From 2908b502c4ca58c520b11f3022128b404f394c7b Mon Sep 17 00:00:00 2001 From: Svein-Petter Johnsen <83902071+sveinpj@users.noreply.github.com> Date: Wed, 24 Jan 2024 13:14:56 +0100 Subject: [PATCH] Added Vnets and Private DNS Zones (#1157) Co-authored-by: Automatic Update --- .../subscriptions/s940/c2/common/common.tf | 1 + .../subscriptions/s940/c2/common/main.tf | 2 +- .../s940/c2/virtualnetwork/main.tf | 12 +++++- .../s940/c2/virtualnetwork/variables.tf | 4 ++ .../subscriptions/s940/prod/common/common.tf | 1 + .../subscriptions/s940/prod/common/main.tf | 2 +- .../s940/prod/virtualnetwork/main.tf | 12 +++++- .../s940/prod/virtualnetwork/variables.tf | 4 ++ terraform/subscriptions/s940/summary-c2.sh | 38 ++++++++++++++----- terraform/subscriptions/s940/summary-prod.sh | 38 ++++++++++++++----- .../subscriptions/s941/dev/common/main.tf | 2 +- .../s941/dev/common/variables.tf | 2 +- .../s941/dev/virtualnetwork/main.tf | 11 +++++- .../s941/dev/virtualnetwork/variables.tf | 4 ++ .../s941/playground/common/common.tf | 1 + .../s941/playground/common/main.tf | 36 +++++++++++++++++- .../s941/playground/common/variables.tf | 23 +++++++++++ .../s941/playground/virtualnetwork/main.tf | 9 ++++- .../s941/playground/virtualnetwork/outputs.tf | 6 +-- .../playground/virtualnetwork/variables.tf | 4 ++ 20 files changed, 178 insertions(+), 34 deletions(-) create mode 100644 terraform/subscriptions/s940/c2/virtualnetwork/variables.tf create mode 100644 terraform/subscriptions/s940/prod/virtualnetwork/variables.tf create mode 100644 terraform/subscriptions/s941/dev/virtualnetwork/variables.tf create mode 100644 terraform/subscriptions/s941/playground/virtualnetwork/variables.tf diff --git a/terraform/subscriptions/s940/c2/common/common.tf b/terraform/subscriptions/s940/c2/common/common.tf index 3299570e0..8b143a593 100644 --- a/terraform/subscriptions/s940/c2/common/common.tf +++ b/terraform/subscriptions/s940/c2/common/common.tf @@ -2,5 +2,6 @@ locals { outputs = { location = "westeurope" resource_group = "common-westeurope" + enviroment = "c2" } } diff --git a/terraform/subscriptions/s940/c2/common/main.tf b/terraform/subscriptions/s940/c2/common/main.tf index f95052a88..767344bfc 100644 --- a/terraform/subscriptions/s940/c2/common/main.tf +++ b/terraform/subscriptions/s940/c2/common/main.tf @@ -1,6 +1,6 @@ module "resourcegroups" { for_each = toset(var.resource_groups) source = "../../../modules/resourcegroups" - name = "${each.value}" + name = each.value location = local.outputs.location } \ No newline at end of file diff --git a/terraform/subscriptions/s940/c2/virtualnetwork/main.tf b/terraform/subscriptions/s940/c2/virtualnetwork/main.tf index 4a88c82db..fac9308c4 100644 --- a/terraform/subscriptions/s940/c2/virtualnetwork/main.tf +++ b/terraform/subscriptions/s940/c2/virtualnetwork/main.tf @@ -1,6 +1,14 @@ +module "resourcegroups" { + for_each = toset(var.resource_groups) + source = "../../../modules/resourcegroups" + name = "${each.value}-${local.external_outputs.common.data.enviroment}" + location = local.external_outputs.common.data.location +} + module "azurerm_virtual_network" { source = "../../../modules/virtualnetwork" - location = local.external_outputs.clusters.data.location - enviroment = local.external_outputs.clusters.data.enviroment + location = local.external_outputs.common.data.location + enviroment = local.external_outputs.common.data.enviroment + depends_on = [module.resourcegroups] } diff --git a/terraform/subscriptions/s940/c2/virtualnetwork/variables.tf b/terraform/subscriptions/s940/c2/virtualnetwork/variables.tf new file mode 100644 index 