From f303bd2b2fbdf9779e3fa4333a03715e884547db Mon Sep 17 00:00:00 2001 From: "microsoft-github-policy-service[bot]" <77245923+microsoft-github-policy-service[bot]@users.noreply.github.com> Date: Thu, 28 Jul 2022 16:55:58 +0000 Subject: [PATCH 01/21] Microsoft mandatory file --- SECURITY.md | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..869fdfe2 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,41 @@ + + +## Security + +Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/). + +If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/opensource/security/definition), please report it to us as described below. + +## Reporting Security Issues + +**Please do not report security vulnerabilities through public GitHub issues.** + +Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/opensource/security/create-report). + +If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/opensource/security/pgpkey). + +You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://aka.ms/opensource/security/msrc). + +Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: + + * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) + * Full paths of source file(s) related to the manifestation of the issue + * The location of the affected source code (tag/branch/commit or direct URL) + * Any special configuration required to reproduce the issue + * Step-by-step instructions to reproduce the issue + * Proof-of-concept or exploit code (if possible) + * Impact of the issue, including how an attacker might exploit the issue + +This information will help us triage your report more quickly. + +If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/opensource/security/bounty) page for more details about our active programs. + +## Preferred Languages + +We prefer all communications to be in English. + +## Policy + +Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/opensource/security/cvd). + + From 1f4ae0489248f109dd6f47508d81e6496b941f84 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sat, 27 Aug 2022 18:54:06 -0700 Subject: [PATCH 02/21] Fixing article --- .../201-k8s-cluster-with-tf-and-aks/main.tf | 77 +++++++++++++++++++ .../outputs.tf | 33 ++++++++ .../providers.tf | 14 ++++ .../201-k8s-cluster-with-tf-and-aks/readme.md | 0 .../terraform.tfvars | 5 ++ .../variables.tf | 61 +++++++++++++++ 6 files changed, 190 insertions(+) create mode 100644 quickstart/201-k8s-cluster-with-tf-and-aks/main.tf create mode 100644 quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf create mode 100644 quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf create mode 100644 quickstart/201-k8s-cluster-with-tf-and-aks/readme.md create mode 100644 quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars create mode 100644 quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf new file mode 100644 index 00000000..b012b196 --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf @@ -0,0 +1,77 @@ +# Generate random resource group name +resource "random_pet" "rg_name" { + prefix = var.resource_group_name_prefix +} + +resource "azurerm_resource_group" "rg" { + name = random_pet.rg_name.id + location = var.resource_group_location +} + +resource "random_id" "log_analytics_workspace_name_suffix" { + byte_length = 8 +} + +resource "azurerm_log_analytics_workspace" "test" { + # The WorkSpace name has to be unique across the whole of azure, not just the current subscription/tenant. + name = "${var.log_analytics_workspace_name}-${random_id.log_analytics_workspace_name_suffix.dec}" + location = var.log_analytics_workspace_location + resource_group_name = azurerm_resource_group.k8s.name + sku = var.log_analytics_workspace_sku +} + +resource "azurerm_log_analytics_solution" "test" { + solution_name = "ContainerInsights" + location = azurerm_log_analytics_workspace.test.location + resource_group_name = azurerm_resource_group.k8s.name + workspace_resource_id = azurerm_log_analytics_workspace.test.id + workspace_name = azurerm_log_analytics_workspace.test.name + + plan { + publisher = "Microsoft" + product = "OMSGallery/ContainerInsights" + } +} + +resource "azurerm_kubernetes_cluster" "k8s" { + name = var.cluster_name + location = azurerm_resource_group.k8s.location + resource_group_name = azurerm_resource_group.k8s.name + dns_prefix = var.dns_prefix + + linux_profile { + admin_username = "ubuntu" + + ssh_key { + key_data = file(var.ssh_public_key) + } + } + + default_node_pool { + name = "agentpool" + node_count = var.agent_count + vm_size = "Standard_D2_v2" + } + + service_principal { + client_id = var.aks_service_principal_app_id + client_secret = var.aks_service_principal_client_secret + } + + addon_profile { + oms_agent { + enabled = true + log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id + } + } + + network_profile { + load_balancer_sku = "Standard" + network_plugin = "kubenet" + } + + tags = { + Environment = "Development" + } +} + \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf new file mode 100644 index 00000000..9ee2d871 --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf @@ -0,0 +1,33 @@ +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} + +output "client_key" { + value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_key +} + +output "client_certificate" { + value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate +} + +output "cluster_ca_certificate" { + value = azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate +} + +output "cluster_username" { + value = azurerm_kubernetes_cluster.k8s.kube_config.0.username +} + +output "cluster_password" { + value = azurerm_kubernetes_cluster.k8s.kube_config.0.password +} + +output "kube_config" { + value = azurerm_kubernetes_cluster.k8s.kube_config_raw + sensitive = true +} + +output "host" { + value = azurerm_kubernetes_cluster.k8s.kube_config.0.host +} + \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf new file mode 100644 index 00000000..cbe3e719 --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf @@ -0,0 +1,14 @@ +terraform { + required_version = ">=1.0" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>3.0" + } + } +} + +provider "azurerm" { + features {} +} diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md b/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md new file mode 100644 index 00000000..e69de29b diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars new file mode 100644 index 00000000..5e0e0e0f --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars @@ -0,0 +1,5 @@ +aks_service_principal_app_id = "" + +aks_service_principal_client_secret = "" + +aks_service_principal_object_id = "" diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf new file mode 100644 index 00000000..e9e948cb --- /dev/null +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf @@ -0,0 +1,61 @@ +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} + +variable "resource_group_location" { + default = "eastus" + description = "Location of the resource group." +} + +variable "agent_count" { + default = 3 +} + +variable "ssh_public_key" { + default = "~/.ssh/id_rsa.pub" +} + +variable "dns_prefix" { + default = "k8stest" +} + +variable "cluster_name" { + default = "k8stest" +} + +variable "resource_group_name" { + default = "azure-k8stest" +} + +variable "location" { + default = "Central US" +} + +variable "log_analytics_workspace_name" { + default = "testLogAnalyticsWorkspaceName" +} + +# refer https://azure.microsoft.com/global-infrastructure/services/?products=monitor for log analytics available regions +variable "log_analytics_workspace_location" { + default = "eastus" +} + +# refer https://azure.microsoft.com/pricing/details/monitor/ for log analytics pricing +variable "log_analytics_workspace_sku" { + default = "PerGB2018" +} + +# these following three entries are placeholder references; we will specify values later in terraform.tfvars +variable "aks_service_principal_app_id" { + default = "" +} + +variable "aks_service_principal_client_secret" { + default = "" +} + +variable "aks_service_principal_object_id" { + default = "" +} + \ No newline at end of file From 9a26ecdd6c04a7111d8aa145ba2b62371b5e9d22 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sat, 27 Aug 2022 21:22:02 -0700 Subject: [PATCH 03/21] Updating main to use new rg var name --- quickstart/201-k8s-cluster-with-tf-and-aks/main.tf | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf index b012b196..7cbd1474 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf @@ -23,7 +23,7 @@ resource "azurerm_log_analytics_workspace" "test" { resource "azurerm_log_analytics_solution" "test" { solution_name = "ContainerInsights" location = azurerm_log_analytics_workspace.test.location - resource_group_name = azurerm_resource_group.k8s.name + resource_group_name = azurerm_resource_group.rg.name workspace_resource_id = azurerm_log_analytics_workspace.test.id workspace_name = azurerm_log_analytics_workspace.test.name @@ -35,8 +35,8 @@ resource "azurerm_log_analytics_solution" "test" { resource "azurerm_kubernetes_cluster" "k8s" { name = var.cluster_name - location = azurerm_resource_group.k8s.location - resource_group_name = azurerm_resource_group.k8s.name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name dns_prefix = var.dns_prefix linux_profile { @@ -74,4 +74,3 @@ resource "azurerm_kubernetes_cluster" "k8s" { Environment = "Development" } } - \ No newline at end of file From 0419cad12a3b0eff0a83a5de2d1b388d06f8c383 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sat, 27 Aug 2022 21:25:20 -0700 Subject: [PATCH 04/21] Updating main to use new rg var name --- quickstart/201-k8s-cluster-with-tf-and-aks/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf index 7cbd1474..226cc741 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf @@ -16,7 +16,7 @@ resource "azurerm_log_analytics_workspace" "test" { # The WorkSpace name has to be unique across the whole of azure, not just the current subscription/tenant. name = "${var.log_analytics_workspace_name}-${random_id.log_analytics_workspace_name_suffix.dec}" location = var.log_analytics_workspace_location - resource_group_name = azurerm_resource_group.k8s.name + resource_group_name = azurerm_resource_group.rg.name sku = var.log_analytics_workspace_sku } From 7b46e0c27ab3ca15e172e7b00490e56a4197b3f9 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sat, 27 Aug 2022 22:08:55 -0700 Subject: [PATCH 05/21] Removed deprecated block and fixed sku value --- quickstart/201-k8s-cluster-with-tf-and-aks/main.tf | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf index 226cc741..bace6bb2 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf @@ -58,15 +58,8 @@ resource "azurerm_kubernetes_cluster" "k8s" { client_secret = var.aks_service_principal_client_secret } - addon_profile { - oms_agent { - enabled = true - log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id - } - } - network_profile { - load_balancer_sku = "Standard" + load_balancer_sku = "standard" network_plugin = "kubenet" } From df14b6229d0675ccb48f898196a720a12083a3a0 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sat, 27 Aug 2022 22:19:04 -0700 Subject: [PATCH 06/21] Marked various output values as sensitive --- .../201-k8s-cluster-with-tf-and-aks/outputs.tf | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf index 9ee2d871..52632b91 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf @@ -3,23 +3,28 @@ output "resource_group_name" { } output "client_key" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_key + value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_key + sensitive = true } output "client_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate + value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate + sensitive = true } output "cluster_ca_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate + value = azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate + sensitive = true } output "cluster_username" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.username + value = azurerm_kubernetes_cluster.k8s.kube_config.0.username + sensitive = true } output "cluster_password" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.password + value = azurerm_kubernetes_cluster.k8s.kube_config.0.password + sensitive = true } output "kube_config" { @@ -28,6 +33,7 @@ output "kube_config" { } output "host" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.host + value = azurerm_kubernetes_cluster.k8s.kube_config.0.host + sensitive = true } \ No newline at end of file From 0bb3ff10c1d40ef83a3738121a512596e95759c2 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sun, 28 Aug 2022 08:17:56 -0700 Subject: [PATCH 07/21] readme files --- .../201-k8s-cluster-with-tf-and-aks/readme.md | 33 +++++++++++++++++++ .../variables.tf | 16 +++------ 2 files changed, 37 insertions(+), 12 deletions(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md b/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md index e69de29b..e56453ce 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/readme.md @@ -0,0 +1,33 @@ +# Kubernetes cluster with Azure Kubernetes Service (AKS) + +This template provisions an [AKS / Azure Kubernetes service (also known as a Managed Kubernetes Cluster)](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster). + +## Terraform resource types + +- [random_pet](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) +- [random_string](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) +- [azurerm_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) +- [azurerm_log_analytics_workspace](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) +- [azurerm_log_analytics_solution](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_solution) +- [azurerm_kubernetes_cluster](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster) + +## Variables + +| Name | Description | Default | +|-|-|-| +| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | +| `resource_group_location` | Location of the resource group. | eastus | +| `agent_count` | Initial number of nodes which should exist in this Node Pool. Value must be between 1 and 1000. | 3 | +| `ssh_public_key` | File containing the an ssh_key block. | ~/.ssh/id_rsa.pub | +| `dns_prefix` | DNS prefix specified when creating the managed cluster. | k8stest | +| `cluster_name` | Name of the Managed Kubernetes Cluster to create. | k8stest | +| `log_analytics_workspace_name` | Prefix of the name of the Log Analytics Workspace. Random value is appended to ensure uniqueness across Azure. | testLogAnalyticsWorkspaceName | +| `log_analytics_workspace_location` | Azure location where the resource exists. | eastus | +| `log_analytics_workspace_sku` | SKU of the Log Analytics Workspace. | PerGB2018 | +| `aks_service_principal_app_id` | Service principal app ID. | | +| `aks_service_principal_client_secret` | Service principal password. | | +| `aks_service_principal_object_id` | Service principal object ID. | | + +## Example + +To see how to run this example, see [Create a Kubernetes cluster with Azure Kubernetes Service using Terraform](https://docs.microsoft.com/azure/developer/terraform/create-k8s-cluster-with-tf-and-aks). diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf index e9e948cb..e19ab7f6 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf @@ -24,29 +24,22 @@ variable "cluster_name" { default = "k8stest" } -variable "resource_group_name" { - default = "azure-k8stest" -} - -variable "location" { - default = "Central US" -} - variable "log_analytics_workspace_name" { default = "testLogAnalyticsWorkspaceName" } -# refer https://azure.microsoft.com/global-infrastructure/services/?products=monitor for log analytics available regions +# Refer to https://azure.microsoft.com/global-infrastructure/services/?products=monitor for available Log Analytics regions. variable "log_analytics_workspace_location" { default = "eastus" } -# refer https://azure.microsoft.com/pricing/details/monitor/ for log analytics pricing +# Refer to https://azure.microsoft.com/pricing/details/monitor/ for Log Analytics pricing variable "log_analytics_workspace_sku" { default = "PerGB2018" } -# these following three entries are placeholder references; we will specify values later in terraform.tfvars +# The following three variable declarations are placeholder references. +# Set the values for these variable in terraform.tfvars variable "aks_service_principal_app_id" { default = "" } @@ -58,4 +51,3 @@ variable "aks_service_principal_client_secret" { variable "aks_service_principal_object_id" { default = "" } - \ No newline at end of file From e866f8430d37e4f783bf9bba408ca1d258a1b5c1 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sun, 28 Aug 2022 09:12:59 -0700 Subject: [PATCH 08/21] readme files --- quickstart/201-mysql-fs-db/main.tf | 29 ++++++++++++------------- quickstart/201-mysql-fs-db/readme.md | 8 +++---- quickstart/201-mysql-fs-db/variables.tf | 12 +++++----- 3 files changed, 23 insertions(+), 26 deletions(-) diff --git a/quickstart/201-mysql-fs-db/main.tf b/quickstart/201-mysql-fs-db/main.tf index feab9787..9ebacf65 100644 --- a/quickstart/201-mysql-fs-db/main.tf +++ b/quickstart/201-mysql-fs-db/main.tf @@ -1,9 +1,14 @@ -// Generate random value for the Resource Group name +# Generate random resource group name resource "random_pet" "rg_name" { - prefix = var.name_prefix + prefix = var.resource_group_name_prefix } -// Generate random value for the name +resource "azurerm_resource_group" "rg" { + name = random_pet.rg_name.id + location = var.resource_group_location +} + +# Generate random value for the name resource "random_string" "name" { length = 8 upper = false @@ -11,7 +16,7 @@ resource "random_string" "name" { special = false } -// Generate random value for the login password +# Generate random