From 56219fa3d83bb7b4b9ac584cbc6631b1b32b37b3 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 17 Jan 2025 13:14:06 +0200 Subject: [PATCH 001/101] Add skeleton for linux_virtual_machines module --- src/linux_virtual_machines.tf | 11 ++++++++ src/modules/linux_virtual_machines/_locals.tf | 0 .../linux_virtual_machines/_outputs.tf | 3 +++ .../linux_virtual_machines/_variables.tf | 15 +++++++++++ .../linux_virtual_machines.tf | 27 +++++++++++++++++++ 5 files changed, 56 insertions(+) create mode 100644 src/linux_virtual_machines.tf create mode 100644 src/modules/linux_virtual_machines/_locals.tf create mode 100644 src/modules/linux_virtual_machines/_outputs.tf create mode 100644 src/modules/linux_virtual_machines/_variables.tf create mode 100644 src/modules/linux_virtual_machines/linux_virtual_machines.tf diff --git a/src/linux_virtual_machines.tf b/src/linux_virtual_machines.tf new file mode 100644 index 00000000..21ad7df7 --- /dev/null +++ b/src/linux_virtual_machines.tf @@ -0,0 +1,11 @@ +module "linux_virtual_machines" { + source = "./modules/linux_virtual_machines" + for_each = var.linux_virtual_machines + + settings = each.value + global_settings = var.global_settings + + resources = { + resource_groups = module.resource_groups + } +} diff --git a/src/modules/linux_virtual_machines/_locals.tf b/src/modules/linux_virtual_machines/_locals.tf new file mode 100644 index 00000000..e69de29b diff --git a/src/modules/linux_virtual_machines/_outputs.tf b/src/modules/linux_virtual_machines/_outputs.tf new file mode 100644 index 00000000..fc028ace --- /dev/null +++ b/src/modules/linux_virtual_machines/_outputs.tf @@ -0,0 +1,3 @@ +output "id" { + value = azurerm_linux_virtual_machine.main.id +} diff --git a/src/modules/linux_virtual_machines/_variables.tf b/src/modules/linux_virtual_machines/_variables.tf new file mode 100644 index 00000000..c25d45b4 --- /dev/null +++ b/src/modules/linux_virtual_machines/_variables.tf @@ -0,0 +1,15 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for a storage account" +} + +variable "resources" { + type = object({ + resource_groups = map(any) + # virtual_networks = map(any) + }) + description = "All required resources" +} diff --git a/src/modules/linux_virtual_machines/linux_virtual_machines.tf b/src/modules/linux_virtual_machines/linux_virtual_machines.tf new file mode 100644 index 00000000..dc3d2401 --- /dev/null +++ b/src/modules/linux_virtual_machines/linux_virtual_machines.tf @@ -0,0 +1,27 @@ +resource "azurerm_linux_virtual_machine" "main" { + name = "example-machine" + resource_group_name = azurerm_resource_group.example.name + location = azurerm_resource_group.example.location + size = "Standard_F2" + admin_username = "adminuser" + network_interface_ids = [ + azurerm_network_interface.example.id, + ] + + admin_ssh_key { + username = "adminuser" + public_key = file("~/.ssh/id_rsa.pub") + } + + os_disk { + caching = "ReadWrite" + storage_account_type = "Standard_LRS" + } + + source_image_reference { + publisher = "Canonical" + offer = "0001-com-ubuntu-server-jammy" + sku = "22_04-lts" + version = "latest" + } +} From 3730d616232d0c79c7a106564d9d1608998dbe99 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 17 Jan 2025 13:29:07 +0200 Subject: [PATCH 002/101] Add locals --- src/modules/linux_virtual_machines/_locals.tf | 11 +++++++++++ src/modules/linux_virtual_machines/_variables.tf | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/src/modules/linux_virtual_machines/_locals.tf b/src/modules/linux_virtual_machines/_locals.tf index e69de29b..b6c4756f 100644 --- a/src/modules/linux_virtual_machines/_locals.tf +++ b/src/modules/linux_virtual_machines/_locals.tf @@ -0,0 +1,11 @@ +locals { + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + resource_group_name = local.resource_group.name + location = local.resource_group.location + + tags = merge( + var.global_settings.tags, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + try(var.settings.tags, {}) + ) +} diff --git a/src/modules/linux_virtual_machines/_variables.tf b/src/modules/linux_virtual_machines/_variables.tf index c25d45b4..8f1df738 100644 --- a/src/modules/linux_virtual_machines/_variables.tf +++ b/src/modules/linux_virtual_machines/_variables.tf @@ -3,7 +3,7 @@ variable "global_settings" { } variable "settings" { - description = "All the configuration for a storage account" + description = "All the configuration for an Linux VM" } variable "resources" { From 5b8e5ef3a5e3d5e689a74d711df1f3ebc23527b2 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 17 Jan 2025 14:37:38 +0200 Subject: [PATCH 003/101] Add linux vm configs --- src/_variables.resources.tf | 2 ++ ...l_machines.tf => linux_virtual_machine.tf} | 6 ++--- .../_locals.tf | 2 ++ src/modules/linux_virtual_machine/_outputs.tf | 11 ++++++++ .../_variables.tf | 0 .../linux_virtual_machine.tf | 27 +++++++++++++++++++ .../linux_virtual_machines/_outputs.tf | 3 --- .../linux_virtual_machines.tf | 27 ------------------- 8 files changed, 45 insertions(+), 33 deletions(-) rename src/{linux_virtual_machines.tf => linux_virtual_machine.tf} (53%) rename src/modules/{linux_virtual_machines => linux_virtual_machine}/_locals.tf (77%) create mode 100644 src/modules/linux_virtual_machine/_outputs.tf rename src/modules/{linux_virtual_machines => linux_virtual_machine}/_variables.tf (100%) create mode 100644 src/modules/linux_virtual_machine/linux_virtual_machine.tf delete mode 100644 src/modules/linux_virtual_machines/_outputs.tf delete mode 100644 src/modules/linux_virtual_machines/linux_virtual_machines.tf diff --git a/src/_variables.resources.tf b/src/_variables.resources.tf index a8ba337b..1dad6929 100644 --- a/src/_variables.resources.tf +++ b/src/_variables.resources.tf @@ -13,3 +13,5 @@ variable "virtual_network_gateways" { default = {} } variable "public_ips" { default = {} } variable "storage_accounts" { default = {} } + +variable "linux_virtual_machine" { default = {} } diff --git a/src/linux_virtual_machines.tf b/src/linux_virtual_machine.tf similarity index 53% rename from src/linux_virtual_machines.tf rename to src/linux_virtual_machine.tf index 21ad7df7..30dadf07 100644 --- a/src/linux_virtual_machines.tf +++ b/src/linux_virtual_machine.tf @@ -1,6 +1,6 @@ -module "linux_virtual_machines" { - source = "./modules/linux_virtual_machines" - for_each = var.linux_virtual_machines +module "linux_virtual_machine" { + source = "./modules/linux_virtual_machine" + for_each = var.linux_virtual_machine settings = each.value global_settings = var.global_settings diff --git a/src/modules/linux_virtual_machines/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf similarity index 77% rename from src/modules/linux_virtual_machines/_locals.tf rename to src/modules/linux_virtual_machine/_locals.tf index b6c4756f..93bdd040 100644 --- a/src/modules/linux_virtual_machines/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -3,6 +3,8 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location + network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] + tags = merge( var.global_settings.tags, var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, diff --git a/src/modules/linux_virtual_machine/_outputs.tf b/src/modules/linux_virtual_machine/_outputs.tf new file mode 100644 index 00000000..13ab3947 --- /dev/null +++ b/src/modules/linux_virtual_machine/_outputs.tf @@ -0,0 +1,11 @@ +output "id" { + value = azurerm_linux_virtual_machine.main.id +} + +output "private_ip_addresses" { + value = azurerm_linux_virtual_machine.main.private_ip_addresses +} + +output "public_ip_addresses" { + value = azurerm_linux_virtual_machine.main.public_ip_addresses +} diff --git a/src/modules/linux_virtual_machines/_variables.tf b/src/modules/linux_virtual_machine/_variables.tf similarity index 100% rename from src/modules/linux_virtual_machines/_variables.tf rename to src/modules/linux_virtual_machine/_variables.tf diff --git a/src/modules/linux_virtual_machine/linux_virtual_machine.tf b/src/modules/linux_virtual_machine/linux_virtual_machine.tf new file mode 100644 index 00000000..775ab1fe --- /dev/null +++ b/src/modules/linux_virtual_machine/linux_virtual_machine.tf @@ -0,0 +1,27 @@ +resource "azurerm_linux_virtual_machine" "main" { + name = var.settings.name + resource_group_name = local.resource_group_name + location = local.location + tags = local.tags + admin_username = var.settings.admin_username + size = var.settings.size + + network_interface_ids = local.network_interface_ids + + admin_ssh_key { + username = var.settings.admin_ssh_key.username + public_key = file(var.settings.admin_ssh_key.public_key) + } + + os_disk { + caching = var.settings.os_disk.caching + storage_account_type = var.settings.os_disk.storage_account_type + } + + source_image_reference { + publisher = var.settings.source_image_reference.publisher + offer = var.settings.source_image_reference.offer + sku = var.settings.source_image_reference.sku + version = var.settings.source_image_reference.version + } +} diff --git a/src/modules/linux_virtual_machines/_outputs.tf b/src/modules/linux_virtual_machines/_outputs.tf deleted file mode 100644 index fc028ace..00000000 --- a/src/modules/linux_virtual_machines/_outputs.tf +++ /dev/null @@ -1,3 +0,0 @@ -output "id" { - value = azurerm_linux_virtual_machine.main.id -} diff --git a/src/modules/linux_virtual_machines/linux_virtual_machines.tf b/src/modules/linux_virtual_machines/linux_virtual_machines.tf deleted file mode 100644 index dc3d2401..00000000 --- a/src/modules/linux_virtual_machines/linux_virtual_machines.tf +++ /dev/null @@ -1,27 +0,0 @@ -resource "azurerm_linux_virtual_machine" "main" { - name = "example-machine" - resource_group_name = azurerm_resource_group.example.name - location = azurerm_resource_group.example.location - size = "Standard_F2" - admin_username = "adminuser" - network_interface_ids = [ - azurerm_network_interface.example.id, - ] - - admin_ssh_key { - username = "adminuser" - public_key = file("~/.ssh/id_rsa.pub") - } - - os_disk { - caching = "ReadWrite" - storage_account_type = "Standard_LRS" - } - - source_image_reference { - publisher = "Canonical" - offer = "0001-com-ubuntu-server-jammy" - sku = "22_04-lts" - version = "latest" - } -} From 2bdc63953cc7c59725a1bb88a67f106870be7a62 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 17 Jan 2025 15:33:27 +0200 Subject: [PATCH 004/101] Add network interface. --- src/linux_virtual_machine.tf | 3 ++- src/modules/linux_virtual_machine/_locals.tf | 2 ++ src/modules/linux_virtual_machine/_outputs.tf | 7 +++++++ .../linux_virtual_machine/network_interface.tf | 17 +++++++++++++++++ 4 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 src/modules/linux_virtual_machine/network_interface.tf diff --git a/src/linux_virtual_machine.tf b/src/linux_virtual_machine.tf index 30dadf07..01213a45 100644 --- a/src/linux_virtual_machine.tf +++ b/src/linux_virtual_machine.tf @@ -6,6 +6,7 @@ module "linux_virtual_machine" { global_settings = var.global_settings resources = { - resource_groups = module.resource_groups + resource_groups = module.resource_groups + virtual_networks = module.virtual_networks } } diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 93bdd040..530c980f 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -5,6 +5,8 @@ locals { network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] + # subnet_id = var.settings.network_interfaces.var.resources.virtual_networks[split("/", var.settings.network_interfaces.subnet_ref)[0]].subnets[split("/", config.subnet_ref)[1]].id + tags = merge( var.global_settings.tags, var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, diff --git a/src/modules/linux_virtual_machine/_outputs.tf b/src/modules/linux_virtual_machine/_outputs.tf index 13ab3947..3b0257ca 100644 --- a/src/modules/linux_virtual_machine/_outputs.tf +++ b/src/modules/linux_virtual_machine/_outputs.tf @@ -9,3 +9,10 @@ output "private_ip_addresses" { output "public_ip_addresses" { value = azurerm_linux_virtual_machine.main.public_ip_addresses } + +output "nics" { + value = { + for nic_ref, _ in try(var.settings.network_interface_ids) : + nic_ref => azurerm_network_interface.main[nic_ref] + } +} diff --git a/src/modules/linux_virtual_machine/network_interface.tf b/src/modules/linux_virtual_machine/network_interface.tf new file mode 100644 index 00000000..9b45351d --- /dev/null +++ b/src/modules/linux_virtual_machine/network_interface.tf @@ -0,0 +1,17 @@ +resource "azurerm_network_interface" "main" { + for_each = var.settings.network_interfaces + + name = each.value.name + resource_group_name = local.resource_group_name + location = local.location + + ip_configuration { + name = each.value.ip_configuration.name + subnet_id = var.resources.virtual_networks[ + split("/", each.value.ip_configuration.subnet_ref)[0] + ].subnets[ + split("/", each.value.ip_configuration.subnet_ref)[1] + ].id + private_ip_address_allocation = each.value.ip_configuration.private_ip_address_allocation + } +} From 45df7986fdf7f2584edd7965052d154ded1172bd Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 17 Jan 2025 15:53:51 +0200 Subject: [PATCH 005/101] Fix variables resources in module --- src/modules/linux_virtual_machine/_variables.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/linux_virtual_machine/_variables.tf b/src/modules/linux_virtual_machine/_variables.tf index 8f1df738..f3d718e3 100644 --- a/src/modules/linux_virtual_machine/_variables.tf +++ b/src/modules/linux_virtual_machine/_variables.tf @@ -8,8 +8,8 @@ variable "settings" { variable "resources" { type = object({ - resource_groups = map(any) - # virtual_networks = map(any) + resource_groups = map(any) + virtual_networks = map(any) }) description = "All required resources" } From af16293e7f36afcaa7c4791f09de2ac87b5fcb7d Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 17 Jan 2025 16:33:19 +0200 Subject: [PATCH 006/101] Refactor output --- src/modules/linux_virtual_machine/_outputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/linux_virtual_machine/_outputs.tf b/src/modules/linux_virtual_machine/_outputs.tf index 3b0257ca..0c7e2e4d 100644 --- a/src/modules/linux_virtual_machine/_outputs.tf +++ b/src/modules/linux_virtual_machine/_outputs.tf @@ -12,7 +12,7 @@ output "public_ip_addresses" { output "nics" { value = { - for nic_ref, _ in try(var.settings.network_interface_ids) : + for _, nic_ref in try(var.settings.network_interface_ids) : nic_ref => azurerm_network_interface.main[nic_ref] } } From 7de45fa82893ea767b879a6db958a67e01c97598 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 17 Jan 2025 16:38:46 +0200 Subject: [PATCH 007/101] Refactor output --- src/modules/linux_virtual_machine/_outputs.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/linux_virtual_machine/_outputs.tf b/src/modules/linux_virtual_machine/_outputs.tf index 0c7e2e4d..124b0c68 100644 --- a/src/modules/linux_virtual_machine/_outputs.tf +++ b/src/modules/linux_virtual_machine/_outputs.tf @@ -12,7 +12,7 @@ output "public_ip_addresses" { output "nics" { value = { - for _, nic_ref in try(var.settings.network_interface_ids) : - nic_ref => azurerm_network_interface.main[nic_ref] + for _, nic in try(var.settings.network_interface_ids) : + nic.nic_ref => azurerm_network_interface.main[nic.nic_ref] } } From e268cce30c45d233bcb7b2c0a52348d919fcddca Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 17 Jan 2025 17:22:18 +0200 Subject: [PATCH 008/101] Add public key --- src/modules/linux_virtual_machine/_locals.tf | 8 +++++++- .../linux_virtual_machine/linux_virtual_machine.tf | 2 +- src/modules/linux_virtual_machine/network_interface.tf | 8 ++------ src/modules/linux_virtual_machine/tls_private_key.tf | 4 ++++ 4 files changed, 14 insertions(+), 8 deletions(-) create mode 100644 src/modules/linux_virtual_machine/tls_private_key.tf diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 530c980f..71f65b44 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -5,7 +5,13 @@ locals { network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] - # subnet_id = var.settings.network_interfaces.var.resources.virtual_networks[split("/", var.settings.network_interfaces.subnet_ref)[0]].subnets[split("/", config.subnet_ref)[1]].id + subnet_id = var.resources.virtual_networks[ + split("/", each.value.ip_configuration.subnet_ref)[0] + ].subnets[ + split("/", each.value.ip_configuration.subnet_ref)[1] + ].id + + public_key = tls_private_key.main[public_key_ref].public_key_openssh tags = merge( var.global_settings.tags, diff --git a/src/modules/linux_virtual_machine/linux_virtual_machine.tf b/src/modules/linux_virtual_machine/linux_virtual_machine.tf index 775ab1fe..9a2e2cf9 100644 --- a/src/modules/linux_virtual_machine/linux_virtual_machine.tf +++ b/src/modules/linux_virtual_machine/linux_virtual_machine.tf @@ -10,7 +10,7 @@ resource "azurerm_linux_virtual_machine" "main" { admin_ssh_key { username = var.settings.admin_ssh_key.username - public_key = file(var.settings.admin_ssh_key.public_key) + public_key = local.public_key } os_disk { diff --git a/src/modules/linux_virtual_machine/network_interface.tf b/src/modules/linux_virtual_machine/network_interface.tf index 9b45351d..60804dde 100644 --- a/src/modules/linux_virtual_machine/network_interface.tf +++ b/src/modules/linux_virtual_machine/network_interface.tf @@ -6,12 +6,8 @@ resource "azurerm_network_interface" "main" { location = local.location ip_configuration { - name = each.value.ip_configuration.name - subnet_id = var.resources.virtual_networks[ - split("/", each.value.ip_configuration.subnet_ref)[0] - ].subnets[ - split("/", each.value.ip_configuration.subnet_ref)[1] - ].id + name = each.value.ip_configuration.name + subnet_id = local.subnet_id private_ip_address_allocation = each.value.ip_configuration.private_ip_address_allocation } } diff --git a/src/modules/linux_virtual_machine/tls_private_key.tf b/src/modules/linux_virtual_machine/tls_private_key.tf new file mode 100644 index 00000000..15d5ae7a --- /dev/null +++ b/src/modules/linux_virtual_machine/tls_private_key.tf @@ -0,0 +1,4 @@ +resource "tls_private_key" "main" { + algorithm = var.settings.public_key_openssh.test_key.algorithm + rsa_bits = var.settings.public_key_openssh.test_key.rsa_bits +} From 2442890fa57a5e6deb8a1311f851ecf73e1468de Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 17 Jan 2025 17:53:31 +0200 Subject: [PATCH 009/101] Refactor locals --- src/modules/linux_virtual_machine/_locals.tf | 8 +++++--- src/modules/linux_virtual_machine/network_interface.tf | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 71f65b44..7fb08a25 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -2,16 +2,18 @@ locals { resource_group = var.resources.resource_groups[var.settings.resource_group_ref] resource_group_name = local.resource_group.name location = local.resource_group.location + nic_config = var.settings.network_interfaces + network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] subnet_id = var.resources.virtual_networks[ - split("/", each.value.ip_configuration.subnet_ref)[0] + split("/", nic_config.ip_configuration.subnet_ref)[0] ].subnets[ - split("/", each.value.ip_configuration.subnet_ref)[1] + split("/", nic_config.ip_configuration.subnet_ref)[1] ].id - public_key = tls_private_key.main[public_key_ref].public_key_openssh + public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh tags = merge( var.global_settings.tags, diff --git a/src/modules/linux_virtual_machine/network_interface.tf b/src/modules/linux_virtual_machine/network_interface.tf index 60804dde..1ca8827b 100644 --- a/src/modules/linux_virtual_machine/network_interface.tf +++ b/src/modules/linux_virtual_machine/network_interface.tf @@ -8,6 +8,6 @@ resource "azurerm_network_interface" "main" { ip_configuration { name = each.value.ip_configuration.name subnet_id = local.subnet_id - private_ip_address_allocation = each.value.ip_configuration.private_ip_address_allocation + private_ip_address_allocation = try(each.value.ip_configuration.private_ip_address_allocation, "Dynamic") } } From 9ab6ad65035455865174bceb15141c9e3f4f51e8 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 17 Jan 2025 17:58:07 +0200 Subject: [PATCH 010/101] Refactor subnet id in locals --- src/modules/linux_virtual_machine/_locals.tf | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 7fb08a25..092cf0e2 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -2,15 +2,13 @@ locals { resource_group = var.resources.resource_groups[var.settings.resource_group_ref] resource_group_name = local.resource_group.name location = local.resource_group.location - nic_config = var.settings.network_interfaces - network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] subnet_id = var.resources.virtual_networks[ - split("/", nic_config.ip_configuration.subnet_ref)[0] + split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0] ].subnets[ - split("/", nic_config.ip_configuration.subnet_ref)[1] + split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1] ].id public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh From cc90a8e6f68ec422b26539fc8d9f592df7dcfeac Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 09:36:20 +0200 Subject: [PATCH 011/101] Refactor subnet id in locals --- src/modules/linux_virtual_machine/_locals.tf | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 092cf0e2..1c2444bc 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -5,11 +5,20 @@ locals { network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] - subnet_id = var.resources.virtual_networks[ - split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0] - ].subnets[ - split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1] - ].id + # subnet_id = var.resources.virtual_networks[ + # split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0] + # ].subnets[ + # split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1] + # ].id + + subnet_ids = { + for nic_name, nic in var.settings.network_interfaces : + nic_name => var.resources.virtual_networks[ + split("/", nic.ip_configuration.subnet_ref)[0] + ].subnets[ + split("/", nic.ip_configuration.subnet_ref)[1] + ].id + } public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh From c2d54e3645b56f4d2dce79958d258fee33bcf116 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 09:38:52 +0200 Subject: [PATCH 012/101] Refactor subnet id in locals --- src/modules/linux_virtual_machine/_locals.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 1c2444bc..13215da0 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -11,7 +11,7 @@ locals { # split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1] # ].id - subnet_ids = { + subnet_id = { for nic_name, nic in var.settings.network_interfaces : nic_name => var.resources.virtual_networks[ split("/", nic.ip_configuration.subnet_ref)[0] From a03558aad3b6b1655c7334dbdd1dc8fed9e51a31 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 09:45:47 +0200 Subject: [PATCH 013/101] Refactor nic ip config --- src/modules/linux_virtual_machine/_locals.tf | 26 +++++++++---------- .../network_interface.tf | 2 +- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 13215da0..b86b1e0d 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -5,20 +5,20 @@ locals { network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] - # subnet_id = var.resources.virtual_networks[ - # split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0] - # ].subnets[ - # split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1] - # ].id + subnet_id = var.resources.virtual_networks[ + split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0] + ].subnets[ + split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1] + ].id - subnet_id = { - for nic_name, nic in var.settings.network_interfaces : - nic_name => var.resources.virtual_networks[ - split("/", nic.ip_configuration.subnet_ref)[0] - ].subnets[ - split("/", nic.ip_configuration.subnet_ref)[1] - ].id - } + # subnet_id = { + # for nic_name, nic in var.settings.network_interfaces : + # nic_name => var.resources.virtual_networks[ + # split("/", nic.ip_configuration.subnet_ref)[0] + # ].subnets[ + # split("/", nic.ip_configuration.subnet_ref)[1] + # ].id + # } public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh diff --git a/src/modules/linux_virtual_machine/network_interface.tf b/src/modules/linux_virtual_machine/network_interface.tf index 1ca8827b..9fe2bd69 100644 --- a/src/modules/linux_virtual_machine/network_interface.tf +++ b/src/modules/linux_virtual_machine/network_interface.tf @@ -7,7 +7,7 @@ resource "azurerm_network_interface" "main" { ip_configuration { name = each.value.ip_configuration.name - subnet_id = local.subnet_id + subnet_id = each.value.local.subnet_id private_ip_address_allocation = try(each.value.ip_configuration.private_ip_address_allocation, "Dynamic") } } From f95b529993551bdf71cf11a1f3ac9cbd00ac0550 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 09:53:55 +0200 Subject: [PATCH 014/101] Refactor locals --- src/modules/linux_virtual_machine/_locals.tf | 4 ++-- src/modules/linux_virtual_machine/network_interface.tf | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index b86b1e0d..497252ae 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -6,9 +6,9 @@ locals { network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] subnet_id = var.resources.virtual_networks[ - split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0] + split("/", var.settings.network_interfaces.each.value.ip_configuration.subnet_ref)[0] ].subnets[ - split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1] + split("/", var.settings.network_interfaces.each.value.ip_configuration.subnet_ref)[1] ].id # subnet_id = { diff --git a/src/modules/linux_virtual_machine/network_interface.tf b/src/modules/linux_virtual_machine/network_interface.tf index 9fe2bd69..1ca8827b 100644 --- a/src/modules/linux_virtual_machine/network_interface.tf +++ b/src/modules/linux_virtual_machine/network_interface.tf @@ -7,7 +7,7 @@ resource "azurerm_network_interface" "main" { ip_configuration { name = each.value.ip_configuration.name - subnet_id = each.value.local.subnet_id + subnet_id = local.subnet_id private_ip_address_allocation = try(each.value.ip_configuration.private_ip_address_allocation, "Dynamic") } } From d910a367649e0e2a7bba7bf7e90e4cc3699b1790 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 09:59:10 +0200 Subject: [PATCH 015/101] Refactor subnet id in locals --- src/modules/linux_virtual_machine/_locals.