terraform-docs

Azure Automation Fortinet Terraform.

git config --global init.templateDir ~/.git-template
pre-commit init-templatedir ~/.git-template
git clone https://github.com/robinmordasiewicz/fortinet-secure-cloud-blueprint-terraform

export TF_CLI_ARGS_init="-backend-config=backend.hcl"
terraform output -raw admin_password
terraform output -raw tls_private_key

git checkout main
git pull
git checkout <local-branch>
git merge main

gh workflow run environment.yml --ref Production -R robinmordasiewicz/fortinet-secure-cloud-blueprint-terraform

trivy fs --scanners vuln,config .

Install megalinter

npm install mega-linter-runner -g

Requirements

Name	Version
terraform	1.5.7
azurerm	3.77.0
random	3.5.1
tls	4.0.4

Providers

Name	Version
azurerm	3.77.0
random	3.5.1
tls	4.0.4

Modules

No modules.

Resources

Name	Type
azurerm_availability_set.fortinet_availability_set	resource
azurerm_disk_encryption_set.en_set	resource
azurerm_key_vault.vault	resource
azurerm_key_vault_access_policy.kv_access_policy_des	resource
azurerm_key_vault_key.key	resource
azurerm_linux_virtual_machine.fortigate_virtual_machine	resource
azurerm_linux_virtual_machine.fortiweb_virtual_machine	resource
azurerm_linux_virtual_machine.ubuntu_virtual_machine	resource
azurerm_managed_disk.fortiweb_log_disk	resource
azurerm_monitor_diagnostic_setting.example	resource
azurerm_network_ddos_protection_plan.ddos_protection_plan	resource
azurerm_network_interface.fortigate_dmz_network_interface	resource
azurerm_network_interface.fortigate_external_network_interface	resource
azurerm_network_interface.fortiweb_dmz_network_interface	resource
azurerm_network_interface.fortiweb_internal_network_interface	resource
azurerm_network_interface.ubuntu_dmz_network_interface	resource
azurerm_network_interface.ubuntu_internal_network_interface	resource
azurerm_network_interface_security_group_association.fortigate_association	resource
azurerm_network_security_group.nsg	resource
azurerm_network_security_group.private_nsg	resource
azurerm_network_security_group.vip_allow_https_tcp_nsg	resource
azurerm_public_ip.vip_public_ip	resource
azurerm_subnet.dmz_subnet	resource
azurerm_subnet.external_subnet	resource
azurerm_subnet.internal_subnet	resource
azurerm_subnet_network_security_group_association.dmz_subnet_association	resource
azurerm_subnet_network_security_group_association.external_subnet_association	resource
azurerm_subnet_network_security_group_association.internal_subnet_association	resource
azurerm_virtual_machine_data_disk_attachment.fortiweb_data_disk_attachment	resource
azurerm_virtual_network.vnet	resource
random_pet.admin_username	resource
random_string.azurerm_key_vault_key_name	resource
random_string.azurerm_key_vault_name	resource
tls_private_key.ssh_key	resource
azurerm_public_ip.vip_public_ip	data source
azurerm_resource_group.AZURE_RESOURCE_GROUP	data source
azurerm_subscription.current	data source

