Merge pull request #5 from ryhud/ryhud-301

Ryhud 301
2021-11-12 16:23:58 -05:00 · 2021-11-12 16:23:58 -05:00 · 7aa93d44bc
commit 7aa93d44bc
parent 3de3a1242f 91b12bb8b9
9 changed files with 256 additions and 256 deletions
--- a/quickstart/101-machine-learning/main.tf
+++ b/quickstart/101-machine-learning/main.tf
@ -1,5 +1,5 @@
 terraform {
-  required_version = ">=0.15.0"
+  required_version = ">=1.0"
  required_providers {
    azurerm = {
--- a/quickstart/201-machine-learning-moderately-secure/main.tf
+++ b/quickstart/201-machine-learning-moderately-secure/main.tf
@ -1,5 +1,5 @@
 terraform {
-  required_version = ">=0.15.0"
+  required_version = ">=1.0"
  required_providers {
    azurerm = {
--- a/quickstart/202-machine-learning-moderately-secure-existing-VNet/main.tf
+++ b/quickstart/202-machine-learning-moderately-secure-existing-VNet/main.tf
@ -1,5 +1,5 @@
 terraform {
-  required_version = ">=0.15.0"
+  required_version = ">=1.0"
  required_providers {
    azurerm = {
--- a/quickstart/301-machine-learning-hub-spoke-secure/azure-firewall.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/azure-firewall.tf
@ -27,11 +27,11 @@ resource "azurerm_ip_group" "ip_group_dsvm_subnet" {
 }
 resource "azurerm_public_ip" "azure_firewall" {
-    name                        = "pip-azfw"
+  name                = "pip-azfw"
-    location                    = azurerm_resource_group.default.location
+  location            = azurerm_resource_group.default.location
-    resource_group_name         = azurerm_resource_group.hub_rg.name
+  resource_group_name = azurerm_resource_group.hub_rg.name
-    allocation_method           = "Static"
+  allocation_method   = "Static"
-    sku                         = "Standard"
+  sku                 = "Standard"
 }
 resource "azurerm_firewall_policy" "base_policy" {
@ -44,32 +44,32 @@ resource "azurerm_firewall_policy" "base_policy" {
 }
 resource "azurerm_firewall" "azure_firewall_instance" {
-    name                        = "afw-${var.name}-${var.environment}"
+  name                = "afw-${var.name}-${var.environment}"
-    location                    = azurerm_resource_group.default.location
+  location            = azurerm_resource_group.default.location
-    resource_group_name         = azurerm_resource_group.hub_rg.name
+  resource_group_name = azurerm_resource_group.hub_rg.name
-    firewall_policy_id          = azurerm_firewall_policy.base_policy.id   
+  firewall_policy_id  = azurerm_firewall_policy.base_policy.id
-    ip_configuration {
+  ip_configuration {
-        name                    = "configuration"
+    name                 = "configuration"
-        subnet_id               = azurerm_subnet.azure_firewall.id 
+    subnet_id            = azurerm_subnet.azure_firewall.id
-        public_ip_address_id    = azurerm_public_ip.azure_firewall.id
+    public_ip_address_id = azurerm_public_ip.azure_firewall.id
-    }
+  }
-    timeouts {
+  timeouts {
-      create = "60m"
+    create = "60m"
-      delete = "2h"
+    delete = "2h"
  }
  depends_on = [
    azurerm_public_ip.azure_firewall,
    azurerm_subnet.azure_firewall,
    azurerm_firewall_policy_rule_collection_group.azure_firewall_rules_collection
-    ]
+  ]
 }
 resource "azurerm_monitor_diagnostic_setting" "azure_firewall_instance" {
-  name                        = "diagnostics-${var.name}-${var.environment}-${random_string.fw_diag_prefix.result}"
+  name                       = "diagnostics-${var.name}-${var.environment}-${random_string.fw_diag_prefix.result}"
-  target_resource_id          = azurerm_firewall.azure_firewall_instance.id
+  target_resource_id         = azurerm_firewall.azure_firewall_instance.id
-  log_analytics_workspace_id  = azurerm_log_analytics_workspace.default.id
+  log_analytics_workspace_id = azurerm_log_analytics_workspace.default.id
  log {
    category = "AzureFirewallApplicationRule"
@ -112,7 +112,7 @@ resource "azurerm_firewall_policy_rule_collection_group" "azure_firewall_rules_c
  firewall_policy_id = azurerm_firewall_policy.base_policy.id
  priority           = 100
-application_rule_collection {
+  application_rule_collection {
    name     = "afwp-base-app-rule-collection"
    priority = 200
    action   = "Allow"
@ -125,9 +125,9 @@ application_rule_collection {
      }
      protocols {
        type = "Http"