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 497252ae..e3a2de9f 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -6,9 +6,9 @@ locals { network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] subnet_id = var.resources.virtual_networks[ - split("/", var.settings.network_interfaces.each.value.ip_configuration.subnet_ref)[0] + split("/", each.value.var.settings.network_interfaces.ip_configuration.subnet_ref)[0] ].subnets[ - split("/", var.settings.network_interfaces.each.value.ip_configuration.subnet_ref)[1] + split("/", each.value.var.settings.network_interfaces.each.value.ip_configuration.subnet_ref)[1] ].id # subnet_id = { From 4f30aef7aa857d909e5b4e09ba7dc11b0beaffe6 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 10:11:47 +0200 Subject: [PATCH 016/101] Refactor code --- src/modules/linux_virtual_machine/_locals.tf | 4 ++-- src/modules/linux_virtual_machine/network_interface.tf | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index e3a2de9f..ee389664 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -6,9 +6,9 @@ locals { network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] subnet_id = var.resources.virtual_networks[ - split("/", each.value.var.settings.network_interfaces.ip_configuration.subnet_ref)[0] + split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0] ].subnets[ - split("/", each.value.var.settings.network_interfaces.each.value.ip_configuration.subnet_ref)[1] + split("/", var.settings.network_interfaces.each.value.ip_configuration.subnet_ref)[1] ].id # subnet_id = { diff --git a/src/modules/linux_virtual_machine/network_interface.tf b/src/modules/linux_virtual_machine/network_interface.tf index 1ca8827b..06a9a8a1 100644 --- a/src/modules/linux_virtual_machine/network_interface.tf +++ b/src/modules/linux_virtual_machine/network_interface.tf @@ -7,7 +7,7 @@ resource "azurerm_network_interface" "main" { ip_configuration { name = each.value.ip_configuration.name - subnet_id = local.subnet_id + subnet_id = local.subnet_id[each.key] private_ip_address_allocation = try(each.value.ip_configuration.private_ip_address_allocation, "Dynamic") } } From ddbd352b17809c167631d08b6f83f47a1db78bf2 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 10:16:35 +0200 Subject: [PATCH 017/101] Refactor locals --- src/modules/linux_virtual_machine/_locals.tf | 26 ++++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index ee389664..18b4d93c 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -5,20 +5,20 @@ locals { network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] - subnet_id = var.resources.virtual_networks[ - split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0] - ].subnets[ - split("/", var.settings.network_interfaces.each.value.ip_configuration.subnet_ref)[1] - ].id + # subnet_id = var.resources.virtual_networks[ + # split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0] + # ].subnets[ + # split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1] + # ].id - # subnet_id = { - # for nic_name, nic in var.settings.network_interfaces : - # nic_name => var.resources.virtual_networks[ - # split("/", nic.ip_configuration.subnet_ref)[0] - # ].subnets[ - # split("/", nic.ip_configuration.subnet_ref)[1] - # ].id - # } + subnet_id = { + for nic, config in var.settings.network_interfaces : + nic => var.resources.virtual_networks[ + split("/", config.ip_configuration.subnet_ref)[0] + ].subnets[ + split("/", config.ip_configuration.subnet_ref)[1] + ].id + } public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh From 2722b635287cf7f23cf46229923f1577b072da42 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 10:21:54 +0200 Subject: [PATCH 018/101] Refactor public_key --- src/modules/linux_virtual_machine/_locals.tf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 18b4d93c..d0b4bfde 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -20,7 +20,8 @@ locals { ].id } - public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh + public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref] + # .public_key_openssh tags = merge( var.global_settings.tags, From 0519fecb54e8e5f523b2e9550d55df32fffa389a Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 10:44:51 +0200 Subject: [PATCH 019/101] Refactor public key in locals --- src/modules/linux_virtual_machine/_locals.tf | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index d0b4bfde..2fa24d70 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -5,12 +5,6 @@ locals { network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] - # subnet_id = var.resources.virtual_networks[ - # split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0] - # ].subnets[ - # split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1] - # ].id - subnet_id = { for nic, config in var.settings.network_interfaces : nic => var.resources.virtual_networks[ @@ -20,8 +14,8 @@ locals { ].id } - public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref] - # .public_key_openssh + # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh + public_key = tls_private_key.main.public_key_openssh tags = merge( var.global_settings.tags, From 1321df9f5d09918ab89cdea28e9fb8cebb43d9bd Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 11:00:00 +0200 Subject: [PATCH 020/101] Refactor nic in locals --- src/modules/linux_virtual_machine/_locals.tf | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 2fa24d70..306cf336 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -3,10 +3,15 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] + # network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] + + network_interface_ids = { + for nic, nic_name in try(var.settings.network_interface_ids) : + nic => azurerm_network_interface.main[nic_name.nic_ref].id + } subnet_id = { - for nic, config in var.settings.network_interfaces : + for nic, config in try(var.settings.network_interfaces) : nic => var.resources.virtual_networks[ split("/", config.ip_configuration.subnet_ref)[0] ].subnets[ From e2a8c4c832ed773be0f70c66b6b75028daf2e6d9 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 11:05:17 +0200 Subject: [PATCH 021/101] Refactor nic in locals --- src/modules/linux_virtual_machine/_locals.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 306cf336..084e3f71 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -7,7 +7,7 @@ locals { network_interface_ids = { for nic, nic_name in try(var.settings.network_interface_ids) : - nic => azurerm_network_interface.main[nic_name.nic_ref].id + nic => azurerm_network_interface.main[var.settings.network_interface_ids[nic].nic_ref].id } subnet_id = { From 1262415ba82e26e47eb5b89280b7629d982b56e8 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 11:11:37 +0200 Subject: [PATCH 022/101] Refactor nic in locals --- src/modules/linux_virtual_machine/_locals.tf | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 084e3f71..f477ae3c 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -3,12 +3,12 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - # network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : config.nic_ref] + network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : azurerm_network_interface.main[nic.nic_ref].id] - network_interface_ids = { - for nic, nic_name in try(var.settings.network_interface_ids) : - nic => azurerm_network_interface.main[var.settings.network_interface_ids[nic].nic_ref].id - } + # network_interface_ids = { + # for nic, nic_name in try(var.settings.network_interface_ids) : + # nic => azurerm_network_interface.main[var.settings.network_interface_ids[nic].nic_ref].id + # } subnet_id = { for nic, config in try(var.settings.network_interfaces) : From 1c004f55ef372b24e06f678292a82f5b00110e42 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 11:13:41 +0200 Subject: [PATCH 023/101] Refactor nic in locals --- src/modules/linux_virtual_machine/_locals.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index f477ae3c..9f860071 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -3,7 +3,7 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : azurerm_network_interface.main[nic.nic_ref].id] + network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : azurerm_network_interface.main[config.nic_ref].id] # network_interface_ids = { # for nic, nic_name in try(var.settings.network_interface_ids) : From 9d1649b7e83581d74ff468fd5fc616744b9dd2da Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 11:17:36 +0200 Subject: [PATCH 024/101] Refactor public key in locals --- src/modules/linux_virtual_machine/_locals.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 9f860071..6c465004 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -19,8 +19,8 @@ locals { ].id } - # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh - public_key = tls_private_key.main.public_key_openssh + public_key = tls_private_key.main[var.settings.admin_ssh_key.main[public_key_ref]].public_key_openssh + # public_key = tls_private_key.main.public_key_openssh tags = merge( var.global_settings.tags, From 9c2234c833b69917b2bf033b40afd0f6201cfcbb Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 11:24:02 +0200 Subject: [PATCH 025/101] Refactor public key in locals --- src/modules/linux_virtual_machine/_locals.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 6c465004..e2a6d1eb 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -19,7 +19,7 @@ locals { ].id } - public_key = tls_private_key.main[var.settings.admin_ssh_key.main[public_key_ref]].public_key_openssh + public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh # public_key = tls_private_key.main.public_key_openssh tags = merge( From 94ef2f64429a8732644b653c2b4c6e2735289eee Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 11:33:41 +0200 Subject: [PATCH 026/101] Refactor locals --- src/modules/linux_virtual_machine/_locals.tf | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index e2a6d1eb..20c9a08b 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -3,12 +3,10 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - network_interface_ids = [for nics_ref, config in var.settings.network_interface_ids : azurerm_network_interface.main[config.nic_ref].id] - - # network_interface_ids = { - # for nic, nic_name in try(var.settings.network_interface_ids) : - # nic => azurerm_network_interface.main[var.settings.network_interface_ids[nic].nic_ref].id - # } + network_interface_ids = [ + for nics_ref, config in var.settings.network_interface_ids : + azurerm_network_interface.main[config.nic_ref].id + ] subnet_id = { for nic, config in try(var.settings.network_interfaces) : @@ -19,8 +17,7 @@ locals { ].id } - public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh - # public_key = tls_private_key.main.public_key_openssh + public_key = tls_private_key.main.public_key_openssh tags = merge( var.global_settings.tags, From 2248f1354bab1e4fae6bd3ae9f95125229d85f49 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 12:00:51 +0200 Subject: [PATCH 027/101] Add key creation for each vm --- src/modules/linux_virtual_machine/_locals.tf | 2 +- src/modules/linux_virtual_machine/tls_private_key.tf | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/linux_virtual_machine/_locals.tf index 20c9a08b..9a3d39b3 100644 --- a/src/modules/linux_virtual_machine/_locals.tf +++ b/src/modules/linux_virtual_machine/_locals.tf @@ -17,7 +17,7 @@ locals { ].id } - public_key = tls_private_key.main.public_key_openssh + public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh tags = merge( var.global_settings.tags, diff --git a/src/modules/linux_virtual_machine/tls_private_key.tf b/src/modules/linux_virtual_machine/tls_private_key.tf index 15d5ae7a..ec38c336 100644 --- a/src/modules/linux_virtual_machine/tls_private_key.tf +++ b/src/modules/linux_virtual_machine/tls_private_key.tf @@ -1,4 +1,6 @@ resource "tls_private_key" "main" { - algorithm = var.settings.public_key_openssh.test_key.algorithm - rsa_bits = var.settings.public_key_openssh.test_key.rsa_bits + for_each = var.settings.public_key_openssh + + algorithm = each.value.algorithm + rsa_bits = each.value.rsa_bits } From f06100e6e16bf819d7e89b8352f8b21bc3147027 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 15:46:10 +0200 Subject: [PATCH 028/101] Refactor to submodules --- src/_locals.tf | 8 +++++ src/_variables.resources.tf | 2 +- .../_locals.tf | 0 src/modules/virtual_machines/_outputs.tf | 0 .../_variables.tf | 6 +--- .../linux_virtual_machine/_locals.tf | 27 ++++++++++++++++ .../linux_virtual_machine/_outputs.tf | 7 ---- .../linux_virtual_machine/_variables.tf | 11 +++++++ .../linux_virtual_machine.tf | 0 .../network_interface/_locals.tf | 27 ++++++++++++++++ .../network_interface/_ouputs.tf | 6 ++++ .../network_interface/_variables.tf | 11 +++++++ .../network_interface}/network_interface.tf | 0 .../tls_private_key.tf | 0 .../virtual_machines/virtual_machines.tf | 32 +++++++++++++++++++ ...virtual_machine.tf => virtual_machines.tf} | 6 ++-- 16 files changed, 127 insertions(+), 16 deletions(-) create mode 100644 src/_locals.tf rename src/modules/{linux_virtual_machine => virtual_machines}/_locals.tf (100%) create mode 100644 src/modules/virtual_machines/_outputs.tf rename src/modules/{linux_virtual_machine => virtual_machines}/_variables.tf (54%) create mode 100644 src/modules/virtual_machines/linux_virtual_machine/_locals.tf rename src/modules/{ => virtual_machines}/linux_virtual_machine/_outputs.tf (62%) create mode 100644 src/modules/virtual_machines/linux_virtual_machine/_variables.tf rename src/modules/{ => virtual_machines}/linux_virtual_machine/linux_virtual_machine.tf (100%) create mode 100644 src/modules/virtual_machines/network_interface/_locals.tf create mode 100644 src/modules/virtual_machines/network_interface/_ouputs.tf create mode 100644 src/modules/virtual_machines/network_interface/_variables.tf rename src/modules/{linux_virtual_machine => virtual_machines/network_interface}/network_interface.tf (100%) rename src/modules/{linux_virtual_machine => virtual_machines}/tls_private_key.tf (100%) create mode 100644 src/modules/virtual_machines/virtual_machines.tf rename src/{linux_virtual_machine.tf => virtual_machines.tf} (61%) diff --git a/src/_locals.tf b/src/_locals.tf new file mode 100644 index 00000000..d073b772 --- /dev/null +++ b/src/_locals.tf @@ -0,0 +1,8 @@ +locals { + global_settings = merge(var.global_settings, { + object_id = data.azurerm_client_config.current.object_id + subscription_id = data.azurerm_client_config.current.subscription_id + tenant_id = data.azurerm_client_config.current.tenant_id + client_id = data.azurerm_client_config.current.client_id + }) +} diff --git a/src/_variables.resources.tf b/src/_variables.resources.tf index 1dad6929..da493a13 100644 --- a/src/_variables.resources.tf +++ b/src/_variables.resources.tf @@ -14,4 +14,4 @@ variable "public_ips" { default = {} } variable "storage_accounts" { default = {} } -variable "linux_virtual_machine" { default = {} } +variable "virtual_machines" { default = {} } diff --git a/src/modules/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/_locals.tf similarity index 100% rename from src/modules/linux_virtual_machine/_locals.tf rename to src/modules/virtual_machines/_locals.tf diff --git a/src/modules/virtual_machines/_outputs.tf b/src/modules/virtual_machines/_outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/src/modules/linux_virtual_machine/_variables.tf b/src/modules/virtual_machines/_variables.tf similarity index 54% rename from src/modules/linux_virtual_machine/_variables.tf rename to src/modules/virtual_machines/_variables.tf index f3d718e3..6f1524d4 100644 --- a/src/modules/linux_virtual_machine/_variables.tf +++ b/src/modules/virtual_machines/_variables.tf @@ -3,13 +3,9 @@ variable "global_settings" { } variable "settings" { - description = "All the configuration for an Linux VM" + description = "All the configuration for this resource" } variable "resources" { - type = object({ - resource_groups = map(any) - virtual_networks = map(any) - }) description = "All required resources" } diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf new file mode 100644 index 00000000..9a3d39b3 --- /dev/null +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -0,0 +1,27 @@ +locals { + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + resource_group_name = local.resource_group.name + location = local.resource_group.location + + network_interface_ids = [ + for nics_ref, config in var.settings.network_interface_ids : + azurerm_network_interface.main[config.nic_ref].id + ] + + subnet_id = { + for nic, config in try(var.settings.network_interfaces) : + nic => var.resources.virtual_networks[ + split("/", config.ip_configuration.subnet_ref)[0] + ].subnets[ + split("/", config.ip_configuration.subnet_ref)[1] + ].id + } + + public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh + + tags = merge( + var.global_settings.tags, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + try(var.settings.tags, {}) + ) +} diff --git a/src/modules/linux_virtual_machine/_outputs.tf b/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf similarity index 62% rename from src/modules/linux_virtual_machine/_outputs.tf rename to src/modules/virtual_machines/linux_virtual_machine/_outputs.tf index 124b0c68..13ab3947 100644 --- a/src/modules/linux_virtual_machine/_outputs.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf @@ -9,10 +9,3 @@ output "private_ip_addresses" { output "public_ip_addresses" { value = azurerm_linux_virtual_machine.main.public_ip_addresses } - -output "nics" { - value = { - for _, nic in try(var.settings.network_interface_ids) : - nic.nic_ref => azurerm_network_interface.main[nic.nic_ref] - } -} diff --git a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf new file mode 100644 index 00000000..6f1524d4 --- /dev/null +++ b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf @@ -0,0 +1,11 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for this resource" +} + +variable "resources" { + description = "All required resources" +} diff --git a/src/modules/linux_virtual_machine/linux_virtual_machine.tf b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf similarity index 100% rename from src/modules/linux_virtual_machine/linux_virtual_machine.tf rename to src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf new file mode 100644 index 00000000..9a3d39b3 --- /dev/null +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -0,0 +1,27 @@ +locals { + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + resource_group_name = local.resource_group.name + location = local.resource_group.location + + network_interface_ids = [ + for nics_ref, config in var.settings.network_interface_ids : + azurerm_network_interface.main[config.nic_ref].id + ] + + subnet_id = { + for nic, config in try(var.settings.network_interfaces) : + nic => var.resources.virtual_networks[ + split("/", config.ip_configuration.subnet_ref)[0] + ].subnets[ + split("/", config.ip_configuration.subnet_ref)[1] + ].id + } + + public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh + + tags = merge( + var.global_settings.tags, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + try(var.settings.tags, {}) + ) +} diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf new file mode 100644 index 00000000..70caedda --- /dev/null +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -0,0 +1,6 @@ +output "nics" { + value = { + for _, nic in try(var.settings.network_interface_ids) : + nic.nic_ref => azurerm_network_interface.main[nic.nic_ref] + } +} diff --git a/src/modules/virtual_machines/network_interface/_variables.tf b/src/modules/virtual_machines/network_interface/_variables.tf new file mode 100644 index 00000000..6f1524d4 --- /dev/null +++ b/src/modules/virtual_machines/network_interface/_variables.tf @@ -0,0 +1,11 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for this resource" +} + +variable "resources" { + description = "All required resources" +} diff --git a/src/modules/linux_virtual_machine/network_interface.tf b/src/modules/virtual_machines/network_interface/network_interface.tf similarity index 100% rename from src/modules/linux_virtual_machine/network_interface.tf rename to src/modules/virtual_machines/network_interface/network_interface.tf diff --git a/src/modules/linux_virtual_machine/tls_private_key.tf b/src/modules/virtual_machines/tls_private_key.tf similarity index 100% rename from src/modules/linux_virtual_machine/tls_private_key.tf rename to src/modules/virtual_machines/tls_private_key.tf diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf new file mode 100644 index 00000000..bc22cf5e --- /dev/null +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -0,0 +1,32 @@ +module "linux_virtual_machine" { + source = "./linux_virtual_machine" + for_each = var.settings.linux_virtual_machine + + settings = var.settings + global_settings = var.global_settings + + resources = var.resources +} + +module "network_interface" { + source = "./linux_virtual_machine" + for_each = var.settings.linux_virtual_machine + + settings = var.settings + global_settings = var.global_settings + + resources = var.resources +} + +# module "windows_virtual_machine" { +# source = "./modules/linux_virtual_machine" +# for_each = var.linux_virtual_machine + +# settings = each.value +# global_settings = var.global_settings + +# resources = { +# resource_groups = module.resource_groups +# virtual_networks = module.virtual_networks +# } +# } diff --git a/src/linux_virtual_machine.tf b/src/virtual_machines.tf similarity index 61% rename from src/linux_virtual_machine.tf rename to src/virtual_machines.tf index 01213a45..9d140b92 100644 --- a/src/linux_virtual_machine.tf +++ b/src/virtual_machines.tf @@ -1,6 +1,6 @@ -module "linux_virtual_machine" { - source = "./modules/linux_virtual_machine" - for_each = var.linux_virtual_machine +module "virtual_machines" { + source = "./modules/virtual_machines" + for_each = var.virtual_machines settings = each.value global_settings = var.global_settings From 4f36b18453336ed012e6ba42b1761a91a8fec0fc Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 15:52:13 +0200 Subject: [PATCH 029/101] refactor nic module --- src/modules/virtual_machines/virtual_machines.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index bc22cf5e..e437b43f 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -9,8 +9,8 @@ module "linux_virtual_machine" { } module "network_interface" { - source = "./linux_virtual_machine" - for_each = var.settings.linux_virtual_machine + source = "./network_interface" + for_each = var.settings.network_interface settings = var.settings global_settings = var.global_settings From 8296df31393bf499cc0acb63c6713da5f825fe57 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 16:06:07 +0200 Subject: [PATCH 030/101] Refactored locals --- src/_locals.tf | 8 -------- 1 file changed, 8 deletions(-) diff --git a/src/_locals.tf b/src/_locals.tf index d073b772..e69de29b 100644 --- a/src/_locals.tf +++ b/src/_locals.tf @@ -1,8 +0,0 @@ -locals { - global_settings = merge(var.global_settings, { - object_id = data.azurerm_client_config.current.object_id - subscription_id = data.azurerm_client_config.current.subscription_id - tenant_id = data.azurerm_client_config.current.tenant_id - client_id = data.azurerm_client_config.current.client_id - }) -} From ad7b077b15909f8be5f356c9c306d69821b281e9 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 16:17:10 +0200 Subject: [PATCH 031/101] Refactor locals --- src/modules/virtual_machines/_locals.tf | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/modules/virtual_machines/_locals.tf b/src/modules/virtual_machines/_locals.tf index 9a3d39b3..577d3300 100644 --- a/src/modules/virtual_machines/_locals.tf +++ b/src/modules/virtual_machines/_locals.tf @@ -3,10 +3,10 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - network_interface_ids = [ - for nics_ref, config in var.settings.network_interface_ids : - azurerm_network_interface.main[config.nic_ref].id - ] + # network_interface_ids = [ + # for nics_ref, config in var.settings.network_interface_ids : + # azurerm_network_interface.main[config.nic_ref].id + # ] subnet_id = { for nic, config in try(var.settings.network_interfaces) : @@ -17,7 +17,7 @@ locals { ].id } - public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh + # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh tags = merge( var.global_settings.tags, From bda9595e411e41b2ba06b950cef82ca26d3b5b8d Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 16:21:59 +0200 Subject: [PATCH 032/101] Refactor locals --- .../virtual_machines/linux_virtual_machine/_locals.tf | 10 +++++----- .../virtual_machines/network_interface/_locals.tf | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index 9a3d39b3..577d3300 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -3,10 +3,10 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - network_interface_ids = [ - for nics_ref, config in var.settings.network_interface_ids : - azurerm_network_interface.main[config.nic_ref].id - ] + # network_interface_ids = [ + # for nics_ref, config in var.settings.network_interface_ids : + # azurerm_network_interface.main[config.nic_ref].id + # ] subnet_id = { for nic, config in try(var.settings.network_interfaces) : @@ -17,7 +17,7 @@ locals { ].id } - public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh + # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh tags = merge( var.global_settings.tags, diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf index 9a3d39b3..d11f060c 100644 --- a/src/modules/virtual_machines/network_interface/_locals.tf +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -17,7 +17,7 @@ locals { ].id } - public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh + # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh tags = merge( var.global_settings.tags, From 937daeb0830e25f6d6b8ceac0822e154459df819 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 16:39:37 +0200 Subject: [PATCH 033/101] Refactor module --- src/modules/virtual_machines/_locals.tf | 10 +++++----- .../virtual_machines/linux_virtual_machine/_locals.tf | 2 +- src/virtual_machines.tf | 5 +++-- 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/src/modules/virtual_machines/_locals.tf b/src/modules/virtual_machines/_locals.tf index 577d3300..e70aed8f 100644 --- a/src/modules/virtual_machines/_locals.tf +++ b/src/modules/virtual_machines/_locals.tf @@ -3,10 +3,10 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - # network_interface_ids = [ - # for nics_ref, config in var.settings.network_interface_ids : - # azurerm_network_interface.main[config.nic_ref].id - # ] + network_interface_ids = [ + for nics_ref, config in var.settings.network_interface_ids : + var.resources.network_interface.main[config.nic_ref].id + ] subnet_id = { for nic, config in try(var.settings.network_interfaces) : @@ -17,7 +17,7 @@ locals { ].id } - # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh + public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh tags = merge( var.global_settings.tags, diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index 577d3300..b7e79216 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -17,7 +17,7 @@ locals { ].id } - # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh + public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh tags = merge( var.global_settings.tags, diff --git a/src/virtual_machines.tf b/src/virtual_machines.tf index 9d140b92..3ebddbbb 100644 --- a/src/virtual_machines.tf +++ b/src/virtual_machines.tf @@ -6,7 +6,8 @@ module "virtual_machines" { global_settings = var.global_settings resources = { - resource_groups = module.resource_groups - virtual_networks = module.virtual_networks + resource_groups = module.resource_groups + virtual_networks = module.virtual_networks + network_interface = module.network_interface } } From e81d7d5601984ec80dae55473f9597cda706d7b9 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 16:48:01 +0200 Subject: [PATCH 034/101] Refactor code --- .../virtual_machines/linux_virtual_machine/_locals.tf | 8 ++++---- .../virtual_machines/linux_virtual_machine/_variables.tf | 4 ++++ src/modules/virtual_machines/network_interface/_ouputs.tf | 4 ++++ 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index b7e79216..afbdfcec 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -3,10 +3,10 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - # network_interface_ids = [ - # for nics_ref, config in var.settings.network_interface_ids : - # azurerm_network_interface.main[config.nic_ref].id - # ] + network_interface_ids = [ + for nics_ref, config in var.settings.network_interface_ids : + var.resources.network_interface[config.nic_ref].id + ] subnet_id = { for nic, config in try(var.settings.network_interfaces) : diff --git