set(object(| `[]` | no | +| [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no | +| [application\_insights](#input\_application\_insights) | Application Insights integration The instrumentation key used to push data |
{
action_group_id = string
webhook_properties = map(string)
}
))
object({
enabled = bool
instrumentation_key = string
}) | n/a | yes |
+| [autoscale](#input\_autoscale) | Configure Apim autoscale rule on capacity metric | object(|
{
enabled = bool
default_instances = number
minimum_instances = number
maximum_instances = number
scale_out_capacity_percentage = number
scale_out_time_window = string
scale_out_value = string
scale_out_cooldown = string
scale_in_capacity_percentage = number
scale_in_time_window = string
scale_in_value = string
scale_in_cooldown = string
}
)
{
"default_instances": 1,
"enabled": true,
"maximum_instances": 5,
"minimum_instances": 1,
"scale_in_capacity_percentage": 30,
"scale_in_cooldown": "PT30M",
"scale_in_time_window": "PT30M",
"scale_in_value": "1",
"scale_out_capacity_percentage": 60,
"scale_out_cooldown": "PT45M",
"scale_out_time_window": "PT10M",
"scale_out_value": "2"
} | no |
+| [certificate\_names](#input\_certificate\_names) | List of key vault certificate name | `list(string)` | `[]` | no |
+| [diagnostic\_always\_log\_errors](#input\_diagnostic\_always\_log\_errors) | Always log errors. Send telemetry if there is an erroneous condition, regardless of sampling settings. | `bool` | `true` | no |
+| [diagnostic\_backend\_request](#input\_diagnostic\_backend\_request) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 | set(object(| `[]` | no | +| [diagnostic\_backend\_response](#input\_diagnostic\_backend\_response) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 |
{
body_bytes = number
headers_to_log = set(string)
}
))
set(object(| `[]` | no | +| [diagnostic\_frontend\_request](#input\_diagnostic\_frontend\_request) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 |
{
body_bytes = number
headers_to_log = set(string)
}
))
set(object(| `[]` | no | +| [diagnostic\_frontend\_response](#input\_diagnostic\_frontend\_response) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 |
{
body_bytes = number
headers_to_log = set(string)
}
))
set(object(| `[]` | no | +| [diagnostic\_http\_correlation\_protocol](#input\_diagnostic\_http\_correlation\_protocol) | The HTTP Correlation Protocol to use. Possible values are None, Legacy or W3C. | `string` | `"W3C"` | no | +| [diagnostic\_log\_client\_ip](#input\_diagnostic\_log\_client\_ip) | Log client IP address. | `bool` | `true` | no | +| [diagnostic\_sampling\_percentage](#input\_diagnostic\_sampling\_percentage) | Sampling (%). For high traffic APIs, please read the documentation to understand performance implications and log sampling. Valid values are between 0.0 and 100.0. | `number` | `5` | no | +| [diagnostic\_verbosity](#input\_diagnostic\_verbosity) | Logging verbosity. Possible values are verbose, information or error. | `string` | `"error"` | no | +| [hostname\_configuration](#input\_hostname\_configuration) | Custom domains |
{
body_bytes = number
headers_to_log = set(string)
}
))
object({
proxy = list(object(
{
default_ssl_binding = bool
host_name = string
key_vault_id = string
}))
management = object({
host_name = string
key_vault_id = string
})
portal = object({
host_name = string
key_vault_id = string
})
developer_portal = object({
host_name = string
key_vault_id = string
})
}) | `null` | no |
+| [key\_vault\_id](#input\_key\_vault\_id) | Key vault id. | `string` | `null` | no |
+| [location](#input\_location) | n/a | `string` | n/a | yes |
+| [lock\_enable](#input\_lock\_enable) | Apply lock to block accedentaly deletions. | `bool` | `false` | no |
+| [management\_logger\_applicaiton\_insight\_enabled](#input\_management\_logger\_applicaiton\_insight\_enabled) | (Optional) if false, disables management logger application insight block | `bool` | `true` | no |
+| [metric\_alerts](#input\_metric\_alerts) | Map of name = criteria objects | map(object({
description = string
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# Possible values are 0, 1, 2, 3.
