Rename and refactor

frasermolyneux · Jan 28, 2023 · e130581 · e130581
1 parent 2642bb3
commit e130581
Show file tree

Hide file tree

Showing 13 changed files with 145 additions and 71 deletions.
diff --git a/.gitignore b/.gitignore
@@ -395,4 +395,7 @@ FodyWeavers.xsd
 *.msp
 
 # JetBrains Rider
-*.sln.iml
+*.sln.iml
+
+terraform/.terraform.lock.hcl
+terraform/.terraform/*
diff --git a/terraform/api_subscriptions_key_vault_secrets.tf b/terraform/api_subscriptions_key_vault_secrets.tf
@@ -2,28 +2,16 @@ resource "azurerm_key_vault_secret" "geolocation_api_subscription_secret" {
   name         = format("%s-apikey", azurerm_api_management_subscription.geolocation_api_subscription.display_name)
   value        = azurerm_api_management_subscription.geolocation_api_subscription.primary_key
   key_vault_id = azurerm_key_vault.kv.id
-
-  depends_on = [
-    azurerm_role_assignment.deploy_principal_kv_role_assignment
-  ]
 }
 
 resource "azurerm_key_vault_secret" "repository_api_subscription_secret" {
   name         = format("%s-apikey", azurerm_api_management_subscription.repository_api_subscription.display_name)
   value        = azurerm_api_management_subscription.repository_api_subscription.primary_key
   key_vault_id = azurerm_key_vault.kv.id
-
-  depends_on = [
-    azurerm_role_assignment.deploy_principal_kv_role_assignment
-  ]
 }
 
 resource "azurerm_key_vault_secret" "servers_integration_api_subscription_secret" {
   name         = format("%s-apikey", azurerm_api_management_subscription.servers_integration_api_subscription.display_name)
   value        = azurerm_api_management_subscription.servers_integration_api_subscription.primary_key
   key_vault_id = azurerm_key_vault.kv.id
-
-  depends_on = [
-    azurerm_role_assignment.deploy_principal_kv_role_assignment
-  ]
 }
diff --git a/terraform/app_insights_key_vault_secrets.tf b/terraform/app_insights_key_vault_secrets.tf
@@ -6,18 +6,10 @@
 //  name         = format("%s-connectionstring", azurerm_application_insights.ai.name)
 //  value        = azurerm_application_insights.ai.connection_string
 //  key_vault_id = azurerm_key_vault.kv.id
-//
-//  depends_on = [
-//    azurerm_role_assignment.deploy_principal_kv_role_assignment
-//  ]
 //}
 //
 //resource "azurerm_key_vault_secret" "app_insights_instrumentation_key_secret" {
 //  name         = format("%s-instrumentationkey", azurerm_application_insights.ai.name)
 //  value        = azurerm_application_insights.ai.instrumentation_key
 //  key_vault_id = azurerm_key_vault.kv.id
-//
-//  depends_on = [
-//    azurerm_role_assignment.deploy_principal_kv_role_assignment
-//  ]
 //}
diff --git a/terraform/backends/dev.backend.hcl b/terraform/backends/dev.backend.hcl
@@ -1,5 +1,5 @@
-subscription_id         = "1b5b28ed-1365-4a48-b285-80f80a6aaa1b"
-resource_group_name     = "rg-portal-repository-func-tf-dev-uksouth"
-storage_account_name    = "saptlrepofntfdev"
-container_name          = "terraform"
+subscription_id         = "d68448b0-9947-46d7-8771-baa331a3063a"
+resource_group_name     = "rg-tf-portal-repo-func-zw7ey7glwpr5t5s-dev-uksouth"
+storage_account_name    = "sazw7ey7glwpr5t5s"
+container_name          = "tfstate"
 key                     = "terraform.tfstate"
diff --git a/terraform/backends/prd.backend.hcl b/terraform/backends/prd.backend.hcl
@@ -1,5 +1,5 @@
 subscription_id         = "32444f38-32f4-409f-889c-8e8aa2b5b4d1"
-resource_group_name     = "rg-portal-repository-func-tf-prd-uksouth"
-storage_account_name    = "saptlrepofntfprd"
-container_name          = "terraform"
+resource_group_name     = "rg-tf-portal-repo-func-w3s01n2dr9ra7j4-prd-uksouth"
+storage_account_name    = "saw3s01n2dr9ra7j4"
+container_name          = "tfstate"
 key                     = "terraform.tfstate"
diff --git a/terraform/data.apis.tf b/terraform/data.apis.tf
@@ -1,29 +1,29 @@
 data "azurerm_api_management_api" "geolocation_api" {
   provider = azurerm.api_management
 
