Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How can I rename resources? #332

Closed
manfred0191 opened this issue Apr 11, 2022 · 16 comments
Closed

How can I rename resources? #332

manfred0191 opened this issue Apr 11, 2022 · 16 comments
Assignees

Comments

@manfred0191
Copy link

Hi,
I am looking for a possibility to give all resources deployed by the model a name by my individual naming convention.

To do this I wanted to start with the resource groups.

For the management resource group, I can add in my settings_management.tf

locals {
  configure_management_resources = {
...
...
    advanced = {
      custom_settings_by_resource_type = {
        azurerm_resource_group = {
          management = {
            name = "rg-fits-test-mgmt"
          }
        }
      }
    }
  }
}

and the resource group gets the name specified and no longer the "rootid-mgmt" which is otherwise given.

For the connectivity this doesn't work. If setting in the settings_connectivity.tf

    advanced = {
      custom_settings_by_resource_type = {
        azurerm_resource_group = {
          connectivity = {
            name = "rg-fits-test-connectivity"
          }
...

the resource group gets the name "rootid-connectivity-location" as before.

What do I have to set in the settings_connectivity.tf under advanced so that the name is given like I want it to be for all resource groups deployed in the connectivity subscription??

@ghost ghost added the Needs: Triage 🔍 Needs triaging by the team label Apr 11, 2022
@krowlandson krowlandson self-assigned this Apr 11, 2022
@ghost ghost removed the Needs: Triage 🔍 Needs triaging by the team label Apr 11, 2022
@krowlandson
Copy link
Contributor

Hi @manfred0191... great that you've got this working and you're on the right track.

Due to the extra Resource Groups needed for connectivity, they also include an additional location element to their scope when targeting each, as indicated by the following line of code:

try(local.custom_settings.azurerm_resource_group["connectivity"][location].name,

As such you need to use the following:

    advanced = {
      custom_settings_by_resource_type = {
        azurerm_resource_group = {
          connectivity = {
            westeurope = { # replace with the location you're using
              name = "rg-fits-test-connectivity"
            }
          }
...

Note that there are also multiple Resource Groups for different resource categories, as per the broader context of the local setting these:

resource_group_names_by_scope_and_location = {
connectivity = {
for location in local.connectivity_locations :
location =>
try(local.custom_settings.azurerm_resource_group["connectivity"][location].name,
"${local.resource_prefix}-connectivity-${location}${local.resource_suffix}")
}
virtual_wan = {
for location in local.virtual_wan_locations :
location =>
try(local.custom_settings.azurerm_resource_group["virtual_wan"][location].name,
"${local.resource_prefix}-connectivity${local.resource_suffix}")
}
ddos = {
(local.ddos_location) = try(local.custom_settings.azurerm_resource_group["ddos"][local.ddos_location].name,
"${local.resource_prefix}-ddos${local.resource_suffix}")
}
dns = {
(local.dns_location) = try(local.custom_settings.azurerm_resource_group["dns"][local.dns_location].name,
"${local.resource_prefix}-dns${local.resource_suffix}")
}
}

Hope this helps?

@krowlandson
Copy link
Contributor

Just going to cross-reference #292 as these requests are related.

@manfred0191
Copy link
Author

You are perfect, but I guess you know that ;)

And now the final question: For the recource groups virtual_wan, dns and ddos, is it done accordingly and in the same advanced block?

Can you maybe give an example as of how to do it for all 4 RGs ??

@ghost ghost added Needs: Attention 👋 Needs attention from the maintainers and removed Needs: Author Feedback labels Apr 11, 2022
@manfred0191
Copy link
Author

Forget it, I got it:

    advanced = {
      custom_settings_by_resource_type = {
        azurerm_resource_group = {
          connectivity = {
            (var.location) = {
              name = "rg-fits-test-connectivity"
            }
          },
          dns = {
            (var.location) = {
              name = "rg-fits-test-dns"
            }
          }
        }
      }
    }
  }
}

Anyway thanks so much for your help !!!

