gruntwork-io · MathieuBuisson · Sep 28, 2019 · Sep 28, 2019 · Sep 28, 2019 · Sep 29, 2019
diff --git a/README.md b/README.md
@@ -196,7 +196,7 @@ Next, head over to the [test folder](/test) to see how you can use Terratest to
     the web server to check that it is working correctly, and run `terraform destroy` to undeploy the web server.
 1.  [terraform_gcp_example_test.go](/test/terraform_gcp_example_test.go): Use Terratest to run `terraform apply` on
     the Terraform GCP Example and verify you get the expected outputs.
-1.  [terraform_remote_exec_example_test.go](/test/terraform_remote_exec_example_test.go): Use Terratest to run 
+1.  [terraform_remote_exec_example_test.go](/test/terraform_remote_exec_example_test.go): Use Terratest to run
     `terraform apply` and then remotely provision the instance while using a custom SSH agent managed by Terratest
 1.  [terraform_scp_example_test.go](/test/terraform_scp_example_test.go): Use Terratest to simplify copying resources
     like config files and logs from deployed EC2 Instances. This is especially useful for getting a snapshot of the
@@ -232,7 +232,7 @@ Terratest's [modules folder](/modules) and how they can help you test different
 | Package            | Description                                                                                                                                                                                                                                                                                          |
 | ------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **aws**            | Functions that make it easier to work with the AWS APIs. Examples: find an EC2 Instance by tag, get the IPs of EC2 Instances in an ASG, create an EC2 KeyPair, look up a VPC ID.                                                                                                                     |
-| **azure**          | Functions that make it easier to work with the Azure APIs. Examples: get the size of a virtual machine, get the tags of a virtual machine.                                                                                                                                                           |
+| **azure**          | Functions that make it easier to work with the Azure APIs. Examples: get the size of a virtual machine, get the tags of a virtual machine, get the subnets in a virtual network.                                                                                                                                                           |
 | **collections**    | Go doesn't have much of a collections library built-in, so this package has a few helper methods for working with lists and maps. Examples: subtract two lists from each other.                                                                                                                      |
 | **docker**         | Functions that make it easier to work with Docker and Docker Compose. Examples: run `docker-compose` commands.                                                                                                                                                                                       |
 | **environment**    | Functions for interacting with os environment. Examples: check for first non empty environment variable in a list.                                                                                                                                                                                   |

diff --git a/examples/terraform-azure-network-example/README.md b/examples/terraform-azure-network-example/README.md
@@ -0,0 +1,41 @@
+# Terraform Azure Example
+
+This folder contains a simple Terraform module that deploys network-related resources in [Azure](https://azure.microsoft.com/) to demonstrate
+how you can use Terratest to write automated tests for your Azure Terraform code.
+
+This module deploys the following resources :
+  - a Resource Group
+  - a [Virtual Network](https://azure.microsoft.com/en-us/services/virtual-network/)
+  - 2 subnets within the Virtual Network
+  - a [Network Security Group](https://docs.microsoft.com/en-us/azure/virtual-network/security-overview) for each subnet
+  - a Network Security Rule associated with the first Network Security Group
+  - a Public IP (with a public DNS name)
+
+Check out [test/terraform_azure_network_example_test.go](/test/terraform_azure_network_example_test.go) to see how you can write
+automated tests for this module.
+
+Note that the Public IP in this module is just for demonstration purposes.
+It is not attached to any resource (Virtual Machine, Load Balancer, etc...), so while this address is reachable from the internet, connecting to it will not result in anything.
+
+**WARNING**: This module and the automated tests for it deploy real resources into your Azure account which can cost you
+money. The resources are all part of the [Azure Free Account](https://azure.microsoft.com/en-us/free/), so if you haven't used that up,
+it should be free, but you are completely responsible for all Azure charges.
+
+## Running this module manually
+
+1. Sign up for an [Azure](https://azure.microsoft.com/) account.
+1. Configure your Azure credentials using [the Azure CLI](https://www.terraform.io/docs/providers/azurerm/auth/azure_cli.html), or environment variables supported by [the Azure Terraform provider](https://www.terraform.io/docs/providers/azurerm/index.html#argument-reference).
+1. Install [Terraform](https://www.terraform.io/) and make sure it's on your `PATH`.
+1. Run `terraform init`.
