forked from aztfmod/terraform-azurerm-caf
-
Notifications
You must be signed in to change notification settings - Fork 0
/
diagnostics.tf
executable file
·94 lines (78 loc) · 4.23 KB
/
diagnostics.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
locals {
# Diagnostics services to create
diagnostics = {
diagnostic_event_hub_namespaces = try(var.diagnostics.diagnostic_event_hub_namespaces, {})
diagnostic_log_analytics = try(var.diagnostics.diagnostic_log_analytics, {})
diagnostic_storage_accounts = try(var.diagnostics.diagnostic_storage_accounts, {})
}
# Remote amd locally created diagnostics objects
combined_diagnostics = {
diagnostics_definition = try(var.diagnostics.diagnostics_definition, {})
diagnostics_destinations = try(var.diagnostics.diagnostics_destinations, {})
storage_accounts = merge(try(var.diagnostics.storage_accounts, {}), module.diagnostic_storage_accounts)
log_analytics = merge(try(var.diagnostics.log_analytics, {}), module.diagnostic_log_analytics)
event_hub_namespaces = merge(try(var.diagnostics.event_hub_namespaces, {}), module.diagnostic_event_hub_namespaces)
}
}
# Output diagnostics
output "diagnostics" {
value = local.combined_diagnostics
}
module "diagnostic_storage_accounts" {
source = "./modules/storage_account"
for_each = local.diagnostics.diagnostic_storage_accounts
global_settings = local.global_settings
client_config = local.client_config
storage_account = each.value
resource_group_name = local.resource_groups[each.value.resource_group_key].name
location = lookup(each.value, "region", null) == null ? local.resource_groups[each.value.resource_group_key].location : local.global_settings.regions[each.value.region]
base_tags = try(local.global_settings.inherit_tags, false) ? local.resource_groups[each.value.resource_group_key].tags : {}
}
resource "azurerm_storage_account_customer_managed_key" "diasacmk" {
depends_on = [module.keyvault_access_policies]
for_each = {
for key, value in local.diagnostics.diagnostic_storage_accounts : key => value
if try(value.customer_managed_key, null) != null
}
storage_account_id = module.diagnostic_storage_accounts[each.key].id
key_vault_id = module.keyvaults[each.value.customer_managed_key.keyvault_key].id
key_name = module.keyvault_keys[each.value.customer_managed_key.keyvault_key_key].name
}
module "diagnostic_event_hub_namespaces" {
source = "./modules/event_hubs/namespaces"
for_each = local.diagnostics.diagnostic_event_hub_namespaces
global_settings = local.global_settings
settings = each.value
client_config = local.client_config
base_tags = try(local.global_settings.inherit_tags, false) ? local.resource_groups[each.value.resource_group_key].tags : {}
resource_group = coalesce(
try(local.combined_objects_resource_groups[local.client_config.landingzone_key][each.value.resource_group_key], null),
try(local.combined_objects_resource_groups[each.value.lz_key][each.value.resource_group_key], null),
try(local.combined_objects_resource_groups[local.client_config.landingzone_key][each.value.resource_group.key], null),
try(local.combined_objects_resource_groups[each.value.resource_group.lz_key][each.value.resource_group.key], null)
)
}
module "diagnostic_event_hub_namespaces_diagnostics" {
source = "./modules/diagnostics"
for_each = local.diagnostics.diagnostic_event_hub_namespaces
resource_id = module.diagnostic_event_hub_namespaces[each.key].id
resource_location = module.diagnostic_event_hub_namespaces[each.key].location
diagnostics = local.combined_diagnostics
profiles = try(each.value.diagnostic_profiles, {})
}
module "diagnostic_log_analytics" {
source = "./modules/log_analytics"
for_each = local.diagnostics.diagnostic_log_analytics
global_settings = local.global_settings
log_analytics = each.value
resource_groups = local.resource_groups
base_tags = try(local.global_settings.inherit_tags, false) ? local.resource_groups[each.value.resource_group_key].tags : {}
}
module "diagnostic_log_analytics_diagnostics" {
source = "./modules/diagnostics"
for_each = local.diagnostics.diagnostic_log_analytics
resource_id = module.diagnostic_log_analytics[each.key].id
resource_location = module.diagnostic_log_analytics[each.key].location
diagnostics = local.combined_diagnostics
profiles = try(each.value.diagnostic_profiles, {})
}