Tips-Of-Mine/terraform-azure-accelerateur
Tips-Of-Mine/terraform-azure-accelerateur
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first sync
All checks were successful
terraform validation / Terraform (push) Successful in 7s
Details

Browse Source
This commit is contained in:
Hubert Cornet 2025-01-21 20:49:30 +01:00
parent 010993b489
commit 30228eb693
3 changed files with 269 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
README.md
View File

@ -7,10 +7,18 @@ ${REPO_DESCRIPTION}
# Prérequis
Vous avez besoin d'une installation docker fonctionnelle.
Vous avez besoin d'une installation terraform fonctionnelle.
https://developer.hashicorp.com/terraform/install?product_intent=terraform
Vous avec besoin d'avoir Powershell 7
https://learn.microsoft.com/fr-fr/powershell/scripting/install/installing-powershell-on-windows?view=powershell-7.4
Vous avec besoin d'avoir Azure CLI
https://learn.microsoft.com/fr-fr/cli/azure/install-azure-cli-windows?tabs=azure-cli
# Démarrage manuel
~~~bash
@ -18,6 +26,30 @@ https://developer.hashicorp.com/terraform/install?product_intent=terraform
cd ${TEMPLATE_NAME}
~~~
~~~bash
pwsh
~~~
Depuis l'interface on contrôle la présent du module Powershell pour Azure
~~~bash
Get-InstalledModule -Name ALZ
~~~
S'il n'est pas présent on l'installe
~~~bash
Install-Module -Name ALZ
~~~
On s'authentifie
~~~bash
az login
~~~
On s'authentifie
~~~bash
Deploy-Accelerator -inputs "./config/inputs-local-terraform-complete-multi-region.yaml", "./config/config-hub-and-spoke-vnet-multi-region.yaml" -output "./output" -i "terraform" -b "alz_local"
~~~
# Utilisation du repository
init