-        port= 80
+        port = 80
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_dsvm_subnet.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_dsvm_subnet.id]
      destination_fqdns = ["*"]
    }
@ -137,7 +137,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups      = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdn_tags = ["AzureKubernetesService"]
    }
@ -147,8 +147,8 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
-      destination_fqdns = ["api.snapcraft.io","motd.ubuntu.com",]
+      destination_fqdns = ["api.snapcraft.io", "motd.ubuntu.com", ]
    }
    rule {
@ -159,9 +159,9 @@ application_rule_collection {
      }
      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["crl.microsoft.com",
-                          "mscrl.microsoft.com",  
+        "mscrl.microsoft.com",
-                          "crl3.digicert.com",
+        "crl3.digicert.com",
-                          "ocsp.digicert.com"]
+      "ocsp.digicert.com"]
    }
    rule {
@ -170,7 +170,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["github.com"]
    }
@ -184,7 +184,7 @@ application_rule_collection {
        type = "Http"
        port = 80
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["raw.githubusercontent.com"]
    }
@ -194,7 +194,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["*.prod.microsoftmetrics.com"]
    }
@ -206,9 +206,9 @@ application_rule_collection {
      }
      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["acs-mirror.azureedge.net",
-                           "*.docker.io",
+        "*.docker.io",
-                           "production.cloudflare.docker.com",
+        "production.cloudflare.docker.com",
-                          "*.azurecr.io"]
+      "*.azurecr.io"]
    }
    rule {
@ -217,11 +217,11 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["login.microsoftonline.com"]
    }
-        rule {
+    rule {
      name = "graph.windows.net"
      protocols {
        type = "Http"
@ -231,7 +231,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["graph.windows.net"]
    }
@ -245,7 +245,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["anaconda.com", "*.anaconda.com"]
    }
@ -259,7 +259,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["*.anaconda.org"]
    }
@ -273,7 +273,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["pypi.org"]
    }
@ -287,7 +287,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["cloud.r-project.org"]
    }
@ -301,7 +301,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["*pytorch.org"]
    }
@ -315,7 +315,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["*.tensorflow.org"]
    }
@ -329,7 +329,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["update.code.visualstudio.com", "*.vo.msecnd.net"]
    }
@ -343,7 +343,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["dc.applicationinsights.azure.com"]
    }
@ -357,7 +357,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["dc.applicationinsights.microsoft.com"]
    }
@ -371,7 +371,7 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["dc.services.visualstudio.com"]
    }
@ -385,12 +385,12 @@ application_rule_collection {
        type = "Https"
        port = 443
      }
-      source_ip_groups = [azurerm_ip_group.ip_group_spoke.id]      
+      source_ip_groups  = [azurerm_ip_group.ip_group_spoke.id]
      destination_fqdns = ["*.instances.azureml.net", "*.instances.azureml.ms"]
    }
  }
- network_rule_collection {
+  network_rule_collection {
    name     = "afwp-base-network-rule-collection"
    priority = 100
    action   = "Allow"
@ -398,12 +398,12 @@ application_rule_collection {
    rule {
      name                  = "hub-to-spoke-rule"
      protocols             = ["Any"]
-      source_ip_groups      = [azurerm_ip_group.ip_group_spoke.id,azurerm_ip_group.ip_group_hub.id]   
+      source_ip_groups      = [azurerm_ip_group.ip_group_spoke.id, azurerm_ip_group.ip_group_hub.id]
-      destination_ip_groups = [azurerm_ip_group.ip_group_hub.id,azurerm_ip_group.ip_group_spoke.id]
+      destination_ip_groups = [azurerm_ip_group.ip_group_hub.id, azurerm_ip_group.ip_group_spoke.id]
      destination_ports     = ["*"]
    }
-     rule {
+    rule {
      name                  = "aks-global-network-rule"
      protocols             = ["TCP"]