@krowlandson
Copy link
Contributor

That's the one 😄

@ghost ghost removed the Needs: Attention 👋 Needs attention from the maintainers label Apr 11, 2022
@manfred0191
Copy link
Author

For the virtual network, the procedure is the same, but how do I do it for the virtual network gateways and the corresponding public IPs? There is a distinction between ergw and vpngw and I don't see how to implement that

@krowlandson
Copy link
Contributor

Same basic structure but you have to reference expressroute or vpn instead of connectivity within the block, as per:

try(local.custom_settings.azurerm_virtual_network_gateway["expressroute"][location].name,

and

try(local.custom_settings.azurerm_virtual_network_gateway["vpn"][location].name,

resulting in:

    advanced = {
      custom_settings_by_resource_type = {
        azurerm_virtual_network_gateway = {
          expressroute = {
            (var.location) = {
              name = "expressroute-gateway"
            }
          },
          vpn = {
            (var.location) = {
              name = "vpn-gateway"
            }
          }
        }
      }
    }
  }
}

@manfred0191
Copy link
Author

manfred0191 commented Apr 11, 2022

Yep, again that worked - as your advices always do ;)

But for the pip, there is no way of renaming it, right?

Because this is where the name is set, right?

image

which means the name is the name of the gateway + "-pip"

@krowlandson
Copy link
Contributor

Funny you should mention that resource as I was just discussing this with a colleague this morning. That and the Resource Group created by the Deploy-MDFC-Config Policy are the only two resources we've identified so far which cannot be renamed.

For now the PIP resources will all be named after their associated resources, whether gateway of firewall. And the Policy created one will always be ${var.root_id}-asc-export.

Awaiting these to be added as issues, but will track against this too.

Both an easy fix and not breaking changes, so expect an upcoming hotfix release soon.

cc: @mbilalamjad

@manfred0191
Copy link
Author

If the issue number 292 is not sufficient for that, I can easily open a new one.

As always thank you so much for your help!

@krowlandson
Copy link
Contributor

krowlandson commented Apr 11, 2022

I'm thinking we can probably track the above changes against this Issue TBH, hence looping in @mbilalamjad.

Actually, scrap the above thought... I would like dedicated issues for each to simplify tracking and sign-off. I've asked @mbilalamjad to do this as he was originally requesting, but happy for you to do so if you would like to.

Regarding the "recommended naming" from CAF which you mention in #292, we consider this to be more general guidance for those who want something to follow. I cannot speak for why ES chose not to follow this convention as that decision was made before I joined the team, but the Terraform module follows the ES convention for consistency. Given the number of requests relating to this, I will look into how feasible this is to incorporate but would need to be controlled via a feature flag to make it a non-breaking change for all customers who are happy with the current naming scheme.

@manfred0191
Copy link
Author

Thanks Kevin, so I will let @mbilalamjad open the request.

Yes, I agree, it also surpises me that the suggested naming convention for Azure resources has not been taken into consideration. But it is like it is. If one can change it, everything is fine.

@krowlandson
Copy link
Contributor

krowlandson commented Apr 13, 2022

Made progress on PIP renaming in the code for our next release:

image

This uses the same standard as before with regard to referencing resource types at a scope.

Just a heads up though... For the greater good of anyone who uses this in the future, I am also simplifying the scope element to avoid additional nested objects so this will be a breaking change for anyone who is already using advanced. Whilst doing this, I also noticed some inconsistencies between what I used for scope when setting names vs. other properties for some resource types.

@krowlandson krowlandson mentioned this issue Apr 14, 2022
6 tasks
@krowlandson
Copy link
Contributor

@manfred0191 - IMPORTANT Please take note of the PR description on #331 so you're aware of the breaking changes before upgrading when this code is merged and released! We will do our best to document this clearly, but want to raise additional awareness.

@manfred0191
Copy link
Author

Sounds great. I already told you that you're the best. Nothing to add to that.

@krowlandson
Copy link
Contributor

Release v2.0.0 is now live, with detailed instructions regarding the upgrade also available.

Please see the release notes for more information:
https://github.com/Azure/terraform-azurerm-caf-enterprise-scale/releases/tag/v2.0.0

I will close this issue as I believe we've dealt with it, but please feel free to open a new one if you require further assistance.

@ghost ghost locked as resolved and limited conversation to collaborators May 27, 2022
@matt-FFFFFF matt-FFFFFF pinned this issue Mar 8, 2023
@matt-FFFFFF matt-FFFFFF unpinned this issue Nov 10, 2023
@matt-FFFFFF matt-FFFFFF pinned this issue Nov 10, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants