fix comments

2022-11-18 22:12:00 +01:00 · 2022-11-18 22:12:00 +01:00 · eb6b615ae3
commit eb6b615ae3
parent a0ddf338d3
14 changed files with 42 additions and 58 deletions
--- a/quickstart/101-synapse/README.md
+++ b/quickstart/101-synapse/README.md
@ -9,7 +9,6 @@ Network connectivity to the workspace is allowed over public endpoints, making t
 ## Resources
 | Terraform Resource Type | Description |
 | - | - |
 | `azurerm_resource_group` | The resource group all resources get deployed into. |
@ -46,6 +45,6 @@ Network connectivity to the workspace is allowed over public endpoints, making t
 ## Learn more
- If you are new to Azure Synapse Analytics, see [Azure Synapse Analytics service](https://azure.microsoft.com/services/synapse-analytics/) and [Azure Synapse Analytics documentation](https://learn.microsoft.com/azure/synapse-analytics/overview-what-is).
+- If you are new to Azure Synapse Analytics, see [Azure Synapse Analytics service](https://azure.microsoft.com/services/synapse-analytics/) and [Azure Synapse Analytics documentation](https://learn.microsoft.com/azure/synapse-analytics/guidance/success-by-design-introduction).
- To learn more about security configurations in Azure Synapse Analytics, see [Azure Synapse Analytics security white paper](https://learn.microsoft.com/azure/synapse-analytics/guidance/security-white-paper-introduction).
+- To learn more about security configurations in Azure Synapse Analytics, see [Azure Synapse Analytics security white paper](https://learn.microsoft.com/azure/synapse-analytics/guidance/security-white-paper-introduction) and watch [Success with Synapse - Security videos](https://www.youtube.com/playlist?list=PLzUAjXZBFU9OWYjSI5TdlpMV0ltAjLaNw).
 - For all configurations of Azure Synapse Analytics in Terraform, see [Terraform Hashicorp AzureRM provider documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/synapse_workspace).
--- a/quickstart/101-synapse/locals.tf
+++ b/quickstart/101-synapse/locals.tf
@ -1,4 +1,4 @@
 locals {
-  basename = "${var.name}-${var.environment}"
+  basename      = "${var.name}-${var.environment}"
  safe_basename = replace(local.basename, "-", "")
 }
--- a/quickstart/101-synapse/main.tf
+++ b/quickstart/101-synapse/main.tf
@ -1,15 +1,3 @@
 terraform {
  required_providers {
    azurerm = {
      version = "= 3.30.0"
    }
  }
 }
 provider "azurerm" {
  features {}
 }
 data "azurerm_client_config" "current" {}
 data "http" "ip" {
--- a/quickstart/101-synapse/providers.tf
+++ b/quickstart/101-synapse/providers.tf
@ -0,0 +1,11 @@
 terraform {
  required_providers {
    azurerm = {
      version = "= 3.32.0"
    }
  }
 }
 provider "azurerm" {
  features {}
 }
--- a/quickstart/101-synapse/synapse_workspace.tf
+++ b/quickstart/101-synapse/synapse_workspace.tf
@ -23,6 +23,6 @@ resource "azurerm_synapse_workspace" "default" {
 resource "azurerm_synapse_firewall_rule" "allow_my_ip" {
  name                 = "AllowMyPublicIp"
  synapse_workspace_id = azurerm_synapse_workspace.default.id
-  start_ip_address     = data.http.ip.body
+  start_ip_address     = data.http.ip.response_body
-  end_ip_address       = data.http.ip.body
+  end_ip_address       = data.http.ip.response_body
 }
--- a/quickstart/101-synapse/variables.tf
+++ b/quickstart/101-synapse/variables.tf
@ -32,13 +32,11 @@ variable "aad_login" {
 variable "synadmin_username" {
  type        = string
  description = "Specifies The login name of the SQL administrator"
  default     = "sqladminuser"
 }
 variable "synadmin_password" {
  type        = string
  description = "The Password associated with the sql_administrator_login for the SQL administrator"
  default     = "ThisIsNotVerySecure!"
 }
 variable "enable_syn_sparkpool" {
--- a/quickstart/201-synapse-secure/README.md
+++ b/quickstart/201-synapse-secure/README.md
@ -40,8 +40,6 @@ This configuration describes the minimal set of resources you require to get sta
 | enable_syn_sparkpool| A feature flag to enable/disable the Spark pool | false |
 | enable_syn_sqlpool| A feature flag to enable/disable the SQL pool | false |
 ## Usage
 1. Copy `terraform.tfvars.example` to `terraform.tfvars`
@ -55,6 +53,6 @@ This configuration describes the minimal set of resources you require to get sta
 ## Learn more
- If you are new to Azure Synapse Analytics, see [Azure Synapse Analytics service](https://azure.microsoft.com/services/synapse-analytics/) and [Azure Synapse Analytics documentation](https://learn.microsoft.com/azure/synapse-analytics/overview-what-is).
+- If you are new to Azure Synapse Analytics, see [Azure Synapse Analytics service](https://azure.microsoft.com/services/synapse-analytics/) and [Azure Synapse Analytics documentation](https://learn.microsoft.com/azure/synapse-analytics/guidance/success-by-design-introduction).
