Merge remote-tracking branch 'origin/master' into sql-managed-instance

2022-11-04 11:44:12 +01:00 · 2022-11-04 11:44:12 +01:00 · 25a6da8b00
commit 25a6da8b00
parent 66f805be99 f0587e9875
16 changed files with 397 additions and 30 deletions
--- a/README.md
+++ b/README.md
@ -1,24 +1,24 @@
-# Contributing
-This project welcomes contributions and suggestions.
-
-## Modules
-Module summary
-[Module contribution guide](./module/CONTRIBUTE.md)
-
-## Providers
-Provider summary
-[Provider contribution guide](./provider/CONTRIBUTE.md)
-
-# Contributing
-
-This project welcomes contributions and suggestions.  Most contributions require you to agree to a
-Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
-the rights to use your contribution. For details, visit https://cla.microsoft.com.
-
-When you submit a pull request, a CLA-bot will automatically determine whether you need to provide
-a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions
-provided by the bot. You will only need to do this once across all repos using our CLA.
-
-This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
-For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
-contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
+# Contributing
+This project welcomes contributions and suggestions.
+
+## Modules
+Module summary
+[Module contribution guide](./module/CONTRIBUTE.md)
+
+## Providers
+Provider summary
+[Provider contribution guide](./provider/CONTRIBUTE.md)
+
+# Contributing
+
+This project welcomes contributions and suggestions.  Most contributions require you to agree to a
+Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
+the rights to use your contribution. For details, visit https://cla.microsoft.com.
+
+When you submit a pull request, a CLA-bot will automatically determine whether you need to provide
+a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions
+provided by the bot. You will only need to do this once across all repos using our CLA.
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
+contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
--- a/quickstart/101-azure-virtual-desktop/host.tf
+++ b/quickstart/101-azure-virtual-desktop/host.tf
@ -108,7 +108,7 @@ resource "azurerm_virtual_machine_extension" "vmext_dsc" {

  settings = <<-SETTINGS
    {
-      "modulesUrl": "https://wvdportalstorageblob.blob.core.windows.net/galleryartifacts/Configuration_3-10-2021.zip",
+      "modulesUrl": "https://wvdportalstorageblob.blob.core.windows.net/galleryartifacts/Configuration_09-08-2022.zip",
      "configurationFunction": "Configuration.ps1\\AddSessionHost",
      "properties": {
        "HostPoolName":"${azurerm_virtual_desktop_host_pool.hostpool.name}"
--- a/quickstart/101-cosmos-db-azure-container-instance/aci.tf
+++ b/quickstart/101-cosmos-db-azure-container-instance/aci.tf
@ -0,0 +1,27 @@
+resource "azurerm_container_group" "vote_aci" {
+  name                = "vote-aci"
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+  ip_address_type     = "public"
+  dns_name_label      = "vote-aci-${random_integer.ri.result}"
+  os_type             = "linux"
+
+  container {
+    name   = "vote-aci"
+    image  = "mcr.microsoft.com/azuredocs/azure-vote-front:cosmosdb"
+    cpu    = "0.5"
+    memory = "1.5"
+    ports {
+      port     = 80
+      protocol = "TCP"
+    }
+
+    secure_environment_variables = {
+      "COSMOS_DB_ENDPOINT"  = azurerm_cosmosdb_account.vote_cosmos_db.endpoint
+      "COSMOS_DB_MASTERKEY" = azurerm_cosmosdb_account.vote_cosmos_db.primary_key
+      "TITLE"               = "Azure Voting App"
+      "VOTE1VALUE"          = "Cats"
+      "VOTE2VALUE"          = "Dogs"
+    }
+  }
+}
--- a/quickstart/101-cosmos-db-azure-container-instance/main.tf
+++ b/quickstart/101-cosmos-db-azure-container-instance/main.tf
@ -0,0 +1,32 @@
+resource "random_pet" "rg_name" {
+  prefix = var.resource_group_name_prefix
+}
+
+resource "azurerm_resource_group" "rg" {
+  location = var.resource_group_location
+  name     = random_pet.rg_name.id
+}
+
+resource "random_integer" "ri" {
+  min = 10000
+  max = 99999
+}
+
+resource "azurerm_cosmosdb_account" "vote_cosmos_db" {
+  name                = "tfex-cosmos-db-${random_integer.ri.result}"
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+  offer_type          = "Standard"
+  kind                = "GlobalDocumentDB"
+
+  consistency_policy {
+    consistency_level       = "BoundedStaleness"
+    max_interval_in_seconds = 10
+    max_staleness_prefix    = 200
+  }
+
+  geo_location {
+    location          = azurerm_resource_group.rg.location
+    failover_priority = 0
+  }
+}
--- a/quickstart/101-cosmos-db-azure-container-instance/outputs.tf
+++ b/quickstart/101-cosmos-db-azure-container-instance/outputs.tf
@ -0,0 +1,11 @@
+output "resource_group_name" {
+  value = azurerm_resource_group.rg.name
+}
+
+output "cosmosdb_account_name" {
+  value = azurerm_cosmosdb_account.vote_cosmos_db.name
+}
+
+output "dns" {
+  value = azurerm_container_group.vote_aci.fqdn
+}
--- a/quickstart/101-cosmos-db-azure-container-instance/providers.tf
+++ b/quickstart/101-cosmos-db-azure-container-instance/providers.tf
@ -0,0 +1,18 @@
+terraform {
+  required_version = ">=0.12"
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~>3.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~>3.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+}
--- a/quickstart/101-cosmos-db-azure-container-instance/readme.md
+++ b/quickstart/101-cosmos-db-azure-container-instance/readme.md
@ -0,0 +1,21 @@
+# Azure Cosmos DB in an Azure Container Instance
+
+This template shows how to use Terraform to deploy an Azure Cosmos DB to Azure Container Instances.
+
+## Terraform resource types
+
+- [random_pet](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet)
+- [azurerm_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group)
+- [random_integer](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/integer)
+- [azurerm_cosmosdb_account](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_account)
+
+## Variables
+
+| Name | Description | Default |
+|-|-|-|
+| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg |
+| `resource_group_location` | Location of the resource group. | eastus |
+
+## Example
+
+To see how to run this example, see [Deploy an Azure Cosmos DB to Azure Container Instances](https://docs.microsoft.com/azure/developer/terraform/deploy-azure-cosmos-db-to-azure-container-instances).
--- a/quickstart/101-cosmos-db-azure-container-instance/variables.tf
+++ b/quickstart/101-cosmos-db-azure-container-instance/variables.tf
@ -0,0 +1,9 @@
+variable "resource_group_location" {
+  default     = "eastus"
+  description = "Location of the resource group."
+}
+
+variable "resource_group_name_prefix" {
+  default     = "rg"
+  description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription."
+}
--- a/quickstart/101-vm-with-infrastructure/readme.md
+++ b/quickstart/101-vm-with-infrastructure/readme.md
@ -20,11 +20,11 @@ This template deploys a Linux virtual machine (VM) with infrastructure that incl

