From a4ae7b817c1a68690658caf9bfc260e665d046a0 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sat, 25 Mar 2023 11:12:55 -0700 Subject: [PATCH 1/3] New sample (converted from Bicep via OpenAI) --- quickstart/101-ddos-protection-plan/main.tf | 44 +++++++++++++++++++ .../101-ddos-protection-plan/outputs.tf | 11 +++++ .../101-ddos-protection-plan/providers.tf | 16 +++++++ quickstart/101-ddos-protection-plan/readme.md | 27 ++++++++++++ .../101-ddos-protection-plan/variables.tf | 41 +++++++++++++++++ 5 files changed, 139 insertions(+) create mode 100644 quickstart/101-ddos-protection-plan/main.tf create mode 100644 quickstart/101-ddos-protection-plan/outputs.tf create mode 100644 quickstart/101-ddos-protection-plan/providers.tf create mode 100644 quickstart/101-ddos-protection-plan/readme.md create mode 100644 quickstart/101-ddos-protection-plan/variables.tf diff --git a/quickstart/101-ddos-protection-plan/main.tf b/quickstart/101-ddos-protection-plan/main.tf new file mode 100644 index 00000000..facff4e7 --- /dev/null +++ b/quickstart/101-ddos-protection-plan/main.tf @@ -0,0 +1,44 @@ +resource "random_pet" "rg_name" { + prefix = var.resource_group_name_prefix +} + +resource "azurerm_resource_group" "rg" { + name = random_pet.rg_name.id + location = var.resource_group_location +} + +resource "random_string" "ddos_protection_plan_name" { + length = 13 + upper = false + numeric = false + special = false +} + +resource "azurerm_network_ddos_protection_plan" "ddos" { + name = random_string.ddos_protection_plan_name.result + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location +} + +resource "random_string" "virtual_network_name" { + length = 13 + upper = false + numeric = false + special = false +} + +resource "azurerm_virtual_network" "vnet" { + name = random_string.virtual_network_name.result + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location + address_space = [var.vnet_address_prefix] + + subnet { + name = "default" + address_prefix = var.subnet_prefix + } + ddos_protection_plan { + id = azurerm_network_ddos_protection_plan.ddos.id + enable = var.ddos_protection_plan_enabled + } +} \ No newline at end of file diff --git a/quickstart/101-ddos-protection-plan/outputs.tf b/quickstart/101-ddos-protection-plan/outputs.tf new file mode 100644 index 00000000..55696ea9 --- /dev/null +++ b/quickstart/101-ddos-protection-plan/outputs.tf @@ -0,0 +1,11 @@ +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} + +output "ddos_protection_plan_name" { + value = azurerm_network_ddos_protection_plan.ddos.name +} + +output "virtual_network_name" { + value = azurerm_virtual_network.vnet.name +} \ No newline at end of file diff --git a/quickstart/101-ddos-protection-plan/providers.tf b/quickstart/101-ddos-protection-plan/providers.tf new file mode 100644 index 00000000..4fd5f6ba --- /dev/null +++ b/quickstart/101-ddos-protection-plan/providers.tf @@ -0,0 +1,16 @@ +terraform { + required_version = ">=1.0" + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>3.0" + } + random = { + source = "hashicorp/random" + version = "~>3.0" + } + } +} +provider "azurerm" { + features {} +} \ No newline at end of file diff --git a/quickstart/101-ddos-protection-plan/readme.md b/quickstart/101-ddos-protection-plan/readme.md new file mode 100644 index 00000000..5080bef8 --- /dev/null +++ b/quickstart/101-ddos-protection-plan/readme.md @@ -0,0 +1,27 @@ +# Azure DDoS protection plan and virtual network + +This template creates an Azure DDoS protection plan and a virtual network. + +## Terraform resource types + +- [random_pet](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) +- [azurerm_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) +- [random_string](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) +- [azurerm_network_ddos_protection_plan](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_ddos_protection_plan) +- [azurerm_virtual_network](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) + +## Variables + +| Name | Description | Default | +|-|-|-| +| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | +| `resource_group_location` | Location of the resource group. | eastus | +| `ddos_protection_plan_name` | Specify a DDoS protection plan name. | null | +| `virtual_network_name` | Specify a DDoS virtual network name. | null | +| `vnet_address_prefix` | Specify the virtual network address prefix | 172.17.0.0/16 | +| `subnet_prefix` | Specify the virtual network subnet prefix | 172.17.0.0/24 | +| `ddos_protection_plan_enabled` | Enable DDoS protection plan. | true | + +## Example + +To see how to run this example, see [Create an Azure DDoS protection plan and virtual network using Terraform](https://docs.microsoft.com/azure/developer/terraform/create-ddos-protection-plan-and-virtual-network). \ No newline at end of file diff --git a/quickstart/101-ddos-protection-plan/variables.tf b/quickstart/101-ddos-protection-plan/variables.tf new