Skip to content

Commit

Permalink
[CES-109] Switch Messages Cosmos secondary location to ItalyNorth (#1188
Browse files Browse the repository at this point in the history
)

Co-authored-by: Daniele Manni <dan.manni@gmail.com>
Co-authored-by: Daniele Manni <BurnedMarshal@users.noreply.github.com>
Co-authored-by: Andrea Grillo <andrea.grillo@pagopa.it>
  • Loading branch information
4 people authored Sep 27, 2024
1 parent 2af6c5e commit a56097a
Show file tree
Hide file tree
Showing 10 changed files with 102 additions and 69 deletions.
68 changes: 34 additions & 34 deletions src/domains/citizen-auth-common/.terraform.lock.hcl

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

22 changes: 21 additions & 1 deletion src/domains/citizen-auth-common/01_network.tf
Original file line number Diff line number Diff line change
Expand Up @@ -46,14 +46,34 @@ data "azurerm_private_dns_zone" "privatelink_table_core" {
resource_group_name = local.vnet_common_resource_group_name
}

data "azurerm_subnet" "private_endpoints_subnet_itn" {
name = "io-p-itn-pep-snet-01"
virtual_network_name = "io-p-itn-common-vnet-01"
resource_group_name = "io-p-itn-common-rg-01"
}

## Redis Common subnet
module "redis_common_snet" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.44.0"
name = format("%s-redis-snet", local.project)
address_prefixes = var.cidr_subnet_redis_common
resource_group_name = local.vnet_common_resource_group_name
virtual_network_name = local.vnet_common_name

private_endpoint_network_policies_enabled = false
}

## Cosmos Private Endpoint
resource "azurerm_private_endpoint" "cosmos_db" {
name = "${local.project_itn}-account-sql-pep-01"
location = "italynorth"
resource_group_name = azurerm_resource_group.data_rg.name
subnet_id = data.azurerm_subnet.private_endpoints_subnet_itn.id

private_service_connection {
name = "${local.project_itn}-account-sql-pep-01"
private_connection_resource_id = module.cosmosdb_account.id
is_manual_connection = false
subresource_names = ["Sql"]
}
}
2 changes: 1 addition & 1 deletion src/domains/citizen-auth-common/02_key_vault.tf
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ resource "azurerm_resource_group" "sec_rg" {
}

module "key_vault" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//key_vault?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//key_vault?ref=v8.44.0"

name = "${local.product}-${var.domain}-kv"
location = azurerm_resource_group.sec_rg.location
Expand Down
8 changes: 4 additions & 4 deletions src/domains/citizen-auth-common/03_apim_v2.tf
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ resource "azurerm_api_management_group" "api_lollipop_assertion_read_v2" {
}

module "apim_v2_product_lollipop" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3//api_management_product?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3//api_management_product?ref=v8.44.0"

product_id = "io-lollipop-api"
display_name = "IO LOLLIPOP API"
Expand All @@ -32,7 +32,7 @@ module "apim_v2_product_lollipop" {
}

module "apim_v2_lollipop_api_v1" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3//api_management_api?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3//api_management_api?ref=v8.44.0"

name = format("%s-lollipop-api", local.product)
api_management_name = data.azurerm_api_management.apim_v2_api.name
Expand Down Expand Up @@ -149,7 +149,7 @@ resource "azurerm_api_management_group" "api_fast_login_operation_v2" {
}

module "apim_v2_product_fast_login_operation" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3//api_management_product?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3//api_management_product?ref=v8.44.0"

product_id = "io-fast-login-operation-api"
display_name = "IO FAST-LOGIN OPERATION API"
Expand All @@ -171,7 +171,7 @@ data "azurerm_linux_function_app" "functions_fast_login" {
}

module "apim_v2_fast_login_operation_api_v1" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3//api_management_api?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3//api_management_api?ref=v8.44.0"

name = format("%s-fast-login-operation-api", local.product)
api_management_name = data.azurerm_api_management.apim_v2_api.name
Expand Down
10 changes: 5 additions & 5 deletions src/domains/citizen-auth-common/03_storage.tf
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ locals {
# LolliPoP Assertion Storage
###
module "lollipop_assertions_storage" {
source = "github.com/pagopa/terraform-azurerm-v3//storage_account?ref=v7.62.0"
source = "github.com/pagopa/terraform-azurerm-v3//storage_account?ref=v8.44.0"

name = replace(format("%s-lollipop-assertions-st", local.product), "-", "") # `lollipop-assertions-st` is used in src/core/99_variables.tf#citizen_auth_assertion_storage_name
domain = upper(var.domain)
Expand All @@ -25,7 +25,7 @@ module "lollipop_assertions_storage" {
}