 ## Variables

-| Name | Description | Default |
-|-|-|
+| **Name** | **Description** | **Default** |
+|---|---|---|
 | `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg |
 | `resource_group_location` | Location of the resource group. | eastus |

 ## Example

-To see how to run this example, see [Quickstart: Configure a Linux virtual machine in Azure using Terraform](https://docs.microsoft.com/azure/developer/terraform/create-linux-virtual-machine-with-infrastructure).
+To see how to run this example, see [Quickstart: Configure a Linux virtual machine in Azure using Terraform](https://docs.microsoft.com/azure/developer/terraform/create-linux-virtual-machine-with-infrastructure).
--- a/quickstart/201-iot-hub-with-device-provisioning-service/main.tf
+++ b/quickstart/201-iot-hub-with-device-provisioning-service/main.tf
@ -0,0 +1,165 @@
+resource "random_pet" "rg_name" {
+  prefix = var.resource_group_name_prefix
+}
+
+resource "azurerm_resource_group" "rg" {
+  location = var.resource_group_location
+  name     = random_pet.rg_name.id
+}
+
+# Create storage account & container
+resource "random_string" "sa_name" {
+  length  = 12
+  special = false
+  upper   = false
+}
+
+resource "azurerm_storage_account" "sa" {
+  name                     = random_string.sa_name.id
+  resource_group_name      = azurerm_resource_group.rg.name
+  location                 = azurerm_resource_group.rg.location
+  account_tier             = "Standard"
+  account_replication_type = "LRS"
+}
+
+resource "azurerm_storage_container" "my_terraform_container" {
+  name                  = "mycontainer"
+  storage_account_name  = azurerm_storage_account.sa.name
+  container_access_type = "private"
+}
+
+
+# Create an Event Hub & Authorization Rule
+resource "random_pet" "eventhub_namespace_name" {
+  prefix = var.eventhub_namespace_name_prefix
+}
+
+resource "azurerm_eventhub_namespace" "namespace" {
+  name                = random_pet.eventhub_namespace_name.id
+  resource_group_name = azurerm_resource_group.rg.name
+  location            = azurerm_resource_group.rg.location
+  sku                 = "Basic"
+}
+
+resource "azurerm_eventhub" "my_terraform_eventhub" {
+  name                = "myEventHub"
+  resource_group_name = azurerm_resource_group.rg.name
+  namespace_name      = azurerm_eventhub_namespace.namespace.name
+  partition_count     = 2
+  message_retention   = 1
+}
+
+resource "azurerm_eventhub_authorization_rule" "my_terraform_authorization_rule" {
+  resource_group_name = azurerm_resource_group.rg.name
+  namespace_name      = azurerm_eventhub_namespace.namespace.name
+  eventhub_name       = azurerm_eventhub.my_terraform_eventhub.name
+  name                = "acctest"
+  send                = true
+}
+
+
+# Create an IoT Hub
+resource "random_pet" "iothub_name" {
+  prefix = var.iothub_name_prefix
+  length = 1
+}
+
+resource "azurerm_iothub" "iothub" {
+  name                = random_pet.iothub_name.id
+  resource_group_name = azurerm_resource_group.rg.name
+  location            = azurerm_resource_group.rg.location
+
+  sku {
+    name     = "S1"
+    capacity = 1
+  }
+
+  endpoint {
+    type                       = "AzureIotHub.StorageContainer"
+    connection_string          = azurerm_storage_account.sa.primary_blob_connection_string
+    name                       = "export"
+    batch_frequency_in_seconds = 60
+    max_chunk_size_in_bytes    = 10485760
+    container_name             = azurerm_storage_container.my_terraform_container.name
+    encoding                   = "Avro"
+    file_name_format           = "{iothub}/{partition}_{YYYY}_{MM}_{DD}_{HH}_{mm}"
+  }
+
+  endpoint {
+    type              = "AzureIotHub.EventHub"
+    connection_string = azurerm_eventhub_authorization_rule.my_terraform_authorization_rule.primary_connection_string
+    name              = "export2"
+  }
+
+  route {
+    name           = "export"
+    source         = "DeviceMessages"
+    condition      = "true"
+    endpoint_names = ["export"]
+    enabled        = true
+  }
+
+  route {
+    name           = "export2"
+    source         = "DeviceMessages"
+    condition      = "true"
+    endpoint_names = ["export2"]
+    enabled        = true
+  }
+
+  enrichment {
+    key            = "tenant"
+    value          = "$twin.tags.Tenant"
+    endpoint_names = ["export", "export2"]
+  }
+
+  cloud_to_device {
+    max_delivery_count = 30
+    default_ttl        = "PT1H"
+    feedback {
+      time_to_live       = "PT1H10M"
+      max_delivery_count = 15
+      lock_duration      = "PT30S"
+    }
+  }
+
+  tags = {
+    purpose = "testing"
+  }
+}
+
+#Create IoT Hub Access Policy
+resource "azurerm_iothub_shared_access_policy" "hub_access_policy" {
+  name                = "terraform-policy"
+  resource_group_name = azurerm_resource_group.rg.name
+  iothub_name         = azurerm_iothub.iothub.name
+
+  registry_read   = true
