diff --git a/README.md b/README.md
index 597543c..7e89da2 100644
--- a/README.md
+++ b/README.md
@@ -1,67 +1,3 @@
-# terraform-azurerm-bastion
-A module used to create a bastion server inside a virtual network, with an NSG and all the rules needed.
-
-```hcl
-module "rg" {
- source = "registry.terraform.io/libre-devops/rg/azurerm"
-
- rg_name = "rg-${var.short}-${var.loc}-${terraform.workspace}-build" // rg-ldo-euw-dev-build
- location = local.location // compares var.loc with the var.regions var to match a long-hand name, in this case, "euw", so "westeurope"
- tags = local.tags
-
- # lock_level = "CanNotDelete" // Do not set this value to skip lock
-}
-
-module "network" {
- source = "registry.terraform.io/libre-devops/network/azurerm"
-
- rg_name = module.rg.rg_name // rg-ldo-euw-dev-build
- location = module.rg.rg_location
- tags = local.tags
-
- vnet_name = "vnet-${var.short}-${var.loc}-${terraform.workspace}-01" // vnet-ldo-euw-dev-01
- vnet_location = module.network.vnet_location
-
- address_space = ["10.0.0.0/16"]
- subnet_prefixes = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
- subnet_names = ["sn1-${module.network.vnet_name}", "sn2-${module.network.vnet_name}", "sn3-${module.network.vnet_name}"] //sn1-vnet-ldo-euw-dev-01
- subnet_service_endpoints = {
- "sn1-${module.network.vnet_name}" = ["Microsoft.Storage"] // Adds extra subnet endpoints to sn1-vnet-ldo-euw-dev-01
- "sn2-${module.network.vnet_name}" = ["Microsoft.Storage", "Microsoft.Sql"], // Adds extra subnet endpoints to sn2-vnet-ldo-euw-dev-01
- "sn3-${module.network.vnet_name}" = ["Microsoft.AzureActiveDirectory"] // Adds extra subnet endpoints to sn3-vnet-ldo-euw-dev-01
- }
-}
-
-module "bastion" {
- source = "registry.terraform.io/libre-devops/nsg/azurerm"
-
-
- vnet_rg_name = module.network.vnet_rg_name
- vnet_name = module.network.vnet_name
-
- bas_subnet_iprange = "10.0.0.4.0/28"
-
- bas_nsg_name = "nsg-bas-${var.short}-${var.loc}-${terraform.workspace}-01"
- bas_nsg_location = module.rg.rg_location
- bas_nsg_rg_name = module.rg.rg_name
-
- bas_pip_name = "pip-bas-${var.short}-${var.loc}-${terraform.workspace}-01"
- bas_pip_location = module.rg.rg_location
- bas_pip_rg_name = module.rg.rg_name
- bas_pip_allocation_method = "Static"
- bas_pip_sku = "Standard"
-
- bas_host_name = "bas-${var.short}-${var.loc}-${terraform.workspace}-01"
- bas_host_location = module.rg.rg_location
- bas_host_rg_name = module.rg.rg_name
- bas_host_ipconfig_name = "bas-${var.short}-${var.loc}-${terraform.workspace}-01-ipconfig"
-
- tags = module.rg.rg_tags
-}
-```
-
-For a full example build, check out the [Libre DevOps Website](https://www.libredevops.org/quickstart/utils/terraform/using-lbdo-tf-modules-example.html)
-
## Requirements
No requirements.
@@ -114,6 +50,7 @@ No modules.
