Skip to content

Commit

Permalink
Refactor
Browse files Browse the repository at this point in the history
  • Loading branch information
@frasermolyneux
frasermolyneux committed May 20, 2024
1 parent 0765edd commit 1668875
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 21 deletions.
19 changes: 19 additions & 0 deletions terraform/key_vault.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
resource "azurerm_key_vault" "sql_kv" {
name = local.key_vault_name
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
tenant_id = data.azurerm_client_config.current.tenant_id

tags = var.tags

soft_delete_retention_days = 90
purge_protection_enabled = true
enable_rbac_authorization = true

sku_name = "standard"

network_acls {
bypass = "AzureServices"
default_action = "Allow"
}
}
2 changes: 1 addition & 1 deletion terraform/locals.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ locals {
app_insights_name = "ai-portal-core-${var.environment}-${var.location}-${var.instance}"
app_service_plan_name = "asp-portal-core-${var.environment}-${var.location}-${var.instance}"
api_management_name = "apim-portal-core-${var.environment}-${var.location}-${var.instance}-${random_id.environment_id.hex}"
key_vault_name = "kv-${random_id.environment_id.hex}-${var.location}"
sql_admin_group_name = "sql-admins-${var.environment}-${var.location}-${var.instance}"
sql_key_vault_name = "kv-sql${random_id.environment_id.hex}-${var.location}"
sql_name = "sql-${var.environment}-${var.location}-${var.instance}"
}
20 changes: 0 additions & 20 deletions terraform/sql_server.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,26 +14,6 @@ resource "random_id" "username_suffix" {
byte_length = 4
}

resource "azurerm_key_vault" "sql_kv" {
name = local.sql_key_vault_name
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
tenant_id = data.azurerm_client_config.current.tenant_id

tags = var.tags

soft_delete_retention_days = 90
purge_protection_enabled = true
enable_rbac_authorization = true

sku_name = "standard"

network_acls {
bypass = "AzureServices"
default_action = "Allow"
}
}

resource "azurerm_key_vault_secret" "sql_username" {
name = "${local.sql_name}-username"
value = "addy${random_id.username_suffix.hex}"
Expand Down

0 comments on commit 1668875

Please sign in to comment.