try to make 202-mlmsev testable

quickstart/202-machine-learning-moderately-secure-existing-VNet/compute.tf

@@ -3,7 +3,7 @@ resource "random_string" "ci_prefix" {
   length  = 8
   upper   = false
   special = false
-  number  = false
+  numeric = false
 }
 
 # Compute instance

quickstart/202-machine-learning-moderately-secure-existing-VNet/main.tf

@@ -4,11 +4,16 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "=2.78.0"
+      version = ">=2.78.0, <3.0"
     }
 
     azureml = {
-      source = "registry.terraform.io/Telemaco019/azureml"
+      source  = "registry.terraform.io/orobix/azureml"
+      version = "0.0.5"
+    }
+    random = {
+      source = "hashicorp/random"
+      version = "3.6.0"
     }
   }
 }

quickstart/202-machine-learning-moderately-secure-existing-VNet/prequisite/main.tf

@@ -0,0 +1,61 @@
+resource "random_string" "suffix" {
+  length  = 6
+  special = false
+  upper   = false
+}
+
+resource "azurerm_resource_group" "network" {
+  location = var.location
+  name     = "rg-202-mlmsev-network-${random_string.suffix.result}"
+}
+
+resource "azurerm_virtual_network" "vnet" {
+  address_space       = ["192.168.0.0/16"]
+  location            = azurerm_resource_group.network.location
+  name                = "202-mlmsev-vnet"
+  resource_group_name = azurerm_resource_group.network.name
+}
+
+locals {
+  subnet_names = [
+    "training",
+    "aks",
+    "ml",
+  ]
+}
+
+resource "azurerm_subnet" "subnet" {
+  count = length(local.subnet_names)
+
+  address_prefixes     = [cidrsubnet("192.168.0.0/16", 8, count.index)]
+  name                 = local.subnet_names[count.index]
+  resource_group_name  = azurerm_resource_group.network.name
+  virtual_network_name = azurerm_virtual_network.vnet.name
+}
+
+locals {
+  private_dns_names = toset([
+    "privatelink.api.azureml.ms",
+    "privatelink.azurecr.io",
+    "privatelink.notebooks.azure.net",
+    "privatelink.blob.core.windows.net",
+    "privatelink.file.core.windows.net",
+    "privatelink.vaultcore.azure.net",
+  ])
+}
+
+resource "azurerm_private_dns_zone" "private_dns_zone" {
+  for_each = local.private_dns_names
+
+  name                = each.value
+  resource_group_name = azurerm_resource_group.network.name
+}
+
+resource "azurerm_private_dns_zone_virtual_network_link" "link" {
+  for_each = local.private_dns_names
+
+  name                  = each.value
+  private_dns_zone_name = azurerm_private_dns_zone.private_dns_zone[each.value].name
+  resource_group_name   = azurerm_resource_group.network.name
+  virtual_network_id    = azurerm_virtual_network.vnet.id
+}

quickstart/202-machine-learning-moderately-secure-existing-VNet/prequisite/outputs.tf

@@ -0,0 +1,52 @@
+output "aks_subnet_name" {
+  description = "Name of the existing aks subnet"
+  value       = azurerm_subnet.subnet[index(local.subnet_names, "aks")].name
+}
+
+output "ml_subnet_name" {
+  description = "Name of the existing ML workspace subnet"
+  value       = azurerm_subnet.subnet[index(local.subnet_names, "ml")].name
+}
+
+output "privatelink_api_azureml_ms_resource_id" {
+  description = "Resource ID of the existing privatelink.api.azureml.ms private dns zone"
+  value       = azurerm_private_dns_zone.private_dns_zone["privatelink.api.azureml.ms"].id
+}
+
+output "privatelink_azurecr_io_resource_id" {
+  description = "Resource ID of the existing privatelink.azurecr.io private dns zone"
+  value       = azurerm_private_dns_zone.private_dns_zone["privatelink.azurecr.io"].id
+}
+
+output "privatelink_blob_core_windows_net_resource_id" {
+  description = "Resource ID of the existing privatelink.blob.core.windows.net private dns zone"
+  value       = azurerm_private_dns_zone.private_dns_zone["privatelink.blob.core.windows.net"].id
+}
+
+output "privatelink_file_core_windows_net_resource_id" {
+  description = "Resource ID of the existing privatelink.file.core.windows.net private dns zone"
+  value       = azurerm_private_dns_zone.private_dns_zone["privatelink.file.core.windows.net"].id
+}
+
+output "privatelink_notebooks_azure_net_resource_id" {
+  description = "Resource ID of the existing privatelink.notebooks.azure.net private dns zone"
+  value       = azurerm_private_dns_zone.private_dns_zone["privatelink.notebooks.azure.net"].id
+}
+
+output "privatelink_vaultcore_azure_net_resource_id" {
+  description = "Resource ID of the existing privatelink.vaultcore.azure.net private dns zone"
+  value       = azurerm_private_dns_zone.private_dns_zone["privatelink.vaultcore.azure.net"].id
+}
+
+output "training_subnet_name" {
+  description = "Name of the existing training subnet"
+  value       = azurerm_subnet.subnet[index(local.subnet_names, "training")].name
+}
+
+output vnet_name {
+  value = azurerm_virtual_network.vnet.name
+}
+
+output "resource_group_name" {
+  value = azurerm_resource_group.network.name
+}

quickstart/202-machine-learning-moderately-secure-existing-VNet/prequisite/variables.tf

