EU Terraform Stack

Docs for the EU Gateway deployment terraform

Requirements

Name Version
terraform >= 1.0
azurerm =2.71.0
helm =2.2.0
kubectl =1.11.2
kubernetes =2.4.1

Providers

Name Version
azurerm 2.71.0
helm 2.2.0
kubernetes 2.4.1
terraform n/a

Modules

Name Source Version
base_infra ../terraform-modules/base-infrastructure n/a

Resources

Name Type
azurerm_key_vault_certificate.trustanchor_certificate resource
azurerm_key_vault_secret.trustanchor_alias resource
azurerm_mysql_database.mysql_db resource
azurerm_role_assignment.dgc_gateway_identity_kv_role_assignment resource
azurerm_user_assigned_identity.dgc_gateway_identity resource
helm_release.dgc_gateway resource
kubernetes_namespace.dgc_gateway resource
terraform_remote_state.dev data source

Inputs

Name Description Type Default Required
administrator_group_oid OID of the Group to grant Administrator permissions string n/a yes
ghcr_password GitHub Container Registry Password string n/a yes
ghcr_username GitHub Container Registry Username string n/a yes
jump_box_identity_file The RSA Key for the Jump Box, required for remote executing code over SSH string n/a yes
jump_box_identity_host The Host address for the Jump Box, required for remote executing code over SSH string n/a yes
jump_box_identity_user The User for the Jump Box to authenticate, required for remote executing code over SSH string n/a yes
location Location Name string n/a yes
parent_dns_zone_name Parent DNS Zone Name string n/a yes
parent_dns_zone_rg_name Parent DNS Zone Resource Group Name string n/a yes
subscription_id Subscription to deploy into string n/a yes
tenant_id Tenant to deploy into string n/a yes
enable_azure_policy Enable the creation of policy_set_definitions and resource_group_policy_assignment or not bool false no
enable_log_analytics_workspace Enable the creation of azurerm_log_analytics_workspace and azurerm_log_analytics_solution or not bool false no
gateway_version Version Number of the Gateway string "1.1.3-44c8778-azure-0.0.1-5f09fbf" no
generation Generation number to be appended to certain resource names (e.g. Purge Protected Key Vault’s). Changing this value can only be done during a fresh deployment. number 1 no
log_analytics_cluster_id Enable the sending of Azure Log Workspace to Log Analytics Analytics Custer ID supplied string null no
prefix Resource Name Prefix. Should be less than 6 chars. This is used to make sure some resource names are globally unique for some azure resources that require unique names (like Key Vault and Azure Container Registries) string "" no
utility_image_tag Tag of the Utility Image to import string "0.0.1-c5b4119" no

Outputs

Name Description
dgc_gateway_fqdn The fqdn for the EU DGC Gateway used by the per member country deployments