value for the login password resource "random_password" "password" { length = 8 upper = true @@ -20,13 +25,7 @@ resource "random_password" "password" { override_special = "_" } -// Manages the Resource Group where the resource exists -resource "azurerm_resource_group" "default" { - name = "mysqlfsRG-${random_pet.rg_name.id}" - location = var.location -} - -// Manages the Virtual Network +# Manages the Virtual Network resource "azurerm_virtual_network" "default" { name = "vnet-${random_string.name.result}" location = azurerm_resource_group.default.location @@ -34,7 +33,7 @@ resource "azurerm_virtual_network" "default" { address_space = ["10.0.0.0/16"] } -// Manages the Subnet +# Manages the Subnet resource "azurerm_subnet" "default" { name = "subnet-${random_string.name.result}" resource_group_name = azurerm_resource_group.default.name @@ -55,13 +54,13 @@ resource "azurerm_subnet" "default" { } } -// Enables you to manage Private DNS zones within Azure DNS +# Enables you to manage Private DNS zones within Azure DNS resource "azurerm_private_dns_zone" "default" { name = "${random_string.name.result}.mysql.database.azure.com" resource_group_name = azurerm_resource_group.default.name } -// Enables you to manage Private DNS zone Virtual Network Links +# Enables you to manage Private DNS zone Virtual Network Links resource "azurerm_private_dns_zone_virtual_network_link" "default" { name = "mysqlfsVnetZone${random_string.name.result}.com" private_dns_zone_name = azurerm_private_dns_zone.default.name @@ -69,7 +68,7 @@ resource "azurerm_private_dns_zone_virtual_network_link" "default" { resource_group_name = azurerm_resource_group.default.name } -// Manages the MySQL Flexible Server +# Manages the MySQL Flexible Server resource "azurerm_mysql_flexible_server" "default" { name = "mysqlfs-${random_string.name.result}" resource_group_name = azurerm_resource_group.default.name diff --git a/quickstart/201-mysql-fs-db/readme.md b/quickstart/201-mysql-fs-db/readme.md index 31abc815..bac940f1 100644 --- a/quickstart/201-mysql-fs-db/readme.md +++ b/quickstart/201-mysql-fs-db/readme.md @@ -17,10 +17,10 @@ This template deploys an [Azure MySQL Flexible Server Database](https://registry ## Variables -| Name | Description | -|-|-| -| `name_prefix` | (Optional) Prefix of the resource name. Value defaults to: tftest| -| `location` | (Optional) Azure Region in which to deploy these resources. Value defaults to: eastus | +| Name | Description | Default | +|-|-|-| +| `resource_group_name_prefix` | (Optional) Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. Value defaults to: rg| +| `resource_group_location` | (Optional) Azure Region in which to deploy these resources. Value defaults to: eastus | ## Example diff --git a/quickstart/201-mysql-fs-db/variables.tf b/quickstart/201-mysql-fs-db/variables.tf index 7a27de0b..19f4680c 100644 --- a/quickstart/201-mysql-fs-db/variables.tf +++ b/quickstart/201-mysql-fs-db/variables.tf @@ -1,11 +1,9 @@ -variable "name_prefix" { - type = string - default = "tftest" - description = "Prefix of the resource name." +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." } -variable "location" { - type = string +variable "resource_group_location" { default = "eastus" - description = "Location of the resource." + description = "Location of the resource group." } From b6f52f38d39308fd535861a1a53c9b57687e7ca6 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sun, 28 Aug 2022 23:30:10 -0700 Subject: [PATCH 09/21] changes per tech review --- quickstart/101-attestation-provider/providers.tf | 5 +++++ quickstart/101-resource-group/providers.tf | 5 +++++ .../201-k8s-cluster-with-tf-and-aks/outputs.tf | 10 +++++----- .../201-k8s-cluster-with-tf-and-aks/providers.tf | 5 +++++ quickstart/201-mysql-fs-db/main.tf | 15 ++++++++------- quickstart/201-mysql-fs-db/mysql-fs-db.tf | 4 ++-- quickstart/201-mysql-fs-db/outputs.tf | 2 +- quickstart/201-mysql-fs-db/providers.tf | 5 +++++ 8 files changed, 36 insertions(+), 15 deletions(-) diff --git a/quickstart/101-attestation-provider/providers.tf b/quickstart/101-attestation-provider/providers.tf index 6bd52554..04123ebc 100644 --- a/quickstart/101-attestation-provider/providers.tf +++ b/quickstart/101-attestation-provider/providers.tf @@ -12,3 +12,8 @@ terraform { provider "azurerm" { features {} } + +random = { + source = "hashicorp/random" + version = "~>3.0" +} diff --git a/quickstart/101-resource-group/providers.tf b/quickstart/101-resource-group/providers.tf index 6bd52554..04123ebc 100644 --- a/quickstart/101-resource-group/providers.tf +++ b/quickstart/101-resource-group/providers.tf @@ -12,3 +12,8 @@ terraform { provider "azurerm" { features {} } + +random = { + source = "hashicorp/random" + version = "~>3.0" +} diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf index 52632b91..478852b0 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf @@ -3,27 +3,27 @@ output "resource_group_name" { } output "client_key" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_key + value = azurerm_kubernetes_cluster.k8s.kube_config[0].client_key sensitive = true } output "client_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.client_certificate + value = azurerm_kubernetes_cluster.k8s.kube_config[0].client_certificate sensitive = true } output "cluster_ca_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.cluster_ca_certificate + value = azurerm_kubernetes_cluster.k8s.kube_config[0].cluster_ca_certificate sensitive = true } output "cluster_username" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.username + value = azurerm_kubernetes_cluster.k8s.kube_config[0].username sensitive = true } output "cluster_password" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.password + value = azurerm_kubernetes_cluster.k8s.kube_config[0].password sensitive = true } diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf index cbe3e719..965241cd 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf @@ -12,3 +12,8 @@ terraform { provider "azurerm" { features {} } + +random = { + source = "hashicorp/random" + version = "~>3.0" +} diff --git a/quickstart/201-mysql-fs-db/main.tf b/quickstart/201-mysql-fs-db/main.tf index 9ebacf65..9f6c3960 100644 --- a/quickstart/201-mysql-fs-db/main.tf +++ b/quickstart/201-mysql-fs-db/main.tf @@ -22,21 +22,22 @@ resource "random_password" "password" { upper = true lower = true special = true + numeric = false override_special = "_" } # Manages the Virtual Network resource "azurerm_virtual_network" "default" { name = "vnet-${random_string.name.result}" - location = azurerm_resource_group.default.location - resource_group_name = azurerm_resource_group.default.name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name address_space = ["10.0.0.0/16"] } # Manages the Subnet resource "azurerm_subnet" "default" { name = "subnet-${random_string.name.result}" - resource_group_name = azurerm_resource_group.default.name + resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.default.name address_prefixes = ["10.0.2.0/24"] service_endpoints = ["Microsoft.Storage"] @@ -57,7 +58,7 @@ resource "azurerm_subnet" "default" { # Enables you to manage Private DNS zones within Azure DNS resource "azurerm_private_dns_zone" "default" { name = "${random_string.name.result}.mysql.database.azure.com" - resource_group_name = azurerm_resource_group.default.name + resource_group_name = azurerm_resource_group.rg.name } # Enables you to manage Private DNS zone Virtual Network Links @@ -65,14 +66,14 @@ resource "azurerm_private_dns_zone_virtual_network_link" "default" { name = "mysqlfsVnetZone${random_string.name.result}.com" private_dns_zone_name = azurerm_private_dns_zone.default.name virtual_network_id = azurerm_virtual_network.default.id - resource_group_name = azurerm_resource_group.default.name + resource_group_name = azurerm_resource_group.rg.name } # Manages the MySQL Flexible Server resource "azurerm_mysql_flexible_server" "default" { name = "mysqlfs-${random_string.name.result}" - resource_group_name = azurerm_resource_group.default.name - location = azurerm_resource_group.default.location + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location administrator_login = random_string.name.result administrator_password = random_password.password.result zone = "1" diff --git a/quickstart/201-mysql-fs-db/mysql-fs-db.tf b/quickstart/201-mysql-fs-db/mysql-fs-db.tf index 7be11190..51598667 100644 --- a/quickstart/201-mysql-fs-db/mysql-fs-db.tf +++ b/quickstart/201-mysql-fs-db/mysql-fs-db.tf @@ -1,7 +1,7 @@ -// Manages the MySQL Flexible Server Database +# Manages the MySQL Flexible Server Database resource "azurerm_mysql_flexible_database" "default" { name = "mysqlfsdb_${random_string.name.result}" - resource_group_name = azurerm_resource_group.default.name + resource_group_name = azurerm_resource_group.rg.name server_name = azurerm_mysql_flexible_server.default.name