a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf index 6f1524d4..5e207e1b 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf @@ -9,3 +9,7 @@ variable "settings" { variable "resources" { description = "All required resources" } + +variable "nic_id" { + description = "All required nic ids for this resource" +} diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf index 70caedda..8985983e 100644 --- a/src/modules/virtual_machines/network_interface/_ouputs.tf +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -4,3 +4,7 @@ output "nics" { nic.nic_ref => azurerm_network_interface.main[nic.nic_ref] } } + +output "nic_id" { + value = azurerm_network_interface.main.id +} From e0706b2260004a39cf57f3a166a0e54af37053de Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 17:19:02 +0200 Subject: [PATCH 035/101] Refactor code --- .../virtual_machines/linux_virtual_machine/_variables.tf | 6 +++--- src/modules/virtual_machines/network_interface/_locals.tf | 2 +- src/modules/virtual_machines/network_interface/_ouputs.tf | 6 +++--- src/virtual_machines.tf | 6 +++--- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf index 5e207e1b..8a67e89c 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf @@ -10,6 +10,6 @@ variable "resources" { description = "All required resources" } -variable "nic_id" { - description = "All required nic ids for this resource" -} +# variable "nic_id" { +# description = "All required nic ids for this resource" +# } diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf index d11f060c..9a3d39b3 100644 --- a/src/modules/virtual_machines/network_interface/_locals.tf +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -17,7 +17,7 @@ locals { ].id } - # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh + public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh tags = merge( var.global_settings.tags, diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf index 8985983e..3377ba59 100644 --- a/src/modules/virtual_machines/network_interface/_ouputs.tf +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -5,6 +5,6 @@ output "nics" { } } -output "nic_id" { - value = azurerm_network_interface.main.id -} +# output "nic_id" { +# value = azurerm_network_interface.main.id +# } diff --git a/src/virtual_machines.tf b/src/virtual_machines.tf index 3ebddbbb..5ca182e4 100644 --- a/src/virtual_machines.tf +++ b/src/virtual_machines.tf @@ -6,8 +6,8 @@ module "virtual_machines" { global_settings = var.global_settings resources = { - resource_groups = module.resource_groups - virtual_networks = module.virtual_networks - network_interface = module.network_interface + resource_groups = module.resource_groups + virtual_networks = module.virtual_networks + # network_interface = module.network_interface } } From bd02b28e16d4921fc58e40323869810093edae6e Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 17:44:47 +0200 Subject: [PATCH 036/101] Refactor modules --- src/modules/virtual_machines/_locals.tf | 46 +++++++++---------- .../linux_virtual_machine/_locals.tf | 24 +++++----- .../linux_virtual_machine/_variables.tf | 6 +-- .../linux_virtual_machine.tf | 2 +- .../tls_private_key.tf | 0 .../network_interface/_locals.tf | 10 ++-- .../network_interface/_ouputs.tf | 15 +++--- .../virtual_machines/virtual_machines.tf | 2 + 8 files changed, 55 insertions(+), 50 deletions(-) rename src/modules/virtual_machines/{ => linux_virtual_machine}/tls_private_key.tf (100%) diff --git a/src/modules/virtual_machines/_locals.tf b/src/modules/virtual_machines/_locals.tf index e70aed8f..dfdbea53 100644 --- a/src/modules/virtual_machines/_locals.tf +++ b/src/modules/virtual_machines/_locals.tf @@ -1,27 +1,27 @@ -locals { - resource_group = var.resources.resource_groups[var.settings.resource_group_ref] - resource_group_name = local.resource_group.name - location = local.resource_group.location +# locals { +# resource_group = var.resources.resource_groups[var.settings.resource_group_ref] +# resource_group_name = local.resource_group.name +# location = local.resource_group.location - network_interface_ids = [ - for nics_ref, config in var.settings.network_interface_ids : - var.resources.network_interface.main[config.nic_ref].id - ] +# network_interface_ids = [ +# for nics_ref, config in var.settings.network_interface_ids : +# var.resources.network_interface.main[config.nic_ref].id +# ] - subnet_id = { - for nic, config in try(var.settings.network_interfaces) : - nic => var.resources.virtual_networks[ - split("/", config.ip_configuration.subnet_ref)[0] - ].subnets[ - split("/", config.ip_configuration.subnet_ref)[1] - ].id - } +# subnet_id = { +# for nic, config in try(var.settings.network_interfaces) : +# nic => var.resources.virtual_networks[ +# split("/", config.ip_configuration.subnet_ref)[0] +# ].subnets[ +# split("/", config.ip_configuration.subnet_ref)[1] +# ].id +# } - public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh +# public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh - tags = merge( - var.global_settings.tags, - var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, - try(var.settings.tags, {}) - ) -} +# tags = merge( +# var.global_settings.tags, +# var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, +# try(var.settings.tags, {}) +# ) +# } diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index afbdfcec..37fae23b 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -3,19 +3,19 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - network_interface_ids = [ - for nics_ref, config in var.settings.network_interface_ids : - var.resources.network_interface[config.nic_ref].id - ] + # network_interface_ids = [ + # for nics_ref, config in var.settings.network_interface_ids : + # var.resources.network_interface[config.nic_ref].id + # ] - subnet_id = { - for nic, config in try(var.settings.network_interfaces) : - nic => var.resources.virtual_networks[ - split("/", config.ip_configuration.subnet_ref)[0] - ].subnets[ - split("/", config.ip_configuration.subnet_ref)[1] - ].id - } + # subnet_id = { + # for nic, config in try(var.settings.network_interfaces) : + # nic => var.resources.virtual_networks[ + # split("/", config.ip_configuration.subnet_ref)[0] + # ].subnets[ + # split("/", config.ip_configuration.subnet_ref)[1] + # ].id + # } public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh diff --git a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf index 8a67e89c..129d4def 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf @@ -10,6 +10,6 @@ variable "resources" { description = "All required resources" } -# variable "nic_id" { -# description = "All required nic ids for this resource" -# } +variable "nic_ids" { + description = "All required nic ids for this resource" +} diff --git a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf index 9a2e2cf9..a193907e 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf @@ -6,7 +6,7 @@ resource "azurerm_linux_virtual_machine" "main" { admin_username = var.settings.admin_username size = var.settings.size - network_interface_ids = local.network_interface_ids + network_interface_ids = var.nic_ids admin_ssh_key { username = var.settings.admin_ssh_key.username diff --git a/src/modules/virtual_machines/tls_private_key.tf b/src/modules/virtual_machines/linux_virtual_machine/tls_private_key.tf similarity index 100% rename from src/modules/virtual_machines/tls_private_key.tf rename to src/modules/virtual_machines/linux_virtual_machine/tls_private_key.tf diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf index 9a3d39b3..577d3300 100644 --- a/src/modules/virtual_machines/network_interface/_locals.tf +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -3,10 +3,10 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - network_interface_ids = [ - for nics_ref, config in var.settings.network_interface_ids : - azurerm_network_interface.main[config.nic_ref].id - ] + # network_interface_ids = [ + # for nics_ref, config in var.settings.network_interface_ids : + # azurerm_network_interface.main[config.nic_ref].id + # ] subnet_id = { for nic, config in try(var.settings.network_interfaces) : @@ -17,7 +17,7 @@ locals { ].id } - public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh + # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh tags = merge( var.global_settings.tags, diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf index 3377ba59..d8d992e4 100644 --- a/src/modules/virtual_machines/network_interface/_ouputs.tf +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -1,10 +1,13 @@ -output "nics" { +# output "nics" { +# value = { +# for _, nic in try(var.settings.network_interface_ids) : +# nic.nic_ref => azurerm_network_interface.main[nic.nic_ref] +# } +# } + +output "nic_ids" { value = { for _, nic in try(var.settings.network_interface_ids) : - nic.nic_ref => azurerm_network_interface.main[nic.nic_ref] + nic.nic_ref => azurerm_network_interface.main[nic.nic_ref].id } } - -# output "nic_id" { -# value = azurerm_network_interface.main.id -# } diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index e437b43f..b0bd1a86 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -5,6 +5,8 @@ module "linux_virtual_machine" { settings = var.settings global_settings = var.global_settings + nic_ids = module.network_interface.nic_ids + resources = var.resources } From 875425ae46736a1c65c3e3c7dc468aa80ee4551d Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 17:51:53 +0200 Subject: [PATCH 037/101] Refactor module --- src/modules/virtual_machines/virtual_machines.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index b0bd1a86..bad46b6e 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -1,6 +1,6 @@ module "linux_virtual_machine" { - source = "./linux_virtual_machine" - for_each = var.settings.linux_virtual_machine + source = "./linux_virtual_machine" + # for_each = var.settings.linux_virtual_machine settings = var.settings global_settings = var.global_settings From 53c55e8d857a128e66afb263d7e844c754df245b Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 20 Jan 2025 17:55:15 +0200 Subject: [PATCH 038/101] Refactor code. --- src/modules/virtual_machines/virtual_machines.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index bad46b6e..56625705 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -12,7 +12,7 @@ module "linux_virtual_machine" { module "network_interface" { source = "./network_interface" - for_each = var.settings.network_interface + for_each = var.settings.network_interfaces settings = var.settings global_settings = var.global_settings From c9ee48e5e279fd72d84f7687937437e37a0e6d8e Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 09:42:56 +0200 Subject: [PATCH 039/101] Refactor code --- src/modules/virtual_machines/_outputs.tf | 3 +++ .../virtual_machines/linux_virtual_machine/_locals.tf | 8 ++++++++ .../virtual_machines/linux_virtual_machine/_variables.tf | 2 +- .../linux_virtual_machine/linux_virtual_machine.tf | 2 +- src/modules/virtual_machines/network_interface/_ouputs.tf | 7 ++----- src/modules/virtual_machines/virtual_machines.tf | 6 +++--- 6 files changed, 18 insertions(+), 10 deletions(-) diff --git a/src/modules/virtual_machines/_outputs.tf b/src/modules/virtual_machines/_outputs.tf index e69de29b..98f0d05f 100644 --- a/src/modules/virtual_machines/_outputs.tf +++ b/src/modules/virtual_machines/_outputs.tf @@ -0,0 +1,3 @@ +# output "all_resouce_ids" { +# value = [for key, value in module.network_interface: value.id] +# } diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index 37fae23b..05e2ec66 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -8,6 +8,14 @@ locals { # var.resources.network_interface[config.nic_ref].id # ] + # network_interface_ids = [ + # for nics_ref, config in var.settings.network_interface_ids : + # # var.resources.network_interface[config.nic_ref].id + # module.network_interface.id + # azurerm_network_interface.main.id + # ] + + # subnet_id = { # for nic, config in try(var.settings.network_interfaces) : # nic => var.resources.virtual_networks[ diff --git a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf index 129d4def..7f3be5ec 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf @@ -10,6 +10,6 @@ variable "resources" { description = "All required resources" } -variable "nic_ids" { +variable "nics" { description = "All required nic ids for this resource" } diff --git a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf index a193907e..c833c084 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf @@ -6,7 +6,7 @@ resource "azurerm_linux_virtual_machine" "main" { admin_username = var.settings.admin_username size = var.settings.size - network_interface_ids = var.nic_ids + network_interface_ids = var.nics admin_ssh_key { username = var.settings.admin_ssh_key.username diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf index d8d992e4..65c83b1f 100644 --- a/src/modules/virtual_machines/network_interface/_ouputs.tf +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -5,9 +5,6 @@ # } # } -output "nic_ids" { - value = { - for _, nic in try(var.settings.network_interface_ids) : - nic.nic_ref => azurerm_network_interface.main[nic.nic_ref].id - } +output "nics" { + value = azurerm_network_interface.main.id } diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index 56625705..d96fcb50 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -1,11 +1,11 @@ module "linux_virtual_machine" { - source = "./linux_virtual_machine" - # for_each = var.settings.linux_virtual_machine + source = "./linux_virtual_machine" + for_each = var.settings.linux_virtual_machine settings = var.settings global_settings = var.global_settings - nic_ids = module.network_interface.nic_ids + nics = [for key, value in module.network_interface : value.id] resources = var.resources } From 41b9d3bf0a85748ed2d4370f8ddbc2b2e94ec12c Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 09:53:14 +0200 Subject: [PATCH 040/101] Refactoring --- src/modules/virtual_machines/network_interface/_ouputs.tf | 2 +- .../network_interface/network_interface.tf | 8 +++----- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf index 65c83b1f..062eb5de 100644 --- a/src/modules/virtual_machines/network_interface/_ouputs.tf +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -6,5 +6,5 @@ # } output "nics" { - value = azurerm_network_interface.main.id + value = azurerm_network_interface.main[each.key].id } diff --git a/src/modules/virtual_machines/network_interface/network_interface.tf b/src/modules/virtual_machines/network_interface/network_interface.tf index 06a9a8a1..0c0fd6bf 100644 --- a/src/modules/virtual_machines/network_interface/network_interface.tf +++ b/src/modules/virtual_machines/network_interface/network_interface.tf @@ -1,13 +1,11 @@ resource "azurerm_network_interface" "main" { - for_each = var.settings.network_interfaces - - name = each.value.name + name = var.settings.name resource_group_name = local.resource_group_name location = local.location ip_configuration { - name = each.value.ip_configuration.name + name = var.settings.ip_configuration.name subnet_id = local.subnet_id[each.key] - private_ip_address_allocation = try(each.value.ip_configuration.private_ip_address_allocation, "Dynamic") + private_ip_address_allocation = try(var.settings.ip_configuration.private_ip_address_allocation, "Dynamic") } } From 2a29197074625d5e334ed1678bc6ca2c3d8bd789 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 09:57:13 +0200 Subject: [PATCH 041/101] Refactor subnet_id --- .../virtual_machines/network_interface/_locals.tf | 13 +++++-------- .../network_interface/network_interface.tf | 2 +- 2 files changed, 6 insertions(+), 9 deletions(-) diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf index 577d3300..6e22d440 100644 --- a/src/modules/virtual_machines/network_interface/_locals.tf +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -8,14 +8,11 @@ locals { # azurerm_network_interface.main[config.nic_ref].id # ] - subnet_id = { - for nic, config in try(var.settings.network_interfaces) : - nic => var.resources.virtual_networks[ - split("/", config.ip_configuration.subnet_ref)[0] - ].subnets[ - split("/", config.ip_configuration.subnet_ref)[1] - ].id - } + subnet_id = [ + for nic, config in try(var.settings.network_interfaces, {}) : ( + var.resources.virtual_networks[split("/", config.subnet_ref)[0]].subnets[split("/", config.subnet_ref)[1]].id + ) + ] # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh diff --git a/src/modules/virtual_machines/network_interface/network_interface.tf b/src/modules/virtual_machines/network_interface/network_interface.tf index 0c0fd6bf..fd47c5d6 100644 --- a/src/modules/virtual_machines/network_interface/network_interface.tf +++ b/src/modules/virtual_machines/network_interface/network_interface.tf @@ -5,7 +5,7 @@ resource "azurerm_network_interface" "main" { ip_configuration { name = var.settings.ip_configuration.name - subnet_id = local.subnet_id[each.key] + subnet_id = local.subnet_id private_ip_address_allocation = try(var.settings.ip_configuration.private_ip_address_allocation, "Dynamic") } } From 76404b2f1819bcfd896a50db7f5986ceb80376b7 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 09:59:02 +0200 Subject: [PATCH 042/101] Refacotr ouputs --- src/modules/virtual_machines/network_interface/_ouputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf index 062eb5de..65c83b1f 100644 --- a/src/modules/virtual_machines/network_interface/_ouputs.tf +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -6,5 +6,5 @@ # } output "nics" { - value = azurerm_network_interface.main[each.key].id + value = azurerm_network_interface.main.id } From 2fd29262286d1d437676e8db7624e87fc0342310 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 10:03:26 +0200 Subject: [PATCH 043/101] Refactor module --- src/modules/virtual_machines/virtual_machines.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index d96fcb50..fd40ef17 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -1,6 +1,6 @@ module "linux_virtual_machine" { source = "./linux_virtual_machine" - for_each = var.settings.linux_virtual_machine + for_each = var.settings.virtual_machines settings = var.settings global_settings = var.global_settings From a1221935b4b8ca5777ecbbb6fe3f149dba221443 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 10:13:53 +0200 Subject: [PATCH 044/101] Refactor module --- src/modules/virtual_machines/virtual_machines.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index fd40ef17..9fb07f5b 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -1,6 +1,6 @@ module "linux_virtual_machine" { - source = "./linux_virtual_machine" - for_each = var.settings.virtual_machines + source = "./linux_virtual_machine" + # for_each = var.settings.virtual_machines settings = var.settings global_settings = var.global_settings From d53d35c3827251a97c5954fca3fef577d136ebb2 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 11:35:42 +0200 Subject: [PATCH 045/101] Refactor subnet id in loals network interfaces --- src/modules/virtual_machines/network_interface/_locals.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf index 6e22d440..25fadd6f 100644 --- a/src/modules/virtual_machines/network_interface/_locals.tf +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -10,7 +10,7 @@ locals { subnet_id = [ for nic, config in try(var.settings.network_interfaces, {}) : ( - var.resources.virtual_networks[split("/", config.subnet_ref)[0]].subnets[split("/", config.subnet_ref)[1]].id + var.resources.virtual_networks[split("/", config.ip_configuration.subnet_ref)[0]].subnets[split("/", config.ip_configuration.subnet_ref)[1]].id ) ] From 25bc20a286f23f1e13b4627c099f6fc7ed97826f Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 11:40:57 +0200 Subject: [PATCH 046/101] Refactor code --- .../virtual_machines/network_interface/_locals.tf | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf index 25fadd6f..86238c9f 100644 --- a/src/modules/virtual_machines/network_interface/_locals.tf +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -8,11 +8,13 @@ locals { # azurerm_network_interface.main[config.nic_ref].id # ] - subnet_id = [ - for nic, config in try(var.settings.network_interfaces, {}) : ( - var.resources.virtual_networks[split("/", config.ip_configuration.subnet_ref)[0]].subnets[split("/", config.ip_configuration.subnet_ref)[1]].id - ) - ] + # subnet_id = [ + # for nic, config in try(var.settings.network_interfaces, {}) : ( + # var.resources.virtual_networks[split("/", config.ip_configuration.subnet_ref)[0]].subnets[split("/", config.ip_configuration.subnet_ref)[1]].id + # ) + # ] + + subnet_id = var.resources.virtual_networks[split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0]].subnets[split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1]].id # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh From 76fb0ea7736539443b208272defb12951ffcd8ae Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 11:45:57 +0200 Subject: [PATCH 047/101] Refactor code --- .../virtual_machines/network_interface/_locals.tf | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf index 86238c9f..af184429 100644 --- a/src/modules/virtual_machines/network_interface/_locals.tf +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -8,13 +8,13 @@ locals { # azurerm_network_interface.main[config.nic_ref].id # ] - # subnet_id = [ - # for nic, config in try(var.settings.network_interfaces, {}) : ( - # var.resources.virtual_networks[split("/", config.ip_configuration.subnet_ref)[0]].subnets[split("/", config.ip_configuration.subnet_ref)[1]].id - # ) - # ] + subnet_id = [ + for nic, config in try(var.settings.network_interfaces, {}) : ( + var.resources.virtual_networks[split("/", config.ip_configuration.subnet_ref)[0]].subnets[split("/", config.ip_configuration.subnet_ref)[1]].id + ) + ] - subnet_id = var.resources.virtual_networks[split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0]].subnets[split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1]].id + # subnet_id = var.resources.virtual_networks[split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0]].subnets[split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1]].id # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh From 6ad121071728f6b4ef812663ae4dc70e9d1d6ab8 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 11:58:04 +0200 Subject: [PATCH 048/101] Refactor locals --- src/modules/virtual_machines/network_interface/_locals.tf | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf index af184429..25fadd6f 100644 --- a/src/modules/virtual_machines/network_interface/_locals.tf +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -14,8 +14,6 @@ locals { ) ] - # subnet_id = var.resources.virtual_networks[split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[0]].subnets[split("/", var.settings.network_interfaces.ip_configuration.subnet_ref)[1]].id - # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh tags = merge( From 6897993607a927ed4e0a6bfacd3835ac74d8b97a Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 12:07:28 +0200 Subject: [PATCH 049/101] Refactor resource --- .../virtual_machines/network_interface/network_interface.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/virtual_machines/network_interface/network_interface.tf b/src/modules/virtual_machines/network_interface/network_interface.tf index fd47c5d6..4697ad3c 100644 --- a/src/modules/virtual_machines/network_interface/network_interface.tf +++ b/src/modules/virtual_machines/network_interface/network_interface.tf @@ -1,10 +1,10 @@ resource "azurerm_network_interface" "main" { - name = var.settings.name + name = each.value.name resource_group_name = local.resource_group_name location = local.location ip_configuration { - name = var.settings.ip_configuration.name + name = each.value.ip_configuration.name subnet_id = local.subnet_id private_ip_address_allocation = try(var.settings.ip_configuration.private_ip_address_allocation, "Dynamic") } From 1fc003d00742b3747c098ed4febd981f70fadb3d Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 12:09:56 +0200 Subject: [PATCH 050/101] Refactor resource --- .../virtual_machines/network_interface/network_interface.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/virtual_machines/network_interface/network_interface.tf b/src/modules/virtual_machines/network_interface/network_interface.tf index 4697ad3c..19894769 100644 --- a/src/modules/virtual_machines/network_interface/network_interface.tf +++ b/src/modules/virtual_machines/network_interface/network_interface.tf @@ -1,10 +1,10 @@ resource "azurerm_network_interface" "main" { - name = each.value.name + name = var.settings.network_interfaces.name resource_group_name = local.resource_group_name location = local.location ip_configuration { - name = each.value.ip_configuration.name + name = var.settings.network_interfaces.ip_configuration.name subnet_id = local.subnet_id private_ip_address_allocation = try(var.settings.ip_configuration.private_ip_address_allocation, "Dynamic") } From 7bdd82c2c1ad51d64bdbd3768741b3e6f4dbb1ec Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 12:42:10 +0200 Subject: [PATCH 051/101] Refacotr modules --- .../network_interface/network_interface.tf | 4 ++-- src/modules/virtual_machines/virtual_machines.tf | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/modules/virtual_machines/network_interface/network_interface.tf b/src/modules/virtual_machines/network_interface/network_interface.tf index 19894769..fd47c5d6 100644 --- a/src/modules/virtual_machines/network_interface/network_interface.tf +++ b/src/modules/virtual_machines/network_interface/network_interface.tf @@ -1,10 +1,10 @@ resource "azurerm_network_interface" "main" { - name = var.settings.network_interfaces.name + name = var.settings.name resource_group_name = local.resource_group_name location = local.location ip_configuration { - name = var.settings.network_interfaces.ip_configuration.name + name = var.settings.ip_configuration.name subnet_id = local.subnet_id private_ip_address_allocation = try(var.settings.ip_configuration.private_ip_address_allocation, "Dynamic") } diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index 9fb07f5b..11cf9f24 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -1,8 +1,8 @@ module "linux_virtual_machine" { - source = "./linux_virtual_machine" - # for_each = var.settings.virtual_machines + source = "./linux_virtual_machine" + for_each = var.settings.virtual_machines - settings = var.settings + settings = each.value global_settings = var.global_settings nics = [for key, value in module.network_interface : value.id] @@ -14,7 +14,7 @@ module "network_interface" { source = "./network_interface" for_each = var.settings.network_interfaces - settings = var.settings + settings = each.value global_settings = var.global_settings resources = var.resources From f2d61b648715c5950bd18b1bd3a41ecd2f6c73c1 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 12:45:26 +0200 Subject: [PATCH 052/101] Refactor code --- src/modules/virtual_machines/virtual_machines.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index 11cf9f24..8b5a9c14 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -1,6 +1,6 @@ module "linux_virtual_machine" { source = "./linux_virtual_machine" - for_each = var.settings.virtual_machines + for_each = var.settings settings = each.value global_settings = var.global_settings From b1240cf289c795eac7ec78dedcd70f469210fe24 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 12:55:58 +0200 Subject: [PATCH 053/101] Refactor code --- src/modules/virtual_machines/virtual_machines.