Skip to content

Commit

Permalink
Merge pull request #1 from data-platform-hq/create
Browse files Browse the repository at this point in the history 
feat: create
  • Loading branch information
@owlleg6
owlleg6 authored Apr 24, 2023
2 parents 00b1187 + e403fcc commit 6dbb32d
Show file tree
Hide file tree
Showing 5 changed files with 167 additions and 3 deletions.
80 changes: 77 additions & 3 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,86 @@
# Azure <> Terraform module
Terraform module for creation Azure <>
# Azure Network Security Group Terraform module
Terraform module for creation Azure Network security group

## Usage
This module provides an ability to deploy Azure Network security group, Below is an example on how to create nsg

```hcl
locals {
security_rules = [{
name = "workspaces_UseOnly_databricks-worker-to-worker-inbound"
description = "Required for worker nodes communication within a cluster."
priority = 100
direction = "Inbound"
access = "Allow"
protocol = "*"
source_port_range = "*"
destination_port_range = "*"
source_address_prefix = "VirtualNetwork"
destination_address_prefix = "VirtualNetwork"
}]
}
module "network_security_group" {
source = "data-platform-hq/terraform-azurerm-network-security-group
project = "datahq"
env = "example"
location = "eastus"
custom_nsg_name = "datahq-example-eastus-rq"
resource_group = "example-rg"
security_rules = local.security_rules
tags = {
environment = "example"
}
}
```

<!-- BEGIN_TF_DOCS -->
## Requirements

| Name | Version |
| ------------------------------------------------------------------------- | --------- |
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | >= 3.40.0 |

## Providers

| Name | Version |
| ------------------------------------------------------------- | --------- |
| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | >= 3.40.0 |

## Modules

No modules.

## Resources

| Name | Type |
| ------------------------------------------------------------------------------------------------------------------------------------------------ | -------- |
| [azurerm_network_security_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_group) | resource |

## Inputs

| Name | Description | Type | Default | Required |
| --------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | -------------- | ------- | :------: |
| <a name="input_project"></a> [project](#input\_project) | Project name | `string` | n/a | yes |
| <a name="input_env"></a> [env](#input\_env) | Environment name | `string` | n/a | yes |
| <a name="input_location"></a> [location](#input\_location) | Specifies the supported Azure location where the resource exists | `string` | n/a | yes |
| <a name="input_resource_group"></a> [resource\_group](#input\_resource\_group) | The name of the resource group in which resources is created | `string` | n/a | yes |
| <a name="input_tags"></a> [tags](#input\_tags) | A mapping of tags to assign to the resource | `map(string)` | {} | no |
| <a name="input_custom_nsg_name"></a> [custom\_nsg\_name](#input\_custom\_nsg\_name) | Custom network security group name | `string` | null | no |
| <a name="input_security_rules"></a> [security\_rules](#input\_security\_rules) | List of objects representing security rules | <pre>list(object({<br> name = optional(string)<br> description = optional(string)<br> priority = optional(number)<br> direction = optional(string)<br> access = optional(string)<br> protocol = optional(string)<br> source_port_range = optional(string)<br> destination_port_range = optional(string)<br> source_address_prefix = optional(string)<br> destination_address_prefix = optional(string)<br>}))<br></pre> | [] | no |


## Outputs

| Name | Description |
| ------------------------------------------------------------------------------------------------------------- | ------------------------------------- |
| <a name="output_id"></a> [id](#output\_id) | The ID of the Network Security Group |


<!-- END_TF_DOCS -->

## License

Apache 2 Licensed. For more information please see [LICENSE](https://github.com/data-platform-hq/terraform-azurerm<>/tree/master/LICENSE)
Apache 2 Licensed. For more information please see [LICENSE](https://github.com/data-platform-hq/terraform-azurerm-network-security-group/blob/main/LICENSE)
28 changes: 28 additions & 0 deletions main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
locals {
nsg_name = var.custom_nsg_name == null ? "nsg-${var.project}-${var.env}-${var.location}" : var.custom_nsg_name
}

resource "azurerm_network_security_group" "this" {
count = length(var.security_rules) != 0 ? 1 : 0

name = local.nsg_name
location = var.location
resource_group_name = var.resource_group

dynamic "security_rule" {
for_each = var.security_rules
content {
name = security_rule.value["name"]
description = security_rule.value["description"]
priority = security_rule.value["priority"]
direction = security_rule.value["direction"]
access = security_rule.value["access"]
protocol = security_rule.value["protocol"]
source_port_range = security_rule.value["source_port_range"]
destination_port_range = security_rule.value["destination_port_range"]
source_address_prefix = security_rule.value["source_address_prefix"]
destination_address_prefix = security_rule.value["destination_address_prefix"]
}
}
tags = var.tags
}
4 changes: 4 additions & 0 deletions outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
output "id" {
value = length(var.security_rules) != 0 ? azurerm_network_security_group.this[0].id : ""
description = "The ID of the Network Security Group"
}
48 changes: 48 additions & 0 deletions variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
variable "project" {
type = string
description = "Project name"
}

variable "env" {
type = string
description = "Environment name"
}

variable "location" {
type = string
description = "Specifies the supported Azure location where the resource exists"
}

variable "resource_group" {
type = string
description = "The name of the resource group in which resources is created"
}

variable "tags" {
type = map(string)
description = "A mapping of tags to assign to the resource"
default = {}
}

variable "custom_nsg_name" {
type = string
description = "Custom network security group name"
default = null
}

variable "security_rules" {
type = list(object({
name = optional(string)
description = optional(string)
priority = optional(number)
direction = optional(string)
access = optional(string)
protocol = optional(string)
source_port_range = optional(string)
destination_port_range = optional(string)
source_address_prefix = optional(string)
destination_address_prefix = optional(string)
}))
description = "List of objects representing security rules"
default = []
}
10 changes: 10 additions & 0 deletions versions.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
terraform {
required_version = ">= 1.0.0"

required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">= 3.40.0"
}
}
}

0 comments on commit 6dbb32d

Please sign in to comment.