Module to create an Automation Account. It is used in the Coalfire-Azure-RAMPpak FedRAMP Framework.
Learn more at Coalfire OpenSource.
- Security Core
- Region Setup
If using the Coalfire-Azure-RAMPpak FedRAMP Framework, update tstate.tf
to the appropriate version and storage accounts, see sample:
terraform {
required_version = "~>1.5.0"
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "3.61.0"
}
}
backend "azurerm" {
resource_group_name = "ex-prod-va-mp-core-rg"
storage_account_name = "exprodvampsatfstate"
container_name = "vaextfstatecontainer"
environment = "usgovernment"
key = "va-az-automation.tfstate"
}
}
This module can be called as outlined below.
- Change directories to the
terraform-azurerm-automation-account
directory. - From the
terraform-azurerm-automation-account
directory runterraform init
. - Update the necessary variables
- Run
terraform plan
to review the resources being created. - If everything looks correct in the plan output, run
terraform apply
.
Include example for how to call the module below with generic variables
provider "azurerm" {
features {}
}
module "va-aa" {
source = "github.com/Coalfire-CF/terraform-azurerm-automation-account"
automation_account_name = "${local.resource_prefix}-aa"
resource_group_name = data.terraform_remote_state.setup.outputs.management_rg_name
location = var.location
log_analytics_workspace_id = data.terraform_remote_state.core.outputs.core_la_id
global_tags = var.global_tags
regional_tags = merge({
Function = "Automation"
Plane = "Management"
Environment = "Production"
}, var.regional_tags, local.global_local_tags)
}
No requirements.
Name | Version |
---|---|
azurerm | 3.74.0 |
No modules.
Name | Type |
---|---|
azurerm_automation_account.aa | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
automation_account_name | Name of the Automation Account | string |
n/a | yes |
global_tags | Global level tags | map(string) |
n/a | yes |
location | The Azure location/region to create resources in. | string |
n/a | yes |
log_analytics_workspace_id | ID of the Log Analytics Workspace diagnostic logs should be sent to | string |
n/a | yes |
regional_tags | Regional level tags | map(string) |
n/a | yes |
resource_group_name | Resource Group of Automation Account | string |
n/a | yes |
Name | Description |
---|---|
aa_dsc_endpoint | n/a |
aa_id | n/a |
aa_name | n/a |
aa_primary_registration_key | n/a |
aa_principal_id | n/a |
Copyright © 2023 Coalfire Systems Inc.