From 3226d364a8207ba48edf7dea264e878269075932 Mon Sep 17 00:00:00 2001 From: John Downs Date: Tue, 25 Oct 2022 10:20:57 +1300 Subject: [PATCH 1/3] Add quickstart --- .../app-service.tf | 42 +++++ .../front-door.tf | 63 +++++++ .../outputs.tf | 3 + .../providers.tf | 19 ++ .../101-front-door-standard-premium/readme.md | 166 ++++++++++++++++++ .../resource-group.tf | 4 + .../variables.tf | 41 +++++ 7 files changed, 338 insertions(+) create mode 100644 quickstart/101-front-door-standard-premium/app-service.tf create mode 100644 quickstart/101-front-door-standard-premium/front-door.tf create mode 100644 quickstart/101-front-door-standard-premium/outputs.tf create mode 100644 quickstart/101-front-door-standard-premium/providers.tf create mode 100644 quickstart/101-front-door-standard-premium/readme.md create mode 100644 quickstart/101-front-door-standard-premium/resource-group.tf create mode 100644 quickstart/101-front-door-standard-premium/variables.tf diff --git a/quickstart/101-front-door-standard-premium/app-service.tf b/quickstart/101-front-door-standard-premium/app-service.tf new file mode 100644 index 00000000..4932bcf9 --- /dev/null +++ b/quickstart/101-front-door-standard-premium/app-service.tf @@ -0,0 +1,42 @@ +locals { + app_name = "myapp-${lower(random_id.app_name.hex)}" + app_service_plan_name = "AppServicePlan" +} + +resource "azurerm_service_plan" "app_service_plan" { + name = local.app_service_plan_name + location = var.location + resource_group_name = azurerm_resource_group.my_resource_group.name + + sku_name = var.app_service_plan_sku_name + os_type = "Windows" + worker_count = var.app_service_plan_capacity +} + +resource "azurerm_windows_web_app" "app" { + name = local.app_name + location = var.location + resource_group_name = azurerm_resource_group.my_resource_group.name + service_plan_id = azurerm_service_plan.app_service_plan.id + + https_only = true + + site_config { + ftps_state = "Disabled" + minimum_tls_version = "1.2" + ip_restriction = [{ + service_tag = "AzureFrontDoor.Backend" + ip_address = null + virtual_network_subnet_id = null + action = "Allow" + priority = 100 + headers = [{ + x_azure_fdid = [azurerm_cdn_frontdoor_profile.my_front_door.resource_guid] + x_fd_health_probe = [] + x_forwarded_for = [] + x_forwarded_host = [] + }] + name = "Allow traffic from Front Door" + }] + } +} diff --git a/quickstart/101-front-door-standard-premium/front-door.tf b/quickstart/101-front-door-standard-premium/front-door.tf new file mode 100644 index 00000000..a9689423 --- /dev/null +++ b/quickstart/101-front-door-standard-premium/front-door.tf @@ -0,0 +1,63 @@ +locals { + front_door_profile_name = "MyFrontDoor" + front_door_endpoint_name = "afd-${lower(random_id.front_door_endpoint_name.hex)}" + front_door_origin_group_name = "MyOriginGroup" + front_door_origin_name = "MyAppServiceOrigin" + front_door_route_name = "MyRoute" +} + +resource "azurerm_cdn_frontdoor_profile" "my_front_door" { + name = local.front_door_profile_name + resource_group_name = azurerm_resource_group.my_resource_group.name + sku_name = var.front_door_sku_name +} + +resource "azurerm_cdn_frontdoor_endpoint" "my_endpoint" { + name = local.front_door_endpoint_name + cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.my_front_door.id +} + +resource "azurerm_cdn_frontdoor_origin_group" "my_origin_group" { + name = local.front_door_origin_group_name + cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.my_front_door.id + session_affinity_enabled = true + + load_balancing { + sample_size = 4 + successful_samples_required = 3 + } + + health_probe { + path = "/" + request_type = "HEAD" + protocol = "Https" + interval_in_seconds = 100 + } +} + +resource "azurerm_cdn_frontdoor_origin" "my_app_service_origin" { + name = local.front_door_origin_name + cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.my_origin_group.id + + enabled = true + host_name = azurerm_windows_web_app.app.default_hostname + http_port = 80 + https_port = 443 + origin_host_header = azurerm_windows_web_app.app.default_hostname + priority = 1 + weight = 1000 + certificate_name_check_enabled = true +} + +resource "azurerm_cdn_frontdoor_route" "my_route" { + name = local.front_door_route_name + cdn_frontdoor_endpoint_id = azurerm_cdn_frontdoor_endpoint.my_endpoint.id + cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.my_origin_group.id + cdn_frontdoor_origin_ids = [azurerm_cdn_frontdoor_origin.my_app_service_origin.id] + + supported_protocols = ["Http", "Https"] + patterns_to_match = ["/*"] + forwarding_protocol = "HttpsOnly" + link_to_default_domain = true + https_redirect_enabled = true +} diff --git a/quickstart/101-front-door-standard-premium/outputs.tf b/quickstart/101-front-door-standard-premium/outputs.tf new file mode 100644 index 00000000..3642fe18 --- /dev/null +++ b/quickstart/101-front-door-standard-premium/outputs.tf @@ -0,0 +1,3 @@ +output "frontDoorEndpointHostName" { + value = azurerm_cdn_frontdoor_endpoint.my_endpoint.host_name +} diff --git a/quickstart/101-front-door-standard-premium/providers.tf b/quickstart/101-front-door-standard-premium/providers.tf new file mode 100644 index 00000000..2a4539cd --- /dev/null +++ b/quickstart/101-front-door-standard-premium/providers.tf @@ -0,0 +1,19 @@ +# Configure the Azure provider +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~> 3.27.0" + } + + random = { + source = "hashicorp/random" + } + } + + required_version = ">= 1.1.0" +} + +provider "azurerm" { + features {} +} diff --git a/quickstart/101-front-door-standard-premium/readme.md b/quickstart/101-front-door-standard-premium/readme.md new file mode 100644 index 00000000..9f18dd38 --- /dev/null +++ b/quickstart/101-front-door-standard-premium/readme.md @@ -0,0 +1,166 @@ +# Azure Front Door Standard/Premium + +This template deploys an [Azure Front Door Standard/Premium profile](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_profile) with classic application and network rules. + +## Resources + +| Terraform Resource Type | Description | +| - | - | +| `azurerm_resource_group` | The resource group for all the deployed resources.| +| `azurerm_cdn_frontdoor_profile` | The Front Door profile. | +| `azurerm_cdn_frontdoor_endpoint` | The Front Door endpoint. | +| `azurerm_cdn_frontdoor_origin_group` | The Front Door origin group. | +| `azurerm_cdn_frontdoor_origin` | The Front Door origin, which refers to the App Service app. | +| `azurerm_cdn_frontdoor_route` | The Front Door route. | +| `azurerm_service_plan` | The App Service plan. | +| `azurerm_windows_web_app` | The App Service app. | + +## Variables + +| Name | Description | +|-|-| +| `location` | The location for all the deployed resources. | +| `resource_group_name` | The name of the resource group. | +| `app_service_plan_sku_name` | The SKU for the App Service plan. | +| `app_service_plan_sku_tier_name` | The name of the tier that the App Service plan SKU is in. | +| `app_service_plan_capacity` | The capacity (number of worker instances) for the App Service plan. | +| `front_door_sku_name` | The name of the SKU for the Front Door profile. | + +## Example + +```bash +$ terraform plan -out main.tfplan + +Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + + create + +Terraform will perform the following actions: + + # azurerm_firewall.fw will be created + + resource "azurerm_firewall" "fw" { + + id = (known after apply) + + location = "eastus" + + name = "testfirewall" + + resource_group_name = "test-resources" + + sku_name = (known after apply) + + sku_tier = (known after apply) + + threat_intel_mode = "Alert" + + + ip_configuration { + + name = "configuration" + + private_ip_address = (known after apply) + + public_ip_address_id = (known after apply) + + subnet_id = (known after apply) + } + } + + # azurerm_firewall_application_rule_collection.app-rc will be created + + resource "azurerm_firewall_application_rule_collection" "app-rc" { + + action = "Allow" + + azure_firewall_name = "testfirewall" + + id = (known after apply) + + name = "apptestcollection" + + priority = 100 + + resource_group_name = "test-resources" + + + rule { + + name = "testrule" + + source_addresses = [ + + "10.0.0.0/16", + ] + + target_fqdns = [ + + "*.google.com", + ] + + + protocol { + + port = 443 + + type = "Https" + } + } + } + + # azurerm_firewall_network_rule_collection.net-rc will be created + + resource "azurerm_firewall_network_rule_collection" "net-rc" { + + action = "Allow" + + azure_firewall_name = "testfirewall" + + id = (known after apply) + + name = "apptestcollection" + + priority = 100 + + resource_group_name = "test-resources" + + + rule { + + destination_addresses = [ + + "8.8.4.4", + + "8.8.8.8", + ] + + destination_fqdns = [] + + destination_ip_groups = [] + + destination_ports = [ + + "53", + ] + + name = "dnsrule" + + protocols = [ + + "TCP", + + "UDP", + ] + + source_addresses = [ + + "10.0.0.0/16", + ] + + source_ip_groups = [] + } + } + + # azurerm_public_ip.pip will be created + + resource "azurerm_public_ip" "pip" { + + allocation_method = "Static" + + availability_zone = (known after apply) + + fqdn = (known after apply) + + id = (known after apply) + + idle_timeout_in_minutes = 4 + + ip_address = (known after apply) + + ip_version = "IPv4" + + location = "eastus" + + name = "testpip" + + resource_group_name = "test-resources" + + sku = "Standard" + + zones = (known after apply) + } + + # azurerm_resource_group.rg will be created + + resource "azurerm_resource_group" "rg" { + + id = (known after apply) + + location = "eastus" + + name = "test-resources" + } + + # azurerm_subnet.subnet will be created + + resource "azurerm_subnet" "subnet" { + + address_prefix = (known after apply) + + address_prefixes = [ + + "10.0.1.0/24", + ] + + enforce_private_link_endpoint_network_policies = false + + enforce_private_link_service_network_policies = false + + id = (known after apply) + + name = "AzureFirewallSubnet" + + resource_group_name = "test-resources" + + virtual_network_name = "testvnet" + } + + # azurerm_virtual_network.vnet will be created + + resource "azurerm_virtual_network" "vnet" { + + address_space = [ + + "10.0.0.0/16", + ] + + dns_servers = (known after apply) + + guid = (known after apply) + + id = (known after apply) + + location = "eastus" + + name = "testvnet" + + resource_group_name = "test-resources" + + subnet = (known after apply) + + vm_protection_enabled = false + } + +Plan: 7 to add, 0 to change, 0 to destroy. +``` diff --git a/quickstart/101-front-door-standard-premium/resource-group.tf b/quickstart/101-front-door-standard-premium/resource-group.tf new file mode 100644 index 00000000..85fae84e --- /dev/null +++ b/quickstart/101-front-door-standard-premium/resource-group.tf @@ -0,0 +1,4 @@ +resource "azurerm_resource_group" "my_resource_group" { + name = var.resource_group_name + location = var.location +} diff --git a/quickstart/101-front-door-standard-premium/variables.tf b/quickstart/101-front-door-standard-premium/variables.tf new file mode 100644 index 00000000..9b6428ee --- /dev/null +++ b/quickstart/101-front-door-standard-premium/variables.tf @@ -0,0 +1,41 @@ +variable "location" { + type = string + default = "westus2" +} + +variable "resource_group_name" { + type = string + default = "FrontDoor" +} + +variable "app_service_plan_sku_name" { + type = string + default = "S1" +} + +variable "app_service_plan_capacity" { + type = number + default = 1 +} + +variable "app_service_plan_sku_tier_name" { + type = string + default = "Standard" +} + +variable "front_door_sku_name" { + type = string + default = "Standard_AzureFrontDoor" + validation { + condition = contains(["Standard_AzureFrontDoor", "Premium_AzureFrontDoor"], var.front_door_sku_name) + error_message = "The SKU value must be Standard_AzureFrontDoor or Premium_AzureFrontDoor." + } +} + +resource "random_id" "app_name" { + byte_length = 8 +} + +resource "random_id" "front_door_endpoint_name" { + byte_length = 8 +} From 20eba75a884b10039892268faf32915918f3eda3 Mon Sep 17 00:00:00 2001 From: John Downs Date: Tue, 25 Oct 2022 10:23:04 +1300 Subject: [PATCH 2/3] Update readme --- .../101-front-door-standard-premium/readme.md | 358 ++++++++++++------ 1 file changed, 245 insertions(+), 113 deletions(-) diff --git a/quickstart/101-front-door-standard-premium/readme.md b/quickstart/101-front-door-standard-premium/readme.md index 9f18dd38..98402cc1 100644 --- a/quickstart/101-front-door-standard-premium/readme.md +++ b/quickstart/101-front-door-standard-premium/readme.md @@ -1,6 +1,6 @@ # Azure Front Door Standard/Premium -This template deploys an [Azure Front Door Standard/Premium profile](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_profile) with classic application and network rules. +This template deploys an [Azure Front Door Standard/Premium profile](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_profile) with an App Service origin. ## Resources @@ -36,131 +36,263 @@ Terraform used the selected providers to generate the following execution plan. Terraform will perform the following actions: - # azurerm_firewall.fw will be created - + resource "azurerm_firewall" "fw" { - + id = (known after apply) - + location = "eastus" - + name = "testfirewall" - + resource_group_name = "test-resources" - + sku_name = (known after apply) - + sku_tier = (known after apply) - + threat_intel_mode = "Alert" + # azurerm_cdn_frontdoor_endpoint.my_endpoint will be created + + resource "azurerm_cdn_frontdoor_endpoint" "my_endpoint" { + + cdn_frontdoor_profile_id = (known after apply) + + enabled = true + + host_name = (known after apply) + + id = (known after apply) + + name = (known after apply) + } - + ip_configuration { - + name = "configuration" - + private_ip_address = (known after apply) - + public_ip_address_id = (known after apply) - + subnet_id = (known after apply) + # azurerm_cdn_frontdoor_origin.my_app_service_origin will be created + + resource "azurerm_cdn_frontdoor_origin" "my_app_service_origin" { + + cdn_frontdoor_origin_group_id = (known after apply) + + certificate_name_check_enabled = true + + enabled = true + + health_probes_enabled = (known after apply) + + host_name = (known after apply) + + http_port = 80 + + https_port = 443 + + id = (known after apply) + + name = "MyAppServiceOrigin" + + origin_host_header = (known after apply) + + priority = 1 + + weight = 1000 + } + + # azurerm_cdn_frontdoor_origin_group.my_origin_group will be created + + resource "azurerm_cdn_frontdoor_origin_group" "my_origin_group" { + + cdn_frontdoor_profile_id = (known after apply) + + id = (known after apply) + + name = "MyOriginGroup" + + restore_traffic_time_to_healed_or_new_endpoint_in_minutes = 10 + + session_affinity_enabled = true + + + health_probe { + + interval_in_seconds = 100 + + path = "/" + + protocol = "Https" + + request_type = "HEAD" + } + + + load_balancing { + + additional_latency_in_milliseconds = 50 + + sample_size = 4 + + successful_samples_required = 3 } } - # azurerm_firewall_application_rule_collection.app-rc will be created - + resource "azurerm_firewall_application_rule_collection" "app-rc" { - + action = "Allow" - + azure_firewall_name = "testfirewall" - + id = (known after apply) - + name = "apptestcollection" - + priority = 100 - + resource_group_name = "test-resources" + # azurerm_cdn_frontdoor_profile.my_front_door will be created + + resource "azurerm_cdn_frontdoor_profile" "my_front_door" { + + id = (known after apply) + + name = "MyFrontDoor" + + resource_group_name = "FrontDoor" + + resource_guid = (known after apply) + + response_timeout_seconds = 120 + + sku_name = "Standard_AzureFrontDoor" + } - + rule { - + name = "testrule" - + source_addresses = [ - + "10.0.0.0/16", - ] - + target_fqdns = [ - + "*.google.com", - ] + # azurerm_cdn_frontdoor_route.my_route will be created + + resource "azurerm_cdn_frontdoor_route" "my_route" { + + cdn_frontdoor_endpoint_id = (known after apply) + + cdn_frontdoor_origin_group_id = (known after apply) + + cdn_frontdoor_origin_ids = (known after apply) + + enabled = true + + forwarding_protocol = "HttpsOnly" + + https_redirect_enabled = true + + id = (known after apply) + + link_to_default_domain = true + + name = "MyRoute" + + patterns_to_match = [ + + "/*", + ] + + supported_protocols = [ + + "Http", + + "Https", + ] + } - + protocol { - + port = 443 - + type = "Https" + # azurerm_resource_group.my_resource_group will be created + + resource "azurerm_resource_group" "my_resource_group" { + + id = (known after apply) + + location = "westus2" + + name = "FrontDoor" + } + + # azurerm_service_plan.app_service_plan will be created + + resource "azurerm_service_plan" "app_service_plan" { + + id = (known after apply) + + kind = (known after apply) + + location = "westus2" + + maximum_elastic_worker_count = (known after apply) + + name = "AppServicePlan" + + os_type = "Windows" + + per_site_scaling_enabled = false + + reserved = (known after apply) + + resource_group_name = "FrontDoor" + + sku_name = "S1" + + worker_count = 1 + } + + # azurerm_windows_web_app.app will be created + + resource "azurerm_windows_web_app" "app" { + + client_affinity_enabled = false + + client_certificate_enabled = false + + client_certificate_mode = "Required" + + custom_domain_verification_id = (sensitive value) + + default_hostname = (known after apply) + + enabled = true + + https_only = true + + id = (known after apply) + + key_vault_reference_identity_id = (known after apply) + + kind = (known after apply) + + location = "westus2" + + name = (known after apply) + + outbound_ip_address_list = (known after apply) + + outbound_ip_addresses = (known after apply) + + possible_outbound_ip_address_list = (known after apply) + + possible_outbound_ip_addresses = (known after apply) + + resource_group_name = "FrontDoor" + + service_plan_id = (known after apply) + + site_credential = (known after apply) + + zip_deploy_file = (known after apply) + + + auth_settings { + + additional_login_parameters = (known after apply) + + allowed_external_redirect_urls = (known after apply) + + default_provider = (known after apply) + + enabled = (known after apply) + + issuer = (known after apply) + + runtime_version = (known after apply) + + token_refresh_extension_hours = (known after apply) + + token_store_enabled = (known after apply) + + unauthenticated_client_action = (known after apply) + + + active_directory { + + allowed_audiences = (known after apply) + + client_id = (known after apply) + + client_secret = (sensitive value) + + client_secret_setting_name = (known after apply) + } + + + facebook { + + app_id = (known after apply) + + app_secret = (sensitive value) + + app_secret_setting_name = (known after apply) + + oauth_scopes = (known after apply) + } + + + github { + + client_id = (known after apply) + + client_secret = (sensitive value) + + client_secret_setting_name = (known after apply) + + oauth_scopes = (known after apply) + } + + + google { + + client_id = (known after apply) + + client_secret = (sensitive value) + + client_secret_setting_name = (known after apply) + + oauth_scopes = (known after apply) + } + + + microsoft { + + client_id = (known after apply) + + client_secret = (sensitive value) + + client_secret_setting_name = (known after apply) + + oauth_scopes = (known after apply) + } + + + twitter { + + consumer_key = (known after apply) + + consumer_secret = (sensitive value) + + consumer_secret_setting_name = (known after apply) + } + } + + + site_config { + + always_on = true + + auto_heal_enabled = false + + container_registry_use_managed_identity = false + + default_documents = (known after apply) + + detailed_error_logging_enabled = (known after apply) + + ftps_state = "Disabled" + + health_check_eviction_time_in_min = (known after apply) + + http2_enabled = false + + ip_restriction = [ + + { + + action = "Allow" + + headers = [ + + { + + x_azure_fdid = (known