resolve comments

imperva · Sep 13, 2024 · 271d0e5 · 271d0e5
1 parent 060b1ed
commit 271d0e5
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 18 deletions.
diff --git a/modules/onboard-azure-eventhub/main.tf b/modules/onboard-azure-eventhub/main.tf
@@ -9,9 +9,11 @@ terraform {
 module "storage-account" {
   source = "../azurerm-storage-account"
 
-  location            = var.storage_account_location
-  name                = var.storage_account_name
-  resource_group_name = var.storage_account_resource_group_name
+  account_replication_type = var.storage_account_replication_type
+  account_tier             = var.storage_account_tier
+  location                 = var.storage_account_location
+  name                     = var.storage_account_name
+  resource_group_name      = var.storage_account_resource_group_name
 }
 
 module "storage-container" {
@@ -80,7 +82,9 @@ module "azure-eventhub-asset" {
   admin_email              = var.azure_eventhub_admin_email
   asset_display_name       = module.eventhub.this.name
   asset_id                 = module.eventhub.this.id
-  audit_pull_enabled       = var.azure_eventhub_audit_pull_enabled
+  # audit_pull_enabled set to 'null' so as to be treated as a computed value
+  # eventhub asset will be connected when assets using this eventhub as a log aggregator are connected
+  audit_pull_enabled       = null 
   auth_mechanism           = "default"
   azure_storage_account    = module.storage-account.this.name
   azure_storage_container  = module.storage-container.this.name

diff --git a/modules/onboard-azure-eventhub/variables.tf b/modules/onboard-azure-eventhub/variables.tf
@@ -3,12 +3,6 @@ variable "azure_eventhub_admin_email" {
   type        = string
 }
 
-variable "azure_eventhub_audit_pull_enabled" {
-  description = "If true, sonargateway will collect the audit logs for this system if it can."
-  type        = bool
-  default     = null
-}
-
 variable "azure_eventhub_format" {
   description = "The type of audit data being sent to the Event Hub. Possible values are: AzureSQL_Managed, Blob, Cosmos_Mongo, Cosmos_SQL, Data_Explorer, Databricks_Workspace, File, Mariadb, Mysql, Postgresql, Postgresql_Flexible, Queue, Sql, Synapse, Table. Defaults to Sql."
   type        = string
@@ -56,9 +50,13 @@ variable "azure_eventhub_region" {
 }
 
 variable "eventhub_message_retention" {
-  description = "Specifies the number of days to retain the events for this Event Hub."
+  description = "Specifies the number of days to retain the events for this Event Hub. Maximum value is 7 days. Defaults to 1."
   type        = number
   default     = 1
+  validation {
+    condition = var.eventhub_message_retention <= 7
+    error_message = "Maximum Event Hub message retention is 7 days."
+  }
 }
 
 variable "eventhub_name" {
@@ -67,9 +65,13 @@ variable "eventhub_name" {
 }
 
 variable "eventhub_partition_count" {
-  description = "Specifies the current number of shards on the Event Hub. Note: partition_count cannot be changed unless Eventhub Namespace SKU is Premium and cannot be decreased."
+  description = "Specifies the current number of shards on the Event Hub. Note: partition_count cannot be changed unless Eventhub Namespace SKU is Premium and cannot be decreased. Maximum value is 32. Defaults to 1."
   type        = number
   default     = 1
+  validation {
+    condition = var.eventhub_partition_count <= 32
+    error_message = "Maximum Event Hub partition count is 32."
+  }
 }
 
 variable "eventhub_resource_group_name" {
@@ -115,7 +117,7 @@ variable "eventhub_namespace_resource_group_name" {
 }
 
 variable "eventhub_namespace_sku" {
-  description = "Defines which tier to use. Valid options are Basic, Standard, and Premium. Please note that setting this field to Premium will force the creation of a new resource."
+  description = "Defines which tier to use. Valid options are Basic, Standard, and Premium. Please note that setting this field to Premium will force the creation of a new resource. Defaults to Basic."
   type        = string
   default     = "Basic"
   validation {
@@ -130,22 +132,22 @@ variable "eventhub_namespace_tags" {
   default     = null
 }
 
-variable "storage_account_account_replication_type" {
-  description = "Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS. Changing this forces a new resource to be created when types LRS, GRS and RAGRS are changed to ZRS, GZRS or RAGZRS and vice versa."
+variable "storage_account_replication_type" {
+  description = "Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS. Changing this forces a new resource to be created when types LRS, GRS and RAGRS are changed to ZRS, GZRS or RAGZRS and vice versa. Defaults to GRS."
   type        = string
   default     = "GRS"
   validation {
-    condition     = contains(["LRS", "GRS", "RAGRS", "ZRS", "GZRS", "RAGZRS"], var.storage_account_account_replication_type)
+    condition     = contains(["LRS", "GRS", "RAGRS", "ZRS", "GZRS", "RAGZRS"], var.storage_account_replication_type)
     error_message = "Invalid replication type. Valid values are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS."
   }
 }
 
-variable "storage_account_account_tier" {
+variable "storage_account_tier" {
   description = "Defines the Tier to use for this storage account. Valid options are Standard and Premium."
   type        = string
   default     = "Standard"
   validation {
-    condition     = contains(["Standard", "Premium"], var.storage_account_account_tier)
+    condition     = contains(["Standard", "Premium"], var.storage_account_tier)
     error_message = "Invalid replication type. Valid options are Standard and Premium."
   }
 }