Tips-Of-Mine/terraform-azure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

formatting updates

Browse Source
This commit is contained in:
Dennis Eikelenboom 2021-09-20 10:18:18 -07:00
parent 44679c877a
commit 5c6087899a
6 changed files with 8 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
quickstart/101-machine-learning/compute.tf
View File

@ -13,6 +13,7 @@ resource "azurerm_machine_learning_compute_cluster" "compute" {
machine_learning_workspace_id = azurerm_machine_learning_workspace.default.id machine_learning_workspace_id = azurerm_machine_learning_workspace.default.id
vm_priority = "Dedicated" vm_priority = "Dedicated"
vm_size = "STANDARD_DS2_V2" vm_size = "STANDARD_DS2_V2"
identity { identity {
type = "SystemAssigned" type = "SystemAssigned"
} }

4
quickstart/101-machine-learning/workspace.tf
View File

@ -13,7 +13,7 @@ resource "azurerm_key_vault" "default" {
tenant_id = data.azurerm_client_config.current.tenant_id tenant_id = data.azurerm_client_config.current.tenant_id
sku_name = "premium" sku_name = "premium"
purge_protection_enabled = true purge_protection_enabled = true
network_acls { network_acls {
default_action = "Deny" default_action = "Deny"
bypass = "AzureServices" bypass = "AzureServices"
@ -46,7 +46,7 @@ resource "azurerm_machine_learning_workspace" "default" {
key_vault_id = azurerm_key_vault.default.id key_vault_id = azurerm_key_vault.default.id
storage_account_id = azurerm_storage_account.default.id storage_account_id = azurerm_storage_account.default.id
container_registry_id = azurerm_container_registry.default.id container_registry_id = azurerm_container_registry.default.id
identity { identity {
type = "SystemAssigned" type = "SystemAssigned"
} }

3
quickstart/201-machine-learning-moderately-secure/network.tf
View File

@ -121,6 +121,7 @@ resource "azurerm_network_security_group" "nsg-training" {
source_address_prefix = "BatchNodeManagement" source_address_prefix = "BatchNodeManagement"
destination_address_prefix = "*" destination_address_prefix = "*"
} }
security_rule { security_rule {
name = "AzureMachineLearning" name = "AzureMachineLearning"
priority = 110 priority = 110
@ -152,7 +153,7 @@ resource "azurerm_subnet_network_security_group_association" "nsg-aks-link" {
# User Defined Routes # User Defined Routes
# UDR for Compute instance and compute clusters # UDR for compute instance and compute clusters
resource "azurerm_route_table" "rt-training" { resource "azurerm_route_table" "rt-training" {
name = "rt-training" name = "rt-training"
location = azurerm_resource_group.default.location location = azurerm_resource_group.default.location

6
quickstart/202-machine-learning-moderately-secure-existing-VNet/network.tf
View File

@ -1,5 +1,4 @@
# Network Security Groups # Network Security Groups
resource "azurerm_network_security_group" "nsg-training" { resource "azurerm_network_security_group" "nsg-training" {
name = "nsg-training" name = "nsg-training"
location = azurerm_resource_group.default.location location = azurerm_resource_group.default.location
@ -16,6 +15,7 @@ resource "azurerm_network_security_group" "nsg-training" {
source_address_prefix = "BatchNodeManagement" source_address_prefix = "BatchNodeManagement"
destination_address_prefix = "*" destination_address_prefix = "*"
} }
security_rule { security_rule {
name = "AzureMachineLearning" name = "AzureMachineLearning"
priority = 110 priority = 110
@ -49,7 +49,7 @@ resource "azurerm_subnet_network_security_group_association" "nsg-aks-link" {
# User Defined Routes # User Defined Routes
#UDR for Compute instance and compute clusters # UDR for Compute instance and compute clusters
resource "azurerm_route_table" "rt-training" { resource "azurerm_route_table" "rt-training" {
name = "rt-training" name = "rt-training"
location = azurerm_resource_group.default.location location = azurerm_resource_group.default.location
@ -84,8 +84,8 @@ resource "azurerm_subnet_route_table_association" "rt-training-link" {
subnet_id = var.training_subnet_resource_id subnet_id = var.training_subnet_resource_id
route_table_id = azurerm_route_table.rt-training.id route_table_id = azurerm_route_table.rt-training.id
} }
# Inferencing (AKS) Route
# Inferencing (AKS) Route
resource "azurerm_route_table" "rt-aks" { resource "azurerm_route_table" "rt-aks" {
name = "rt-aks" name = "rt-aks"
location = azurerm_resource_group.default.location location = azurerm_resource_group.default.location

