From 9931d2c896448472ebcc31bd65b45b1c739574ae Mon Sep 17 00:00:00 2001 From: Glenn Musa <4622125+glennmusa@users.noreply.github.com> Date: Tue, 6 Jul 2021 14:24:28 -0400 Subject: [PATCH] remove unused terraform variables (#274) --- src/terraform/mlz/main.tf | 31 +--- src/terraform/mlz/minimum.tfvars.sample | 46 +++-- src/terraform/mlz/mlz.tfvars.sample | 163 ++++++------------ src/terraform/mlz/variables.tf | 51 +----- src/terraform/modules/hub/variables.tf | 6 +- src/terraform/modules/spoke/variables.tf | 20 --- src/terraform/modules/subnet/variables.tf | 1 + src/terraform/modules/tier/variables.tf | 36 ---- .../modules/virtual-network/variables.tf | 1 + src/terraform/tier3/main.tf | 10 +- src/terraform/tier3/minimum.tfvars.sample | 35 ++-- ...{mlz.tfvars.sample => tier3.tfvars.sample} | 40 +++-- src/terraform/tier3/variables.tf | 45 ++--- 13 files changed, 143 insertions(+), 342 deletions(-) delete mode 100644 src/terraform/modules/tier/variables.tf rename src/terraform/tier3/{mlz.tfvars.sample => tier3.tfvars.sample} (74%) diff --git a/src/terraform/mlz/main.tf b/src/terraform/mlz/main.tf index b86015b1b..0fa4aa2ad 100644 --- a/src/terraform/mlz/main.tf +++ b/src/terraform/mlz/main.tf @@ -218,7 +218,6 @@ module "hub-network" { vnet_address_space = var.hub_vnet_address_space client_address_space = var.hub_client_address_space management_address_space = var.hub_management_address_space - routetable_name = var.hub_management_routetable_name log_analytics_workspace_resource_id = azurerm_log_analytics_workspace.laws.id @@ -265,20 +264,14 @@ module "spoke-network-t0" { location = azurerm_resource_group.tier0.location - hub_subid = var.hub_subid - hub_rgname = module.hub-network.resource_group_name - hub_vnetname = module.hub-network.virtual_network_name firewall_private_ip = module.firewall.firewall_private_ip - laws_name = azurerm_log_analytics_workspace.laws.name laws_location = var.mlz_location laws_workspace_id = azurerm_log_analytics_workspace.laws.workspace_id laws_resource_id = azurerm_log_analytics_workspace.laws.id - spoke_subid = var.tier0_subid - spoke_rgname = var.tier0_rgname - spoke_vnetname = var.tier0_vnetname - + spoke_rgname = var.tier0_rgname + spoke_vnetname = var.tier0_vnetname spoke_vnet_address_space = var.tier0_vnet_address_space subnets = var.tier0_subnets @@ -318,20 +311,14 @@ module "spoke-network-t1" { location = azurerm_resource_group.tier1.location - hub_subid = var.hub_subid - hub_rgname = module.hub-network.resource_group_name - hub_vnetname = module.hub-network.virtual_network_name firewall_private_ip = module.firewall.firewall_private_ip - laws_name = azurerm_log_analytics_workspace.laws.name laws_location = var.mlz_location laws_workspace_id = azurerm_log_analytics_workspace.laws.workspace_id laws_resource_id = azurerm_log_analytics_workspace.laws.id - spoke_subid = var.tier1_subid - spoke_rgname = var.tier1_rgname - spoke_vnetname = var.tier1_vnetname - + spoke_rgname = var.tier1_rgname + spoke_vnetname = var.tier1_vnetname spoke_vnet_address_space = var.tier1_vnet_address_space subnets = var.tier1_subnets @@ -371,20 +358,14 @@ module "spoke-network-t2" { location = azurerm_resource_group.tier2.location - hub_subid = var.hub_subid - hub_rgname = module.hub-network.resource_group_name - hub_vnetname = module.hub-network.virtual_network_name