@@ -0,0 +1,5 @@
+variable "location" {
+  type        = string
+  default     = "East US"
+  description = "Location of the resources"
+}

quickstart/202-machine-learning-moderately-secure-existing-VNet/prequisite/versions.tf

@@ -0,0 +1,18 @@
+terraform {
+  required_version = ">=1.0"
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = ">=2.78.0, <3.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "3.6.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+}

quickstart/202-machine-learning-moderately-secure-existing-VNet/terragrunt.hcl

@@ -0,0 +1,34 @@
+include "network" {
+  path = "../../quickstart-setup/202-machine-learning-moderately-secure-existing-VNet/terragrunt.hcl"
+}
+
+dependency "network" {
+  config_path = "../../quickstart-setup/202-machine-learning-moderately-secure-existing-VNet"
+  mock_outputs = {
+    vnet_name = "vnet"
+    resource_group_name = "rg"
+    training_subnet_name = "training"
+    aks_subnet_name = "aks"
+    ml_subnet_name = "ml"
+    privatelink_api_azureml_ms_resource_id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/privateDnsZones/zone1"
+    privatelink_azurecr_io_resource_id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/privateDnsZones/zone1"
+    privatelink_notebooks_azure_net_resource_id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/privateDnsZones/zone1"
+    privatelink_blob_core_windows_net_resource_id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/privateDnsZones/zone1"
+    privatelink_file_core_windows_net_resource_id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/privateDnsZones/zone1"
+    privatelink_vaultcore_azure_net_resource_id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Network/privateDnsZones/zone1"
+  }
+}
+
+inputs = {
+  vnet_name = dependency.network.outputs.vnet_name
+  vnet_resource_group_name = dependency.network.outputs.resource_group_name
+  training_subnet_name = dependency.network.outputs.training_subnet_name
+  aks_subnet_name = dependency.network.outputs.aks_subnet_name
+  ml_subnet_name = dependency.network.outputs.ml_subnet_name
+  privatelink_api_azureml_ms_resource_id = dependency.network.outputs.privatelink_api_azureml_ms_resource_id
+  privatelink_azurecr_io_resource_id = dependency.network.outputs.privatelink_azurecr_io_resource_id
+  privatelink_notebooks_azure_net_resource_id = dependency.network.outputs.privatelink_notebooks_azure_net_resource_id
+  privatelink_blob_core_windows_net_resource_id = dependency.network.outputs.privatelink_blob_core_windows_net_resource_id
+  privatelink_file_core_windows_net_resource_id = dependency.network.outputs.privatelink_file_core_windows_net_resource_id
+  privatelink_vaultcore_azure_net_resource_id = dependency.network.outputs.privatelink_vaultcore_azure_net_resource_id
+}

quickstart/202-machine-learning-moderately-secure-existing-VNet/variables.tf

@@ -1,6 +1,7 @@
 variable "name" {
   type        = string
   description = "Name of the deployment"
+  default     = "202mlmsev"
 }
 
 variable "environment" {

quickstart/202-machine-learning-moderately-secure-existing-VNet/workspace.tf

@@ -21,12 +21,12 @@ resource "azurerm_key_vault" "default" {
 }
 
 resource "azurerm_storage_account" "default" {
-  name                            = "st${var.name}${var.environment}"
-  location                        = azurerm_resource_group.default.location
-  resource_group_name             = azurerm_resource_group.default.name
-  account_tier                    = "Standard"
-  account_replication_type        = "GRS"
-  allow_nested_items_to_be_public = false
+  name                     = "st${var.name}${var.environment}"
+  location                 = azurerm_resource_group.default.location
+  resource_group_name      = azurerm_resource_group.default.name
+  account_tier             = "Standard"
+  account_replication_type = "GRS"
+  allow_blob_public_access = false
 
   network_rules {
     default_action = "Deny"
@@ -150,7 +150,7 @@ resource "azurerm_private_endpoint" "mlw_ple" {
   subnet_id           = data.azurerm_subnet.ml.id
 
   private_dns_zone_group {
-    name = "private-dns-zone-group"
+    name                 = "private-dns-zone-group"
     private_dns_zone_ids = [
       var.privatelink_api_azureml_ms_resource_id,
       var.privatelink_notebooks_azure_net_resource_id