initial version

.github/workflows/documentation.yml

@@ -0,0 +1,27 @@
+name: Generate terraform docs
+on:
+  workflow_dispatch:
+  pull_request:
+    branches:
+      - main
+      - master
+  push:
+    branches:
+      - main
+      - master
+
+jobs:
+  docs:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+
+      - name: Render terraform docs inside the README.md and push changes back to PR branch
+        uses: terraform-docs/[email protected]
+        with:
+          working-dir: .
+          output-file: README.md
+          output-method: inject
+          git-push: "true"

ESLZ/data_factory.tf

@@ -0,0 +1,22 @@
+variable "data_factories" {
+  type = any
+  default = {}
+  description = "Value for data factory. This is a collection of values as defined in data_factory.tfvars"
+}
+
+module "data_factory" {
+
+    for_each = var.data_factories
+    source = "/home/ken/terraform-azurerm-caf-data-factoryV2"
+    location= var.location
+    env = var.env
+    group = var.group
+    project = var.project
+    userDefinedString = each.key
+    data_factory = each.value
+    key_vault = local.Project-kv 
+    resource_groups = local.resource_groups_all
+    subnets = local.subnets
+    user_data = try(each.value.user_data, false) != false ? base64encode(file("${path.cwd}/${each.value.user_data}")) : null
+    tags = var.tags
+}

ESLZ/data_factory.tfvars

@@ -0,0 +1,52 @@
+data_factories = {
+    df1 = {
+        resource_group                = "Project"
+        key_vault_group = "Keyvault"
+        managed_virtual_network_enabled = true
+        public_network_enabled      = true
+        identity ={
+            type = "SystemAssigned"
+        }
+        # github_configuration ={
+        #     account_name    = "example-account"
+        #     branch_name     = "main"
+        #     repository_name = "example-repo"
+        #     root_folder     = "/"
+        #     publishing_enabled = true
+        # }
+
+        # vsts_configuration ={
+        #     account_name    = "example-vsts-account"
+        #     branch_name     = "main"
+        #     project_name    = "example-project"
+        #     repository_name = "example-repo"
+        #     root_folder     = "/"
+        #     tenant_id       = "00000000-0000-0000-0000-000000000000"
+        #     publishing_enabled = true
+        # }
+
+        global_parameter ={
+            praram1 ={
+                name  = "example_param"
+                type  = "String"
+                value = "example_value"
+            }
+        }
+        #customer_managed_key_id         = "https://example-keyvault.vault.azure.net/keys/example-key"
+        #customer_managed_key_identity_id = "example-identity-id"
+        #purview_id                      = "example-purview-id"
+
+        service_principal={
+            description = "example-service-principle-description"
+            annotations = ["1", "2"]
+        }
+        user_assigned_identity ={
+            name = "example-user-assigned-identity"
+
+        }
+        user_managed_identity={
+            description     = "Short description of this credential"
+            annotations = ["example", "example2"]
+        }
+    }
+}

README copy.md

@@ -0,0 +1,50 @@
+# terraform-azurerm-caf-windows_clusterV2
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | n/a |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_load_balancer"></a> [load\_balancer](#module\_load\_balancer) | github.com/canada-ca-terraform-modules/terraform-azurerm-caf-load_balancer.git | n/a |
+| <a name="module_windows_VMs"></a> [windows\_VMs](#module\_windows\_VMs) | github.com/canada-ca-terraform-modules/terraform-azurerm-caf-windows_virtual_machineV2.git | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_availability_set.availability_set](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/availability_set) | resource |
+| [azurerm_network_interface_backend_address_pool_association.LB_VMs](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_backend_address_pool_association) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_env"></a> [env](#input\_env) | (Required) 4 character string defining the environment name prefix for the VM | `string` | `"dev"` | no |
+| <a name="input_group"></a> [group](#input\_group) | (Required) Character string defining the group for the target subscription | `string` | `"test"` | no |
+| <a name="input_location"></a> [location](#input\_location) | Azure location for the VM | `string` | `"canadacentral"` | no |
+| <a name="input_project"></a> [project](#input\_project) | (Required) Character string defining the project for the target subscription | `string` | `"test"` | no |
+| <a name="input_resource_groups"></a> [resource\_groups](#input\_resource\_groups) | (Required) Resource group object for the VM | `any` | `{}` | no |
+| <a name="input_serverType"></a> [serverType](#input\_serverType) | 3 character string defining the server type for the VM | `string` | `"SWJ"` | no |
+| <a name="input_subnets"></a> [subnets](#input\_subnets) | (Required) List of subnet objects for the VM | `any` | `{}` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | Tags that will be applied to every associated VM resource | `map(string)` | `{}` | no |
+| <a name="input_userDefinedString"></a> [userDefinedString](#input\_userDefinedString) | (Required) User defined portion value for the name of the VM. | `string` | `"test"` | no |
+| <a name="input_user_data"></a> [user\_data](#input\_user\_data) | Base64 encoded file representing user data script for the VM | `any` | `null` | no |
+| <a name="input_windows_vms_cluster"></a> [windows\_vms\_cluster](#input\_windows\_vms\_cluster) | (Required) Cluster configuration for the HA VMs. | `any` | `null` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_VMs"></a> [VMs](#output\_VMs) | The vm module object |
+| <a name="output_availability_set"></a> [availability\_set](#output\_availability\_set) | The availability\_set object |
+| <a name="output_loaddbalancer"></a> [loaddbalancer](#output\_loaddbalancer) | The availability\_set object |
+<!-- END_TF_DOCS -->