firewall_private_ip = module.firewall.firewall_private_ip - laws_name = azurerm_log_analytics_workspace.laws.name laws_location = var.mlz_location laws_workspace_id = azurerm_log_analytics_workspace.laws.workspace_id laws_resource_id = azurerm_log_analytics_workspace.laws.id - spoke_subid = var.tier2_subid - spoke_rgname = var.tier2_rgname - spoke_vnetname = var.tier2_vnetname - + spoke_rgname = var.tier2_rgname + spoke_vnetname = var.tier2_vnetname spoke_vnet_address_space = var.tier2_vnet_address_space subnets = var.tier2_subnets diff --git a/src/terraform/mlz/minimum.tfvars.sample b/src/terraform/mlz/minimum.tfvars.sample index 949f4f884..7f8a38db8 100644 --- a/src/terraform/mlz/minimum.tfvars.sample +++ b/src/terraform/mlz/minimum.tfvars.sample @@ -1,26 +1,24 @@ -mlz_clientid="" -mlz_clientsecret="" -mlz_objectid="" +tf_environment = "" +deploymentname = "" +mlz_tenantid = "" +mlz_location = "" +mlz_metadatahost = "" +mlz_clientid = "" +mlz_clientsecret = "" +mlz_objectid = "" -tf_environment="" -mlz_cloud="" -mlz_tenantid="" -mlz_location="" -mlz_metadatahost="" +hub_subid = "" +hub_rgname = "" +hub_vnetname = "" +tier0_subid = "" +tier0_rgname = "" +tier0_vnetname = "" +tier1_subid = "" +tier1_rgname = "" +tier1_vnetname = "" +mlz_lawsname = "" +tier2_subid = "" +tier2_rgname = "" +tier2_vnetname = "" -deploymentname = "" -hub_subid = "" -hub_rgname = "" -hub_vnetname = "" -mlz_lawsname = "" -tier0_subid = "" -tier0_rgname = "" -tier0_vnetname = "" -tier1_subid = "" -tier1_rgname = "" -tier1_vnetname = "" -tier2_subid = "" -tier2_rgname = "" -tier2_vnetname = "" - -create_bastion_jumpbox = false \ No newline at end of file +create_bastion_jumpbox = false diff --git a/src/terraform/mlz/mlz.tfvars.sample b/src/terraform/mlz/mlz.tfvars.sample index 8a4add61c..473fb22d1 100644 --- a/src/terraform/mlz/mlz.tfvars.sample +++ b/src/terraform/mlz/mlz.tfvars.sample @@ -1,38 +1,49 @@ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. + ################################# -# Saca Configuration +# Global Configuration ################################# -deploymentname = "{SACA_DEPLOYMENTNAME}" -saca_subid = "{SACA_SUBID}" -saca_rgname = "{SACA_RGNAME}" -saca_vnetname = "{SACA_VNETNAME}" -saca_lawsname = "{SACA_LAWSNAME}" -vnet_address_space = ["{SACA_VNETSPACE}"] +tf_environment ="{TF_ENVIRONMENT}" +deploymentname ="{DEPLOYMENTNAME}" +mlz_tenantid ="{MLZ_TENANTID}" +mlz_location ="{MLZ_LOCATION}" +mlz_metadatahost ="{MLZ_METADATAHOST}" +mlz_clientid ="{MLZ_CLIENTID}" +mlz_clientsecret ="{MLZ_CLIENTSECRET}" +mlz_objectid ="{MLZ_OBJECTID}" + +################################# +# Hub Configuration +################################# + +hub_subid = "{HUB_SUBID}" +hub_rgname = "{HUB_RGNAME}" +hub_vnetname = "{HUB_VNETNAME}" +hub_vnet_address_space = ["{HUB_VNET_ADDRESS_SPACE}"] +hub_client_address_space = "{HUB_CLIENT_ADDRESS_SPACE}" +hub_management_address_space = "{HUB_MANAGEMENT_ADDRESS_SPACE}" ################################# # Firewall configuration section ################################# -client_address_space = "{FIREWALL_CLIENT_SPACE}" -management_address_space = "{FIREWALL_MANAGEMENT_SPACE}" -firewall_name = "{FIREWALL_NAME}" -firewall_policy_name = "{FIREWALL_POLICY_NAME}" -client_ipconfig_name = "{FIREWALL_CLIENT_IPCONFIG_NAME}" -client_publicip_name = "{FIREWALL_CLIENT_PUBLICIP_NAME}" -management_ipconfig_name = "{FIREWALL_MANAGEMENT_IPCONFIG_NAME}"7 -management_publicip_name = "{FIREWALL_MANAGEMENT_PUBLICIP_NAME}" -management_routetable_name = "{FIREWALL_MANAGEMENT_ROUTE_TABLE_NAME}" +firewall_name = "{FIREWALL_NAME}" +firewall_policy_name = "{FIREWALL_POLICY_NAME}" +client_ipconfig_name = "{CLIENT_IPCONFIG_NAME}" +client_publicip_name = "{CLIENT_PUBLICIP_NAME}" +management_ipconfig_name = "{MANAGEMENT_IPCONFIG_NAME}" +management_publicip_name = "{MANAGEMENT_PUBLICIP_NAME}" ################################# # Bastion Host Configuration ################################# create_bastion_jumpbox = "{CREATE_BASTION_JUMPBOX}" -bastion_host_name = "{BASTION_HOST_NAME}", -bastion_address_space = "{BASTION_ADDRESS_SPACE}", -bastion_public_ip_name = "{BASTION_PUBLIC_IP_NAME}", +bastion_host_name = "{BASTION_HOST_NAME}" +bastion_address_space = "{BASTION_ADDRESS_SPACE}" +bastion_public_ip_name = "{BASTION_PUBLIC_IP_NAME}" bastion_ipconfig_name = "{BASTION_IPCONFIG_NAME}" ################################# @@ -59,7 +70,7 @@ jumpbox_subnet = { destination_port_range = "" source_address_prefix = "*" destination_address_prefix = "" - }, + } "allow_rdp" = { name = "allow_rdp" priority = "200" @@ -76,20 +87,19 @@ jumpbox_subnet = { routetable_name = "{JUMPBOX_SUBNET_RT_NAME}" } -jumpbox_keyvault_name = "{JUMPBOX_KEYVAULT_NAME}" -jumpbox_windows_vm_name = "{JUMPBOX_WINDOWS_VM_NAME}" -jumpbox_windows_vm_size = "{JUMPBOX_WINDOWS_VM_SIZE}" +jumpbox_keyvault_name = "{JUMPBOX_KEYVAULT_NAME}" +jumpbox_windows_vm_name = "{JUMPBOX_WINDOWS_VM_NAME}" +jumpbox_windows_vm_size = "{JUMPBOX_WINDOWS_VM_SIZE}" jumpbox_windows_vm_publisher = "{JUMPBOX_WINDOWS_VM_PUBLISHER}" -jumpbox_windows_vm_offer = "{JUMPBOX_WINDOWS_VM_OFFER}" -jumpbox_windows_vm_sku = "{JUMPBOX_WINDOWS_VM_SKU}" -jumpbox_windows_vm_version = "{JUMPBOX_WINDOWS_VM_VERSION}" -jumpbox_linux_vm_name = "{JUMPBOX_LINUX_VM_NAME}" -jumpbox_linux_vm_size = "{JUMPBOX_LINUX_VM_SIZE}" -jumpbox_linux_vm_publisher = "{JUMPBOX_LINUX_VM_PUBLISHER}" -jumpbox_linux_vm_offer = "{JUMPBOX_LINUX_VM_OFFER}" -jumpbox_linux_vm_sku = "{JUMPBOX_LINUX_VM_SKU}" -jumpbox_linux_vm_version = "{JUMPBOX_LINUX_VM_VERSION}" - +jumpbox_windows_vm_offer = "{JUMPBOX_WINDOWS_VM_OFFER}" +jumpbox_windows_vm_sku = "{JUMPBOX_WINDOWS_VM_SKU}" +jumpbox_windows_vm_version = "{JUMPBOX_WINDOWS_VM_VERSION}" +jumpbox_linux_vm_name = "{JUMPBOX_LINUX_VM_NAME}" +jumpbox_linux_vm_size = "{JUMPBOX_LINUX_VM_SIZE}" +jumpbox_linux_vm_publisher = "{JUMPBOX_LINUX_VM_PUBLISHER}" +jumpbox_linux_vm_offer = "{JUMPBOX_LINUX_VM_OFFER}" +jumpbox_linux_vm_sku = "{JUMPBOX_LINUX_VM_SKU}" +jumpbox_linux_vm_version = "{JUMPBOX_LINUX_VM_VERSION}" ################################# # Tier 0 Configuration @@ -99,11 +109,7 @@ tier0_subid = "{TIER0_SUBID}" tier0_rgname = "{TIER0_RGNAME}" tier0_vnetname = "{TIER0_VNETNAME}" -################################# -# Tier 0 Network configuration section -################################# - -tier0_vnet_address_space = ["{TIER0_VNETSPACE}"] +tier0_vnet_address_space = ["{TIER0_VNET_ADDRESS_SPACE}"] tier0_subnets = { "{TIER0_SUBNETVM_NAME}" = { @@ -148,16 +154,12 @@ tier0_subnets = { # Tier 1 Network configuration section ################################# -tier1_sub_id = = "{TIER1_SUBID}" -tier1_rgname = "{TIER1_RGNAME}" -tier1_vnetname = "{TIER1_VNETNAME}" - - -################################# -# Network configuration section -################################# +tier1_subid = "{TIER1_SUBID}" +tier1_rgname = "{TIER1_RGNAME}" +tier1_vnetname = "{TIER1_VNETNAME}" +mlz_lawsname = "{MLZ_LAWSNAME} -tier1_vnet_address_space = ["{TIER1_VNETSPACE}"] +tier1_vnet_address_space = ["{TIER1_VNET_ADDRESS_SPACE}"] tier1_subnets = { "{TIER1_SUBNETVM_NAME}" = { @@ -202,16 +204,11 @@ tier1_subnets = { # Tier 2 Network configuration section ################################# -tier2_sub_id = = "{TIER2_SUBID}" -tier2_rgname = "{TIER2_RGNAME}" -tier2_vnetname = "{TIER2_VNETNAME}" +tier2_subid = "{TIER2_SUBID}" +tier2_rgname = "{TIER2_RGNAME}" +tier2_vnetname = "{TIER2_VNETNAME}" - -################################# -# Network configuration section -################################# - -tier2_vnet_address_space = ["{TIER2_VNETSPACE}"] +tier2_vnet_address_space = ["{TIER2_VNET_ADDRESS_SPACE}"] tier2_subnets = { "{TIER2_SUBNETVM_NAME}" = { @@ -251,57 +248,3 @@ tier2_subnets = { routetable_name = "{TIER2_SUBNETVM_RTNAME}" } } - - -################################# -# Tier 3 Network configuration section -################################# - -tier3_subid = "{TIER3_SUBID}" -tier3_rgname = "{TIER3_RGNAME}" -tier3_vnetname = "{TIER3_VNETNAME}" - -################################# -# Network configuration section -################################# - -tier3_vnet_address_space = ["{TIER3_VNETSPACE}"] - -subnets = { - "{TIER3_SUBNETVM_NAME}" = { - name = "{TIER3_SUBNETVM_NAME}" - address_prefixes = ["{TIER3_SUBNETVM_ADDRESSPREFIXLIST}"] - service_endpoints = ["{TIER3_SUBNETVM_SERVICEENDPOINTLIST}"] - - enforce_private_link_endpoint_network_policies = {TIER3_SUBNETVM_ENABLEPRIVATELINKENDPOINT} - enforce_private_link_service_network_policies = {TIER3_SUBNETVM_ENABLEPRIVATELINKSERVICE} - - nsg_name = "{TIER3_SUBNETVM_NSGNAME}" - nsg_rules = { - "allow_ssh" = { - name = "allow_ssh" - priority = "100" - direction = "Inbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "" - destination_port_range = "22" - source_address_prefix = "*" - destination_address_prefix = "" - } - "allow_rdp" = { - name = "allow_rdp" - priority = "200" - direction = "Inbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "" - destination_port_range = "3389" - source_address_prefix = "*" - destination_address_prefix = "" - } - } - - routetable_name = "{TIER3_SUBNETVM_RTNAME}" - } -} \ No newline at end of file diff --git a/src/terraform/mlz/variables.tf b/src/terraform/mlz/variables.tf index 57d486751..160ec7d13 100644 --- a/src/terraform/mlz/variables.tf +++ b/src/terraform/mlz/variables.tf @@ -1,5 +1,6 @@ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. + ################################# # Global Configuration ################################# @@ -8,8 +9,8 @@ variable "tf_environment" { description = "The Terraform backend environment e.g. public or usgovernment" } -variable "mlz_cloud" { - description = "The Azure Cloud to deploy to e.g. AzureCloud or AzureUSGovernment" +variable "deploymentname" { + description = "A name for the deployment" } variable "mlz_tenantid" { @@ -37,11 +38,8 @@ variable "mlz_objectid" { } ################################# -# SACA Hub Configuration +# Hub Configuration ################################# -variable "deploymentname" { - description = "A name for the deployment" -} variable "hub_subid" { description = "Subscription ID for the deployment" @@ -107,17 +105,6 @@ variable "management_publicip_name" { default = "mlzFWMgmtPip" } -variable "hub_management_routetable_name" { - description = "The name of the route table applied to the management subnet" - default = "mlzFirewallMgmtRT" -} - -variable "create_network_watcher" { - description = "Deploy a Network Watcher resource alongside this virtual network (there's a limit of one per-subscription-per-region)" - type = bool - default = false -} - ################################# # Bastion Host Configuration ################################# @@ -300,6 +287,7 @@ variable "jumpbox_linux_vm_version" { ################################# # Tier 0 Configuration ################################# + variable "tier0_subid" { description = "Subscription ID for the deployment" } @@ -312,9 +300,6 @@ variable "tier0_vnetname" { description = "Virtual Network Name for the deployment" } -################################# -# Network configuration section -################################# variable "tier0_vnet_address_space" { description = "Address space prefixes list of strings" type = list(string) @@ -386,15 +371,10 @@ variable "tier0_subnets" { } } -variable "tier0_create_network_watcher" { - description = "Deploy a Network Watcher resource alongside this virtual network (there's a limit of one per-subscription-per-region)" - type = bool - default = false -} - ################################# # Tier 1 Configuration ################################# + variable "tier1_subid" { description = "Subscription ID for the deployment" } @@ -411,9 +391,6 @@ variable "mlz_lawsname" { description = "Log Analytics Workspace Name for the deployment" } -################################# -# Network configuration section -################################# variable "tier1_vnet_address_space" { description = "Address space prefixes for the virtual network" type = list(string) @@ -485,15 +462,10 @@ variable "tier1_subnets" { } } -variable "tier1_create_network_watcher" { - description = "Deploy a Network Watcher resource alongside this virtual network (there's a limit of one per-subscription-per-region)" - type = bool - default = false -} - ################################# # Tier 2 Configuration ################################# + variable "tier2_subid" { description = "Subscription ID for the deployment" } @@ -506,9 +478,6 @@ variable "tier2_vnetname" { description = "Virtual Network Name for the deployment" } -################################# -# Network configuration section -################################# variable "tier2_vnet_address_space" { description = "Address space prefixes list of strings" type = list(string) @@ -579,9 +548,3 @@ variable "tier2_subnets" { } } } - -variable "tier2_create_network_watcher" { - description = "Deploy a Network Watcher resource alongside this virtual network (there's a limit of one per-subscription-per-region)" - type = bool - default = false -} diff --git a/src/terraform/modules/hub/variables.tf b/src/terraform/modules/hub/variables.tf index 38f6ff00b..9204de755 100644 --- a/src/terraform/modules/hub/variables.tf +++ b/src/terraform/modules/hub/variables.tf @@ -1,5 +1,6 @@ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. + variable "resource_group_name" { description = "A container that holds related resources for an Azure solution" } @@ -28,11 +29,6 @@ variable "management_address_space" { type = string } -variable "routetable_name" { - description = "The name of the route table to be applied to the firewall management subnet." - type = string -} - variable "log_analytics_workspace_resource_id" { description = "The Azure resource ID for the Log Analytics Workspace." type = string diff --git a/src/terraform/modules/spoke/variables.tf b/src/terraform/modules/spoke/variables.tf index 2b5e4b950..f26371dca 100644 --- a/src/terraform/modules/spoke/variables.tf +++ b/src/terraform/modules/spoke/variables.tf @@ -5,22 +5,6 @@ variable "location" { description = "The region for spoke network deployment" } -variable "hub_subid" { - description = "Subscription ID for the hub network deployment" -} - -variable "hub_rgname" { - description = "Resource Group for the hub network deployment" -} - -variable "hub_vnetname" { - description = "Virtual Network Name for the hub network deployment" -} - -variable "laws_name" { - description = "Log Analytics Workspace name for the deployment" -} - variable "laws_location" { description = "Log Analytics Workspace location" } @@ -37,10 +21,6 @@ variable "firewall_private_ip" { description = "Private IP of the Firewall" } -variable "spoke_subid" { - description = "Subscription ID for the spoke network deployment" -} - variable "spoke_rgname" { description = "Resource Group for the spoke network deployment" } diff --git a/src/terraform/modules/subnet/variables.tf b/src/terraform/modules/subnet/variables.tf index 40f174deb..8c04fd503 100644 --- a/src/terraform/modules/subnet/variables.tf +++ b/src/terraform/modules/subnet/variables.tf @@ -1,5 +1,6 @@ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. + variable "name" { description = "The name of the subnet" type = string diff --git a/src/terraform/modules/tier/variables.tf b/src/terraform/modules/tier/variables.tf deleted file mode 100644 index fd4a2ca4e..000000000 --- a/src/terraform/modules/tier/variables.tf +++ /dev/null @@ -1,36 +0,0 @@ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. - - -variable "tf_environment" { - description = "The Terraform backend environment e.g. public or usgovernment" -} - -variable "mlz_cloud" { - description = "The Azure Cloud to deploy to e.g. AzureCloud or AzureUSGovernment" -} - -variable "mlz_tenantid" { - description = "The Azure tenant for the deployment" -} - -variable "mlz_location" { - description = "The Azure region for most Mission LZ resources" -} - -variable "mlz_metadatahost" { - description = "The metadata host for the Azure Cloud e.g. management.azure.com" -} - -variable "mlz_clientid" { - description = "The account to deploy with" -} - -variable "mlz_clientsecret" { - description = "The account to deploy with" -} - - -variable "tags" { - type = map(string) -} diff --git a/src/terraform/modules/virtual-network/variables.tf b/src/terraform/modules/virtual-network/variables.tf index b6ae237fc..daa30a642 100644 --- a/src/terraform/modules/virtual-network/variables.tf +++ b/src/terraform/modules/virtual-network/variables.tf @@ -1,5 +1,6 @@ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. + variable "location" { description = "The location/region to keep all your network