Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Patch.5.3.1 #164

Merged
merged 10 commits into from
Apr 21, 2021
Merged

Patch.5.3.1 #164

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
91ecce7
fmt
LaurentLesle Apr 16, 2021
36a5bd5
Add missing keyvault_access_policies_azuread_apps
LaurentLesle Apr 20, 2021
37e6e62
Merge branch 'patch.5.3.1' of github.com:Azure/caf-terraform-landingz…
LaurentLesle Apr 19, 2021
afbb505
Merge branch 'patch.5.3.1' of https://github.com/Azure/caf-terraform-…
LaurentLesle Apr 20, 2021
19962cc
Update to support kubeconfig removed from tfstate
LaurentLesle Apr 20, 2021
f2571d3
Update helm chart providers
LaurentLesle Apr 20, 2021
e552e6e
Update with caf module pre-release
LaurentLesle Apr 20, 2021
b84d781
Update with registry version 5.3.2
LaurentLesle Apr 20, 2021
8af8af4
Update AzDO LZ
Apr 21, 2021
b467c67
Merge branch 'patch.5.3.1' of github.com:Azure/caf-terraform-landingz…
LaurentLesle Apr 20, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions caf_launchpad/dynamic_secrets.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@

module "dynamic_keyvault_secrets" {
source = "aztfmod/caf/azurerm//modules/security/dynamic_keyvault_secrets"
version = "~>5.3.0"
# source = "git::https://github.com/aztfmod/terraform-azurerm-caf.git//modules/security/dynamic_keyvault_secrets?ref=master"
version = "~>5.3.2"

# source = "git::https://github.com/aztfmod/terraform-azurerm-caf.git//modules/security/dynamic_keyvault_secrets?ref=master"

for_each = try(var.dynamic_keyvault_secrets, {})

Expand Down
3 changes: 2 additions & 1 deletion caf_launchpad/landingzone.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
module "launchpad" {
source = "aztfmod/caf/azurerm"
version = "~>5.3.0"
version = "~>5.3.2"

# source = "git::https://github.com/aztfmod/terraform-azurerm-caf.git?ref=master"


Expand Down
8 changes: 4 additions & 4 deletions caf_launchpad/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,10 +64,10 @@ locals {
}

tfstates = tomap(
{
(var.landingzone.key) = local.backend[var.landingzone.backend_type]
}
)
{
(var.landingzone.key) = local.backend[var.landingzone.backend_type]
}
)

backend = {
azurerm = {
Expand Down
26 changes: 15 additions & 11 deletions caf_solution/add-ons/aad-pod-identity/providers.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,20 +13,24 @@ provider "kubernetes" {
cluster_ca_certificate = local.k8sconfigs[var.aks_cluster_key].cluster_ca_certificate
}

provider "kustomization" {
kubeconfig_raw = local.k8sconfigs[var.aks_cluster_key].kube_admin_config_raw
}

locals {
k8sconfigs = {
for key, value in var.aks_clusters : key => {
kube_admin_config_raw = local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config_raw
host = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.host : local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.host
username = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.username : local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.username
password = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.password : local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.password
client_certificate = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.client_certificate) : base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.client_certificate)
client_key = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.client_key) : base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.client_key)
cluster_ca_certificate = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.cluster_ca_certificate) : base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.cluster_ca_certificate)
kube_admin_config_raw = data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config_raw
host = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.host : data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.host
username = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.username : data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.username
password = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.password : data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.password
client_certificate = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.client_certificate) : base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.client_certificate)
client_key = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.client_key) : base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.client_key)
cluster_ca_certificate = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.cluster_ca_certificate) : base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.cluster_ca_certificate)
}
}
}

# Get kubeconfig from AKS clusters
data "azurerm_kubernetes_cluster" "kubeconfig" {
for_each = var.aks_clusters

name = local.remote.aks_clusters[each.value.lz_key][each.value.key].cluster_name
resource_group_name = local.remote.aks_clusters[each.value.lz_key][each.value.key].resource_group_name
}
2 changes: 1 addition & 1 deletion caf_solution/add-ons/aks-secure-baseline/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ terraform {
}
kustomization = {
source = "kbst/kustomization"
version = ">= 0.4.0"
version = ">= 0.5.0"
}
}
required_version = ">= 0.13"
Expand Down
22 changes: 15 additions & 7 deletions caf_solution/add-ons/aks-secure-baseline/providers.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,13 +20,21 @@ provider "kustomization" {
locals {
k8sconfigs = {
for key, value in var.aks_clusters : key => {
kube_admin_config_raw = local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config_raw
host = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.host : local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.host
username = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.username : local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.username
password = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.password : local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.password
client_certificate = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.client_certificate) : base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.client_certificate)
client_key = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.client_key) : base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.client_key)
cluster_ca_certificate = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.cluster_ca_certificate) : base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.cluster_ca_certificate)
kube_admin_config_raw = data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config_raw
host = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.host : data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.host
username = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.username : data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.username
password = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.password : data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.password
client_certificate = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.client_certificate) : base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.client_certificate)
client_key = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.client_key) : base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.client_key)
cluster_ca_certificate = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.cluster_ca_certificate) : base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.cluster_ca_certificate)
}
}
}