after apply) + + x_fd_health_probe = [] + + x_forwarded_for = [] + + x_forwarded_host = [] + }, + ] + + ip_address = null + + name = "Allow traffic from Front Door" + + priority = 100 + + service_tag = "AzureFrontDoor.Backend" + + virtual_network_subnet_id = null + }, + ] + + linux_fx_version = (known after apply) + + load_balancing_mode = "LeastRequests" + + local_mysql_enabled = false + + managed_pipeline_mode = "Integrated" + + minimum_tls_version = "1.2" + + remote_debugging_enabled = false + + remote_debugging_version = (known after apply) + + scm_ip_restriction = (known after apply) + + scm_minimum_tls_version = "1.2" + + scm_type = (known after apply) + + scm_use_main_ip_restriction = false + + use_32_bit_worker = true + + vnet_route_all_enabled = false + + websockets_enabled = false + + windows_fx_version = (known after apply) + + worker_count = (known after apply) + + + application_stack { + + current_stack = (known after apply) + + docker_container_name = (known after apply) + + docker_container_registry = (known after apply) + + docker_container_tag = (known after apply) + + dotnet_version = (known after apply) + + java_container = (known after apply) + + java_container_version = (known after apply) + + java_version = (known after apply) + + node_version = (known after apply) + + php_version = (known after apply) + + python_version = (known after apply) } } } - # azurerm_firewall_network_rule_collection.net-rc will be created - + resource "azurerm_firewall_network_rule_collection" "net-rc" { - + action = "Allow" - + azure_firewall_name = "testfirewall" - + id = (known after apply) - + name = "apptestcollection" - + priority = 100 - + resource_group_name = "test-resources" - - + rule { - + destination_addresses = [ - + "8.8.4.4", - + "8.8.8.8", - ] - + destination_fqdns = [] - + destination_ip_groups = [] - + destination_ports = [ - + "53", - ] - + name = "dnsrule" - + protocols = [ - + "TCP", - + "UDP", - ] - + source_addresses = [ - + "10.0.0.0/16", - ] - + source_ip_groups = [] - } + # random_id.app_name will be created + + resource "random_id" "app_name" { + + b64_std = (known after apply) + + b64_url = (known after apply) + + byte_length = 8 + + dec = (known after apply) + + hex = (known after apply) + + id = (known after apply) } - # azurerm_public_ip.pip will be created - + resource "azurerm_public_ip" "pip" { - + allocation_method = "Static" - + availability_zone = (known after apply) - + fqdn = (known after apply) - + id = (known after apply) - + idle_timeout_in_minutes = 4 - + ip_address = (known after apply) - + ip_version = "IPv4" - + location = "eastus" - + name = "testpip" - + resource_group_name = "test-resources" - + sku = "Standard" - + zones = (known after apply) + # random_id.front_door_endpoint_name will be created + + resource "random_id" "front_door_endpoint_name" { + + b64_std = (known after apply) + + b64_url = (known after apply) + + byte_length = 8 + + dec = (known after apply) + + hex = (known after apply) + + id = (known after apply) } - # azurerm_resource_group.rg will be created - + resource "azurerm_resource_group" "rg" { - + id = (known after apply) - + location = "eastus" - + name = "test-resources" - } +Plan: 10 to add, 0 to change, 0 to destroy. - # azurerm_subnet.subnet will be created - + resource "azurerm_subnet" "subnet" { - + address_prefix = (known after apply) - + address_prefixes = [ - + "10.0.1.0/24", - ] - + enforce_private_link_endpoint_network_policies = false - + enforce_private_link_service_network_policies = false - + id = (known after apply) - + name = "AzureFirewallSubnet" - + resource_group_name = "test-resources" - + virtual_network_name = "testvnet" - } - - # azurerm_virtual_network.vnet will be created - + resource "azurerm_virtual_network" "vnet" { - + address_space = [ - + "10.0.0.0/16", - ] - + dns_servers = (known after apply) - + guid = (known after apply) - + id = (known after apply) - + location = "eastus" - + name = "testvnet" - + resource_group_name = "test-resources" - + subnet = (known after apply) - + vm_protection_enabled = false - } - -Plan: 7 to add, 0 to change, 0 to destroy. +Changes to Outputs: + + frontDoorEndpointHostName = (known after apply) ``` From 5e0b259c1ed07dfcd25d91d76d8f1b1b7b2ff0c8 Mon Sep 17 00:00:00 2001 From: John Downs Date: Fri, 18 Nov 2022 12:46:31 +1300 Subject: [PATCH 3/3] Updates from PR review --- .../providers.tf | 1 + .../101-front-door-standard-premium/readme.md | 17 +++++++++-------- .../resource-group.tf | 8 ++++++++ .../variables.tf | 8 -------- 4 files changed, 18 insertions(+), 16 deletions(-) diff --git a/quickstart/101-front-door-standard-premium/providers.tf b/quickstart/101-front-door-standard-premium/providers.tf index 2a4539cd..c8990b6e 100644 --- a/quickstart/101-front-door-standard-premium/providers.tf +++ b/quickstart/101-front-door-standard-premium/providers.tf @@ -8,6 +8,7 @@ terraform { random = { source = "hashicorp/random" + version = "~> 3.4.3" } } diff --git a/quickstart/101-front-door-standard-premium/readme.md b/quickstart/101-front-door-standard-premium/readme.md index 98402cc1..d8ca79b8 100644 --- a/quickstart/101-front-door-standard-premium/readme.md +++ b/quickstart/101-front-door-standard-premium/readme.md @@ -14,17 +14,18 @@ This template deploys an [Azure Front Door Standard/Premium profile](https://reg | `azurerm_cdn_frontdoor_route` | The Front Door route. | | `azurerm_service_plan` | The App Service plan. | | `azurerm_windows_web_app` | The App Service app. | +| `random_id` | Two random identifier generators to generate a unique Front Door endpoint resource name and App Service app name. | ## Variables -| Name | Description | -|-|-| -| `location` | The location for all the deployed resources. | -| `resource_group_name` | The name of the resource group. | -| `app_service_plan_sku_name` | The SKU for the App Service plan. | -| `app_service_plan_sku_tier_name` | The name of the tier that the App Service plan SKU is in. | -| `app_service_plan_capacity` | The capacity (number of worker instances) for the App Service plan. | -| `front_door_sku_name` | The name of the SKU for the Front Door profile. | +| Name | Description | Default Value | +|-|-|-| +| `location` | The location for all the deployed resources. | `westus2` | +| `resource_group_name` | The name of the resource group. | `FrontDoor` | +| `app_service_plan_sku_name` | The SKU for the App Service plan. | `S1` | +| `app_service_plan_sku_tier_name` | The name of the tier that the App Service plan SKU is in. | `Standard` | +| `app_service_plan_capacity` | The capacity (number of worker instances) for the App Service plan. | 1 | +| `front_door_sku_name` | The name of the SKU for the Front Door profile. Must be either `Standard_AzureFrontDoor` or `Premium_AzureFrontDoor`. | `Standard_AzureFrontDoor` | ## Example diff --git a/quickstart/101-front-door-standard-premium/resource-group.tf b/quickstart/101-front-door-standard-premium/resource-group.tf index 85fae84e..100f06eb 100644 --- a/quickstart/101-front-door-standard-premium/resource-group.tf +++ b/quickstart/101-front-door-standard-premium/resource-group.tf @@ -2,3 +2,11 @@ resource "azurerm_resource_group" "my_resource_group" { name = var.resource_group_name location = var.location } + +resource "random_id" "app_name" { + byte_length = 8 +} + +resource "random_id" "front_door_endpoint_name" { + byte_length = 8 +} diff --git a/quickstart/101-front-door-standard-premium/variables.tf b/quickstart/101-front-door-standard-premium/variables.tf index 9b6428ee..12ef197c 100644 --- a/quickstart/101-front-door-standard-premium/variables.tf +++ b/quickstart/101-front-door-standard-premium/variables.tf @@ -31,11 +31,3 @@ variable "front_door_sku_name" { error_message = "The SKU value must be Standard_AzureFrontDoor or Premium_AzureFrontDoor." } } - -resource "random_id" "app_name" { - byte_length = 8 -} - -resource "random_id" "front_door_endpoint_name" { - byte_length = 8 -}