terraform-polkadot-azure-network

Features

This module...

Terraform Versions

For Terraform v0.12.0+

Usage

resource "azurerm_resource_group" "this" {
  location = "eastus"
  name     = "asg-default-testing"
}

module "defaults" {
  source                    = "../.."
  azure_resource_group_name = azurerm_resource_group.this.name
}

Examples

• defaults

Known Issues

No issue is creating limit on this module.

Providers

Name	Version
azurerm	n/a
cloudflare	n/a

Inputs

Name	Description	Type	Default	Required
azure_resource_group_name	Name of Azure Resource Group	string	n/a	yes
bastion_enabled	Boolean to enable a bastion host. All ssh traffic restricted to bastion	bool	false	no
bastion_sg_name	Name for the bastion security group	string	"bastion-sg"	no
cidr	The cidr range for network	string	"172.16.0.0/16"	no
consul_enabled	Boolean to allow consul traffic	bool	false	no
consul_sg_name	Name for the consult security group	string	"consul-sg"	no
corporate_ip	The corporate IP you want to restrict ssh traffic to	string	""	no
create_internal_domain	Boolean to create an internal split horizon DNS	bool	false	no
create_public_regional_subdomain	Boolean to create regional subdomain - ie us-east-1.example.com	bool	false	no
hids_enabled	Boolean to enable intrusion detection systems traffic	bool	false	no
hids_sg_name	Name for the HIDS security group	string	"hids-sg"	no
internal_tld	The top level domain for the internal DNS	string	"internal"	no
logging_enabled	Boolean to allow logging related traffic	bool	false	no
logging_sg_name	Name for the logging security group	string	"logging-sg"	no
monitoring_enabled	Boolean to for prometheus related traffic	bool	false	no
monitoring_sg_name	Name for the monitoring security group	string	"monitoring-sg"	no
namespace	The namespace to deploy into	string	"polkadot"	no
network_name	The network name, ie kusama / mainnet	string	""	no
owner	n/a	string	""	no
root_domain_name	The public domain	string	""	no
sentry_node_sg_name	Name for the public node security group	string	"sentry-sg"	no
tags	Key value pair to tag all resources	map(string)	{}	no
vault_enabled	Boolean to allow vault related traffic	bool	false	no
vault_sg_name	Name for the vault security group	string	"vault-sg"	no
vpc_name	The name of the VPC	string	"polkadot"	no
zone_id	The zone ID to configure as the root zone - ie subdomain.example.com's zone ID	string	""	no

Outputs

Name	Description
bastion_application_security_group_id	Name of the application security group for the bastion host
bastion_network_security_group_id	Name of the network security group for the bastion host
consul_application_security_group_id	Name of the application security group for the Consul servers
hids_application_security_group_id	Name of the application security group for the HIDS group
internal_tld	The name of the internal domain
logging_application_security_group_id	Name of the application security group for the logging group
monitoring_application_security_group_id	Name of the application security group for the monitoring group
private_network_security_group_id	Name of the private subnet network security group
private_subnets	The IDs of the private subnets
private_subnets_cidr_blocks	CIDR ranges for the private subnets
public_network_security_group_id	Name of the public subnet network security group
public_regional_domain	The public regional domain
public_subnet_cidr_blocks	CIDR ranges for the public subnets
public_subnets	The IDs of the public subnets
root_domain_name	The name of the root domain
sentry_application_security_group_id	Name of the application security group for the sentry group
vault_application_security_group_id	Name of the application security group for the vault group
vpc_id	The name of the VPC

Testing

This module has been packaged with terratest tests

To run them:

1. Install Go
2. Run make test-init from the root of this repo
3. Run make test again from root

Authors

Module managed by Richard Mah

Credits

• Anton Babenko

License

Apache 2 Licensed. See LICENSE for full details.