-  name                = "geolocation-api"
+  name                = var.geo_location_api.apim_api_name
   api_management_name = data.azurerm_api_management.platform.name
   resource_group_name = data.azurerm_api_management.platform.resource_group_name
 
-  revision = "1"
+  revision = var.geo_location_api.apim_api_revision
 }
 
 data "azurerm_api_management_api" "repository_api" {
   provider = azurerm.api_management
 
-  name                = "repository-api-v2"
+  name                = var.repository_api.apim_api_name
   api_management_name = data.azurerm_api_management.platform.name
   resource_group_name = data.azurerm_api_management.platform.resource_group_name
 
-  revision = "1"
+  revision = var.repository_api.apim_api_revision
 }
 
 data "azurerm_api_management_api" "servers_integration_api" {
   provider = azurerm.api_management
 
-  name                = "servers-integration-api"
+  name                = var.servers_integration_api.apim_api_name
   api_management_name = data.azurerm_api_management.platform.name
   resource_group_name = data.azurerm_api_management.platform.resource_group_name
 
-  revision = "1"
+  revision = var.servers_integration_api.apim_api_revision
 }
diff --git a/terraform/data.service_principals.tf b/terraform/data.service_principals.tf
@@ -1,11 +1,11 @@
 data "azuread_service_principal" "repository_api" {
-  display_name = format("portal-repository-%s", var.environment)
+  display_name = var.repository_api.application_name
 }
 
 data "azuread_service_principal" "servers_integration_api" {
-  display_name = format("portal-servers-integration-%s", var.environment)
+  display_name = var.servers_integration_api.application_name
 }
 
 data "azuread_service_principal" "geolocation_api" {
-  display_name = format("geolocation-lookup-api-%s", var.environment)
+  display_name = var.geo_location_api.application_name
 }
diff --git a/terraform/function_app.tf b/terraform/function_app.tf
@@ -44,11 +44,11 @@ resource "azurerm_linux_function_app" "app" {
     "portal_repository_apim_subscription_key"    = format("@Microsoft.KeyVault(VaultName=%s;SecretName=%s)", azurerm_key_vault.kv.name, azurerm_key_vault_secret.repository_api_subscription_secret.name)
     "portal_servers_apim_subscription_key"       = format("@Microsoft.KeyVault(VaultName=%s;SecretName=%s)", azurerm_key_vault.kv.name, azurerm_key_vault_secret.servers_integration_api_subscription_secret.name)
     "geolocation_apim_subscription_key"          = format("@Microsoft.KeyVault(VaultName=%s;SecretName=%s)", azurerm_key_vault.kv.name, azurerm_key_vault_secret.geolocation_api_subscription_secret.name)
-    "repository_api_application_audience"        = format("api://portal-repository-%s", var.environment)
-    "servers_api_application_audience"           = format("api://portal-servers-integration-%s", var.environment)
-    "geolocation_api_application_audience"       = format("api://geolocation-lookup-api-%s", var.environment)
-    "repository_api_path_prefix"                 = "repository-v2"
-    "servers_api_path_prefix"                    = "servers-integration"
+    "repository_api_application_audience"        = var.repository_api.application_audience
+    "servers_api_application_audience"           = var.servers_integration_api.application_audience
+    "geolocation_api_application_audience"       = var.geo_location_api.application_audience
+    "repository_api_path_prefix"                 = var.repository_api.apim_path_prefix
+    "servers_api_path_prefix"                    = var.servers_integration_api.apim_path_prefix
     "xtremeidiots_ftp_certificate_thumbprint"    = "65173167144EA988088DA20915ABB83DB27645FA"
   }
 }
diff --git a/terraform/key_vault.tf b/terraform/key_vault.tf
@@ -18,12 +18,6 @@ resource "azurerm_key_vault" "kv" {
   }
 }
 
