module "rg" {
source = "registry.terraform.io/libre-devops/rg/azurerm"
rg_name = "rg-${var.short}-${var.loc}-${terraform.workspace}-build" // rg-ldo-euw-dev-build
location = local.location // compares var.loc with the var.regions var to match a long-hand name, in this case, "euw", so "westeurope"
tags = local.tags
# lock_level = "CanNotDelete" // Do not set this value to skip lock
}
module "network" {
source = "registry.terraform.io/libre-devops/network/azurerm"
rg_name = module.rg.rg_name // rg-ldo-euw-dev-build
location = module.rg.rg_location
tags = local.tags
vnet_name = "vnet-${var.short}-${var.loc}-${terraform.workspace}-01" // vnet-ldo-euw-dev-01
vnet_location = module.network.vnet_location
address_space = ["10.0.0.0/16"]
subnet_prefixes = ["10.0.1.0/24", "10.0.17.0/24", "10.0.18.0/24"]
subnet_names = ["sn1-${module.network.vnet_name}", "sn2-${module.network.vnet_name}", "sn3-${module.network.vnet_name}"] //sn1-vnet-ldo-euw-dev-01
subnet_service_endpoints = {
"sn1-${module.network.vnet_name}" = ["Microsoft.Storage"] // Adds extra subnet endpoints to sn1-vnet-ldo-euw-dev-01
"sn2-${module.network.vnet_name}" = ["Microsoft.Storage", "Microsoft.Sql"], // Adds extra subnet endpoints to sn2-vnet-ldo-euw-dev-01
"sn3-${module.network.vnet_name}" = ["Microsoft.AzureActiveDirectory"] // Adds extra subnet endpoints to sn3-vnet-ldo-euw-dev-01
}
subnet_delegation = {
"sn2-${module.network.vnet_name}" = {
"Microsoft.Network/dnsResolvers" = {
service_name = "Microsoft.Network/dnsResolvers"
service_actions = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
}
}
"sn3-${module.network.vnet_name}" = {
"Microsoft.Network/dnsResolvers" = {
service_name = "Microsoft.Network/dnsResolvers"
service_actions = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
}
}
}
}
module "private_resolver" {
source = "registry.terraform.io/libre-devops/dns-private-resolver/azapi"
rg_name = module.rg.rg_name // rg-ldo-euw-dev-build
location = module.rg.rg_location
tags = local.tags
rg_id = module.rg.rg_id
inbound_endpoint_name = "dnspr-iep-example"
outbound_endpoint_name = "dnspr-oep-example"
resolver_name = "lbdo-dnspr-01"
resolver_vnet_link_name = "lbdo-dnspr-link"
rule_set_name = "lbdo-dnspr-rule-set"
inbound_endpoint_subnet_id = element(values(module.network.subnets_ids), 1)
outbound_endpoint_subnet_id = element(values(module.network.subnets_ids), 2)
vnet_id = module.network.vnet_id
forwarding_rule_name = "dnspr-fowarding-rule-example"
forwarding_rule_domain_name_target = "libredevops.org."
forwarding_rule_domain_name_forwarding_dns_servers_info = [
{
ipAddress = "10.0.1.0"
port = 53
}
]
}
| Name | Version |
|---|---|
| azapi | >= 1.0.0 |
| Name | Version |
|---|---|
| azapi | 1.0.0 |
No modules.
| Name | Type |
|---|---|
| azapi_resource.forwarding_rule | resource |
| azapi_resource.inbound_endpoint | resource |
| azapi_resource.outbound_endpoint | resource |
| azapi_resource.private_resolver | resource |
| azapi_resource.resolver_vnet_link | resource |
| azapi_resource.rule_set | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| enable_forwarding_rule_set | Whether the forwarding rule resource should be created and enabled, defaults to true | bool |
true |
no |
| forwarding_rule_domain_name_forwarding_dns_servers_info | The object info for dns servers for the domain servers info, e.g. the domain you specify in your ruleset, if used. | list(object({ |
n/a | yes |
| forwarding_rule_domain_name_target | The name of the domain name the resolver is resolving for | string |
n/a | yes |
| forwarding_rule_name | The name of the forwarding rule | string |
n/a | yes |
| inbound_endpoint_name | The name of the inbound endpoint | string |
n/a | yes |
| inbound_endpoint_subnet_id | The subnet ID of for the inbound endpoint to be added to, must not collide with outbound endpoint subnet id | string |
n/a | yes |
| location | The location for this resource to be put in | string |
n/a | yes |
| outbound_endpoint_name | The name of the outbound endpoint | string |
n/a | yes |
| outbound_endpoint_subnet_id | The subnet ID for the NICs which are created with the VMs to be added to | string |
n/a | yes |
| resolver_name | The name of resolver | string |
n/a | yes |
| resolver_vnet_link_name | The name of the resolver's dns link | string |
n/a | yes |
| rg_id | The id of the resource group, this module does not create a resource group, it is expecting the value of a resource group already exists | string |
n/a | yes |
| rg_name | The name of the resource group, this module does not create a resource group, it is expecting the value of a resource group already exists | string |
n/a | yes |
| rule_set_name | The name of the ruleset | string |
n/a | yes |
| tags | A map of the tags to use on the resources that are deployed with this module. | map(string) |
{ |
no |
| vnet_id | ID of Vnet | string |
n/a | yes |
| Name | Description |
|---|---|
| private_resolver_id | The id of the resolver |
| private_resolver_inbound_endpoint_name | The name of the inbound endpoint |
| private_resolver_name | The name of the resolver |
| private_resolver_parent_id | The name of the parent_id |