48 lines
1.4 KiB
HCL
48 lines
1.4 KiB
HCL
terraform {
|
|
required_providers {
|
|
azurerm = {
|
|
source = "hashicorp/azurerm"
|
|
version = ">= 3.7.0"
|
|
}
|
|
}
|
|
|
|
# Update this block with the location of your terraform state file
|
|
backend "azurerm" {
|
|
resource_group_name = "rg-terraform-github-actions-state"
|
|
storage_account_name = "terraformgithubactions"
|
|
container_name = "tfstate"
|
|
key = "terraform.tfstate"
|
|
use_oidc = true
|
|
}
|
|
}
|
|
|
|
provider "azurerm" {
|
|
features {}
|
|
use_oidc = true
|
|
}
|
|
|
|
# Define any Azure resources to be created here. A simple resource group is shown here as a minimal example.
|
|
resource "azurerm_resource_group" "rg-aks" {
|
|
name = var.resource_group_name
|
|
location = var.location
|
|
}
|
|
|
|
# Sample NSG designed to raise a security alert. Delete for any real deployment.
|
|
resource "azurerm_network_security_group" "nsg-fail" {
|
|
name = "insecureNSG"
|
|
location = azurerm_resource_group.rg-aks.location
|
|
resource_group_name = azurerm_resource_group.rg-aks.name
|
|
|
|
security_rule {
|
|
name = "badrule"
|
|
priority = 100
|
|
direction = "Inbound"
|
|
access = "Allow"
|
|
protocol = "*"
|
|
source_port_range = "*"
|
|
destination_port_range = "*"
|
|
source_address_prefix = "*"
|
|
destination_address_prefix = "*"
|
|
}
|
|
}
|