From 435a067b5d2c6d1bfcc7c022bcb4fee53ca641e7 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Thu, 10 Aug 2023 19:34:09 -0700 Subject: [PATCH] User Story 145880 (#243) * Updating Front Door Standard/Premium code sample --- .../app-service.tf | 12 +- .../{front-door.tf => main.tf} | 15 +- .../outputs.tf | 7 +- .../providers.tf | 14 +- .../101-front-door-standard-premium/readme.md | 303 +----------------- .../resource-group.tf | 14 - .../variables.tf | 42 +-- 7 files changed, 73 insertions(+), 334 deletions(-) rename quickstart/101-front-door-standard-premium/{front-door.tf => main.tf} (87%) delete mode 100644 quickstart/101-front-door-standard-premium/resource-group.tf diff --git a/quickstart/101-front-door-standard-premium/app-service.tf b/quickstart/101-front-door-standard-premium/app-service.tf index de7d9441..1f77cf81 100644 --- a/quickstart/101-front-door-standard-premium/app-service.tf +++ b/quickstart/101-front-door-standard-premium/app-service.tf @@ -1,3 +1,7 @@ +resource "random_id" "app_name" { + byte_length = 8 +} + locals { app_name = "myapp-${lower(random_id.app_name.hex)}" app_service_plan_name = "AppServicePlan" @@ -5,8 +9,8 @@ locals { resource "azurerm_service_plan" "app_service_plan" { name = local.app_service_plan_name - location = var.location - resource_group_name = azurerm_resource_group.my_resource_group.name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name sku_name = var.app_service_plan_sku_name os_type = "Windows" @@ -15,8 +19,8 @@ resource "azurerm_service_plan" "app_service_plan" { resource "azurerm_windows_web_app" "app" { name = local.app_name - location = var.location - resource_group_name = azurerm_resource_group.my_resource_group.name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name service_plan_id = azurerm_service_plan.app_service_plan.id https_only = true diff --git a/quickstart/101-front-door-standard-premium/front-door.tf b/quickstart/101-front-door-standard-premium/main.tf similarity index 87% rename from quickstart/101-front-door-standard-premium/front-door.tf rename to quickstart/101-front-door-standard-premium/main.tf index a9689423..00bada0d 100644 --- a/quickstart/101-front-door-standard-premium/front-door.tf +++ b/quickstart/101-front-door-standard-premium/main.tf @@ -1,3 +1,16 @@ +resource "random_pet" "rg-name" { + prefix = var.resource_group_name_prefix +} + +resource "azurerm_resource_group" "rg" { + name = random_pet.rg-name.id + location = var.resource_group_location +} + +resource "random_id" "front_door_endpoint_name" { + byte_length = 8 +} + locals { front_door_profile_name = "MyFrontDoor" front_door_endpoint_name = "afd-${lower(random_id.front_door_endpoint_name.hex)}" @@ -8,7 +21,7 @@ locals { resource "azurerm_cdn_frontdoor_profile" "my_front_door" { name = local.front_door_profile_name - resource_group_name = azurerm_resource_group.my_resource_group.name + resource_group_name = azurerm_resource_group.rg.name sku_name = var.front_door_sku_name } diff --git a/quickstart/101-front-door-standard-premium/outputs.tf b/quickstart/101-front-door-standard-premium/outputs.tf index 3642fe18..2ca1da36 100644 --- a/quickstart/101-front-door-standard-premium/outputs.tf +++ b/quickstart/101-front-door-standard-premium/outputs.tf @@ -1,3 +1,8 @@ +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} + + output "frontDoorEndpointHostName" { value = azurerm_cdn_frontdoor_endpoint.my_endpoint.host_name -} +} \ No newline at end of file diff --git a/quickstart/101-front-door-standard-premium/providers.tf b/quickstart/101-front-door-standard-premium/providers.tf index a926af75..4fd5f6ba 100644 --- a/quickstart/101-front-door-standard-premium/providers.tf +++ b/quickstart/101-front-door-standard-premium/providers.tf @@ -1,20 +1,16 @@ -# Configure the Azure provider terraform { + required_version = ">=1.0" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.67.0" + version = "~>3.0" } - random = { - source = "hashicorp/random" - version = "~> 3.4.3" + source = "hashicorp/random" + version = "~>3.0" } } - - required_version = ">= 1.1.0" } - provider "azurerm" { features {} -} +} \ No newline at end of file diff --git a/quickstart/101-front-door-standard-premium/readme.md b/quickstart/101-front-door-standard-premium/readme.md index d8ca79b8..af71129c 100644 --- a/quickstart/101-front-door-standard-premium/readme.md +++ b/quickstart/101-front-door-standard-premium/readme.md @@ -2,298 +2,29 @@ This template deploys an [Azure Front Door Standard/Premium profile](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_profile) with an App Service origin. -## Resources +## Terraform resource types -| Terraform Resource Type | Description | -| - | - | -| `azurerm_resource_group` | The resource group for all the deployed resources.| -| `azurerm_cdn_frontdoor_profile` | The Front Door profile. | -| `azurerm_cdn_frontdoor_endpoint` | The Front Door endpoint. | -| `azurerm_cdn_frontdoor_origin_group` | The Front Door origin group. | -| `azurerm_cdn_frontdoor_origin` | The Front Door origin, which refers to the App Service app. | -| `azurerm_cdn_frontdoor_route` | The Front Door route. | -| `azurerm_service_plan` | The App Service plan. | -| `azurerm_windows_web_app` | The App Service app. | -| `random_id` | Two random identifier generators to generate a unique Front Door endpoint resource name and App Service app name. | +- [random_pet](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) +- [azurerm_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) +- [random_id](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) +- [azurerm_cdn_frontdoor_profile](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_profile) +- [azurerm_cdn_frontdoor_endpoint](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_endpoint) +- [azurerm_cdn_frontdoor_origin_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_origin_group) +- [azurerm_cdn_frontdoor_origin](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_origin) +- [azurerm_cdn_frontdoor_route](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_route) +- [azurerm_service_plan](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/service_plan) +- [azurerm_windows_web_app](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/windows_web_app) ## Variables -| Name | Description | Default Value | +| Name | Description | Default value | |-|-|-| -| `location` | The location for all the deployed resources. | `westus2` | -| `resource_group_name` | The name of the resource group. | `FrontDoor` | -| `app_service_plan_sku_name` | The SKU for the App Service plan. | `S1` | -| `app_service_plan_sku_tier_name` | The name of the tier that the App Service plan SKU is in. | `Standard` | +| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | +| `resource_group_location` | Location of the resource group. | eastus | +| `app_service_plan_sku_name` | The SKU for the plan. Possible values include: B1, B2, B3, D1, F1, I1, I2, I3, I1v2, I2v2, I3v2, I4v2, I5v2, I6v2, P1v2, P2v2, P3v2, P0v3, P1v3, P2v3, P3v3, P1mv3, P2mv3, P3mv3, P4mv3, P5mv3, S1, S2, S3, SHARED, EP1, EP2, EP3, WS1, WS2, WS3, Y1. | S1 | | `app_service_plan_capacity` | The capacity (number of worker instances) for the App Service plan. | 1 | -| `front_door_sku_name` | The name of the SKU for the Front Door profile. Must be either `Standard_AzureFrontDoor` or `Premium_AzureFrontDoor`. | `Standard_AzureFrontDoor` | +| `front_door_sku_name` | The SKU value must be one of the following: Standard_AzureFrontDoor or Premium_AzureFrontDoor. | Standard_AzureFrontDoor | ## Example -```bash -$ terraform plan -out main.tfplan - -Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: - + create - -Terraform will perform the following actions: - - # azurerm_cdn_frontdoor_endpoint.my_endpoint will be created - + resource "azurerm_cdn_frontdoor_endpoint" "my_endpoint" { - + cdn_frontdoor_profile_id = (known after apply) - + enabled = true - + host_name = (known after apply) - + id = (known after apply) - + name = (known after apply) - } - - # azurerm_cdn_frontdoor_origin.my_app_service_origin will be created - + resource "azurerm_cdn_frontdoor_origin" "my_app_service_origin" { - + cdn_frontdoor_origin_group_id = (known after apply) - + certificate_name_check_enabled = true - + enabled = true - + health_probes_enabled = (known after apply) - + host_name = (known after apply) - + http_port = 80 - + https_port = 443 - + id = (known after apply) - + name = "MyAppServiceOrigin" - + origin_host_header = (known after apply) - + priority = 1 - + weight = 1000 - } - - # azurerm_cdn_frontdoor_origin_group.my_origin_group will be created - + resource "azurerm_cdn_frontdoor_origin_group" "my_origin_group" { - + cdn_frontdoor_profile_id = (known after apply) - + id = (known after apply) - + name = "MyOriginGroup" - + restore_traffic_time_to_healed_or_new_endpoint_in_minutes = 10 - + session_affinity_enabled = true - - + health_probe { - + interval_in_seconds = 100 - + path = "/" - + protocol = "Https" - + request_type = "HEAD" - } - - + load_balancing { - + additional_latency_in_milliseconds = 50 - + sample_size = 4 - + successful_samples_required = 3 - } - } - - # azurerm_cdn_frontdoor_profile.my_front_door will be created - + resource "azurerm_cdn_frontdoor_profile" "my_front_door" { - + id = (known after apply) - + name = "MyFrontDoor" - + resource_group_name = "FrontDoor" - + resource_guid = (known after apply) - + response_timeout_seconds = 120 - + sku_name = "Standard_AzureFrontDoor" - } - - # azurerm_cdn_frontdoor_route.my_route will be created - + resource "azurerm_cdn_frontdoor_route" "my_route" { - + cdn_frontdoor_endpoint_id = (known after apply) - + cdn_frontdoor_origin_group_id = (known after apply) - + cdn_frontdoor_origin_ids = (known after apply) - + enabled = true - + forwarding_protocol = "HttpsOnly" - + https_redirect_enabled = true - + id = (known after apply) - + link_to_default_domain = true - + name = "MyRoute" - + patterns_to_match = [ - + "/*", - ] - + supported_protocols = [ - + "Http", - + "Https", - ] - } - - # azurerm_resource_group.my_resource_group will be created - + resource "azurerm_resource_group" "my_resource_group" { - + id = (known after apply) - + location = "westus2" - + name = "FrontDoor" - } - - # azurerm_service_plan.app_service_plan will be created - + resource "azurerm_service_plan" "app_service_plan" { - + id = (known after apply) - + kind = (known after apply) - + location = "westus2" - + maximum_elastic_worker_count = (known after apply) - + name = "AppServicePlan" - + os_type = "Windows" - + per_site_scaling_enabled = false - + reserved = (known after apply) - + resource_group_name = "FrontDoor" - + sku_name = "S1" - + worker_count = 1 - } - - # azurerm_windows_web_app.app will be created - + resource "azurerm_windows_web_app" "app" { - + client_affinity_enabled = false - + client_certificate_enabled = false - + client_certificate_mode = "Required" - + custom_domain_verification_id = (sensitive value) - + default_hostname = (known after apply) - + enabled = true - + https_only = true - + id = (known after apply) - + key_vault_reference_identity_id = (known after apply) - + kind = (known after apply) - + location = "westus2" - + name = (known after apply) - + outbound_ip_address_list = (known after apply) - + outbound_ip_addresses = (known after apply) - + possible_outbound_ip_address_list = (known after apply) - + possible_outbound_ip_addresses = (known after apply) - + resource_group_name = "FrontDoor" - + service_plan_id = (known after apply) - + site_credential = (known after apply) - + zip_deploy_file = (known after apply) - - + auth_settings { - + additional_login_parameters = (known after apply) - + allowed_external_redirect_urls = (known after apply) - + default_provider = (known after apply) - + enabled = (known after apply) - + issuer = (known after apply) - + runtime_version = (known after apply) - + token_refresh_extension_hours = (known after apply) - + token_store_enabled = (known after apply) - + unauthenticated_client_action = (known after apply) - - + active_directory { - + allowed_audiences = (known after apply) - + client_id = (known after apply) - + client_secret = (sensitive value) - + client_secret_setting_name = (known after apply) - } - - + facebook { - + app_id = (known after apply) - + app_secret = (sensitive value) - + app_secret_setting_name = (known after apply) - + oauth_scopes = (known after apply) - } - - + github { - + client_id = (known after apply) - + client_secret = (sensitive value) - + client_secret_setting_name = (known after apply) - + oauth_scopes = (known after apply) - } - - + google { - + client_id = (known after apply) - + client_secret = (sensitive value) - + client_secret_setting_name = (known after apply) - + oauth_scopes = (known after apply) - } - - + microsoft { - + client_id = (known after apply) - + client_secret = (sensitive value) - + client_secret_setting_name = (known after apply) - + oauth_scopes = (known after apply) - } - - + twitter { - + consumer_key = (known after apply) - + consumer_secret = (sensitive value) - + consumer_secret_setting_name = (known after apply) - } - } - - + site_config { - + always_on = true - + auto_heal_enabled = false - + container_registry_use_managed_identity = false - + default_documents = (known after apply) - + detailed_error_logging_enabled = (known after apply) - + ftps_state = "Disabled" - + health_check_eviction_time_in_min = (known after apply) - + http2_enabled = false - + ip_restriction = [ - + { - + action = "Allow" - + headers = [ - + { - + x_azure_fdid = (known after apply) - + x_fd_health_probe = [] - + x_forwarded_for = [] - + x_forwarded_host = [] - }, - ] - + ip_address = null - + name = "Allow traffic from Front Door" - + priority = 100 - + service_tag = "AzureFrontDoor.Backend" - + virtual_network_subnet_id = null - }, - ] - + linux_fx_version = (known after apply) - + load_balancing_mode = "LeastRequests" - + local_mysql_enabled = false - + managed_pipeline_mode = "Integrated" - + minimum_tls_version = "1.2" - + remote_debugging_enabled = false - + remote_debugging_version = (known after apply) - + scm_ip_restriction = (known after apply) - + scm_minimum_tls_version = "1.2" - + scm_type = (known after apply) - + scm_use_main_ip_restriction = false - + use_32_bit_worker = true - + vnet_route_all_enabled = false - + websockets_enabled = false - + windows_fx_version = (known after apply) - + worker_count = (known after apply) - - + application_stack { - + current_stack = (known after apply) - + docker_container_name = (known after apply) - + docker_container_registry = (known after apply) - + docker_container_tag = (known after apply) - + dotnet_version = (known after apply) - + java_container = (known after apply) - + java_container_version = (known after apply) - + java_version = (known after apply) - + node_version = (known after apply) - + php_version = (known after apply) - + python_version = (known after apply) - } - } - } - - # random_id.app_name will be created - + resource "random_id" "app_name" { - + b64_std = (known after apply) - + b64_url = (known after apply) - + byte_length = 8 - + dec = (known after apply) - + hex = (known after