      source_ip_groups      = [azurerm_ip_group.ip_group_spoke.id]
@ -455,7 +455,7 @@ application_rule_collection {
      name                  = "Azure-Front-Door-Frontend"
      protocols             = ["TCP"]
      source_ip_groups      = [azurerm_ip_group.ip_group_spoke.id]
-      destination_addresses = ["AzureFrontDoor.Frontend","AzureFrontDoor.FirstParty"]
+      destination_addresses = ["AzureFrontDoor.Frontend", "AzureFrontDoor.FirstParty"]
      destination_ports     = ["443"]
    }
@ -482,9 +482,9 @@ application_rule_collection {
      destination_addresses = ["MicrosoftContainerRegistry"]
      destination_ports     = ["443"]
    }
- }
+  }
- depends_on = [
+  depends_on = [
-   azurerm_ip_group.ip_group_hub,
+    azurerm_ip_group.ip_group_hub,
-   azurerm_ip_group.ip_group_spoke
+    azurerm_ip_group.ip_group_spoke
- ]
+  ]
 }
--- a/quickstart/301-machine-learning-hub-spoke-secure/bastion.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/bastion.tf
@ -1,104 +1,104 @@
 resource "azurerm_public_ip" "azure_bastion" {
-    name                        = "pip-azure-bastion"
+  name                = "pip-azure-bastion"
-    location                    = azurerm_resource_group.default.location
+  location            = azurerm_resource_group.default.location
-    resource_group_name         = azurerm_resource_group.hub_rg.name
+  resource_group_name = azurerm_resource_group.hub_rg.name
-    allocation_method           = "Static"
+  allocation_method   = "Static"
-    sku                         = "Standard" 
+  sku                 = "Standard"
 }
 resource "azurerm_network_security_group" "bastion_nsg" {
-    name                        = "nsg-bastion"
+  name                = "nsg-bastion"
-    location                    = azurerm_resource_group.default.location
+  location            = azurerm_resource_group.default.location
-    resource_group_name         = azurerm_resource_group.hub_rg.name
+  resource_group_name = azurerm_resource_group.hub_rg.name
-    security_rule {      
+  security_rule {
-      name                        = "AllowHTTPSInbound"
+    name                       = "AllowHTTPSInbound"
-      priority                    = 100
+    priority                   = 100
-      direction                   = "Inbound"
+    direction                  = "Inbound"
-      access                      = "Allow"
+    access                     = "Allow"
-      protocol                    = "Tcp"
+    protocol                   = "Tcp"
-      source_port_range           = "*"
+    source_port_range          = "*"
-      destination_port_range      = "443"
+    destination_port_range     = "443"
-      source_address_prefix       = "Internet"
+    source_address_prefix      = "Internet"
-      destination_address_prefix  = "*"
+    destination_address_prefix = "*"
-    }
+  }
-    security_rule {
+  security_rule {
-      name                        = "AllowGatewayManagerInbound"
+    name                       = "AllowGatewayManagerInbound"
-      priority                    = 200
+    priority                   = 200
-      direction                   = "Inbound"
+    direction                  = "Inbound"
-      access                      = "Allow"
+    access                     = "Allow"
-      protocol                    = "Tcp"
+    protocol                   = "Tcp"
-      source_port_range           = "*"
+    source_port_range          = "*"
-      destination_port_range      = "443"
+    destination_port_range     = "443"
-      source_address_prefix       = "GatewayManager"
+    source_address_prefix      = "GatewayManager"
-      destination_address_prefix  = "*"
+    destination_address_prefix = "*"
-    }
+  }
-    security_rule {
+  security_rule {
-      name                        = "AllowAzureLBInbound"
+    name                       = "AllowAzureLBInbound"
-      priority                    = 300
+    priority                   = 300
-      direction                   = "Inbound"
+    direction                  = "Inbound"
-      access                      = "Allow"
+    access                     = "Allow"
-      protocol                    = "Tcp"
+    protocol                   = "Tcp"
-      source_port_range           = "*"
+    source_port_range          = "*"
-      destination_port_range      = "443"
+    destination_port_range     = "443"