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index 8b5a9c14..11cf9f24 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -1,6 +1,6 @@ module "linux_virtual_machine" { source = "./linux_virtual_machine" - for_each = var.settings + for_each = var.settings.virtual_machines settings = each.value global_settings = var.global_settings From a6ce10df771a38f458e8937ed43183775e96a9e3 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 13:17:11 +0200 Subject: [PATCH 054/101] Refactor code --- src/modules/virtual_machines/virtual_machines.tf | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index 11cf9f24..bff2fae2 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -1,8 +1,7 @@ module "linux_virtual_machine" { - source = "./linux_virtual_machine" - for_each = var.settings.virtual_machines + source = "./linux_virtual_machine" - settings = each.value + settings = var.settings global_settings = var.global_settings nics = [for key, value in module.network_interface : value.id] From ea096206938b8341d8d8201b7a87d8def401ece1 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 13:41:24 +0200 Subject: [PATCH 055/101] Refactor code --- .../virtual_machines/linux_virtual_machine/_locals.tf | 2 +- src/modules/virtual_machines/virtual_machines.tf | 9 +++++---- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index 05e2ec66..447ed676 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -1,5 +1,5 @@ locals { - resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + resource_group = var.resources.resource_groups[var.all_settings.resource_group_ref] resource_group_name = local.resource_group.name location = local.resource_group.location diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index bff2fae2..4d928fc9 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -10,11 +10,12 @@ module "linux_virtual_machine" { } module "network_interface" { - source = "./network_interface" - for_each = var.settings.network_interfaces - - settings = each.value + source = "./network_interface" + for_each = var.settings.network_interfaces global_settings = var.global_settings + all_settings = var.settings + settings = each.value + resources = var.resources } From ef2bb0fca76031924824f146b6ed0e390fef0d93 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 13:46:32 +0200 Subject: [PATCH 056/101] Add all_settings for nic --- src/modules/virtual_machines/network_interface/_variables.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/modules/virtual_machines/network_interface/_variables.tf b/src/modules/virtual_machines/network_interface/_variables.tf index 6f1524d4..7b5e0af0 100644 --- a/src/modules/virtual_machines/network_interface/_variables.tf +++ b/src/modules/virtual_machines/network_interface/_variables.tf @@ -9,3 +9,7 @@ variable "settings" { variable "resources" { description = "All required resources" } + +variable "all_settings" { + description = "All the configuration for this resource" +} From 3c2201f96d4a3ad189ea1136d69ab7a41307ebfa Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 13:54:42 +0200 Subject: [PATCH 057/101] Refactor code --- .../linux_virtual_machine/_locals.tf | 2 +- .../virtual_machines/network_interface/_locals.tf | 14 ++++++++------ 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index 447ed676..05e2ec66 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -1,5 +1,5 @@ locals { - resource_group = var.resources.resource_groups[var.all_settings.resource_group_ref] + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] resource_group_name = local.resource_group.name location = local.resource_group.location diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf index 25fadd6f..dc765b6c 100644 --- a/src/modules/virtual_machines/network_interface/_locals.tf +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -1,5 +1,5 @@ locals { - resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + resource_group = var.resources.resource_groups[var.all_settings.resource_group_ref] resource_group_name = local.resource_group.name location = local.resource_group.location @@ -8,11 +8,13 @@ locals { # azurerm_network_interface.main[config.nic_ref].id # ] - subnet_id = [ - for nic, config in try(var.settings.network_interfaces, {}) : ( - var.resources.virtual_networks[split("/", config.ip_configuration.subnet_ref)[0]].subnets[split("/", config.ip_configuration.subnet_ref)[1]].id - ) - ] + # subnet_id = [ + # for nic, config in try(var.all_settings.network_interfaces, {}) : ( + # var.resources.virtual_networks[split("/", config.ip_configuration.subnet_ref)[0]].subnets[split("/", config.ip_configuration.subnet_ref)[1]].id + # ) + # ] + + subnet_id = var.resources.virtual_networks[split("/", var.settings.ip_configuration.subnet_ref)[0]].subnets[split("/", var.settings.ip_configuration.subnet_ref)[1]].id # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh From 9f3b0ac45384c9f944cc2176c6dd422b447da924 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 14:34:53 +0200 Subject: [PATCH 058/101] Refactor linux vm module --- src/modules/virtual_machines/_outputs.tf | 3 --- .../virtual_machines/linux_virtual_machine/_locals.tf | 8 ++++---- .../virtual_machines/linux_virtual_machine/_variables.tf | 6 +++--- .../linux_virtual_machine/linux_virtual_machine.tf | 2 +- src/modules/virtual_machines/network_interface/_ouputs.tf | 2 +- src/modules/virtual_machines/virtual_machines.tf | 2 -- 6 files changed, 9 insertions(+), 14 deletions(-) diff --git a/src/modules/virtual_machines/_outputs.tf b/src/modules/virtual_machines/_outputs.tf index 98f0d05f..e69de29b 100644 --- a/src/modules/virtual_machines/_outputs.tf +++ b/src/modules/virtual_machines/_outputs.tf @@ -1,3 +0,0 @@ -# output "all_resouce_ids" { -# value = [for key, value in module.network_interface: value.id] -# } diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index 05e2ec66..c5efd5e5 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -3,10 +3,10 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - # network_interface_ids = [ - # for nics_ref, config in var.settings.network_interface_ids : - # var.resources.network_interface[config.nic_ref].id - # ] + network_interface_ids = [ + for nics_ref, config in var.settings.network_interface_ids : + module.network_interface[config.nic_ref].id + ] # network_interface_ids = [ # for nics_ref, config in var.settings.network_interface_ids : diff --git a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf index 7f3be5ec..24066ab8 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf @@ -10,6 +10,6 @@ variable "resources" { description = "All required resources" } -variable "nics" { - description = "All required nic ids for this resource" -} +# variable "nics" { +# description = "All required nic ids for this resource" +# } diff --git a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf index c833c084..9a2e2cf9 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf @@ -6,7 +6,7 @@ resource "azurerm_linux_virtual_machine" "main" { admin_username = var.settings.admin_username size = var.settings.size - network_interface_ids = var.nics + network_interface_ids = local.network_interface_ids admin_ssh_key { username = var.settings.admin_ssh_key.username diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf index 65c83b1f..f2aaef1c 100644 --- a/src/modules/virtual_machines/network_interface/_ouputs.tf +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -5,6 +5,6 @@ # } # } -output "nics" { +output "id" { value = azurerm_network_interface.main.id } diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index 4d928fc9..3188c8a2 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -4,8 +4,6 @@ module "linux_virtual_machine" { settings = var.settings global_settings = var.global_settings - nics = [for key, value in module.network_interface : value.id] - resources = var.resources } From 952a203deb3b746e6f5a696a8578d68311324264 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 14:42:50 +0200 Subject: [PATCH 059/101] Refactor locals --- .../virtual_machines/linux_virtual_machine/_locals.tf | 8 +++++--- .../virtual_machines/linux_virtual_machine/_outputs.tf | 4 ++++ 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index c5efd5e5..49c71e13 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -3,11 +3,13 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location + # network_interface_ids = [ + # for nics_ref, config in var.settings.network_interface_ids : + # module.network_interface[config.nic_ref].id + # ] network_interface_ids = [ - for nics_ref, config in var.settings.network_interface_ids : - module.network_interface[config.nic_ref].id + module.network_interface.id ] - # network_interface_ids = [ # for nics_ref, config in var.settings.network_interface_ids : # # var.resources.network_interface[config.nic_ref].id diff --git a/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf b/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf index 13ab3947..75b83851 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf @@ -9,3 +9,7 @@ output "private_ip_addresses" { output "public_ip_addresses" { value = azurerm_linux_virtual_machine.main.public_ip_addresses } + +output "nic_ids" { + value = module.network_interface.id +} From 9aa7afe6f22d65a4c8362e2b8ceda403cf8afd0a Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 14:45:52 +0200 Subject: [PATCH 060/101] Refactor code --- .../linux_virtual_machine/network_interface.tf | 10 ++++++++++ src/modules/virtual_machines/virtual_machines.tf | 16 ++++++++-------- 2 files changed, 18 insertions(+), 8 deletions(-) create mode 100644 src/modules/virtual_machines/linux_virtual_machine/network_interface.tf diff --git a/src/modules/virtual_machines/linux_virtual_machine/network_interface.tf b/src/modules/virtual_machines/linux_virtual_machine/network_interface.tf new file mode 100644 index 00000000..86dc0805 --- /dev/null +++ b/src/modules/virtual_machines/linux_virtual_machine/network_interface.tf @@ -0,0 +1,10 @@ +module "network_interface" { + source = "../network_interface" + for_each = var.settings.network_interfaces + global_settings = var.global_settings + all_settings = var.settings + settings = each.value + + + resources = var.resources +} diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index 3188c8a2..f67dd829 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -7,16 +7,16 @@ module "linux_virtual_machine" { resources = var.resources } -module "network_interface" { - source = "./network_interface" - for_each = var.settings.network_interfaces - global_settings = var.global_settings - all_settings = var.settings - settings = each.value +# module "network_interface" { +# source = "./network_interface" +# for_each = var.settings.network_interfaces +# global_settings = var.global_settings +# all_settings = var.settings +# settings = each.value - resources = var.resources -} +# resources = var.resources +# } # module "windows_virtual_machine" { # source = "./modules/linux_virtual_machine" From 57db05067f6517a112b42354e69a03704e6a968e Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 14:51:25 +0200 Subject: [PATCH 061/101] Refactor code --- src/modules/virtual_machines/linux_virtual_machine/_locals.tf | 2 +- .../linux_virtual_machine/linux_virtual_machine.tf | 2 +- src/modules/virtual_machines/network_interface/_ouputs.tf | 4 ++++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index 49c71e13..09d19222 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -8,7 +8,7 @@ locals { # module.network_interface[config.nic_ref].id # ] network_interface_ids = [ - module.network_interface.id + module.network_interface.ids ] # network_interface_ids = [ # for nics_ref, config in var.settings.network_interface_ids : diff --git a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf index 9a2e2cf9..64369968 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf @@ -6,7 +6,7 @@ resource "azurerm_linux_virtual_machine" "main" { admin_username = var.settings.admin_username size = var.settings.size - network_interface_ids = local.network_interface_ids + network_interface_ids = try(local.network_interface_ids, null) admin_ssh_key { username = var.settings.admin_ssh_key.username diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf index f2aaef1c..12266d13 100644 --- a/src/modules/virtual_machines/network_interface/_ouputs.tf +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -8,3 +8,7 @@ output "id" { value = azurerm_network_interface.main.id } + +output "ids" { + value = [for nic in azurerm_network_interface.main : nic.id] +} From 4e91bb6353af2e7452613730351ccc24888d537e Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 14:56:43 +0200 Subject: [PATCH 062/101] Refactor code --- .../virtual_machines/linux_virtual_machine/_locals.tf | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index 09d19222..e38fe449 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -3,14 +3,14 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - # network_interface_ids = [ - # for nics_ref, config in var.settings.network_interface_ids : - # module.network_interface[config.nic_ref].id - # ] network_interface_ids = [ - module.network_interface.ids + for nics_ref, config in var.settings.network_interface_ids : + azurerm_network_interface.main[config.nic_ref].id ] # network_interface_ids = [ + # module.network_interface.ids + # ] + # network_interface_ids = [ # for nics_ref, config in var.settings.network_interface_ids : # # var.resources.network_interface[config.nic_ref].id # module.network_interface.id From 83b5b96f6d49ee2e371043306e9cebcef688f354 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 15:06:13 +0200 Subject: [PATCH 063/101] Refactor code --- .../virtual_machines/linux_virtual_machine/_locals.tf | 10 +++++----- .../linux_virtual_machine/network_interface.tf | 4 +--- .../virtual_machines/network_interface/_locals.tf | 5 ++--- .../virtual_machines/network_interface/_variables.tf | 4 ---- .../network_interface/network_interface.tf | 7 ++++--- 5 files changed, 12 insertions(+), 18 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index e38fe449..532c6cbd 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -3,13 +3,13 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - network_interface_ids = [ - for nics_ref, config in var.settings.network_interface_ids : - azurerm_network_interface.main[config.nic_ref].id - ] # network_interface_ids = [ - # module.network_interface.ids + # for nics_ref, config in var.settings.network_interface_ids : + # azurerm_network_interface.main[config.nic_ref].id # ] + network_interface_ids = [ + module.network_interface.ids + ] # network_interface_ids = [ # for nics_ref, config in var.settings.network_interface_ids : # # var.resources.network_interface[config.nic_ref].id diff --git a/src/modules/virtual_machines/linux_virtual_machine/network_interface.tf b/src/modules/virtual_machines/linux_virtual_machine/network_interface.tf index 86dc0805..2aa10772 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/network_interface.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/network_interface.tf @@ -1,9 +1,7 @@ module "network_interface" { source = "../network_interface" - for_each = var.settings.network_interfaces global_settings = var.global_settings - all_settings = var.settings - settings = each.value + settings = var.settings resources = var.resources diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf index dc765b6c..06ad6ba4 100644 --- a/src/modules/virtual_machines/network_interface/_locals.tf +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -1,8 +1,7 @@ locals { - resource_group = var.resources.resource_groups[var.all_settings.resource_group_ref] + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] resource_group_name = local.resource_group.name location = local.resource_group.location - # network_interface_ids = [ # for nics_ref, config in var.settings.network_interface_ids : # azurerm_network_interface.main[config.nic_ref].id @@ -14,7 +13,7 @@ locals { # ) # ] - subnet_id = var.resources.virtual_networks[split("/", var.settings.ip_configuration.subnet_ref)[0]].subnets[split("/", var.settings.ip_configuration.subnet_ref)[1]].id + subnet_id = var.resources.virtual_networks[split("/", each.value.ip_configuration.subnet_ref)[0]].subnets[split("/", each.value.ip_configuration.subnet_ref)[1]].id # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh diff --git a/src/modules/virtual_machines/network_interface/_variables.tf b/src/modules/virtual_machines/network_interface/_variables.tf index 7b5e0af0..6f1524d4 100644 --- a/src/modules/virtual_machines/network_interface/_variables.tf +++ b/src/modules/virtual_machines/network_interface/_variables.tf @@ -9,7 +9,3 @@ variable "settings" { variable "resources" { description = "All required resources" } - -variable "all_settings" { - description = "All the configuration for this resource" -} diff --git a/src/modules/virtual_machines/network_interface/network_interface.tf b/src/modules/virtual_machines/network_interface/network_interface.tf index fd47c5d6..3f0cbb3e 100644 --- a/src/modules/virtual_machines/network_interface/network_interface.tf +++ b/src/modules/virtual_machines/network_interface/network_interface.tf @@ -1,11 +1,12 @@ resource "azurerm_network_interface" "main" { - name = var.settings.name + for_each = var.settings.network_interfaces + name = each.value.name resource_group_name = local.resource_group_name location = local.location ip_configuration { - name = var.settings.ip_configuration.name + name = each.value.ip_configuration.name subnet_id = local.subnet_id - private_ip_address_allocation = try(var.settings.ip_configuration.private_ip_address_allocation, "Dynamic") + private_ip_address_allocation = try(each.value.ip_configuration.private_ip_address_allocation, "Dynamic") } } From aff91fb0ec37cdba9734057f7f62ac5d79bb6a5b Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 15:09:21 +0200 Subject: [PATCH 064/101] Refactor code --- src/modules/virtual_machines/network_interface/_locals.tf | 2 +- .../virtual_machines/network_interface/network_interface.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf index 06ad6ba4..0cb101ce 100644 --- a/src/modules/virtual_machines/network_interface/_locals.tf +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -13,7 +13,7 @@ locals { # ) # ] - subnet_id = var.resources.virtual_networks[split("/", each.value.ip_configuration.subnet_ref)[0]].subnets[split("/", each.value.ip_configuration.subnet_ref)[1]].id + # subnet_id = var.resources.virtual_networks[split("/", each.value.ip_configuration.subnet_ref)[0]].subnets[split("/", each.value.ip_configuration.subnet_ref)[1]].id # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh diff --git a/src/modules/virtual_machines/network_interface/network_interface.tf b/src/modules/virtual_machines/network_interface/network_interface.tf index 3f0cbb3e..72f55184 100644 --- a/src/modules/virtual_machines/network_interface/network_interface.tf +++ b/src/modules/virtual_machines/network_interface/network_interface.tf @@ -6,7 +6,7 @@ resource "azurerm_network_interface" "main" { ip_configuration { name = each.value.ip_configuration.name - subnet_id = local.subnet_id + subnet_id = var.resources.virtual_networks[split("/", each.value.ip_configuration.subnet_ref)[0]].subnets[split("/", each.value.ip_configuration.subnet_ref)[1]].id private_ip_address_allocation = try(each.value.ip_configuration.private_ip_address_allocation, "Dynamic") } } From a77fd9d0fbd9d34cdaa8f7d01619d6a2ef619b43 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 15:11:54 +0200 Subject: [PATCH 065/101] Refactor ouputs --- src/modules/virtual_machines/network_interface/_ouputs.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf index 12266d13..e77ee739 100644 --- a/src/modules/virtual_machines/network_interface/_ouputs.tf +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -5,9 +5,9 @@ # } # } -output "id" { - value = azurerm_network_interface.main.id -} +# output "id" { +# value = azurerm_network_interface.main.id +# } output "ids" { value = [for nic in azurerm_network_interface.main : nic.id] From 7a55a441dadd50e991f7a37bffc3755ca568b18c Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 15:17:54 +0200 Subject: [PATCH 066/101] Refactor code --- .../virtual_machines/linux_virtual_machine/_outputs.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf b/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf index 75b83851..76535b76 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf @@ -10,6 +10,6 @@ output "public_ip_addresses" { value = azurerm_linux_virtual_machine.main.public_ip_addresses } -output "nic_ids" { - value = module.network_interface.id -} +# output "nic_ids" { +# value = module.network_interface.id +# } From 31bffe73ba39aff6275c51957878251bdf5b5e24 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 15:40:27 +0200 Subject: [PATCH 067/101] Remove comments --- src/modules/virtual_machines/_locals.tf | 27 ------------------- .../linux_virtual_machine/_locals.tf | 20 -------------- .../linux_virtual_machine/_outputs.tf | 4 --- .../linux_virtual_machine/_variables.tf | 4 --- .../network_interface/_locals.tf | 14 ---------- .../network_interface/_ouputs.tf | 11 -------- .../virtual_machines/virtual_machines.tf | 11 -------- src/virtual_machines.tf | 1 - 8 files changed, 92 deletions(-) diff --git a/src/modules/virtual_machines/_locals.tf b/src/modules/virtual_machines/_locals.tf index dfdbea53..e69de29b 100644 --- a/src/modules/virtual_machines/_locals.tf +++ b/src/modules/virtual_machines/_locals.tf @@ -1,27 +0,0 @@ -# locals { -# resource_group = var.resources.resource_groups[var.settings.resource_group_ref] -# resource_group_name = local.resource_group.name -# location = local.resource_group.location - -# network_interface_ids = [ -# for nics_ref, config in var.settings.network_interface_ids : -# var.resources.network_interface.main[config.nic_ref].id -# ] - -# subnet_id = { -# for nic, config in try(var.settings.network_interfaces) : -# nic => var.resources.virtual_networks[ -# split("/", config.ip_configuration.subnet_ref)[0] -# ].subnets[ -# split("/", config.ip_configuration.subnet_ref)[1] -# ].id -# } - -# public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh - -# tags = merge( -# var.global_settings.tags, -# var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, -# try(var.settings.tags, {}) -# ) -# } diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index 532c6cbd..9930678c 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -3,29 +3,9 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - # network_interface_ids = [ - # for nics_ref, config in var.settings.network_interface_ids : - # azurerm_network_interface.main[config.nic_ref].id - # ] network_interface_ids = [ module.network_interface.ids ] - # network_interface_ids = [ - # for nics_ref, config in var.settings.network_interface_ids : - # # var.resources.network_interface[config.nic_ref].id - # module.network_interface.id - # azurerm_network_interface.main.id - # ] - - - # subnet_id = { - # for nic, config in try(var.settings.network_interfaces) : - # nic => var.resources.virtual_networks[ - # split("/", config.ip_configuration.subnet_ref)[0] - # ].subnets[ - # split("/", config.ip_configuration.subnet_ref)[1] - # ].id - # } public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh diff --git a/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf b/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf index 76535b76..13ab3947 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_outputs.tf @@ -9,7 +9,3 @@ output "private_ip_addresses" { output "public_ip_addresses" { value = azurerm_linux_virtual_machine.main.public_ip_addresses } - -# output "nic_ids" { -# value = module.network_interface.id -# } diff --git a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf index 24066ab8..6f1524d4 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_variables.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_variables.tf @@ -9,7 +9,3 @@ variable "settings" { variable "resources" { description = "All required resources" } - -# variable "nics" { -# description = "All required nic ids for this resource" -# } diff --git a/src/modules/virtual_machines/network_interface/_locals.tf b/src/modules/virtual_machines/network_interface/_locals.tf index 0cb101ce..b6c4756f 100644 --- a/src/modules/virtual_machines/network_interface/_locals.tf +++ b/src/modules/virtual_machines/network_interface/_locals.tf @@ -2,20 +2,6 @@ locals { resource_group = var.resources.resource_groups[var.settings.resource_group_ref] resource_group_name = local.resource_group.name location = local.resource_group.location - # network_interface_ids = [ - # for nics_ref, config in var.settings.network_interface_ids : - # azurerm_network_interface.main[config.nic_ref].id - # ] - - # subnet_id = [ - # for nic, config in try(var.all_settings.network_interfaces, {}) : ( - # var.resources.virtual_networks[split("/", config.ip_configuration.subnet_ref)[0]].subnets[split("/", config.ip_configuration.subnet_ref)[1]].id - # ) - # ] - - # subnet_id = var.resources.virtual_networks[split("/", each.value.ip_configuration.subnet_ref)[0]].subnets[split("/", each.value.ip_configuration.subnet_ref)[1]].id - - # public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh tags = merge( var.global_settings.tags, diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf index e77ee739..0f5f626c 100644 --- a/src/modules/virtual_machines/network_interface/_ouputs.tf +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -1,14 +1,3 @@ -# output "nics" { -# value = { -# for _, nic in try(var.settings.network_interface_ids) : -# nic.nic_ref => azurerm_network_interface.main[nic.nic_ref] -# } -# } - -# output "id" { -# value = azurerm_network_interface.main.id -# } - output "ids" { value = [for nic in azurerm_network_interface.main : nic.id] } diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index f67dd829..5a32ff69 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -7,17 +7,6 @@ module "linux_virtual_machine" { resources = var.resources } -# module "network_interface" { -# source = "./network_interface" -# for_each = var.settings.network_interfaces -# global_settings = var.global_settings -# all_settings = var.settings -# settings = each.value - - -# resources = var.resources -# } - # module "windows_virtual_machine" { # source = "./modules/linux_virtual_machine" # for_each = var.linux_virtual_machine diff --git a/src/virtual_machines.tf b/src/virtual_machines.tf index 5ca182e4..9d140b92 100644 --- a/src/virtual_machines.tf +++ b/src/virtual_machines.tf @@ -8,6 +8,5 @@ module "virtual_machines" { resources = { resource_groups = module.resource_groups virtual_networks = module.virtual_networks - # network_interface = module.network_interface } } From ece2c54b81bd7816b440283d32ad66388312ef07 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 15:53:54 +0200 Subject: [PATCH 068/101] Add try on optional configs --- .../linux_virtual_machine/linux_virtual_machine.tf | 14 +++++++------- .../linux_virtual_machine/network_interface.tf | 1 - .../network_interface/network_interface.tf | 6 ++++-- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf index 64369968..d0ab61f4 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf @@ -1,13 +1,13 @@ resource "azurerm_linux_virtual_machine" "main" { - name = var.settings.name - resource_group_name = local.resource_group_name - location = local.location - tags = local.tags - admin_username = var.settings.admin_username - size = var.settings.size - + name = var.settings.name + resource_group_name = local.resource_group_name + location = local.location + admin_username = var.settings.admin_username + size = var.settings.size network_interface_ids = try(local.network_interface_ids, null) + tags = local.tags + admin_ssh_key { username = var.settings.admin_ssh_key.username public_key = local.public_key diff --git a/src/modules/virtual_machines/linux_virtual_machine/network_interface.tf b/src/modules/virtual_machines/linux_virtual_machine/network_interface.tf index 2aa10772..5e307460 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/network_interface.