+1. Run `terraform apply`.
+1. When you're done, run `terraform destroy`.
+
+## Running automated tests against this module
+
+1. Sign up for an [Azure](https://azure.microsoft.com/) account.
+1. Configure your Azure credentials using [the Azure CLI](https://www.terraform.io/docs/providers/azurerm/auth/azure_cli.html), or environment variables supported by [the Azure Terraform provider](https://www.terraform.io/docs/providers/azurerm/index.html#argument-reference).
+1. Install [Terraform](https://www.terraform.io/) and make sure it's on your `PATH`.
+1. Install [Golang](https://golang.org/) and make sure this code is checked out into your `GOPATH`.
+1. `cd test`
+1. `dep ensure`
+1. `go test -v -run TestTerraformAzureNetworkExample -timeout 20m`
diff --git a/examples/terraform-azure-network-example/main.tf b/examples/terraform-azure-network-example/main.tf
@@ -0,0 +1,100 @@
+# ---------------------------------------------------------------------------------------------------------------------
+# DEPLOY A RESOURCE GROUP
+# See test/terraform_azure_network_example_test.go for how to write automated tests for this code.
+# ---------------------------------------------------------------------------------------------------------------------
+
+resource "azurerm_resource_group" "example" {
+  name     = "${var.resource_group_name}"
+  location = "${var.location}"
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# DEPLOY A VIRTUAL NETWORK
+# ---------------------------------------------------------------------------------------------------------------------
+
+resource "azurerm_virtual_network" "example" {
+  name                = "${var.virtual_network_name}"
+  resource_group_name = "${azurerm_resource_group.example.name}"
+  location            = "${azurerm_resource_group.example.location}"
+  address_space       = ["10.0.0.0/16"]
+
+  tags = {
+    environment = "${var.environment_tag}"
+  }
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# DEPLOY 2 SUBNETS IN THE VIRTUAL NETWORK
+# ---------------------------------------------------------------------------------------------------------------------
+
+resource "azurerm_subnet" "subnet1" {
+  name                      = "${var.first_subnet_name}"
+  resource_group_name       = "${azurerm_resource_group.example.name}"
+  virtual_network_name      = "${azurerm_virtual_network.example.name}"
+  address_prefix            = "10.0.11.0/24"
+  network_security_group_id = "${azurerm_network_security_group.nsg1.id}"
+}
+
+resource "azurerm_subnet" "subnet2" {
+  name                      = "${var.second_subnet_name}"
+  resource_group_name       = "${azurerm_resource_group.example.name}"
+  virtual_network_name      = "${azurerm_virtual_network.example.name}"
+  address_prefix            = "10.0.12.0/24"
+  network_security_group_id = "${azurerm_network_security_group.nsg2.id}"
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# DEPLOY A NETWORK SECURITY GROUP FOR EACH SUBNET
+# ---------------------------------------------------------------------------------------------------------------------
+
+resource "azurerm_network_security_group" "nsg1" {
+  name                = "${var.first_subnet_nsg_name}"
+  resource_group_name = "${azurerm_resource_group.example.name}"
+  location            = "${azurerm_resource_group.example.location}"
+}
+
+resource "azurerm_subnet_network_security_group_association" "nsg1" {
+  subnet_id                 = "${azurerm_subnet.subnet1.id}"
+  network_security_group_id = "${azurerm_network_security_group.nsg1.id}"
+}
+
+resource "azurerm_network_security_group" "nsg2" {
+  name                = "${var.second_subnet_nsg_name}"
+  resource_group_name = "${azurerm_resource_group.example.name}"
+  location            = "${azurerm_resource_group.example.location}"
+}
+
+resource "azurerm_subnet_network_security_group_association" "nsg2" {
+  subnet_id                 = "${azurerm_subnet.subnet2.id}"
+  network_security_group_id = "${azurerm_network_security_group.nsg2.id}"
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# DEPLOY A NETWORK SECURITY RULE AND LINK IT TO THE FIRST SUBNET'S NETWORK SECURITY GROUP
+# ---------------------------------------------------------------------------------------------------------------------
+
+resource "azurerm_network_security_rule" "example" {
+  name                        = "${var.first_subnet_security_rule_name}"
+  resource_group_name         = "${azurerm_resource_group.example.name}"
+  network_security_group_name = "${azurerm_network_security_group.nsg1.name}"