-      source_address_prefix       = "AzureLoadBalancer"
+    source_address_prefix      = "AzureLoadBalancer"
-      destination_address_prefix  = "*"
+    destination_address_prefix = "*"
-    }
+  }
-    security_rule {
+  security_rule {
-      name                        = "AllowBastionHostCommunication"
+    name                       = "AllowBastionHostCommunication"
-      priority                    = 400
+    priority                   = 400
-      direction                   = "Inbound"
+    direction                  = "Inbound"
-      access                      = "Allow"
+    access                     = "Allow"
-      protocol                    = "*"
+    protocol                   = "*"
-      source_port_range           = "*"
+    source_port_range          = "*"
-      destination_port_ranges      = ["5701","8080"]
+    destination_port_ranges    = ["5701", "8080"]
-      source_address_prefix       = "VirtualNetwork"
+    source_address_prefix      = "VirtualNetwork"
-      destination_address_prefix  = "VirtualNetwork"
+    destination_address_prefix = "VirtualNetwork"
-    }
+  }
-    security_rule {
+  security_rule {
-      name                        = "AllowRdpSshOutbound"
+    name                       = "AllowRdpSshOutbound"
-      priority                    = 100
+    priority                   = 100
-      direction                   = "Outbound"
+    direction                  = "Outbound"
-      access                      = "Allow"
+    access                     = "Allow"
-      protocol                    = "Tcp"
+    protocol                   = "Tcp"
-      source_port_range           = "*"
+    source_port_range          = "*"
-      destination_port_ranges      = ["22", "3389"]
+    destination_port_ranges    = ["22", "3389"]
-      source_address_prefix       = "*"
+    source_address_prefix      = "*"
-      destination_address_prefix  = "VirtualNetwork"
+    destination_address_prefix = "VirtualNetwork"
-    }
+  }
-      security_rule {
+  security_rule {
-      name                        = "AllowBastionHostCommunicationOutbound"
+    name                       = "AllowBastionHostCommunicationOutbound"
-      priority                    = 110
+    priority                   = 110
-      direction                   = "Outbound"
+    direction                  = "Outbound"
-      access                      = "Allow"
+    access                     = "Allow"
-      protocol                    = "Tcp"
+    protocol                   = "Tcp"
-      source_port_range           = "*"
+    source_port_range          = "*"
-      destination_port_ranges      = ["5701", "8080"]
+    destination_port_ranges    = ["5701", "8080"]
-      source_address_prefix       = "VirtualNetwork"
+    source_address_prefix      = "VirtualNetwork"
-      destination_address_prefix  = "VirtualNetwork"
+    destination_address_prefix = "VirtualNetwork"
  }
  security_rule {
    name                       = "AllowAzureCloudOutbound"
    priority                   = 120
    direction                  = "Outbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_ranges    = ["443"]
    source_address_prefix      = "*"
    destination_address_prefix = "AzureCloud"
  }
  security_rule {
    name                       = "AllowGetSessionInformation"
    priority                   = 130
    direction                  = "Outbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_ranges    = ["80"]
    source_address_prefix      = "*"
    destination_address_prefix = "Internet"
  }
    security_rule {
      name                        = "AllowAzureCloudOutbound"
      priority                    = 120
      direction                   = "Outbound"
      access                      = "Allow"
      protocol                    = "Tcp"
      source_port_range           = "*"
      destination_port_ranges      = ["443"]
      source_address_prefix       = "*"
      destination_address_prefix  = "AzureCloud"
    }
    security_rule {
      name                        = "AllowGetSessionInformation"
      priority                    = 130
      direction                   = "Outbound"
      access                      = "Allow"
      protocol                    = "Tcp"
      source_port_range           = "*"
      destination_port_ranges      = ["80"]
      source_address_prefix       = "*"
      destination_address_prefix  = "Internet"
 }
 }
@ -108,19 +108,19 @@ resource "azurerm_subnet_network_security_group_association" "bastion_nsg_assoc"
  depends_on = [
    azurerm_bastion_host.azure_bastion_instance,
    azurerm_subnet_network_security_group_association.jumphost_nsg_assoc
-    ]
+  ]
 }
 resource "azurerm_bastion_host" "azure_bastion_instance" {
-    name                        = "bas-${var.name}-${var.environment}"
+  name                = "bas-${var.name}-${var.environment}"
-    location                    = azurerm_resource_group.default.location
+  location            = azurerm_resource_group.default.location
-    resource_group_name         = azurerm_resource_group.hub_rg.name
+  resource_group_name = azurerm_resource_group.hub_rg.name
-    ip_configuration { 
+  ip_configuration {
-        name                    = "configuration"
+    name                 = "configuration"
-        subnet_id               = azurerm_subnet.azure_bastion.id
+    subnet_id            = azurerm_subnet.azure_bastion.id
-        public_ip_address_id    = azurerm_public_ip.azure_bastion.id 
+    public_ip_address_id = azurerm_public_ip.azure_bastion.id
-    }
+  }
 }
--- a/quickstart/301-machine-learning-hub-spoke-secure/dsvm.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/dsvm.tf
@ -1,23 +1,23 @@
 resource "azurerm_network_interface" "dsvm" {
-    name                              = "nic-${var.dsvm_name}"
+  name                = "nic-${var.dsvm_name}"
-    location                          = azurerm_resource_group.default.location
+  location            = azurerm_resource_group.default.location
-    resource_group_name               = azurerm_resource_group.default.name
+  resource_group_name = azurerm_resource_group.default.name
-    ip_configuration { 
+  ip_configuration {
-        name                          = "configuration"
+    name                          = "configuration"
-        subnet_id                     = azurerm_subnet.snet-jumphost.id 
+    subnet_id                     = azurerm_subnet.snet-jumphost.id
-        private_ip_address_allocation = "Dynamic"        
+    private_ip_address_allocation = "Dynamic"
-    }    
+  }
 }
 resource "azurerm_windows_virtual_machine" "dsvm" {
-  name                  = var.dsvm_name
+  name                = var.dsvm_name
-  location              = azurerm_resource_group.default.location
+  location            = azurerm_resource_group.default.location
-  resource_group_name   = azurerm_resource_group.default.name
+  resource_group_name = azurerm_resource_group.default.name
  network_interface_ids = [
-        azurerm_network_interface.dsvm.id
+    azurerm_network_interface.dsvm.id
-    ]
+  ]
-  size               = "Standard_DS3_v2"
+  size = "Standard_DS3_v2"
  source_image_reference {
    publisher = "microsoft-dsvm"
@ -27,22 +27,22 @@ resource "azurerm_windows_virtual_machine" "dsvm" {
  }
  os_disk {
-    name              = "osdisk-${var.dsvm_name}"
+    name                 = "osdisk-${var.dsvm_name}"
-    caching           = "ReadWrite"  
+    caching              = "ReadWrite"
    storage_account_type = "Premium_LRS"
  }
  identity {
    type = "SystemAssigned"
  }
-  computer_name      = var.dsvm_name
+  computer_name  = var.dsvm_name
-  admin_username     = var.dsvm_admin_username
+  admin_username = var.dsvm_admin_username
-  admin_password     = var.dsvm_host_password
+  admin_password = var.dsvm_host_password
  provision_vm_agent = true
  timeouts {
-      create = "60m"
+    create = "60m"
-      delete = "2h"
+    delete = "2h"
  }
 }
--- a/quickstart/301-machine-learning-hub-spoke-secure/main.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/main.tf
@ -1,5 +1,5 @@
 terraform {
-  required_version = ">=0.15.0"
+  required_version = ">=1.0"
  required_providers {
    azurerm = {
--- a/quickstart/301-machine-learning-hub-spoke-secure/network-hub.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/network-hub.tf
@ -8,26 +8,26 @@ resource "azurerm_virtual_network" "hub" {
 }
 resource "azurerm_subnet" "snet-jumphost" {
-  name                          = "snet-jumphost"
+  name                 = "snet-jumphost"
-  resource_group_name           = azurerm_resource_group.hub_rg.name