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/network_interface.tf @@ -3,6 +3,5 @@ module "network_interface" { global_settings = var.global_settings settings = var.settings - resources = var.resources } diff --git a/src/modules/virtual_machines/network_interface/network_interface.tf b/src/modules/virtual_machines/network_interface/network_interface.tf index 72f55184..7b422faa 100644 --- a/src/modules/virtual_machines/network_interface/network_interface.tf +++ b/src/modules/virtual_machines/network_interface/network_interface.tf @@ -4,9 +4,11 @@ resource "azurerm_network_interface" "main" { resource_group_name = local.resource_group_name location = local.location + tags = local.tags + ip_configuration { name = each.value.ip_configuration.name - subnet_id = var.resources.virtual_networks[split("/", each.value.ip_configuration.subnet_ref)[0]].subnets[split("/", each.value.ip_configuration.subnet_ref)[1]].id - private_ip_address_allocation = try(each.value.ip_configuration.private_ip_address_allocation, "Dynamic") + subnet_id = try(var.resources.virtual_networks[split("/", each.value.ip_configuration.subnet_ref)[0]].subnets[split("/", each.value.ip_configuration.subnet_ref)[1]].id, null) + private_ip_address_allocation = try(each.value.ip_configuration.private_ip_address_allocation, null) } } From 4fe1ccdf5a9f6dee7347d6ef30ed3f0c151f429d Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 16:19:18 +0200 Subject: [PATCH 069/101] Add windows virtual machine module --- .../virtual_machines/virtual_machines.tf | 22 +++++++++--------- .../windows_virtual_machine/_locals.tf | 15 ++++++++++++ .../windows_virtual_machine/_ouputs.tf | 0 .../windows_virtual_machine/_variables.tf | 11 +++++++++ .../network_interface.tf | 7 ++++++ .../windows_virtual_macine.tf | 23 +++++++++++++++++++ 6 files changed, 67 insertions(+), 11 deletions(-) create mode 100644 src/modules/virtual_machines/windows_virtual_machine/_locals.tf create mode 100644 src/modules/virtual_machines/windows_virtual_machine/_ouputs.tf create mode 100644 src/modules/virtual_machines/windows_virtual_machine/_variables.tf create mode 100644 src/modules/virtual_machines/windows_virtual_machine/network_interface.tf create mode 100644 src/modules/virtual_machines/windows_virtual_machine/windows_virtual_macine.tf diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index 5a32ff69..d896224c 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -1,21 +1,21 @@ module "linux_virtual_machine" { source = "./linux_virtual_machine" - settings = var.settings + for_each = { for key, vm in var.settings : key => vm if vm.type == "linux" } + + settings = each.value global_settings = var.global_settings resources = var.resources } -# module "windows_virtual_machine" { -# source = "./modules/linux_virtual_machine" -# for_each = var.linux_virtual_machine +module "windows_virtual_machine" { + source = "./windows_virtual_machine" + + for_each = { for key, vm in var.settings : key => vm if vm.type == "windows" } -# settings = each.value -# global_settings = var.global_settings + settings = each.value + global_settings = var.global_settings -# resources = { -# resource_groups = module.resource_groups -# virtual_networks = module.virtual_networks -# } -# } + resources = var.resources +} diff --git a/src/modules/virtual_machines/windows_virtual_machine/_locals.tf b/src/modules/virtual_machines/windows_virtual_machine/_locals.tf new file mode 100644 index 00000000..6fecb7a5 --- /dev/null +++ b/src/modules/virtual_machines/windows_virtual_machine/_locals.tf @@ -0,0 +1,15 @@ +locals { + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + resource_group_name = local.resource_group.name + location = local.resource_group.location + + network_interface_ids = [ + module.network_interface.ids + ] + + tags = merge( + var.global_settings.tags, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + try(var.settings.tags, {}) + ) +} diff --git a/src/modules/virtual_machines/windows_virtual_machine/_ouputs.tf b/src/modules/virtual_machines/windows_virtual_machine/_ouputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/src/modules/virtual_machines/windows_virtual_machine/_variables.tf b/src/modules/virtual_machines/windows_virtual_machine/_variables.tf new file mode 100644 index 00000000..6f1524d4 --- /dev/null +++ b/src/modules/virtual_machines/windows_virtual_machine/_variables.tf @@ -0,0 +1,11 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for this resource" +} + +variable "resources" { + description = "All required resources" +} diff --git a/src/modules/virtual_machines/windows_virtual_machine/network_interface.tf b/src/modules/virtual_machines/windows_virtual_machine/network_interface.tf new file mode 100644 index 00000000..5e307460 --- /dev/null +++ b/src/modules/virtual_machines/windows_virtual_machine/network_interface.tf @@ -0,0 +1,7 @@ +module "network_interface" { + source = "../network_interface" + global_settings = var.global_settings + settings = var.settings + + resources = var.resources +} diff --git a/src/modules/virtual_machines/windows_virtual_machine/windows_virtual_macine.tf b/src/modules/virtual_machines/windows_virtual_machine/windows_virtual_macine.tf new file mode 100644 index 00000000..63d372d7 --- /dev/null +++ b/src/modules/virtual_machines/windows_virtual_machine/windows_virtual_macine.tf @@ -0,0 +1,23 @@ +resource "azurerm_windows_virtual_machine" "main" { + name = var.settings.name + resource_group_name = local.resource_group_name + location = local.location + admin_username = var.settings.admin_username + admin_password = var.settings.admin_password + size = var.settings.size + network_interface_ids = try(local.network_interface_ids, null) + + tags = local.tags + + os_disk { + caching = var.settings.os_disk.caching + storage_account_type = var.settings.os_disk.storage_account_type + } + + source_image_reference { + publisher = var.settings.source_image_reference.publisher + offer = var.settings.source_image_reference.offer + sku = var.settings.source_image_reference.sku + version = var.settings.source_image_reference.version + } +} From f5642b379e83a998ad6e19f73f13b6b36c060343 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 16:33:38 +0200 Subject: [PATCH 070/101] Refacotr settings in top level module --- src/virtual_machines.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/virtual_machines.tf b/src/virtual_machines.tf index 9d140b92..c7084e88 100644 --- a/src/virtual_machines.tf +++ b/src/virtual_machines.tf @@ -1,8 +1,8 @@ module "virtual_machines" { - source = "./modules/virtual_machines" - for_each = var.virtual_machines + source = "./modules/virtual_machines" + # for_each = var.virtual_machines - settings = each.value + settings = var.virtual_machines global_settings = var.global_settings resources = { From 551bac4b4a301054e556d9491482f0d71716e8cd Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 16:37:40 +0200 Subject: [PATCH 071/101] Remove comments --- src/virtual_machines.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/src/virtual_machines.tf b/src/virtual_machines.tf index c7084e88..94265366 100644 --- a/src/virtual_machines.tf +++ b/src/virtual_machines.tf @@ -1,6 +1,5 @@ module "virtual_machines" { source = "./modules/virtual_machines" - # for_each = var.virtual_machines settings = var.virtual_machines global_settings = var.global_settings From 889619462e55d5c837f2cb268917456f79aff332 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Tue, 21 Jan 2025 16:58:16 +0200 Subject: [PATCH 072/101] Refactor modules --- src/modules/virtual_machines/virtual_machines.tf | 16 ++++++---------- src/virtual_machines.tf | 5 +++-- 2 files changed, 9 insertions(+), 12 deletions(-) diff --git a/src/modules/virtual_machines/virtual_machines.tf b/src/modules/virtual_machines/virtual_machines.tf index d896224c..2bc83027 100644 --- a/src/modules/virtual_machines/virtual_machines.tf +++ b/src/modules/virtual_machines/virtual_machines.tf @@ -1,21 +1,17 @@ module "linux_virtual_machine" { source = "./linux_virtual_machine" - for_each = { for key, vm in var.settings : key => vm if vm.type == "linux" } - - settings = each.value + count = var.settings.type == "linux" ? 1 : 0 + settings = var.settings global_settings = var.global_settings - - resources = var.resources + resources = var.resources } module "windows_virtual_machine" { source = "./windows_virtual_machine" - for_each = { for key, vm in var.settings : key => vm if vm.type == "windows" } - - settings = each.value + count = var.settings.type == "windows" ? 1 : 0 + settings = var.settings global_settings = var.global_settings - - resources = var.resources + resources = var.resources } diff --git a/src/virtual_machines.tf b/src/virtual_machines.tf index 94265366..04bf18f1 100644 --- a/src/virtual_machines.tf +++ b/src/virtual_machines.tf @@ -1,7 +1,8 @@ module "virtual_machines" { - source = "./modules/virtual_machines" + for_each = var.virtual_machines + source = "./modules/virtual_machines" - settings = var.virtual_machines + settings = each.value global_settings = var.global_settings resources = { From f72dfad2335c5f3c562759c822a6c63181344823 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Wed, 22 Jan 2025 09:20:21 +0200 Subject: [PATCH 073/101] Add local global settings --- src/_locals.tf | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/_locals.tf b/src/_locals.tf index e69de29b..d073b772 100644 --- a/src/_locals.tf +++ b/src/_locals.tf @@ -0,0 +1,8 @@ +locals { + global_settings = merge(var.global_settings, { + object_id = data.azurerm_client_config.current.object_id + subscription_id = data.azurerm_client_config.current.subscription_id + tenant_id = data.azurerm_client_config.current.tenant_id + client_id = data.azurerm_client_config.current.client_id + }) +} From 66fa7385d85b080e0c48aefa2261fe38655b8435 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Wed, 22 Jan 2025 13:11:51 +0200 Subject: [PATCH 074/101] Add secret to keyvault --- src/_variables.resources.tf | 2 ++ src/keyvault.tf | 11 +++++++ .../_networking/private_dns_zone/_locals.tf | 29 +++++++++++++++++++ .../_networking/private_dns_zone/_outputs.tf | 3 ++ .../private_dns_zone/_variables.tf | 15 ++++++++++ .../private_dns_zone/private_dns_vnet_link.tf | 7 +++++ .../private_dns_zone_group.tf | 5 ++++ src/modules/keyvault/_locals.tf | 21 ++++++++++++++ src/modules/keyvault/_outputs.tf | 19 ++++++++++++ src/modules/keyvault/_variables.tf | 11 +++++++ src/modules/keyvault/keyvault.tf | 22 ++++++++++++++ .../keyvault/keyvault_secret/_outputs.tf | 19 ++++++++++++ .../keyvault/keyvault_secret/_variables.tf | 19 ++++++++++++ src/modules/keyvault/keyvault_secret/main.tf | 9 ++++++ src/modules/keyvault/secrets.tf | 12 ++++++++ 15 files changed, 204 insertions(+) create mode 100644 src/keyvault.tf create mode 100644 src/modules/_networking/private_dns_zone/_locals.tf create mode 100644 src/modules/_networking/private_dns_zone/_outputs.tf create mode 100644 src/modules/_networking/private_dns_zone/_variables.tf create mode 100644 src/modules/_networking/private_dns_zone/private_dns_vnet_link.tf create mode 100644 src/modules/_networking/private_dns_zone/private_dns_zone_group.tf create mode 100644 src/modules/keyvault/_locals.tf create mode 100644 src/modules/keyvault/_outputs.tf create mode 100644 src/modules/keyvault/_variables.tf create mode 100644 src/modules/keyvault/keyvault.tf create mode 100644 src/modules/keyvault/keyvault_secret/_outputs.tf create mode 100644 src/modules/keyvault/keyvault_secret/_variables.tf create mode 100644 src/modules/keyvault/keyvault_secret/main.tf create mode 100644 src/modules/keyvault/secrets.tf diff --git a/src/_variables.resources.tf b/src/_variables.resources.tf index da493a13..bff01ae3 100644 --- a/src/_variables.resources.tf +++ b/src/_variables.resources.tf @@ -15,3 +15,5 @@ variable "public_ips" { default = {} } variable "storage_accounts" { default = {} } variable "virtual_machines" { default = {} } + +variable "keyvaults" { default = {} } diff --git a/src/keyvault.tf b/src/keyvault.tf new file mode 100644 index 00000000..be929257 --- /dev/null +++ b/src/keyvault.tf @@ -0,0 +1,11 @@ +module "keyvaults" { + source = "./modules/keyvault" + for_each = var.keyvaults + + settings = each.value + global_settings = local.global_settings + resources = { + virtual_networks = module.virtual_networks + resource_groups = module.resource_groups + } +} diff --git a/src/modules/_networking/private_dns_zone/_locals.tf b/src/modules/_networking/private_dns_zone/_locals.tf new file mode 100644 index 00000000..53c86680 --- /dev/null +++ b/src/modules/_networking/private_dns_zone/_locals.tf @@ -0,0 +1,29 @@ +locals { + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + + resource_group_name = local.resource_group.name + location = local.resource_group.location + tags = merge( + var.global_settings.tags, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + try(var.settings.tags, {}) + ) + vnet_ids = { + for vnet in var.settings.vnet_ref : + vnet => { + name = var.resources.virtual_networks[vnet].name + id = var.resources.virtual_networks[vnet].id + } + } +} +locals { + # local object used to map possible private dns zoone names + zone_names = { + "storage_blob" = "privatelink.blob.core.windows.net" + "storage_tables" = "privatelink.table.core.windows.net" + "storage_queues" = "privatelink.queue.core.windows.net" + "storage_files" = "privatelink.file.core.windows.net" + "function_apps" = "privatelink.azurewebsites.net" + "keyvaults" = "privatelink.vaultcore.azure.net" + } +} diff --git a/src/modules/_networking/private_dns_zone/_outputs.tf b/src/modules/_networking/private_dns_zone/_outputs.tf new file mode 100644 index 00000000..0d4f3d12 --- /dev/null +++ b/src/modules/_networking/private_dns_zone/_outputs.tf @@ -0,0 +1,3 @@ +output "id" { + value = azurerm_private_dns_zone.main.id +} diff --git a/src/modules/_networking/private_dns_zone/_variables.tf b/src/modules/_networking/private_dns_zone/_variables.tf new file mode 100644 index 00000000..4ee12d7c --- /dev/null +++ b/src/modules/_networking/private_dns_zone/_variables.tf @@ -0,0 +1,15 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for this resource" +} + +variable "resources" { + type = object({ + resource_groups = map(any) + virtual_networks = map(any) + }) + description = "All required resources" +} diff --git a/src/modules/_networking/private_dns_zone/private_dns_vnet_link.tf b/src/modules/_networking/private_dns_zone/private_dns_vnet_link.tf new file mode 100644 index 00000000..08444fe8 --- /dev/null +++ b/src/modules/_networking/private_dns_zone/private_dns_vnet_link.tf @@ -0,0 +1,7 @@ +resource "azurerm_private_dns_zone_virtual_network_link" "main" { + for_each = local.vnet_ids + name = "${each.value.name}-${azurerm_private_dns_zone.main.name}-link" + private_dns_zone_name = azurerm_private_dns_zone.main.name + resource_group_name = azurerm_private_dns_zone.main.resource_group_name + virtual_network_id = each.value.id +} diff --git a/src/modules/_networking/private_dns_zone/private_dns_zone_group.tf b/src/modules/_networking/private_dns_zone/private_dns_zone_group.tf new file mode 100644 index 00000000..69fc0fb5 --- /dev/null +++ b/src/modules/_networking/private_dns_zone/private_dns_zone_group.tf @@ -0,0 +1,5 @@ +resource "azurerm_private_dns_zone" "main" { + name = try(local.zone_names[var.settings.resource_kind], var.settings.name) + resource_group_name = local.resource_group_name + tags = try(local.tags, null) +} diff --git a/src/modules/keyvault/_locals.tf b/src/modules/keyvault/_locals.tf new file mode 100644 index 00000000..6b55ec36 --- /dev/null +++ b/src/modules/keyvault/_locals.tf @@ -0,0 +1,21 @@ +locals { + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + + resource_group_name = local.resource_group.name + location = local.resource_group.location + + subnet_ids = [ + for network_rule_ref, config in try(var.settings.network_rules.subnets, {}) : ( + var.resources.virtual_networks[split("/", config.subnet_ref)[0]].subnets[split("/", config.subnet_ref)[1]].id + ) + ] + subnet_id = try( + var.resources.virtual_networks[split("/", var.settings.private_endpoint.subnet_ref)[0]].subnets[split("/", var.settings.private_endpoint.subnet_ref)[1]].id, + null + ) + tags = merge( + var.global_settings.tags, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + try(var.settings.tags, {}) + ) +} diff --git a/src/modules/keyvault/_outputs.tf b/src/modules/keyvault/_outputs.tf new file mode 100644 index 00000000..a6b440d4 --- /dev/null +++ b/src/modules/keyvault/_outputs.tf @@ -0,0 +1,19 @@ +output "id" { + value = azurerm_key_vault.main.id +} + +output "vault_uri" { + value = azurerm_key_vault.main.vault_uri +} + +output "resource_group_name" { + value = azurerm_key_vault.main.resource_group_name +} + +output "location" { + value = azurerm_key_vault.main.location +} + +output "name" { + value = azurerm_key_vault.main.name +} diff --git a/src/modules/keyvault/_variables.tf b/src/modules/keyvault/_variables.tf new file mode 100644 index 00000000..6f1524d4 --- /dev/null +++ b/src/modules/keyvault/_variables.tf @@ -0,0 +1,11 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for this resource" +} + +variable "resources" { + description = "All required resources" +} diff --git a/src/modules/keyvault/keyvault.tf b/src/modules/keyvault/keyvault.tf new file mode 100644 index 00000000..4532a1eb --- /dev/null +++ b/src/modules/keyvault/keyvault.tf @@ -0,0 +1,22 @@ +resource "azurerm_key_vault" "main" { + name = var.settings.name + resource_group_name = local.resource_group_name + location = local.location + tags = local.tags + + tenant_id = var.global_settings.tenant_id + sku_name = try(var.settings.sku_name, "standard") + + enabled_for_disk_encryption = try(var.settings.enabled_for_disk_encryption, null) + soft_delete_retention_days = try(var.settings.soft_delete_retention_days, null) + purge_protection_enabled = try(var.settings.purge_protection_enabled, null) + enable_rbac_authorization = try(var.settings.enable_rbac_authorization, false) + public_network_access_enabled = try(var.settings.public_network_access_enabled, false) + + network_acls { + default_action = try(var.settings.network_rules.default_action, "Deny") + bypass = try(var.settings.network_rules.bypass, "AzureServices") + ip_rules = try(var.settings.network_rules.allowed_ips, null) + virtual_network_subnet_ids = local.subnet_ids + } +} diff --git a/src/modules/keyvault/keyvault_secret/_outputs.tf b/src/modules/keyvault/keyvault_secret/_outputs.tf new file mode 100644 index 00000000..cceddc11 --- /dev/null +++ b/src/modules/keyvault/keyvault_secret/_outputs.tf @@ -0,0 +1,19 @@ +output "id" { + value = azurerm_key_vault_secret.main.id +} + +output "resource_id" { + value = azurerm_key_vault_secret.main.resource_id +} + +output "resource_versionless_id" { + value = azurerm_key_vault_secret.main.resource_versionless_id +} + +output "version" { + value = azurerm_key_vault_secret.main.version +} + +output "versionless_id" { + value = azurerm_key_vault_secret.main.versionless_id +} diff --git a/src/modules/keyvault/keyvault_secret/_variables.tf b/src/modules/keyvault/keyvault_secret/_variables.tf new file mode 100644 index 00000000..e494a0fd --- /dev/null +++ b/src/modules/keyvault/keyvault_secret/_variables.tf @@ -0,0 +1,19 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for this resource" +} + +variable "keyvault_id" { + description = "id of the keyvault" +} + +variable "resources" { + description = "All the configuration for this resource" +} + +variable "secrets" { + description = "All the configuration for this resource" +} diff --git a/src/modules/keyvault/keyvault_secret/main.tf b/src/modules/keyvault/keyvault_secret/main.tf new file mode 100644 index 00000000..0bc57039 --- /dev/null +++ b/src/modules/keyvault/keyvault_secret/main.tf @@ -0,0 +1,9 @@ +resource "azurerm_key_vault_secret" "main" { + name = var.secrets.name + value = var.secrets.value + key_vault_id = var.keyvault_id + + lifecycle { + ignore_changes = ["value"] + } +} diff --git a/src/modules/keyvault/secrets.tf b/src/modules/keyvault/secrets.tf new file mode 100644 index 00000000..893c82ed --- /dev/null +++ b/src/modules/keyvault/secrets.tf @@ -0,0 +1,12 @@ +module "secrets" { + source = "./keyvault_secret" + + # Use for_each to iterate over the secrets map + for_each = try(var.settings.secrets, {}) + + settings = var.settings + keyvault_id = azurerm_key_vault.main.id + secrets = each.value + global_settings = var.global_settings + resources = var.resources +} From 2a09c9a1ef2b46e8641195f9fb7863add8944a20 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Wed, 22 Jan 2025 13:13:30 +0200 Subject: [PATCH 075/101] Remove not needed resources --- .../local_network_gateway/_locals.tf | 12 -------- .../local_network_gateway/_outputs.tf | 3 -- .../local_network_gateway/_variables.tf | 14 --------- .../local_network_gateway.tf | 9 ------ .../_networking/private_dns_zone/_locals.tf | 29 ------------------- .../_networking/private_dns_zone/_outputs.tf | 3 -- .../private_dns_zone/_variables.tf | 15 ---------- .../private_dns_zone/private_dns_vnet_link.tf | 7 ----- .../private_dns_zone_group.tf | 5 ---- src/modules/_networking/public_ip/_locals.tf | 12 -------- src/modules/_networking/public_ip/_outputs.tf | 7 ----- .../_networking/public_ip/_variables.tf | 14 --------- src/modules/_networking/public_ip/main.tf | 7 ----- .../virtual_network_gateway/_locals.tf | 12 -------- .../virtual_network_gateway/_outputs.tf | 3 -- .../virtual_network_gateway/_variables.tf | 16 ---------- .../virtual_network_gateway/main.tf | 25 ---------------- .../_networking/vnet_peering/_locals.tf | 9 ------ .../_networking/vnet_peering/_outputs.tf | 6 ---- .../_networking/vnet_peering/_variables.tf | 18 ------------ src/modules/_networking/vnet_peering/main.tf | 17 ----------- 21 files changed, 243 deletions(-) delete mode 100644 src/modules/_networking/local_network_gateway/_locals.tf delete mode 100644 src/modules/_networking/local_network_gateway/_outputs.tf delete mode 100644 src/modules/_networking/local_network_gateway/_variables.tf delete mode 100644 src/modules/_networking/local_network_gateway/local_network_gateway.tf delete mode 100644 src/modules/_networking/private_dns_zone/_locals.tf delete mode 100644 src/modules/_networking/private_dns_zone/_outputs.tf delete mode 100644 src/modules/_networking/private_dns_zone/_variables.tf delete mode 100644 src/modules/_networking/private_dns_zone/private_dns_vnet_link.tf delete mode 100644 src/modules/_networking/private_dns_zone/private_dns_zone_group.tf delete mode 100644 src/modules/_networking/public_ip/_locals.tf delete mode 100644 src/modules/_networking/public_ip/_outputs.tf delete mode 100644 src/modules/_networking/public_ip/_variables.tf delete mode 100644 src/modules/_networking/public_ip/main.tf delete mode 100644 src/modules/_networking/virtual_network_gateway/_locals.tf delete mode 100644 src/modules/_networking/virtual_network_gateway/_outputs.tf delete mode 100644 src/modules/_networking/virtual_network_gateway/_variables.tf delete mode 100644 src/modules/_networking/virtual_network_gateway/main.tf delete mode 100644 src/modules/_networking/vnet_peering/_locals.tf delete mode 100644 src/modules/_networking/vnet_peering/_outputs.tf delete mode 100644 src/modules/_networking/vnet_peering/_variables.tf delete mode 100644 src/modules/_networking/vnet_peering/main.tf diff --git a/src/modules/_networking/local_network_gateway/_locals.tf b/src/modules/_networking/local_network_gateway/_locals.tf deleted file mode 100644 index 687c6aaa..00000000 --- a/src/modules/_networking/local_network_gateway/_locals.tf +++ /dev/null @@ -1,12 +0,0 @@ -locals { - resource_group = var.resources.resource_groups[var.settings.resource_group_ref] - - resource_group_name = local.resource_group.name - location = local.resource_group.location - - tags = merge( - var.global_settings.tags, - var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, - try(var.settings.tags, {}) - ) -} diff --git a/src/modules/_networking/local_network_gateway/_outputs.tf b/src/modules/_networking/local_network_gateway/_outputs.tf deleted file mode 100644 index a497d716..00000000 --- a/src/modules/_networking/local_network_gateway/_outputs.tf +++ /dev/null @@ -1,3 +0,0 @@ -output "id" { - value = azurerm_local_network_gateway.main.id -} diff --git a/src/modules/_networking/local_network_gateway/_variables.tf b/src/modules/_networking/local_network_gateway/_variables.tf deleted file mode 100644 index 315edc56..00000000 --- a/src/modules/_networking/local_network_gateway/_variables.tf +++ /dev/null @@ -1,14 +0,0 @@ -variable "global_settings" { - description = "Global settings for tinycaf" -} - -variable "settings" { - description = "All the configuration for this resource" -} - -variable "resources" { - type = object({ - resource_groups = map(any) - }) - description = "All required resources" -} diff --git a/src/modules/_networking/local_network_gateway/local_network_gateway.tf b/src/modules/_networking/local_network_gateway/local_network_gateway.tf deleted file mode 100644 index e956bc66..00000000 --- a/src/modules/_networking/local_network_gateway/local_network_gateway.tf +++ /dev/null @@ -1,9 +0,0 @@ -resource "azurerm_local_network_gateway" "main" { - name = var.settings.name - location = local.location - resource_group_name = local.resource_group_name - address_space = var.settings.cidr - - gateway_address = try(var.settings.gateway_address, null) - gateway_fqdn = try(var.settings.gateway_fqdn, null) -} diff --git a/src/modules/_networking/private_dns_zone/_locals.tf b/src/modules/_networking/private_dns_zone/_locals.tf deleted file mode 100644 index 53c86680..00000000 --- a/src/modules/_networking/private_dns_zone/_locals.tf +++ /dev/null @@ -1,29 +0,0 @@ -locals { - resource_group = var.resources.resource_groups[var.settings.resource_group_ref] - - resource_group_name = local.resource_group.name - location = local.resource_group.location - tags = merge( - var.global_settings.tags, - var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, - try(var.settings.tags, {}) - ) - vnet_ids = { - for vnet in var.settings.vnet_ref : - vnet => { - name = var.resources.virtual_networks[vnet].name - id = var.resources.virtual_networks[vnet].id - } - } -} -locals { - # local object used to map possible private dns zoone names - zone_names = { - "storage_blob" = "privatelink.blob.core.windows.net" - "storage_tables" = "privatelink.table.core.windows.net" - "storage_queues" = "privatelink.queue.core.windows.net" - "storage_files" = "privatelink.file.core.windows.net" - "function_apps" = "privatelink.azurewebsites.net" - "keyvaults" = "privatelink.vaultcore.azure.net" - } -} diff --git a/src/modules/_networking/private_dns_zone/_outputs.tf b/src/modules/_networking/private_dns_zone/_outputs.tf deleted file mode 100644 index 0d4f3d12..00000000 --- a/src/modules/_networking/private_dns_zone/_outputs.tf +++ /dev/null @@ -1,3 +0,0 @@ -output "id" { - value = azurerm_private_dns_zone.main.id -} diff --git a/src/modules/_networking/private_dns_zone/_variables.tf b/src/modules/_networking/private_dns_zone/_variables.tf deleted