module "lollipop_assertions_storage_customer_managed_key" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3//storage_account_customer_managed_key?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3//storage_account_customer_managed_key?ref=v8.44.0"
tenant_id = data.azurerm_subscription.current.tenant_id
location = var.location
resource_group_name = azurerm_resource_group.data_rg.name
Expand Down Expand Up @@ -99,7 +99,7 @@ resource "azurerm_storage_queue" "lollipop_assertions_storage_revoke_queue_v2" {
# Immutable LV Audit Log Storage
###
module "immutable_lv_audit_logs_storage" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3//storage_account?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3//storage_account?ref=v8.44.0"

name = replace(format("%s-lv-logs-im-st", local.product), "-", "")
domain = upper(var.domain)
Expand Down Expand Up @@ -129,7 +129,7 @@ module "immutable_lv_audit_logs_storage" {
}

module "immutable_lv_audit_logs_storage_customer_managed_key" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3//storage_account_customer_managed_key?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3//storage_account_customer_managed_key?ref=v8.44.0"
tenant_id = data.azurerm_subscription.current.tenant_id
location = var.location
resource_group_name = azurerm_resource_group.data_rg.name
Expand Down Expand Up @@ -205,7 +205,7 @@ resource "azurerm_storage_management_policy" "immutable_lv_audit_logs_storage_ma
# Citizen Auth Storage
###
module "io_citizen_auth_storage" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3//storage_account?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3//storage_account?ref=v8.44.0"

name = replace(format("%s-st", local.project), "-", "")
domain = upper(var.domain)
Expand Down
3 changes: 1 addition & 2 deletions src/domains/citizen-auth-common/04_redis_common.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
* [REDIS V6]
*/
module "redis_common" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//redis_cache?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//redis_cache?ref=v8.44.0"
name = format("%s-redis-std-v6", local.project)
resource_group_name = azurerm_resource_group.data_rg.name
location = azurerm_resource_group.data_rg.location
Expand Down Expand Up @@ -37,7 +37,6 @@ module "redis_common" {
},
]


private_endpoint = {
enabled = true
virtual_network_id = data.azurerm_virtual_network.vnet_common.id
Expand Down
8 changes: 4 additions & 4 deletions src/domains/citizen-auth-common/05_database.tf
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ resource "azurerm_resource_group" "data_rg" {
}

module "cosmosdb_account" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3//cosmosdb_account?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3//cosmosdb_account?ref=v8.44.0"

name = "${local.product}-${var.domain}-account"
domain = upper(var.domain)
Expand All @@ -27,9 +27,9 @@ module "cosmosdb_account" {
main_geo_location_location = azurerm_resource_group.data_rg.location
main_geo_location_zone_redundant = true
additional_geo_locations = [{
location = "northeurope"
location = "italynorth"
failover_priority = 1
zone_redundant = false
zone_redundant = true
}]
consistency_policy = {
consistency_level = "Session"
Expand All @@ -49,7 +49,7 @@ module "cosmosdb_account" {
}

module "cosmosdb_sql_database_citizen_auth" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3//cosmosdb_sql_database?ref=v7.62.0"
source = "git::https://github.com/pagopa/terraform-azurerm-v3//cosmosdb_sql_database?ref=v8.44.0"
name = "citizen-auth"
resource_group_name = azurerm_resource_group.data_rg.name
account_name = module.cosmosdb_account.name
Expand Down
12 changes: 12 additions & 0 deletions src/domains/citizen-auth-common/99_locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -23,3 +23,15 @@ locals {
fn_fast_login_name = "${local.product}-weu-fast-login-fn"
fn_fast_login_resource_group_name = "${local.product}-weu-fast-login-rg"
}


# Region ITN
locals {
project_itn = "${var.prefix}-${var.env_short}-${local.itn_location_short}-${var.domain}"
itn_location = "italynorth"
itn_location_short = "itn"
common_project_itn = "${local.product}-${local.itn_location_short}"

vnet_common_name_itn = "${local.common_project_itn}-common-vnet-01"
vnet_common_resource_group_name_itn = "${local.common_project_itn}-common-rg-01"
}
4 changes: 2 additions & 2 deletions src/domains/citizen-auth-common/99_main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "<= 3.92.0"
version = "<= 3.116.0"
}
azuread = {
source = "hashicorp/azuread"
version = "<= 2.33.0"
version = "<= 2.53.0"
}
null = {
source = "hashicorp/null"
Expand Down
Loading

0 comments on commit a56097a

Please sign in to comment.