Adding aztfmod#542

arnaudlh · arnaudlh · commit 5345d9e40e72 · 2021-06-30T05:38:21.000Z
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -32,7 +32,7 @@
     // "shutdownAction": "none",
 
     // Uncomment the next line to run commands after the container is created.
-    "postCreateCommand": "sudo cp -R /tmp/.ssh-localhost/* ~/.ssh && sudo chmod 600 ~/.ssh/* && sudo chown -R $(whoami) /tf/caf && git config --global core.editor vi && pre-commit install && pre-commit autoupdate",
+    "postCreateCommand": "sudo cp -R /tmp/.ssh-localhost/* ~/.ssh && sudo chown -R $(whoami):$(whoami) /tf/caf && sudo chmod 400 ~/.ssh/* && git config --global core.editor vi && pre-commit install && pre-commit autoupdate",
 
     // Add the IDs of extensions you want installed when the container is created in the array below.
     "extensions": [
diff --git a/application_gateways.tf b/application_gateways.tf
@@ -6,13 +6,13 @@ module "application_gateways" {
   global_settings               = local.global_settings
   client_config                 = local.client_config
   diagnostics                   = local.combined_diagnostics
-  resource_group_name           = local.resource_groups[each.value.resource_group_key].name
-  location                      = lookup(each.value, "region", null) == null ? local.resource_groups[each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
+  resource_group_name           = local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].name
+  location                      = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
   settings                      = each.value
   sku_name                      = each.value.sku_name
   sku_tier                      = each.value.sku_tier
   vnets                         = local.combined_objects_networking
-  base_tags                     = try(local.global_settings.inherit_tags, false) ? local.resource_groups[each.value.resource_group_key].tags : {}
+  base_tags                     = try(local.global_settings.inherit_tags, false) ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].tags : {}
   private_dns                   = lookup(each.value, "private_dns_records", null) == null ? {} : local.combined_objects_private_dns
   public_ip_addresses           = local.combined_objects_public_ip_addresses
   app_services                  = local.combined_objects_app_services
diff --git a/keyvault.tf b/keyvault.tf
@@ -6,12 +6,12 @@ module "keyvaults" {
   global_settings    = local.global_settings
   client_config      = local.client_config
   settings           = each.value
-  resource_groups    = local.resource_groups
+  resource_groups    = local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)]
   diagnostics        = local.combined_diagnostics
   vnets              = local.combined_objects_networking
   azuread_groups     = local.combined_objects_azuread_groups
   managed_identities = local.combined_objects_managed_identities
-  base_tags          = try(local.global_settings.inherit_tags, false) ? local.resource_groups[each.value.resource_group_key].tags : {}
+  base_tags          = try(local.global_settings.inherit_tags, false) ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].tags : {}
   private_dns        = local.combined_objects_private_dns
 }
 
diff --git a/keyvault_certificate_issuers.tf b/keyvault_certificate_issuers.tf
@@ -3,12 +3,12 @@ module "keyvault_certificate_issuers" {
   depends_on = [module.keyvaults]
   for_each   = local.security.keyvault_certificate_issuers
 
-  resource_group_name = local.resource_groups[each.value.resource_group_key].name
-  location            = local.resource_groups[each.value.resource_group_key].location
+  resource_group_name = local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].name
+  location            = local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].location
   global_settings     = local.global_settings
   settings            = each.value
   keyvault_id         = try(local.combined_objects_keyvaults[each.value.lz_key][each.value.keyvault_key].id, local.combined_objects_keyvaults[local.client_config.landingzone_key][each.value.keyvault_key].id)
-  base_tags           = try(local.global_settings.inherit_tags, false) ? local.resource_groups[each.value.resource_group_key].tags : {}
+  base_tags           = try(local.global_settings.inherit_tags, false) ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].tags : {}
   password            = try(data.azurerm_key_vault_secret.certificate_issuer_password[each.key].value, each.value.cert_issuer_password)
 }
 
diff --git a/load_balancers.tf b/load_balancers.tf
@@ -2,16 +2,16 @@ module "load_balancers" {
   source   = "./modules/networking/load_balancers"
   for_each = try(local.networking.load_balancers, {})
 