+  registry_write  = true
+  service_connect = true
+}
+
+# Create IoT Hub DPS
+resource "random_pet" "dps_name" {
+  prefix = var.dps_name_prefix
+  length = 1
+}
+
+resource "azurerm_iothub_dps" "dps" {
+  name                = random_pet.dps_name.id
+  resource_group_name = azurerm_resource_group.rg.name
+  location            = azurerm_resource_group.rg.location
+  allocation_policy   = "Hashed"
+
+  sku {
+    name     = "S1"
+    capacity = 1
+  }
+
+  linked_hub {
+    connection_string       = azurerm_iothub_shared_access_policy.hub_access_policy.primary_connection_string
+    location                = azurerm_resource_group.rg.location
+    allocation_weight       = 150
+    apply_allocation_policy = true
+  }
+}
--- a/quickstart/201-iot-hub-with-device-provisioning-service/outputs.tf
+++ b/quickstart/201-iot-hub-with-device-provisioning-service/outputs.tf
@ -0,0 +1,11 @@
+output "azurerm_iothub_name" {
+  value = azurerm_iothub.iothub.name
+}
+
+output "azurerm_iothub_dps_name" {
+  value = azurerm_iothub_dps.dps.name
+}
+
+output "resource_group_name" {
+  value = azurerm_resource_group.rg.name
+}
--- a/quickstart/201-iot-hub-with-device-provisioning-service/providers.tf
+++ b/quickstart/201-iot-hub-with-device-provisioning-service/providers.tf
@ -0,0 +1,18 @@
+terraform {
+  required_version = ">=1.0"
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = ">=3.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~>3.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+}
--- a/quickstart/201-iot-hub-with-device-provisioning-service/readme.md
+++ b/quickstart/201-iot-hub-with-device-provisioning-service/readme.md
@ -0,0 +1,27 @@
+# Azure IoT Hub and IoT Hub Device Provisioning Service
+
+This template deploys an instance of [Azure IoT Hub](https://learn.microsoft.com/azure/iot-hub/) and [IoT Hub Device Provisioning Service](https://learn.microsoft.com/azure/iot-dps/) on Azure.
+
+## Terraform resource types
+
+* [random_pet](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet)
+* [random_string](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string)
+* [azurerm_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group)
+* [azurerm_storage_account](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account)
+* [azurerm_storage_container](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container)
+* [azurerm_eventhub_namespace](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/eventhub_namespace)
+* [azurerm_eventhub](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/eventhub)
+* [azurerm_eventhub_authorization_rule](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/eventhub_authorization_rule)
+* [azurerm_iothub](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/iothub)
+* [azurerm_iothub_shared_access_policy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/iothub_shared_access_policy)
+* [azurerm_iothub_dps](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/iothub_dps)
+
+## Variables
+
+| Name | Description | Default |
+| ---- | ----------- | ------- |
+| `resource_group_location` | Location of the resource group. | `eastus` |
+| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so the name is unique in your Azure subscription. | `rg` |
+| `eventhub_namespace_name_prefix` | Prefix of the event hub namespace name that's combined with a random ID so the name is unique in your Azure subscription. | `namespace` |
+| `iothub_name_prefix` | Prefix of the IoT hub name that's combined with a random ID so the name is unique in your Azure subscription. | `iothub` |
+| `dps_name_prefix` | Prefix of the dps name that's combined with a random ID so the name is unique in your Azure subscription. | `dps` |
--- a/quickstart/201-iot-hub-with-device-provisioning-service/variables.tf
+++ b/quickstart/201-iot-hub-with-device-provisioning-service/variables.tf
@ -0,0 +1,24 @@
+variable "resource_group_location" {
+  default     = "eastus"
+  description = "Location of the resource group."
+}
+
+variable "resource_group_name_prefix" {
+  default     = "rg"
+  description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription."
+}
+
+variable "eventhub_namespace_name_prefix" {
+  default     = "namespace"
+  description = "Prefix of the event hub namespace name that's combined with a random ID so name is unique in your Azure subscription."
+}
+
+variable "iothub_name_prefix" {
+  default     = "iothub"
+  description = "Prefix of the iot hub name that's combined with a random ID so name is unique in your Azure subscription."
+}
+
+variable "dps_name_prefix" {
+  default     = "dps"
+  description = "Prefix of the dps name that's combined with a random ID so name is unique in your Azure subscription."
+}
--- a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf
+++ b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf
@ -14,7 +14,8 @@ resource "random_id" "log_analytics_workspace_name_suffix" {

