Skip to content

claranet/terraform-azurerm-eventhub

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Azure Eventhub feature

Changelog Notice Apache V2 License OpenTofu Registry

This Terraform module creates an Azure Eventhub.

Global versioning rule for Claranet Azure modules

Module version Terraform version OpenTofu version AzureRM version
>= 8.x.x Unverified 1.8.x >= 4.0
>= 7.x.x 1.3.x >= 3.0
>= 6.x.x 1.x >= 3.0
>= 5.x.x 0.15.x >= 2.0
>= 4.x.x 0.13.x / 0.14.x >= 2.0
>= 3.x.x 0.12.x >= 2.0
>= 2.x.x 0.12.x < 2.0
< 2.x.x 0.11.x < 2.0

Contributing

If you want to contribute to this repository, feel free to use our pre-commit git hook configuration which will help you automatically update and format some files for you by enforcing our Terraform code module best-practices.

More details are available in the CONTRIBUTING.md file.

Usage

This module is optimized to work with the Claranet terraform-wrapper tool which set some terraform variables in the environment needed by this module. More details about variables set by the terraform-wrapper available in the documentation.

⚠️ Since modules version v8.0.0, we do not maintain/check anymore the compatibility with Hashicorp Terraform. Instead, we recommend to use OpenTofu.

module "eventhub" {
  source  = "claranet/eventhub/azurerm"
  version = "x.x.x"

  location       = module.azure_region.location
  location_short = module.azure_region.location_short
  client_name    = var.client_name
  environment    = var.environment
  stack          = var.stack

  resource_group_name = module.rg.name

  create_dedicated_cluster = true

  namespace_parameters = {
    sku      = "Standard"
    capacity = 2
  }

  namespace_authorizations = {
    listen = true
    send   = false
  }

  network_rules_enabled = true
  allowed_cidrs         = ["1.1.1.1/32"]
  allowed_subnet_ids = [
    var.subnet_id
  ]

  hubs_parameters = {
    main = {
      custom_name     = "main-queue-hub"
      partition_count = 2

      authorizations = {
        listen = true
        send   = true
        manage = false
      }
    }
  }

  logs_destinations_ids = [
    # module.logs.logs_storage_account_id,
    # module.logs.log_analytics_workspace_id
  ]
}

Providers

Name Version
azurecaf ~> 1.2.28
azurerm ~> 4.0

Modules

Name Source Version
diagnostics claranet/diagnostic-settings/azurerm ~> 8.0.0

Resources

Name Type
azurerm_eventhub.main resource
azurerm_eventhub_authorization_rule.listen resource
azurerm_eventhub_authorization_rule.manage resource
azurerm_eventhub_authorization_rule.send resource
azurerm_eventhub_cluster.main resource
azurerm_eventhub_consumer_group.main resource
azurerm_eventhub_namespace.main resource
azurerm_eventhub_namespace_authorization_rule.listen resource
azurerm_eventhub_namespace_authorization_rule.manage resource
azurerm_eventhub_namespace_authorization_rule.send resource
azurecaf_name.consumer_group data source
azurecaf_name.eventhub data source
azurecaf_name.eventhub_auth_rule data source
azurecaf_name.eventhub_namespace data source
azurecaf_name.eventhub_namespace_auth_rule data source

Inputs

Name Description Type Default Required
allowed_cidrs List of CIDR to allow access to that EventHub Namespace. list(string) [] no
allowed_subnet_ids Subnets to allow access to that EventHub Namespace. list(string) [] no
client_name Client name/account used in naming. string n/a yes
create_dedicated_cluster If true, an EventHub Cluster is created and associated to the Namespace. bool false no
custom_name Custom resource name for EventHub namespace. string "" no
custom_namespace_auth_rule_name Custom authorization rule name for EventHub namespace. string null no
default_tags_enabled Option to enable or disable default tags bool true no
diagnostic_settings_custom_name Custom name of the diagnostics settings, name will be default if not set. string "default" no
environment Project environment. string n/a yes
extra_tags Extra tags to add map(string) {} no
hubs_parameters Map of Event Hub parameters objects (key is hub shortname).
map(object({
custom_name = optional(string)
partition_count = number
message_retention = optional(number, 7)
capture_description = optional(object({
enabled = optional(bool, true)
encoding = string
interval_in_seconds = optional(number)
size_limit_in_bytes = optional(number)
skip_empty_archives = optional(bool)
destination = object({
name = optional(string, "EventHubArchive.AzureBlockBlob")
archive_name_format = optional(string)
blob_container_name = string
storage_account_id = string
})
}))

consumer_group = optional(object({
enabled = optional(bool, false)
custom_name = optional(string)
user_metadata = optional(string)
}), {})

