diff --git a/reference-implementations/LOB-ILB-ASEv3/terraform/ase.tf b/reference-implementations/LOB-ILB-ASEv3/terraform/ase.tf index fbcf4a3..812c77a 100644 --- a/reference-implementations/LOB-ILB-ASEv3/terraform/ase.tf +++ b/reference-implementations/LOB-ILB-ASEv3/terraform/ase.tf @@ -1,36 +1,36 @@ locals { // Variables - vnetId = azurerm_virtual_network.vnetSpoke.id - aseSubnetId = "${azurerm_virtual_network.vnetSpoke.id}/subnets/${local.aseSubnetName}" - numberOfWorkers = var.numberOfWorkers - workerPool = var.workerPool - aseName = substr("ase-${local.resourceSuffix}",0, 37) + vnetId = azurerm_virtual_network.vnetSpoke.id + aseSubnetId = "${azurerm_virtual_network.vnetSpoke.id}/subnets/${local.aseSubnetName}" + numberOfWorkers = var.numberOfWorkers + workerPool = var.workerPool + aseName = substr("ase-${local.resourceSuffix}", 0, 37) appServicePlanName = "asp-${local.resourceSuffix}" privateDnsZoneName = "${local.aseName}.appserviceenvironment.net" } resource "azurerm_app_service_environment_v3" "ase" { name = local.aseName - resource_group_name = local.aseResourceGroupName + resource_group_name = azurerm_resource_group.aserg.name subnet_id = local.aseSubnetId internal_load_balancing_mode = "Web, Publishing" zone_redundant = true - depends_on = [azurerm_bastion_host.bastionHost] + depends_on = [azurerm_bastion_host.bastionHost] } resource "azurerm_app_service_plan" "appServicePlan" { - name = local.appServicePlanName - location = var.location - resource_group_name = local.aseResourceGroupName + name = local.appServicePlanName + location = azurerm_resource_group.aserg.location + resource_group_name = azurerm_resource_group.aserg.name app_service_environment_id = azurerm_app_service_environment_v3.ase.id - is_xenon = false - per_site_scaling = false - reserved = false - zone_redundant = true + is_xenon = false + per_site_scaling = false + reserved = false + zone_redundant = true sku { - tier = "IsolatedV2" - size = "I${local.workerPool}v2" + tier = "IsolatedV2" + size = "I${local.workerPool}v2" capacity = local.numberOfWorkers } depends_on = [azurerm_bastion_host.bastionHost] @@ -38,23 +38,23 @@ resource "azurerm_app_service_plan" "appServicePlan" { resource "azurerm_private_dns_zone" "privateDnsZone" { name = local.privateDnsZoneName - resource_group_name = local.aseResourceGroupName - depends_on = [azurerm_app_service_environment_v3.ase] + resource_group_name = azurerm_resource_group.aserg.name + depends_on = [azurerm_app_service_environment_v3.ase] } resource "azurerm_private_dns_zone_virtual_network_link" "privateDnsZoneName_vnetLink" { name = "vnetLink" - resource_group_name = local.aseResourceGroupName + resource_group_name = azurerm_resource_group.aserg.name private_dns_zone_name = local.privateDnsZoneName virtual_network_id = local.vnetId registration_enabled = false - depends_on = [azurerm_app_service_environment_v3.ase,azurerm_private_dns_zone.privateDnsZone] + depends_on = [azurerm_app_service_environment_v3.ase, azurerm_private_dns_zone.privateDnsZone] } resource "azurerm_private_dns_a_record" "privateDnsZoneName_all" { name = "*" zone_name = azurerm_private_dns_zone.privateDnsZone.name - resource_group_name = local.aseResourceGroupName + resource_group_name = azurerm_resource_group.aserg.name ttl = 3600 records = azurerm_app_service_environment_v3.ase.internal_inbound_ip_addresses depends_on = [azurerm_private_dns_zone.privateDnsZone] @@ -63,7 +63,7 @@ resource "azurerm_private_dns_a_record" "privateDnsZoneName_all" { resource "azurerm_private_dns_a_record" "privateDnsZoneName_scm" { name = "*.scm" zone_name = azurerm_private_dns_zone.privateDnsZone.name - resource_group_name = local.aseResourceGroupName + resource_group_name = azurerm_resource_group.aserg.name ttl = 3600 records = azurerm_app_service_environment_v3.ase.internal_inbound_ip_addresses depends_on = [azurerm_private_dns_zone.privateDnsZone] @@ -72,7 +72,7 @@ resource "azurerm_private_dns_a_record" "privateDnsZoneName_scm" { resource "azurerm_private_dns_a_record" "privateDnsZoneName_Amp" { name = "@" zone_name = azurerm_private_dns_zone.privateDnsZone.name - resource_group_name = local.aseResourceGroupName + resource_group_name = azurerm_resource_group.aserg.name ttl = 3600 records = azurerm_app_service_environment_v3.ase.internal_inbound_ip_addresses depends_on = [azurerm_private_dns_zone.privateDnsZone] diff --git a/reference-implementations/LOB-ILB-ASEv3/terraform/network.tf b/reference-implementations/LOB-ILB-ASEv3/terraform/network.tf index 7cc1af9..c3a9b94 100644 --- a/reference-implementations/LOB-ILB-ASEv3/terraform/network.tf +++ b/reference-implementations/LOB-ILB-ASEv3/terraform/network.tf @@ -1,22 +1,22 @@ locals { // Variables -bastionHostName ="snet-basthost-${local.resourceSuffix}" -bastionHostPip ="${local.bastionHostName}-pip" -hubVNetName ="vnet-hub-${local.resourceSuffix}" -spokeVNetName ="vnet-spoke-${local.resourceSuffix}" -bastionSubnetName ="AzureBastionSubnet" -CICDAgentSubnetName ="snet-cicd-${local.resourceSuffix}" -jumpBoxSubnetName ="snet-jbox-${local.resourceSuffix}" -aseSubnetName ="snet-ase-${local.resourceSuffix}" + bastionHostName = "snet-basthost-${local.resourceSuffix}" + bastionHostPip = "${local.bastionHostName}-pip" + hubVNetName = "vnet-hub-${local.resourceSuffix}" + spokeVNetName = "vnet-spoke-${local.resourceSuffix}" + bastionSubnetName = "AzureBastionSubnet" + CICDAgentSubnetName = "snet-cicd-${local.resourceSuffix}" + jumpBoxSubnetName = "snet-jbox-${local.resourceSuffix}" + aseSubnetName = "snet-ase-${local.resourceSuffix}" } // Resources - VNet - SubNets resource "azurerm_virtual_network" "vnetHub" { name = local.hubVNetName - location = var.location - resource_group_name = local.networkingResourceGroupName + location = azurerm_resource_group.networkrg.location + resource_group_name = azurerm_resource_group.networkrg.name address_space = [var.hubVNetNameAddressPrefix] subnet { @@ -41,15 +41,15 @@ resource "azurerm_virtual_network" "vnetHub" { // Resources - VNet - SubNets - Spoke resource "azurerm_virtual_network" "vnetSpoke" { name = local.spokeVNetName - location = var.location - resource_group_name = local.networkingResourceGroupName + location = azurerm_resource_group.networkrg.location + resource_group_name = azurerm_resource_group.networkrg.name address_space = [var.spokeVNetNameAddressPrefix] - depends_on = [azurerm_resource_group.networkrg] + depends_on = [azurerm_resource_group.networkrg] } resource "azurerm_subnet" "vnetSpokeSubnet" { name = local.aseSubnetName - resource_group_name = local.networkingResourceGroupName + resource_group_name = azurerm_resource_group.networkrg.name virtual_network_name = azurerm_virtual_network.vnetSpoke.name address_prefixes = [var.aseAddressPrefix] @@ -66,50 +66,50 @@ resource "azurerm_subnet" "vnetSpokeSubnet" { // Peering resource "azurerm_virtual_network_peering" "peerhubtospoke" { - name = "peerhubtospoke" - resource_group_name = local.networkingResourceGroupName - virtual_network_name = azurerm_virtual_network.vnetHub.name - remote_virtual_network_id = azurerm_virtual_network.vnetSpoke.id + name = "peerhubtospoke" + resource_group_name = azurerm_resource_group.networkrg.name + virtual_network_name = azurerm_virtual_network.vnetHub.name + remote_virtual_network_id = azurerm_virtual_network.vnetSpoke.id allow_virtual_network_access = true allow_forwarded_traffic = false - allow_gateway_transit = false - use_remote_gateways = false - depends_on = [azurerm_virtual_network.vnetHub,azurerm_virtual_network.vnetSpoke] + allow_gateway_transit = false + use_remote_gateways = false + depends_on = [azurerm_virtual_network.vnetHub, azurerm_virtual_network.vnetSpoke] } resource "azurerm_virtual_network_peering" "peerspoketohub" { - name = "peerspoketohub" - resource_group_name = local.networkingResourceGroupName - virtual_network_name = azurerm_virtual_network.vnetSpoke.name - remote_virtual_network_id = azurerm_virtual_network.vnetHub.id + name = "peerspoketohub" + resource_group_name = azurerm_resource_group.networkrg.name + virtual_network_name = azurerm_virtual_network.vnetSpoke.name + remote_virtual_network_id = azurerm_virtual_network.vnetHub.id allow_virtual_network_access = true allow_forwarded_traffic = false - allow_gateway_transit = false - use_remote_gateways = false - depends_on = [azurerm_virtual_network.vnetHub,azurerm_virtual_network.vnetSpoke] + allow_gateway_transit = false + use_remote_gateways = false + depends_on = [azurerm_virtual_network.vnetHub, azurerm_virtual_network.vnetSpoke] } //bastionHost resource "azurerm_public_ip" "bastionHostPippublicIp" { name = local.bastionHostPip - resource_group_name = local.networkingResourceGroupName - location = var.location + resource_group_name = azurerm_resource_group.networkrg.name + location = azurerm_resource_group.networkrg.location allocation_method = "Static" - sku = "Standard" - depends_on = [azurerm_resource_group.networkrg] + sku = "Standard" + depends_on = [azurerm_resource_group.networkrg] } resource "azurerm_bastion_host" "bastionHost" { name = local.bastionHostName - location = var.location - resource_group_name = local.networkingResourceGroupName + location = azurerm_resource_group.networkrg.location + resource_group_name = azurerm_resource_group.networkrg.name ip_configuration { name = "IpConf" subnet_id = "${azurerm_virtual_network.vnetHub.id}/subnets/AzureBastionSubnet" public_ip_address_id = azurerm_public_ip.bastionHostPippublicIp.id } - depends_on = [azurerm_virtual_network.vnetHub,azurerm_virtual_network.vnetSpoke] + depends_on = [azurerm_virtual_network.vnetHub, azurerm_virtual_network.vnetSpoke] } // Output section