Base Infrastructure Terraform Module

Generated Content

This content in this section of the documentation is generated based on the Terraform source files.

Requirements

Name	Version
terraform	>= 1.0
azurerm	=2.71.0
helm	=2.2.0
kubectl	=1.11.2
kubernetes	=2.4.1
null	=3.1.0
random	=3.1.0

Providers

Name	Version
azurerm	=2.71.0
helm	=2.2.0
kubectl	=1.11.2
kubernetes	=2.4.1
null	=3.1.0
random	=3.1.0

Modules

No modules.

Resources

Name	Type
azurerm_container_registry.acr	resource
azurerm_disk_encryption_set.aks_encryption_set	resource
azurerm_dns_ns_record.dns_delegation	resource
azurerm_dns_zone.dns	resource
azurerm_key_vault.keyvault	resource
azurerm_key_vault_key.aks_encryption_key	resource
azurerm_key_vault_key.mysql_encryption_key	resource
azurerm_key_vault_secret.mysql_pw	resource
azurerm_kubernetes_cluster.aks	resource
azurerm_log_analytics_linked_service.log_analytics_linked_service	resource
azurerm_log_analytics_solution.azure_activity	resource
azurerm_log_analytics_solution.container_insights	resource
azurerm_log_analytics_solution.key_vault_analytics	resource
azurerm_log_analytics_solution.network_monitoring	resource
azurerm_log_analytics_solution.security_insights	resource
azurerm_log_analytics_solution.service_map	resource
azurerm_log_analytics_solution.sql_assessment_plus	resource
azurerm_log_analytics_solution.updates	resource
azurerm_log_analytics_workspace.log_analytics_workspace	resource
azurerm_monitor_diagnostic_setting.acr_diagnostic_logs	resource
azurerm_monitor_diagnostic_setting.keyvault_diagnostic_logs	resource
azurerm_monitor_diagnostic_setting.mysql_diagnostic_logs	resource
azurerm_mysql_active_directory_administrator.mysql_aadadmin	resource
azurerm_mysql_server.mysql	resource
azurerm_mysql_server_key.mysql_encryption_key	resource
azurerm_network_security_group.nsg	resource
azurerm_network_security_rule.haproxy_ingress_allow_http	resource
azurerm_network_security_rule.haproxy_ingress_allow_https	resource
azurerm_policy_set_definition.policy_set_definition	resource
azurerm_private_dns_zone.private_dns_zone_acr	resource
azurerm_private_dns_zone.private_dns_zone_aks	resource
azurerm_private_dns_zone.private_dns_zone_keyvault	resource
azurerm_private_dns_zone.private_dns_zone_mysql	resource
azurerm_private_dns_zone_virtual_network_link.private_dns_zone_acr_link	resource
azurerm_private_dns_zone_virtual_network_link.private_dns_zone_acr_link_dev	resource
azurerm_private_dns_zone_virtual_network_link.private_dns_zone_aks_link	resource
azurerm_private_dns_zone_virtual_network_link.private_dns_zone_aks_link_dev	resource
azurerm_private_dns_zone_virtual_network_link.private_dns_zone_keyvault_link	resource
azurerm_private_dns_zone_virtual_network_link.private_dns_zone_keyvault_link_dev	resource
azurerm_private_dns_zone_virtual_network_link.private_dns_zone_mysql_link	resource
azurerm_private_dns_zone_virtual_network_link.private_dns_zone_mysql_link_dev	resource
azurerm_private_endpoint.acr_private_endpoint	resource
azurerm_private_endpoint.keyvault_private_endpoint	resource
azurerm_private_endpoint.mysql_private_endpoint	resource
azurerm_public_ip.haproxy_ingress_pip	resource
azurerm_resource_group.rg	resource
azurerm_resource_group_policy_assignment.aks_acr_policy	resource
azurerm_resource_group_policy_assignment.aks_baseline_policy	resource
azurerm_resource_group_policy_assignment.resource_group_policy_assignment	resource
azurerm_role_assignment.aks_acr	resource
azurerm_role_assignment.aks_encryption_set	resource
azurerm_role_assignment.aks_identity_dns_contributer	resource
azurerm_role_assignment.aks_managed_rg_mio	resource
azurerm_role_assignment.aks_managed_rg_vmc	resource
azurerm_role_assignment.aks_mio	resource
azurerm_role_assignment.external_dns_identity_dns_contributor	resource
azurerm_role_assignment.keyvault_admin_group_ra	resource
azurerm_role_assignment.mysql_kv_role_assignment	resource
azurerm_subnet.subnet	resource
azurerm_subnet_network_security_group_association.nsg_assoc	resource
azurerm_user_assigned_identity.aks_identity	resource
azurerm_user_assigned_identity.external_dns_identity	resource
azurerm_user_assigned_identity.mysql_aadadmin_identity	resource
azurerm_virtual_network.vnet	resource
azurerm_virtual_network_peering.from-dev	resource
azurerm_virtual_network_peering.to-dev	resource
helm_release.aad_pod_identity	resource
helm_release.cert_manager	resource
helm_release.csi_secrets_store_provider	resource
helm_release.external_dns	resource
helm_release.haproxy_ingress	resource
kubectl_manifest.cert_manager_clusterissuer_letsencrypt	resource
kubectl_manifest.external_dns_azure_identity	resource
kubectl_manifest.external_dns_azure_identity_binding	resource
kubernetes_namespace.aad_pod_identity	resource
kubernetes_namespace.cert_manager	resource
kubernetes_namespace.external_dns	resource
kubernetes_namespace.haproxy_ingress	resource
null_resource.aks_delay_before_consent	resource
null_resource.import-image	resource
null_resource.keyvault_admin_group_ra_delay_before_consent	resource
null_resource.keyvault_private_endpoint_delay_before_consent	resource
null_resource.mysql_delay_before_consent	resource
random_password.mysql_pw	resource
azurerm_client_config.current	data source
azurerm_resource_group.aks_managed_rg	data source