locals.tf

@@ -0,0 +1,4 @@
+locals {
+  resource_group_name = strcontains(var.data_factory.resource_group, "/resourceGroups/") ? regex("[^\\/]+$", var.data_factory.resource_group) :  var.resource_groups[var.data_factory.resource_group].name
+  kv_resource_group_name = strcontains(var.data_factory.key_vault_group, "/resourceGroups/") ? regex("[^\\/]+$", var.data_factory.key_vault_group) :  var.resource_groups[var.data_factory.key_vault_group].name
+}

module.tf

@@ -0,0 +1,121 @@
+data "azurerm_client_config" "current" {}
+
+resource "azurerm_data_factory" "df" {
+  name                        = local.data-factory-name
+  location                    = var.location
+  resource_group_name         = local.resource_group_name
+  managed_virtual_network_enabled = try(var.data_factory.managed_virtual_network_enabled,true)
+  public_network_enabled      = try(var.data_factory.public_network_enabled, false)
+
+  dynamic identity {
+    for_each = var.data_factory.identity.type == "SystemAssigned" ? [1] : []
+    content{
+    type = var.data_factory.identity.type
+    }
+  }
+  dynamic identity {
+    for_each = var.data_factory.identity.type == "UserAssigned" ? [1] : []
+    content{
+    type = var.data_factory.identity.type
+    identity_ids = [azurerm_user_assigned_identity.ui[0].id]
+    }
+  }
+
+  tags                = var.tags
+
+  dynamic github_configuration {
+    for_each = try(var.data_factory.github_configuration,null) == null ? [] : [1]
+    content{
+      account_name    = var.data_factory.github_configuration.account_name
+      branch_name     = var.data_factory.github_configuration.branch_name
+      repository_name = var.data_factory.github_configuration.repository_name
+      root_folder     = var.data_factory.github_configuration.root_folder
+      publishing_enabled = var.data_factory.github_configuration.publishing_enabled
+    }
+  }
+
+dynamic "global_parameter" {
+  for_each = try(var.data_factory.global_parameter, {})
+
+  content {
+    name  = global_parameter.value.name
+    type  = global_parameter.value.type
+    value = global_parameter.value.value
+  }
+}
+
+  dynamic vsts_configuration {
+    for_each = try(var.data_factory.vsts_configuration,null) == null ? [] : [1]
+    content{
+      account_name    = var.data_factory.vsts_configuration.account_name
+      branch_name     = var.data_factory.vsts_configuration.branch_name
+      project_name    = var.data_factory.vsts_configuration.project_name
+      repository_name = var.data_factory.vsts_configuration.repository_name
+      root_folder     = var.data_factory.vsts_configuration.root_folder
+      tenant_id       = var.data_factory.vsts_configuration.tenant_id
+      publishing_enabled = var.data_factory.vsts_configuration.publishing_enabled
+    }
+  }
+
+  customer_managed_key_id         = try(var.data_factory.customer_managed_key_id, null)
+  customer_managed_key_identity_id = try(var.data_factory.customer_managed_key_identity_id, null)
+  purview_id                      = try(var.data_factory.purview_id, null)
+}
+
+resource "random_string" "password" {
+  length           = 20
+  special          = true
+  upper            = true
+  lower            = true
+  numeric          = true
+  override_special = "_%@"
+}
+
+resource "azurerm_key_vault_secret" "secret" {
+  name         = "${local.data-factory-name}-secret"
+  value        = random_string.password.result
+  key_vault_id = var.key_vault.id
+}
+
+resource "azurerm_data_factory_linked_service_key_vault" "lskv" {
+  name            = "${local.data-factory-name}-kv-linked-service"
+  data_factory_id = azurerm_data_factory.df.id
+  key_vault_id    = var.key_vault.id
+}
+
+resource "azurerm_data_factory_credential_service_principal" "spn" {
+  count = try(var.data_factory.service_principal,null) == null ? 0 : 1
+  name                 = "${local.data-factory-name}-spn"
+  description          = var.data_factory.service_principal.description
+  data_factory_id      = azurerm_data_factory.df.id
+  tenant_id            = data.azurerm_client_config.current.tenant_id
+  service_principal_id = data.azurerm_client_config.current.client_id
+  service_principal_key {
+    linked_service_name = azurerm_data_factory_linked_service_key_vault.lskv.name
+    secret_name         = azurerm_key_vault_secret.secret.name
+    secret_version      = azurerm_key_vault_secret.secret.version
+  }
+  annotations = var.data_factory.service_principal.annotations
+}
+
+resource "azurerm_user_assigned_identity" "ui" {
+  count = try(var.data_factory.user_assigned_identity,null) == null ? 0 : 1
+  location            = var.location
+  name                = var.data_factory.user_assigned_identity.name
+  resource_group_name = local.resource_group_name
+    lifecycle {
+    ignore_changes = [
+      tags
+    ]
+  }
+}
+
+resource "azurerm_data_factory_credential_user_managed_identity" "mi" {
+  count = try(var.data_factory.user_managed_identity,null) == null ? 0 : 1
+  name            = azurerm_user_assigned_identity.ui[0].name
+  description     = var.data_factory.user_managed_identity.description
+  data_factory_id = azurerm_data_factory.df.id
+  identity_id     = azurerm_user_assigned_identity.ui[0].id
+
+  annotations = var.data_factory.user_managed_identity.annotations
+}