file mode 100644 index 4ee12d7c..00000000 --- a/src/modules/_networking/private_dns_zone/_variables.tf +++ /dev/null @@ -1,15 +0,0 @@ -variable "global_settings" { - description = "Global settings for tinycaf" -} - -variable "settings" { - description = "All the configuration for this resource" -} - -variable "resources" { - type = object({ - resource_groups = map(any) - virtual_networks = map(any) - }) - description = "All required resources" -} diff --git a/src/modules/_networking/private_dns_zone/private_dns_vnet_link.tf b/src/modules/_networking/private_dns_zone/private_dns_vnet_link.tf deleted file mode 100644 index 08444fe8..00000000 --- a/src/modules/_networking/private_dns_zone/private_dns_vnet_link.tf +++ /dev/null @@ -1,7 +0,0 @@ -resource "azurerm_private_dns_zone_virtual_network_link" "main" { - for_each = local.vnet_ids - name = "${each.value.name}-${azurerm_private_dns_zone.main.name}-link" - private_dns_zone_name = azurerm_private_dns_zone.main.name - resource_group_name = azurerm_private_dns_zone.main.resource_group_name - virtual_network_id = each.value.id -} diff --git a/src/modules/_networking/private_dns_zone/private_dns_zone_group.tf b/src/modules/_networking/private_dns_zone/private_dns_zone_group.tf deleted file mode 100644 index 69fc0fb5..00000000 --- a/src/modules/_networking/private_dns_zone/private_dns_zone_group.tf +++ /dev/null @@ -1,5 +0,0 @@ -resource "azurerm_private_dns_zone" "main" { - name = try(local.zone_names[var.settings.resource_kind], var.settings.name) - resource_group_name = local.resource_group_name - tags = try(local.tags, null) -} diff --git a/src/modules/_networking/public_ip/_locals.tf b/src/modules/_networking/public_ip/_locals.tf deleted file mode 100644 index 687c6aaa..00000000 --- a/src/modules/_networking/public_ip/_locals.tf +++ /dev/null @@ -1,12 +0,0 @@ -locals { - resource_group = var.resources.resource_groups[var.settings.resource_group_ref] - - resource_group_name = local.resource_group.name - location = local.resource_group.location - - tags = merge( - var.global_settings.tags, - var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, - try(var.settings.tags, {}) - ) -} diff --git a/src/modules/_networking/public_ip/_outputs.tf b/src/modules/_networking/public_ip/_outputs.tf deleted file mode 100644 index 1ea5d765..00000000 --- a/src/modules/_networking/public_ip/_outputs.tf +++ /dev/null @@ -1,7 +0,0 @@ -output "id" { - value = azurerm_public_ip.main.id -} - -output "ip_address" { - value = azurerm_public_ip.main.ip_address -} diff --git a/src/modules/_networking/public_ip/_variables.tf b/src/modules/_networking/public_ip/_variables.tf deleted file mode 100644 index 315edc56..00000000 --- a/src/modules/_networking/public_ip/_variables.tf +++ /dev/null @@ -1,14 +0,0 @@ -variable "global_settings" { - description = "Global settings for tinycaf" -} - -variable "settings" { - description = "All the configuration for this resource" -} - -variable "resources" { - type = object({ - resource_groups = map(any) - }) - description = "All required resources" -} diff --git a/src/modules/_networking/public_ip/main.tf b/src/modules/_networking/public_ip/main.tf deleted file mode 100644 index 753d0e8b..00000000 --- a/src/modules/_networking/public_ip/main.tf +++ /dev/null @@ -1,7 +0,0 @@ -resource "azurerm_public_ip" "main" { - name = var.settings.name - resource_group_name = local.resource_group_name - location = local.location - allocation_method = try(var.settings.allocation_method, "Static") - tags = local.tags -} diff --git a/src/modules/_networking/virtual_network_gateway/_locals.tf b/src/modules/_networking/virtual_network_gateway/_locals.tf deleted file mode 100644 index 687c6aaa..00000000 --- a/src/modules/_networking/virtual_network_gateway/_locals.tf +++ /dev/null @@ -1,12 +0,0 @@ -locals { - resource_group = var.resources.resource_groups[var.settings.resource_group_ref] - - resource_group_name = local.resource_group.name - location = local.resource_group.location - - tags = merge( - var.global_settings.tags, - var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, - try(var.settings.tags, {}) - ) -} diff --git a/src/modules/_networking/virtual_network_gateway/_outputs.tf b/src/modules/_networking/virtual_network_gateway/_outputs.tf deleted file mode 100644 index be756085..00000000 --- a/src/modules/_networking/virtual_network_gateway/_outputs.tf +++ /dev/null @@ -1,3 +0,0 @@ -output "id" { - value = azurerm_virtual_network_gateway.main.id -} diff --git a/src/modules/_networking/virtual_network_gateway/_variables.tf b/src/modules/_networking/virtual_network_gateway/_variables.tf deleted file mode 100644 index 8cf17357..00000000 --- a/src/modules/_networking/virtual_network_gateway/_variables.tf +++ /dev/null @@ -1,16 +0,0 @@ -variable "global_settings" { - description = "Global settings for tinycaf" -} - -variable "settings" { - description = "All the configuration for this resource" -} - -variable "resources" { - type = object({ - resource_groups = map(any) - virtual_networks = map(any) - public_ips = map(any) - }) - description = "All required resources" -} diff --git a/src/modules/_networking/virtual_network_gateway/main.tf b/src/modules/_networking/virtual_network_gateway/main.tf deleted file mode 100644 index d371a671..00000000 --- a/src/modules/_networking/virtual_network_gateway/main.tf +++ /dev/null @@ -1,25 +0,0 @@ -resource "azurerm_virtual_network_gateway" "main" { - name = var.settings.name - resource_group_name = local.resource_group_name - location = local.location - tags = local.tags - - sku = var.settings.sku - type = try(var.settings.type, "Vpn") - - generation = try(var.settings.generation, null) - vpn_type = try(var.settings.vpn_type, null) - active_active = try(var.settings.active_active, null) - enable_bgp = try(var.settings.enable_bgp, null) - - dynamic "ip_configuration" { - for_each = var.settings.ip_configurations - - content { - name = ip_configuration.value.name - private_ip_address_allocation = try(ip_configuration.value.private_ip_address_allocation, null) - public_ip_address_id = var.resources.public_ips[ip_configuration.value.public_ip_address_ref].id - subnet_id = var.resources.virtual_networks[split("/", ip_configuration.value.subnet_ref)[0]].subnets[split("/", ip_configuration.value.subnet_ref)[1]].id - } - } -} diff --git a/src/modules/_networking/vnet_peering/_locals.tf b/src/modules/_networking/vnet_peering/_locals.tf deleted file mode 100644 index 92ffed7c..00000000 --- a/src/modules/_networking/vnet_peering/_locals.tf +++ /dev/null @@ -1,9 +0,0 @@ -locals { - vnet_left = var.resources.virtual_networks[var.settings.vnet_left_ref] - vnet_right = var.resources.virtual_networks[var.settings.vnet_right_ref] - - direction = try(var.settings.direction, "<->") - - peer_left_to_right = endswith(local.direction, "->") - peer_right_to_left = startswith(local.direction, "<-") -} diff --git a/src/modules/_networking/vnet_peering/_outputs.tf b/src/modules/_networking/vnet_peering/_outputs.tf deleted file mode 100644 index c7505a22..00000000 --- a/src/modules/_networking/vnet_peering/_outputs.tf +++ /dev/null @@ -1,6 +0,0 @@ -output "id" { - value = { - "left_to_right" = local.peer_left_to_right ? azurerm_virtual_network_peering.left_to_right[0].id : null - "right_to_left" = local.peer_right_to_left ? azurerm_virtual_network_peering.right_to_left[0].id : null - } -} diff --git a/src/modules/_networking/vnet_peering/_variables.tf b/src/modules/_networking/vnet_peering/_variables.tf deleted file mode 100644 index cc077015..00000000 --- a/src/modules/_networking/vnet_peering/_variables.tf +++ /dev/null @@ -1,18 +0,0 @@ -variable "global_settings" { - description = "Global settings for tinycaf" -} - -variable "settings" { - description = "All the configuration for this resource" - validation { - condition = contains(["<-", "->", "<->"], try(var.settings.direction, "<->")) - error_message = "Allowed values for direction are '<-', '->', or '<->'. Defaults to '<->' if not set." - } -} - -variable "resources" { - type = object({ - virtual_networks = map(any) - }) - description = "All required resources" -} diff --git a/src/modules/_networking/vnet_peering/main.tf b/src/modules/_networking/vnet_peering/main.tf deleted file mode 100644 index a8d4b025..00000000 --- a/src/modules/_networking/vnet_peering/main.tf +++ /dev/null @@ -1,17 +0,0 @@ -resource "azurerm_virtual_network_peering" "left_to_right" { - count = local.peer_left_to_right ? 1 : 0 - - name = "peering-${local.vnet_left.name}-to-${local.vnet_right.name}" - resource_group_name = local.vnet_left.resource_group_name - virtual_network_name = local.vnet_left.name - remote_virtual_network_id = local.vnet_right.id -} - -resource "azurerm_virtual_network_peering" "right_to_left" { - count = local.peer_right_to_left ? 1 : 0 - - name = "peering-${local.vnet_right.name}-to-${local.vnet_left.name}" - resource_group_name = local.vnet_right.resource_group_name - virtual_network_name = local.vnet_right.name - remote_virtual_network_id = local.vnet_left.id -} From 7165346f97c18c51c5d1d5c5880e768da14d9801 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Wed, 22 Jan 2025 13:51:38 +0200 Subject: [PATCH 076/101] Refactor secret --- src/modules/keyvault/keyvault_secret/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/keyvault/keyvault_secret/main.tf b/src/modules/keyvault/keyvault_secret/main.tf index 0bc57039..ddad0d6c 100644 --- a/src/modules/keyvault/keyvault_secret/main.tf +++ b/src/modules/keyvault/keyvault_secret/main.tf @@ -1,6 +1,6 @@ resource "azurerm_key_vault_secret" "main" { name = var.secrets.name - value = var.secrets.value + value = tls_private_key.main.private_key_pem key_vault_id = var.keyvault_id lifecycle { From d15467f083f46d59478afe96bb3e344960f9f475 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Wed, 22 Jan 2025 13:54:54 +0200 Subject: [PATCH 077/101] Refactor networking.tf --- src/networking.tf | 50 ----------------------------------------------- 1 file changed, 50 deletions(-) diff --git a/src/networking.tf b/src/networking.tf index bd9aadde..63d58e40 100644 --- a/src/networking.tf +++ b/src/networking.tf @@ -9,53 +9,3 @@ module "virtual_networks" { resource_groups = module.resource_groups } } - -module "vnet_peerings" { - source = "./modules/_networking/vnet_peering" - for_each = var.vnet_peerings - - global_settings = var.global_settings - settings = each.value - - resources = { - virtual_networks = module.virtual_networks - } -} - -module "public_ips" { - source = "./modules/_networking/public_ip" - for_each = var.public_ips - - global_settings = var.global_settings - settings = each.value - - resources = { - resource_groups = module.resource_groups - } -} - -module "virtual_network_gateways" { - source = "./modules/_networking/virtual_network_gateway" - for_each = var.virtual_network_gateways - - global_settings = var.global_settings - settings = each.value - - resources = { - virtual_networks = module.virtual_networks - public_ips = module.public_ips - resource_groups = module.resource_groups - } -} - -module "local_network_gateways" { - source = "./modules/_networking/local_network_gateway" - for_each = var.local_network_gateways - - global_settings = var.global_settings - settings = each.value - - resources = { - resource_groups = module.resource_groups - } -} From ebf68215e0c7093c1d7f00ffe6331758aba4e106 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Wed, 22 Jan 2025 13:57:57 +0200 Subject: [PATCH 078/101] Refactor provider --- src/_provider.tf | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/src/_provider.tf b/src/_provider.tf index 8afe1309..b52b5d37 100644 --- a/src/_provider.tf +++ b/src/_provider.tf @@ -2,12 +2,21 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~>4.14.0" + version = "~>4.0" } } } provider "azurerm" { - features {} - subscription_id = var.subscription_id + skip_provider_registration = true + features { + key_vault { + recover_soft_deleted_key_vaults = true + } + resource_group { + prevent_deletion_if_contains_resources = false + } + } + subscription_id = "cf1839da-5f7c-4fb5-8a06-f6cb6d0d53df" } +data "azurerm_client_config" "current" {} From 4c16fe392f39b338fe32583c4e17d1d5a9f048cd Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Wed, 22 Jan 2025 14:00:41 +0200 Subject: [PATCH 079/101] Refactor provider.tf --- src/_provider.tf | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/src/_provider.tf b/src/_provider.tf index b52b5d37..8afe1309 100644 --- a/src/_provider.tf +++ b/src/_provider.tf @@ -2,21 +2,12 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~>4.0" + version = "~>4.14.0" } } } provider "azurerm" { - skip_provider_registration = true - features { - key_vault { - recover_soft_deleted_key_vaults = true - } - resource_group { - prevent_deletion_if_contains_resources = false - } - } - subscription_id = "cf1839da-5f7c-4fb5-8a06-f6cb6d0d53df" + features {} + subscription_id = var.subscription_id } -data "azurerm_client_config" "current" {} From d2e31cae17c5136b5350191aeb2186b56d4c912d Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Wed, 22 Jan 2025 14:17:36 +0200 Subject: [PATCH 080/101] Import data --- src/main.tf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main.tf b/src/main.tf index f70c5648..f230789a 100644 --- a/src/main.tf +++ b/src/main.tf @@ -1,3 +1,5 @@ +data "azurerm_client_config" "current" {} + module "resource_groups" { source = "./modules/resource_group" for_each = var.resource_groups From 83072721db74bac5143cbf1ac44f370f3a6ef788 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Wed, 22 Jan 2025 17:29:03 +0200 Subject: [PATCH 081/101] Refactor code --- src/keyvault.tf | 3 +-- .../keyvault/keyvault_secret/_outputs.tf | 19 ------------------- .../keyvault/keyvault_secret/_variables.tf | 19 ------------------- src/modules/keyvault/keyvault_secret/main.tf | 9 --------- src/modules/keyvault/secrets.tf | 12 ------------ .../linux_virtual_machine/_locals.tf | 2 ++ .../linux_virtual_machine/secrets.tf | 5 +++++ 7 files changed, 8 insertions(+), 61 deletions(-) delete mode 100644 src/modules/keyvault/keyvault_secret/_outputs.tf delete mode 100644 src/modules/keyvault/keyvault_secret/_variables.tf delete mode 100644 src/modules/keyvault/keyvault_secret/main.tf delete mode 100644 src/modules/keyvault/secrets.tf create mode 100644 src/modules/virtual_machines/linux_virtual_machine/secrets.tf diff --git a/src/keyvault.tf b/src/keyvault.tf index be929257..27399e66 100644 --- a/src/keyvault.tf +++ b/src/keyvault.tf @@ -5,7 +5,6 @@ module "keyvaults" { settings = each.value global_settings = local.global_settings resources = { - virtual_networks = module.virtual_networks - resource_groups = module.resource_groups + resource_groups = module.resource_groups } } diff --git a/src/modules/keyvault/keyvault_secret/_outputs.tf b/src/modules/keyvault/keyvault_secret/_outputs.tf deleted file mode 100644 index cceddc11..00000000 --- a/src/modules/keyvault/keyvault_secret/_outputs.tf +++ /dev/null @@ -1,19 +0,0 @@ -output "id" { - value = azurerm_key_vault_secret.main.id -} - -output "resource_id" { - value = azurerm_key_vault_secret.main.resource_id -} - -output "resource_versionless_id" { - value = azurerm_key_vault_secret.main.resource_versionless_id -} - -output "version" { - value = azurerm_key_vault_secret.main.version -} - -output "versionless_id" { - value = azurerm_key_vault_secret.main.versionless_id -} diff --git a/src/modules/keyvault/keyvault_secret/_variables.tf b/src/modules/keyvault/keyvault_secret/_variables.tf deleted file mode 100644 index e494a0fd..00000000 --- a/src/modules/keyvault/keyvault_secret/_variables.tf +++ /dev/null @@ -1,19 +0,0 @@ -variable "global_settings" { - description = "Global settings for tinycaf" -} - -variable "settings" { - description = "All the configuration for this resource" -} - -variable "keyvault_id" { - description = "id of the keyvault" -} - -variable "resources" { - description = "All the configuration for this resource" -} - -variable "secrets" { - description = "All the configuration for this resource" -} diff --git a/src/modules/keyvault/keyvault_secret/main.tf b/src/modules/keyvault/keyvault_secret/main.tf deleted file mode 100644 index ddad0d6c..00000000 --- a/src/modules/keyvault/keyvault_secret/main.tf +++ /dev/null @@ -1,9 +0,0 @@ -resource "azurerm_key_vault_secret" "main" { - name = var.secrets.name - value = tls_private_key.main.private_key_pem - key_vault_id = var.keyvault_id - - lifecycle { - ignore_changes = ["value"] - } -} diff --git a/src/modules/keyvault/secrets.tf b/src/modules/keyvault/secrets.tf deleted file mode 100644 index 893c82ed..00000000 --- a/src/modules/keyvault/secrets.tf +++ /dev/null @@ -1,12 +0,0 @@ -module "secrets" { - source = "./keyvault_secret" - - # Use for_each to iterate over the secrets map - for_each = try(var.settings.secrets, {}) - - settings = var.settings - keyvault_id = azurerm_key_vault.main.id - secrets = each.value - global_settings = var.global_settings - resources = var.resources -} diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index 9930678c..06e8bf19 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -7,6 +7,8 @@ locals { module.network_interface.ids ] + key_vault_id = var.resources.keyvaults[var.settings.keyvault_ref].id + public_key = tls_private_key.main[var.settings.admin_ssh_key.public_key_ref].public_key_openssh tags = merge( diff --git a/src/modules/virtual_machines/linux_virtual_machine/secrets.tf b/src/modules/virtual_machines/linux_virtual_machine/secrets.tf new file mode 100644 index 00000000..1471855e --- /dev/null +++ b/src/modules/virtual_machines/linux_virtual_machine/secrets.tf @@ -0,0 +1,5 @@ +resource "azurerm_key_vault_secret" "main" { + name = "${var.settings.name}-ssh-private-key" + value = local.public_key + key_vault_id = local.key_vault_id +} From fe92da71c34a6ca854bab5367bbb269fb5a48745 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Wed, 22 Jan 2025 17:36:24 +0200 Subject: [PATCH 082/101] Add keyvault module to vm module resources --- src/virtual_machines.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/src/virtual_machines.tf b/src/virtual_machines.tf index 04bf18f1..82630bdd 100644 --- a/src/virtual_machines.tf +++ b/src/virtual_machines.tf @@ -8,5 +8,6 @@ module "virtual_machines" { resources = { resource_groups = module.resource_groups virtual_networks = module.virtual_networks + keyvaults = module.keyvaults } } From 0ca1100096f6ec5bd4364428cb8c4f128e0998fe Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Thu, 23 Jan 2025 17:17:40 +0200 Subject: [PATCH 083/101] Remove unnecessary resources --- src/_variables.resources.tf | 10 ------ src/main.tf | 12 ------- src/modules/managed_identity/_locals.tf | 12 ------- src/modules/managed_identity/_variables.tf | 14 -------- src/modules/managed_identity/main.tf | 5 --- src/modules/storage_account/_locals.tf | 17 ---------- src/modules/storage_account/_outputs.tf | 10 ------ src/modules/storage_account/_variables.tf | 15 -------- .../storage_account/storage_account.tf | 34 ------------------- .../storage_account/storage_container.tf | 8 ----- src/storage_account.tf | 12 ------- 11 files changed, 149 deletions(-) delete mode 100644 src/modules/managed_identity/_locals.tf delete mode 100644 src/modules/managed_identity/_variables.tf delete mode 100644 src/modules/managed_identity/main.tf delete mode 100644 src/modules/storage_account/_locals.tf delete mode 100644 src/modules/storage_account/_outputs.tf delete mode 100644 src/modules/storage_account/_variables.tf delete mode 100644 src/modules/storage_account/storage_account.tf delete mode 100644 src/modules/storage_account/storage_container.tf delete mode 100644 src/storage_account.tf diff --git a/src/_variables.resources.tf b/src/_variables.resources.tf index bff01ae3..fc3e31f8 100644 --- a/src/_variables.resources.tf +++ b/src/_variables.resources.tf @@ -1,17 +1,7 @@ variable "resource_groups" { default = {} } -variable "managed_identities" { default = {} } - variable "virtual_networks" { default = {} } -variable "vnet_peerings" { default = {} } - -variable "local_network_gateways" { default = {} } - -variable "virtual_network_gateways" { default = {} } - -variable "public_ips" { default = {} } - variable "storage_accounts" { default = {} } variable "virtual_machines" { default = {} } diff --git a/src/main.tf b/src/main.tf index f230789a..1eed714c 100644 --- a/src/main.tf +++ b/src/main.tf @@ -7,15 +7,3 @@ module "resource_groups" { settings = each.value global_settings = var.global_settings } - -module "managed_identities" { - source = "./modules/managed_identity" - for_each = var.managed_identities - - settings = each.value - global_settings = var.global_settings - - resources = { - resource_groups = module.resource_groups - } -} diff --git a/src/modules/managed_identity/_locals.tf b/src/modules/managed_identity/_locals.tf deleted file mode 100644 index 687c6aaa..00000000 --- a/src/modules/managed_identity/_locals.tf +++ /dev/null @@ -1,12 +0,0 @@ -locals { - resource_group = var.resources.resource_groups[var.settings.resource_group_ref] - - resource_group_name = local.resource_group.name - location = local.resource_group.location - - tags = merge( - var.global_settings.tags, - var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, - try(var.settings.tags, {}) - ) -} diff --git a/src/modules/managed_identity/_variables.tf b/src/modules/managed_identity/_variables.tf deleted file mode 100644 index 315edc56..00000000 --- a/src/modules/managed_identity/_variables.tf +++ /dev/null @@ -1,14 +0,0 @@ -variable "global_settings" { - description = "Global settings for tinycaf" -} - -variable "settings" { - description = "All the configuration for this resource" -} - -variable "resources" { - type = object({ - resource_groups = map(any) - }) - description = "All required resources" -} diff --git a/src/modules/managed_identity/main.tf b/src/modules/managed_identity/main.tf deleted file mode 100644 index 39654afe..00000000 --- a/src/modules/managed_identity/main.tf +++ /dev/null @@ -1,5 +0,0 @@ -resource "azurerm_user_assigned_identity" "main" { - name = var.settings.name - resource_group_name = local.resource_group_name - location = local.location -} diff --git a/src/modules/storage_account/_locals.tf b/src/modules/storage_account/_locals.tf deleted file mode 100644 index af37c82b..00000000 --- a/src/modules/storage_account/_locals.tf +++ /dev/null @@ -1,17 +0,0 @@ -locals { - resource_group = var.resources.resource_groups[var.settings.resource_group_ref] - resource_group_name = local.resource_group.name - location = local.resource_group.location - - subnet_ids = [ - for network_rule_ref, config in try(var.settings.network_rules.subnets, {}) : ( - var.resources.virtual_networks[split("/", config.subnet_ref)[0]].subnets[split("/", config.subnet_ref)[1]].id - ) - ] - - tags = merge( - var.global_settings.tags, - var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, - try(var.settings.tags, {}) - ) -} diff --git a/src/modules/storage_account/_outputs.tf b/src/modules/storage_account/_outputs.tf deleted file mode 100644 index 4761ad59..00000000 --- a/src/modules/storage_account/_outputs.tf +++ /dev/null @@ -1,10 +0,0 @@ -output "id" { - value = azurerm_storage_account.main.id -} - -output "containers" { - value = { - for container_ref, _ in try(var.settings.containers) : - container_ref => azurerm_storage_container.main[container_ref] - } -} diff --git a/src/modules/storage_account/_variables.tf b/src/modules/storage_account/_variables.tf deleted file mode 100644 index 4b379539..00000000 --- a/src/modules/storage_account/_variables.tf +++ /dev/null @@ -1,15 +0,0 @@ -variable "global_settings" { - description = "Global settings for tinycaf" -} - -variable "settings" { - description = "All the configuration for a storage account" -} - -variable "resources" { - type = object({ - resource_groups = map(any) - virtual_networks = map(any) - }) - description = "All required resources" -} diff --git a/src/modules/storage_account/storage_account.tf b/src/modules/storage_account/storage_account.tf deleted file mode 100644 index ef0fa1cd..00000000 --- a/src/modules/storage_account/storage_account.tf +++ /dev/null @@ -1,34 +0,0 @@ -resource "azurerm_storage_account" "main" { - name = var.settings.name - resource_group_name = local.resource_group_name - location = local.location - tags = local.tags - - account_kind = try(var.settings.account_kind, null) # defaults to StorageV2 - account_tier = try(var.settings.account_tier, "Standard") - account_replication_type = var.settings.account_replication_type - - cross_tenant_replication_enabled = try(var.settings.cross_tenant_replication_enabled, null) - large_file_share_enabled = try(var.settings.large_file_share_enabled, null) - infrastructure_encryption_enabled = try(var.settings.infrastructure_encryption_enabled, null) - - is_hns_enabled = try(var.settings.is_hns_enabled, null) - sftp_enabled = try(var.settings.sftp_enabled, null) - nfsv3_enabled = try(var.settings.nfsv3_enabled, null) - - # TODO: identity block - # TODO: blob properties block - # TODO: share_properties - # TODO: azure_files_authentication block - # TODO: routing block - # TODO: sas_policy block - - network_rules { - default_action = try(var.settings.network_rules.default_action, "Deny") - bypass = try(var.settings.network_rules.bypass, null) - ip_rules = try(var.settings.network_rules.allowed_ips, null) - virtual_network_subnet_ids = local.subnet_ids - - # TODO: private_link_access block - } -} diff --git a/src/modules/storage_account/storage_container.tf b/src/modules/storage_account/storage_container.tf deleted file mode 100644 index b490d093..00000000 --- a/src/modules/storage_account/storage_container.tf +++ /dev/null @@ -1,8 +0,0 @@ -resource "azurerm_storage_container" "main" { - for_each = try(var.settings.containers, {}) - - name = each.value.name - storage_account_id = azurerm_storage_account.main.id - - container_access_type = try(each.value.access_type, null) -} diff --git a/src/storage_account.tf b/src/storage_account.tf deleted file mode 100644 index b595afc5..00000000 --- a/src/storage_account.tf +++ /dev/null @@ -1,12 +0,0 @@ -module "storage_accounts" { - source = "./modules/storage_account" - for_each = var.storage_accounts - - settings = each.value - global_settings = var.global_settings - - resources = { - resource_groups = module.resource_groups - virtual_networks = module.virtual_networks - } -} From 14fb30ee92e1f8e8492f5b8ae1f4c3169d42a0da Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Thu, 23 Jan 2025 17:19:57 +0200 Subject: [PATCH 084/101] Remove unnecessary resource --- src/_variables.resources.tf | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/_variables.resources.tf b/src/_variables.resources.tf index fc3e31f8..3ba35f01 100644 --- a/src/_variables.resources.tf +++ b/src/_variables.resources.tf @@ -2,8 +2,6 @@ variable "resource_groups" { default = {} } variable "virtual_networks" { default = {} } -variable "storage_accounts" { default = {} } - variable "virtual_machines" { default = {} } variable "keyvaults" { default = {} } From 0c55fb94b0ae0fac1718cc791b5dfb920b232509 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Thu, 23 Jan 2025 17:39:08 +0200 Subject: [PATCH 085/101] Add example for virtual_machines module --- examples/virtual_machines.tfvars | 129 +++++++++++++++++++++++++++++++ 1 file changed, 129 insertions(+) create mode 100644 examples/virtual_machines.tfvars diff --git a/examples/virtual_machines.tfvars b/examples/virtual_machines.tfvars new file mode 100644 index 00000000..51a5a09c --- /dev/null +++ b/examples/virtual_machines.tfvars @@ -0,0 +1,129 @@ +virtual_machines = { + machine_1 = { + type = "windows" + name = "vm-win-braytest-dv-ne-02" + resource_group_ref = "rg_test" + size = "Standard_F2" + admin_username = "adminuser" + admin_password = "P@$$w0rd1234!" + + os_disk = { + caching = "ReadWrite" + storage_account_type = "Standard_LRS" + } + + source_image_reference = { + publisher = "MicrosoftWindowsServer" + offer = "WindowsServer" + sku = "2016-Datacenter" + version = "latest" + } + + network_interfaces = { + nic_1 = { + name = "test_nic_1" + ip_configuration = { + name = "int-01" + subnet_ref = "vnet_test/snet_app" + } + } + + nic_2 = { + name = "test_nic_2" + ip_configuration = { + name = "int-02" + subnet_ref = "vnet_test/snet_app" + } + } + } + } + + machine_2 = { + type = "linux" + name = "vm-lin-braytest-dv-ne-02" + resource_group_ref = "rg_test" + size = "Standard_F2" + admin_username = "adminuser" + keyvault_ref = "kv-test" + + network_interfaces = { + nic_3 = { + name = "test_nic_3" + ip_configuration = { + name = "int-03" + subnet_ref = "vnet_test/snet_app" + private_ip_address_allocation = "Dynamic" + } + } + + nic_4 = { + name = "test_nic_4" + ip_configuration = { + name = "int-04" + subnet_ref = "vnet_test/snet_app" + } + } + } + + public_key_openssh = { + test_key_1 = { + algorithm = "RSA" + rsa_bits = 4096 + } + } + + admin_ssh_key = { + username = "adminuser" + public_key_ref = "test_key_1" + } + + os_disk = { + caching = "ReadWrite" + storage_account_type = "Standard_LRS" + } + + source_image_reference = { + publisher = "Canonical" + offer = "0001-com-ubuntu-server-jammy" + sku = "22_04-lts" + version = "latest" + } + } +} + + +# pre-requisites +resource_groups = { + rg_test = { + name = "rg-braytest-dv-ne-02" + location = "northeurope" + } +} + +virtual_networks = { + vnet_test = { + name = "vnet-test-dv-ne-01" + resource_group_ref = "rg_test" + cidr = ["10.0.0.0/16"] + subnets = { + snet_app = { + name = "snet-test-dv-ne-01" + cidr = ["10.0.0.128/25"] + service_endpoints = ["Microsoft.Storage"] + } + } + } +} + +keyvaults = { + kv-test = { + name = "kv-braytest-dv-ne-02" + resource_group_ref = "rg_test" + + secrets = { + secret-test = { + ignore_changes = false + } + } + } +} From d5dd790733d66609492984045231d64890e60115 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 24 Jan 2025 09:49:57 +0200 Subject: [PATCH 086/101] Add tags --- src/_variables.tf | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/_variables.tf b/src/_variables.tf index c78f924b..ad2d344f 100644 --- a/src/_variables.tf +++ b/src/_variables.tf @@ -9,7 +9,12 @@ variable "global_settings" { }) default = { - tags = {} + tags = { + owner = "Borislav Raynov" + project = "Test CAF Modules" + deadline = "01/31/2025" + deploydate = "01/24/2025" + } inherit_resource_group_tags = false } } From 2b5ccbc5eeaf66aa6ae3f6b4130ac42668de0e5c Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 24 Jan 2025 10:00:19 +0200 Subject: [PATCH 087/101] Refactor tags --- src/_variables.tf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/_variables.tf b/src/_variables.tf index ad2d344f..fa42e8df 100644 --- a/src/_variables.tf +++ b/src/_variables.tf @@ -10,10 +10,10 @@ variable "global_settings" { default = { tags = { - owner = "Borislav Raynov" - project = "Test CAF Modules" - deadline = "01/31/2025" - deploydate = "01/24/2025" + Owner = "Borislav Raynov", + Project = "Test CAF Modules", + DeadLine = "01/31/2025", + DeployDate = "01/24/2025" } inherit_resource_group_tags = false } From 4c8ce4f20cc56c7374f822de35e407f8c810553a Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 24 Jan 2025 10:08:33 +0200 Subject: [PATCH 088/101] Refactor tags --- src/modules/_networking/virtual_network/virtual_network.tf | 2 +- src/modules/resource_group/_locals.tf | 7 +++++++ src/modules/resource_group/main.tf | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) create mode 100644 src/modules/resource_group/_locals.tf diff --git a/src/modules/_networking/virtual_network/virtual_network.tf b/src/modules/_networking/virtual_network/virtual_network.tf index b84425eb..7abc6302 100644 --- a/src/modules/_networking/virtual_network/virtual_network.tf +++ b/src/modules/_networking/virtual_network/virtual_network.tf @@ -5,5 +5,5 @@ resource "azurerm_virtual_network" "main" { address_space = var.settings.cidr - tags = try(local.tags, null) + tags = local.tags } diff --git a/src/modules/resource_group/_locals.tf b/src/modules/resource_group/_locals.tf new file mode 100644 index 00000000..4623450d --- /dev/null +++ b/src/modules/resource_group/_locals.tf @@ -0,0 +1,7 @@ +locals { + tags = merge( + var.global_settings.tags, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + try(var.settings.tags, {}) + ) +} diff --git a/src/modules/resource_group/main.tf b/src/modules/resource_group/main.tf index 908577de..e0101013 100644 --- a/src/modules/resource_group/main.tf +++ b/src/modules/resource_group/main.tf @@ -2,5 +2,5 @@ resource "azurerm_resource_group" "main" { name = var.settings.name location = var.settings.location - tags = try(var.settings.tags, {}) + tags = local.tags } From 940fe94a832cdeb407e456cbfe5dbe1b7d411276 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 24 Jan 2025 10:18:08 +0200 Subject: [PATCH 089/101] Refactor tags --- src/modules/resource_group/_locals.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/src/modules/resource_group/_locals.tf b/src/modules/resource_group/_locals.tf index 4623450d..bd0faa0c 100644 --- a/src/modules/resource_group/_locals.tf +++ b/src/modules/resource_group/_locals.tf @@ -1,7 +1,6 @@ locals { tags = merge( var.global_settings.tags, - var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, try(var.settings.tags, {}) ) } From 1fb1b041f327cda7640cc1c58dc4459d0d73be92 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 24 Jan 2025 10:29:32 +0200 Subject: [PATCH 090/101] Change ip alocation default value --- .../virtual_machines/network_interface/network_interface.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/virtual_machines/network_interface/network_interface.tf b/src/modules/virtual_machines/network_interface/network_interface.tf index 7b422faa..51851ab0 100644 --- a/src/modules/virtual_machines/network_interface/network_interface.tf +++ b/src/modules/virtual_machines/network_interface/network_interface.tf @@ -9,6 +9,6 @@ resource "azurerm_network_interface" "main" { ip_configuration { name = each.value.ip_configuration.name subnet_id = try(var.resources.virtual_networks[split("/", each.value.ip_configuration.subnet_ref)[0]].subnets[split("/", each.value.ip_configuration.subnet_ref)[1]].id, null) - private_ip_address_allocation = try(each.value.ip_configuration.private_ip_address_allocation, null) + private_ip_address_allocation = try(each.value.ip_configuration.private_ip_address_allocation, "Dynamic") } } From 608a72a1c43945a119c799d426ce40007f19b292 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 24 Jan 2025 12:09:54 +0200 Subject: [PATCH 091/101] Convert nics output to list --- src/modules/virtual_machines/network_interface/_ouputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf index 0f5f626c..87ad9178 100644 --- a/src/modules/virtual_machines/network_interface/_ouputs.tf +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -1,3 +1,3 @@ output "ids" { - value = [for nic in azurerm_network_interface.main : nic.id] + value = tolist([for nic in azurerm_network_interface.main : nic.id]) } From be5aba45620a6e8508732169cf4a2a6c6e90a38a Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 24 Jan 2025 12:22:53 +0200 Subject: [PATCH 092/101] Remove try in network_interface_ids --- .../linux_virtual_machine/linux_virtual_machine.tf | 2 +- src/modules/virtual_machines/network_interface/_ouputs.tf | 2 +- .../windows_virtual_machine/windows_virtual_macine.tf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf index d0ab61f4..7c1b03a0 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf @@ -4,7 +4,7 @@ resource "azurerm_linux_virtual_machine" "main" { location = local.location admin_username = var.settings.admin_username size = var.settings.size - network_interface_ids = try(local.network_interface_ids, null) + network_interface_ids = local.network_interface_ids tags = local.tags diff --git a/src/modules/virtual_machines/network_interface/_ouputs.tf b/src/modules/virtual_machines/network_interface/_ouputs.tf index 87ad9178..0f5f626c 100644 --- a/src/modules/virtual_machines/network_interface/_ouputs.tf +++ b/src/modules/virtual_machines/network_interface/_ouputs.tf @@ -1,3 +1,3 @@ output "ids" { - value = tolist([for nic in azurerm_network_interface.main : nic.id]) + value = [for nic in azurerm_network_interface.main : nic.id] } diff --git a/src/modules/virtual_machines/windows_virtual_machine/windows_virtual_macine.tf b/src/modules/virtual_machines/windows_virtual_machine/windows_virtual_macine.tf index 63d372d7..6422b4f8 100644 --- a/src/modules/virtual_machines/windows_virtual_machine/windows_virtual_macine.tf +++ b/src/modules/virtual_machines/windows_virtual_machine/windows_virtual_macine.tf @@ -5,7 +5,7 @@ resource "azurerm_windows_virtual_machine" "main" { admin_username = var.settings.admin_username admin_password = var.settings.admin_password size = var.settings.size - network_interface_ids = try(local.network_interface_ids, null) + network_interface_ids = local.network_interface_ids tags = local.tags From 121a8419c8792c838442418f13d29da5c2c9cf96 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 24 Jan 2025 12:36:44 +0200 Subject: [PATCH 093/101] Refactor locals --- src/modules/virtual_machines/linux_virtual_machine/_locals.tf | 4 +--- .../virtual_machines/windows_virtual_machine/_locals.tf | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf index 06e8bf19..e0dc3347 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/_locals.tf @@ -3,9 +3,7 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - network_interface_ids = [ - module.network_interface.ids - ] + network_interface_ids = module.network_interface.ids key_vault_id = var.resources.keyvaults[var.settings.keyvault_ref].id diff --git a/src/modules/virtual_machines/windows_virtual_machine/_locals.tf b/src/modules/virtual_machines/windows_virtual_machine/_locals.tf index 6fecb7a5..2b702764 100644 --- a/src/modules/virtual_machines/windows_virtual_machine/_locals.tf +++ b/src/modules/virtual_machines/windows_virtual_machine/_locals.tf @@ -3,9 +3,7 @@ locals { resource_group_name = local.resource_group.name location = local.resource_group.location - network_interface_ids = [ - module.network_interface.ids - ] + network_interface_ids = module.network_interface.ids tags = merge( var.global_settings.tags, From 625fc556c839541154d124414dec92ac7d8d60dd Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 24 Jan 2025 14:03:34 +0200 Subject: [PATCH 094/101] Add access policy --- src/_variables.resources.tf | 2 + src/modules/keyvault/_locals.tf | 2 +- src/modules/keyvault/access_policies.tf | 11 ++++ .../keyvault_access_policy/_locals.tf | 55 +++++++++++++++++++ .../keyvault_access_policy/_outputs.tf | 0 .../keyvault_access_policy/_variables.tf | 26 +++++++++ .../keyvault_access_policy/access_policies.tf | 11 ++++ .../access_policy/_variables.tf | 6 ++ .../access_policy/access_policy.tf | 9 +++ 9 files changed, 121 insertions(+), 1 deletion(-) create mode 100644 src/modules/keyvault/access_policies.tf create mode 100644 src/modules/keyvault/keyvault_access_policy/_locals.tf create mode 100644 src/modules/keyvault/keyvault_access_policy/_outputs.tf create mode 100644 src/modules/keyvault/keyvault_access_policy/_variables.tf create mode 100644 src/modules/keyvault/keyvault_access_policy/access_policies.tf create mode 100644 src/modules/keyvault/keyvault_access_policy/access_policy/_variables.tf create mode 100644 src/modules/keyvault/keyvault_access_policy/access_policy/access_policy.tf diff --git a/src/_variables.resources.tf b/src/_variables.resources.tf index 3ba35f01..67832c5a 100644 --- a/src/_variables.resources.tf +++ b/src/_variables.resources.tf @@ -5,3 +5,5 @@ variable "virtual_networks" { default = {} } variable "virtual_machines" { default = {} } variable "keyvaults" { default = {} } + +variable "managed_identities" { default = {} } diff --git a/src/modules/keyvault/_locals.tf b/src/modules/keyvault/_locals.tf index 6b55ec36..6ed35fe1 100644 --- a/src/modules/keyvault/_locals.tf +++ b/src/modules/keyvault/_locals.tf @@ -15,7 +15,7 @@ locals { ) tags = merge( var.global_settings.tags, - var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + # var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, try(var.settings.tags, {}) ) } diff --git a/src/modules/keyvault/access_policies.tf b/src/modules/keyvault/access_policies.tf new file mode 100644 index 00000000..217a9300 --- /dev/null +++ b/src/modules/keyvault/access_policies.tf @@ -0,0 +1,11 @@ +module "initial_policy" { + source = "./keyvault_access_policy" + for_each = try(var.settings.access_policies, {}) + + settings = var.settings + keyvault_id = azurerm_key_vault.main.id + access_policies = each.value + policy_name = each.key + global_settings = var.global_settings + resources = var.resources +} diff --git a/src/modules/keyvault/keyvault_access_policy/_locals.tf b/src/modules/keyvault/keyvault_access_policy/_locals.tf new file mode 100644 index 00000000..82771146 --- /dev/null +++ b/src/modules/keyvault/keyvault_access_policy/_locals.tf @@ -0,0 +1,55 @@ +locals { + all_secret_permissions = [ + "Backup", + "Delete", + "Get", + "List", + "Purge", + "Recover", + "Restore", + "Set", + ] + + all_key_permissions = [ + "Backup", + "Create", + "Decrypt", + "Delete", + "Encrypt", + "Get", + "Import", + "List", + "Purge", + "Recover", + "Restore", + "Sign", + "UnwrapKey", + "Update", + "Verify", + "WrapKey", + "Release", + "Rotate", + "GetRotationPolicy", + "SetRotationPolicy", + ] +} + +locals { + effective_key_permissions = ( + var.access_policies.key_permissions == "All" ? + local.all_key_permissions : + tolist(try(var.access_policies.key_permissions, [])) + ) + + effective_secret_permissions = ( + var.access_policies.secret_permissions == "All" ? + local.all_secret_permissions : + tolist(try(var.access_policies.secret_permissions, [])) + ) +} + + +locals { + debug_settings = var.settings + has_logged_in_key = contains(keys(var.settings), "managed_identity") +} diff --git a/src/modules/keyvault/keyvault_access_policy/_outputs.tf b/src/modules/keyvault/keyvault_access_policy/_outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/src/modules/keyvault/keyvault_access_policy/_variables.tf b/src/modules/keyvault/keyvault_access_policy/_variables.tf new file mode 100644 index 00000000..bd4ad120 --- /dev/null +++ b/src/modules/keyvault/keyvault_access_policy/_variables.tf @@ -0,0 +1,26 @@ +variable "settings" { + description = "All the configuration for this resource" +} + +variable "keyvault_id" { + description = "keyvault id" +} + +variable "access_policies" { + validation { + condition = length(var.access_policies) <= 16 + error_message = "A maximun of 16 access policies can be set." + } +} +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "policy_name" { + description = "The key of the access policy." + type = string +} + +variable "resources" { + description = "All the configuration for this resource" +} diff --git a/src/modules/keyvault/keyvault_access_policy/access_policies.tf b/src/modules/keyvault/keyvault_access_policy/access_policies.tf new file mode 100644 index 00000000..10b99944 --- /dev/null +++ b/src/modules/keyvault/keyvault_access_policy/access_policies.tf @@ -0,0 +1,11 @@ +module "object_ids" { + source = "./access_policy" + for_each = var.policy_name == "object_ids" && length(try(var.access_policies.object_ids, [])) > 0 ? { for idx, obj_id in try(var.access_policies.object_ids, []) : idx => obj_id } : {} + + keyvault_id = var.keyvault_id + access_policies = var.access_policies + tenant_id = var.global_settings.tenant_id + object_id = each.value + key_permissions = local.effective_key_permissions + secret_permissions = local.effective_secret_permissions +} diff --git a/src/modules/keyvault/keyvault_access_policy/access_policy/_variables.tf b/src/modules/keyvault/keyvault_access_policy/access_policy/_variables.tf new file mode 100644 index 00000000..4a859544 --- /dev/null +++ b/src/modules/keyvault/keyvault_access_policy/access_policy/_variables.tf @@ -0,0 +1,6 @@ +variable "keyvault_id" {} +variable "tenant_id" {} +variable "object_id" {} +variable "key_permissions" {} +variable "secret_permissions" {} +variable "access_policies" {} diff --git a/src/modules/keyvault/keyvault_access_policy/access_policy/access_policy.tf b/src/modules/keyvault/keyvault_access_policy/access_policy/access_policy.tf new file mode 100644 index 00000000..5fffd5a9 --- /dev/null +++ b/src/modules/keyvault/keyvault_access_policy/access_policy/access_policy.tf @@ -0,0 +1,9 @@ +resource "azurerm_key_vault_access_policy" "main" { # Using the policy key in the resource name + key_vault_id = var.keyvault_id + + tenant_id = var.tenant_id + object_id = var.object_id + + key_permissions = var.key_permissions + secret_permissions = var.secret_permissions +} From 46b7719134d8239124a38c97a08975d0c93c0286 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Fri, 24 Jan 2025 17:22:28 +0200 Subject: [PATCH 095/101] Refactor code --- src/_variables.resources.tf | 2 -- src/_variables.tf | 5 +---- src/modules/_networking/virtual_network/_variables.tf | 3 --- src/modules/keyvault/_locals.tf | 2 +- 4 files changed, 2 insertions(+), 10 deletions(-) diff --git a/src/_variables.resources.tf b/src/_variables.resources.tf index 67832c5a..3ba35f01 100644 --- a/src/_variables.resources.tf +++ b/src/_variables.resources.tf @@ -5,5 +5,3 @@ variable "virtual_networks" { default = {} } variable "virtual_machines" { default = {} } variable "keyvaults" { default = {} } - -variable "managed_identities" { default = {} } diff --git a/src/_variables.tf b/src/_variables.tf index fa42e8df..d54d3f08 100644 --- a/src/_variables.tf +++ b/src/_variables.tf @@ -10,10 +10,7 @@ variable "global_settings" { default = { tags = { - Owner = "Borislav Raynov", - Project = "Test CAF Modules", - DeadLine = "01/31/2025", - DeployDate = "01/24/2025" + } inherit_resource_group_tags = false } diff --git a/src/modules/_networking/virtual_network/_variables.tf b/src/modules/_networking/virtual_network/_variables.tf index 315edc56..6f1524d4 100644 --- a/src/modules/_networking/virtual_network/_variables.tf +++ b/src/modules/_networking/virtual_network/_variables.tf @@ -7,8 +7,5 @@ variable "settings" { } variable "resources" { - type = object({ - resource_groups = map(any) - }) description = "All required resources" } diff --git a/src/modules/keyvault/_locals.tf b/src/modules/keyvault/_locals.tf index 6ed35fe1..6b55ec36 100644 --- a/src/modules/keyvault/_locals.tf +++ b/src/modules/keyvault/_locals.tf @@ -15,7 +15,7 @@ locals { ) tags = merge( var.global_settings.tags, - # var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, try(var.settings.tags, {}) ) } From 6ab3bed4e119e7f7d88ae36a4835a13aba9efa8f Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 27 Jan 2025 10:11:57 +0200 Subject: [PATCH 096/101] Restore module files --- src/_variables.resources.tf | 12 ++++++++- src/keyvault.tf | 2 +- .../local_network_gateway/_locals.tf | 12 +++++++++ .../local_network_gateway/_outputs.tf | 3 +++ .../local_network_gateway/_variables.tf | 14 +++++++++++ .../local_network_gateway.tf | 9 +++++++ src/modules/_networking/public_ip/_locals.tf | 12 +++++++++ src/modules/_networking/public_ip/_outputs.tf | 7 ++++++ .../_networking/public_ip/_variables.tf | 14 +++++++++++ src/modules/_networking/public_ip/main.tf | 7 ++++++ .../virtual_network_gateway/_locals.tf | 12 +++++++++ .../virtual_network_gateway/_outputs.tf | 3 +++ .../virtual_network_gateway/_variables.tf | 16 ++++++++++++ .../virtual_network_gateway/main.tf | 25 +++++++++++++++++++ .../_networking/vnet_peering/_locals.tf | 9 +++++++ .../_networking/vnet_peering/_outputs.tf | 6 +++++ .../_networking/vnet_peering/_variables.tf | 18 +++++++++++++ src/modules/_networking/vnet_peering/main.tf | 17 +++++++++++++ src/modules/managed_identity/_locals.tf | 12 +++++++++ src/modules/managed_identity/_variables.tf | 11 ++++++++ src/modules/managed_identity/main.tf | 5 ++++ 21 files changed, 224 insertions(+), 2 deletions(-) create mode 100644 src/modules/_networking/local_network_gateway/_locals.tf create mode 100644 src/modules/_networking/local_network_gateway/_outputs.tf create mode 100644 src/modules/_networking/local_network_gateway/_variables.tf create mode 100644 src/modules/_networking/local_network_gateway/local_network_gateway.tf create mode 100644 src/modules/_networking/public_ip/_locals.tf create mode 100644 src/modules/_networking/public_ip/_outputs.tf create mode 100644 src/modules/_networking/public_ip/_variables.tf create mode 100644 src/modules/_networking/public_ip/main.tf create mode 100644 src/modules/_networking/virtual_network_gateway/_locals.tf create mode 100644 src/modules/_networking/virtual_network_gateway/_outputs.tf create mode 100644 src/modules/_networking/virtual_network_gateway/_variables.tf create mode 100644 src/modules/_networking/virtual_network_gateway/main.tf create mode 100644 src/modules/_networking/vnet_peering/_locals.tf create mode 100644 src/modules/_networking/vnet_peering/_outputs.tf create mode 100644 src/modules/_networking/vnet_peering/_variables.tf create mode 100644 src/modules/_networking/vnet_peering/main.tf create mode 100644 src/modules/managed_identity/_locals.tf create mode 100644 src/modules/managed_identity/_variables.tf create mode 100644 src/modules/managed_identity/main.tf diff --git a/src/_variables.resources.tf b/src/_variables.resources.tf index ec74287d..0e483f02 100644 --- a/src/_variables.resources.tf +++ b/src/_variables.resources.tf @@ -1,9 +1,19 @@ variable "resource_groups" { default = {} } +variable "managed_identities" { default = {} } + variable "virtual_networks" { default = {} } -variable "virtual_machines" { default = {} } +variable "vnet_peerings" { default = {} } + +variable "local_network_gateways" { default = {} } + +variable "virtual_network_gateways" { default = {} } + +variable "public_ips" { default = {} } variable "keyvaults" { default = {} } variable "storage_accounts" { default = {} } + +variable "virtual_machines" { default = {} } diff --git a/src/keyvault.tf b/src/keyvault.tf index 91e43bbb..a9c9faf8 100644 --- a/src/keyvault.tf +++ b/src/keyvault.tf @@ -5,7 +5,7 @@ module "keyvaults" { settings = each.value global_settings = local.global_settings resources = { - resource_groups = module.resource_groups + resource_groups = module.resource_groups virtual_networks = module.virtual_networks resource_groups = module.resource_groups managed_identities = module.managed_identities diff --git a/src/modules/_networking/local_network_gateway/_locals.tf b/src/modules/_networking/local_network_gateway/_locals.tf new file mode 100644 index 00000000..687c6aaa --- /dev/null +++ b/src/modules/_networking/local_network_gateway/_locals.tf @@ -0,0 +1,12 @@ +locals { + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + + resource_group_name = local.resource_group.name + location = local.resource_group.location + + tags = merge( + var.global_settings.tags, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + try(var.settings.tags, {}) + ) +} diff --git a/src/modules/_networking/local_network_gateway/_outputs.tf b/src/modules/_networking/local_network_gateway/_outputs.tf new file mode 100644 index 00000000..a497d716 --- /dev/null +++ b/src/modules/_networking/local_network_gateway/_outputs.tf @@ -0,0 +1,3 @@ +output "id" { + value = azurerm_local_network_gateway.main.id +} diff --git a/src/modules/_networking/local_network_gateway/_variables.tf b/src/modules/_networking/local_network_gateway/_variables.tf new file mode 100644 index 00000000..315edc56 --- /dev/null +++ b/src/modules/_networking/local_network_gateway/_variables.tf @@ -0,0 +1,14 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for this resource" +} + +variable "resources" { + type = object({ + resource_groups = map(any) + }) + description = "All required resources" +} diff --git a/src/modules/_networking/local_network_gateway/local_network_gateway.tf b/src/modules/_networking/local_network_gateway/local_network_gateway.tf new file mode 100644 index 00000000..e956bc66 --- /dev/null +++ b/src/modules/_networking/local_network_gateway/local_network_gateway.tf @@ -0,0 +1,9 @@ +resource "azurerm_local_network_gateway" "main" { + name = var.settings.name + location = local.location + resource_group_name = local.resource_group_name + address_space = var.settings.cidr + + gateway_address = try(var.settings.gateway_address, null) + gateway_fqdn = try(var.settings.gateway_fqdn, null) +} diff --git a/src/modules/_networking/public_ip/_locals.tf b/src/modules/_networking/public_ip/_locals.tf new file mode 100644 index 00000000..687c6aaa --- /dev/null +++ b/src/modules/_networking/public_ip/_locals.tf @@ -0,0 +1,12 @@ +locals { + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + + resource_group_name = local.resource_group.name + location = local.resource_group.location + + tags = merge( + var.global_settings.tags, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + try(var.settings.tags, {}) + ) +} diff --git a/src/modules/_networking/public_ip/_outputs.tf b/src/modules/_networking/public_ip/_outputs.tf new file mode 100644 index 00000000..1ea5d765 --- /dev/null +++ b/src/modules/_networking/public_ip/_outputs.tf @@ -0,0 +1,7 @@ +output "id" { + value = azurerm_public_ip.main.id +} + +output "ip_address" { + value = azurerm_public_ip.main.ip_address +} diff --git a/src/modules/_networking/public_ip/_variables.tf b/src/modules/_networking/public_ip/_variables.tf new file mode 100644 index 00000000..315edc56 --- /dev/null +++ b/src/modules/_networking/public_ip/_variables.tf @@ -0,0 +1,14 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for this resource" +} + +variable "resources" { + type = object({ + resource_groups = map(any) + }) + description = "All required resources" +} diff --git a/src/modules/_networking/public_ip/main.tf b/src/modules/_networking/public_ip/main.tf new file mode 100644 index 00000000..753d0e8b --- /dev/null +++ b/src/modules/_networking/public_ip/main.tf @@ -0,0 +1,7 @@ +resource "azurerm_public_ip" "main" { + name = var.settings.name + resource_group_name = local.resource_group_name + location = local.location + allocation_method = try(var.settings.allocation_method, "Static") + tags = local.tags +} diff --git a/src/modules/_networking/virtual_network_gateway/_locals.tf b/src/modules/_networking/virtual_network_gateway/_locals.tf new file mode 100644 index 00000000..687c6aaa --- /dev/null +++ b/src/modules/_networking/virtual_network_gateway/_locals.tf @@ -0,0 +1,12 @@ +locals { + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + + resource_group_name = local.resource_group.name + location = local.resource_group.location + + tags = merge( + var.global_settings.tags, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + try(var.settings.tags, {}) + ) +} diff --git a/src/modules/_networking/virtual_network_gateway/_outputs.tf b/src/modules/_networking/virtual_network_gateway/_outputs.tf new file mode 100644 index 00000000..be756085 --- /dev/null +++ b/src/modules/_networking/virtual_network_gateway/_outputs.tf @@ -0,0 +1,3 @@ +output "id" { + value = azurerm_virtual_network_gateway.main.id +} diff --git a/src/modules/_networking/virtual_network_gateway/_variables.tf b/src/modules/_networking/virtual_network_gateway/_variables.tf new file mode 100644 index 00000000..8cf17357 --- /dev/null +++ b/src/modules/_networking/virtual_network_gateway/_variables.tf @@ -0,0 +1,16 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for this resource" +} + +variable "resources" { + type = object({ + resource_groups = map(any) + virtual_networks = map(any) + public_ips = map(any) + }) + description = "All required resources" +} diff --git a/src/modules/_networking/virtual_network_gateway/main.tf b/src/modules/_networking/virtual_network_gateway/main.tf new file mode 100644 index 00000000..d371a671 --- /dev/null +++ b/src/modules/_networking/virtual_network_gateway/main.tf @@ -0,0 +1,25 @@ +resource "azurerm_virtual_network_gateway" "main" { + name = var.settings.name + resource_group_name = local.resource_group_name + location = local.location + tags = local.tags + + sku = var.settings.sku + type = try(var.settings.type, "Vpn") + + generation = try(var.settings.generation, null) + vpn_type = try(var.settings.vpn_type, null) + active_active = try(var.settings.active_active, null) + enable_bgp = try(var.settings.enable_bgp, null) + + dynamic "ip_configuration" { + for_each = var.settings.ip_configurations + + content { + name = ip_configuration.value.name + private_ip_address_allocation = try(ip_configuration.value.private_ip_address_allocation, null) + public_ip_address_id = var.resources.public_ips[ip_configuration.value.public_ip_address_ref].id + subnet_id = var.resources.virtual_networks[split("/", ip_configuration.value.subnet_ref)[0]].subnets[split("/", ip_configuration.value.subnet_ref)[1]].id + } + } +} diff --git a/src/modules/_networking/vnet_peering/_locals.tf b/src/modules/_networking/vnet_peering/_locals.tf new file mode 100644 index 00000000..92ffed7c --- /dev/null +++ b/src/modules/_networking/vnet_peering/_locals.tf @@ -0,0 +1,9 @@ +locals { + vnet_left = var.resources.virtual_networks[var.settings.vnet_left_ref] + vnet_right = var.resources.virtual_networks[var.settings.vnet_right_ref] + + direction = try(var.settings.direction, "<->") + + peer_left_to_right = endswith(local.direction, "->") + peer_right_to_left = startswith(local.direction, "<-") +} diff --git a/src/modules/_networking/vnet_peering/_outputs.tf b/src/modules/_networking/vnet_peering/_outputs.tf new file mode 100644 index 00000000..c7505a22 --- /dev/null +++ b/src/modules/_networking/vnet_peering/_outputs.tf @@ -0,0 +1,6 @@ +output "id" { + value = { + "left_to_right" = local.peer_left_to_right ? azurerm_virtual_network_peering.left_to_right[0].id : null + "right_to_left" = local.peer_right_to_left ? azurerm_virtual_network_peering.right_to_left[0].id : null + } +} diff --git a/src/modules/_networking/vnet_peering/_variables.tf b/src/modules/_networking/vnet_peering/_variables.tf new file mode 100644 index 00000000..cc077015 --- /dev/null +++ b/src/modules/_networking/vnet_peering/_variables.tf @@ -0,0 +1,18 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for this resource" + validation { + condition = contains(["<-", "->", "<->"], try(var.settings.direction, "<->")) + error_message = "Allowed values for direction are '<-', '->', or '<->'. Defaults to '<->' if not set." + } +} + +variable "resources" { + type = object({ + virtual_networks = map(any) + }) + description = "All required resources" +} diff --git a/src/modules/_networking/vnet_peering/main.tf b/src/modules/_networking/vnet_peering/main.tf new file mode 100644 index 00000000..a8d4b025 --- /dev/null +++ b/src/modules/_networking/vnet_peering/main.tf @@ -0,0 +1,17 @@ +resource "azurerm_virtual_network_peering" "left_to_right" { + count = local.peer_left_to_right ? 