Inputs

Name	Description	Type	Default	Required
administrator_group_oid	OID of the Group to grant Administrator permissions	`string`	n/a	yes
dev_vnet_id	Dev VNet ID	`string`	n/a	yes
dev_vnet_name	Dev VNet Name	`string`	n/a	yes
dev_vnet_rg_name	Dev VNet RG Name	`string`	n/a	yes
generation	Generation number to be appended to certain resource names (e.g. Purge Protected Key Vault’s). Changing this value can only be done during a fresh deployment.	`number`	n/a	yes
jump_box_identity_file	The RSA Key for the Jump Box, required for remote executing code over SSH	`string`	n/a	yes
jump_box_identity_host	The Host address for the Jump Box, required for remote executing code over SSH	`string`	n/a	yes
jump_box_identity_user	The User for the Jump Box to authenticate, required for remote executing code over SSH	`string`	n/a	yes
location	Location Name	`string`	n/a	yes
name	Environment Name	`string`	n/a	yes
parent_dns_zone_name	Parent DNS Zone Name	`string`	n/a	yes
parent_dns_zone_rg_name	Parent DNS Zone Resource Group Name	`string`	n/a	yes
prefix	Prefix	`string`	n/a	yes
aad_pod_identity_chart_version	n/a	`string`	`"4.1.1"`	no
aad_pod_identity_image_tag	n/a	`string`	`"v1.8.0"`	no
aad_pod_identity_immutable_uamis	A list of immutable UAMI clien IDs for AAD Pod Identity. These IDs, once added to a node, will not be removed	`list(any)`	`[]`	no
acr_imports	Map of ACR Imports to perform	`map(any)`	`{}`	no
azure_key_vault_provider_image_tag	n/a	`string`	`"v0.1.0"`	no
cert_manager_chart_version	n/a	`string`	`"1.4.0"`	no
cert_manager_image_tag	n/a	`string`	`"v1.4.0"`	no
csi_node_driver_registrar_image_tag	n/a	`string`	`"v2.2.0"`	no
csi_secrets_store_provider_azure_chart_version	n/a	`string`	`"0.1.0"`	no
enable_azure_policy	Enable the creation of policy_set_definitions and resource_group_policy_assignment or not	`bool`	`false`	no
enable_log_analytics_workspace	Enable the creation of azurerm_log_analytics_workspace and azurerm_log_analytics_solution or not	`bool`	`false`	no
external_dns_chart_version	n/a	`string`	`"5.1.3"`	no
external_dns_image_tag	n/a	`string`	`"0.8.0-debian-10-r26"`	no
haproxy_ingress_chart_version	n/a	`string`	`"v0.13.0-beta.2"`	no
haproxy_ingress_image_tag	n/a	`string`	`"v0.13.0-beta.2"`	no
kube_syslog_sidecar_image_digest	n/a	`string`	`"sha256:f948c128ad982b3676269542da1d9e4339f5553a9fc6831b02edf21a667620d9"`	no
kube_syslog_sidecar_image_tag	n/a	`string`	`"v0.0.1-f948c12"`	no
livenessprobe_csi_driver_image_tag	n/a	`string`	`"v2.3.0"`	no
log_analytics_cluster_id	Enable the sending of Azure Log Workspace to Log Analytics Analytics Custer ID supplied	`string`	`null`	no
log_analytics_workspace_sku	The SKU (pricing level) of the Log Analytics workspace. For new subscriptions the SKU should be set to PerGB2018	`string`	`"PerGB2018"`	no
log_retention_in_days	The retention period for the logs in days	`number`	`30`	no
secrets_store_csi_driver_image_tag	n/a	`string`	`"v0.1.0"`	no
secrets_store_driver_crds_image_tag	n/a	`string`	`"v0.1.0"`	no

Outputs

Name	Description
acr_login_server	n/a
aks_client_certificate	n/a
aks_client_key	n/a
aks_cluster_ca_certificate	n/a
aks_password	n/a
aks_private_fqdn	n/a
aks_username	n/a
dns_zone_name	n/a
keyvault_id	n/a
keyvault_name	n/a
keyvault_uri	n/a
mysql_aadadmin_identity_client_id	n/a
mysql_aadadmin_identity_id	n/a
mysql_aadadmin_identity_name	n/a
mysql_server_fqdn	n/a
mysql_server_name	n/a
private_dns_zone_mysql_id	n/a
rg_id	n/a
rg_location	n/a
rg_name	n/a
subnet_id	n/a
vnet_id	n/a
vnet_name	n/a

Last modified January 10, 2022 : Use prebuilt DevContainer image by default (#67) (3d11e3a)