name.tf

@@ -0,0 +1,7 @@
+locals {
+  name_regex = "/[//\"'\\[\\]:|<>+=;,?*@&]/" # Can't include those characters  name: \/"'[]:|<>+=;,?*@&
+  env_4                         = substr(var.env, 0, 4)
+  userDefinedString_7           = substr(var.userDefinedString, 0, 7)
+  data-factory-name                 = lower(replace("${local.env_4}-${local.userDefinedString_7}-df", local.name_regex, ""))
+
+}

output.tf

@@ -0,0 +1,6 @@
+output "data_factory" {
+  description = "The data_factory object"
+  value       = azurerm_data_factory.df
+}
+
+

variables.tf

@@ -0,0 +1,75 @@
+variable "location" {
+  description = "Azure location for the VM"
+  type = string
+  default = "canadacentral"
+}
+
+variable "tags" {
+  description = "Tags that will be applied to every associated VM resource"
+  type = map(string)
+  default = {}
+}
+
+variable "env" {
+  description = "(Required) 4 character string defining the environment name prefix for the VM"
+  type = string
+  default =  "dev"
+}
+
+variable "group" {
+  description = "(Required) Character string defining the group for the target subscription"
+  type = string
+  default = "test"
+}
+
+variable "project" {
+  description = "(Required) Character string defining the project for the target subscription"
+  type = string
+  default = "test"
+}
+
+variable "userDefinedString" {
+  description = "(Required) User defined portion value for the name of the VM."
+  type = string
+  default= "test"
+}
+
+
+
+
+
+
+
+
+
+variable "data_factory" {
+  description = "(Required) configuration for the data factory."
+  type        = any
+  default     = null
+}
+
+variable "resource_groups" {
+  description = "(Required) Resource group object for the flexible postgre SQL server."
+  type = any
+  default = {}
+}
+
+
+
+variable "subnets" {
+  description = "(Required) List of subnet objects for the postgre SQL server."
+  type = any
+  default = {}
+}
+
+variable "key_vault" {
+  description = "(Required) List of key vault objects for the postgre SQL server."
+  type = any
+  default = {}
+}
+
+variable "user_data" {
+  description = "Base64 encoded file representing user data script for the VM"
+  type = any
+  default = null
+}