Change KeyVault properties, move `provider` block to `providers.tf` file

Remove hardcoded `admin_password` in example, add `sensitive = true` to `admin_password`.
2022-11-11 20:35:55 +08:00 · 2022-11-11 20:35:55 +08:00 · f430640224
--- a/examples/complete/key_vault.tf
+++ b/examples/complete/key_vault.tf
@ -35,40 +35,36 @@ resource "azurerm_key_vault_access_policy" "test" {
  object_id    = coalesce(var.managed_identity_principal_id, data.azurerm_client_config.current.object_id)
  tenant_id    = data.azurerm_client_config.current.tenant_id
  certificate_permissions = [
-    for p in [
-      "create",
-      "delete",
-      "deleteIssuers",
-      "get",
-      "getIssuers",
-      "import",
-      "list",
-      "listIssuers",
-      "manageContacts",
-      "manageIssuers",
-      "setIssuers",
-      "update",
-    ] : title(p)
+    "Create",
+    "Delete",
+    "DeleteIssuers",
+    "Get",
+    "GetIssuers",
+    "Import",
+    "List",
+    "ListIssuers",
+    "ManageContacts",
+    "ManageIssuers",
+    "SetIssuers",
+    "Update",
  ]
  key_permissions = [
-    for p in [
-      "backup",
-      "create",
-      "decrypt",
-      "delete",
-      "encrypt",
-      "get",
-      "import",
-      "list",
-      "purge",
-      "recover",
-      "restore",
-      "sign",
-      "unwrapKey",
-      "update",
-      "verify",
-      "wrapKey",
-    ] : title(p)
+    "Backup",
+    "Create",
+    "Decrypt",
+    "Delete",
+    "Encrypt",
+    "Get",
+    "Import",
+    "List",
+    "Purge",
+    "Recover",
+    "Restore",
+    "Sign",
+    "UnwrapKey",
+    "Update",
+    "Verify",
+    "WrapKey",
  ]
  secret_permissions = [
    "Backup",
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@ -1,16 +1,3 @@
-provider "azurerm" {
-  features {
-    key_vault {
-      purge_soft_delete_on_destroy               = false
-      purge_soft_deleted_certificates_on_destroy = false
-      purge_soft_deleted_keys_on_destroy         = false
-    }
-    resource_group {
-      prevent_deletion_if_contains_resources = false
-    }
-  }
-}
-
 resource "random_id" "ip_dns" {
  byte_length = 4
 }
@ -51,13 +38,29 @@ locals {
  ubuntu_ssh_keys = fileexists("~/.ssh/id_rsa.pub") ? [] : ["monica_id_rsa.pub"]
 }

+resource "random_password" "admin_password" {
+  length      = 20
+  lower       = true
+  min_lower   = 1
+  min_numeric = 1
+  min_special = 1
+  min_upper   = 1
+  numeric     = true
+  special     = true
+  upper       = true
+}
+
+locals {
+  admin_password = coalesce(var.admin_password, random_password.admin_password.result)
+}
+
 module "ubuntuservers" {
  source                           = "../.."
  vm_hostname                      = "${random_id.ip_dns.hex}-u"
  resource_group_name              = azurerm_resource_group.test.name
  location                         = var.location_alt
  admin_username                   = var.admin_username
-  admin_password                   = var.admin_password
+  admin_password                   = local.admin_password
  vm_os_simple                     = var.vm_os_simple_1
  public_ip_dns                    = ["ubuntusimplevmips-${random_id.ip_dns.hex}"]
  vnet_subnet_id                   = azurerm_subnet.subnet[0].id
@ -88,7 +91,7 @@ module "debianservers" {
  resource_group_name = azurerm_resource_group.test.name
  location            = var.location_alt
  admin_username      = var.admin_username
-  admin_password      = var.admin_password
+  admin_password      = local.admin_password
  custom_data         = var.custom_data
  vm_os_simple        = var.vm_os_simple_2
  public_ip_dns       = ["debiansimplevmips-${random_id.ip_dns.hex}"]
@ -138,7 +141,7 @@ module "windowsservers" {
  location            = var.location_alt
  is_windows_image    = true
  admin_username      = var.admin_username
-  admin_password      = var.admin_password
+  admin_password      = local.admin_password
  vm_os_simple        = "WindowsServer"
  public_ip_dns       = ["winsimplevmips-${random_id.ip_dns.hex}"] # change to a unique name per datacenter region
  vnet_subnet_id      = azurerm_subnet.subnet[2].id
--- a/examples/complete/outputs.tf
+++ b/examples/complete/outputs.tf
@ -26,6 +26,11 @@ output "windows_ip_address" {
  value = module.windowsservers.public_ip_address
 }

+output "windows_vm_admin_password" {
+  sensitive = true
+  value     = local.admin_password
+}
+
 output "windows_vm_public_name" {
  value = module.windowsservers.public_ip_dns_name
 }
--- a/examples/complete/providers.tf
+++ b/examples/complete/providers.tf
@ -15,4 +15,17 @@ terraform {
      version = ">=3.0.0"
    }
  }
+}
+
+provider "azurerm" {
+  features {
+    key_vault {
+      purge_soft_delete_on_destroy               = false
+      purge_soft_deleted_certificates_on_destroy = false
+      purge_soft_deleted_keys_on_destroy         = false
+    }
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
 }
--- a/examples/complete/variables.tf
+++ b/examples/complete/variables.tf
@ -1,6 +1,7 @@
 variable "admin_password" {
-  type    = string
-  default = "P@ssw0rd12345!"
+  type      = string
+  sensitive = true
+  default   = null
 }

 variable "admin_username" {