resources. To get the list of all locations with table format from azure cli, run 'az account list-locations -o table'" } diff --git a/src/terraform/tier3/main.tf b/src/terraform/tier3/main.tf index 7eeadbf79..11d5478b4 100644 --- a/src/terraform/tier3/main.tf +++ b/src/terraform/tier3/main.tf @@ -129,20 +129,14 @@ module "spoke-network-t3" { location = azurerm_resource_group.tier3.location - hub_subid = var.hub_subid - hub_rgname = var.hub_rgname - hub_vnetname = var.hub_vnetname firewall_private_ip = var.firewall_private_ip.value - laws_name = data.azurerm_log_analytics_workspace.laws.name laws_location = var.mlz_location laws_workspace_id = data.azurerm_log_analytics_workspace.laws.workspace_id laws_resource_id = data.azurerm_log_analytics_workspace.laws.id - spoke_subid = var.tier3_subid - spoke_rgname = var.tier3_rgname - spoke_vnetname = var.tier3_vnetname - + spoke_rgname = var.tier3_rgname + spoke_vnetname = var.tier3_vnetname spoke_vnet_address_space = var.tier3_vnet_address_space subnets = var.tier3_subnets diff --git a/src/terraform/tier3/minimum.tfvars.sample b/src/terraform/tier3/minimum.tfvars.sample index ce6e2aac9..c4ab5490c 100644 --- a/src/terraform/tier3/minimum.tfvars.sample +++ b/src/terraform/tier3/minimum.tfvars.sample @@ -1,20 +1,17 @@ -mlz_clientid="" -mlz_clientsecret="" -mlz_objectid="" +tf_environment = "" +deploymentname = "" +mlz_tenantid = "" +mlz_location = "" +mlz_metadatahost = "" +mlz_clientid = "" +mlz_clientsecret = "" -tf_environment="" -mlz_cloud="" -mlz_tenantid="" -mlz_location="" -mlz_metadatahost="" - -deploymentname = "" -hub_subid = "" -hub_rgname = "" -mlz_lawsname = "" -tier1_subid = "" -tier1_rgname = "" -tier1_vnetname = "" -tier3_subid = "" -tier3_rgname = "" -tier3_vnetname = "" +hub_subid = "" +hub_rgname = "" +hub_vnetname = "" +laws_name = "" +laws_rgname = "" +tier1_subid = "" +tier3_subid = "" +tier3_rgname = "" +tier3_vnetname = "" diff --git a/src/terraform/tier3/mlz.tfvars.sample b/src/terraform/tier3/tier3.tfvars.sample similarity index 74% rename from src/terraform/tier3/mlz.tfvars.sample rename to src/terraform/tier3/tier3.tfvars.sample index 84ca25e55..ba90190e7 100644 --- a/src/terraform/tier3/mlz.tfvars.sample +++ b/src/terraform/tier3/tier3.tfvars.sample @@ -1,24 +1,36 @@ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. + +################################# +# Global Configuration +################################# + +tf_environment = "{TF_ENVIRONMENT}" +deploymentname = "{DEPLOYMENTNAME}" +mlz_tenantid = "{MLZ_TENANTID}" +mlz_location = "{MLZ_LOCATION}" +mlz_metadatahost = "{MLZ_METADATAHOST}" +mlz_clientid = "{MLZ_CLIENTID}" +mlz_clientsecret = "{MLZ_CLIENTSECRET}" +mlz_objectid = "{MLZ_OBJECTID}" + ################################# -# Saca Configuration +# Hub Configuration ################################# -deploymentname = "{SACA_DEPLOYMENTNAME}" -saca_subid = "{SACA_SUBID}" -saca_rgname = "{SACA_RGNAME}" -saca_vnetname = "{SACA_VNETNAME}" -saca_lawsname = "{SACA_LAWSNAME}" -vnet_address_space = ["{SACA_VNETSPACE}"] +hub_subid = "{HUB_SUBID}" +hub_rgname = "{HUB_RGNAME}" +hub_vnetname = "{HUB_VNETNAME}" +firewall_private_ip = "{FIREWALL_PRIVATE_IP}" ################################# # Tier 1 Network configuration section ################################# -tier1_sub_id = = "{TIER1_SUBID}" -tier1_rgname = "{TIER1_RGNAME}" -tier1_vnetname = "{TIER1_VNETNAME}" +tier1_subid = "{TIER1_SUBID}" +laws_name = "{LAWS_NAME}" +laws_rgname = "{LAWS_RGNAME}" ################################# # Tier 3 Network configuration section @@ -28,11 +40,7 @@ tier3_subid = "{TIER3_SUBID}" tier3_rgname = "{TIER3_RGNAME}" tier3_vnetname = "{TIER3_VNETNAME}" -################################# -# Network configuration section -################################# - -tier3_vnet_address_space = ["{TIER3_VNETSPACE}"] +tier3_vnet_address_space = ["{TIER3_VNET_ADDRESS_SPACE}"] subnets = { "{TIER3_SUBNETVM_NAME}" = { @@ -71,4 +79,4 @@ subnets = { routetable_name = "{TIER3_SUBNETVM_RTNAME}" } -} \ No newline at end of file +} diff --git a/src/terraform/tier3/variables.tf b/src/terraform/tier3/variables.tf index 154512e11..8a5240a74 100644 --- a/src/terraform/tier3/variables.tf +++ b/src/terraform/tier3/variables.tf @@ -8,8 +8,8 @@ variable "tf_environment" { description = "The Terraform backend environment e.g. public or usgovernment" } -variable "mlz_cloud" { - description = "The Azure Cloud to deploy to e.g. AzureCloud or AzureUSGovernment" +variable "deploymentname" { + description = "A name for the deployment" } variable "mlz_tenantid" { @@ -36,24 +36,9 @@ variable "mlz_objectid" { description = "The account to deploy with" } -variable "laws_name" { - description = "Log Analytics Workspace Name for the deployment" -} - -variable "laws_rgname" { - description = "The RG that laws was deployed to." -} - -variable "firewall_private_ip" { - description = "Firewall IP to bind network to" -} - ################################# -# SACA Hub Configuration +# Hub Configuration ################################# -variable "deploymentname" { - description = "A name for the deployment" -} variable "hub_subid" { description = "Subscription ID for the deployment" @@ -67,25 +52,24 @@ variable "hub_vnetname" { description = "Virtual Network Name for the deployment" } -variable "hub_vnet_address_space" { - description = "The address space to be used for the virtual network." - default = ["10.0.100.0/24"] - type = list(string) +variable "firewall_private_ip" { + description = "Firewall IP to bind network to" } ################################# # Tier 1 Configuration ################################# + variable "tier1_subid" { description = "Subscription ID for the deployment" } -variable "tier1_rgname" { - description = "Resource Group for the deployment" +variable "laws_name" { + description = "Log Analytics Workspace Name for the deployment" } -variable "tier1_vnetname" { - description = "Virtual Network Name for the deployment" +variable "laws_rgname" { + description = "The RG that laws was deployed to." } ################################# @@ -103,9 +87,6 @@ variable "tier3_vnetname" { description = "Virtual Network Name for the deployment" } -################################# -# Network configuration section -################################# variable "tier3_vnet_address_space" { description = "Address space prefixes list of strings" type = list(string) @@ -176,9 +157,3 @@ variable "tier3_subnets" { } } } - -variable "tier3_create_network_watcher" { - description = "Deploy a Network Watcher resource alongside this virtual network (there's a limit of one per-subscription-per-region)" - type = bool - default = false -}