# Get kubeconfig from AKS clusters
data "azurerm_kubernetes_cluster" "kubeconfig" {
for_each = var.aks_clusters

name = local.remote.aks_clusters[each.value.lz_key][each.value.key].cluster_name
resource_group_name = local.remote.aks_clusters[each.value.lz_key][each.value.key].resource_group_name
}
8 changes: 4 additions & 4 deletions caf_solution/add-ons/azure_devops/locals.remote_tfstates.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,10 +37,10 @@ locals {
diagnostics = data.terraform_remote_state.remote[var.landingzone.global_settings_key].outputs.objects[var.landingzone.global_settings_key].diagnostics

combined = {
aad_apps = merge(local.remote.aad_apps, tomap({(var.landingzone.key) = module.caf.aad_apps}))
azuread_groups = merge(local.remote.azuread_groups, tomap({(var.landingzone.key) = module.caf.azuread_groups}))
keyvaults = merge(local.remote.keyvaults, tomap({(var.landingzone.key) = module.caf.keyvaults}))
managed_identities = merge(local.remote.managed_identities, tomap({(var.landingzone.key) = module.caf.managed_identities}))
aad_apps = merge(local.remote.aad_apps, tomap({ (var.landingzone.key) = module.caf.aad_apps }))
azuread_groups = merge(local.remote.azuread_groups, tomap({ (var.landingzone.key) = module.caf.azuread_groups }))
keyvaults = merge(local.remote.keyvaults, tomap({ (var.landingzone.key) = module.caf.keyvaults }))
managed_identities = merge(local.remote.managed_identities, tomap({ (var.landingzone.key) = module.caf.managed_identities }))
}

remote = {
Expand Down
8 changes: 2 additions & 6 deletions caf_solution/add-ons/azure_devops/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,5 @@
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~> 2.55.0"
}
azuread = {
source = "hashicorp/azuread"
version = "~> 1.4.0"
Expand Down Expand Up @@ -53,14 +49,14 @@ locals {
tfstates = merge(
tomap(
{
(var.landingzone.key) =local.backend[var.landingzone.backend_type]
(var.landingzone.key) = local.backend[var.landingzone.backend_type]
}
)
,
data.terraform_remote_state.remote[var.landingzone.global_settings_key].outputs.tfstates
)


backend = {
azurerm = {
storage_account_name = var.tfstate_storage_account_name
Expand Down
2 changes: 1 addition & 1 deletion caf_solution/add-ons/azure_devops/output.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
output "keyvaults" {
value = tomap(
{
{
(var.landingzone.key) = module.caf.keyvaults
}
)
Expand Down
6 changes: 3 additions & 3 deletions caf_solution/add-ons/azure_devops_agent/dynamic_secrets.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@

module "dynamic_keyvault_secrets" {
# source = "aztfmod/caf/azurerm//modules/security/dynamic_keyvault_secrets"
# version = "~>5.3.0"
source = "git::https://github.com/aztfmod/terraform-azurerm-caf.git//modules/security/dynamic_keyvault_secrets?ref=master"
source = "aztfmod/caf/azurerm//modules/security/dynamic_keyvault_secrets"
version = "~>5.3.0"
# source = "git::https://github.com/aztfmod/terraform-azurerm-caf.git//modules/security/dynamic_keyvault_secrets?ref=master"


for_each = try(var.dynamic_keyvault_secrets, {})
Expand Down
8 changes: 4 additions & 4 deletions caf_solution/add-ons/azure_devops_agent/locals.current_tfstates.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,10 +37,10 @@ locals {
diagnostics = data.terraform_remote_state.remote[var.landingzone.global_settings_key].outputs.objects[var.landingzone.global_settings_key].diagnostics

combined = {
aad_apps = merge(local.remote.aad_apps, tomap({(var.landingzone.key) = module.caf.aad_apps}))
azuread_groups = merge(local.remote.azuread_groups, tomap({(var.landingzone.key) = module.caf.azuread_groups}))
keyvaults = merge(local.remote.keyvaults, tomap({(var.landingzone.key) = module.caf.keyvaults}))
managed_identities = merge(local.remote.managed_identities, tomap({(var.landingzone.key) = module.caf.managed_identities}))
aad_apps = merge(local.remote.aad_apps, tomap({ (var.landingzone.key) = module.caf.aad_apps }))
azuread_groups = merge(local.remote.azuread_groups, tomap({ (var.landingzone.key) = module.caf.azuread_groups }))
keyvaults = merge(local.remote.keyvaults, tomap({ (var.landingzone.key) = module.caf.keyvaults }))
managed_identities = merge(local.remote.managed_identities, tomap({ (var.landingzone.key) = module.caf.managed_identities }))
}

