Add sample for iothub with private link

2024-02-05 21:12:12 +00:00
parent 369cd83197
commit 8c845be0a2
6 changed files with 232 additions and 0 deletions
--- a/quickstart/201-private-link-iothub-builtin-endpoint/network.tf
+++ b/quickstart/201-private-link-iothub-builtin-endpoint/network.tf
@ -0,0 +1,90 @@
+resource "azurerm_virtual_network" "vnet" {
+  name                = "iothub-vnet-${random_string.suffix.result}"
+  address_space       = [var.vnet_address_space]
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+}
+
+resource "azurerm_subnet" "snet" {
+  name                 = "iothub-snet-${random_string.suffix.result}"
+  resource_group_name  = azurerm_resource_group.rg.name
+  virtual_network_name = azurerm_virtual_network.vnet.name
+  address_prefixes     = [var.iothub_subnet_address_space]
+}
+
+## Private DNS Zone
+resource "azurerm_private_dns_zone" "iothub" {
+  name                = "privatelink.azure-devices.net"
+  resource_group_name = azurerm_resource_group.rg.name
+}
+
+resource "azurerm_private_dns_zone" "eventhub" {
+  name                = "privatelink.servicebus.windows.net"
+  resource_group_name = azurerm_resource_group.rg.name
+}
+
+resource "azurerm_private_dns_zone" "dps" {
+  name                = "privatelink.azure-devices-provisioning.net"
+  resource_group_name = azurerm_resource_group.rg.name
+}
+
+resource "azurerm_private_dns_zone_virtual_network_link" "iothub" {
+  name                  = "vnet-link-iothub-${random_string.suffix.result}"
+  resource_group_name   = azurerm_resource_group.rg.name
+  private_dns_zone_name = azurerm_private_dns_zone.iothub.name
+  virtual_network_id    = azurerm_virtual_network.vnet.id
+}
+
+resource "azurerm_private_dns_zone_virtual_network_link" "eventhub" {
+  name                  = "vnet-link-eventhub-${random_string.suffix.result}"
+  resource_group_name   = azurerm_resource_group.rg.name
+  private_dns_zone_name = azurerm_private_dns_zone.eventhub.name
+  virtual_network_id    = azurerm_virtual_network.vnet.id
+}
+
+resource "azurerm_private_dns_zone_virtual_network_link" "dps" {
+  name                  = "vnet-link-dps-${random_string.suffix.result}"
+  resource_group_name   = azurerm_resource_group.rg.name
+  private_dns_zone_name = azurerm_private_dns_zone.dps.name
+  virtual_network_id    = azurerm_virtual_network.vnet.id
+}
+
+## Private Endpoint
+resource "azurerm_private_endpoint" "iothub" {
+  name                = "pep-iothub-${random_string.suffix.result}"
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+  subnet_id           = azurerm_subnet.snet.id
+
+  private_service_connection {
+    name                           = "psc-iothub-${random_string.suffix.result}"
+    private_connection_resource_id = azurerm_iothub.iothub.id
+    subresource_names              = ["iotHub"]
+    is_manual_connection           = false
+  }
+
+  private_dns_zone_group {
+    name                 = "privateDNSZoneGroup"
+    private_dns_zone_ids = [azurerm_private_dns_zone.iothub.id]
+  }
+
+}
+
+resource "azurerm_private_endpoint" "dps" {
+  name                = "pep-dps-${random_string.suffix.result}"
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+  subnet_id           = azurerm_subnet.snet.id
+
+  private_service_connection {
+    name                           = "psc-iothub-${random_string.suffix.result}"
+    private_connection_resource_id = azurerm_iothub_dps.dps.id
+    subresource_names              = ["iotDps"]
+    is_manual_connection           = false
+  }
+
+  private_dns_zone_group {
+    name                 = "privateDNSZoneGroup"
+    private_dns_zone_ids = [azurerm_private_dns_zone.dps.id]
+  }
+}