charset = "utf8" collation = "utf8_unicode_ci" diff --git a/quickstart/201-mysql-fs-db/outputs.tf b/quickstart/201-mysql-fs-db/outputs.tf index a4c7915b..dca1b176 100644 --- a/quickstart/201-mysql-fs-db/outputs.tf +++ b/quickstart/201-mysql-fs-db/outputs.tf @@ -1,5 +1,5 @@ output "resource_group_name" { - value = azurerm_resource_group.default.name + value = azurerm_resource_group.rg.name } output "azurerm_mysql_flexible_server" { diff --git a/quickstart/201-mysql-fs-db/providers.tf b/quickstart/201-mysql-fs-db/providers.tf index cbe3e719..965241cd 100644 --- a/quickstart/201-mysql-fs-db/providers.tf +++ b/quickstart/201-mysql-fs-db/providers.tf @@ -12,3 +12,8 @@ terraform { provider "azurerm" { features {} } + +random = { + source = "hashicorp/random" + version = "~>3.0" +} From bd27b46fdc0612a9a983f22ab33710ea12816a8a Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sun, 28 Aug 2022 23:39:27 -0700 Subject: [PATCH 10/21] fixing random provider info --- quickstart/101-attestation-provider/providers.tf | 9 +++++---- quickstart/101-resource-group/providers.tf | 7 ++++++- quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf | 7 ++++++- quickstart/201-mysql-fs-db/providers.tf | 7 ++++++- 4 files changed, 23 insertions(+), 7 deletions(-) diff --git a/quickstart/101-attestation-provider/providers.tf b/quickstart/101-attestation-provider/providers.tf index 04123ebc..f47e31ec 100644 --- a/quickstart/101-attestation-provider/providers.tf +++ b/quickstart/101-attestation-provider/providers.tf @@ -6,6 +6,11 @@ terraform { source = "hashicorp/azurerm" version = "~>2.0" } + + random = { + source = "hashicorp/random" + version = "~>3.0" + } } } @@ -13,7 +18,3 @@ provider "azurerm" { features {} } -random = { - source = "hashicorp/random" - version = "~>3.0" -} diff --git a/quickstart/101-resource-group/providers.tf b/quickstart/101-resource-group/providers.tf index 04123ebc..0dea752c 100644 --- a/quickstart/101-resource-group/providers.tf +++ b/quickstart/101-resource-group/providers.tf @@ -6,6 +6,11 @@ terraform { source = "hashicorp/azurerm" version = "~>2.0" } + + random = { + source = "hashicorp/random" + version = "~>3.0" + } } } @@ -14,6 +19,6 @@ provider "azurerm" { } random = { - source = "hashicorp/random" + source = "hashicorp/random" version = "~>3.0" } diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf index 965241cd..b542ce25 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf @@ -6,6 +6,11 @@ terraform { source = "hashicorp/azurerm" version = "~>3.0" } + + random = { + source = "hashicorp/random" + version = "~>3.0" + } } } @@ -14,6 +19,6 @@ provider "azurerm" { } random = { - source = "hashicorp/random" + source = "hashicorp/random" version = "~>3.0" } diff --git a/quickstart/201-mysql-fs-db/providers.tf b/quickstart/201-mysql-fs-db/providers.tf index 965241cd..b542ce25 100644 --- a/quickstart/201-mysql-fs-db/providers.tf +++ b/quickstart/201-mysql-fs-db/providers.tf @@ -6,6 +6,11 @@ terraform { source = "hashicorp/azurerm" version = "~>3.0" } + + random = { + source = "hashicorp/random" + version = "~>3.0" + } } } @@ -14,6 +19,6 @@ provider "azurerm" { } random = { - source = "hashicorp/random" + source = "hashicorp/random" version = "~>3.0" } From 7305ee2a26e167c26c84ca98bb0574dc000ec6ac Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sun, 28 Aug 2022 23:45:08 -0700 Subject: [PATCH 11/21] changing array syntax --- quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf index 478852b0..e9d185bf 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf @@ -33,7 +33,7 @@ output "kube_config" { } output "host" { - value = azurerm_kubernetes_cluster.k8s.kube_config.0.host + value = azurerm_kubernetes_cluster.k8s.kube_config[0].host sensitive = true } \ No newline at end of file From dceafac08d00c29033d896ccf36bce2b7df8eb9e Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sun, 28 Aug 2022 23:51:22 -0700 Subject: [PATCH 12/21] more changes --- quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars | 2 -- quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf | 6 +----- 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars index 5e0e0e0f..5c82a505 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars @@ -1,5 +1,3 @@ aks_service_principal_app_id = "" aks_service_principal_client_secret = "" - -aks_service_principal_object_id = "" diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf index e19ab7f6..61a5f3f6 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf @@ -38,7 +38,7 @@ variable "log_analytics_workspace_sku" { default = "PerGB2018" } -# The following three variable declarations are placeholder references. +# The following two variable declarations are placeholder references. # Set the values for these variable in terraform.tfvars variable "aks_service_principal_app_id" { default = "" @@ -47,7 +47,3 @@ variable "aks_service_principal_app_id" { variable "aks_service_principal_client_secret" { default = "" } - -variable "aks_service_principal_object_id" { - default = "" -} From 65cb9c7f0e7a01d1ddd5eef151940a89c60d76f7 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Mon, 29 Aug 2022 00:05:42 -0700 Subject: [PATCH 13/21] more changes --- quickstart/101-attestation-provider/providers.tf | 1 - quickstart/101-resource-group/providers.tf | 5 ----- quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf | 5 ----- quickstart/201-mysql-fs-db/providers.tf | 5 ----- 4 files changed, 16 deletions(-) diff --git a/quickstart/101-attestation-provider/providers.tf b/quickstart/101-attestation-provider/providers.tf index f47e31ec..ba3e0dc7 100644 --- a/quickstart/101-attestation-provider/providers.tf +++ b/quickstart/101-attestation-provider/providers.tf @@ -17,4 +17,3 @@ terraform { provider "azurerm" { features {} } - diff --git a/quickstart/101-resource-group/providers.tf b/quickstart/101-resource-group/providers.tf index 0dea752c..ba3e0dc7 100644 --- a/quickstart/101-resource-group/providers.tf +++ b/quickstart/101-resource-group/providers.tf @@ -17,8 +17,3 @@ terraform { provider "azurerm" { features {} } - -random = { - source = "hashicorp/random" - version = "~>3.0" -} diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf index b542ce25..0d51fc35 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf @@ -17,8 +17,3 @@ terraform { provider "azurerm" { features {} } - -random = { - source = "hashicorp/random" - version = "~>3.0" -} diff --git a/quickstart/201-mysql-fs-db/providers.tf b/quickstart/201-mysql-fs-db/providers.tf index b542ce25..0d51fc35 100644 --- a/quickstart/201-mysql-fs-db/providers.tf +++ b/quickstart/201-mysql-fs-db/providers.tf @@ -17,8 +17,3 @@ terraform { provider "azurerm" { features {} } - -random = { - source = "hashicorp/random" - version = "~>3.0" -} From e3c66ca15dca8bb6cb84e87bb54536c3ceefc890 Mon Sep 17 00:00:00 2001 From: hezijie Date: Mon, 29 Aug 2022 17:03:29 +0800 Subject: [PATCH 14/21] Sort all variables, outputs, arguments and blocks in resource block. Adjust code file's style. Add `numeric = false` for `random_string.name` in `201-mysql-fs-db` module as the name is used as `azurerm_mysql_flexible_server.default`'s `administrator_login` and the login name doesn't support a name start with number. Add minimum constraints for `random_password.password` in `201-mysql-fs-db` module as the password required a minimum complexity. --- quickstart/101-attestation-provider/main.tf | 9 ++- .../101-attestation-provider/outputs.tf | 2 +- .../101-attestation-provider/providers.tf | 3 +- .../101-attestation-provider/variables.tf | 18 ++--- quickstart/101-resource-group/main.tf | 4 +- quickstart/101-resource-group/providers.tf | 3 +- quickstart/101-resource-group/variables.tf | 10 +-- .../201-k8s-cluster-with-tf-and-aks/main.tf | 38 +++++----- .../outputs.tf | 27 ++++--- .../providers.tf | 1 - .../terraform.tfvars | 3 +- .../variables.tf | 72 +++++++++---------- quickstart/201-mysql-fs-db/main.tf | 51 ++++++------- quickstart/201-mysql-fs-db/mysql-fs-db.tf | 4 +- quickstart/201-mysql-fs-db/outputs.tf | 8 +-- quickstart/201-mysql-fs-db/providers.tf | 2 +- quickstart/201-mysql-fs-db/variables.tf | 10 +-- 17 files changed, 128 insertions(+), 137 deletions(-) diff --git a/quickstart/101-attestation-provider/main.tf b/quickstart/101-attestation-provider/main.tf index 36091ab7..fc2fd724 100644 --- a/quickstart/101-attestation-provider/main.tf +++ b/quickstart/101-attestation-provider/main.tf @@ -3,14 +3,13 @@ resource "random_pet" "rg_name" { } resource "azurerm_resource_group" "rg" { - name = random_pet.rg_name.id location = var.resource_group_location + name = random_pet.rg_name.id } resource "azurerm_attestation_provider" "corp_attestation" { - name = var.attestation_provider_name - resource_group_name = azurerm_resource_group.rg.name - location = azurerm_resource_group.rg.location - + location = azurerm_resource_group.rg.location + name = var.attestation_provider_name + resource_group_name = azurerm_resource_group.rg.name policy_signing_certificate_data = file(var.policy_file) } \ No newline at end of file diff --git a/quickstart/101-attestation-provider/outputs.tf b/quickstart/101-attestation-provider/outputs.tf index 62816bd7..c765da63 100644 --- a/quickstart/101-attestation-provider/outputs.tf +++ b/quickstart/101-attestation-provider/outputs.tf @@ -1,3 +1,3 @@ output "resource_group_name" { value = azurerm_resource_group.rg.name -} +} \ No newline at end of file diff --git a/quickstart/101-attestation-provider/providers.tf b/quickstart/101-attestation-provider/providers.tf index ba3e0dc7..5343d826 100644 --- a/quickstart/101-attestation-provider/providers.tf +++ b/quickstart/101-attestation-provider/providers.tf @@ -6,7 +6,6 @@ terraform { source = "hashicorp/azurerm" version = "~>2.0" } - random = { source = "hashicorp/random" version = "~>3.0" @@ -16,4 +15,4 @@ terraform { provider "azurerm" { features {} -} +} \ No newline at end of file diff --git a/quickstart/101-attestation-provider/variables.tf b/quickstart/101-attestation-provider/variables.tf index 7c14fc2b..d10d70d2 100644 --- a/quickstart/101-attestation-provider/variables.tf +++ b/quickstart/101-attestation-provider/variables.tf @@ -1,6 +1,9 @@ -variable "resource_group_name_prefix" { - default = "rg" - description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +variable "attestation_provider_name" { + default = "attestationprovider007" +} + +variable "policy_file" { + default = "~/.certs/cert.pem" } variable "resource_group_location" { @@ -8,10 +11,7 @@ variable "resource_group_location" { description = "Location of the resource group." } -variable "policy_file" { - default = "~/.certs/cert.pem" -} - -variable "attestation_provider_name" { - default = "attestationprovider007" +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." } \ No newline at end of file diff --git a/quickstart/101-resource-group/main.tf b/quickstart/101-resource-group/main.tf index b312f1af..ab4f9a5e 100644 --- a/quickstart/101-resource-group/main.tf +++ b/quickstart/101-resource-group/main.tf @@ -3,6 +3,6 @@ resource "random_pet" "rg_name" { } resource "azurerm_resource_group" "rg" { - name = random_pet.rg_name.id location = var.resource_group_location -} + name = random_pet.rg_name.id +} \ No newline at end of file diff --git a/quickstart/101-resource-group/providers.tf b/quickstart/101-resource-group/providers.tf index ba3e0dc7..5343d826 100644 --- a/quickstart/101-resource-group/providers.tf +++ b/quickstart/101-resource-group/providers.tf @@ -6,7 +6,6 @@ terraform { source = "hashicorp/azurerm" version = "~>2.0" } - random = { source = "hashicorp/random" version = "~>3.0" @@ -16,4 +15,4 @@ terraform { provider "azurerm" { features {} -} +} \ No newline at end of file diff --git a/quickstart/101-resource-group/variables.tf b/quickstart/101-resource-group/variables.tf index 19f4680c..e8396125 100644 --- a/quickstart/101-resource-group/variables.tf +++ b/quickstart/101-resource-group/variables.tf @@ -1,9 +1,9 @@ -variable "resource_group_name_prefix" { - default = "rg" - description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." -} - variable "resource_group_location" { default = "eastus" description = "Location of the resource group." } + +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf index bace6bb2..0069ac6f 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/main.tf @@ -4,8 +4,8 @@ resource "random_pet" "rg_name" { } resource "azurerm_resource_group" "rg" { - name = random_pet.rg_name.id location = var.resource_group_location + name = random_pet.rg_name.id } resource "random_id" "log_analytics_workspace_name_suffix" { @@ -13,32 +13,40 @@ resource "random_id" "log_analytics_workspace_name_suffix" { } resource "azurerm_log_analytics_workspace" "test" { + location = var.log_analytics_workspace_location # The WorkSpace name has to be unique across the whole of azure, not just the current subscription/tenant. name = "${var.log_analytics_workspace_name}-${random_id.log_analytics_workspace_name_suffix.dec}" - location = var.log_analytics_workspace_location resource_group_name = azurerm_resource_group.rg.name sku = var.log_analytics_workspace_sku } resource "azurerm_log_analytics_solution" "test" { - solution_name = "ContainerInsights" location = azurerm_log_analytics_workspace.test.location resource_group_name = azurerm_resource_group.rg.name - workspace_resource_id = azurerm_log_analytics_workspace.test.id + solution_name = "ContainerInsights" workspace_name = azurerm_log_analytics_workspace.test.name + workspace_resource_id = azurerm_log_analytics_workspace.test.id plan { - publisher = "Microsoft" product = "OMSGallery/ContainerInsights" + publisher = "Microsoft" } } resource "azurerm_kubernetes_cluster" "k8s" { - name = var.cluster_name location = azurerm_resource_group.rg.location + name = var.cluster_name resource_group_name = azurerm_resource_group.rg.name dns_prefix = var.dns_prefix + tags = { + Environment = "Development" + } + default_node_pool { + name = "agentpool" + vm_size = "Standard_D2_v2" + node_count = var.agent_count + } linux_profile { admin_username = "ubuntu" @@ -46,24 +54,12 @@ resource "azurerm_kubernetes_cluster" "k8s" { key_data = file(var.ssh_public_key) } } - - default_node_pool { - name = "agentpool" - node_count = var.agent_count - vm_size = "Standard_D2_v2" + network_profile { + network_plugin = "kubenet" + load_balancer_sku = "standard" } - service_principal { client_id = var.aks_service_principal_app_id client_secret = var.aks_service_principal_client_secret } - - network_profile { - load_balancer_sku = "standard" - network_plugin = "kubenet" - } - - tags = { - Environment = "Development" - } } diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf index e9d185bf..b41d7ae1 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/outputs.tf @@ -1,5 +1,6 @@ -output "resource_group_name" { - value = azurerm_resource_group.rg.name +output "client_certificate" { + value = azurerm_kubernetes_cluster.k8s.kube_config[0].client_certificate + sensitive = true } output "client_key" { @@ -7,23 +8,23 @@ output "client_key" { sensitive = true } -output "client_certificate" { - value = azurerm_kubernetes_cluster.k8s.kube_config[0].client_certificate - sensitive = true -} - output "cluster_ca_certificate" { value = azurerm_kubernetes_cluster.k8s.kube_config[0].cluster_ca_certificate sensitive = true } +output "cluster_password" { + value = azurerm_kubernetes_cluster.k8s.kube_config[0].password + sensitive = true +} + output "cluster_username" { value = azurerm_kubernetes_cluster.k8s.kube_config[0].username sensitive = true } -output "cluster_password" { - value = azurerm_kubernetes_cluster.k8s.kube_config[0].password +output "host" { + value = azurerm_kubernetes_cluster.k8s.kube_config[0].host sensitive = true } @@ -32,8 +33,6 @@ output "kube_config" { sensitive = true } -output "host" { - value = azurerm_kubernetes_cluster.k8s.kube_config[0].host - sensitive = true -} - \ No newline at end of file +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf index 0d51fc35..74dc62e1 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/providers.tf @@ -6,7 +6,6 @@ terraform { source = "hashicorp/azurerm" version = "~>3.0" } - random = { source = "hashicorp/random" version = "~>3.0" diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars index 5c82a505..866eb921 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/terraform.tfvars @@ -1,3 +1,2 @@ aks_service_principal_app_id = "" - -aks_service_principal_client_secret = "" +aks_service_principal_client_secret = "" \ No newline at end of file diff --git a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf index 61a5f3f6..c90da17d 100644 --- a/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf +++ b/quickstart/201-k8s-cluster-with-tf-and-aks/variables.tf @@ -1,43 +1,7 @@ -variable "resource_group_name_prefix" { - default = "rg" - description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." -} - -variable "resource_group_location" { - default = "eastus" - description = "Location of the resource group." -} - variable "agent_count" { default = 3 } -variable "ssh_public_key" { - default = "~/.ssh/id_rsa.pub" -} - -variable "dns_prefix" { - default = "k8stest" -} - -variable "cluster_name" { - default = "k8stest" -} - -variable "log_analytics_workspace_name" { - default = "testLogAnalyticsWorkspaceName" -} - -# Refer to https://azure.microsoft.com/global-infrastructure/services/?products=monitor for available Log Analytics regions. -variable "log_analytics_workspace_location" { - default = "eastus" -} - -# Refer to https://azure.microsoft.com/pricing/details/monitor/ for Log Analytics pricing -variable "log_analytics_workspace_sku" { - default = "PerGB2018" -} - # The following two variable declarations are placeholder references. # Set the values for