severity = number
# Possible values are true, false
auto_mitigate = bool
criteria = set(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
metric_name = string
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
skip_metric_validation = bool
threshold = number
}
))
dynamic_criteria = set(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
alert_sensitivity = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
evaluation_failure_count = number
evaluation_total_count = number
ignore_data_before = string
metric_name = string
metric_namespace = string
operator = string
skip_metric_validation = bool
}
))
})) | `{}` | no |
+| [name](#input\_name) | n/a | `string` | n/a | yes |
+| [notification\_sender\_email](#input\_notification\_sender\_email) | Email address from which the notification will be sent. | `string` | `null` | no |
+| [policy\_path](#input\_policy\_path) | (Deprecated). Path of the policy file. | `string` | `null` | no |
+| [public\_ip\_address\_id](#input\_public\_ip\_address\_id) | A Public Ip resource ID | `string` | `null` | no |
+| [publisher\_email](#input\_publisher\_email) | The email of publisher/company. | `string` | n/a | yes |
+| [publisher\_name](#input\_publisher\_name) | The name of publisher/company. | `string` | n/a | yes |
+| [redis\_cache\_enabled](#input\_redis\_cache\_enabled) | (Optional) if true, enables redis caching | `bool` | `false` | no |
+| [redis\_cache\_id](#input\_redis\_cache\_id) | The resource ID of the Cache for Redis. Set `redis_cache_enabled` = true tuse this value | `string` | n/a | yes |
+| [redis\_connection\_string](#input\_redis\_connection\_string) | Connection string for redis external cache. Set `redis_cache_enabled` = true tuse this value | `string` | `null` | no |
+| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
+| [sec\_log\_analytics\_workspace\_id](#input\_sec\_log\_analytics\_workspace\_id) | Log analytics workspace security (it should be in a different subscription). | `string` | `null` | no |
+| [sec\_storage\_id](#input\_sec\_storage\_id) | Storage Account security (it should be in a different subscription). | `string` | `null` | no |
+| [sign\_up\_enabled](#input\_sign\_up\_enabled) | Can users sign up on the development portal? | `bool` | `false` | no |
+| [sign\_up\_terms\_of\_service](#input\_sign\_up\_terms\_of\_service) | the development portal terms\_of\_service | object(| `null` | no | +| [sku\_name](#input\_sku\_name) | A string consisting of two parts separated by an underscore(\_). The first part is the name, valid values include: Consumption, Developer, Basic, Standard and Premium. The second part is the capacity (e.g. the number of deployed units of the sku), which must be a positive integer (e.g. Developer\_1). | `string` | n/a | yes | +| [subnet\_id](#input\_subnet\_id) | The id of the subnet that will be used for the API Management. | `string` | `null` | no | +| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes | +| [virtual\_network\_type](#input\_virtual\_network\_type) | The type of virtual network you want to use, valid values include: None, External, Internal | `string` | `null` | no | +| [xml\_content](#input\_xml\_content) | Xml content for all api policy | `string` | `null` | no | +| [zones](#input\_zones) | List of availability zones | `list(string)` | `[]` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [diagnostic\_id](#output\_diagnostic\_id) | n/a | +| [gateway\_hostname](#output\_gateway\_hostname) | n/a | +| [gateway\_url](#output\_gateway\_url) | n/a | +| [id](#output\_id) | n/a | +| [logger\_id](#output\_logger\_id) | n/a | +| [name](#output\_name) | n/a | +| [principal\_id](#output\_principal\_id) | n/a | +| [private\_ip\_addresses](#output\_private\_ip\_addresses) | n/a | +| [public\_ip\_addresses](#output\_public\_ip\_addresses) | n/a | +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + ## Requirements @@ -153,26 +247,26 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
{
consent_required = bool
enabled = bool
text = string
}
)
set(object(| `[]` | no | +| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
{
action_group_id = string
