reorganize, add scaffold folder

update readmes

clean up tf provider

add readme and initial templates

add initial pass at readmes

more readme updates

update various quickstarts

finish cleaning up 101s

more updates

lots fo template updates

add remaining

more updates

quickstart/201-aks-log-analytics/aks.tf

@@ -0,0 +1,27 @@
+resource "azurerm_kubernetes_cluster" "default" {
+  name                = "${var.name}-aks"
+  location            = "${azurerm_resource_group.default.location}"
+  resource_group_name = "${azurerm_resource_group.default.name}"
+  dns_prefix          = "${var.dns_prefix}-${var.name}-aks-${var.environment}"
+  depends_on          = ["azurerm_role_assignment.default"]
+
+  agent_pool_profile {
+    name            = "default"
+    count           = "${var.node_count}"
+    vm_size         = "${var.node_type}"
+    os_type         = "Linux"
+    os_disk_size_gb = 30
+  }
+
+  service_principal {
+    client_id     = "${azuread_application.default.application_id}"
+    client_secret = "${azuread_service_principal_password.default.value}"
+  }
+
+  addon_profile {
+    oms_agent {
+      enabled                    = true
+      log_analytics_workspace_id = "${azurerm_log_analytics_workspace.default.id}"
+    }
+  }
+}

quickstart/201-aks-log-analytics/analytics.tf

@@ -0,0 +1,20 @@
+resource "azurerm_log_analytics_workspace" "default" {
+  name                = "${var.name}-${var.environment}-law"
+  location            = "${azurerm_resource_group.default.location}"
+  resource_group_name = "${azurerm_resource_group.default.name}"
+  sku                 = "PerGB2018"
+  retention_in_days   = 30
+}
+
+resource "azurerm_log_analytics_solution" "default" {
+  solution_name         = "ContainerInsights"
+  location              = "${azurerm_log_analytics_workspace.default.location}"
+  resource_group_name   = "${azurerm_resource_group.default.name}"
+  workspace_resource_id = "${azurerm_log_analytics_workspace.default.id}"
+  workspace_name        = "${azurerm_log_analytics_workspace.default.name}"
+
+  plan {
+    publisher = "Microsoft"
+    product   = "OMSGallery/ContainerInsights"
+  }
+}

quickstart/201-aks-log-analytics/azuread.tf

@@ -0,0 +1,24 @@
+resource "azuread_application" "default" {
+  name = "${var.name}-${var.environment}"
+}
+
+resource "azuread_service_principal" "default" {
+  application_id = "${azuread_application.default.application_id}"
+}
+
+resource "random_string" "password" {
+  length  = 32
+  special = true
+}
+
+resource "azuread_service_principal_password" "default" {
+  service_principal_id = "${azuread_service_principal.default.id}"
+  value                = "${random_string.password.result}"
+  end_date             = "2099-01-01T01:00:00Z"
+}
+
+resource "azurerm_role_assignment" "default" {
+  scope                = "${data.azurerm_subscription.current.id}/resourceGroups/${azurerm_resource_group.default.name}"
+  role_definition_name = "Network Contributor"
+  principal_id         = "${azuread_service_principal.default.id}"
+}

quickstart/201-aks-log-analytics/main.tf

@@ -0,0 +1,18 @@
+# The Azure Active Resource Manager Terraform provider
+provider "azurerm" {
+  version = "=1.36.1"
+}
+
+# The Azure Active Directory Terraform provider
+provider "azuread" {
+  version = "=0.6.0"
+}
+
+# Reference to the current subscription.  Used when creating role assignments
+data "azurerm_subscription" "current" {}
+
+# The main resource group for this deployment
+resource "azurerm_resource_group" "default" {
+  name     = "${var.name}-${var.environment}-rg"
+  location = "${var.location}"
+}

quickstart/201-aks-log-analytics/readme.md

@@ -0,0 +1,238 @@
+# Azure Kubernetes Service
+
+
+This template deploys an [Azure Kubernetes Service](https://www.terraform.io/docs/providers/azurerm/r/kubernetes_cluster.html) instance which sends system and container logs to Azure Log Analytics, which can be visualized with the Container Monitoring solution.
+
+## Resources
+
+| Terraform Resource Type | Description |
+| - | - |
+| `azurerm_resource_group` | The resource group all resources are deployed into |
+| `azurerm_kubernetes_cluster` |The Azure Kubernetes Serice cluster |
+| `azurerm_log_analytics_workspace` | A workspace to write cluster logs to |
+| `azurerm_log_analytics_solution` | Enables the container monitoring solution for Log ANalytics|
+| `azuread_application` |The application Identity the AKS cluster will use |
+| `random_string` | A random string which will be saved and used with the service principal |
+| `azuread_service_principal` |The service principal the AKS cluster will use |
+| `azuread_service_principal_password` | The password for the Service principal |
+
+
+## Variables
+
+| Name | Description |
+|-|-|
+| name | Name of the deployment |
+| environment | The depolyment environment name (used for postfixing resource names) |
+| prefix | A prefix for globally-unique dns-based resources |
+| location | The Azure Region to deploy these resources in |
+| node_type | The type of node to deploy on (e.g. d1v2) |
+| node_count | The number of nodes to deploy |
+| dns_prefix | A unique dns prefix |
+
+
+
+## Example
+
+```bash
+> terraform plan
+Refreshing Terraform state in-memory prior to plan...
+The refreshed state will be used to calculate this plan, but will not be
+persisted to local or remote state storage.
+
+data.azurerm_subscription.current: Refreshing state...
+
+------------------------------------------------------------------------
+
+An execution plan has been generated and is shown below.
+Resource actions are indicated with the following symbols:
+  + create
+
+Terraform will perform the following actions:
+
+  # azuread_application.default will be created
+  + resource "azuread_application" "default" {
+      + application_id  = (known after apply)
+      + homepage        = (known after apply)
+      + id              = (known after apply)
+      + identifier_uris = (known after apply)
+      + name            = "quickstart-aks-dev"
+      + object_id       = (known after apply)
+      + public_client   = (known after apply)
+      + reply_urls      = (known after apply)
+      + type            = "webapp/api"
+
+      + oauth2_permissions {
+          + admin_consent_description  = (known after apply)
+          + admin_consent_display_name = (known after apply)
+          + id                         = (known after apply)
+          + is_enabled                 = (known after apply)
+          + type                       = (known after apply)
+          + user_consent_description   = (known after apply)
+          + user_consent_display_name  = (known after apply)
+          + value                      = (known after apply)
+        }
+    }
+
+  # azuread_service_principal.default will be created
+  + resource "azuread_service_principal" "default" {
+      + application_id = (known after apply)
+      + display_name   = (known after apply)
+      + id             = (known after apply)
+      + object_id      = (known after apply)
+
+      + oauth2_permissions {
+          + admin_consent_description  = (known after apply)
+          + admin_consent_display_name = (known after apply)
+          + id                         = (known after apply)
+          + is_enabled                 = (known after apply)
+          + type                       = (known after apply)
+          + user_consent_description   = (known after apply)
+          + user_consent_display_name  = (known after apply)
+          + value                      = (known after apply)
+        }
+    }
+
+  # azuread_service_principal_password.default will be created
+  + resource "azuread_service_principal_password" "default" {
+      + end_date             = "2099-01-01T01:00:00Z"
+      + id                   = (known after apply)
+      + key_id               = (known after apply)
+      + service_principal_id = (known after apply)
+      + start_date           = (known after apply)
+      + value                = (sensitive value)
+    }
+
+  # azurerm_kubernetes_cluster.default will be created
+  + resource "azurerm_kubernetes_cluster" "default" {
+      + dns_prefix                 = "tfquickstart-quickstart-aks-aks-dev"
+      + enable_pod_security_policy = (known after apply)
+      + fqdn                       = (known after apply)
+      + id                         = (known after apply)
+      + kube_admin_config          = (known after apply)
+      + kube_admin_config_raw      = (sensitive value)
+      + kube_config                = (known after apply)
+      + kube_config_raw            = (sensitive value)
+      + kubernetes_version         = (known after apply)
+      + location                   = "westus2"
+      + name                       = "quickstart-aks-aks"
+      + node_resource_group        = (known after apply)
+      + resource_group_name        = "quickstart-aks-dev-rg"