these variable in terraform.tfvars variable "aks_service_principal_app_id" { @@ -47,3 +11,39 @@ variable "aks_service_principal_app_id" { variable "aks_service_principal_client_secret" { default = "" } + +variable "cluster_name" { + default = "k8stest" +} + +variable "dns_prefix" { + default = "k8stest" +} + +# Refer to https://azure.microsoft.com/global-infrastructure/services/?products=monitor for available Log Analytics regions. +variable "log_analytics_workspace_location" { + default = "eastus" +} + +variable "log_analytics_workspace_name" { + default = "testLogAnalyticsWorkspaceName" +} + +# Refer to https://azure.microsoft.com/pricing/details/monitor/ for Log Analytics pricing +variable "log_analytics_workspace_sku" { + default = "PerGB2018" +} + +variable "resource_group_location" { + default = "eastus" + description = "Location of the resource group." +} + +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} + +variable "ssh_public_key" { + default = "~/.ssh/id_rsa.pub" +} diff --git a/quickstart/201-mysql-fs-db/main.tf b/quickstart/201-mysql-fs-db/main.tf index 9f6c3960..6d6a1238 100644 --- a/quickstart/201-mysql-fs-db/main.tf +++ b/quickstart/201-mysql-fs-db/main.tf @@ -4,50 +4,54 @@ resource "random_pet" "rg_name" { } resource "azurerm_resource_group" "rg" { - name = random_pet.rg_name.id location = var.resource_group_location + name = random_pet.rg_name.id } # Generate random value for the name resource "random_string" "name" { length = 8 - upper = false lower = true + numeric = false special = false + upper = false } # Generate random value for the login password resource "random_password" "password" { length = 8 - upper = true lower = true - special = true - numeric = false + min_lower = 1 + min_numeric = 1 + min_special = 1 + min_upper = 1 + numeric = true override_special = "_" + special = true + upper = true } # Manages the Virtual Network resource "azurerm_virtual_network" "default" { - name = "vnet-${random_string.name.result}" - location = azurerm_resource_group.rg.location - resource_group_name = azurerm_resource_group.rg.name address_space = ["10.0.0.0/16"] + location = azurerm_resource_group.rg.location + name = "vnet-${random_string.name.result}" + resource_group_name = azurerm_resource_group.rg.name } # Manages the Subnet resource "azurerm_subnet" "default" { + address_prefixes = ["10.0.2.0/24"] name = "subnet-${random_string.name.result}" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.default.name - address_prefixes = ["10.0.2.0/24"] service_endpoints = ["Microsoft.Storage"] delegation { name = "fs" service_delegation { - name = "Microsoft.DBforMySQL/flexibleServers" - + name = "Microsoft.DBforMySQL/flexibleServers" actions = [ "Microsoft.Network/virtualNetworks/subnets/join/action", ] @@ -65,41 +69,38 @@ resource "azurerm_private_dns_zone" "default" { resource "azurerm_private_dns_zone_virtual_network_link" "default" { name = "mysqlfsVnetZone${random_string.name.result}.com" private_dns_zone_name = azurerm_private_dns_zone.default.name - virtual_network_id = azurerm_virtual_network.default.id resource_group_name = azurerm_resource_group.rg.name + virtual_network_id = azurerm_virtual_network.default.id } # Manages the MySQL Flexible Server resource "azurerm_mysql_flexible_server" "default" { + location = azurerm_resource_group.rg.location name = "mysqlfs-${random_string.name.result}" resource_group_name = azurerm_resource_group.rg.name - location = azurerm_resource_group.rg.location administrator_login = random_string.name.result administrator_password = random_password.password.result - zone = "1" - version = "8.0.21" backup_retention_days = 7 + delegated_subnet_id = azurerm_subnet.default.id geo_redundant_backup_enabled = false - - storage { - size_gb = 20 - iops = 360 - } - - delegated_subnet_id = azurerm_subnet.default.id - private_dns_zone_id = azurerm_private_dns_zone.default.id - sku_name = "GP_Standard_D2ds_v4" + private_dns_zone_id = azurerm_private_dns_zone.default.id + sku_name = "GP_Standard_D2ds_v4" + version = "8.0.21" + zone = "1" high_availability { mode = "ZoneRedundant" standby_availability_zone = "2" } - maintenance_window { day_of_week = 0 start_hour = 8 start_minute = 0 } + storage { + iops = 360 + size_gb = 20 + } depends_on = [azurerm_private_dns_zone_virtual_network_link.default] } diff --git a/quickstart/201-mysql-fs-db/mysql-fs-db.tf b/quickstart/201-mysql-fs-db/mysql-fs-db.tf index 51598667..4ed02a76 100644 --- a/quickstart/201-mysql-fs-db/mysql-fs-db.tf +++ b/quickstart/201-mysql-fs-db/mysql-fs-db.tf @@ -1,8 +1,8 @@ # Manages the MySQL Flexible Server Database resource "azurerm_mysql_flexible_database" "default" { + charset = "utf8" + collation = "utf8_unicode_ci" name = "mysqlfsdb_${random_string.name.result}" resource_group_name = azurerm_resource_group.rg.name server_name = azurerm_mysql_flexible_server.default.name - charset = "utf8" - collation = "utf8_unicode_ci" } diff --git a/quickstart/201-mysql-fs-db/outputs.tf b/quickstart/201-mysql-fs-db/outputs.tf index dca1b176..74fb49c0 100644 --- a/quickstart/201-mysql-fs-db/outputs.tf +++ b/quickstart/201-mysql-fs-db/outputs.tf @@ -1,7 +1,3 @@ -output "resource_group_name" { - value = azurerm_resource_group.rg.name -} - output "azurerm_mysql_flexible_server" { value = azurerm_mysql_flexible_server.default.name } @@ -9,3 +5,7 @@ output "azurerm_mysql_flexible_server" { output "mysql_flexible_server_database_name" { value = azurerm_mysql_flexible_database.default.name } + +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} \ No newline at end of file diff --git a/quickstart/201-mysql-fs-db/providers.tf b/quickstart/201-mysql-fs-db/providers.tf index 0d51fc35..31d1f491 100644 --- a/quickstart/201-mysql-fs-db/providers.tf +++ b/quickstart/201-mysql-fs-db/providers.tf @@ -16,4 +16,4 @@ terraform { provider "azurerm" { features {} -} +} \ No newline at end of file diff --git a/quickstart/201-mysql-fs-db/variables.tf b/quickstart/201-mysql-fs-db/variables.tf index 19f4680c..e8396125 100644 --- a/quickstart/201-mysql-fs-db/variables.tf +++ b/quickstart/201-mysql-fs-db/variables.tf @@ -1,9 +1,9 @@ -variable "resource_group_name_prefix" { - default = "rg" - description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." -} - variable "resource_group_location" { default = "eastus" description = "Location of the resource group." } + +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} \ No newline at end of file From 9072d1d114846520ab674911b065f3db36937929 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Mon, 29 Aug 2022 15:30:41 -0700 Subject: [PATCH 15/21] Moving create-linux-vm-with-infrastructure article code to engineering team sample repo --- quickstart/101-vm-with-infrastructure/main.tf | 0 quickstart/101-vm-with-infrastructure/outputs.tf | 0 quickstart/101-vm-with-infrastructure/providers.tf | 0 quickstart/101-vm-with-infrastructure/readme.md | 0 quickstart/101-vm-with-infrastructure/variables.tf | 0 5 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 quickstart/101-vm-with-infrastructure/main.tf create mode 100644 quickstart/101-vm-with-infrastructure/outputs.tf create mode 100644 quickstart/101-vm-with-infrastructure/providers.tf create mode 100644 quickstart/101-vm-with-infrastructure/readme.md create mode 100644 quickstart/101-vm-with-infrastructure/variables.tf diff --git a/quickstart/101-vm-with-infrastructure/main.tf b/quickstart/101-vm-with-infrastructure/main.tf new file mode 100644 index 00000000..e69de29b diff --git a/quickstart/101-vm-with-infrastructure/outputs.tf b/quickstart/101-vm-with-infrastructure/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/quickstart/101-vm-with-infrastructure/providers.tf b/quickstart/101-vm-with-infrastructure/providers.tf new file mode 100644 index 00000000..e69de29b diff --git a/quickstart/101-vm-with-infrastructure/readme.md b/quickstart/101-vm-with-infrastructure/readme.md new file mode 100644 index 00000000..e69de29b diff --git a/quickstart/101-vm-with-infrastructure/variables.tf b/quickstart/101-vm-with-infrastructure/variables.tf new file mode 100644 index 00000000..e69de29b From 62b49e2a914de45a8d48af41ac0cd056cf5ce01a Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Mon, 29 Aug 2022 15:43:40 -0700 Subject: [PATCH 16/21] Added code --- quickstart/101-vm-with-infrastructure/main.tf | 131 ++++++++++++++++++ .../101-vm-with-infrastructure/outputs.tf | 12 ++ .../101-vm-with-infrastructure/providers.tf | 18 +++ .../101-vm-with-infrastructure/variables.tf | 9 ++ 4 files changed, 170 insertions(+) diff --git a/quickstart/101-vm-with-infrastructure/main.tf b/quickstart/101-vm-with-infrastructure/main.tf index e69de29b..f323361c 100644 --- a/quickstart/101-vm-with-infrastructure/main.tf +++ b/quickstart/101-vm-with-infrastructure/main.tf @@ -0,0 +1,131 @@ +resource "random_pet" "rg_name" { + prefix = var.resource_group_name_prefix +} + +resource "azurerm_resource_group" "rg" { + location = var.resource_group_location + name = random_pet.rg_name.id +} + +# Create virtual network +resource "azurerm_virtual_network" "myterraformnetwork" { + name = "myVnet" + address_space = ["10.0.0.0/16"] + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name +} + +# Create subnet +resource "azurerm_subnet" "myterraformsubnet" { + name = "mySubnet" + resource_group_name = azurerm_resource_group.rg.name + virtual_network_name = azurerm_virtual_network.myterraformnetwork.name + address_prefixes = ["10.0.1.0/24"] +} + +# Create public IPs +resource "azurerm_public_ip" "myterraformpublicip" { + name = "myPublicIP" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + allocation_method = "Dynamic" +} + +# Create Network Security Group and rule +resource "azurerm_network_security_group" "myterraformnsg" { + name = "myNetworkSecurityGroup" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + + security_rule { + name = "SSH" + priority = 1001 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "22" + source_address_prefix = "*" + destination_address_prefix = "*" + } +} + +# Create network interface +resource "azurerm_network_interface" "myterraformnic" { + name = "myNIC" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + + ip_configuration { + name = "myNicConfiguration" + subnet_id = azurerm_subnet.myterraformsubnet.id + private_ip_address_allocation = "Dynamic" + public_ip_address_id = azurerm_public_ip.myterraformpublicip.id + } +} + +# Connect the security group to the network interface +resource "azurerm_network_interface_security_group_association" "example" { + network_interface_id = azurerm_network_interface.myterraformnic.id + network_security_group_id = azurerm_network_security_group.myterraformnsg.id +} + +# Generate random text for a unique storage account name +resource "random_id" "randomId" { + keepers = { + # Generate a new ID only when a new resource group is defined + resource_group = azurerm_resource_group.rg.name + } + + byte_length = 8 +} + +# Create storage account for boot diagnostics +resource "azurerm_storage_account" "mystorageaccount" { + name = "diag${random_id.randomId.hex}" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + account_tier = "Standard" + account_replication_type = "LRS" +} + +# Create (and display) an SSH key +resource "tls_private_key" "example_ssh" { + algorithm = "RSA" + rsa_bits = 4096 +} + +# Create virtual machine +resource "azurerm_linux_virtual_machine" "myterraformvm" { + name = "myVM" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + network_interface_ids = [azurerm_network_interface.myterraformnic.id] + size = "Standard_DS1_v2" + + os_disk { + name = "myOsDisk" + caching = "ReadWrite" + storage_account_type = "Premium_LRS" + } + + source_image_reference { + publisher = "Canonical" + offer = "UbuntuServer" + sku = "18.04-LTS" + version = "latest" + } + + computer_name = "myvm" + admin_username = "azureuser" + disable_password_authentication = true + + admin_ssh_key { + username = "azureuser" + public_key = tls_private_key.example_ssh.public_key_openssh + } + + boot_diagnostics { + storage_account_uri = azurerm_storage_account.mystorageaccount.primary_blob_endpoint + } +} \ No newline at end of file diff --git a/quickstart/101-vm-with-infrastructure/outputs.tf b/quickstart/101-vm-with-infrastructure/outputs.tf index e69de29b..6a3a68b6 100644 --- a/quickstart/101-vm-with-infrastructure/outputs.tf +++ b/quickstart/101-vm-with-infrastructure/outputs.tf @@ -0,0 +1,12 @@ +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} + +output "public_ip_address" { + value = azurerm_linux_virtual_machine.myterraformvm.public_ip_address +} + +output "tls_private_key" { + value = tls_private_key.example_ssh.private_key_pem + sensitive = true +} \ No newline at end of file diff --git a/quickstart/101-vm-with-infrastructure/providers.tf b/quickstart/101-vm-with-infrastructure/providers.tf index e69de29b..5343d826 100644 --- a/quickstart/101-vm-with-infrastructure/providers.tf +++ b/quickstart/101-vm-with-infrastructure/providers.tf @@ -0,0 +1,18 @@ +terraform { + required_version = ">=0.12" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>2.0" + } + random = { + source = "hashicorp/random" + version = "~>3.0" + } + } +} + +provider "azurerm" { + features {} +} \ No newline at end of file diff --git a/quickstart/101-vm-with-infrastructure/variables.tf b/quickstart/101-vm-with-infrastructure/variables.tf index e69de29b..e8396125 100644 --- a/quickstart/101-vm-with-infrastructure/variables.tf +++ b/quickstart/101-vm-with-infrastructure/variables.tf @@ -0,0 +1,9 @@ +variable "resource_group_location" { + default = "eastus" + description = "Location of the resource group." +} + +variable "resource_group_name_prefix" { + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} \ No newline at end of file From 0a1a441dc9a34bc2ae01b13393823191078feb9a Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Mon, 29 Aug 2022 16:24:11 -0700 Subject: [PATCH 17/21] Updated readme with terraform types being utilized --- .../101-vm-with-infrastructure/readme.md | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/quickstart/101-vm-with-infrastructure/readme.md b/quickstart/101-vm-with-infrastructure/readme.md index e69de29b..2f320394 100644 --- a/quickstart/101-vm-with-infrastructure/readme.md +++ b/quickstart/101-vm-with-infrastructure/readme.md @@ -0,0 +1,30 @@ +# Azure resource group + +This template deploys a Linux virtual machine (VM) with infrastructure that includes a virtual network, subnet, public IP address, and more. + +## Terraform resource types + +- [random_pet](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) +- [azurerm_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) + +- [azurerm_virtual_network](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) +- [azurerm_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) +- [azurerm_public_ip](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) +- [azurerm_network_security_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_group) +- [azurerm_network_interface](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) +- [azurerm_network_interface_security_group_association](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) +- [random_id](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/id) +- [azurerm_storage_account](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account) +- [tls_private_key](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_key) +- [azurerm_linux_virtual_machine](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) + +## Variables + +| Name | Description | +|-|-| +| `resource_group_name_prefix` | (Optional) Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. Value defaults to: rg| +| `resource_group_location` | (Optional) Azure Region in which to deploy these resources. Value defaults to: eastus | + +## Example + +To see how to run this example, see [Quickstart: Configure a Linux virtual machine in Azure using Terraform](https://docs.microsoft.com/azure/developer/terraform/create-linux-virtual-machine-with-infrastructure). \ No newline at end of file From 7cf420ddb59be7e390b631103f541ed7d27ee1e6 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Mon, 29 Aug 2022 16:41:46 -0700 Subject: [PATCH 18/21] Updated readme for several samples --- quickstart/101-attestation-provider/readme.md | 4 ++-- quickstart/101-resource-group/readme.md | 8 ++++---- quickstart/101-vm-with-infrastructure/readme.md | 10 +++++----- quickstart/201-mysql-fs-db/readme.md | 4 ++-- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/quickstart/101-attestation-provider/readme.md b/quickstart/101-attestation-provider/readme.md index f42ce260..41ff569a 100644 --- a/quickstart/101-attestation-provider/readme.md +++ b/quickstart/101-attestation-provider/readme.md @@ -12,8 +12,8 @@ This template deploys an [Attestation provider](/azure/attestation/overview) on | Name | Description | Default | |-|-|-| -| `resource_group_name_prefix` | (Optional) Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription.| rg | -| `resource_group_location` | (Optional) Azure Region in which to deploy these resources.| eastus | +| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | +| `resource_group_location` | Location of the resource group. | eastus | | `attestation_provider_name` | Name of the Attestation provider | attestationprovider007 | ## Example diff --git a/quickstart/101-resource-group/readme.md b/quickstart/101-resource-group/readme.md index 84273e40..377234a3 100644 --- a/quickstart/101-resource-group/readme.md +++ b/quickstart/101-resource-group/readme.md @@ -9,10 +9,10 @@ This template deploys an Azure resource group with a random name beginning with ## Variables -| Name | Description | -|-|-| -| `resource_group_name_prefix` | (Optional) Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. Value defaults to: rg| -| `resource_group_location` | (Optional) Azure Region in which to deploy these resources. Value defaults to: eastus | +| Name | Description | Default | +|-|-|-| +| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | +| `resource_group_location` | Location of the resource group. | eastus | ## Example diff --git a/quickstart/101-vm-with-infrastructure/readme.md b/quickstart/101-vm-with-infrastructure/readme.md index 2f320394..02772c5e 100644 --- a/quickstart/101-vm-with-infrastructure/readme.md +++ b/quickstart/101-vm-with-infrastructure/readme.md @@ -13,17 +13,17 @@ This template deploys a Linux virtual machine (VM) with infrastructure that incl - [azurerm_network_security_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_group) - [azurerm_network_interface](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) - [azurerm_network_interface_security_group_association](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) -- [random_id](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/id) +- [random_id](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) - [azurerm_storage_account](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account) -- [tls_private_key](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_key) +- [tls_private_key](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key) - [azurerm_linux_virtual_machine](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) ## Variables -| Name | Description | +| Name | Description | Default | |-|-| -| `resource_group_name_prefix` | (Optional) Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. Value defaults to: rg| -| `resource_group_location` | (Optional) Azure Region in which to deploy these resources. Value defaults to: eastus | +| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | +| `resource_group_location` | Location of the resource group. | eastus | ## Example diff --git a/quickstart/201-mysql-fs-db/readme.md b/quickstart/201-mysql-fs-db/readme.md index bac940f1..286650fc 100644 --- a/quickstart/201-mysql-fs-db/readme.md +++ b/quickstart/201-mysql-fs-db/readme.md @@ -19,8 +19,8 @@ This template deploys an [Azure MySQL Flexible Server Database](https://registry | Name | Description | Default | |-|-|-| -| `resource_group_name_prefix` | (Optional) Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. Value defaults to: rg| -| `resource_group_location` | (Optional) Azure Region in which to deploy these resources. Value defaults to: eastus | +| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | +| `resource_group_location` | Location of the resource group. | eastus | ## Example From 85f9e9a803da2e7bac4e97ce637fe1f6abb1b1ac Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Mon, 29 Aug 2022 17:45:43 -0700 Subject: [PATCH 19/21] Added tls provider block --- quickstart/101-vm-with-infrastructure/providers.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/quickstart/101-vm-with-infrastructure/providers.tf b/quickstart/101-vm-with-infrastructure/providers.tf index 5343d826..098cece6 100644 --- a/quickstart/101-vm-with-infrastructure/providers.tf +++ b/quickstart/101-vm-with-infrastructure/providers.tf @@ -10,6 +10,10 @@ terraform { source = "hashicorp/random" version = "~>3.0" } + tls = { + source = "hashicorp/tls" + version = "4.0.1" + } } } From 71e54587ebe700a2cb9b7748cde5a8ce84d29a93 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Mon, 29 Aug 2022 18:16:52 -0700 Subject: [PATCH 20/21] Changed resource names to snake case --- quickstart/101-vm-with-infrastructure/main.tf | 34 +++++++++---------- .../101-vm-with-infrastructure/outputs.tf | 2 +- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/quickstart/101-vm-with-infrastructure/main.tf b/quickstart/101-vm-with-infrastructure/main.tf index f323361c..978e5f06 100644 --- a/quickstart/101-vm-with-infrastructure/main.tf +++ b/quickstart/101-vm-with-infrastructure/main.tf @@ -8,7 +8,7 @@ resource "azurerm_resource_group" "rg" { } # Create virtual network -resource "azurerm_virtual_network" "myterraformnetwork" { +resource "azurerm_virtual_network" "my_terraform_network" { name = "myVnet" address_space = ["10.0.0.0/16"] location = azurerm_resource_group.rg.location @@ -16,15 +16,15 @@ resource "azurerm_virtual_network" "myterraformnetwork" { } # Create subnet -resource "azurerm_subnet" "myterraformsubnet" { +resource "azurerm_subnet" "my_terraform_subnet" { name = "mySubnet" resource_group_name = azurerm_resource_group.rg.name - virtual_network_name = azurerm_virtual_network.myterraformnetwork.name + virtual_network_name = azurerm_virtual_network.my_terraform_network.name address_prefixes = ["10.0.1.0/24"] } # Create public IPs -resource "azurerm_public_ip" "myterraformpublicip" { +resource "azurerm_public_ip" "my_terraform_public_ip" { name = "myPublicIP" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name @@ -32,7 +32,7 @@ resource "azurerm_public_ip" "myterraformpublicip" { } # Create Network Security Group and rule -resource "azurerm_network_security_group" "myterraformnsg" { +resource "azurerm_network_security_group" "my_terraform_nsg" { name = "myNetworkSecurityGroup" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name @@ -51,27 +51,27 @@ resource "azurerm_network_security_group" "myterraformnsg" { } # Create network interface -resource "azurerm_network_interface" "myterraformnic" { +resource "azurerm_network_interface" "my_terraform_nic" { name = "myNIC" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name ip_configuration { - name = "myNicConfiguration" - subnet_id = azurerm_subnet.myterraformsubnet.id + name = "my_nic_configuration" + subnet_id = azurerm_subnet.my_terraform_subnet.id private_ip_address_allocation = "Dynamic" - public_ip_address_id = azurerm_public_ip.myterraformpublicip.id + public_ip_address_id = azurerm_public_ip.my_terraform_public_ip.id } } # Connect the security group to the network interface resource "azurerm_network_interface_security_group_association" "example" { - network_interface_id = azurerm_network_interface.myterraformnic.id - network_security_group_id = azurerm_network_security_group.myterraformnsg.id + network_interface_id = azurerm_network_interface.my_terraform_nic.id + network_security_group_id = azurerm_network_security_group.my_terraform_nsg.id } # Generate random text for a unique storage account name -resource "random_id" "randomId" { +resource "random_id" "random_id" { keepers = { # Generate a new ID only when a new resource group is defined resource_group = azurerm_resource_group.rg.name @@ -81,8 +81,8 @@ resource "random_id" "randomId" { } # Create storage account for boot diagnostics -resource "azurerm_storage_account" "mystorageaccount" { - name = "diag${random_id.randomId.hex}" +resource "azurerm_storage_account" "my_storage_account" { + name = "diag${random_id.random_id.hex}" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name account_tier = "Standard" @@ -96,11 +96,11 @@ resource "tls_private_key" "example_ssh" { } # Create virtual machine -resource "azurerm_linux_virtual_machine" "myterraformvm" { +resource "azurerm_linux_virtual_machine" "my_terraform_vm" { name = "myVM" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name - network_interface_ids = [azurerm_network_interface.myterraformnic.id] + network_interface_ids = [azurerm_network_interface.my_terraform_nic.id] size = "Standard_DS1_v2" os_disk { @@ -126,6 +126,6 @@ resource "azurerm_linux_virtual_machine" "myterraformvm" { } boot_diagnostics { - storage_account_uri = azurerm_storage_account.mystorageaccount.primary_blob_endpoint + storage_account_uri = azurerm_storage_account.my_storage_account.primary_blob_endpoint } } \ No newline at end of file diff --git a/quickstart/101-vm-with-infrastructure/outputs.tf b/quickstart/101-vm-with-infrastructure/outputs.tf index 6a3a68b6..545f6482 100644 --- a/quickstart/101-vm-with-infrastructure/outputs.tf +++ b/quickstart/101-vm-with-infrastructure/outputs.tf @@ -3,7 +3,7 @@ output "resource_group_name" { } output "public_ip_address" { - value = azurerm_linux_virtual_machine.myterraformvm.public_ip_address + value = azurerm_linux_virtual_machine.my_terraform_vm.public_ip_address } output "tls_private_key" { From 03f800dbe4776ea3dfd8bac76e0a2f9fdc888a87 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Mon, 29 Aug 2022 18:19:05 -0700 Subject: [PATCH 21/21] Relaxing version constraint on tls provider --- quickstart/101-vm-with-infrastructure/providers.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickstart/101-vm-with-infrastructure/providers.tf b/quickstart/101-vm-with-infrastructure/providers.tf index 098cece6..0234a678 100644 --- a/quickstart/101-vm-with-infrastructure/providers.tf +++ b/quickstart/101-vm-with-infrastructure/providers.tf @@ -12,7 +12,7 @@ terraform { } tls = { source = "hashicorp/tls" - version = "4.0.1" + version = "~>4.0" } } }