remote = {
Expand Down
8 changes: 2 additions & 6 deletions caf_solution/add-ons/azure_devops_agent/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,5 @@
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~> 2.55"
}
azuread = {
source = "hashicorp/azuread"
version = "~> 1.4.0"
Expand Down Expand Up @@ -53,14 +49,14 @@ locals {
tfstates = merge(
tomap(
{
(var.landingzone.key) =local.backend[var.landingzone.backend_type]
(var.landingzone.key) = local.backend[var.landingzone.backend_type]
}
)
,
data.terraform_remote_state.remote[var.landingzone.global_settings_key].outputs.tfstates
)


backend = {
azurerm = {
storage_account_name = var.tfstate_storage_account_name
Expand Down
2 changes: 1 addition & 1 deletion caf_solution/add-ons/azure_devops_agent/solution.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module "caf" {
source = "aztfmod/caf/azurerm"
version = "~>5.1.0"
version = "~>5.3.0"

current_landingzone_key = var.landingzone.key
tenant_id = var.tenant_id
Expand Down
2 changes: 1 addition & 1 deletion caf_solution/add-ons/caf_eslz/custom_landing_zones.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ locals {
[
data.azurerm_management_group.id[mg_id].subscription_ids
]
),
),
[]
),
flatten(
Expand Down
6 changes: 3 additions & 3 deletions caf_solution/add-ons/databricks/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,20 +44,20 @@ locals {
log_analytics = data.terraform_remote_state.landingzone.outputs.diagnostics.log_analytics
}



# Update the tfstates map
tfstates = merge(
tomap(
{
(var.landingzone.key) =local.backend[var.landingzone.backend_type]
(var.landingzone.key) = local.backend[var.landingzone.backend_type]
}
)
,
data.terraform_remote_state.remote[var.landingzone.global_settings_key].outputs.tfstates
)


backend = {
azurerm = {
storage_account_name = var.tfstate_storage_account_name
Expand Down
21 changes: 14 additions & 7 deletions caf_solution/add-ons/helm-charts/providers.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,13 +27,20 @@ provider "helm" {
locals {
k8sconfigs = {
for key, value in var.aks_clusters : key => {
kube_admin_config_raw = local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config_raw
host = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.host : local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.host
username = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.username : local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.username
password = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.password : local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.password
client_certificate = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.client_certificate) : base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.client_certificate)
client_key = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.client_key) : base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.client_key)
cluster_ca_certificate = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_admin_config.0.cluster_ca_certificate) : base64decode(local.remote.aks_clusters[value.lz_key][value.key].kube_config.0.cluster_ca_certificate)
host = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.host : data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.host
username = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.username : data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.username
password = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.password : data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.password
client_certificate = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.client_certificate) : base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.client_certificate)
client_key = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.client_key) : base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.client_key)
cluster_ca_certificate = local.remote.aks_clusters[value.lz_key][value.key].enable_rbac ? base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_admin_config.0.cluster_ca_certificate) : base64decode(data.azurerm_kubernetes_cluster.kubeconfig[key].kube_config.0.cluster_ca_certificate)
}
}
}

# Get kubeconfig from AKS clusters
data "azurerm_kubernetes_cluster" "kubeconfig" {
for_each = var.aks_clusters

name = local.remote.aks_clusters[each.value.lz_key][each.value.key].cluster_name
resource_group_name = local.remote.aks_clusters[each.value.lz_key][each.value.key].resource_group_name
}
4 changes: 2 additions & 2 deletions caf_solution/add-ons/terraform_cloud/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,14 +44,14 @@ locals {
tfstates = merge(
tomap(
{
(var.landingzone.key) =local.backend["tfc"]
(var.landingzone.key) = local.backend["tfc"]
}
)
,
data.terraform_remote_state.remote[var.landingzone.global_settings_key].outputs.tfstates
)


backend = {
tfc = {
level = var.landingzone.level,
Expand Down
3 changes: 2 additions & 1 deletion caf_solution/dynamic_secrets.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
module "dynamic_keyvault_secrets" {
source = "aztfmod/caf/azurerm//modules/security/dynamic_keyvault_secrets"
version = "~>5.3.0"
version = "~>5.3.2"

# source = "git::https://github.com/aztfmod/terraform-azurerm-caf.git//modules/security/dynamic_keyvault_secrets?ref=master"

for_each = {
Expand Down
5 changes: 3 additions & 2 deletions caf_solution/landingzone.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
module "solution" {
source = "aztfmod/caf/azurerm"
version = "~>5.3.0"
version = "~>5.3.2"

# source = "git::https://github.com/aztfmod/terraform-azurerm-caf.git?ref=master"


Expand All @@ -25,6 +25,7 @@ module "solution" {
event_hubs = var.event_hubs
global_settings = local.global_settings
keyvault_access_policies = var.keyvault_access_policies
keyvault_access_policies_azuread_apps = var.keyvault_access_policies_azuread_apps
keyvault_certificate_issuers = var.keyvault_certificate_issuers
keyvaults = var.keyvaults
log_analytics = var.log_analytics
Expand Down
2 changes: 1 addition & 1 deletion caf_solution/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ locals {
data.terraform_remote_state.remote[var.landingzone.global_settings_key].outputs.tfstates
)


backend = {
azurerm = {
storage_account_name = var.tfstate_storage_account_name
Expand Down
Loading