+      + tags                       = (known after apply)
+
+      + addon_profile {
+
+          + oms_agent {
+              + enabled                    = true
+              + log_analytics_workspace_id = (known after apply)
+            }
+        }
+
+      + agent_pool_profile {
+          + count           = 3
+          + dns_prefix      = (known after apply)
+          + fqdn            = (known after apply)
+          + max_pods        = (known after apply)
+          + name            = "default"
+          + os_disk_size_gb = 30
+          + os_type         = "Linux"
+          + type            = "AvailabilitySet"
+          + vm_size         = "Standard_D1_v2"
+        }
+
+      + network_profile {
+          + dns_service_ip     = (known after apply)
+          + docker_bridge_cidr = (known after apply)
+          + load_balancer_sku  = (known after apply)
+          + network_plugin     = (known after apply)
+          + network_policy     = (known after apply)
+          + pod_cidr           = (known after apply)
+          + service_cidr       = (known after apply)
+        }
+
+      + role_based_access_control {
+          + enabled = (known after apply)
+
+          + azure_active_directory {
+              + client_app_id     = (known after apply)
+              + server_app_id     = (known after apply)
+              + server_app_secret = (sensitive value)
+              + tenant_id         = (known after apply)
+            }
+        }
+
+      + service_principal {
+          + client_id     = (known after apply)
+          + client_secret = (sensitive value)
+        }
+    }
+
+  # azurerm_log_analytics_solution.default will be created
+  + resource "azurerm_log_analytics_solution" "default" {
+      + id                    = (known after apply)
+      + location              = "westus2"
+      + resource_group_name   = "quickstart-aks-dev-rg"
+      + solution_name         = "ContainerInsights"
+      + workspace_name        = "quickstart-aks-dev-law"
+      + workspace_resource_id = (known after apply)
+
+      + plan {
+          + name      = (known after apply)
+          + product   = "OMSGallery/ContainerInsights"
+          + publisher = "Microsoft"
+        }
+    }
+
+  # azurerm_log_analytics_workspace.default will be created
+  + resource "azurerm_log_analytics_workspace" "default" {
+      + id                   = (known after apply)
+      + location             = "westus2"
+      + name                 = "quickstart-aks-dev-law"
+      + portal_url           = (known after apply)
+      + primary_shared_key   = (sensitive value)
+      + resource_group_name  = "quickstart-aks-dev-rg"
+      + retention_in_days    = 30
+      + secondary_shared_key = (sensitive value)
+      + sku                  = "PerGB2018"
+      + tags                 = (known after apply)
+      + workspace_id         = (known after apply)
+    }
+
+  # azurerm_resource_group.default will be created
+  + resource "azurerm_resource_group" "default" {
+      + id       = (known after apply)
+      + location = "westus2"
+      + name     = "quickstart-aks-dev-rg"
+      + tags     = (known after apply)
+    }
+
+  # azurerm_role_assignment.default will be created
+  + resource "azurerm_role_assignment" "default" {
+      + id                               = (known after apply)
+      + name                             = (known after apply)
+      + principal_id                     = (known after apply)
+      + principal_type                   = (known after apply)
+      + role_definition_id               = (known after apply)
+      + role_definition_name             = "Network Contributor"
+      + scope                            = "/subscriptions/b0e04a4a-a321-4b66-b8fd-13715262ba3c/resourceGroups/quickstart-aks-dev-rg"
+      + skip_service_principal_aad_check = (known after apply)
+    }
+
+  # random_string.password will be created
+  + resource "random_string" "password" {
+      + id          = (known after apply)
+      + length      = 32
+      + lower       = true
+      + min_lower   = 0
+      + min_numeric = 0
+      + min_special = 0
+      + min_upper   = 0
+      + number      = true
+      + result      = (known after apply)
+      + special     = true
+      + upper       = true
+    }
+
+Plan: 9 to add, 0 to change, 0 to destroy.
+
+------------------------------------------------------------------------
+```

quickstart/201-aks-log-analytics/variables.tf

@@ -0,0 +1,40 @@
+// Naming
+variable "name" {
+  type        = "string"
+  description = "Location of the azure resource group."
+  default     = "quickstart-aks"
+}
+
+variable "environment" {
+  type        = "string"
+  description = "Name of the deployment environment"
+  default     = "dev"
+}
+
+// Resource information
+
+variable "location" {
+  type        = "string"
+  description = "Location of the azure resource group."
+  default     = "WestUS2"
+}
+
+// Node type information
+
+variable "node_count" {
+  type        = "string"
+  description = "The number of K8S nodes to provision."
+  default     = 3
+}
+
+variable "node_type" {
+  type        = "string"
+  description = "The size of each node."
+  default     = "Standard_D1_v2"
+}
+
+variable "dns_prefix" {
+  type        = "string"
+  description = "DNS Prefix"
+  default     = "tfquickstart"
+}