Inputs

Name	Description	Type	Default	Required
ARM_TENANT_ID	Azure Tenant ID	`string`	n/a	yes
AZURE_RESOURCE_GROUP_NAME	Name of the resource group.	`string`	n/a	yes
AZURE_SERVICE_PRINCIPAL_UUID	Azure service principal UUID	`string`	n/a	yes
AZURE_STORAGE_ACCOUNT_ID	ID of the Azure storage account.	`string`	n/a	yes
dmz-Name	DMZ Subnet Name.	`string`	n/a	yes
dmz-Prefix	DMZ Subnet Prefix.	`string`	n/a	yes
external-Name	External Subnet Name.	`string`	n/a	yes
external-Prefix	External Subnet Prefix.	`string`	n/a	yes
internal-Name	Internal Subnet Name.	`string`	n/a	yes
internal-Prefix	Internal Subnet Prefix.	`string`	n/a	yes
key_name	The name of the key to be created. The value will be randomly generated if blank.	`string`	`""`	no
key_opts	The permitted JSON web key operations of the key to be created.	`list(string)`	[ "decrypt", "encrypt", "sign", "unwrapKey", "verify", "wrapKey" ]	no
key_permissions	List of key permissions.	`list(string)`	[ "List", "Create", "Delete", "Get", "Purge", "Recover", "Update", "GetRotationPolicy", "SetRotationPolicy" ]	no
key_size	The size in bits of the key to be created.	`number`	`2048`	no
key_type	The JsonWebKeyType of the key to be created.	`string`	`"RSA"`	no
secret_permissions	List of secret permissions.	`list(string)`	[ "Set" ]	no
sku_name	The SKU of the vault to be created.	`string`	`"premium"`	no
storage_permissions	List of secret permissions.	`list(string)`	[ "Get" ]	no
vault_name	The name of the key vault to be created. The value will be randomly generated if blank.	`string`	`""`	no
vnetAddressPrefix	Virtual Network Address prefix.	`string`	n/a	yes

Outputs

Name	Description
admin_username	Username for admin account
availabilitySetFdc	Number of fault domains in the availability set.
availabilitySetId	ID of the Azure availability set.
availabilitySetName	Name of the Azure availability set.
azurerm_key_vault_id	ID of the Azure key vault
azurerm_key_vault_name	Name of the Azure key vault
currentSubscriptionDisplayName	Azure subscription Name
currentSubscriptionId	Azure subscription ID
resourceGroupName	Azure resource group for all objects
tls_private_key	TSL private key
ubuntuVmName	Ubuntu machine name.
vip_public_ip_address	Public IP address

Example terraform.auto.tfvars

vnetAddressPrefix = "10.0.0.0/16"
external-Name     = "external"
external-Prefix   = "10.0.1.0/24"
dmz-Name          = "dmz"
dmz-Prefix        = "10.0.2.0/24"
internal-Name     = "internal"
internal-Prefix   = "10.0.3.0/24"

Documentation

Requirements

Name	Version
terraform	1.6.2
azurerm	3.78.0
http	3.4.0
random	3.5.1
tls	4.0.4

Inputs

Name	Description	Type	Default	Required
AZURE_RESOURCE_GROUP_NAME	Name of the resource group.	`string`	n/a	yes
dmz-Name	DMZ Subnet Name.	`string`	n/a	yes
dmz-Prefix	DMZ Subnet Prefix.	`string`	n/a	yes
external-Name	External Subnet Name.	`string`	n/a	yes
external-Prefix	External Subnet Prefix.	`string`	n/a	yes
internal-Name	Internal Subnet Name.	`string`	n/a	yes
internal-Prefix	Internal Subnet Prefix.	`string`	n/a	yes
vnetAddressPrefix	Virtual Network Address prefix.	`string`	n/a	yes