198
config/config-hub-and-spoke-vnet-multi-region.yaml Normal file
View File

@ -0,0 +1,198 @@
# This file contains templated variables to avoid repeating the same hard-coded values.
# Templated variables are denoted by the dollar curly braces token (e.g. ${starter_location_01}). The following details each templated variable that you can use:
# `starter_location_01`: This the primary an Azure location sourced from the `starter_locations` variable. This can be used to set the location of resources.
# `starter_location_02` to `starter_location_10`: These are the secondary Azure locations sourced from the `starter_locations` variable. This can be used to set the location of resources.
# `starter_location_01_availability_zones` to `starter_location_10_availability_zones`: These are the availability zones for the Azure locations sourced from the `starter_locations` variable. This can be used to set the availability zones of resources.
# `starter_location_01_virtual_network_gateway_sku_express_route` to `starter_location_10_virtual_network_gateway_sku_express_route`: These are the default SKUs for the Express Route virtual network gateways based on the Azure locations sourced from the `starter_locations` variable. This can be used to set the SKU of the virtual network gateways.
# `starter_location_01_virtual_network_gateway_sku_vpn` to `starter_location_10_virtual_network_gateway_sku_vpn`: These are the default SKUs for the VPN virtual network gateways based on the Azure locations sourced from the `starter_locations` variable. This can be used to set the SKU of the virtual network gateways.
# `root_parent_management_group_id`: This is the id of the management group that the ALZ hierarchy will be nested under.
# `subscription_id_identity`: The subscription ID of the subscription to deploy the identity resources to, sourced from the variable `subscription_id_identity`.
# `subscription_id_connectivity`: The subscription ID of the subscription to deploy the connectivity resources to, sourced from the variable `subscription_id_connectivity`.
# `subscription_id_management`: The subscription ID of the subscription to deploy the management resources to, sourced from the variable `subscription_id_management`.
---
connectivity_resource_groups:
ddos:
location: ${starter_location_01}
name: rg-hub-ddos-${starter_location_01}
dns:
location: ${starter_location_01}
name: rg-hub-dns-${starter_location_01}
vnet_primary:
location: ${starter_location_01}
name: rg-hub-${starter_location_01}
vnet_secondary:
location: ${starter_location_02}
name: rg-hub-${starter_location_02}
connectivity_type: hub_and_spoke_vnet
hub_and_spoke_vnet_settings:
ddos_protection_plan:
location: ${starter_location_01}
name: ddos-hub-${starter_location_01}
resource_group_name: ${connectivity_resource_group_ddos}
hub_and_spoke_vnet_virtual_networks:
primary:
hub_virtual_network:
address_space:
- 10.0.0.0/16
firewall:
default_ip_configuration:
public_ip_config:
ip_version: IPv4
name: pip-fw-hub-${starter_location_01}
zones: ${starter_location_01_availability_zones}
firewall_policy:
dns:
proxy_enabled: true
name: fwp-hub-${starter_location_01}
name: fw-hub-${starter_location_01}
sku_name: AZFW_VNet
sku_tier: Premium
subnet_address_prefix: 10.0.0.0/24
zones: ${starter_location_01_availability_zones}
location: ${starter_location_01}
name: vnet-hub-${starter_location_01}
resource_group_creation_enabled: false
resource_group_name: ${connectivity_resource_group_vnet_primary}
subnets:
virtual_network_gateway:
address_prefixes:
- 10.0.1.0/24
assign_generated_route_table: false
name: GatewaySubnet
tags:
deployment: terraform
source: Azure Landing Zones Accelerator
private_dns_zones:
is_primary: true
resource_group_name: ${connectivity_resource_group_dns}
virtual_network_gateways:
express_route:
ip_configurations:
default:
name: ipconfig-vgw-hub-expressroute-${starter_location_01}
public_ip:
name: pip-vgw-hub-expressroute-${starter_location_01}
zones: ${starter_location_01_availability_zones}
location: ${starter_location_01}
name: vgw-hub-expressroute-${starter_location_01}
sku: ${starter_location_01_virtual_network_gateway_sku_express_route}
type: ExpressRoute
vpn:
ip_configurations:
default:
name: ipconfig-vgw-hub-vpn-${starter_location_01}
public_ip:
name: pip-vgw-hub-vpn-${starter_location_01}
zones: ${starter_location_01_availability_zones}
location: ${starter_location_01}
name: vgw-hub-vpn-${starter_location_01}
sku: ${starter_location_01_virtual_network_gateway_sku_vpn}
type: Vpn
secondary:
hub_virtual_network:
address_space:
- 10.1.0.0/16
firewall:
default_ip_configuration:
public_ip_config:
ip_version: IPv4
name: pip-fw-hub-${starter_location_02}
zones: ${starter_location_02_availability_zones}
firewall_policy:
dns:
proxy_enabled: true
name: fwp-hub-${starter_location_01}
name: fw-hub-${starter_location_02}
sku_name: AZFW_VNet
sku_tier: Premium
subnet_address_prefix: 10.1.0.0/24
zones: ${starter_location_02_availability_zones}
location: ${starter_location_02}
name: vnet-hub-${starter_location_02}
resource_group_creation_enabled: false
resource_group_name: ${connectivity_resource_group_vnet_secondary}
subnets:
virtual_network_gateway:
address_prefixes:
- 10.1.1.0/24
assign_generated_route_table: false
name: GatewaySubnet
tags:
deployment: terraform
source: Azure Landing Zones Accelerator
private_dns_zones:
is_primary: false
resource_group_name: ${connectivity_resource_group_dns}
virtual_network_gateways:
express_route:
ip_configurations:
default:
name: ipconfig-vgw-hub-expressroute-${starter_location_02}
public_ip:
name: pip-vgw-hub-expressroute-${starter_location_02}
zones: ${starter_location_02_availability_zones}
location: ${starter_location_02}
name: vgw-hub-expressroute-${starter_location_02}
sku: ${starter_location_02_virtual_network_gateway_sku_express_route}
type: ExpressRoute
vpn:
ip_configurations:
default:
name: ipconfig-vgw-hub-vpn-${starter_location_02}
public_ip:
name: pip-vgw-hub-vpn-${starter_location_02}
zones: ${starter_location_02_availability_zones}
location: ${starter_location_02}
name: vgw-hub-vpn-${starter_location_02}
sku: ${starter_location_02_virtual_network_gateway_sku_vpn}
type: Vpn
management_settings_es:
configure_connectivity_resources:
advanced:
custom_settings_by_resource_type:
azurerm_network_ddos_protection_plan:
ddos:
${starter_location_01}:
name: ddos-hub-${starter_location_01}
azurerm_resource_group:
ddos:
${starter_location_01}:
name: ${connectivity_resource_group_ddos}
dns:
${starter_location_01}:
name: ${connectivity_resource_group_dns}
settings:
ddos_protection_plan:
config:
location: ${starter_location_01}
dns:
config:
location: ${starter_location_01}
configure_management_resources:
advanced:
asc_export_resource_group_name: rg-management-asc-export-${starter_location_01}
azurerm_automation_account:
management:
name: aa-management-${starter_location_01}
azurerm_log_analytics_workspace:
management:
name: law-management-${starter_location_01}
custom_settings_by_resource_type:
azurerm_resource_group:
management:
name: rg-management-${starter_location_01}
location: ${starter_location_01}
default_location: ${starter_location_01}
# put this to false because avm module is used
deploy_connectivity_resources: false
deploy_management_resources: true
deploy_core_landing_zones: true
deploy_corp_landing_zones: true
deploy_online_landing_zones: true
root_id: alz
root_name: Azure-Landing-Zones
root_parent_id: ${root_parent_management_group_id}
subscription_id_connectivity: ${subscription_id_connectivity}
subscription_id_identity: ${subscription_id_identity}
subscription_id_management: ${subscription_id_management}