webhook_properties = map(string)
}
))
set(object(| `[]` | no | | [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no | -| [application\_insights](#input\_application\_insights) | Application Insights integration The instrumentation key used to push data |
{
action_group_id = string
webhook_properties = map(string)
}
))
object({
enabled = bool
instrumentation_key = string
}) | n/a | yes |
-| [autoscale](#input\_autoscale) | Configure Apim autoscale rule on capacity metric | object(|
{
enabled = bool
default_instances = number
minimum_instances = number
maximum_instances = number
scale_out_capacity_percentage = number
scale_out_time_window = string
scale_out_value = string
scale_out_cooldown = string
scale_in_capacity_percentage = number
scale_in_time_window = string
scale_in_value = string
scale_in_cooldown = string
}
)
{
"default_instances": 1,
"enabled": true,
"maximum_instances": 5,
"minimum_instances": 1,
"scale_in_capacity_percentage": 30,
"scale_in_cooldown": "PT30M",
"scale_in_time_window": "PT30M",
"scale_in_value": "1",
"scale_out_capacity_percentage": 60,
"scale_out_cooldown": "PT45M",
"scale_out_time_window": "PT10M",
"scale_out_value": "2"
} | no |
+| [application\_insights](#input\_application\_insights) | Application Insights integration The instrumentation key used to push data | object({
enabled = bool
instrumentation_key = string
}) | n/a | yes |
+| [autoscale](#input\_autoscale) | Configure Apim autoscale rule on capacity metric | object(|
{
enabled = bool
default_instances = number
minimum_instances = number
maximum_instances = number
scale_out_capacity_percentage = number
scale_out_time_window = string
scale_out_value = string
scale_out_cooldown = string
scale_in_capacity_percentage = number
scale_in_time_window = string
scale_in_value = string
scale_in_cooldown = string
}
)
{
"default_instances": 1,
"enabled": true,
"maximum_instances": 5,
"minimum_instances": 1,
"scale_in_capacity_percentage": 30,
"scale_in_cooldown": "PT30M",
"scale_in_time_window": "PT30M",
"scale_in_value": "1",
"scale_out_capacity_percentage": 60,
"scale_out_cooldown": "PT45M",
"scale_out_time_window": "PT10M",
"scale_out_value": "2"
} | no |
| [certificate\_names](#input\_certificate\_names) | List of key vault certificate name | `list(string)` | `[]` | no |
| [diagnostic\_always\_log\_errors](#input\_diagnostic\_always\_log\_errors) | Always log errors. Send telemetry if there is an erroneous condition, regardless of sampling settings. | `bool` | `true` | no |
-| [diagnostic\_backend\_request](#input\_diagnostic\_backend\_request) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 | set(object(| `[]` | no | -| [diagnostic\_backend\_response](#input\_diagnostic\_backend\_response) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 |
{
body_bytes = number
headers_to_log = set(string)
}
))
set(object(| `[]` | no | -| [diagnostic\_frontend\_request](#input\_diagnostic\_frontend\_request) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 |
{
body_bytes = number
headers_to_log = set(string)
}
))
set(object(| `[]` | no | -| [diagnostic\_frontend\_response](#input\_diagnostic\_frontend\_response) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 |
{
body_bytes = number
headers_to_log = set(string)
}
))
set(object(| `[]` | no | +| [diagnostic\_backend\_request](#input\_diagnostic\_backend\_request) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 |
{
body_bytes = number
headers_to_log = set(string)
}
))
set(object(| `[]` | no | +| [diagnostic\_backend\_response](#input\_diagnostic\_backend\_response) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 |
{
body_bytes = number
headers_to_log = set(string)
}
))
set(object(| `[]` | no | +| [diagnostic\_frontend\_request](#input\_diagnostic\_frontend\_request) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 |
{
body_bytes = number
headers_to_log = set(string)
}
))
set(object(| `[]` | no | +| [diagnostic\_frontend\_response](#input\_diagnostic\_frontend\_response) | Number of payload bytes to log (up to 8192) and a list of headers to log, min items: 0, max items: 1 |
{
body_bytes = number
headers_to_log = set(string)
