } +} + +locals { + action_group_name = var.append_random_suffix ? "${var.action_group_name}-${random_string.suffix.result}" : var.action_group_name + + current_user_upn = try(data.azuread_user.current[0].user_principal_name, null) + + email_address_normalized = trimspace(var.email_address != null ? var.email_address : "") + + admin_members_effective = ( + length(var.admin_members) > 0 + ? var.admin_members + : ( + local.email_address_normalized != "" + ? [local.email_address_normalized] + : ( + var.use_current_user_as_admin && local.current_user_upn != null + ? [local.current_user_upn] + : [] + ) + ) + ) + + email_recipients = distinct([ + for email in local.admin_members_effective : lower(trimspace(email)) + if trimspace(email) != "" + ]) + + email_receivers = { for idx, email in local.email_recipients : "email${idx}" => email } +} + +resource "azurerm_monitor_action_group" "ag" { + name = local.action_group_name + resource_group_name = var.resource_group_name + short_name = var.action_group_short_name + + enabled = true + + dynamic "email_receiver" { + for_each = local.email_receivers + content { + name = email_receiver.key + email_address = email_receiver.value + use_common_alert_schema = var.use_common_alert_schema + } + } + + tags = var.tags + + depends_on = [ + azapi_resource.resource_group + ] + + lifecycle { + precondition { + condition = length(local.email_recipients) > 0 + error_message = "No email recipients configured. Set admin_members, email_address, or enable use_current_user_as_admin." + } + } +} diff --git a/6_monitoring-management/monitor/outputs.tf b/6_monitoring-management/monitor/outputs.tf new file mode 100644 index 0000000..2379650 --- /dev/null +++ b/6_monitoring-management/monitor/outputs.tf @@ -0,0 +1,14 @@ +output "resource_group_id" { + description = "The resource ID of the Resource Group." + value = azapi_resource.resource_group.id +} + +output "action_group_id" { + description = "The resource ID of the Action Group." + value = azurerm_monitor_action_group.ag.id +} + +output "action_group_name" { + description = "The name of the Action Group." + value = azurerm_monitor_action_group.ag.name +} diff --git a/6_monitoring-management/monitor/provider.tf b/6_monitoring-management/monitor/provider.tf new file mode 100644 index 0000000..aaa21a9 --- /dev/null +++ b/6_monitoring-management/monitor/provider.tf @@ -0,0 +1,46 @@ +# provider.tf + +terraform { + required_version = ">= 1.8, < 2.0" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~> 3.116" + } + + azapi = { + source = "Azure/azapi" + version = "~> 1.13" + } + + random = { + source = "hashicorp/random" + version = "~> 3.6" + } + + azuread = { + source = "hashicorp/azuread" + version = "~> 3.0" + } + } +} + +provider "azurerm" { + features { + resource_group { + prevent_deletion_if_contains_resources = false + } + } + + # Uses the current Azure CLI context (az login + az account set) + skip_provider_registration = false +} + +provider "azapi" { + # Uses the current Azure CLI context (az login + az account set) +} + +provider "azuread" { + # Uses the current Azure CLI context (az login + az account set) +} diff --git a/6_monitoring-management/monitor/terraform.tfvars b/6_monitoring-management/monitor/terraform.tfvars new file mode 100644 index 0000000..dfa77ca --- /dev/null +++ b/6_monitoring-management/monitor/terraform.tfvars @@ -0,0 +1,26 @@ +resource_group_name = "rg-monitoring-dev-monitor" +location = "eastus" + +append_random_suffix = true +random_suffix_length = 6 + +action_group_name = "ag-monitoring-dev" +action_group_short_name = "alerts" + +use_current_user_as_admin = true + +# Optional override (UPNs): +# admin_members = [ +# "user@domain.com" +# ] + +# Optional single email: +# email_address = "user@domain.com" + +use_common_alert_schema = true + +tags = { + env = "dev" + area = "monitoring-management" + iac = "terraform" +} diff --git a/6_monitoring-management/monitor/variables.tf b/6_monitoring-management/monitor/variables.tf new file mode 100644 index 0000000..19eb3b4 --- /dev/null +++ b/6_monitoring-management/monitor/variables.tf @@ -0,0 +1,93 @@ +# variables.tf + +variable "resource_group_name" { + description = "The name of the Azure Resource Group to deploy into. This template will create the RG if it does not exist (idempotent ARM PUT)." + type = string + + validation { + condition = length(trimspace(var.resource_group_name)) > 0 + error_message = "resource_group_name must not be empty." + } +} + +variable "location" { + description = "The Azure region where the Resource Group will be created (Action Groups are global, but must live in a Resource Group)." + type = string + + validation { + condition = length(trimspace(var.location)) > 0 + error_message = "location must not be empty." + } +} + +variable "append_random_suffix" { + description = "Whether to append a random suffix to the Action Group name to reduce naming collisions." + type = bool + default = true +} + +variable "random_suffix_length" { + description = "Length of the random suffix appended when append_random_suffix is true." + type = number + default = 6 + + validation { + condition = var.random_suffix_length >= 4 && var.random_suffix_length <= 16 + error_message = "random_suffix_length must be between 4 and 16." + } +} + +variable "action_group_name" { + description = "Base name of the Action Group. If append_random_suffix is true, the final name will be '-'." + type = string + + validation { + condition = ( + length(trimspace(var.action_group_name)) > 0 + && length(var.action_group_name) <= (80 - (var.append_random_suffix ? (1 + var.random_suffix_length) : 0)) + && can(regex("^[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$", var.action_group_name)) + ) + error_message = "action_group_name must be 1-80 chars, contain only alphanumeric or '-', start/end with alphanumeric, and leave room for '-' when append_random_suffix is true." + } +} + +variable "action_group_short_name" { + description = "Short name for the Action Group (max 12 characters)." + type = string + default = "alerts" + + validation { + condition = length(trimspace(var.action_group_short_name)) >= 1 && length(var.action_group_short_name) <= 12 + error_message = "action_group_short_name must be 1-12 characters." + } +} + +variable "email_address" { + description = "Optional single email address to receive Azure Monitor notifications. Prefer use_current_user_as_admin/admin_members for Terraform-native orchestration." + type = string + default = null +} + +variable "use_current_user_as_admin" { + description = "If true (and admin_members/email_address are not set), uses the currently signed-in user's UPN as the email receiver." + type = bool + default = true +} + +variable "admin_members" { + description = "Optional override list of email addresses/UPNs to receive Azure Monitor notifications. If provided, use_current_user_as_admin is ignored." + type = list(string) + default = [] +} + +variable "use_common_alert_schema" { + description = "Whether to use the common alert schema for the email receiver." + type = bool + default = true +} + +variable "tags" { + description = "A map of tags to assign to the resources." + type = map(string) + default = {} +} diff --git a/README.md b/README.md index 0919611..10bbdc0 100644 --- a/README.md +++ b/README.md @@ -117,6 +117,10 @@ Last updated: 2026-02-16 Monitoring and Management (Click to expand) - [Monitoring and Management](./6_monitoring-management) + - [Azure Monitor (Action Group)](./6_monitoring-management/monitor) + - [Log Analytics (Workspace)](./6_monitoring-management/log-analytics) + - [Azure Automation (Automation Account)](./6_monitoring-management/automation) + - [Azure Advisor (Activity Log Alerts)](./6_monitoring-management/advisor)