authorizations = optional(object({
listen = optional(bool, true)
send = optional(bool, true)
manage = optional(bool, true)
}), {})
}))
{} no
location Azure location for Eventhub. string n/a yes
location_short Short string for Azure location. string n/a yes
logs_categories Log categories to send to destinations. list(string) null no
logs_destinations_ids List of destination resources IDs for logs diagnostic destination.
Can be Storage Account, Log Analytics Workspace and Event Hub. No more than one of each can be set.
If you want to use Azure EventHub as a destination, you must provide a formatted string containing both the EventHub Namespace authorization send ID and the EventHub name (name of the queue to use in the Namespace) separated by the | character.
list(string) n/a yes
logs_metrics_categories Metrics categories to send to destinations. list(string) null no
name_prefix Optional prefix for the generated name string "" no
name_suffix Optional suffix for the generated name string "" no
namespace_authorizations Object to specify which Namespace authorizations need to be created.
object({
listen = optional(bool, true)
send = optional(bool, true)
manage = optional(bool, true)
})
{} no
namespace_parameters EventHub Namespace parameters:
- sku:                  Defines which tier to use. Valid options are Basic, Standard, and Premium. Please not that setting this field to Premium will force the creation of a new resource and also requires setting zone_redundant to true.
- capacity: Specifies the Capacity / Throughput Units for a Standard SKU namespace. Default capacity has a maximum of 2, but can be increased in blocks of 2 on a committed purchase basis.
- auto_inflate_enabled: Is Auto Inflate enabled for the Event Hub namespace?
- dedicated_cluster_id: Specifies the ID of the Event Hub Dedicated Cluster where this namespace should created.
- maximum_throughput_units: Specifies the maximum number of throughput units when Auto Inflate is Enabled. Valid values range from 1 - 20.
- zone_redundant: Specifies if the Event Hub namespace should be Zone Redundant (created across Availability Zones). Changing this forces a new resource to be created.
- local_authentication_enabled: Is SAS authentication enabled for the EventHub Namespace?
- public_network_access_enabled: Is public network access enabled for the EventHub Namespace? Defaults to true.
- minimum_tls_version: The minimum supported TLS version for this EventHub Namespace. Valid values are: 1.0, 1.1 and 1.2. The current default minimum TLS version is 1.2.
object({
sku = optional(string, "Standard")
capacity = optional(number, 2)
auto_inflate_enabled = optional(bool, false)
dedicated_cluster_id = optional(string)
maximum_throughput_units = optional(number)
local_authentication_enabled = optional(bool)
public_network_access_enabled = optional(bool, true)
minimum_tls_version = optional(string, "1.2")
})
n/a yes
network_rules_default_action The default action to take when a rule is not matched. Possible values are Allow and Deny. string "Deny" no
network_rules_enabled Boolean to enable Network Rules on the EventHub Namespace, requires allowed_cidrs, allowed_subnet_ids, network_rules_default_action or network_trusted_service_access_enabled correctly set if enabled. bool false no
network_trusted_service_access_enabled Whether Trusted Microsoft Services are allowed to bypass firewall. bool true no
resource_group_name Name of the resource group. string n/a yes
stack Project stack name. string n/a yes

Outputs

Name Description
hubs_listen_authorization_rule Event Hubs listen only authorization rules.
hubs_manage_authorization_rule Event Hubs Namespace manage authorization rules.
hubs_send_authorization_rule Event Hubs send only authorization rules.
id Azure Event Hub Namespace ID.
identity_principal_id Azure Event Hub Namespace system identity principal ID.
module_diagnostics Diagnostics settings module outputs.
name Azure Event Hub Namespace name.
namespace_default_primary_connection_string Event Hub Namespace default primary connection string.
namespace_default_primary_key Event Hub Namespace default primary key.
namespace_default_secondary_connection_string Eventhub Namespace default secondary connection string.
namespace_default_secondary_key Event Hub Namespace default secondary key.
namespace_id Azure Event Hub Namespace ID.
namespace_name Azure Event Hub Namespace name.
resource_consumer_groups Azure Event Hub Consumer Groups resource objects.
resource_eventhubs Azure Event Hubs resource objects.
resource_namespace Azure Event Hub Namespace resource object.
resource_namespace_listen_authorization_rule Event Hub Namespace listen only authorization rule resource.
resource_namespace_manage_authorization_rule Event Hub Namespace manage authorization rule resource.
resource_namespace_send_authorization_rule Event Hub Namespace send only authorization rule resource.

Related documentation

Microsoft Azure documentation: docs.microsoft.com/en-us/azure/event-hubs/