}
))
set(object(| `[]` | no | | [diagnostic\_http\_correlation\_protocol](#input\_diagnostic\_http\_correlation\_protocol) | The HTTP Correlation Protocol to use. Possible values are None, Legacy or W3C. | `string` | `"W3C"` | no | | [diagnostic\_log\_client\_ip](#input\_diagnostic\_log\_client\_ip) | Log client IP address. | `bool` | `true` | no | | [diagnostic\_sampling\_percentage](#input\_diagnostic\_sampling\_percentage) | Sampling (%). For high traffic APIs, please read the documentation to understand performance implications and log sampling. Valid values are between 0.0 and 100.0. | `number` | `5` | no | | [diagnostic\_verbosity](#input\_diagnostic\_verbosity) | Logging verbosity. Possible values are verbose, information or error. | `string` | `"error"` | no | -| [hostname\_configuration](#input\_hostname\_configuration) | Custom domains |
{
body_bytes = number
headers_to_log = set(string)
}
))
object({
proxy = list(object(
{
default_ssl_binding = bool
host_name = string
key_vault_id = string
}))
management = object({
host_name = string
key_vault_id = string
})
portal = object({
host_name = string
key_vault_id = string
})
developer_portal = object({
host_name = string
key_vault_id = string
})
}) | `null` | no |
+| [hostname\_configuration](#input\_hostname\_configuration) | Custom domains | object({
proxy = list(object(
{
default_ssl_binding = bool
host_name = string
key_vault_id = string
}))
management = object({
host_name = string
key_vault_id = string
})
portal = object({
host_name = string
key_vault_id = string
})
developer_portal = object({
host_name = string
key_vault_id = string
})
}) | `null` | no |
| [key\_vault\_id](#input\_key\_vault\_id) | Key vault id. | `string` | `null` | no |
| [location](#input\_location) | n/a | `string` | n/a | yes |
| [lock\_enable](#input\_lock\_enable) | Apply lock to block accedentaly deletions. | `bool` | `false` | no |
| [management\_logger\_applicaiton\_insight\_enabled](#input\_management\_logger\_applicaiton\_insight\_enabled) | (Optional) if false, disables management logger application insight block | `bool` | `true` | no |
-| [metric\_alerts](#input\_metric\_alerts) | Map of name = criteria objects | map(object({
description = string
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# Possible values are 0, 1, 2, 3.
severity = number
# Possible values are true, false
auto_mitigate = bool
criteria = set(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
metric_name = string
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
skip_metric_validation = bool
threshold = number
}
))
dynamic_criteria = set(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
alert_sensitivity = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
evaluation_failure_count = number
evaluation_total_count = number
ignore_data_before = string
metric_name = string
metric_namespace = string
operator = string
skip_metric_validation = bool
}
))
})) | `{}` | no |
+| [metric\_alerts](#input\_metric\_alerts) | Map of name = criteria objects | map(object({
description = string
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# Possible values are 0, 1, 2, 3.
severity = number
# Possible values are true, false
auto_mitigate = bool
criteria = set(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
metric_name = string
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
skip_metric_validation = bool
threshold = number
}
))
dynamic_criteria = set(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
alert_sensitivity = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
evaluation_failure_count = number
evaluation_total_count = number
ignore_data_before = string
metric_name = string
metric_namespace = string
operator = string
skip_metric_validation = bool
}
))
})) | `{}` | no |
| [name](#input\_name) | n/a | `string` | n/a | yes |
| [notification\_sender\_email](#input\_notification\_sender\_email) | Email address from which the notification will be sent. | `string` | `null` | no |
| [policy\_path](#input\_policy\_path) | (Deprecated). Path of the policy file. | `string` | `null` | no |
@@ -186,7 +280,7 @@ No modules.
