Tips-Of-Mine/terraform-azure-accelerateur
Tips-Of-Mine/terraform-azure-accelerateur
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
terraform-azure-accelerateur/config/config-hub-and-spoke-vnet-multi-region.yaml
hcornet 30228eb693
All checks were successful
terraform validation / Terraform (push) Successful in 7s
Details
first sync
2025-01-21 20:49:30 +01:00

198 lines
8.7 KiB
YAML
Raw Blame History

# This file contains templated variables to avoid repeating the same hard-coded values.
# Templated variables are denoted by the dollar curly braces token (e.g. ${starter_location_01}). The following details each templated variable that you can use:
# `starter_location_01`: This the primary an Azure location sourced from the `starter_locations` variable. This can be used to set the location of resources.
# `starter_location_02` to `starter_location_10`: These are the secondary Azure locations sourced from the `starter_locations` variable. This can be used to set the location of resources.
# `starter_location_01_availability_zones` to `starter_location_10_availability_zones`: These are the availability zones for the Azure locations sourced from the `starter_locations` variable. This can be used to set the availability zones of resources.
# `starter_location_01_virtual_network_gateway_sku_express_route` to `starter_location_10_virtual_network_gateway_sku_express_route`: These are the default SKUs for the Express Route virtual network gateways based on the Azure locations sourced from the `starter_locations` variable. This can be used to set the SKU of the virtual network gateways.
# `starter_location_01_virtual_network_gateway_sku_vpn` to `starter_location_10_virtual_network_gateway_sku_vpn`: These are the default SKUs for the VPN virtual network gateways based on the Azure locations sourced from the `starter_locations` variable. This can be used to set the SKU of the virtual network gateways.
# `root_parent_management_group_id`: This is the id of the management group that the ALZ hierarchy will be nested under.
# `subscription_id_identity`: The subscription ID of the subscription to deploy the identity resources to, sourced from the variable `subscription_id_identity`.
# `subscription_id_connectivity`: The subscription ID of the subscription to deploy the connectivity resources to, sourced from the variable `subscription_id_connectivity`.
# `subscription_id_management`: The subscription ID of the subscription to deploy the management resources to, sourced from the variable `subscription_id_management`.
---
connectivity_resource_groups:
ddos:
location: ${starter_location_01}
name: rg-hub-ddos-${starter_location_01}
dns:
location: ${starter_location_01}
name: rg-hub-dns-${starter_location_01}
vnet_primary:
location: ${starter_location_01}
name: rg-hub-${starter_location_01}
vnet_secondary:
location: ${starter_location_02}
name: rg-hub-${starter_location_02}
connectivity_type: hub_and_spoke_vnet
hub_and_spoke_vnet_settings:
ddos_protection_plan:
location: ${starter_location_01}
name: ddos-hub-${starter_location_01}
resource_group_name: ${connectivity_resource_group_ddos}
hub_and_spoke_vnet_virtual_networks:
primary:
hub_virtual_network:
address_space:
- 10.0.0.0/16
firewall:
default_ip_configuration:
public_ip_config:
ip_version: IPv4
name: pip-fw-hub-${starter_location_01}
zones: ${starter_location_01_availability_zones}
firewall_policy:
dns:
proxy_enabled: true
name: fwp-hub-${starter_location_01}
name: fw-hub-${starter_location_01}
sku_name: AZFW_VNet
sku_tier: Premium
subnet_address_prefix: 10.0.0.0/24
zones: ${starter_location_01_availability_zones}
location: ${starter_location_01}
name: vnet-hub-${starter_location_01}
resource_group_creation_enabled: false
resource_group_name: ${connectivity_resource_group_vnet_primary}
subnets:
virtual_network_gateway:
address_prefixes:
- 10.0.1.0/24
assign_generated_route_table: false
name: GatewaySubnet
tags:
deployment: terraform
source: Azure Landing Zones Accelerator
private_dns_zones:
is_primary: true
resource_group_name: ${connectivity_resource_group_dns}
virtual_network_gateways:
express_route:
ip_configurations:
default:
name: ipconfig-vgw-hub-expressroute-${starter_location_01}
public_ip:
name: pip-vgw-hub-expressroute-${starter_location_01}
zones: ${starter_location_01_availability_zones}
location: ${starter_location_01}
name: vgw-hub-expressroute-${starter_location_01}
sku: ${starter_location_01_virtual_network_gateway_sku_express_route}
type: ExpressRoute
vpn:
ip_configurations:
default:
name: ipconfig-vgw-hub-vpn-${starter_location_01}
public_ip:
name: pip-vgw-hub-vpn-${starter_location_01}
zones: ${starter_location_01_availability_zones}
location: ${starter_location_01}
name: vgw-hub-vpn-${starter_location_01}
sku: ${starter_location_01_virtual_network_gateway_sku_vpn}
type: Vpn
secondary:
hub_virtual_network:
address_space:
- 10.1.0.0/16
firewall:
default_ip_configuration:
public_ip_config:
ip_version: IPv4
name: pip-fw-hub-${starter_location_02}
zones: ${starter_location_02_availability_zones}
firewall_policy:
dns:
proxy_enabled: true
name: fwp-hub-${starter_location_01}
name: fw-hub-${starter_location_02}
sku_name: AZFW_VNet
sku_tier: Premium
subnet_address_prefix: 10.1.0.0/24
zones: ${starter_location_02_availability_zones}
location: ${starter_location_02}
name: vnet-hub-${starter_location_02}
resource_group_creation_enabled: false
resource_group_name: ${connectivity_resource_group_vnet_secondary}
subnets:
virtual_network_gateway:
address_prefixes:
- 10.1.1.0/24
assign_generated_route_table: false
name: GatewaySubnet
tags:
deployment: terraform
source: Azure Landing Zones Accelerator
private_dns_zones:
is_primary: false
resource_group_name: ${connectivity_resource_group_dns}
virtual_network_gateways:
express_route:
ip_configurations:
default:
name: ipconfig-vgw-hub-expressroute-${starter_location_02}
public_ip:
name: pip-vgw-hub-expressroute-${starter_location_02}
zones: ${starter_location_02_availability_zones}
location: ${starter_location_02}
name: vgw-hub-expressroute-${starter_location_02}
sku: ${starter_location_02_virtual_network_gateway_sku_express_route}
type: ExpressRoute
vpn:
ip_configurations:
default:
name: ipconfig-vgw-hub-vpn-${starter_location_02}
public_ip:
name: pip-vgw-hub-vpn-${starter_location_02}
zones: ${starter_location_02_availability_zones}
location: ${starter_location_02}
name: vgw-hub-vpn-${starter_location_02}
sku: ${starter_location_02_virtual_network_gateway_sku_vpn}
type: Vpn
management_settings_es:
configure_connectivity_resources:
advanced:
custom_settings_by_resource_type:
azurerm_network_ddos_protection_plan:
ddos:
${starter_location_01}:
name: ddos-hub-${starter_location_01}
azurerm_resource_group:
ddos:
${starter_location_01}:
name: ${connectivity_resource_group_ddos}
dns:
${starter_location_01}:
name: ${connectivity_resource_group_dns}
settings:
ddos_protection_plan:
config:
location: ${starter_location_01}
dns:
config:
location: ${starter_location_01}
configure_management_resources:
advanced:
asc_export_resource_group_name: rg-management-asc-export-${starter_location_01}
azurerm_automation_account:
management:
name: aa-management-${starter_location_01}
azurerm_log_analytics_workspace:
management:
name: law-management-${starter_location_01}
custom_settings_by_resource_type:
azurerm_resource_group:
management:
name: rg-management-${starter_location_01}
location: ${starter_location_01}
default_location: ${starter_location_01}
# put this to false because avm module is used
deploy_connectivity_resources: false
deploy_management_resources: true
deploy_core_landing_zones: true
deploy_corp_landing_zones: true
deploy_online_landing_zones: true
root_id: alz
root_name: Azure-Landing-Zones
root_parent_id: ${root_parent_management_group_id}
subscription_id_connectivity: ${subscription_id_connectivity}
subscription_id_identity: ${subscription_id_identity}
subscription_id_management: ${subscription_id_management}
Reference in New Issue View Git Blame Copy Permalink