000000000..d7a1b1107 --- /dev/null +++ b/terraform/subscriptions/s940/c2/virtualnetwork/variables.tf @@ -0,0 +1,4 @@ +variable "resource_groups" { + type = list(string) + default = ["cluster-vnet-hub"] +} \ No newline at end of file diff --git a/terraform/subscriptions/s940/prod/common/common.tf b/terraform/subscriptions/s940/prod/common/common.tf index 3a9f059f0..ee0ffedbc 100644 --- a/terraform/subscriptions/s940/prod/common/common.tf +++ b/terraform/subscriptions/s940/prod/common/common.tf @@ -2,5 +2,6 @@ locals { outputs = { location = "northeurope" resource_group = "common" + enviroment = "platform" } } diff --git a/terraform/subscriptions/s940/prod/common/main.tf b/terraform/subscriptions/s940/prod/common/main.tf index f95052a88..767344bfc 100644 --- a/terraform/subscriptions/s940/prod/common/main.tf +++ b/terraform/subscriptions/s940/prod/common/main.tf @@ -1,6 +1,6 @@ module "resourcegroups" { for_each = toset(var.resource_groups) source = "../../../modules/resourcegroups" - name = "${each.value}" + name = each.value location = local.outputs.location } \ No newline at end of file diff --git a/terraform/subscriptions/s940/prod/virtualnetwork/main.tf b/terraform/subscriptions/s940/prod/virtualnetwork/main.tf index d2eb2eacc..8f264fa4b 100644 --- a/terraform/subscriptions/s940/prod/virtualnetwork/main.tf +++ b/terraform/subscriptions/s940/prod/virtualnetwork/main.tf @@ -1,5 +1,13 @@ +module "resourcegroups" { + for_each = toset(var.resource_groups) + source = "../../../modules/resourcegroups" + name = "${each.value}-${local.external_outputs.common.data.enviroment}" + location = local.external_outputs.common.data.location +} + module "azurerm_virtual_network" { source = "../../../modules/virtualnetwork" - location = local.external_outputs.clusters.data.location - enviroment = local.external_outputs.clusters.data.enviroment + location = local.external_outputs.common.data.location + enviroment = local.external_outputs.common.data.enviroment + depends_on = [module.resourcegroups] } diff --git a/terraform/subscriptions/s940/prod/virtualnetwork/variables.tf b/terraform/subscriptions/s940/prod/virtualnetwork/variables.tf new file mode 100644 index 000000000..d7a1b1107 --- /dev/null +++ b/terraform/subscriptions/s940/prod/virtualnetwork/variables.tf @@ -0,0 +1,4 @@ +variable "resource_groups" { + type = list(string) + default = ["cluster-vnet-hub"] +} \ No newline at end of file diff --git a/terraform/subscriptions/s940/summary-c2.sh b/terraform/subscriptions/s940/summary-c2.sh index 3de365edf..a782cfd57 100755 --- a/terraform/subscriptions/s940/summary-c2.sh +++ b/terraform/subscriptions/s940/summary-c2.sh @@ -6,12 +6,32 @@ normal=$(tput sgr0) # Set the directory you want to search directory="./c2" -find "$directory" -mindepth 1 -maxdepth 1 -type d -exec bash -c ' - for dir; do - printf "%s► Execute %s%s\n" "${grn}" "$dir" "${normal}" - #echo "$dir" - terraform -chdir=$dir plan -no-color - # Perform actions here for each directory - # For example, you can add commands to operate on each directory - done -' bash {} + + +for dir in "$directory"/*; do + if [ ! -d "$dir" ]; then continue; fi + + printf "%s► Execute %s%s\n" "${grn}" "$dir" "${normal}" + terraform -chdir="$dir" init &>/dev/null || echo "Error during terraform init in $dir" + terraform -chdir="$dir" plan -no-color -out=plan.out &>/dev/null || echo "Error during terraform plan in $dir" + + if [ ! -f "$dir/plan.out" ]; then + echo "plan.out was not created in $dir" + continue + fi + + cd "$dir" || exit + plan=$(terraform show -no-color "plan.out") + cd - >/dev/null || exit + + create=$(echo "$plan" | grep "will be created" | sed 's|# |+|g' | sed 's/^ *//g') + destroy=$(echo "$plan" | grep "will be destroyed" | sed 's|# |-|g' | sed 's/^ *//g') + update=$(echo "$plan" | grep "will be updated in-place" | sed 's|# |~|g' | sed 's/^ *//g') + replace=$(echo "$plan" | grep "must be replaced" | sed 's|# |-/+|g' | sed 's/^ *//g') + + if [ -n "$create" ]; then echo -e "The following resources will be created:\n ${grn}${create}${normal}\n"; fi + if [ -n "$destroy" ]; then echo -e "The following resources will be destroyed:\n ${red}${destroy}${normal}\n"; fi + if [ -n "$update" ]; then echo -e "The following resources will be updated:\n ${yel}${update}${normal}\n"; fi + if [ -n "$replace" ]; then echo -e "The following resources will be replaced:\n ${red}${replace}${normal}\n"; fi + if [ -z "$create$destroy$update$replace" ]; then echo -e "No changes. Your infrastructure matches the configuration.\n"; fi + rm "$dir/plan.out" +done \ No newline at end of file diff --git a/terraform/subscriptions/s940/summary-prod.sh b/terraform/subscriptions/s940/summary-prod.sh index 7974027a9..1a5892629 100755 --- a/terraform/subscriptions/s940/summary-prod.sh +++ b/terraform/subscriptions/s940/summary-prod.sh @@ -6,12 +6,32 @@ normal=$(tput sgr0) # Set the directory you want to search directory="./prod" -find "$directory" -mindepth 1 -maxdepth 1 -type d -exec bash -c ' - for dir; do - printf "%s► Execute %s%s\n" "${grn}" "$dir" "${normal}" - #echo "$dir" - terraform -chdir=$dir plan -no-color - # Perform actions here for each directory - # For example, you can add commands to operate on each directory - done -' bash {} + \ No newline at end of file + +for dir in "$directory"/*; do + if [ ! -d "$dir" ]; then continue; fi + + printf "%s► Execute %s%s\n" "${grn}" "$dir" "${normal}" + terraform -chdir="$dir" init &>/dev/null || echo "Error during terraform init in $dir" + terraform -chdir="$dir" plan -no-color -out=plan.out &>/dev/null || echo "Error during terraform plan in $dir" + + if [ ! -f "$dir/plan.out" ]; then + echo "plan.out was not created in $dir" + continue + fi + + cd "$dir" || exit + plan=$(terraform show -no-color "plan.out") + cd - >/dev/null || exit + + create=$(echo "$plan" | grep "will be created" | sed 's|# |+|g' | sed 's/^ *//g') + destroy=$(echo "$plan" | grep "will be destroyed" | sed 's|# |-|g' | sed 's/^ *//g') + update=$(echo "$plan" | grep "will be updated in-place" | sed 's|# |~|g' | sed 's/^ *//g') + replace=$(echo "$plan" | grep "must be replaced" | sed 's|# |-/+|g' | sed 's/^ *//g') + + if [ -n "$create" ]; then echo -e "The following resources will be created:\n ${grn}${create}${normal}\n"; fi + if [ -n "$destroy" ]; then echo -e "The following resources will be destroyed:\n ${red}${destroy}${normal}\n"; fi + if [ -n "$update" ]; then echo -e "The following resources will be updated:\n ${yel}${update}${normal}\n"; fi + if [ -n "$replace" ]; then echo -e "The following resources will be replaced:\n ${red}${replace}${normal}\n"; fi + if [ -z "$create$destroy$update$replace" ]; then echo -e "No changes. Your infrastructure matches the configuration.