| Name | Description |
|------|-------------|
+| [bas\_dns\_name](#output\_bas\_dns\_name) | The DNS name of the Azure Bastion |
| [bas\_hostname](#output\_bas\_hostname) | The host name of the bastion |
| [bas\_nsg\_id](#output\_bas\_nsg\_id) | The host name of the bastion |
| [bas\_nsg\_name](#output\_bas\_nsg\_name) | The name of the bastion nsg |
diff --git a/bastion.tf b/bastion.tf
index 3ed97ba..cf266ab 100644
--- a/bastion.tf
+++ b/bastion.tf
@@ -2,13 +2,13 @@ resource "azurerm_bastion_host" "bas_host" {
name = var.bas_host_name
location = var.bas_host_location
resource_group_name = var.bas_host_rg_name
- copy_paste_enabled = var.copy_pasted_enabled
+ copy_paste_enabled = var.copy_paste_enabled
sku = title(var.sku)
file_copy_enabled = var.sku == "Standard" ? var.file_copy_enabled : null
- ip_connect_enabled = var.sku == "Standard" ? var.ip_connect_true : null
+ ip_connect_enabled = var.sku == "Standard" ? var.ip_connect_enabled : null
scale_units = var.sku == "Standard" ? var.scale_units : 2 # 2 is default for Basic sku
shareable_link_enabled = var.sku == "Standard" ? var.shareable_link_enabled : null
- tunneling_enabled = var.sku == "Standard" ? var.tunneling_enable : null
+ tunneling_enabled = var.sku == "Standard" ? var.tunneling_enabled : null
ip_configuration {
name = var.bas_host_ipconfig_name
diff --git a/docs.md b/docs.md
index 930d09a..68fe7f2 100644
--- a/docs.md
+++ b/docs.md
@@ -42,7 +42,14 @@ No modules.
| [bas\_pip\_sku](#input\_bas\_pip\_sku) | The SKU for the Bastion Public IP, default is Standard | `string` | `"Standard"` | no |
| [bas\_subnet\_iprange](#input\_bas\_subnet\_iprange) | The IP Range for the Bastion Subnet - Note, Minimum is a /28 | `string` | n/a | yes |
| [bas\_subnet\_name](#input\_bas\_subnet\_name) | The name of the Azure Bastion Subnet - note, this is a static value and should not be changed | `string` | `"AzureBastionSubnet"` | no |
+| [copy\_paste\_enabled](#input\_copy\_paste\_enabled) | Whether copy paste is enabled, defaults to true | `bool` | `true` | no |
+| [file\_copy\_enabled](#input\_file\_copy\_enabled) | Whether file copy is enabled | `bool` | `null` | no |
+| [ip\_connect\_enabled](#input\_ip\_connect\_enabled) | Whether the IP connect feature is enabled | `bool` | `null` | no |
+| [scale\_units](#input\_scale\_units) | The number of scale units, default is 2 | `number` | `2` | no |
+| [shareable\_link\_enabled](#input\_shareable\_link\_enabled) | Whether the shareable link is enabled | `bool` | `null` | no |
+| [sku](#input\_sku) | The SKU of the bastion, default is Basic | `string` | `"Basic"` | no |
| [tags](#input\_tags) | The default tags to be assigned | `map(any)` | n/a | yes |
+| [tunneling\_enabled](#input\_tunneling\_enabled) | Whether the tunneling feature is enable | `bool` | `null` | no |
| [vnet\_name](#input\_vnet\_name) | The name of the VNet the bastion is intended to join | `string` | n/a | yes |
| [vnet\_rg\_name](#input\_vnet\_rg\_name) | The name of the resource group that the VNet can be found int | `string` | n/a | yes |
diff --git a/input.tf b/input.tf
index e6d9c30..4c0dcfa 100644
--- a/input.tf
+++ b/input.tf
@@ -69,11 +69,53 @@ variable "bas_subnet_name" {
description = "The name of the Azure Bastion Subnet - note, this is a static value and should not be changed"
}
+variable "copy_paste_enabled" {
+ type = bool
+ description = "Whether copy paste is enabled, defaults to true"
+ default = true
+}
+
+variable "file_copy_enabled" {
+ type = bool
+ description = "Whether file copy is enabled"
+ default = null
+}
+
+variable "ip_connect_enabled" {
+ type = bool
+ description = "Whether the IP connect feature is enabled"
+ default = null
+}
+
+variable "scale_units" {
+ type = number
+ description = "The number of scale units, default is 2"
+ default = 2
+}
+
+variable "shareable_link_enabled" {
+ type = bool
+ description = "Whether the shareable link is enabled"
+ default = null
+}
+
+variable "sku" {
+ type = string
+ description = "The SKU of the bastion, default is Basic"
+ default = "Basic"
+}
+
variable "tags" {
description = "The default tags to be assigned"
type = map(any)
}
+variable "tunneling_enabled" {
+ type = bool
+ description = "Whether the tunneling feature is enable"
+ default = null
+}
+
variable "vnet_name" {
type = string
description = "The name of the VNet the bastion is intended to join"