Tips-Of-Mine/terraform-azure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add synapse 201

Browse Source
This commit is contained in:
murggu
2022-11-08 13:47:23 +01:00
parent ebf66eab0b
commit d65c97c307
17 changed files with 603 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

116
quickstart/201-synapse-secure/synapse_workspace.tf Normal file
View File

@ -0,0 +1,116 @@
resource "azurerm_synapse_workspace" "default" {
name = "syn-${local.basename}"
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
storage_data_lake_gen2_filesystem_id = azurerm_storage_data_lake_gen2_filesystem.default.id
sql_administrator_login = var.synadmin_username
sql_administrator_login_password = var.synadmin_password
managed_virtual_network_enabled = true
managed_resource_group_name = "${azurerm_resource_group.default.name}-syn-managed"
aad_admin {
login = var.aad_login.name
object_id = var.aad_login.object_id
tenant_id = var.aad_login.tenant_id
}
identity {
type = "SystemAssigned"
}
}
resource "azurerm_synapse_firewall_rule" "allow_my_ip" {
name = "AllowMyPublicIp"
synapse_workspace_id = azurerm_synapse_workspace.default.id
start_ip_address = data.http.ip.body
end_ip_address = data.http.ip.body
}
# DNS Zones
resource "azurerm_private_dns_zone" "zone_dev" {
name = "privatelink.dev.azuresynapse.net"
resource_group_name = azurerm_resource_group.default.name
}
resource "azurerm_private_dns_zone" "zone_sql" {
name = "privatelink.sql.azuresynapse.net"
resource_group_name = azurerm_resource_group.default.name
}
# Linking of DNS zones to Virtual Network
resource "azurerm_private_dns_zone_virtual_network_link" "zone_dev_link" {
name = "${local.basename}_link_dev"
resource_group_name = azurerm_resource_group.default.name
private_dns_zone_name = azurerm_private_dns_zone.zone_dev.name
virtual_network_id = azurerm_virtual_network.default.id
}
resource "azurerm_private_dns_zone_virtual_network_link" "zone_sql_link" {
name = "${local.basename}_link_sql"
resource_group_name = azurerm_resource_group.default.name
private_dns_zone_name = azurerm_private_dns_zone.zone_sql.name
virtual_network_id = azurerm_virtual_network.default.id
}
# Private Endpoint configuration
resource "azurerm_private_endpoint" "pe_dev" {
name = "pe-${azurerm_synapse_workspace.default.name}-dev"
location = azurerm_resource_group.default.location
resource_group_name = azurerm_resource_group.default.name
subnet_id = azurerm_subnet.default.id
private_service_connection {
name = "psc-dev-${local.basename}"
private_connection_resource_id = azurerm_synapse_workspace.default.id
subresource_names = ["dev"]
is_manual_connection = false
}
private_dns_zone_group {
name = "private-dns-zone-group-dev"
private_dns_zone_ids = [azurerm_private_dns_zone.zone_dev.id]
}
}
resource "azurerm_private_endpoint" "pe_sql" {
name = "pe-${azurerm_synapse_workspace.default.name}-sql"
location = azurerm_resource_group.default.location
resource_group_name = azurerm_resource_group.default.name
subnet_id = azurerm_subnet.default.id
private_service_connection {
name = "psc-sql-${local.basename}"
private_connection_resource_id = azurerm_synapse_workspace.default.id
subresource_names = ["sql"]
is_manual_connection = false
}
private_dns_zone_group {
name = "private-dns-zone-group-sql"
private_dns_zone_ids = [azurerm_private_dns_zone.zone_sql.id]
}
}
resource "azurerm_private_endpoint" "pe_sqlondemand" {
name = "pe-${azurerm_synapse_workspace.default.name}-sqlondemand"
location = azurerm_resource_group.default.location
resource_group_name = azurerm_resource_group.default.name
subnet_id = azurerm_subnet.default.id
private_service_connection {
name = "psc-sqlondemand-${local.basename}"
private_connection_resource_id = azurerm_synapse_workspace.default.id
subresource_names = ["sqlondemand"]
is_manual_connection = false
}
private_dns_zone_group {
name = "private-dns-zone-group-sqlondemand"
private_dns_zone_ids = [azurerm_private_dns_zone.zone_sql.id]
}
}