mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-04-22 16:19:19 -04:00
wrote tagging terraform config for azure
This commit is contained in:
miampf
parent
2a81882223
commit
7a5e831c01
@ -75,6 +75,8 @@ resource "azurerm_attestation_provider" "attestation_provider" {
|
||||
# Related issue: https://github.com/hashicorp/terraform-provider-azurerm/issues/21998
|
||||
ignore_changes = [open_enclave_policy_base64, sgx_enclave_policy_base64, tpm_policy_base64, sev_snp_policy_base64]
|
||||
}
|
||||
|
||||
tags = var.additional_tags
|
||||
}
|
||||
|
||||
resource "azurerm_public_ip" "loadbalancer_ip" {
|
||||
@ -85,7 +87,7 @@ resource "azurerm_public_ip" "loadbalancer_ip" {
|
||||
location = var.location
|
||||
allocation_method = "Static"
|
||||
sku = "Standard"
|
||||
tags = local.tags
|
||||
tags = merge(local.tags, var.additional_tags)
|
||||
|
||||
lifecycle {
|
||||
ignore_changes = [name]
|
||||
@ -103,6 +105,7 @@ data "azurerm_public_ip" "loadbalancer_ip" {
|
||||
name = "${local.name}-lb"
|
||||
resource_group_name = var.resource_group
|
||||
depends_on = [azurerm_public_ip.loadbalancer_ip]
|
||||
tags = var.additional_tags
|
||||
}
|
||||
|
||||
resource "azurerm_public_ip" "nat_gateway_ip" {
|
||||
@ -111,7 +114,7 @@ resource "azurerm_public_ip" "nat_gateway_ip" {
|
||||
location = var.location
|
||||
allocation_method = "Static"
|
||||
sku = "Standard"
|
||||
tags = local.tags
|
||||
tags = merge(local.tags, var.additional_tags)
|
||||
}
|
||||
|
||||
resource "azurerm_nat_gateway" "gateway" {
|
||||
@ -120,16 +123,19 @@ resource "azurerm_nat_gateway" "gateway" {
|
||||
resource_group_name = var.resource_group
|
||||
sku_name = "Standard"
|
||||
idle_timeout_in_minutes = 10
|
||||
tags = var.additional_tags
|
||||
}
|
||||
|
||||
resource "azurerm_subnet_nat_gateway_association" "example" {
|
||||
nat_gateway_id = azurerm_nat_gateway.gateway.id
|
||||
subnet_id = azurerm_subnet.node_subnet.id
|
||||
tags = var.additional_tags
|
||||
}
|
||||
|
||||
resource "azurerm_nat_gateway_public_ip_association" "example" {
|
||||
nat_gateway_id = azurerm_nat_gateway.gateway.id
|
||||
public_ip_address_id = azurerm_public_ip.nat_gateway_ip.id
|
||||
tags = var.additional_tags
|
||||
}
|
||||
|
||||
resource "azurerm_lb" "loadbalancer" {
|
||||
@ -137,7 +143,7 @@ resource "azurerm_lb" "loadbalancer" {
|
||||
location = var.location
|
||||
resource_group_name = var.resource_group
|
||||
sku = "Standard"
|
||||
tags = local.tags
|
||||
tags = merge(local.tags, var.additional_tags)
|
||||
|
||||
dynamic "frontend_ip_configuration" {
|
||||
for_each = var.internal_load_balancer ? [] : [1]
|
||||
@ -164,6 +170,7 @@ module "loadbalancer_backend_control_plane" {
|
||||
loadbalancer_id = azurerm_lb.loadbalancer.id
|
||||
frontend_ip_configuration_name = azurerm_lb.loadbalancer.frontend_ip_configuration[0].name
|
||||
ports = local.ports
|
||||
tags = var.additional_tags
|
||||
}
|
||||
|
||||
module "loadbalancer_backend_worker" {
|
||||
@ -173,11 +180,13 @@ module "loadbalancer_backend_worker" {
|
||||
loadbalancer_id = azurerm_lb.loadbalancer.id
|
||||
frontend_ip_configuration_name = azurerm_lb.loadbalancer.frontend_ip_configuration[0].name
|
||||
ports = []
|
||||
tags = var.additional_tags
|
||||
}
|
||||
|
||||
resource "azurerm_lb_backend_address_pool" "all" {
|
||||
loadbalancer_id = azurerm_lb.loadbalancer.id
|
||||
name = "${var.name}-all"
|
||||
tags = var.additional_tags
|
||||
}
|
||||
|
||||
resource "azurerm_virtual_network" "network" {
|
||||
@ -185,7 +194,7 @@ resource "azurerm_virtual_network" "network" {
|
||||
resource_group_name = var.resource_group
|
||||
location = var.location
|
||||
address_space = ["10.0.0.0/8"]
|
||||
tags = local.tags
|
||||
tags = merge(local.tags, var.additional_tags)
|
||||
}
|
||||
|
||||
resource "azurerm_subnet" "loadbalancer_subnet" {
|
||||
@ -194,6 +203,7 @@ resource "azurerm_subnet" "loadbalancer_subnet" {
|
||||
resource_group_name = var.resource_group
|
||||
virtual_network_name = azurerm_virtual_network.network.name
|
||||