2
quickstart/202-machine-learning-moderately-secure-existing-VNet/variables.tf
View File

@ -21,7 +21,6 @@ variable "image_build_compute_name" {
} }
# Existing subnets variables # Existing subnets variables
variable "training_subnet_resource_id" { variable "training_subnet_resource_id" {
type = string type = string
description = "Resource ID of the existing training subnet" description = "Resource ID of the existing training subnet"
@ -39,7 +38,6 @@ variable "ml_subnet_resource_id" {
# Existing private DNS zones variables # Existing private DNS zones variables
variable "privatelink_api_azureml_ms_resource_id" { variable "privatelink_api_azureml_ms_resource_id" {
type = string type = string
description = "Resource ID of the existing privatelink.api.azureml.ms private dns zone" description = "Resource ID of the existing privatelink.api.azureml.ms private dns zone"

44
quickstart/301-machine-learning-highly-secure/readme.md
View File

@ -1,44 +0,0 @@
# Azure Machine Learning workspace (highly secure network set up)
This deployment configuration specifies an [Azure Machine Learning workspace](https://docs.microsoft.com/en-us/azure/machine-learning/concept-workspace),
and its associated resources including Azure Key Vault, Azure Storage, Azure Application Insights and Azure Container Registry.
In addition to these core services, this configuration specifies any networking components that are required to set up Azure Machine Learning
for private network connectivity using [Azure Private Link](https://docs.microsoft.com/en-us/azure/private-link/).
This configuration describes the minimal set of resources you require to get started with Azure Machine Learning in a network-isolated set-up.
To learn more about security configurations in Azure Machine Learning, see [Enterprise security and governance for Azure Machine Learning](https://docs.microsoft.com/en-us/azure/machine-learning/concept-enterprise-security).
## Resources
| Terraform Resource Type | Description |
| - | - |
| `azurerm_resource_group` | The resource group all resources get deployed into |
| `azurerm_application_insights` | An Azure Application Insights instance associated to the Azure Machine Learning workspace |
| `azurerm_key_vault` | An Azure Key Vault instance associated to the Azure Machine Learning workspace |
| `azurerm_storage_account` | An Azure Storage instance associated to the Azure Machine Learning workspace |
| `azurerm_container_registry` | An Azure Container Registry instance associated to the Azure Machine Learning workspace |
| `azurerm_machine_learning_workspace` | An Azure Machine Learning workspace instance |
| `azurerm_virtual_network` | An Azure Machine Learning workspace instance |
| `azurerm_subnet` | An Azure Machine Learning workspace instance |
| `azurerm_private_dns_zone` | Private DNS Zones for FQDNs required for Azure Machine Learning and associated resources |
| `azurerm_private_dns_zone_virtual_network_link` | Virtual network links of the Private DNS Zones to the virtual network resource |
| `azurerm_private_endpoint` | Private Endpoints for the Azure Machine Learning workspace and associated resources |
## Variables
| Name | Description |
|-|-|
| name | Name of the deployment |
| environment | The deployment environment name (used for pre- and postfixing resource names) |
| location | The Azure region used for deployments |
## Usage
```bash
terraform plan -var name=azureml567 -out demo.tfplan
terraform apply "demo.tfplan"
```