Browse Source

fix review and make example more complex

tags/1.1.0
ravi 2 months ago
parent
commit
2241726bce
4 changed files with 28 additions and 17 deletions
  1. +1
    -1
      CHANGELOG.md
  2. +3
    -3
      README.md
  3. +22
    -11
      examples/x-vms-x-disks-x-netint/deploy.tf
  4. +2
    -2
      variables.tf

+ 1
- 1
CHANGELOG.md View File

@@ -1,4 +1,4 @@
1.0.1 /2020-04-29
1.1.0 /2020-04-29
=================
* feat: Add `azurerm_virtual_machine_extension` resource for OSDisk encryption specifically.



+ 3
- 3
README.md View File

@@ -8,7 +8,7 @@ See `examples` folders for usage of this module.
- Any call of this module will create resources in a single resource group.
- Any network interfaces created in this module will have a single ip_configuration.
- Tags for VMs are shared among all VMs. Same thing for managed disks.
- Only OSDisk encryption is possible with this module. Inorder to encrypt the Data disk we need to mount the guest os Disk and encrypt is manually.
- Only OSDisk encryption is possible with this module. Inorder to encrypt the Data disk we need to mount the guest OS Disk and encrypt it manually.

<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
## Requirements
@@ -109,9 +109,9 @@ See `examples` folders for usage of this module.
| os\_disk\_encryption\_set\_id | The ID of the Disk encryption set which should be used to encrypt the OS disk. `NOTE: The Disk encryption set must have the `READER` role assignmnet scoped on the key vault- in addition to an access policy to the key vault`. | `any` | `null` | no |
| os\_disk\_size\_gb | Specifies the size of the OS Disk in gigabytes. | `number` | `30` | no |
| os\_disk\_storage\_account\_type | The type of storage account which should back the internal OS disk. Possible values are `Standard_LRS`, `StandardSSD_LRS` and `Premium_LRS`. Changing this forces a new resource to be created. | `string` | `"Standard_LRS"` | no |
| osdisk\_encryption\_enabled | Boolean flag which describes whether or not enable the os disk encryption. | `bool` | `false` | no |
| osdisk\_encryption\_enabled | Boolean flag which describes whether or not enable the OS disk encryption. | `bool` | `false` | no |
| osdisk\_encryption\_key\_encryption\_key\_urls | The list of IDs of the key valut key resource. This can be obtained from `id` attribute of `key_vault_key resource` | `list(string)` | <pre>[<br> ""<br>]</pre> | no |
| osdisk\_encryption\_keyvault\_resource\_id | The ID of the key vault. The can be obatined from `id` attribute of the key vault resource. | `string` | `""` | no |
| osdisk\_encryption\_keyvault\_resource\_id | The ID of the key vault. The can be obtained from `id` attribute of the key vault resource. | `string` | `""` | no |
| osdisk\_encryption\_keyvault\_url | The url of the key vault. And it has to be in specific format when deploying example: `https://key_vault_name.vault.azure.net` | `string` | `""` | no |
| plan\_name | Specifies the name of the image from the marketplace. | `string` | `""` | no |
| plan\_product | Specifies the product of the image from the marketplace. | `string` | `""` | no |


+ 22
- 11
examples/x-vms-x-disks-x-netint/deploy.tf View File

@@ -81,10 +81,10 @@ module "example" {
}

network_interface_enabled = true
network_interface_count = 1
network_interface_names = ["tftest${random_string.this.result}", "tftest${random_string.this.result}1"]
network_interface_internal_dns_name_labels = ["tftest${random_string.this.result}-first", "tftest${random_string.this.result}-second"]
network_interface_ip_configuration_names = ["tftest${random_string.this.result}", "tftest${random_string.this.result}2"]
network_interface_count = 2
network_interface_names = ["tftest${random_string.this.result}", "tftest${random_string.this.result}2", "tftest${random_string.this.result}3", "tftest${random_string.this.result}4", "tftest${random_string.this.result}5", "tftest${random_string.this.result}6"]
network_interface_internal_dns_name_labels = ["tftest${random_string.this.result}-first", "tftest${random_string.this.result}-second", "tftest${random_string.this.result}-third", "tftest${random_string.this.result}-1first", "tftest${random_string.this.result}-2second", "tftest${random_string.this.result}-3third"]
network_interface_ip_configuration_names = ["tftest${random_string.this.result}", "tftest${random_string.this.result}2", "tftest${random_string.this.result}3", "tftest${random_string.this.result}4", "tftest${random_string.this.result}5", "tftest${random_string.this.result}6"]
network_interface_ip_configuration_subnet_ids = [azurerm_subnet.example.id]
network_interface_tags = {
test = "tftest${random_string.this.result}"
@@ -92,13 +92,17 @@ module "example" {

network_interface_backend_address_pool_count = 1
network_interface_backend_address_pool_ids = [
{
network_interface_index = 0
backend_address_pool_id = azurerm_lb_backend_address_pool.example.id
},
{
network_interface_index = 1
backend_address_pool_id = azurerm_lb_backend_address_pool.example.id
},
]

network_interface_application_security_group_count = 2
network_interface_application_security_group_count = 6
network_interface_application_security_group_ids = [
{
network_interface_index = 0
@@ -115,11 +119,18 @@ module "example" {
{
network_interface_index = 1
application_security_group_id = azurerm_application_security_group.example2.id
}
}, {
network_interface_index = 2
application_security_group_id = azurerm_application_security_group.example1.id
},
{
network_interface_index = 2
application_security_group_id = azurerm_application_security_group.example2.id
},
]

vm_count = 2
vm_names = ["tftest${random_string.this.result}", "tftest${random_string.this.result}1"]
vm_count = 3
vm_names = ["tftest${random_string.this.result}", "tftest${random_string.this.result}1", "tftest${random_string.this.result}2"]
vm_size = "Standard_F2"
windows_vm_enabled = true
admin_username = "testadmin"
@@ -138,10 +149,10 @@ module "example" {
provision_vm_agent = true
windows_enable_automatic_updates = true

managed_disk_count = 1
managed_disk_names = ["tftest1${random_string.this.result}ext", "tftest2${random_string.this.result}ext"]
managed_disk_count = 2
managed_disk_names = ["tftest1${random_string.this.result}ext", "tftest2${random_string.this.result}ext", "tftest3${random_string.this.result}ext", "tftest4${random_string.this.result}ext", "tftest5${random_string.this.result}ext", "tftest6${random_string.this.result}ext"]
managed_disk_storage_account_types = ["Standard_LRS"]
managed_disk_size_gbs = [5]
managed_disk_size_gbs = [5, 6, 12]
managed_disk_create_options = ["Empty"]
managed_data_disk_cachings = ["ReadWrite"]
managed_data_disk_write_accelerator_enableds = [false]


+ 2
- 2
variables.tf View File

@@ -703,7 +703,7 @@ variable "vm_extension_tags" {
##

variable "osdisk_encryption_enabled" {
description = "Boolean flag which describes whether or not enable the os disk encryption."
description = "Boolean flag which describes whether or not enable the OS disk encryption."
default = false
}

@@ -714,7 +714,7 @@ variable "osdisk_encryption_keyvault_url" {
}

variable "osdisk_encryption_keyvault_resource_id" {
description = "The ID of the key vault. The can be obatined from `id` attribute of the key vault resource."
description = "The ID of the key vault. The can be obtained from `id` attribute of the key vault resource."
type = string
default = ""
}


Loading…
Cancel
Save