-  resource_group_name = local.resource_groups[each.value.resource_group_key].name
-  location            = lookup(each.value, "region", null) == null ? local.resource_groups[each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
+  resource_group_name = local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].name
+  location            = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
   public_ip_addresses = local.combined_objects_public_ip_addresses
   client_config       = local.client_config
   vnets               = local.combined_objects_networking
   diagnostic_profiles = try(each.value.diagnostic_profiles, null)
   diagnostics         = local.combined_diagnostics
   global_settings     = local.global_settings
   settings            = each.value
-  base_tags           = try(local.global_settings.inherit_tags, false) ? local.resource_groups[each.value.resource_group_key].tags : {}
+  base_tags           = try(local.global_settings.inherit_tags, false) ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].tags : {}
   existing_resources = {
     virtual_machines = try(module.virtual_machines, {})
     #vm scale set will be added later
diff --git a/networking.tf b/networking.tf
@@ -21,16 +21,16 @@ module "networking" {
   for_each = local.networking.vnets
 
   application_security_groups       = local.combined_objects_application_security_groups
-  base_tags                         = try(local.global_settings.inherit_tags, false) ? local.resource_groups[each.value.resource_group_key].tags : {}
+  base_tags                         = try(local.global_settings.inherit_tags, false) ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].tags : {}
   client_config                     = local.client_config
   ddos_id                           = try(azurerm_network_ddos_protection_plan.ddos_protection_plan[each.value.ddos_services_key].id, "")
   diagnostics                       = local.combined_diagnostics
   global_settings                   = local.global_settings
-  location                          = lookup(each.value, "region", null) == null ? local.resource_groups[each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
+  location                          = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
   network_security_groups           = module.network_security_groups
   network_security_group_definition = local.networking.network_security_group_definition
   network_watchers                  = try(local.combined_objects_network_watchers, null)
-  resource_group_name               = local.resource_groups[each.value.resource_group_key].name
+  resource_group_name               = local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].name
   route_tables                      = module.route_tables
   settings                          = each.value
   tags                              = try(each.value.tags, null)
@@ -60,8 +60,8 @@ module "public_ip_addresses" {
   for_each = local.networking.public_ip_addresses
 
   name                       = azurecaf_name.public_ip_addresses[each.key].result
-  resource_group_name        = local.resource_groups[each.value.resource_group_key].name
-  location                   = lookup(each.value, "region", null) == null ? local.resource_groups[each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
+  resource_group_name        = local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].name
+  location                   = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
   sku                        = try(each.value.sku, "Basic")
   allocation_method          = try(each.value.allocation_method, "Dynamic")
   ip_version                 = try(each.value.ip_version, "IPv4")
@@ -79,7 +79,7 @@ module "public_ip_addresses" {
   )
   diagnostic_profiles = try(each.value.diagnostic_profiles, {})
   diagnostics         = local.combined_diagnostics
-  base_tags           = try(local.global_settings.inherit_tags, false) ? local.resource_groups[each.value.resource_group_key].tags : {}
+  base_tags           = try(local.global_settings.inherit_tags, false) ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].tags : {}
 }
 
 
@@ -139,11 +139,11 @@ module "route_tables" {
   for_each = local.networking.route_tables
 
   name                          = azurecaf_name.route_tables[each.key].result
-  resource_group_name           = local.resource_groups[each.value.resource_group_key].name
-  location                      = lookup(each.value, "region", null) == null ? local.resource_groups[each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
+  resource_group_name           = local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].name
+  location                      = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
   disable_bgp_route_propagation = try(each.value.disable_bgp_route_propagation, null)
   tags                          = try(each.value.tags, null)
-  base_tags                     = try(local.global_settings.inherit_tags, false) ? local.resource_groups[each.value.resource_group_key].tags : {}
+  base_tags                     = try(local.global_settings.inherit_tags, false) ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].tags : {}
 }
 
 resource "azurecaf_name" "routes" {
@@ -163,17 +163,17 @@ module "routes" {
   source   = "./modules/networking/routes"
   for_each = local.networking.azurerm_routes
 
-  name                      = azurecaf_name.routes[each.key].result
-  resource_group_name       = local.resource_groups[each.value.resource_group_key].name
-  route_table_name          = module.route_tables[each.value.route_table_key].name
-  address_prefix            = each.value.address_prefix
-  next_hop_type             = each.value.next_hop_type
-  next_hop_in_ip_address    = try(lower(each.value.next_hop_type), null) == "virtualappliance" ? try(each.value.next_hop_in_ip_address, null) : null
+  name                   = azurecaf_name.routes[each.key].result
+  resource_group_name    = local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].name
+  route_table_name       = module.route_tables[each.value.route_table_key].name
+  address_prefix         = each.value.address_prefix
+  next_hop_type          = each.value.next_hop_type
+  next_hop_in_ip_address = try(lower(each.value.next_hop_type), null) == "virtualappliance" ? try(each.value.next_hop_in_ip_address, null) : null
   next_hop_in_ip_address_fw = try(lower(each.value.next_hop_type), null) == "virtualappliance" ? coalesce(
     try(local.combined_objects_azurerm_firewalls[try(each.value.private_ip_keys.azurerm_firewall.lz_key, local.client_config.landingzone_key)][each.value.private_ip_keys.azurerm_firewall.key].ip_configuration[each.value.private_ip_keys.azurerm_firewall.interface_index].private_ip_address, null),
     try(local.combined_objects_azurerm_firewalls[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.private_ip_keys.azurerm_firewall.key].ip_configuration[each.value.private_ip_keys.azurerm_firewall.interface_index].private_ip_address, null)
   ) : null
-    
+
 }
 
