Skip to content

kamacharovs/aiof-iac

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

198 Commits

github

github

 
 

modules

modules

 
 

.gitignore

.gitignore

 
 

.terraform.lock.hcl

.terraform.lock.hcl

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

ad.tf

ad.tf

 
 

azure-pipelines.yml

azure-pipelines.yml

 
 

backends.tf

backends.tf

 
 

main.tf

main.tf

 
 

network.tf

network.tf

 
 

variables.tf

variables.tf

 
 

versions.tf

versions.tf

 
 

Repository files navigation

Overview

All in one finance infrastructure as code, specific to an environment (Dev, QA, Stage, Prod, etc.)

Build Status

How to run it

Below are instructions on how to run the aiof-iac terraform scripts

Local

In order to run it locally, there must be an existing environment variable name TF_VAR_storage_account_access_key. This is an access key and it references the remote storage of the terraform.tfstate files. This state file exists per workspace (environment). The approach is used to keep it out of source control as it's a secret and used to access the storage account. In the current infrastructure, this is Azure storage account access key. Best practices for this will be to rotate the keys once in a month

terraform init -lock -backend-config="access_key=$env:TF_VAR_storage_account_access_key"

After the terraform init command runs successfully, then you can proceed with running terraform plan and subsequently terraform apply (if needed)

terraform plan -lock=false -out=tfplan -input=false

Apply

terraform apply -lock=false tfplan

Documentation

All documentation for this specific repository

Import

Import is used to import existing infrastructure into the terraform state. More information on the command itself can be found here

terraform import -lock=false {Terraform Resource}.{Terraform Alias} {Azure Resource Id}

Module import

Module import is a little different

terraform import -lock=false module.{Module Name}.{Terraform Resource}.{Terraform Alias} {Azure Resource Id}

State rm

You can use terraform state rm in the less common situation where you wish to remove a binding to an existing remote object without first destroying it, which will effectively make Terraform "forget" the object while it continues to exist in the remote system

terraform state rm -lock=false {Terraform Resource}.{Terraform Alias}

Terraform reference

GitHub Repositories

Terraform

Versioning

Terraform undergoes a lot of versioning and new updates. In order to keep this updated, we can look at the latest release on their GitHub. The current version used is ~> 2.39.0

Variables

The sensitive variables for this are stored in a .tfvars file locally. Currently, this is what's in there

subscription_id = ""
tenant_id = ""
client_id = ""
client_secret = ""
location = "eastus"
environment = "dev"

db_admin_username = ""
db_admin_password = ""
db_admin_start_ip = ""

appsettings_auth_jwt_private_key_value  = ""
appsettings_auth_jwt_public_key_value   = ""

Resources

Networking

  • Network security group
  • Network security group rules
  • DDOS protection plan
  • Virtual network
  • Subnet: backend

Database

  • PostgreSQL server
  • PostgreSQL database

Container registry

  • Azure Container Registry

About

All in one finance infrastructure as code

Topics

terraform hcl infrastructure-as-code azurerm azuread azure-pipelines

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages