Adding resources to match terraform (#22)

* adding vnets, snets and snet delegation for mysql flex

* adding filestorage, keyvault, secrets and acls

* adding private dns zones, vnetlinks and private endpoints

* updating app service, adding AVD host pool

* fixing OS disk name

* adding vm extensions

* removing registratingTokenOperation

* adding ps1 for bicep deploy

* moving to separate azuredeploysecure, adding Microsoft.Web SE to integrationSubnet and computeSubnet

* fixing bicepdeploysecure to point to correct bicep file

---------

Co-authored-by: Matheus Carboni <mcarboni@microsoft.com>

bicepDeploySecure.ps1

@@ -0,0 +1,90 @@
+$startTime=Get-Date
+Write-Host "Beginning deployment at $starttime"
+
+Import-Module Azure -ErrorAction SilentlyContinue
+$version = 0;
+
+#DEPLOYMENT OPTIONS
+#Please review the azuredeploy.bicep file for available options
+$RGName        = "<YOUR RESOURCE GROUP>"
+$DeployRegion  = "<SELECT AZURE REGION>"
+
+$parms = @{
+
+    #Alternative to the zip file above, you can use REDCap Community credentials to download the zip file.
+    "redcapCommunityUsername"     = "<REDCap Community site username>";
+    "redcapCommunityPassword"     = "<REDCap Community site password>";
+    "redcapAppZipVersion"         = "<REDCap version";
+
+    #Mail settings
+    "fromEmailAddress"            = "<email address listed as sender for outbound emails>";
+    "smtpFQDN"                    = "<what it says>"
+    "smtpUser"                    = "<login name for smtp auth>"
+    "smtpPassword"                = "<password for smtp auth>"
+
+    #Azure Web App
+    "siteName"                    = "<WEB SITE NAME, like 'redcap'>";
+    "skuName"                     = "S1";
+    "skuCapacity"                 = 1;
+
+    #MySQL
+    "administratorLogin"          = "<MySQL admin account name>";
+    "administratorLoginPassword"  = "<MySQL admin login password>";
+
+    # "databaseForMySqlCores"       = 2;
+    # "databaseForMySqlFamily"      = "Gen5";
+    # "databaseSkuSizeMB"           = 5120;
+    # "databaseForMySqlTier"        = "GeneralPurpose";
+    "mysqlVersion"                = "5.7";
+    
+    #Azure Storage
+    "storageType"                 = "Standard_LRS";
+    "storageContainerName"        = "redcap";
+
+    #GitHub
+    "repoURL"                     = "https://github.com/vanderbilt-redcap/redcap-azure.git";
+    "branch"                      = "master";
+
+    #AVD session hosts
+    "vmAdminUserName"             = "<vm admin user name>"
+    "vmAdminPassword"             = "<vm admin password>"
+
+    #Domain join
+    "domainJoinUsername"          = "<domain join user name>"
+    "domainJoinPassword"          = "<domain join password>"
+    "adDomainFqdn"                = "<AD Domain FQDN>"
+
+
+}
+#END DEPLOYMENT OPTIONS
+
+#ensure we're logged in
+Get-AzContext -ErrorAction Stop
+
+try {
+    Get-AzResourceGroup -Name $RGName -ErrorAction Stop
+    Write-Host "Resource group $RGName exists, updating deployment"
+}
+catch {
+    $RG = New-AzResourceGroup -Name $RGName -Location $DeployRegion
+    Write-Host "Created new resource group $RGName."
+}
+$version ++
+$deployment = New-AzResourceGroupDeployment -ResourceGroupName $RGName -TemplateParameterObject $parms -TemplateFile ".\azuredeploysecure.bicep" -Name "RedCAPDeploy$version"  -Force -Verbose
+
+if ($deployment.ProvisioningState -eq "Succeeded") {
+    $siteName = $deployment.Outputs.webSiteFQDN.Value
+    start "https://$($siteName)/AzDeployStatus.php"
+    Write-Host "---------"
+    $deployment.Outputs | ConvertTo-Json
+
+} else {
+    $deperr = Get-AzResourceGroupDeploymentOperation -DeploymentName "RedCAPDeploy$version" -ResourceGroupName $RGName
+    $deperr | ConvertTo-Json
+}
+
+$endTime=Get-Date
+
+Write-Host ""
+Write-Host "Total Deployment time:"
+New-TimeSpan -Start $startTime -End $endTime | Select Hours, Minutes, Seconds

terraform/main.tf

@@ -579,33 +579,33 @@ resource "azurerm_mysql_flexible_database" "redcap" {
   collation           = "utf8_unicode_ci"
 }
 
-resource "azurerm_private_endpoint" "mysql" {
-  name                = "${local.mysql_name}-pe"
-  resource_group_name = azurerm_resource_group.redcap.name
-  location            = azurerm_resource_group.redcap.location
-  tags                = var.tags
-  subnet_id           = azurerm_subnet.redcap["PrivateLinkSubnet"].id
+# resource "azurerm_private_endpoint" "mysql" {
+#   name                = "${local.mysql_name}-pe"
+#   resource_group_name = azurerm_resource_group.redcap.name
+#   location            = azurerm_resource_group.redcap.location
+#   tags                = var.tags
+#   subnet_id           = azurerm_subnet.redcap["PrivateLinkSubnet"].id
 
-  private_dns_zone_group {
-    name = "default"
-    private_dns_zone_ids = [
-      azurerm_private_dns_zone.mysql.id
-    ]
-  }
+#   private_dns_zone_group {
+#     name = "default"
+#     private_dns_zone_ids = [
+#       azurerm_private_dns_zone.mysql.id
+#     ]
+#   }
 
-  private_service_connection {
-    name                           = "${local.mysql_name}-pe"
-    private_connection_resource_id = azurerm_mysql_flexible_server.redcap.id
-    is_manual_connection           = false
-    subresource_names = [
-      "mysqlServer"
-    ]
-  }
+#   private_service_connection {
+#     name                           = "${local.mysql_name}-pe"
+#     private_connection_resource_id = azurerm_mysql_flexible_server.redcap.id
+#     is_manual_connection           = false
+#     subresource_names = [
+#       "mysqlServer"
+#     ]
+#   }
 
-  depends_on = [
-    azurerm_subnet.redcap["PrivateLinkSubnet"]
-  ]
-}
+#   depends_on = [
+#     azurerm_subnet.redcap["PrivateLinkSubnet"]
+#   ]
+# }
 
 ##############################################
 # AZURE APP SERVICE