apply) - + id = (known after apply) - } - - # random_id.front_door_endpoint_name will be created - + resource "random_id" "front_door_endpoint_name" { - + b64_std = (known after apply) - + b64_url = (known after apply) - + byte_length = 8 - + dec = (known after apply) - + hex = (known after apply) - + id = (known after apply) - } - -Plan: 10 to add, 0 to change, 0 to destroy. - -Changes to Outputs: - + frontDoorEndpointHostName = (known after apply) -``` +To see how to run this example, see [Quickstart: Create a Front Door Standard/Premium profile using Terraform](https://learn.microsoft.com/azure/frontdoor/create-front-door-terraform?tabs=Portal). diff --git a/quickstart/101-front-door-standard-premium/resource-group.tf b/quickstart/101-front-door-standard-premium/resource-group.tf deleted file mode 100644 index d418c4bc..00000000 --- a/quickstart/101-front-door-standard-premium/resource-group.tf +++ /dev/null @@ -1,14 +0,0 @@ -resource "random_pet" "rg" {} - -resource "azurerm_resource_group" "my_resource_group" { - name = "${var.resource_group_name}-${random_pet.rg.id}" - location = var.location -} - -resource "random_id" "app_name" { - byte_length = 8 -} - -resource "random_id" "front_door_endpoint_name" { - byte_length = 8 -} diff --git a/quickstart/101-front-door-standard-premium/variables.tf b/quickstart/101-front-door-standard-premium/variables.tf index 55f04a22..f711d2f5 100644 --- a/quickstart/101-front-door-standard-premium/variables.tf +++ b/quickstart/101-front-door-standard-premium/variables.tf @@ -1,33 +1,37 @@ -variable "location" { - type = string - default = "eastus" +variable "resource_group_location" { + type = string + description = "Location for all resources." + default = "eastus" } -variable "resource_group_name" { - type = string - default = "FrontDoor" +variable "resource_group_name_prefix" { + type = string + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." + default = "rg" } variable "app_service_plan_sku_name" { - type = string - default = "S1" + type = string + description = "The SKU for the plan. Possible values include: B1, B2, B3, D1, F1, I1, I2, I3, I1v2, I2v2, I3v2, I4v2, I5v2, I6v2, P1v2, P2v2, P3v2, P0v3, P1v3, P2v3, P3v3, P1mv3, P2mv3, P3mv3, P4mv3, P5mv3, S1, S2, S3, SHARED, EP1, EP2, EP3, WS1, WS2, WS3, Y1." + default = "S1" + validation { + condition = contains(["B1", "B2", "B3", "D1", "F1", "I1", "I2", "I3", "I1v2", "I2v2", "I3v2", "I4v2", "I5v2", "I6v2", "P1v2", "P2v2", "P3v2", "P0v3", "P1v3", "P2v3", "P3v3", "P1mv3", "P2mv3", "P3mv3", "P4mv3", "P5mv3", "S1", "S2", "S3", "SHARED", "EP1", "EP2", "EP3", "WS1", "WS2", "WS3", "Y1"], var.app_service_plan_sku_name) + error_message = "The SKU value must be one of the following: B1, B2, B3, D1, F1, I1, I2, I3, I1v2, I2v2, I3v2, I4v2, I5v2, I6v2, P1v2, P2v2, P3v2, P0v3, P1v3, P2v3, P3v3, P1mv3, P2mv3, P3mv3, P4mv3, P5mv3, S1, S2, S3, SHARED, EP1, EP2, EP3, WS1, WS2, WS3, Y1." + } } variable "app_service_plan_capacity" { - type = number - default = 1 -} - -variable "app_service_plan_sku_tier_name" { - type = string - default = "Standard" + type = number + description = "The number of Workers (instances) to be allocated." + default = 1 } variable "front_door_sku_name" { - type = string - default = "Standard_AzureFrontDoor" + type = string + description = "The SKU for the Front Door profile. Possible values include: Standard_AzureFrontDoor, Premium_AzureFrontDoor" + default = "Standard_AzureFrontDoor" validation { condition = contains(["Standard_AzureFrontDoor", "Premium_AzureFrontDoor"], var.front_door_sku_name) - error_message = "The SKU value must be Standard_AzureFrontDoor or Premium_AzureFrontDoor." + error_message = "The SKU value must be one of the following: Standard_AzureFrontDoor, Premium_AzureFrontDoor." } -} +} \ No newline at end of file