From 96fdce179fe6b31d29716a68f08d28cea8fc9226 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 30 May 2024 12:40:10 +0000 Subject: [PATCH 1/2] Apply terraform fmt --- databricks_access_connectors.tf | 12 ++--- .../configuration.tfvars | 40 +++++++-------- .../aks.tfvars | 2 +- .../configuration.tfvars | 12 ++--- .../configuration.tfvars | 18 +++---- .../configuration.tfvars | 2 +- .../configuration.tfvars | 20 ++++---- examples/mssql_mi/200-mi/configuration.tfvars | 2 +- examples/mssql_mi/200-mi/nsg.tfvars | 2 +- .../recovery_vaults.tfvars | 30 +++++------ .../configuration.tfvars | 8 +-- .../configuration.tfvars | 4 +- .../configuration.tfvars | 2 +- examples/tests/mock/e2e_plan.tftest.hcl | 2 +- examples/variables.tf | 2 +- .../configuration.tfvars | 16 +++--- .../databricks_access_connector/main.tf | 4 +- .../databricks_access_connector/module.tf | 2 +- modules/apim/api_management/module.tf | 2 +- .../container_app_dapr_component.tf | 12 ++--- .../virtual_machine/dynamic_custom_data.tf | 28 +++++------ modules/compute/virtual_machine/vm_disk.tf | 2 +- modules/compute/virtual_machine/vm_linux.tf | 50 +++++++++---------- .../assignment_virtual_machine/main.tf | 4 +- .../assignment_virtual_machine/module.tf | 2 +- modules/maintenance/configuration/module.tf | 6 +-- modules/maintenance/configuration/outputs.tf | 4 +- .../private_endpoint/private_endpoint.tf | 6 +-- modules/networking/virtual_wan/virtual_wan.tf | 2 +- .../backup_policies_vm_workload.tf | 2 +- modules/recovery_vault/outputs.tf | 2 +- modules/roles/custom_roles/module.tf | 2 +- msssql_managed_instances.tf | 16 +++--- msssql_managed_instances_v1.tf | 16 +++--- 34 files changed, 168 insertions(+), 168 deletions(-) diff --git a/databricks_access_connectors.tf b/databricks_access_connectors.tf index 108aaf3e99..87975da0bb 100644 --- a/databricks_access_connectors.tf +++ b/databricks_access_connectors.tf @@ -2,12 +2,12 @@ module "databricks_access_connectors" { source = "./modules/analytics/databricks_access_connector" for_each = local.database.databricks_access_connectors - client_config = local.client_config - global_settings = local.global_settings - name = each.value.name - settings = each.value - resource_groups = local.combined_objects_resource_groups - base_tags = local.global_settings.inherit_tags + client_config = local.client_config + global_settings = local.global_settings + name = each.value.name + settings = each.value + resource_groups = local.combined_objects_resource_groups + base_tags = local.global_settings.inherit_tags remote_objects = { managed_identities = local.combined_objects_managed_identities } diff --git a/examples/apim/118-api_management_platform_stv2/configuration.tfvars b/examples/apim/118-api_management_platform_stv2/configuration.tfvars index 605fed4e7d..59892b21df 100644 --- a/examples/apim/118-api_management_platform_stv2/configuration.tfvars +++ b/examples/apim/118-api_management_platform_stv2/configuration.tfvars @@ -26,20 +26,20 @@ vnets = { region = "region1" vnet = { name = "example-uks" # prefix-vnet-example-uks - address_space = ["10.0.0.0/16"] + address_space = ["10.0.0.0/16"] } subnets = { - + # Example subnet for APIM private endpoint - + snet_example_apim_uks = { - name = "example-apim-uks" #prefix-snet-example-apim-uks - cidr = ["10.0.1.0/24"] - nsg_key = "nsg_example_apim_uks" - # route_table_key = "" + name = "example-apim-uks" #prefix-snet-example-apim-uks + cidr = ["10.0.1.0/24"] + nsg_key = "nsg_example_apim_uks" + # route_table_key = "" service_endpoints = ["Microsoft.KeyVault", "Microsoft.Storage", "Microsoft.Sql", "Microsoft.EventHub", "Microsoft.ServiceBus"] # service endpoints required for APIM } - } + } } } @@ -142,31 +142,31 @@ public_ip_addresses = { api_management = { apim_uks = { - name = "example-uks" # prefix-apim-example-uks - resource_group_key = "rg_example_apim_uks" - publisher_name = "apim.example.sre.com" - publisher_email = "example.apim@sre.com" - sku_name = "Developer_1" # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management#sku_name - region = "region1" + name = "example-uks" # prefix-apim-example-uks + resource_group_key = "rg_example_apim_uks" + publisher_name = "apim.example.sre.com" + publisher_email = "example.apim@sre.com" + sku_name = "Developer_1" # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management#sku_name + region = "region1" # Required to deploy APIM on platform verions stv2.* - public_ip_address = { - key = "pip_apim_uks" - # lz_key = "" - } + public_ip_address = { + key = "pip_apim_uks" + # lz_key = "" + } virtual_network_type = "Internal" # The type of virtual network you want to use, valid values include: None, External, Internal. Defaults to None. virtual_network_configuration = { vnet_key = "vnet_example_uks" subnet_key = "snet_example_apim_uks" - # lz_key = "" + # lz_key = "" } identity = { type = "UserAssigned" managed_identity_keys = ["msi_apim_uks"] } - + portal = { host_name = "example.apim.com" } diff --git a/examples/compute/kubernetes_services/108-single-cluster-remote-adgroup-admin/aks.tfvars b/examples/compute/kubernetes_services/108-single-cluster-remote-adgroup-admin/aks.tfvars index f147de340c..da406c0403 100644 --- a/examples/compute/kubernetes_services/108-single-cluster-remote-adgroup-admin/aks.tfvars +++ b/examples/compute/kubernetes_services/108-single-cluster-remote-adgroup-admin/aks.tfvars @@ -39,7 +39,7 @@ aks_clusters = { addon_profile = { oms_agent = { - log_analytics_key = "central_logs_region1" + log_analytics_key = "central_logs_region1" msi_auth_for_monitoring_enabled = true } } diff --git a/examples/compute/virtual_machine/113-single-linux-custom-data-template/configuration.tfvars b/examples/compute/virtual_machine/113-single-linux-custom-data-template/configuration.tfvars index 35822f8398..42b9ea57b3 100644 --- a/examples/compute/virtual_machine/113-single-linux-custom-data-template/configuration.tfvars +++ b/examples/compute/virtual_machine/113-single-linux-custom-data-template/configuration.tfvars @@ -63,23 +63,23 @@ virtual_machines = { disable_password_authentication = true custom_data = { - templatefile = "compute/virtual_machine/113-single-linux-custom-data-template/custom_data.tpl" - my_value = "my_value" + templatefile = "compute/virtual_machine/113-single-linux-custom-data-template/custom_data.tpl" + my_value = "my_value" } dynamic_custom_data = { vnets = { - vnet_region1 ={} + vnet_region1 = {} } storage_accounts = { sa1 = { - file_share = "share1" - file_share_directory = "dir1" + file_share = "share1" + file_share_directory = "dir1" } } keyvault_keys = { key1 = { keyvault_key = "example_vm_rg1" - name = "disk-key" + name = "disk-key" } } } diff --git a/examples/databricks_access_connectors/100-databricks_access_connectors/configuration.tfvars b/examples/databricks_access_connectors/100-databricks_access_connectors/configuration.tfvars index b3dd3e7fb8..e7ece91817 100644 --- a/examples/databricks_access_connectors/100-databricks_access_connectors/configuration.tfvars +++ b/examples/databricks_access_connectors/100-databricks_access_connectors/configuration.tfvars @@ -13,16 +13,16 @@ resource_groups = { databricks_access_connectors = { dac_1 = { - name = "example-name" - resource_group_key = "dac_test" - identity = { - type = "UserAssigned" #SystemAssigned - managed_identity_keys = ["dac_test"] + name = "example-name" + resource_group_key = "dac_test" + identity = { + type = "UserAssigned" #SystemAssigned + managed_identity_keys = ["dac_test"] + } + tags = { + test = "test" + test1 = "test1" } - tags = { - test = "test" - test1 = "test1" - } } } diff --git a/examples/maintenance_configuration/200-maintenance-configuration-assignment-vm-windows/configuration.tfvars b/examples/maintenance_configuration/200-maintenance-configuration-assignment-vm-windows/configuration.tfvars index dae867700e..dc7b8369b2 100644 --- a/examples/maintenance_configuration/200-maintenance-configuration-assignment-vm-windows/configuration.tfvars +++ b/examples/maintenance_configuration/200-maintenance-configuration-assignment-vm-windows/configuration.tfvars @@ -94,7 +94,7 @@ virtual_machines = { priority = "Spot" eviction_policy = "Deallocate" - patch_mode = "AutomaticByPlatform" + patch_mode = "AutomaticByPlatform" bypass_platform_safety_checks_on_user_schedule_enabled = true # When you want to load the file from the folder in the custom_data always use the relative path from the caf_solution in landing zones custom_data = "../../examples/compute/virtual_machine/101-single-windows-vm/scripts/custom.ps1" diff --git a/examples/maintenance_configuration/201-maintenance-configuration-assignment-vm-linux/configuration.tfvars b/examples/maintenance_configuration/201-maintenance-configuration-assignment-vm-linux/configuration.tfvars index fa7f0951d4..2da8bdcddc 100644 --- a/examples/maintenance_configuration/201-maintenance-configuration-assignment-vm-linux/configuration.tfvars +++ b/examples/maintenance_configuration/201-maintenance-configuration-assignment-vm-linux/configuration.tfvars @@ -6,7 +6,7 @@ global_settings = { } inherit_tags = true - + resource_defaults = { virtual_machines = { # set the below to enable az managed boot diagostics for vms @@ -70,17 +70,17 @@ virtual_machines = { # Spot VM to save money priority = "Spot" eviction_policy = "Deallocate" - - patch_mode = "AutomaticByPlatform" + + patch_mode = "AutomaticByPlatform" bypass_platform_safety_checks_on_user_schedule_enabled = true # Value of the nic keys to attach the VM. The first one in the list is the default nic network_interface_keys = ["nic0"] os_disk = { - name = "example_vm1-os" - caching = "ReadWrite" - storage_account_type = "Standard_LRS" + name = "example_vm1-os" + caching = "ReadWrite" + storage_account_type = "Standard_LRS" } identity = { type = "SystemAssigned" #SystemAssigned OR UserAssigned OR SystemAssigned, UserAssigned @@ -105,10 +105,10 @@ virtual_machines = { name = "server1-data1" storage_account_type = "Standard_LRS" # Only Empty is supported. More community contributions required to cover other scenarios - create_option = "Empty" - disk_size_gb = "10" - lun = 1 - zones = ["1"] + create_option = "Empty" + disk_size_gb = "10" + lun = 1 + zones = ["1"] } } } diff --git a/examples/mssql_mi/200-mi/configuration.tfvars b/examples/mssql_mi/200-mi/configuration.tfvars index 962c048b99..8eea3a3122 100644 --- a/examples/mssql_mi/200-mi/configuration.tfvars +++ b/examples/mssql_mi/200-mi/configuration.tfvars @@ -21,7 +21,7 @@ vnets = { resource_group_key = "networking_region1" vnet = { name = "sqlmi-rg1" - address_space = ["172.25.88.0/21","10.2.0.0/24"] + address_space = ["172.25.88.0/21", "10.2.0.0/24"] } subnets = { sqlmi1 = { diff --git a/examples/mssql_mi/200-mi/nsg.tfvars b/examples/mssql_mi/200-mi/nsg.tfvars index d07e9224d5..d5bb2718bb 100644 --- a/examples/mssql_mi/200-mi/nsg.tfvars +++ b/examples/mssql_mi/200-mi/nsg.tfvars @@ -84,6 +84,6 @@ network_security_group_definition = { ] } subnet02 = { - nsg= [] + nsg = [] } } diff --git a/examples/recovery_vault/106-backupvault-with-sqldatabase-saphana/recovery_vaults.tfvars b/examples/recovery_vault/106-backupvault-with-sqldatabase-saphana/recovery_vaults.tfvars index b744f026c2..b740c02701 100644 --- a/examples/recovery_vault/106-backupvault-with-sqldatabase-saphana/recovery_vaults.tfvars +++ b/examples/recovery_vault/106-backupvault-with-sqldatabase-saphana/recovery_vaults.tfvars @@ -10,11 +10,11 @@ recovery_vaults = { backup_policies = { vm_workloads = { sql = { - name = "SQLTest" - workload_type = "SQLDataBase" - vault_key = "asr1" - rg_key = "primary" - timezone = "UTC" + name = "SQLTest" + workload_type = "SQLDataBase" + vault_key = "asr1" + rg_key = "primary" + timezone = "UTC" compression_enabled = false protection_policies = { sqlfull = { @@ -23,8 +23,8 @@ recovery_vaults = { frequency = "Daily" time = "15:00" } - retention_daily = { - count = 8 + retention_daily = { + count = 8 } } sqllog = { @@ -39,11 +39,11 @@ recovery_vaults = { } } saphana = { - name = "SAPHANATest" - workload_type = "SAPHanaDatabase" - vault_key = "asr1" - rg_key = "primary" - timezone = "UTC" + name = "SAPHANATest" + workload_type = "SAPHanaDatabase" + vault_key = "asr1" + rg_key = "primary" + timezone = "UTC" compression_enabled = false protection_policies = { saphanafull = { @@ -52,8 +52,8 @@ recovery_vaults = { frequency = "Daily" time = "15:00" } - retention_daily = { - count = 8 + retention_daily = { + count = 8 } } saphanalog = { @@ -65,7 +65,7 @@ recovery_vaults = { count = 8 } } - } + } } } } diff --git a/examples/role_mapping/102-azure-openai-managed-identity/configuration.tfvars b/examples/role_mapping/102-azure-openai-managed-identity/configuration.tfvars index 875f053a47..873eb25a94 100644 --- a/examples/role_mapping/102-azure-openai-managed-identity/configuration.tfvars +++ b/examples/role_mapping/102-azure-openai-managed-identity/configuration.tfvars @@ -16,16 +16,16 @@ cognitive_services_account = { resource_group = { key = "rg1" } - name = "pinecone-llm-demoopenai" - kind = "OpenAI" - sku_name = "S0" + name = "pinecone-llm-demoopenai" + kind = "OpenAI" + sku_name = "S0" custom_subdomain_name = "cs-alz-caf-llm-demoopenai" } } managed_identities = { workload-msi = { - name = "example-msi-openai-rolemap-msi" + name = "example-msi-openai-rolemap-msi" resource_group_key = "rg1" } } diff --git a/examples/search_service/100-search-service-both-apikeys-and-azuread/configuration.tfvars b/examples/search_service/100-search-service-both-apikeys-and-azuread/configuration.tfvars index 2d302c73f8..a849c3cfca 100644 --- a/examples/search_service/100-search-service-both-apikeys-and-azuread/configuration.tfvars +++ b/examples/search_service/100-search-service-both-apikeys-and-azuread/configuration.tfvars @@ -25,8 +25,8 @@ vnets = { } subnets = { default = { - name = "default" - cidr = ["10.5.1.0/24"] + name = "default" + cidr = ["10.5.1.0/24"] } } } diff --git a/examples/search_service/102-search-service-only-azuread/configuration.tfvars b/examples/search_service/102-search-service-only-azuread/configuration.tfvars index fa4190a82c..fd91a13b81 100644 --- a/examples/search_service/102-search-service-only-azuread/configuration.tfvars +++ b/examples/search_service/102-search-service-only-azuread/configuration.tfvars @@ -22,7 +22,7 @@ search_services = { identity = { type = "SystemAssigned" } - local_authentication_enabled = false + local_authentication_enabled = false # public_network_access_enabled = true # allowed_ips = ["13.478.57.73"] } diff --git a/examples/tests/mock/e2e_plan.tftest.hcl b/examples/tests/mock/e2e_plan.tftest.hcl index a9d1cb2780..213502c713 100644 --- a/examples/tests/mock/e2e_plan.tftest.hcl +++ b/examples/tests/mock/e2e_plan.tftest.hcl @@ -3,7 +3,7 @@ mock_provider "azurerm" { } mock_provider "azurerm" { - alias = "vhub" + alias = "vhub" source = "./tests/mock_data" } diff --git a/examples/variables.tf b/examples/variables.tf index 0e46b8498f..53625d0dd2 100644 --- a/examples/variables.tf +++ b/examples/variables.tf @@ -1130,7 +1130,7 @@ variable "maintenance_assignment_virtual_machine" { default = {} } variable "search_services" { - default = {} + default = {} } variable "load_test" { default = {} diff --git a/examples/webapps/appservice/103-appservice-extend/configuration.tfvars b/examples/webapps/appservice/103-appservice-extend/configuration.tfvars index f4cd1fcc04..b01dcbc5a3 100644 --- a/examples/webapps/appservice/103-appservice-extend/configuration.tfvars +++ b/examples/webapps/appservice/103-appservice-extend/configuration.tfvars @@ -52,19 +52,19 @@ app_services = { ip_restriction = [ { - name = "deny-all-traffic" - action = "Deny" - ip_address = "0.0.0.0/0" - priority = 65000 + name = "deny-all-traffic" + action = "Deny" + ip_address = "0.0.0.0/0" + priority = 65000 } ] scm_ip_restriction = [ { - name = "allow-all-traffic" - action = "Allow" - ip_address = "0.0.0.0/0" - priority = 65000 + name = "allow-all-traffic" + action = "Allow" + ip_address = "0.0.0.0/0" + priority = 65000 } ] } diff --git a/modules/analytics/databricks_access_connector/main.tf b/modules/analytics/databricks_access_connector/main.tf index 00369bb2be..f6a34ca013 100644 --- a/modules/analytics/databricks_access_connector/main.tf +++ b/modules/analytics/databricks_access_connector/main.tf @@ -5,8 +5,8 @@ locals { try(var.settings.tags, null) ) : try(var.settings.tags, null) - - resource_group = var.resource_groups[try(var.settings.lz_key, var.settings.resource_group.lz_key, var.client_config.landingzone_key)][try(var.settings.resource_group.key, var.settings.resource_group_key)] + + resource_group = var.resource_groups[try(var.settings.lz_key, var.settings.resource_group.lz_key, var.client_config.landingzone_key)][try(var.settings.resource_group.key, var.settings.resource_group_key)] } terraform { diff --git a/modules/analytics/databricks_access_connector/module.tf b/modules/analytics/databricks_access_connector/module.tf index 9da6636dfb..4b577f596f 100644 --- a/modules/analytics/databricks_access_connector/module.tf +++ b/modules/analytics/databricks_access_connector/module.tf @@ -11,5 +11,5 @@ resource "azurerm_databricks_access_connector" "databricks_access_connector" { identity_ids = concat(local.managed_identities, try(identity.value.identity_ids, [])) } } - + } diff --git a/modules/apim/api_management/module.tf b/modules/apim/api_management/module.tf index 65c1a777f1..59e188c6a6 100644 --- a/modules/apim/api_management/module.tf +++ b/modules/apim/api_management/module.tf @@ -17,7 +17,7 @@ resource "azurerm_api_management" "apim" { publisher_email = var.settings.publisher_email sku_name = var.settings.sku_name - public_ip_address_id = can(var.settings.public_ip_address_id) ? var.settings.public_ip_address_id : can(var.settings.public_ip_address.key) ? var.public_ip_addresses[try(var.settings.public_ip_address.lz_key, var.client_config.landingzone_key)][var.settings.public_ip_address.key].id : null + public_ip_address_id = can(var.settings.public_ip_address_id) ? var.settings.public_ip_address_id : can(var.settings.public_ip_address.key) ? var.public_ip_addresses[try(var.settings.public_ip_address.lz_key, var.client_config.landingzone_key)][var.settings.public_ip_address.key].id : null dynamic "additional_location" { for_each = try(var.settings.additional_location, null) != null ? [var.settings.additional_location] : [] diff --git a/modules/compute/container_app_dapr_component/container_app_dapr_component.tf b/modules/compute/container_app_dapr_component/container_app_dapr_component.tf index 5944658593..c3f47aef36 100644 --- a/modules/compute/container_app_dapr_component/container_app_dapr_component.tf +++ b/modules/compute/container_app_dapr_component/container_app_dapr_component.tf @@ -9,11 +9,11 @@ resource "azurerm_container_app_environment_dapr_component" "cadc" { dynamic "metadata" { for_each = try(var.settings.metadata, {}) - + content { - name = metadata.value.name - secret_name = try(metadata.value.secret_name, null) - value = try(metadata.value.value, null) + name = metadata.value.name + secret_name = try(metadata.value.secret_name, null) + value = try(metadata.value.value, null) } } @@ -21,8 +21,8 @@ resource "azurerm_container_app_environment_dapr_component" "cadc" { for_each = try(var.settings.secret, {}) content { - name = secret.value.name - value = secret.value.value + name = secret.value.name + value = secret.value.value } } } diff --git a/modules/compute/virtual_machine/dynamic_custom_data.tf b/modules/compute/virtual_machine/dynamic_custom_data.tf index c47299c4ee..2b2623b53e 100644 --- a/modules/compute/virtual_machine/dynamic_custom_data.tf +++ b/modules/compute/virtual_machine/dynamic_custom_data.tf @@ -1,6 +1,6 @@ data "azurerm_key_vault_secret" "custom_data" { - for_each = local.os_type == "linux" ? try({for k,v in local.dynamic_custom_data_to_process["keyvaults"]: k => v }, {}) : {} + for_each = local.os_type == "linux" ? try({ for k, v in local.dynamic_custom_data_to_process["keyvaults"] : k => v }, {}) : {} key_vault_id = var.keyvaults[try(each.value.lz_key, var.client_config.landingzone_key)][each.value.keyvault_key].id name = each.value.name @@ -8,7 +8,7 @@ data "azurerm_key_vault_secret" "custom_data" { } data "azurerm_key_vault_key" "custom_data" { - for_each = local.os_type == "linux" ? try({for k,v in local.dynamic_custom_data_to_process["keyvault_keys"]: k =>v }, {}) : {} + for_each = local.os_type == "linux" ? try({ for k, v in local.dynamic_custom_data_to_process["keyvault_keys"] : k => v }, {}) : {} key_vault_id = var.keyvaults[try(each.value.lz_key, var.client_config.landingzone_key)][each.value.keyvault_key].id name = each.value.name @@ -17,7 +17,7 @@ data "azurerm_key_vault_key" "custom_data" { } data "azurerm_key_vault_certificate" "custom_data" { - for_each = local.os_type == "linux" ? try({for k,v in local.dynamic_custom_data_to_process["keyvault_certificates"]: k => v }, {}) : {} + for_each = local.os_type == "linux" ? try({ for k, v in local.dynamic_custom_data_to_process["keyvault_certificates"] : k => v }, {}) : {} key_vault_id = var.keyvaults[try(each.value.lz_key, var.client_config.landingzone_key)][each.value.keyvault_key].id name = each.value.name @@ -25,7 +25,7 @@ data "azurerm_key_vault_certificate" "custom_data" { } locals { - + palo_alto_connection_string = { for item in var.settings.virtual_machine_settings : item.name => base64encode("storage-account=${var.storage_accounts[var.client_config.landingzone_key][item.palo_alto_connection_string.storage_account].name}, access-key=${var.storage_accounts[var.client_config.landingzone_key][item.palo_alto_connection_string.storage_account].primary_access_key}, file-share=${var.storage_accounts[var.client_config.landingzone_key][item.palo_alto_connection_string.storage_account].file_share[item.palo_alto_connection_string.file_share].name}, share-directory=${var.storage_accounts[var.client_config.landingzone_key][item.palo_alto_connection_string.storage_account].file_share[item.palo_alto_connection_string.file_share].file_share_directories[item.palo_alto_connection_string.file_share_directory].name}") @@ -33,14 +33,14 @@ locals { } combined_objects = { - storage_accounts = var.storage_accounts - keyvaults = var.keyvaults - keyvault_keys = try(data.azurerm_key_vault_key.custom_data,{}) - keyvault_secrets = try(data.azurerm_key_vault_secret.custom_data,{}) - keyvault_certificates = try(data.azurerm_key_vault_certificate.custom_data,{}) - vnets = var.vnets + storage_accounts = var.storage_accounts + keyvaults = var.keyvaults + keyvault_keys = try(data.azurerm_key_vault_key.custom_data, {}) + keyvault_secrets = try(data.azurerm_key_vault_secret.custom_data, {}) + keyvault_certificates = try(data.azurerm_key_vault_certificate.custom_data, {}) + vnets = var.vnets } - + dynamic_custom_data_to_process = { for setting in flatten([ @@ -55,10 +55,10 @@ locals { ]) : setting.key => setting.value } - dynamic_custom_data_combined_objects ={ - for key, value in local.dynamic_custom_data_to_process: key => + dynamic_custom_data_combined_objects = { + for key, value in local.dynamic_custom_data_to_process : key => { - for k,v in value: k => try(local.combined_objects[key][try(v.lz_key, var.client_config.landingzone_key)][k], local.combined_objects[key][k]) + for k, v in value : k => try(local.combined_objects[key][try(v.lz_key, var.client_config.landingzone_key)][k], local.combined_objects[key][k]) } } diff --git a/modules/compute/virtual_machine/vm_disk.tf b/modules/compute/virtual_machine/vm_disk.tf index 3195a8945a..506ad2e2a2 100644 --- a/modules/compute/virtual_machine/vm_disk.tf +++ b/modules/compute/virtual_machine/vm_disk.tf @@ -10,7 +10,7 @@ data "azurecaf_name" "disk" { use_slug = var.global_settings.use_slug } -resource "azurerm_managed_disk" "disk" { +resource "azurerm_managed_disk" "disk" { for_each = lookup(var.settings, "data_disks", {}) name = data.azurecaf_name.disk[each.key].result diff --git a/modules/compute/virtual_machine/vm_linux.tf b/modules/compute/virtual_machine/vm_linux.tf index 5bd8b073e9..6703623b32 100644 --- a/modules/compute/virtual_machine/vm_linux.tf +++ b/modules/compute/virtual_machine/vm_linux.tf @@ -46,7 +46,7 @@ data "azurecaf_name" "os_disk_linux" { use_slug = var.global_settings.use_slug } resource "local_sensitive_file" "custom_data" { - for_each = local.os_type == "linux" ? try({for k,v in var.settings.virtual_machine_settings : k => v if can(v.custom_data.templatefile)} , {}) : {} + for_each = local.os_type == "linux" ? try({ for k, v in var.settings.virtual_machine_settings : k => v if can(v.custom_data.templatefile) }, {}) : {} content = templatefile(try(format("%s/%s", path.cwd, each.value.custom_data.templatefile), each.value.custom_data.templatefile), merge(each.value.custom_data, local.dynamic_custom_data)) filename = try(format("%s/%s.out", path.cwd, each.value.custom_data.templatefile), each.value.custom_data.templatefile) } @@ -54,37 +54,37 @@ resource "local_sensitive_file" "custom_data" { resource "azurerm_linux_virtual_machine" "vm" { for_each = local.os_type == "linux" ? var.settings.virtual_machine_settings : {} - admin_password = each.value.disable_password_authentication == false ? each.value.admin_password : null - admin_username = each.value.admin_username - allow_extension_operations = try(each.value.allow_extension_operations, null) - availability_set_id = can(each.value.availability_set_key) || can(each.value.availability_set.key) ? var.availability_sets[try(var.client_config.landingzone_key, each.value.availability_set.lz_key)][try(each.value.availability_set_key, each.value.availability_set.key)].id : try(each.value.availability_set.id, each.value.availability_set_id, null) - computer_name = data.azurecaf_name.linux_computer_name[each.key].result - disable_password_authentication = try(each.value.disable_password_authentication, true) - encryption_at_host_enabled = try(each.value.encryption_at_host_enabled, null) - eviction_policy = try(each.value.eviction_policy, null) - license_type = try(each.value.license_type, null) - location = local.location - max_bid_price = try(each.value.max_bid_price, null) - name = data.azurecaf_name.linux[each.key].result - network_interface_ids = local.nic_ids + admin_password = each.value.disable_password_authentication == false ? each.value.admin_password : null + admin_username = each.value.admin_username + allow_extension_operations = try(each.value.allow_extension_operations, null) + availability_set_id = can(each.value.availability_set_key) || can(each.value.availability_set.key) ? var.availability_sets[try(var.client_config.landingzone_key, each.value.availability_set.lz_key)][try(each.value.availability_set_key, each.value.availability_set.key)].id : try(each.value.availability_set.id, each.value.availability_set_id, null) + computer_name = data.azurecaf_name.linux_computer_name[each.key].result + disable_password_authentication = try(each.value.disable_password_authentication, true) + encryption_at_host_enabled = try(each.value.encryption_at_host_enabled, null) + eviction_policy = try(each.value.eviction_policy, null) + license_type = try(each.value.license_type, null) + location = local.location + max_bid_price = try(each.value.max_bid_price, null) + name = data.azurecaf_name.linux[each.key].result + network_interface_ids = local.nic_ids bypass_platform_safety_checks_on_user_schedule_enabled = try(each.value.bypass_platform_safety_checks_on_user_schedule_enabled, null) # (Optional) Specifies the mode of in-guest patching to this Linux Virtual Machine. Possible values are AutomaticByPlatform and ImageDefault. Defaults to ImageDefault. For more information on patch modes please see the product documentation. - patch_mode = try(each.value.patch_mode, "ImageDefault") - priority = try(each.value.priority, null) - provision_vm_agent = try(each.value.provision_vm_agent, true) - proximity_placement_group_id = can(each.value.proximity_placement_group_key) || can(each.value.proximity_placement_group.key) ? var.proximity_placement_groups[try(var.client_config.landingzone_key, var.client_config.landingzone_key)][try(each.value.proximity_placement_group_key, each.value.proximity_placement_group.key)].id : try(each.value.proximity_placement_group_id, each.value.proximity_placement_group.id, null) - resource_group_name = local.resource_group_name - size = each.value.size - tags = merge(local.tags, try(each.value.tags, null)) - zone = try(each.value.zone, null) - secure_boot_enabled = try(each.value.secure_boot_enabled, null) - vtpm_enabled = try(each.value.vtpm_enabled, null) + patch_mode = try(each.value.patch_mode, "ImageDefault") + priority = try(each.value.priority, null) + provision_vm_agent = try(each.value.provision_vm_agent, true) + proximity_placement_group_id = can(each.value.proximity_placement_group_key) || can(each.value.proximity_placement_group.key) ? var.proximity_placement_groups[try(var.client_config.landingzone_key, var.client_config.landingzone_key)][try(each.value.proximity_placement_group_key, each.value.proximity_placement_group.key)].id : try(each.value.proximity_placement_group_id, each.value.proximity_placement_group.id, null) + resource_group_name = local.resource_group_name + size = each.value.size + tags = merge(local.tags, try(each.value.tags, null)) + zone = try(each.value.zone, null) + secure_boot_enabled = try(each.value.secure_boot_enabled, null) + vtpm_enabled = try(each.value.vtpm_enabled, null) custom_data = try( try( try(local_sensitive_file.custom_data[each.key].content_base64, local.dynamic_custom_data[each.value.custom_data][each.value.name]), - try(filebase64(format("%s/%s", path.cwd, each.value.custom_data)), base64encode(each.value.custom_data))), + try(filebase64(format("%s/%s", path.cwd, each.value.custom_data)), base64encode(each.value.custom_data))), null) diff --git a/modules/maintenance/assignment_virtual_machine/main.tf b/modules/maintenance/assignment_virtual_machine/main.tf index 02833ea709..7c28cbbdb3 100644 --- a/modules/maintenance/assignment_virtual_machine/main.tf +++ b/modules/maintenance/assignment_virtual_machine/main.tf @@ -10,6 +10,6 @@ locals { module_tag = { "module" = basename(abspath(path.module)) } - tags = merge(var.base_tags, local.module_tag, try(var.tags, null)) - location = var.location + tags = merge(var.base_tags, local.module_tag, try(var.tags, null)) + location = var.location } \ No newline at end of file diff --git a/modules/maintenance/assignment_virtual_machine/module.tf b/modules/maintenance/assignment_virtual_machine/module.tf index 2ea9ff6338..8db2502a19 100644 --- a/modules/maintenance/assignment_virtual_machine/module.tf +++ b/modules/maintenance/assignment_virtual_machine/module.tf @@ -1,4 +1,4 @@ -resource "azurerm_maintenance_assignment_virtual_machine" "maintenance_assignment_virtual_machine" { +resource "azurerm_maintenance_assignment_virtual_machine" "maintenance_assignment_virtual_machine" { location = var.location maintenance_configuration_id = var.maintenance_configuration_id virtual_machine_id = var.virtual_machine_id diff --git a/modules/maintenance/configuration/module.tf b/modules/maintenance/configuration/module.tf index f28e7033c5..aa5e777aa1 100644 --- a/modules/maintenance/configuration/module.tf +++ b/modules/maintenance/configuration/module.tf @@ -14,10 +14,10 @@ resource "azurerm_maintenance_configuration" "maintenance_configuration" { location = var.location scope = var.scope visibility = try(var.visibility, null) - properties = try(var.properties, {}) + properties = try(var.properties, {}) in_guest_user_patch_mode = var.settings.scope == "InGuestPatch" ? var.in_guest_user_patch_mode : try(var.in_guest_user_patch_mode, null) - + dynamic "window" { for_each = try(var.settings.window, null) != null ? [var.settings.window] : [] content { @@ -52,7 +52,7 @@ resource "azurerm_maintenance_configuration" "maintenance_configuration" { } } - reboot = try(var.settings.install_patches.reboot, "IfRequired" ) + reboot = try(var.settings.install_patches.reboot, "IfRequired") } } diff --git a/modules/maintenance/configuration/outputs.tf b/modules/maintenance/configuration/outputs.tf index 701dd0eb94..3163ab4fa2 100644 --- a/modules/maintenance/configuration/outputs.tf +++ b/modules/maintenance/configuration/outputs.tf @@ -5,10 +5,10 @@ output "id" { output "maintenance_configuration_name" { description = "The name of the maintenance configuration." - value = azurerm_maintenance_configuration.maintenance_configuration.name + value = azurerm_maintenance_configuration.maintenance_configuration.name } output "maintenance_configuration_location" { description = "The location where the resource exists" - value = azurerm_maintenance_configuration.maintenance_configuration.location + value = azurerm_maintenance_configuration.maintenance_configuration.location } \ No newline at end of file diff --git a/modules/networking/private_endpoint/private_endpoint.tf b/modules/networking/private_endpoint/private_endpoint.tf index dd5a6ca7be..d74f19c6bd 100644 --- a/modules/networking/private_endpoint/private_endpoint.tf +++ b/modules/networking/private_endpoint/private_endpoint.tf @@ -56,10 +56,10 @@ resource "azurerm_private_endpoint" "pep" { } resource "time_sleep" "delay" { - count = can(lookup(var.settings,var.settings.delay_time_after_creation,false)) ? 1: 0 - depends_on = [azurerm_private_endpoint.pep] + count = can(lookup(var.settings, var.settings.delay_time_after_creation, false)) ? 1 : 0 + depends_on = [azurerm_private_endpoint.pep] create_duration = var.settings.delay_time_after_creation lifecycle { - replace_triggered_by = [ azurerm_private_endpoint.pep ] + replace_triggered_by = [azurerm_private_endpoint.pep] } } \ No newline at end of file diff --git a/modules/networking/virtual_wan/virtual_wan.tf b/modules/networking/virtual_wan/virtual_wan.tf index b0bb2b03e8..11cb9a2bbd 100644 --- a/modules/networking/virtual_wan/virtual_wan.tf +++ b/modules/networking/virtual_wan/virtual_wan.tf @@ -34,6 +34,6 @@ module "hubs" { tags = merge(try(each.value.tags, null), local.tags) virtual_hub_config = each.value virtual_networks = var.virtual_networks - keyvaults = var.keyvaults + keyvaults = var.keyvaults vwan_id = azurerm_virtual_wan.vwan.id } diff --git a/modules/recovery_vault/backup_policies_vm_workload.tf b/modules/recovery_vault/backup_policies_vm_workload.tf index b40bffdeda..83520e77c0 100644 --- a/modules/recovery_vault/backup_policies_vm_workload.tf +++ b/modules/recovery_vault/backup_policies_vm_workload.tf @@ -15,7 +15,7 @@ resource "azurerm_backup_policy_vm_workload" "vm_workload" { for_each = each.value.protection_policies content { - policy_type = protection_policy.value.policy_type + policy_type = protection_policy.value.policy_type backup { frequency = try(protection_policy.value.backup.frequency, null) diff --git a/modules/recovery_vault/outputs.tf b/modules/recovery_vault/outputs.tf index 7ddb9fc6b3..4213ffee07 100644 --- a/modules/recovery_vault/outputs.tf +++ b/modules/recovery_vault/outputs.tf @@ -16,7 +16,7 @@ output "backup_policies" { value = { virtual_machines = azurerm_backup_policy_vm.vm file_shares = azurerm_backup_policy_file_share.fs - vm_workloads = azurerm_backup_policy_vm_workload.vm_workload + vm_workloads = azurerm_backup_policy_vm_workload.vm_workload } } diff --git a/modules/roles/custom_roles/module.tf b/modules/roles/custom_roles/module.tf index 44cbc4d118..94a0a1747f 100644 --- a/modules/roles/custom_roles/module.tf +++ b/modules/roles/custom_roles/module.tf @@ -1,6 +1,6 @@ locals { - global_settings = merge(var.global_settings, try(var.custom_role.global_settings,{})) + global_settings = merge(var.global_settings, try(var.custom_role.global_settings, {})) } resource "azurecaf_name" "custom_role" { diff --git a/msssql_managed_instances.tf b/msssql_managed_instances.tf index e4e0b84ad3..373d445ec9 100644 --- a/msssql_managed_instances.tf +++ b/msssql_managed_instances.tf @@ -18,10 +18,10 @@ module "mssql_managed_instances" { base_tags = try(local.global_settings.inherit_tags, false) ? try(local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].tags, {}) : {} inherit_tags = try(local.global_settings.inherit_tags, false) keyvault = can(each.value.administrator_login_password) ? null : local.combined_objects_keyvaults[try(each.value.keyvault.lz_key, local.client_config.landingzone_key)][try(each.value.keyvault.key, each.value.keyvault_key)] - vnets = local.combined_objects_networking - private_endpoints = try(each.value.private_endpoints, {}) - private_dns = local.combined_objects_private_dns - resource_groups = local.combined_objects_resource_groups + vnets = local.combined_objects_networking + private_endpoints = try(each.value.private_endpoints, {}) + private_dns = local.combined_objects_private_dns + resource_groups = local.combined_objects_resource_groups } module "mssql_managed_instances_secondary" { @@ -42,10 +42,10 @@ module "mssql_managed_instances_secondary" { subnet_id = can(each.value.networking.subnet_id) ? each.value.networking.subnet_id : local.combined_objects_networking[try(each.value.networking.lz_key, local.client_config.landingzone_key)][each.value.networking.vnet_key].subnets[each.value.networking.subnet_key].id primary_server_id = local.combined_objects_mssql_managed_instances[try(each.value.primary_server.lz_key, local.client_config.landingzone_key)][each.value.primary_server.mi_server_key].id keyvault = can(each.value.administrator_login_password) ? null : local.combined_objects_keyvaults[try(each.value.keyvault.lz_key, local.client_config.landingzone_key)][try(each.value.keyvault.key, each.value.keyvault_key)] - vnets = local.combined_objects_networking - private_endpoints = try(each.value.private_endpoints, {}) - private_dns = local.combined_objects_private_dns - resource_groups = local.combined_objects_resource_groups + vnets = local.combined_objects_networking + private_endpoints = try(each.value.private_endpoints, {}) + private_dns = local.combined_objects_private_dns + resource_groups = local.combined_objects_resource_groups } module "mssql_mi_failover_groups" { diff --git a/msssql_managed_instances_v1.tf b/msssql_managed_instances_v1.tf index 9de5953861..93c0235fb4 100644 --- a/msssql_managed_instances_v1.tf +++ b/msssql_managed_instances_v1.tf @@ -34,10 +34,10 @@ module "mssql_managed_instances_v1" { keyvault = can(each.value.administrator_login_password) ? null : local.combined_objects_keyvaults[try(each.value.keyvault.lz_key, local.client_config.landingzone_key)][try(each.value.keyvault.key, each.value.keyvault_key)] primary_server_id = null group_id = can(each.value.administrators.azuread_group_id) || can(each.value.administrators.azuread_group_key) ? try(each.value.administrators.azuread_group_id, local.combined_objects_azuread_groups[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.administrators.azuread_group_key].id) : null - vnets = local.combined_objects_networking - private_endpoints = try(each.value.private_endpoints, {}) - private_dns = local.combined_objects_private_dns - resource_groups = local.combined_objects_resource_groups + vnets = local.combined_objects_networking + private_endpoints = try(each.value.private_endpoints, {}) + private_dns = local.combined_objects_private_dns + resource_groups = local.combined_objects_resource_groups base_tags = try(local.global_settings.inherit_tags, false) ? try(local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].tags, {}) : {} inherit_tags = try(local.global_settings.inherit_tags, false) @@ -62,10 +62,10 @@ module "mssql_managed_instances_secondary_v1" { primary_server_id = local.combined_objects_mssql_managed_instances[try(each.value.primary_server.lz_key, local.client_config.landingzone_key)][each.value.primary_server.mi_server_key].id keyvault = can(each.value.administrator_login_password) ? null : local.combined_objects_keyvaults[try(each.value.keyvault.lz_key, local.client_config.landingzone_key)][try(each.value.keyvault.key, each.value.keyvault_key)] group_id = can(each.value.administrators.azuread_group_id) || can(each.value.administrators.azuread_group_key) ? try(each.value.administrators.azuread_group_id, local.combined_objects_azuread_groups[try(each.value.administrators.lz_key, local.client_config.landingzone_key)][each.value.administrators.azuread_group_key].id) : null - vnets = local.combined_objects_networking - private_endpoints = try(each.value.private_endpoints, {}) - private_dns = local.combined_objects_private_dns - resource_groups = local.combined_objects_resource_groups + vnets = local.combined_objects_networking + private_endpoints = try(each.value.private_endpoints, {}) + private_dns = local.combined_objects_private_dns + resource_groups = local.combined_objects_resource_groups base_tags = try(local.global_settings.inherit_tags, false) ? try(local.combined_objects_resource_groups[try(each.value.resource_group.lz_key, local.client_config.landingzone_key)][try(each.value.resource_group.key, each.value.resource_group_key)].tags, {}) : {} inherit_tags = try(local.global_settings.inherit_tags, false) From b7284798f261f178fb9b111c7e24245db2f06842 Mon Sep 17 00:00:00 2001 From: shanoor <17402800+shanoor@users.noreply.github.com> Date: Thu, 30 May 2024 14:47:56 +0200 Subject: [PATCH 2/2] Allows to use custom appinsights agent version --- modules/webapps/appservice/main.tf | 8 +++++--- modules/webapps/function_app/main.tf | 10 ++++++---- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/modules/webapps/appservice/main.tf b/modules/webapps/appservice/main.tf index cdd9aaa111..682442ae8c 100644 --- a/modules/webapps/appservice/main.tf +++ b/modules/webapps/appservice/main.tf @@ -27,12 +27,14 @@ locals { arm_filename = "${path.module}/arm_site_config.json" - app_settings = merge(try(var.app_settings, {}), try(local.dynamic_settings_to_process, {}), var.application_insight == null ? {} : - { + app_settings = merge( + var.application_insight == null ? {} : { "APPINSIGHTS_INSTRUMENTATIONKEY" = var.application_insight.instrumentation_key, "APPLICATIONINSIGHTS_CONNECTION_STRING" = var.application_insight.connection_string, "ApplicationInsightsAgent_EXTENSION_VERSION" = "~2" - } + }, + try(var.app_settings, {}), + try(local.dynamic_settings_to_process, {}) ) backup_storage_account = can(var.settings.backup) ? var.storage_accounts[try(var.settings.backup.lz_key, var.client_config.landingzone_key)][var.settings.backup.storage_account_key] : null diff --git a/modules/webapps/function_app/main.tf b/modules/webapps/function_app/main.tf index 1cc33b7edc..a401486a5e 100644 --- a/modules/webapps/function_app/main.tf +++ b/modules/webapps/function_app/main.tf @@ -27,12 +27,14 @@ locals { arm_filename = "${path.module}/arm_site_config.json" - app_settings = merge(try(var.app_settings, {}), try(local.dynamic_settings_to_process, {}), var.application_insight == null ? {} : - { + app_settings = merge( + var.application_insight == null ? {} : { "APPINSIGHTS_INSTRUMENTATIONKEY" = var.application_insight.instrumentation_key, "APPLICATIONINSIGHTS_CONNECTION_STRING" = var.application_insight.connection_string, "ApplicationInsightsAgent_EXTENSION_VERSION" = "~2" - } + }, + try(var.app_settings, {}), + try(local.dynamic_settings_to_process, {}) ) -} \ No newline at end of file +}