 #
@@ -199,9 +199,9 @@ resource "azurerm_network_ddos_protection_plan" "ddos_protection_plan" {
   for_each = local.networking.ddos_services
 
   name                = azurecaf_name.ddos_protection_plan[each.key].result
-  location            = lookup(each.value, "region", null) == null ? local.resource_groups[each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
-  resource_group_name = local.resource_groups[each.value.resource_group_key].name
-  tags                = try(local.global_settings.inherit_tags, false) ? merge(local.resource_groups[each.value.resource_group_key].tags, each.value.tags) : try(each.value.tags, null)
+  location            = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
+  resource_group_name = local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].name
+  tags                = try(local.global_settings.inherit_tags, false) ? merge(local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].tags, each.value.tags) : try(each.value.tags, null)
 }
 
 #
@@ -213,10 +213,10 @@ module "network_watchers" {
   source   = "./modules/networking/network_watcher"
   for_each = local.networking.network_watchers
 
-  resource_group_name = local.resource_groups[each.value.resource_group_key].name
-  location            = lookup(each.value, "region", null) == null ? local.resource_groups[each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
+  resource_group_name = local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].name
+  location            = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
   settings            = each.value
   tags                = try(each.value.tags, null)
-  base_tags           = try(local.global_settings.inherit_tags, false) ? local.resource_groups[each.value.resource_group_key].tags : {}
+  base_tags           = try(local.global_settings.inherit_tags, false) ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].tags : {}
   global_settings     = local.global_settings
 }
diff --git a/virtual_machines.tf b/virtual_machines.tf
@@ -14,7 +14,7 @@ module "virtual_machines" {
 
   application_security_groups = local.combined_objects_application_security_groups
   availability_sets           = local.combined_objects_availability_sets
-  base_tags                   = try(local.global_settings.inherit_tags, false) ? module.resource_groups[each.value.resource_group_key].tags : {}
+  base_tags                   = try(local.global_settings.inherit_tags, false) ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].tags : {}
   # if boot_diagnostics_storage_account_key is points to a valid storage account, pass the endpoint
   # if boot_diagnostics_storage_account_key is empty string, pass empty string
   # if boot_diagnostics_storage_account_key not defined, pass null
@@ -27,13 +27,13 @@ module "virtual_machines" {
   disk_encryption_sets       = local.combined_objects_disk_encryption_sets
   global_settings            = local.global_settings
   keyvaults                  = local.combined_objects_keyvaults
-  location                   = lookup(each.value, "region", null) == null ? local.resource_groups[each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
+  location                   = lookup(each.value, "region", null) == null ? local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
   managed_identities         = local.combined_objects_managed_identities
   network_security_groups    = local.combined_objects_network_security_groups
   proximity_placement_groups = local.combined_objects_proximity_placement_groups
   public_ip_addresses        = local.combined_objects_public_ip_addresses
   recovery_vaults            = local.combined_objects_recovery_vaults
-  resource_group_name        = local.resource_groups[each.value.resource_group_key].name
+  resource_group_name        = local.combined_objects_resource_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.resource_group_key].name
   settings                   = each.value
   vnets                      = local.combined_objects_networking
   dedicated_hosts            = local.combined_objects_dedicated_hosts
diff --git a/virtual_machines_scale_sets.tf b/virtual_machines_scale_sets.tf
@@ -1,6 +1,6 @@
 
 
-module virtual_machine_scale_sets {
+module "virtual_machine_scale_sets" {
   source = "./modules/compute/virtual_machine_scale_set"
   depends_on = [
     module.availability_sets,
@@ -37,7 +37,7 @@ module virtual_machine_scale_sets {
 }
 
 
-output virtual_machine_scale_sets {
+output "virtual_machine_scale_sets" {
   value = module.virtual_machine_scale_sets
 }
 

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`
`2`	`2`
`3`		`-module virtual_machine_scale_sets {`
	`3`	`+module "virtual_machine_scale_sets" {`
`4`	`4`	`source = "./modules/compute/virtual_machine_scale_set"`
`5`	`5`	`depends_on = [`
`6`	`6`	`module.availability_sets,`
`@@ -37,7 +37,7 @@ module virtual_machine_scale_sets {`
`37`	`37`	`}`
`38`	`38`
`39`	`39`
`40`		`-output virtual_machine_scale_sets {`
	`40`	`+output "virtual_machine_scale_sets" {`
`41`	`41`	`value = module.virtual_machine_scale_sets`
`42`	`42`	`}`
`43`	`43`