address_prefixes = ["10.10.0.0/16"]
|
||||
tags = var.additional_tags
|
||||
}
|
||||
|
||||
resource "azurerm_subnet" "node_subnet" {
|
||||
@ -201,13 +211,14 @@ resource "azurerm_subnet" "node_subnet" {
|
||||
resource_group_name = var.resource_group
|
||||
virtual_network_name = azurerm_virtual_network.network.name
|
||||
address_prefixes = [local.cidr_vpc_subnet_nodes]
|
||||
tags = var.additional_tags
|
||||
}
|
||||
|
||||
resource "azurerm_network_security_group" "security_group" {
|
||||
name = local.name
|
||||
location = var.location
|
||||
resource_group_name = var.resource_group
|
||||
tags = local.tags
|
||||
tags = merge(local.tags, var.additional_tags)
|
||||
|
||||
dynamic "security_rule" {
|
||||
for_each = concat(
|
||||
@ -237,6 +248,7 @@ module "scale_set_group" {
|
||||
zones = each.value.zones
|
||||
tags = merge(
|
||||
local.tags,
|
||||
var.additional_tags,
|
||||
{ constellation-init-secret-hash = local.init_secret_hash },
|
||||
{ constellation-maa-url = var.create_maa ? azurerm_attestation_provider.attestation_provider[0].attestation_uri : "" },
|
||||
)
|
||||
@ -272,6 +284,7 @@ module "jump_host" {
|
||||
subnet_id = azurerm_subnet.loadbalancer_subnet[0].id
|
||||
ports = [for port in local.ports : port.port]
|
||||
lb_internal_ip = azurerm_lb.loadbalancer.frontend_ip_configuration[0].private_ip_address
|
||||
tags = var.additional_tags
|
||||
}
|
||||
|
||||
data "azurerm_subscription" "current" {
|
||||
|
||||
@ -3,6 +3,7 @@ resource "azurerm_linux_virtual_machine" "jump_host" {
|
||||
resource_group_name = var.resource_group
|
||||
location = var.location
|
||||
size = "Standard_D2as_v5"
|
||||
tags = var.tags
|
||||
|
||||
network_interface_ids = [
|
||||
azurerm_network_interface.jump_host.id,
|
||||
@ -63,6 +64,7 @@ resource "azurerm_network_interface" "jump_host" {
|
||||
name = "${var.base_name}-jump-host"
|
||||
resource_group_name = var.resource_group
|
||||
location = var.location
|
||||
tags = var.tags
|
||||
|
||||
ip_configuration {
|
||||
name = "public"
|
||||
@ -77,6 +79,7 @@ resource "azurerm_public_ip" "jump_host" {
|
||||
resource_group_name = var.resource_group
|
||||
location = var.location
|
||||
allocation_method = "Dynamic"
|
||||
tags = var.tags
|
||||
}
|
||||
|
||||
resource "tls_private_key" "ssh_key" {
|
||||
|
||||
@ -27,3 +27,8 @@ variable "location" {
|
||||
description = "Location to deploy the jump host into."
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "tags" {
|
||||
description = "Tags of the jump host."
|
||||
type = map
|
||||
}
|
||||
|
||||
@ -10,6 +10,7 @@ terraform {
|
||||
resource "azurerm_lb_backend_address_pool" "backend_pool" {
|
||||
loadbalancer_id = var.loadbalancer_id
|
||||
name = var.name
|
||||
tags = var.tags
|
||||
}
|
||||
|
||||
resource "azurerm_lb_probe" "health_probes" {
|
||||
@ -21,6 +22,7 @@ resource "azurerm_lb_probe" "health_probes" {
|
||||
protocol = each.value.health_check_protocol
|
||||
request_path = each.value.path
|
||||
interval_in_seconds = 5
|
||||
tags = var.tags
|
||||
}
|
||||
|
||||
resource "azurerm_lb_rule" "rules" {
|
||||
@ -35,4 +37,5 @@ resource "azurerm_lb_rule" "rules" {
|
||||
backend_address_pool_ids = [azurerm_lb_backend_address_pool.backend_pool.id]
|
||||
probe_id = each.value.id
|
||||
disable_outbound_snat = true
|
||||
tags = var.tags
|
||||
}
|
||||
|
||||
@ -23,3 +23,8 @@ variable "ports" {
|
||||
}))
|
||||
description = "Ports to add to the backend. Healtch check protocol can be either 'Tcp' or 'Https'. Path is only used for the 'Https' protocol and can otherwise be null."
|
||||
}
|
||||
|
||||
variable "tags" {
|
||||
type = map
|
||||
description = "Tags of the load balancer."
|
||||
}
|
||||
|
||||
@ -89,3 +89,8 @@ variable "marketplace_image" {
|
||||
default = null
|
||||
description = "Marketplace image for the cluster's nodes."
|
||||
}
|
||||
|
||||
variable "additional_tags" {
|
||||
type = map
|
||||
description = "Additional tags that should be applied to created resources."
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user