Tips-Of-Mine/terraform-azure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove 301-service-fabric since the image it used is no longer available

Browse Source
This commit is contained in:
zjhe
2024-01-04 19:11:56 +08:00
parent 3eeb5995c6
commit 71ca0858d3
9 changed files with 0 additions and 2478 deletions
Download Patch File Download Diff File Expand all files Collapse all files

174
quickstart/301-service-fabric/keyvault.tf
View File

@ -1,174 +0,0 @@
resource "random_string" "kv_name_prefix" {
length = 21
special = false
numeric = false
}
resource "azurerm_key_vault" "cluster" {
name = "${random_string.kv_name_prefix.result}-kv"
location = azurerm_resource_group.default.location
resource_group_name = azurerm_resource_group.default.name
tenant_id = data.azurerm_client_config.current.tenant_id
enabled_for_deployment = true
enabled_for_disk_encryption = true
enabled_for_template_deployment = true
sku_name = "standard"
access_policy {
tenant_id = data.azurerm_subscription.current.tenant_id
object_id = var.client_object_id
certificate_permissions = [
"Create",
"Delete",
"DeleteIssuers",
"Get",
"GetIssuers",
"Import",
"List",
"ListIssuers",
"ManageContacts",
"ManageIssuers",
"SetIssuers",
"Update",
]
key_permissions = [
"Backup",
"Create",
"Decrypt",
"Delete",
"Encrypt",
"Get",
"Import",
"List",
"Purge",
"Recover",
"Restore",
"Sign",
"UnwrapKey",
"Update",
"Verify",
"WrapKey",
]
secret_permissions = [
"Backup",
"Delete",
"Get",
"List",
"Purge",
"Recover",
"Restore",
"Set",
]
}
}
resource "azurerm_key_vault_certificate" "cluster" {
name = "service-fabric-cluster"
key_vault_id = azurerm_key_vault.cluster.id
certificate_policy {
issuer_parameters {
name = "Self"
}
key_properties {
exportable = true
key_size = 2048
key_type = "RSA"
reuse_key = true
}
lifetime_action {
action {
action_type = "AutoRenew"
}
trigger {
days_before_expiry = 30
}
}
secret_properties {
content_type = "application/x-pkcs12"
}
x509_certificate_properties {
# Server Authentication = 1.3.6.1.5.5.7.3.1
# Client Authentication = 1.3.6.1.5.5.7.3.2
extended_key_usage = ["1.3.6.1.5.5.7.3.1"]
key_usage = [
"cRLSign",
"dataEncipherment",
"digitalSignature",
"keyAgreement",
"keyCertSign",
"keyEncipherment",
]
subject_alternative_names {
dns_names = ["sfdemosandbox.denvermtc.net"]
}
subject = "CN=mtcdenver"
validity_in_months = 12
}
}
}
resource "azurerm_key_vault_certificate" "client" {
name = "service-fabric-client"
key_vault_id = azurerm_key_vault.cluster.id
certificate_policy {
issuer_parameters {
name = "Self"
}
key_properties {
exportable = true
key_size = 2048
key_type = "RSA"
reuse_key = true
}
lifetime_action {
action {
action_type = "AutoRenew"
}
trigger {
days_before_expiry = 30
}
}
secret_properties {
content_type = "application/x-pkcs12"
}
x509_certificate_properties {
# Server Authentication = 1.3.6.1.5.5.7.3.1
# Client Authentication = 1.3.6.1.5.5.7.3.2
extended_key_usage = ["1.3.6.1.5.5.7.3.1"]
key_usage = [
"cRLSign",
"dataEncipherment",
"digitalSignature",
"keyAgreement",
"keyCertSign",
"keyEncipherment",
]
subject_alternative_names {
dns_names = ["sfdemosandbox.denvermtc.net"]
}
subject = "CN=mtcdenver"
validity_in_months = 12
}
}
}