+  priority                    = 111
+  direction                   = "Inbound"
+  access                      = "Allow"
+  protocol                    = "Tcp"
+  source_port_range           = "*"
+  destination_port_range      = "22"
+  source_address_prefix       = "VirtualNetwork"
+  destination_address_prefix  = "*"
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# DEPLOY A PUBLIC IP ADDRESS RESOURCE
+# ---------------------------------------------------------------------------------------------------------------------
+
+resource "azurerm_public_ip" "example" {
+  name                = "${var.public_ip_name}"
+  resource_group_name = "${azurerm_resource_group.example.name}"
+  location            = "${azurerm_resource_group.example.location}"
+  allocation_method   = "Static"
+  domain_name_label   = "${var.public_ip_domain_name_label}"
+}
diff --git a/examples/terraform-azure-network-example/outputs.tf b/examples/terraform-azure-network-example/outputs.tf
@@ -0,0 +1,23 @@
+output "resource_group_name" {
+  value = "${azurerm_resource_group.example.name}"
+}
+
+output "virtual_network_name" {
+  value = "${azurerm_virtual_network.example.name}"
+}
+
+output "first_subnet_address" {
+  value = "${azurerm_subnet.subnet1.address_prefix}"
+}
+
+output "second_subnet_address" {
+  value = "${azurerm_subnet.subnet2.address_prefix}"
+}
+
+output "public_ip_address" {
+  value = "${azurerm_public_ip.example.ip_address}"
+}
+
+output "public_ip_fqdn" {
+  value = "${azurerm_public_ip.example.fqdn}"
+}
diff --git a/examples/terraform-azure-network-example/provider.tf b/examples/terraform-azure-network-example/provider.tf
@@ -0,0 +1,3 @@
+provider "azurerm" {
+  version = "~>1.33"
+}
diff --git a/examples/terraform-azure-network-example/variables.tf b/examples/terraform-azure-network-example/variables.tf
@@ -0,0 +1,72 @@
+# ---------------------------------------------------------------------------------------------------------------------
+# ENVIRONMENT VARIABLES
+# Define these secrets as environment variables
+# ---------------------------------------------------------------------------------------------------------------------
+
+# ARM_TENANT_ID
+# ARM_SUBSCRIPTION_ID
+# ARM_CLIENT_ID (if you are using a Service Principal to authenticate to Azure)
+# ARM_CLIENT_SECRET (if you are using a Service Principal to authenticate to Azure)
+
+# ---------------------------------------------------------------------------------------------------------------------
+# REQUIRED PARAMETERS
+# You must provide a value for each of these parameters.
+# ---------------------------------------------------------------------------------------------------------------------
+
+variable "location" {
+  description = "The Azure region where resources will be located."
+}
+
+variable "public_ip_domain_name_label" {
+  description = "The domain name label (DNS prefix) to set for the public IP."
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# OPTIONAL PARAMETERS
+# These parameters have reasonable defaults.
+# ---------------------------------------------------------------------------------------------------------------------
+
+variable "resource_group_name" {
+  description = "The name of the resource group where the resources will be deployed."
+  default     = "terratest-example-rg"
+}
+
+variable "virtual_network_name" {
+  description = "The name to set for the virtual network."
+  default     = "terratest-vnet"
+}
+
+variable "environment_tag" {
+  description = "Value to set for the 'environment' tag applied to the virtual network."
+  default     = "test"
+}
+
+variable "first_subnet_name" {
+  description = "The name to set for the first subnet."
+  default     = "terratest-subnet1"
+}
+
+variable "second_subnet_name" {
+  description = "The name to set for the second subnet."
+  default     = "terratest-subnet2"
+}
+
+variable "first_subnet_nsg_name" {
+  description = "The name of network security group to apply to the first subnet."
+  default     = "subnet1-nsg"
+}
+
+variable "second_subnet_nsg_name" {
+  description = "The name of network security group to apply to the second subnet."
+  default     = "subnet2-nsg"
+}
+
+variable "first_subnet_security_rule_name" {
+  description = "The name of the network security rule to link to the first subnet's network security group."
+  default     = "Allow_SSH_Inbound"
+}
+
+variable "public_ip_name" {
+  description = "The name to set for the public IP resource."
+  default     = "terratest-example-ip"
+}