Fix 101-synapse (#187)

* fix 101-synapse Co-authored-by: zjhe <hezijie@microsoft.com>
2023-03-14 07:20:21 +08:00 · 2023-03-14 07:20:21 +08:00 · bf49ecaafd
commit bf49ecaafd
parent 03954463dc
6 changed files with 53 additions and 11 deletions
--- a/quickstart/101-synapse/locals.tf
+++ b/quickstart/101-synapse/locals.tf
@ -1,4 +1,8 @@
+resource "random_pet" "name" {
+  count = var.name == null ? 1 : 0
+}
+
 locals {
-  basename      = "${var.name}-${var.environment}"
+  basename      = "${try(random_pet.name[0].id, var.name)}-${var.environment}"
  safe_basename = replace(local.basename, "-", "")
 }
--- a/quickstart/101-synapse/providers.tf
+++ b/quickstart/101-synapse/providers.tf
@ -1,7 +1,11 @@
 terraform {
  required_providers {
    azurerm = {
-      version = "= 3.32.0"
+      version = ">= 3.32.0, < 4.0"
+    }
+    random = {
+      source = "hashicorp/random"
+      version = ">= 3.4.3"
    }
  }
 }
--- a/quickstart/101-synapse/storage_account.tf
+++ b/quickstart/101-synapse/storage_account.tf
@ -1,3 +1,7 @@
+locals {
+  current_user_id = coalesce(var.msi_id, data.azurerm_client_config.current.object_id)
+}
+
 resource "azurerm_storage_account" "default" {
  name                     = "st${local.safe_basename}"
  resource_group_name      = azurerm_resource_group.default.name
@ -11,7 +15,7 @@ resource "azurerm_storage_account" "default" {
 resource "azurerm_role_assignment" "sbdc_current_user" {
  scope                = azurerm_storage_account.default.id
  role_definition_name = "Storage Blob Data Contributor"
-  principal_id         = data.azurerm_client_config.current.object_id
+  principal_id         = local.current_user_id
 }

 resource "azurerm_role_assignment" "sbdc_syn_ws" {
--- a/quickstart/101-synapse/synapse_pools.tf
+++ b/quickstart/101-synapse/synapse_pools.tf
@ -1,21 +1,23 @@
 # Sql Pool 

 resource "azurerm_synapse_sql_pool" "syn_pool_sql" {
+  count = var.enable_syn_sqlpool ? 1 : 0
+
  name                 = "syndp01"
  synapse_workspace_id = azurerm_synapse_workspace.default.id
  sku_name             = "DW100c"
  create_mode          = "Default"
-  count                = var.enable_syn_sqlpool ? 1 : 0
 }

 # Spark Pool 

 resource "azurerm_synapse_spark_pool" "syn_pool_spark" {
+  count = var.enable_syn_sparkpool ? 1 : 0
+
  name                 = "synsp01"
  synapse_workspace_id = azurerm_synapse_workspace.default.id
  node_size_family     = "MemoryOptimized"
  node_size            = "Small"
-  count                = var.enable_syn_sparkpool ? 1 : 0

  auto_scale {
    max_node_count = 50
--- a/quickstart/101-synapse/synapse_workspace.tf
+++ b/quickstart/101-synapse/synapse_workspace.tf
@ -1,3 +1,17 @@
+resource "random_password" "password" {
+  count = var.synadmin_password == null ? 1 : 0
+
+  length      = 20
+  min_lower   = 1
+  min_upper   = 1
+  min_numeric = 1
+  min_special = 1
+}
+
+locals {
+  synadmin_password = try(random_password.password[0].result, var.synadmin_password)
+}
+
 resource "azurerm_synapse_workspace" "default" {
  name                                 = "syn-${local.basename}"
  resource_group_name                  = azurerm_resource_group.default.name
@ -5,14 +19,18 @@ resource "azurerm_synapse_workspace" "default" {
  storage_data_lake_gen2_filesystem_id = azurerm_storage_data_lake_gen2_filesystem.default.id

  sql_administrator_login          = var.synadmin_username
-  sql_administrator_login_password = var.synadmin_password
+  sql_administrator_login_password = local.synadmin_password

  managed_resource_group_name = "${azurerm_resource_group.default.name}-syn-managed"

-  aad_admin {
-    login     = var.aad_login.name
-    object_id = var.aad_login.object_id
-    tenant_id = var.aad_login.tenant_id
+  dynamic "aad_admin" {
+    for_each = var.aad_login == null ? [] : ["aad_admin"]
+
+    content {
+      login     = var.aad_login.name
+      object_id = var.aad_login.object_id
+      tenant_id = var.aad_login.tenant_id
+    }
  }

  identity {
--- a/quickstart/101-synapse/variables.tf
+++ b/quickstart/101-synapse/variables.tf
@ -1,6 +1,7 @@
 variable "name" {
  type        = string
  description = "Name of the deployment"
+  default     = null
 }

 variable "environment" {
@ -17,21 +18,24 @@ variable "location" {

 variable "aad_login" {
  description = "AAD login"
-  type = object({
+  type        = object({
    name      = string
    object_id = string
    tenant_id = string
  })
+  default = null
 }

 variable "synadmin_username" {
  type        = string
  description = "Specifies The login name of the SQL administrator"
+  default     = "synapseadmin"
 }

 variable "synadmin_password" {
  type        = string
  description = "The Password associated with the sql_administrator_login for the SQL administrator"
+  default     = null
 }

 variable "enable_syn_sparkpool" {
@ -44,4 +48,10 @@ variable "enable_syn_sqlpool" {
  type        = bool
  description = "Variable to enable or disable Synapse Dedicated SQL pool deployment"
  default     = false
+}
+
+variable "msi_id" {
+  type    = string
+  description = "If you're running this example by authentication with identity, please set identity object id here."
+  default = null
 }