Resources

Name	Type
azurerm_availability_set.fortinet_availability_set	resource
azurerm_linux_virtual_machine.fortigate_virtual_machine	resource
azurerm_linux_virtual_machine.fortiweb_virtual_machine	resource
azurerm_linux_virtual_machine.ubuntu_virtual_machine	resource
azurerm_managed_disk.fortiweb_log_disk	resource
azurerm_network_ddos_protection_plan.ddos_protection_plan	resource
azurerm_network_interface.fortigate_dmz_network_interface	resource
azurerm_network_interface.fortigate_external_network_interface	resource
azurerm_network_interface.fortiweb_dmz_network_interface	resource
azurerm_network_interface.fortiweb_internal_network_interface	resource
azurerm_network_interface.ubuntu_dmz_network_interface	resource
azurerm_network_interface.ubuntu_internal_network_interface	resource
azurerm_network_interface_security_group_association.fortigate_association	resource
azurerm_network_security_group.nsg	resource
azurerm_network_security_group.private_nsg	resource
azurerm_network_security_group.vip_allow_https_tcp_nsg	resource
azurerm_public_ip.vip_public_ip	resource
azurerm_subnet.dmz_subnet	resource
azurerm_subnet.external_subnet	resource
azurerm_subnet.internal_subnet	resource
azurerm_subnet_network_security_group_association.dmz_subnet_association	resource
azurerm_subnet_network_security_group_association.external_subnet_association	resource
azurerm_subnet_network_security_group_association.internal_subnet_association	resource
azurerm_virtual_machine_data_disk_attachment.fortiweb_data_disk_attachment	resource
azurerm_virtual_network.vnet	resource
random_pet.admin_username	resource
tls_private_key.ssh_key	resource
azurerm_public_ip.vip_public_ip	data source
azurerm_resource_group.AZURE_RESOURCE_GROUP	data source
azurerm_subscription.current	data source
http_http.terraform	data source

Outputs

Name	Description
admin_username	Username for admin account
availabilitySetFdc	Number of fault domains in the availability set.
availabilitySetId	ID of the Azure availability set.
availabilitySetName	Name of the Azure availability set.
currentSubscriptionDisplayName	Azure subscription Name
currentSubscriptionId	Azure subscription ID
resourceGroupName	Azure resource group for all objects
terraform_version	Terraform Version
tls_private_key	TSL private key
ubuntuVmName	Ubuntu machine name.
vip_public_ip_address	Public IP address

Name		Name	Last commit message	Last commit date
Latest commit History 801 Commits
.github		.github
.infracost		.infracost
cloud-init		cloud-init
policies.bak		policies.bak
policies		policies
.cspell.json		.cspell.json
.editorconfig		.editorconfig
.gitignore		.gitignore
.gitleaksignore		.gitleaksignore
.jscpd.json		.jscpd.json
.markdownlint.json		.markdownlint.json
.mega-linter.yml		.mega-linter.yml
.mega-linter.yml.orig		.mega-linter.yml.orig
.pre-commit-config.yaml		.pre-commit-config.yaml
.secretlintignore		.secretlintignore
.secrets.baseline		.secrets.baseline
.secretsignore		.secretsignore
.terraform-docs.yml		.terraform-docs.yml
.tflint.hcl		.tflint.hcl
.yamllint		.yamllint
README.md		README.md
SECURITY.md		SECURITY.md
admin-username.tf		admin-username.tf
availability_set.tf		availability_set.tf
data.tf		data.tf
fdevsec.yaml		fdevsec.yaml
fortigate_virtual_machine.tf		fortigate_virtual_machine.tf
fortiweb_virtual_machine.tf		fortiweb_virtual_machine.tf
go.sum		go.sum
links.txt		links.txt
network_security.tf		network_security.tf
outputs.tf		outputs.tf
resource-group.tf		resource-group.tf
subnet.tf		subnet.tf
terraform.auto.tfvars		terraform.auto.tfvars
terraform.tf		terraform.tf
terraform.tftest.hcl		terraform.tftest.hcl
tls_private_key.tf		tls_private_key.tf
ubuntu_virtual_machine.tf		ubuntu_virtual_machine.tf
variables.tf		variables.tf
virtual_network.tf		virtual_network.tf

robinmordasiewicz/fortinet-secure-cloud-blueprint-terraform

Folders and files

Latest commit

History

Repository files navigation

terraform-docs

Install megalinter

Requirements

Providers

Modules

Resources

Inputs

Outputs

Example terraform.auto.tfvars

Documentation

Requirements

Inputs

Resources

Outputs

About

Resources

Security policy

Stars

Watchers

Forks

Languages