 resource "azurerm_log_analytics_workspace" "test" {
  location            = var.log_analytics_workspace_location
-  # The WorkSpace name has to be unique across the whole of azure, not just the current subscription/tenant.
+  # The WorkSpace name has to be unique across the whole of azure;
+  # not just the current subscription/tenant.
  name                = "${var.log_analytics_workspace_name}-${random_id.log_analytics_workspace_name_suffix.dec}"
  resource_group_name = azurerm_resource_group.rg.name
  sku                 = var.log_analytics_workspace_sku
--- a/quickstart/README.md
+++ b/quickstart/README.md
@ -17,6 +17,8 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope
 #### Beginner

 - [Azure resource group](./101-resource-group)
+- [Azure attestation provider](./101-attestation-provider)
+- [Azure Cosmos DB in an Azure Container Instance](./101-cosmos-db-azure-container-instance)
 - [Static Website hosted on Azure Storage](./101-storage-static-website)
 - [Azure Web App hosting a Linux Container](./101-web-app-linux-container)
 - [Azure Web App hosting a Java 8 App on Linux](./101-web-app-linux-java)
@ -25,6 +27,7 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope
 #### Intermediate

 - [Azure Web App with ACR](./201-web-app-docker-acr/)
+- [Azure Kubernetes Service with Kubernetes cluster](./201-k8s-cluster-with-tf-and-aks)
 - [Azure Kubernetes Service with an Admin Dashboard](./201-aks-rbac-dashboard-admin/)
 - [Azure Kubernetes Service with Log Analytics](./201-aks-log-analytics/)
 - [Azure Kubernetes Service with Helm](./201-aks-helm/)
@ -52,4 +55,4 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope
 - [AppGateway fronted VM Scale Set](./201-vmss-appgw-waf/)
 - [Azure Pipeline CI/CD for Terraform](./201-azure-pipelines-ci-cd/)
 - [AKS with Windows node pools](./301-aks-windows-nodepool/)
- [Hub and Spoke VNet with VMs](./301-hub-spoke-network-3vm/)
+- [Hub and Spoke VNet with VMs](./301-hub-spoke-network-3vm/)