add peps

pagopa · Oct 2, 2024 · eec4b41 · eec4b41
1 parent 1edfe71
commit eec4b41
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 3 deletions.
diff --git a/infra/identity/prod/README.md b/infra/identity/prod/README.md
@@ -19,6 +19,7 @@ No providers.
 | <a name="module_federated_identities"></a> [federated\_identities](#module\_federated\_identities) | github.com/pagopa/dx//infra/modules/azure_federated_identity_with_github | main |
 | <a name="module_federated_identities_opex"></a> [federated\_identities\_opex](#module\_federated\_identities\_opex) | github.com/pagopa/dx//infra/modules/azure_federated_identity_with_github | main |
 | <a name="module_federated_identities_web_apps"></a> [federated\_identities\_web\_apps](#module\_federated\_identities\_web\_apps) | github.com/pagopa/dx//infra/modules/azure_federated_identity_with_github | main |
+| <a name="module_roles_ci"></a> [roles\_ci](#module\_roles\_ci) | github.com/pagopa/dx//infra/modules/azure_role_assignments | main |
 
 ## Resources
 

diff --git a/infra/resources/prod/locals.tf b/infra/resources/prod/locals.tf
@@ -1,4 +1,5 @@
 locals {
-  project = format("%s-%s-%s", var.prefix, var.env_short, var.domain)
-  product = format("%s-%s", var.prefix, var.env_short)
+  project     = format("%s-%s-%s", var.prefix, var.env_short, var.domain)
+  product     = format("%s-%s", var.prefix, var.env_short)
+  project_itn = "${local.product}-itn"
 }
diff --git a/infra/resources/prod/network.tf b/infra/resources/prod/network.tf
@@ -15,7 +15,7 @@ data "azurerm_subnet" "private_endpoints_subnet" {
 }
 
 data "azurerm_subnet" "itn_private_endpoints_subnet" {
-  name                 = format("%s-itn-pep-snet-01", local.product)
+  name                 = "${local.project_itn}-pep-snet-01"
   virtual_network_name = data.azurerm_virtual_network.itn_vnet_common.name
   resource_group_name  = data.azurerm_virtual_network.itn_vnet_common.resource_group_name
 }
@@ -443,3 +443,16 @@ resource "azurerm_private_endpoint" "io_sign_backoffice_func_staging" {
 
   tags = var.tags
 }
+
+resource "azurerm_private_endpoint" "cosno_itn" {
+  name                = "${local.project_itn}-sign-cosno-pep-01"
+  location            = "italynorth"
+  resource_group_name = azurerm_resource_group.data_rg.name
+  subnet_id           = data.azurerm_subnet.itn_private_endpoints_subnet.id
+
+  private_service_connection {
+    name                           = "${local.project_itn}-sign-cosno-pep-01"
+    private_connection_resource_id = module.cosmosdb_account.id
+    is_manual_connection           = false
+  }
+}