-resource "azurerm_role_assignment" "deploy_principal_kv_role_assignment" {
-  scope                = azurerm_key_vault.kv.id
-  role_definition_name = "Key Vault Secrets Officer"
-  principal_id         = data.azurerm_client_config.current.object_id
-}
-
 resource "azurerm_role_assignment" "web_app_kv_role_assignment" {
   scope                = azurerm_key_vault.kv.id
   role_definition_name = "Key Vault Secrets User"

diff --git a/terraform/locals.tf b/terraform/locals.tf
@@ -1,7 +1,7 @@
 locals {
-  resource_group_name       = "rg-portal-repository-func-${var.environment}-${var.location}"
+  resource_group_name       = "rg-portal-repo-func-${var.environment}-${var.location}-${var.instance}"
   key_vault_name            = "kv-${random_id.environment_id.hex}-${var.location}"
-  app_insights_name         = "ai-ptl-repo-func-${random_id.environment_id.hex}-${var.environment}-${var.location}"
-  function_app_name         = "fa-ptl-repo-func-${random_id.environment_id.hex}-${var.environment}-${var.location}"
-  function_app_storage_name = "saptlrepofn${random_id.environment_id.hex}"
+  app_insights_name         = "ai-portal-repo-func-${var.environment}-${var.location}-${var.instance}"
+  function_app_name         = "fn-portal-repo-func-${var.environment}-${var.location}-${var.instance}-${random_id.environment_id.hex}"
+  function_app_storage_name = "safn${random_id.environment_id.hex}"
 }
diff --git a/terraform/tfvars/dev.tfvars b/terraform/tfvars/dev.tfvars
@@ -1,19 +1,44 @@
 environment = "dev"
 location    = "uksouth"
+instance    = "01"
 
-subscription_id = "1b5b28ed-1365-4a48-b285-80f80a6aaa1b"
+subscription_id = "d68448b0-9947-46d7-8771-baa331a3063a"
 
-api_management_subscription_id     = "1b5b28ed-1365-4a48-b285-80f80a6aaa1b"
-api_management_resource_group_name = "rg-platform-apim-dev-uksouth"
-api_management_name                = "apim-mx-platform-dev-uksouth"
+api_management_subscription_id     = "d68448b0-9947-46d7-8771-baa331a3063a"
+api_management_resource_group_name = "rg-platform-apim-dev-uksouth-01"
+api_management_name                = "apim-platform-dev-uksouth-amjx44uuirhb6"
 
-web_apps_subscription_id       = "1b5b28ed-1365-4a48-b285-80f80a6aaa1b"
-web_apps_resource_group_name   = "rg-platform-webapps-dev-uksouth"
-web_apps_app_service_plan_name = "plan-platform-dev-uksouth"
+web_apps_subscription_id       = "d68448b0-9947-46d7-8771-baa331a3063a"
+web_apps_resource_group_name   = "rg-platform-plans-dev-uksouth-01"
+web_apps_app_service_plan_name = "plan-platform-dev-uksouth-01"
 
-log_analytics_subscription_id     = "7760848c-794d-4a19-8cb2-52f71a21ac2b"
-log_analytics_resource_group_name = "rg-platform-logging-prd-uksouth"
-log_analytics_workspace_name      = "log-platform-prd-uksouth"
+log_analytics_subscription_id     = "d68448b0-9947-46d7-8771-baa331a3063a"
+log_analytics_resource_group_name = "rg-platform-logging-prd-uksouth-01"
+log_analytics_workspace_name      = "log-platform-prd-uksouth-01"
+
+geo_location_api = {
+  application_name     = "geolocation-api-dev-01"
+  application_audience = "api://geolocation-api-dev-01"
+  apim_api_name        = "geolocation-api"
+  apim_api_revision    = "1"
+  apim_path_prefix     = "geolocation"
+}
+
+repository_api = {
+  application_name     = "portal-repository-dev-01"
+  application_audience = "api://portal-repository-dev-01"
+  apim_api_name        = "repository-api"
+  apim_api_revision    = "1"
+  apim_path_prefix     = "repository"
+}
+
+servers_integration_api = {
+  application_name     = "portal-servers-integration-dev-01"
+  application_audience = "api://portal-servers-integration-dev-01"
+  apim_api_name        = "servers-integration-api"
+  apim_api_revision    = "1"
+  apim_path_prefix     = "servers-integration"
+}
 