38
config/inputs-local-terraform-complete-multi-region.yaml Normal file
View File

@ -0,0 +1,38 @@
---
# For detailed instructions on using this file, visit:
# https://github.com/Azure/ALZ-PowerShell-Module/wiki/%5BUser-Guide%5D-Quick-Start-Phase-2-Local#2232-local-file-system-with-terraform
# Basic Inputs
iac_type: "terraform"
bootstrap_module_name: "alz_local"
starter_module_name: "complete_multi_region"
# Shared Interface Inputs
bootstrap_location: "francecentral"
starter_locations: ["francecentral", "francesouth"]
root_parent_management_group_id: "************"
subscription_id_management: "*************"
subscription_id_identity: "******"
subscription_id_connectivity: "1******"
# Bootstrap Inputs
target_directory: "alz-local-001"
create_bootstrap_resources_in_azure: false
bootstrap_subscription_id: "e32dabfc-1904-4ae7-a543-1db013b3c60c"
service_name: "alz"
environment_name: "mgmt"
postfix_number: 1
grant_permissions_to_current_user: true
# Complete Multi Region Starter Module Specific Variables
# (Details: https://github.com/Azure/ALZ-PowerShell-Module/wiki/%5BUser-Guide%5D-Starter-Module-Terraform-Complete-Multi-Region)
# The detailed configuration can be supplied in a separate file or combined in this file. Examples can be seen here:
# Hub and Spoke Virtual Network Multi Region: https://raw.githubusercontent.com/wiki/Azure/ALZ-PowerShell-Module/examples/starter-module-config/complete-multi-region/config-hub-and-spoke-vnet-multi-region.yaml
# Virtual WAN Multi Region: https://raw.githubusercontent.com/wiki/Azure/ALZ-PowerShell-Module/examples/starter-module-config/complete-multi-region/config-virtual-wan-multi-region.yaml
# Hub and Spoke Virtual Network Single Region: https://raw.githubusercontent.com/wiki/Azure/ALZ-PowerShell-Module/examples/starter-module-config/complete-multi-region/config-hub-and-spoke-vnet-single-region.yaml
# Virtual WAN Single Region: https://raw.githubusercontent.com/wiki/Azure/ALZ-PowerShell-Module/examples/starter-module-config/complete-multi-region/config-virtual-wan-single-region.yaml
# Advanced Inputs
bootstrap_module_version: "4.1.7"
starter_module_version: "4.5.8"
#output_folder_path: "/accelerator/output"