file mode 100644 index 00000000..5d1e5855 --- /dev/null +++ b/quickstart/101-ddos-protection-plan/variables.tf @@ -0,0 +1,41 @@ +variable "resource_group_location" { + type = string + description = "Location for all resources." + default = "eastus" +} + +variable "resource_group_name_prefix" { + type = string + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." + default = "rg" +} + +variable "ddos_protection_plan_name" { + type = string + description = "Specify a DDoS protection plan name." + default = null +} + +variable "virtual_network_name" { + type = string + description = "Specify a DDoS virtual network name." + default = null +} + +variable "vnet_address_prefix" { + type = string + description = "Specify the virtual network address prefix" + default = "172.17.0.0/16" +} + +variable "subnet_prefix" { + type = string + description = "Specify the virtual network subnet prefix" + default = "172.17.0.0/24" +} + +variable "ddos_protection_plan_enabled" { + type = bool + description = "Enable DDoS protection plan." + default = true +} \ No newline at end of file From 30f1682c74bdd815bcdedb41c7ad5f1d37c7a485 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Sat, 25 Mar 2023 16:10:16 -0700 Subject: [PATCH 2/3] Fixes --- quickstart/101-ddos-protection-plan/main.tf | 4 ++-- quickstart/101-ddos-protection-plan/readme.md | 2 +- quickstart/101-ddos-protection-plan/variables.tf | 12 ------------ 3 files changed, 3 insertions(+), 15 deletions(-) diff --git a/quickstart/101-ddos-protection-plan/main.tf b/quickstart/101-ddos-protection-plan/main.tf index facff4e7..84bf81db 100644 --- a/quickstart/101-ddos-protection-plan/main.tf +++ b/quickstart/101-ddos-protection-plan/main.tf @@ -7,7 +7,7 @@ resource "azurerm_resource_group" "rg" { location = var.resource_group_location } -resource "random_string" "ddos_protection_plan_name" { +resource "random_string" "ddos_protection_plan" { length = 13 upper = false numeric = false @@ -15,7 +15,7 @@ resource "random_string" "ddos_protection_plan_name" { } resource "azurerm_network_ddos_protection_plan" "ddos" { - name = random_string.ddos_protection_plan_name.result + name = random_string.ddos_protection_plan.result resource_group_name = azurerm_resource_group.rg.name location = azurerm_resource_group.rg.location } diff --git a/quickstart/101-ddos-protection-plan/readme.md b/quickstart/101-ddos-protection-plan/readme.md index 5080bef8..d9e6d647 100644 --- a/quickstart/101-ddos-protection-plan/readme.md +++ b/quickstart/101-ddos-protection-plan/readme.md @@ -24,4 +24,4 @@ This template creates an Azure DDoS protection plan and a virtual network. ## Example -To see how to run this example, see [Create an Azure DDoS protection plan and virtual network using Terraform](https://docs.microsoft.com/azure/developer/terraform/create-ddos-protection-plan-and-virtual-network). \ No newline at end of file +To see how to run this example, see [Create and configure Azure DDoS Network Protection using Terraform](https://learn.microsoft.com/azure/ddos-protection/manage-ddos-protection-terraform). diff --git a/quickstart/101-ddos-protection-plan/variables.tf b/quickstart/101-ddos-protection-plan/variables.tf index 5d1e5855..bdb1e115 100644 --- a/quickstart/101-ddos-protection-plan/variables.tf +++ b/quickstart/101-ddos-protection-plan/variables.tf @@ -10,18 +10,6 @@ variable "resource_group_name_prefix" { default = "rg" } -variable "ddos_protection_plan_name" { - type = string - description = "Specify a DDoS protection plan name." - default = null -} - -variable "virtual_network_name" { - type = string - description = "Specify a DDoS virtual network name." - default = null -} - variable "vnet_address_prefix" { type = string description = "Specify the virtual network address prefix" From 47b979e02622aea0e36e84acc0235c94849c07a1 Mon Sep 17 00:00:00 2001 From: Tom Archer Date: Mon, 27 Mar 2023 17:20:54 -0700 Subject: [PATCH 3/3] Removed listing of unused variables from readme --- quickstart/101-ddos-protection-plan/readme.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/quickstart/101-ddos-protection-plan/readme.md b/quickstart/101-ddos-protection-plan/readme.md index d9e6d647..9dff97d5 100644 --- a/quickstart/101-ddos-protection-plan/readme.md +++ b/quickstart/101-ddos-protection-plan/readme.md @@ -16,8 +16,6 @@ This template creates an Azure DDoS protection plan and a virtual network. |-|-|-| | `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription. | rg | | `resource_group_location` | Location of the resource group. | eastus | -| `ddos_protection_plan_name` | Specify a DDoS protection plan name. | null | -| `virtual_network_name` | Specify a DDoS virtual network name. | null | | `vnet_address_prefix` | Specify the virtual network address prefix | 172.17.0.0/16 | | `subnet_prefix` | Specify the virtual network subnet prefix | 172.17.0.0/24 | | `ddos_protection_plan_enabled` | Enable DDoS protection plan. | true |