 tags = {
   Environment = "dev",

diff --git a/terraform/tfvars/prd.tfvars b/terraform/tfvars/prd.tfvars
@@ -1,19 +1,44 @@
 environment = "prd"
 location    = "uksouth"
+instance    = "01"
 
 subscription_id = "32444f38-32f4-409f-889c-8e8aa2b5b4d1"
 
 api_management_subscription_id     = "903b6685-c12a-4703-ac54-7ec1ff15ca43"
-api_management_resource_group_name = "rg-platform-apim-prd-uksouth"
-api_management_name                = "apim-mx-platform-prd-uksouth"
+api_management_resource_group_name = "rg-platform-apim-prd-uksouth-01"
+api_management_name                = "apim-platform-prd-uksouth-ty7og2i6qpv3s"
 
 web_apps_subscription_id       = "903b6685-c12a-4703-ac54-7ec1ff15ca43"
-web_apps_resource_group_name   = "rg-platform-webapps-prd-uksouth"
-web_apps_app_service_plan_name = "plan-platform-prd-uksouth"
+web_apps_resource_group_name   = "rg-platform-plans-prd-uksouth-01"
+web_apps_app_service_plan_name = "plan-platform-prd-uksouth-01"
 
-log_analytics_subscription_id     = "7760848c-794d-4a19-8cb2-52f71a21ac2b"
-log_analytics_resource_group_name = "rg-platform-logging-prd-uksouth"
-log_analytics_workspace_name      = "log-platform-prd-uksouth"
+log_analytics_subscription_id     = "d68448b0-9947-46d7-8771-baa331a3063a"
+log_analytics_resource_group_name = "rg-platform-logging-prd-uksouth-01"
+log_analytics_workspace_name      = "log-platform-prd-uksouth-01"
+
+geo_location_api = {
+  application_name     = "geolocation-api-prd-01"
+  application_audience = "api://geolocation-prd-dev-01"
+  apim_api_name        = "geolocation-api"
+  apim_api_revision    = "1"
+  apim_path_prefix     = "geolocation"
+}
+
+repository_api = {
+  application_name     = "portal-repository-prd-01"
+  application_audience = "api://portal-repository-prd-01"
+  apim_api_name        = "repository-api"
+  apim_api_revision    = "1"
+  apim_path_prefix     = "repository"
+}
+
+servers_integration_api = {
+  application_name     = "portal-servers-integration-prd-01"
+  application_audience = "api://portal-servers-integration-prd-01"
+  apim_api_name        = "servers-integration-api"
+  apim_api_revision    = "1"
+  apim_path_prefix     = "servers-integration"
+}
 
 tags = {
   Environment = "prd",

diff --git a/terraform/variables.tf b/terraform/variables.tf
@@ -1,9 +1,13 @@
+variable "environment" {
+  default = "dev"
+}
+
 variable "location" {
   default = "uksouth"
 }
 
-variable "environment" {
-  default = "dev"
+variable "instance" {
+  default = "01"
 }
 
 variable "subscription_id" {}
@@ -20,6 +24,49 @@ variable "log_analytics_subscription_id" {}
 variable "log_analytics_resource_group_name" {}
 variable "log_analytics_workspace_name" {}
 
+variable "geo_location_api" {
+  type = object({
+    application_name = string
+    name             = string
+    revision         = string
+  })
+  default = {
+    application_name     = "geolocation-api-dev-01"
+    application_audience = "api://geolocation-api-dev-01"
+    apim_api_name        = "geolocation-api"
+    apim_api_revision    = "1"
+    apim_path_prefix     = "geolocation"
+  }
+}
+
+variable "repository_api" {
+  type = object({
+    name     = string
+    revision = string
+  })
+  default = {
+    application_name     = "portal-repository-dev-01"
+    application_audience = "api://portal-repository-dev-01"
+    apim_api_name        = "repository-api"
+    apim_api_revision    = "1"
+    apim_path_prefix     = "repository"
+  }
+}
+
+variable "servers_integration_api" {
+  type = object({
+    name     = string
+    revision = string
+  })
+  default = {
+    application_name     = "portal-servers-integration-dev-01"
+    application_audience = "api://portal-servers-integration-dev-01"
+    apim_api_name        = "servers-integration-api"
+    apim_api_revision    = "1"
+    apim_path_prefix     = "servers-integration"
+  }
+}
+
 variable "tags" {
   default = {}
 }