\n"; fi + rm "$dir/plan.out" +done \ No newline at end of file diff --git a/terraform/subscriptions/s941/dev/common/main.tf b/terraform/subscriptions/s941/dev/common/main.tf index 6f5ade790..8fcd88001 100644 --- a/terraform/subscriptions/s941/dev/common/main.tf +++ b/terraform/subscriptions/s941/dev/common/main.tf @@ -2,7 +2,7 @@ module "resourcegroups" { for_each = toset(var.resource_groups) source = "../../../modules/resourcegroups" - name = "${each.value}" + name = each.value location = local.outputs.location } diff --git a/terraform/subscriptions/s941/dev/common/variables.tf b/terraform/subscriptions/s941/dev/common/variables.tf index 33fa7a50a..aa22f0b69 100644 --- a/terraform/subscriptions/s941/dev/common/variables.tf +++ b/terraform/subscriptions/s941/dev/common/variables.tf @@ -7,7 +7,7 @@ variable "storageaccounts" { description = "Max 15 characters lowercase in the storageaccount name" type = map(object({ name = string - resource_group_name = optional(string, "s941-development") + resource_group_name = optional(string, "common-development") location = optional(string, "northeurope") account_tier = optional(string, "Standard") account_replication_type = optional(string, "LRS") diff --git a/terraform/subscriptions/s941/dev/virtualnetwork/main.tf b/terraform/subscriptions/s941/dev/virtualnetwork/main.tf index 5f6986dec..bd037ac35 100644 --- a/terraform/subscriptions/s941/dev/virtualnetwork/main.tf +++ b/terraform/subscriptions/s941/dev/virtualnetwork/main.tf @@ -1,5 +1,12 @@ +module "resourcegroups" { + for_each = toset(var.resource_groups) + source = "../../../modules/resourcegroups" + name = "${each.value}-${local.external_outputs.common.data.enviroment}" + location = local.external_outputs.common.data.location +} + module "azurerm_virtual_network" { source = "../../../modules/virtualnetwork" location = local.external_outputs.common.data.location - enviroment = local.external_outputs.common.data.enviroment_S -} + enviroment = local.external_outputs.common.data.enviroment +} \ No newline at end of file diff --git a/terraform/subscriptions/s941/dev/virtualnetwork/variables.tf b/terraform/subscriptions/s941/dev/virtualnetwork/variables.tf new file mode 100644 index 000000000..d7a1b1107 --- /dev/null +++ b/terraform/subscriptions/s941/dev/virtualnetwork/variables.tf @@ -0,0 +1,4 @@ +variable "resource_groups" { + type = list(string) + default = ["cluster-vnet-hub"] +} \ No newline at end of file diff --git a/terraform/subscriptions/s941/playground/common/common.tf b/terraform/subscriptions/s941/playground/common/common.tf index 0b40c7a28..21fb1a864 100644 --- a/terraform/subscriptions/s941/playground/common/common.tf +++ b/terraform/subscriptions/s941/playground/common/common.tf @@ -2,6 +2,7 @@ locals { outputs = { location = "northeurope" resource_group = "common" + enviroment = "playground" enviroment_L = "playground" enviroment_S = "playground" } diff --git a/terraform/subscriptions/s941/playground/common/main.tf b/terraform/subscriptions/s941/playground/common/main.tf index f95052a88..b313ded76 100644 --- a/terraform/subscriptions/s941/playground/common/main.tf +++ b/terraform/subscriptions/s941/playground/common/main.tf @@ -1,6 +1,38 @@ module "resourcegroups" { for_each = toset(var.resource_groups) source = "../../../modules/resourcegroups" - name = "${each.value}" + name = each.value location = local.outputs.location -} \ No newline at end of file +} + +module "backupvault" { + source = "../../../modules/backupvaults" + name = "Backupvault-${local.outputs.enviroment}" + resource_group_name = "common-${local.outputs.enviroment}" + location = local.outputs.location + policyblobstoragename = "Backuppolicy-blob" + depends_on = [module.resourcegroups] +} + +# module "storageaccount" { +# source = "../../../modules/storageaccount" +# for_each = var.storageaccounts +# name = "${each.key}${local.outputs.enviroment}" +# tier = each.value.account_tier +# account_replication_type = each.value.account_replication_type +# resource_group_name = each.value.resource_group_name +# location = each.value.location +# environment = local.outputs.enviroment +# kind = each.value.kind +# change_feed_enabled = each.value.change_feed_enabled +# versioning_enabled = each.value.versioning_enabled +# roleassignment = each.value.roleassignment +# principal_id = module.backupvault.data.backupvault.identity[0].principal_id +# vault_id = module.backupvault.data.backupvault.id +# policyblobstorage_id = module.backupvault.data.policyblobstorage.id +# subnet_id = local.external_outputs.virtualnetwork.data.vnet_subnet.id +# vnethub_resource_group = local.external_outputs.virtualnetwork.data.vnet_hub.resource_group_name +# priv_endpoint = each.value.private_endpoint +# firewall = each.value.firewall +# depends_on = [ module.backupvault ] +# } diff --git a/terraform/subscriptions/s941/playground/common/variables.tf b/terraform/subscriptions/s941/playground/common/variables.tf index 8fe491d41..19b725b4c 100644 --- a/terraform/subscriptions/s941/playground/common/variables.tf +++ b/terraform/subscriptions/s941/playground/common/variables.tf @@ -1,4 +1,27 @@ variable "resource_groups" { type = list(string) default = ["common-playground"] +} + +variable "storageaccounts" { + description = "Max 15 characters lowercase in the storageaccount name" + type = map(object({ + name = string + resource_group_name = optional(string, "common-playground") + location = optional(string, "northeurope") + account_tier = optional(string, "Standard") + account_replication_type = optional(string, "LRS") + kind = optional(string, "StorageV2") + change_feed_enabled = optional(bool, false) + versioning_enabled = optional(bool, false) + roleassignment = optional(map(object({ backup = optional(bool, false) }))) + principal_id = optional(string) + private_endpoint = optional(bool, false) + firewall = optional(bool, true) + })) + default = { + radixlog = { + name = "radixlog" + } + } } \ No newline at end of file diff --git a/terraform/subscriptions/s941/playground/virtualnetwork/main.tf b/terraform/subscriptions/s941/playground/virtualnetwork/main.tf index 5f6986dec..8cc10a3ed 100644 --- a/terraform/subscriptions/s941/playground/virtualnetwork/main.tf +++ b/terraform/subscriptions/s941/playground/virtualnetwork/main.tf @@ -1,5 +1,12 @@ +module "resourcegroups" { + for_each = toset(var.resource_groups) + source = "../../../modules/resourcegroups" + name = "${each.value}-${local.external_outputs.common.data.enviroment}" + location = local.external_outputs.common.data.location +} + module "azurerm_virtual_network" { source = "../../../modules/virtualnetwork" location = local.external_outputs.common.data.location - enviroment = local.external_outputs.common.data.enviroment_S + enviroment = local.external_outputs.common.data.enviroment } diff --git a/terraform/subscriptions/s941/playground/virtualnetwork/outputs.tf b/terraform/subscriptions/s941/playground/virtualnetwork/outputs.tf index e69d93f51..9c7fb6812 100644 --- a/terraform/subscriptions/s941/playground/virtualnetwork/outputs.tf +++ b/terraform/subscriptions/s941/playground/virtualnetwork/outputs.tf @@ -1,3 +1,3 @@ -output "data" { - value = module.azurerm_virtual_network.data -} \ No newline at end of file +# output "data" { +# value = module.azurerm_virtual_network.data +# } \ No newline at end of file diff --git a/terraform/subscriptions/s941/playground/virtualnetwork/variables.tf b/terraform/subscriptions/s941/playground/virtualnetwork/variables.tf new file mode 100644 index 000000000..d7a1b1107 --- /dev/null +++ b/terraform/subscriptions/s941/playground/virtualnetwork/variables.tf @@ -0,0 +1,4 @@ +variable "resource_groups" { + type = list(string) + default = ["cluster-vnet-hub"] +} \ No newline at end of file