- To learn more about security configurations in Azure Synapse Analytics, see [Azure Synapse Analytics security white paper](https://learn.microsoft.com/azure/synapse-analytics/guidance/security-white-paper-introduction).
+- To learn more about security configurations in Azure Synapse Analytics, see [Azure Synapse Analytics security white paper](https://learn.microsoft.com/azure/synapse-analytics/guidance/security-white-paper-introduction) and watch [Success with Synapse - Security videos](https://www.youtube.com/playlist?list=PLzUAjXZBFU9OWYjSI5TdlpMV0ltAjLaNw).
 - For all configurations of Azure Synapse Analytics in Terraform, see [Terraform Hashicorp AzureRM provider documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/synapse_workspace).
--- a/quickstart/201-synapse-secure/locals.tf
+++ b/quickstart/201-synapse-secure/locals.tf
@ -1,4 +1,4 @@
 locals {
-  basename = "${var.name}-${var.environment}"
+  basename      = "${var.name}-${var.environment}"
  safe_basename = replace(local.basename, "-", "")
 }
--- a/quickstart/201-synapse-secure/main.tf
+++ b/quickstart/201-synapse-secure/main.tf
@ -1,15 +1,3 @@
 terraform {
  required_providers {
    azurerm = {
      version = "= 3.30.0"
    }
  }
 }
 provider "azurerm" {
  features {}
 }
 data "azurerm_client_config" "current" {}
 data "http" "ip" {
--- a/quickstart/201-synapse-secure/network.tf
+++ b/quickstart/201-synapse-secure/network.tf
@ -8,12 +8,12 @@ resource "azurerm_virtual_network" "default" {
 # Subnets
 resource "azurerm_subnet" "default" {
-  name                                           = "snet-${local.basename}"
+  name                                      = "snet-${local.basename}"
-  resource_group_name                            = azurerm_resource_group.default.name
+  resource_group_name                       = azurerm_resource_group.default.name
-  virtual_network_name                           = azurerm_virtual_network.default.name
+  virtual_network_name                      = azurerm_virtual_network.default.name
-  address_prefixes                               = ["10.0.1.0/24"]
+  address_prefixes                          = ["10.0.1.0/24"]
-  service_endpoints                              = []
+  service_endpoints                         = []
-  enforce_private_link_endpoint_network_policies = true
+  private_endpoint_network_policies_enabled = true
 }
 resource "azurerm_subnet" "bastion" {
--- a/quickstart/201-synapse-secure/providers.tf
+++ b/quickstart/201-synapse-secure/providers.tf
@ -0,0 +1,11 @@
 terraform {
  required_providers {
    azurerm = {
      version = "= 3.32.0"
    }
  }
 }
 provider "azurerm" {
  features {}
 }
--- a/quickstart/201-synapse-secure/storage_account.tf
+++ b/quickstart/201-synapse-secure/storage_account.tf
@ -41,7 +41,7 @@ resource "azurerm_storage_account_network_rules" "firewall_rules" {
  storage_account_id = azurerm_storage_account.default.id
  default_action             = "Deny"
-  ip_rules                   = [data.http.ip.body]
+  ip_rules                   = [data.http.ip.response_body]
  virtual_network_subnet_ids = []
  bypass                     = ["None"]
 }
--- a/quickstart/201-synapse-secure/synapse_workspace.tf
+++ b/quickstart/201-synapse-secure/synapse_workspace.tf
@ -8,7 +8,9 @@ resource "azurerm_synapse_workspace" "default" {
  sql_administrator_login_password = var.synadmin_password
  managed_virtual_network_enabled = true
-  managed_resource_group_name = "${azurerm_resource_group.default.name}-syn-managed"
+  managed_resource_group_name     = "${azurerm_resource_group.default.name}-syn-managed"
  public_network_access_enabled = false
  aad_admin {
    login     = var.aad_login.name
@ -21,13 +23,6 @@ resource "azurerm_synapse_workspace" "default" {
  }
 }
 resource "azurerm_synapse_firewall_rule" "allow_my_ip" {
  name                 = "AllowMyPublicIp"
  synapse_workspace_id = azurerm_synapse_workspace.default.id
  start_ip_address     = data.http.ip.body
  end_ip_address       = data.http.ip.body
 }
 # DNS Zones
 resource "azurerm_private_dns_zone" "zone_dev" {
--- a/quickstart/201-synapse-secure/variables.tf
+++ b/quickstart/201-synapse-secure/variables.tf
@ -32,25 +32,21 @@ variable "aad_login" {
 variable "jumphost_username" {
  type        = string
  description = "Admin username of the VM"
  default     = "azureuser"
 }
 variable "jumphost_password" {
  type        = string
  description = "Password for the admin username of the VM"
  default     = "ThisIsNotVerySecure!"
 }
 variable "synadmin_username" {
  type        = string
  description = "Specifies The login name of the SQL administrator"
  default     = "sqladminuser"
 }
 variable "synadmin_password" {
  type        = string
  description = "The Password associated with the sql_administrator_login for the SQL administrator"
  default     = "ThisIsNotVerySecure!"
 }
 variable "enable_syn_sparkpool" {