+  resource_group_name  = azurerm_resource_group.hub_rg.name
-  virtual_network_name          = azurerm_virtual_network.hub.name
+  virtual_network_name = azurerm_virtual_network.hub.name
-  address_prefixes              = var.jumphost_subnet_address_space
+  address_prefixes     = var.jumphost_subnet_address_space
 }
 resource "azurerm_subnet" "azure_bastion" {
-    name                        = "AzureBastionSubnet"
+  name                 = "AzureBastionSubnet"
-    resource_group_name         = azurerm_resource_group.hub_rg.name
+  resource_group_name  = azurerm_resource_group.hub_rg.name
-    virtual_network_name        = azurerm_virtual_network.hub.name
+  virtual_network_name = azurerm_virtual_network.hub.name
-    address_prefixes            = var.bastion_subnet_address_space
+  address_prefixes     = var.bastion_subnet_address_space
 }
 resource "azurerm_subnet" "azure_firewall" {
-    name                        = "AzureFirewallSubnet"
+  name                 = "AzureFirewallSubnet"
-    resource_group_name         = azurerm_resource_group.hub_rg.name
+  resource_group_name  = azurerm_resource_group.hub_rg.name
-    virtual_network_name        = azurerm_virtual_network.hub.name
+  virtual_network_name = azurerm_virtual_network.hub.name
-    address_prefixes            = var.firewall_subnet_address_space
+  address_prefixes     = var.firewall_subnet_address_space
 }
@ -141,9 +141,9 @@ resource "azurerm_private_dns_zone_virtual_network_link" "vnetlinknbs" {
 # NSG for jump_host Subnet
 resource "azurerm_network_security_group" "jump_host" {
-    name                        = "nsg-jumphost-subnet"
+  name                = "nsg-jumphost-subnet"
-    location                    = azurerm_resource_group.hub_rg.location
+  location            = azurerm_resource_group.hub_rg.location
-    resource_group_name         = azurerm_resource_group.hub_rg.name
+  resource_group_name = azurerm_resource_group.hub_rg.name
 }
 resource "azurerm_subnet_network_security_group_association" "jumphost_nsg_assoc" {
@ -162,11 +162,11 @@ resource "azurerm_route_table" "jumphost_rt" {
 }
 resource "azurerm_route" "jumphost-fw-route" {
-  name                = "udr-Default"
+  name                   = "udr-Default"
-  resource_group_name = azurerm_resource_group.default.name
+  resource_group_name    = azurerm_resource_group.default.name
-  route_table_name    = azurerm_route_table.jumphost_rt.name
+  route_table_name       = azurerm_route_table.jumphost_rt.name
-  address_prefix      = "0.0.0.0/0"
+  address_prefix         = "0.0.0.0/0"
-  next_hop_type       = "VirtualAppliance"
+  next_hop_type          = "VirtualAppliance"
  next_hop_in_ip_address = azurerm_firewall.azure_firewall_instance.ip_configuration[0].private_ip_address
 }
--- a/quickstart/301-machine-learning-hub-spoke-secure/network-spoke.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/network-spoke.tf
@ -93,11 +93,11 @@ resource "azurerm_route_table" "rt-training" {
 }
 resource "azurerm_route" "training-Internet-Route" {
-  name                = "udr-Default"
+  name                   = "udr-Default"
-  resource_group_name = azurerm_resource_group.default.name
+  resource_group_name    = azurerm_resource_group.default.name
-  route_table_name    = azurerm_route_table.rt-training.name
+  route_table_name       = azurerm_route_table.rt-training.name
-  address_prefix      = "0.0.0.0/0"
+  address_prefix         = "0.0.0.0/0"
-  next_hop_type       = "VirtualAppliance"
+  next_hop_type          = "VirtualAppliance"
  next_hop_in_ip_address = azurerm_firewall.azure_firewall_instance.ip_configuration[0].private_ip_address
 }
@ -130,11 +130,11 @@ resource "azurerm_route_table" "rt-aks" {
 }
 resource "azurerm_route" "aks-default-Route" {
-  name                = "udr-Default"
+  name                   = "udr-Default"
-  resource_group_name = azurerm_resource_group.default.name
+  resource_group_name    = azurerm_resource_group.default.name
-  route_table_name    = azurerm_route_table.rt-aks.name
+  route_table_name       = azurerm_route_table.rt-aks.name
-  address_prefix      = "0.0.0.0/0"
+  address_prefix         = "0.0.0.0/0"
-  next_hop_type       = "VirtualAppliance"
+  next_hop_type          = "VirtualAppliance"
  next_hop_in_ip_address = azurerm_firewall.azure_firewall_instance.ip_configuration[0].private_ip_address
 }