1 : 0 + + name = "peering-${local.vnet_left.name}-to-${local.vnet_right.name}" + resource_group_name = local.vnet_left.resource_group_name + virtual_network_name = local.vnet_left.name + remote_virtual_network_id = local.vnet_right.id +} + +resource "azurerm_virtual_network_peering" "right_to_left" { + count = local.peer_right_to_left ? 1 : 0 + + name = "peering-${local.vnet_right.name}-to-${local.vnet_left.name}" + resource_group_name = local.vnet_right.resource_group_name + virtual_network_name = local.vnet_right.name + remote_virtual_network_id = local.vnet_left.id +} diff --git a/src/modules/managed_identity/_locals.tf b/src/modules/managed_identity/_locals.tf new file mode 100644 index 00000000..687c6aaa --- /dev/null +++ b/src/modules/managed_identity/_locals.tf @@ -0,0 +1,12 @@ +locals { + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + + resource_group_name = local.resource_group.name + location = local.resource_group.location + + tags = merge( + var.global_settings.tags, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + try(var.settings.tags, {}) + ) +} diff --git a/src/modules/managed_identity/_variables.tf b/src/modules/managed_identity/_variables.tf new file mode 100644 index 00000000..6f1524d4 --- /dev/null +++ b/src/modules/managed_identity/_variables.tf @@ -0,0 +1,11 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for this resource" +} + +variable "resources" { + description = "All required resources" +} diff --git a/src/modules/managed_identity/main.tf b/src/modules/managed_identity/main.tf new file mode 100644 index 00000000..39654afe --- /dev/null +++ b/src/modules/managed_identity/main.tf @@ -0,0 +1,5 @@ +resource "azurerm_user_assigned_identity" "main" { + name = var.settings.name + resource_group_name = local.resource_group_name + location = local.location +} From e3b1ecd73b4f74c5187541b3b3476011c363343f Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 27 Jan 2025 15:45:07 +0200 Subject: [PATCH 097/101] Refactor code --- src/modules/keyvault/access_policies.tf | 8 +++++--- src/modules/keyvault/keyvault.tf | 5 +++-- src/modules/keyvault/secrets.tf | 4 ++-- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/src/modules/keyvault/access_policies.tf b/src/modules/keyvault/access_policies.tf index 12818dd4..c322acf5 100644 --- a/src/modules/keyvault/access_policies.tf +++ b/src/modules/keyvault/access_policies.tf @@ -2,9 +2,11 @@ module "initial_policy" { source = "./keyvault_access_policy" for_each = try(var.settings.access_policies, {}) settings = var.settings + global_settings = var.global_settings + keyvault_id = azurerm_key_vault.main.id access_policies = each.value - policy_name = each.key - global_settings = var.global_settings + policy_name = each.key + resources = var.resources -} \ No newline at end of file +} diff --git a/src/modules/keyvault/keyvault.tf b/src/modules/keyvault/keyvault.tf index 03985a52..73847b67 100644 --- a/src/modules/keyvault/keyvault.tf +++ b/src/modules/keyvault/keyvault.tf @@ -3,13 +3,14 @@ resource "azurerm_key_vault" "main" { resource_group_name = local.resource_group_name location = local.location tags = local.tags + tenant_id = var.global_settings.tenant_id - tenant_id = var.global_settings.tenant_id - sku_name = try(var.settings.sku_name, "standard") + sku_name = try(var.settings.sku_name, "standard") enabled_for_disk_encryption = try(var.settings.enabled_for_disk_encryption, null) soft_delete_retention_days = try(var.settings.soft_delete_retention_days, null) purge_protection_enabled = try(var.settings.purge_protection_enabled, null) enable_rbac_authorization = try(var.settings.enable_rbac_authorization, false) + public_network_access_enabled = try(var.settings.public_network_access_enabled, false) network_acls { diff --git a/src/modules/keyvault/secrets.tf b/src/modules/keyvault/secrets.tf index dcc517be..893c82ed 100644 --- a/src/modules/keyvault/secrets.tf +++ b/src/modules/keyvault/secrets.tf @@ -1,8 +1,8 @@ module "secrets" { - source = "./keyvault_secret" + source = "./keyvault_secret" # Use for_each to iterate over the secrets map - for_each = try(var.settings.secrets, {}) + for_each = try(var.settings.secrets, {}) settings = var.settings keyvault_id = azurerm_key_vault.main.id From 55928e0c83692e9623fee4b2c6e4695a9b782476 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 27 Jan 2025 15:55:55 +0200 Subject: [PATCH 098/101] Fix linting --- src/modules/compute/kubernetes/_outputs.tf | 2 +- src/modules/compute/kubernetes/aks.tf | 12 ++--- .../kubernetes/kubernetes_cluster/_locals.tf | 32 ++++++------- .../aks_node_pool.tf | 46 +++++++++---------- 4 files changed, 46 insertions(+), 46 deletions(-) diff --git a/src/modules/compute/kubernetes/_outputs.tf b/src/modules/compute/kubernetes/_outputs.tf index 7851f9b1..0891adc3 100644 --- a/src/modules/compute/kubernetes/_outputs.tf +++ b/src/modules/compute/kubernetes/_outputs.tf @@ -1,3 +1,3 @@ output "id" { value = module.kubernetes_cluster.id -} \ No newline at end of file +} diff --git a/src/modules/compute/kubernetes/aks.tf b/src/modules/compute/kubernetes/aks.tf index 2a85e5fa..7c0cb660 100644 --- a/src/modules/compute/kubernetes/aks.tf +++ b/src/modules/compute/kubernetes/aks.tf @@ -2,16 +2,16 @@ module "kubernetes_cluster" { source = "./kubernetes_cluster" settings = var.settings global_settings = var.global_settings - resources = var.resources + resources = var.resources } module "kubernetes_cluster_node_pool" { - source = "./kubernetes_cluster_node_pool" + source = "./kubernetes_cluster_node_pool" for_each = var.settings.additional_node_pools - - cluster_id = module.kubernetes_cluster.id - all_settings = var.settings + + cluster_id = module.kubernetes_cluster.id + all_settings = var.settings settings = each.value global_settings = var.global_settings - resources = var.resources + resources = var.resources } diff --git a/src/modules/compute/kubernetes/kubernetes_cluster/_locals.tf b/src/modules/compute/kubernetes/kubernetes_cluster/_locals.tf index 22eabf94..db6a076d 100644 --- a/src/modules/compute/kubernetes/kubernetes_cluster/_locals.tf +++ b/src/modules/compute/kubernetes/kubernetes_cluster/_locals.tf @@ -1,5 +1,5 @@ locals { - resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] resource_group_name = local.resource_group.name location = local.resource_group.location subnet_ids = [ @@ -11,8 +11,8 @@ locals { var.resources.virtual_networks[split("/", var.settings.default_node_pool.subnet_ref)[0]].subnets[split("/", var.settings.default_node_pool.subnet_ref)[1]].id, null ) - managed_identity = can(var.resources.managed_identities[var.settings.identity.managed_identity_ref]) ? var.resources.managed_identities[var.settings.identity.managed_identity_ref] : null - kubelet_identity = can(var.resources.managed_identities[var.settings.kubelet_identity.managed_identity_ref]) ? var.resources.managed_identities[var.settings.kubelet_identity.managed_identity_ref] : null + managed_identity = can(var.resources.managed_identities[var.settings.identity.managed_identity_ref]) ? var.resources.managed_identities[var.settings.identity.managed_identity_ref] : null + kubelet_identity = can(var.resources.managed_identities[var.settings.kubelet_identity.managed_identity_ref]) ? var.resources.managed_identities[var.settings.kubelet_identity.managed_identity_ref] : null tags = merge( var.global_settings.tags, var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, @@ -25,17 +25,17 @@ locals { locals { effective_network_profile = { - network_plugin = try(var.settings.network_profile.network_plugin, "azure") - network_mode = try(var.settings.network_profile.network_mode, "transparent") - network_policy = try(var.settings.network_profile.network_policy, "calico") - load_balancer_sku = try(var.settings.network_profile.load_balancer_sku, "standard") - network_data_plane = try(var.settings.network_profile.network_data_plane, "azure") - network_plugin_mode = try(var.settings.network_profile.network_plugin_mode, null) - outbound_type = try(var.settings.network_profile.outbound_type, "loadBalancer") - dns_service_ip = try(var.settings.network_profile.dns_service_ip, null) - service_cidr = try(var.settings.network_profile.service_cidr, null) - service_cidrs = try(var.settings.network_profile.service_cidrs, null) - pod_cidr = try(var.settings.network_profile.pod_cidr, null) + network_plugin = try(var.settings.network_profile.network_plugin, "azure") + network_mode = try(var.settings.network_profile.network_mode, "transparent") + network_policy = try(var.settings.network_profile.network_policy, "calico") + load_balancer_sku = try(var.settings.network_profile.load_balancer_sku, "standard") + network_data_plane = try(var.settings.network_profile.network_data_plane, "azure") + network_plugin_mode = try(var.settings.network_profile.network_plugin_mode, null) + outbound_type = try(var.settings.network_profile.outbound_type, "loadBalancer") + dns_service_ip = try(var.settings.network_profile.dns_service_ip, null) + service_cidr = try(var.settings.network_profile.service_cidr, null) + service_cidrs = try(var.settings.network_profile.service_cidrs, null) + pod_cidr = try(var.settings.network_profile.pod_cidr, null) } -validated_network_data_plane = local.effective_network_profile.network_policy == "cilium" && local.effective_network_profile.network_data_plane != "cilium" ? error("Error: When network_policy is set to 'cilium', the network_data_plane must also be set to 'cilium'.") : local.effective_network_profile.network_data_plane -} \ No newline at end of file + validated_network_data_plane = local.effective_network_profile.network_policy == "cilium" && local.effective_network_profile.network_data_plane != "cilium" ? error("Error: When network_policy is set to 'cilium', the network_data_plane must also be set to 'cilium'.") : local.effective_network_profile.network_data_plane +} diff --git a/src/modules/compute/kubernetes/kubernetes_cluster_node_pool/aks_node_pool.tf b/src/modules/compute/kubernetes/kubernetes_cluster_node_pool/aks_node_pool.tf index 6103c4d9..26e81b6b 100644 --- a/src/modules/compute/kubernetes/kubernetes_cluster_node_pool/aks_node_pool.tf +++ b/src/modules/compute/kubernetes/kubernetes_cluster_node_pool/aks_node_pool.tf @@ -1,26 +1,26 @@ resource "azurerm_kubernetes_cluster_node_pool" "main" { - name = var.settings.name - kubernetes_cluster_id = var.cluster_id - vm_size = try(var.settings.vm_size, "Standard_DS2_v2") - node_count = try(var.settings.node_count, 1) - auto_scaling_enabled = try(var.settings.auto_scaling_enabled, false) - min_count = try(var.settings.min_count, null) - max_count = try(var.settings.max_count, null) - max_pods = try(var.settings.max_pods, null) - zones = try(var.settings.zones, null) - node_labels = try(var.settings.node_labels, null) - node_taints = try(var.settings.node_taints, null) - os_disk_type = try(var.settings.os_disk_type, null) - os_disk_size_gb = try(var.settings.os_disk_size_gb, null) - os_sku = try(var.settings.os_sku, "Ubuntu") - pod_subnet_id = try(var.settings.pod_subnet_id, null) - vnet_subnet_id = try(local.vnet_subnet_id, null) - os_type = try(var.settings.os_type, null) - ultra_ssd_enabled = try(var.settings.ultra_ssd_enabled, false) - tags = local.tags - fips_enabled = try(var.settings.fips_enabled, false) - host_encryption_enabled = try(var.settings.host_encryption_enabled, false) - kubelet_disk_type = try(var.settings.kubelet_disk_type, "OS") + name = var.settings.name + kubernetes_cluster_id = var.cluster_id + vm_size = try(var.settings.vm_size, "Standard_DS2_v2") + node_count = try(var.settings.node_count, 1) + auto_scaling_enabled = try(var.settings.auto_scaling_enabled, false) + min_count = try(var.settings.min_count, null) + max_count = try(var.settings.max_count, null) + max_pods = try(var.settings.max_pods, null) + zones = try(var.settings.zones, null) + node_labels = try(var.settings.node_labels, null) + node_taints = try(var.settings.node_taints, null) + os_disk_type = try(var.settings.os_disk_type, null) + os_disk_size_gb = try(var.settings.os_disk_size_gb, null) + os_sku = try(var.settings.os_sku, "Ubuntu") + pod_subnet_id = try(var.settings.pod_subnet_id, null) + vnet_subnet_id = try(local.vnet_subnet_id, null) + os_type = try(var.settings.os_type, null) + ultra_ssd_enabled = try(var.settings.ultra_ssd_enabled, false) + tags = local.tags + fips_enabled = try(var.settings.fips_enabled, false) + host_encryption_enabled = try(var.settings.host_encryption_enabled, false) + kubelet_disk_type = try(var.settings.kubelet_disk_type, "OS") node_public_ip_enabled = try(var.settings.node_public_ip_enabled, false) - orchestrator_version = try(var.settings.orchestrator_version, null) + orchestrator_version = try(var.settings.orchestrator_version, null) } From 19bf3a0058c6e626a186e5254f646f2127ef9a7e Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 27 Jan 2025 16:04:00 +0200 Subject: [PATCH 099/101] Refacror code --- .../keyvault_access_policy/_locals.tf | 2 +- .../keyvault_access_policy/access_policies.tf | 30 +++++++++---------- .../access_policy/access_policy.tf | 6 ++-- src/networking.tf | 8 ++--- src/role_assignments.tf | 6 ++-- 5 files changed, 26 insertions(+), 26 deletions(-) diff --git a/src/modules/keyvault/keyvault_access_policy/_locals.tf b/src/modules/keyvault/keyvault_access_policy/_locals.tf index 8f902e38..82771146 100644 --- a/src/modules/keyvault/keyvault_access_policy/_locals.tf +++ b/src/modules/keyvault/keyvault_access_policy/_locals.tf @@ -50,6 +50,6 @@ locals { locals { - debug_settings = var.settings + debug_settings = var.settings has_logged_in_key = contains(keys(var.settings), "managed_identity") } diff --git a/src/modules/keyvault/keyvault_access_policy/access_policies.tf b/src/modules/keyvault/keyvault_access_policy/access_policies.tf index f151ee5d..7430a8bc 100644 --- a/src/modules/keyvault/keyvault_access_policy/access_policies.tf +++ b/src/modules/keyvault/keyvault_access_policy/access_policies.tf @@ -1,29 +1,29 @@ module "logged_in_user" { - source = "./access_policy" - count = var.policy_name == "logged_in_user" ? 1 : 0 - keyvault_id = var.keyvault_id - tenant_id = var.global_settings.tenant_id - access_policies = try(var.access_policies,null) - object_id = var.global_settings.object_id - key_permissions = local.all_key_permissions + source = "./access_policy" + count = var.policy_name == "logged_in_user" ? 1 : 0 + keyvault_id = var.keyvault_id + tenant_id = var.global_settings.tenant_id + access_policies = try(var.access_policies, null) + object_id = var.global_settings.object_id + key_permissions = local.all_key_permissions secret_permissions = local.all_secret_permissions } module "managed_identities" { - source = "./access_policy" + source = "./access_policy" for_each = var.policy_name == "managed_identity" && length(try(var.access_policies.managed_identity_refs, [])) > 0 ? { for idx, ref in try(var.access_policies.managed_identity_refs, []) : idx => ref } : {} - keyvault_id = var.keyvault_id - access_policies = var.access_policies - tenant_id = var.global_settings.tenant_id - object_id = var.resources.managed_identities[each.value].principal_id - key_permissions = local.effective_key_permissions + keyvault_id = var.keyvault_id + access_policies = var.access_policies + tenant_id = var.global_settings.tenant_id + object_id = var.resources.managed_identities[each.value].principal_id + key_permissions = local.effective_key_permissions secret_permissions = local.effective_secret_permissions } module "object_ids" { - source = "./access_policy" - for_each = var.policy_name == "object_ids" && length(try(var.access_policies.object_ids, [])) > 0 ? { for idx, obj_id in try(var.access_policies.object_ids, []) : idx => obj_id } : {} + source = "./access_policy" + for_each = var.policy_name == "object_ids" && length(try(var.access_policies.object_ids, [])) > 0 ? { for idx, obj_id in try(var.access_policies.object_ids, []) : idx => obj_id } : {} keyvault_id = var.keyvault_id access_policies = var.access_policies tenant_id = var.global_settings.tenant_id diff --git a/src/modules/keyvault/keyvault_access_policy/access_policy/access_policy.tf b/src/modules/keyvault/keyvault_access_policy/access_policy/access_policy.tf index c6c17d3d..17b95dec 100644 --- a/src/modules/keyvault/keyvault_access_policy/access_policy/access_policy.tf +++ b/src/modules/keyvault/keyvault_access_policy/access_policy/access_policy.tf @@ -1,7 +1,7 @@ resource "azurerm_key_vault_access_policy" "main" { # Using the policy key in the resource name - key_vault_id = var.keyvault_id - tenant_id = var.tenant_id - object_id = var.object_id + key_vault_id = var.keyvault_id + tenant_id = var.tenant_id + object_id = var.object_id key_permissions = var.key_permissions secret_permissions = var.secret_permissions } diff --git a/src/networking.tf b/src/networking.tf index e9c65bc2..e3ee9759 100644 --- a/src/networking.tf +++ b/src/networking.tf @@ -79,10 +79,10 @@ module "virtual_network_gateway_connections" { global_settings = var.global_settings settings = each.value resources = { - resource_groups = module.resource_groups - virtual_networks = module.virtual_networks - keyvaults = module.keyvaults - local_network_gateways = module.local_network_gateways + resource_groups = module.resource_groups + virtual_networks = module.virtual_networks + keyvaults = module.keyvaults + local_network_gateways = module.local_network_gateways virtual_network_gateways = module.virtual_network_gateways } } diff --git a/src/role_assignments.tf b/src/role_assignments.tf index e53c1092..f52f1fb6 100644 --- a/src/role_assignments.tf +++ b/src/role_assignments.tf @@ -6,9 +6,9 @@ module "role_assignments" { global_settings = local.global_settings resources = { - resource_groups = module.resource_groups - keyvaults = module.keyvaults - managed_identities = module.managed_identities + resource_groups = module.resource_groups + keyvaults = module.keyvaults + managed_identities = module.managed_identities kubernetes_clusters = module.kubernetes_clusters } } From 5c85cd11de068d46783205a18014b277f868e996 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 27 Jan 2025 16:16:26 +0200 Subject: [PATCH 100/101] Add storage account module --- src/modules/storage_account/_locals.tf | 17 ++++++++++ src/modules/storage_account/_outputs.tf | 10 ++++++ src/modules/storage_account/_variables.tf | 11 +++++++ .../storage_account/storage_account.tf | 32 +++++++++++++++++++ .../storage_account/storage_container.tf | 8 +++++ src/storage_account.tf | 12 +++++++ 6 files changed, 90 insertions(+) create mode 100644 src/modules/storage_account/_locals.tf create mode 100644 src/modules/storage_account/_outputs.tf create mode 100644 src/modules/storage_account/_variables.tf create mode 100644 src/modules/storage_account/storage_account.tf create mode 100644 src/modules/storage_account/storage_container.tf create mode 100644 src/storage_account.tf diff --git a/src/modules/storage_account/_locals.tf b/src/modules/storage_account/_locals.tf new file mode 100644 index 00000000..af37c82b --- /dev/null +++ b/src/modules/storage_account/_locals.tf @@ -0,0 +1,17 @@ +locals { + resource_group = var.resources.resource_groups[var.settings.resource_group_ref] + resource_group_name = local.resource_group.name + location = local.resource_group.location + + subnet_ids = [ + for network_rule_ref, config in try(var.settings.network_rules.subnets, {}) : ( + var.resources.virtual_networks[split("/", config.subnet_ref)[0]].subnets[split("/", config.subnet_ref)[1]].id + ) + ] + + tags = merge( + var.global_settings.tags, + var.global_settings.inherit_resource_group_tags ? local.resource_group.tags : {}, + try(var.settings.tags, {}) + ) +} diff --git a/src/modules/storage_account/_outputs.tf b/src/modules/storage_account/_outputs.tf new file mode 100644 index 00000000..4761ad59 --- /dev/null +++ b/src/modules/storage_account/_outputs.tf @@ -0,0 +1,10 @@ +output "id" { + value = azurerm_storage_account.main.id +} + +output "containers" { + value = { + for container_ref, _ in try(var.settings.containers) : + container_ref => azurerm_storage_container.main[container_ref] + } +} diff --git a/src/modules/storage_account/_variables.tf b/src/modules/storage_account/_variables.tf new file mode 100644 index 00000000..d72b17b4 --- /dev/null +++ b/src/modules/storage_account/_variables.tf @@ -0,0 +1,11 @@ +variable "global_settings" { + description = "Global settings for tinycaf" +} + +variable "settings" { + description = "All the configuration for a storage account" +} + +variable "resources" { + description = "All required resources" +} diff --git a/src/modules/storage_account/storage_account.tf b/src/modules/storage_account/storage_account.tf new file mode 100644 index 00000000..289a6555 --- /dev/null +++ b/src/modules/storage_account/storage_account.tf @@ -0,0 +1,32 @@ +resource "azurerm_storage_account" "main" { + name = var.settings.name + resource_group_name = local.resource_group_name + location = local.location + tags = local.tags + + account_kind = try(var.settings.account_kind, "StorageV2") + account_tier = try(var.settings.account_tier, "Standard") + account_replication_type = var.settings.account_replication_type + + cross_tenant_replication_enabled = try(var.settings.cross_tenant_replication_enabled, null) + large_file_share_enabled = try(var.settings.large_file_share_enabled, null) + infrastructure_encryption_enabled = try(var.settings.infrastructure_encryption_enabled, null) + + is_hns_enabled = try(var.settings.is_hns_enabled, null) + sftp_enabled = try(var.settings.sftp_enabled, null) + nfsv3_enabled = try(var.settings.nfsv3_enabled, null) + + # TODO: identity block + # TODO: blob properties block + # TODO: share_properties + # TODO: azure_files_authentication block + # TODO: routing block + # TODO: sas_policy block + + network_rules { + default_action = try(var.settings.network_rules.default_action, "Deny") + bypass = try(var.settings.network_rules.bypass, null) + ip_rules = try(var.settings.network_rules.allowed_ips, null) + virtual_network_subnet_ids = local.subnet_ids + } +} diff --git a/src/modules/storage_account/storage_container.tf b/src/modules/storage_account/storage_container.tf new file mode 100644 index 00000000..b490d093 --- /dev/null +++ b/src/modules/storage_account/storage_container.tf @@ -0,0 +1,8 @@ +resource "azurerm_storage_container" "main" { + for_each = try(var.settings.containers, {}) + + name = each.value.name + storage_account_id = azurerm_storage_account.main.id + + container_access_type = try(each.value.access_type, null) +} diff --git a/src/storage_account.tf b/src/storage_account.tf new file mode 100644 index 00000000..b595afc5 --- /dev/null +++ b/src/storage_account.tf @@ -0,0 +1,12 @@ +module "storage_accounts" { + source = "./modules/storage_account" + for_each = var.storage_accounts + + settings = each.value + global_settings = var.global_settings + + resources = { + resource_groups = module.resource_groups + virtual_networks = module.virtual_networks + } +} From 571418c17565361102a26488a00f08ad90d2b225 Mon Sep 17 00:00:00 2001 From: Borislav Raynov Date: Mon, 27 Jan 2025 16:28:06 +0200 Subject: [PATCH 101/101] Add dynamic block --- .../linux_virtual_machine/linux_virtual_machine.tf | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf index 7c1b03a0..75488d97 100644 --- a/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf +++ b/src/modules/virtual_machines/linux_virtual_machine/linux_virtual_machine.tf @@ -8,9 +8,12 @@ resource "azurerm_linux_virtual_machine" "main" { tags = local.tags - admin_ssh_key { - username = var.settings.admin_ssh_key.username - public_key = local.public_key + dynamic "admin_ssh_key" { + for_each = try(var.settings.admin_ssh_key[*], {}) + content { + username = try(admin_ssh_key.value.username, null) + public_key = try(admin_ssh_key.value.public_key, null) + } } os_disk {