| [sec\_log\_analytics\_workspace\_id](#input\_sec\_log\_analytics\_workspace\_id) | Log analytics workspace security (it should be in a different subscription). | `string` | `null` | no |
| [sec\_storage\_id](#input\_sec\_storage\_id) | Storage Account security (it should be in a different subscription). | `string` | `null` | no |
| [sign\_up\_enabled](#input\_sign\_up\_enabled) | Can users sign up on the development portal? | `bool` | `false` | no |
-| [sign\_up\_terms\_of\_service](#input\_sign\_up\_terms\_of\_service) | the development portal terms\_of\_service | object(| `null` | no | +| [sign\_up\_terms\_of\_service](#input\_sign\_up\_terms\_of\_service) | the development portal terms\_of\_service |
{
consent_required = bool
enabled = bool
text = string
}
)
object(| `null` | no | | [sku\_name](#input\_sku\_name) | A string consisting of two parts separated by an underscore(\_). The first part is the name, valid values include: Consumption, Developer, Basic, Standard and Premium. The second part is the capacity (e.g. the number of deployed units of the sku), which must be a positive integer (e.g. Developer\_1). | `string` | n/a | yes | | [subnet\_id](#input\_subnet\_id) | The id of the subnet that will be used for the API Management. | `string` | `null` | no | | [tags](#input\_tags) | n/a | `map(any)` | n/a | yes | diff --git a/api_management/tests/README.md b/api_management/tests/README.md index 7cab078e..7435c1f3 100644 --- a/api_management/tests/README.md +++ b/api_management/tests/README.md @@ -10,3 +10,46 @@ You need the access to DevOpsLab Subscription or change backend.ini value. - ./terraform.sh plan - ./terraform.sh apply - ./terraform.sh destroy + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [apim\_v2](#module\_apim\_v2) | ../../api_management | n/a | + +## Resources + +| Name | Type | +|------|------| +| [azurerm_application_insights.ai](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_insights) | resource | +| [azurerm_network_security_group.nsg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_group) | resource | +| [azurerm_public_ip.ip](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource | +| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | +| [azurerm_subnet.apim_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource | +| [azurerm_subnet_network_security_group_association.snet_nsg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet_network_security_group_association) | resource | +| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource | +| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [apim\_subnet\_cidr](#input\_apim\_subnet\_cidr) | Api Management address space. | `list(string)` |
{
consent_required = bool
enabled = bool
text = string
}
)
[| no | +| [location](#input\_location) | Resorce location | `string` | `"westeurope"` | no | +| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no | +| [tags](#input\_tags) | Azurerm test tags | `map(string)` |
"10.0.1.0/26"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/api_management_api/README.md b/api_management_api/README.md index 1f0595ad..637e0d75 100644 --- a/api_management_api/README.md +++ b/api_management_api/README.md @@ -57,6 +57,66 @@ module "apim_devopslab_webapp_python_alpha_api_v1" { ``` + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | ~>3.30 | + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | ~>3.30 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azurerm_api_management_api.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management_api) | resource | +| [azurerm_api_management_api_operation_policy.api_operation_policy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management_api_operation_policy) | resource | +| [azurerm_api_management_api_policy.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management_api_policy) | resource | +| [azurerm_api_management_product_api.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management_product_api) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [api\_management\_name](#input\_api\_management\_name) | n/a | `string` | n/a | yes | +| [api\_operation\_policies](#input\_api\_operation\_policies) | List of api policy for given operation. |
"10.0.0.0/16"
]
list(object({
operation_id = string
xml_content = string
}
)) | `[]` | no |
+| [api\_type](#input\_api\_type) | (Optional) Type of API. Possible values are graphql, http, soap, and websocket. Defaults to http. | `string` | `"http"` | no |
+| [api\_version](#input\_api\_version) | The Version number of this API, if this API is versioned. | `string` | `null` | no |
+| [content\_format](#input\_content\_format) | The format of the content from which the API Definition should be imported. | `string` | `"swagger-json"` | no |
+| [content\_value](#input\_content\_value) | The Content from which the API Definition should be imported. | `string` | n/a | yes |
+| [description](#input\_description) | n/a | `string` | n/a | yes |
+| [display\_name](#input\_display\_name) | n/a | `string` | n/a | yes |
+| [name](#input\_name) | n/a | `string` | n/a | yes |
+| [oauth2\_authorization](#input\_oauth2\_authorization) | n/a | object({
authorization_server_name = string
}
) | {
"authorization_server_name": null
} | no |
+| [path](#input\_path) | n/a | `string` | n/a | yes |
+| [product\_ids](#input\_product\_ids) | n/a | `list(string)` | `[]` | no |
+| [protocols](#input\_protocols) | n/a | `list(string)` | n/a | yes |
+| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
+| [revision](#input\_revision) | n/a | `string` | `"1"` | no |
+| [revision\_description](#input\_revision\_description) | n/a | `string` | `null` | no |
+| [service\_url](#input\_service\_url) | n/a | `string` | n/a | yes |
+| [subscription\_key\_names](#input\_subscription\_key\_names) | Override the default name of the header and query string containing the subscription key header | object({
header = string
query = string
}) | `null` | no |
+| [subscription\_required](#input\_subscription\_required) | Should this API require a subscription key? | `bool` | `false` | no |
+| [version\_set\_id](#input\_version\_set\_id) | The ID of the Version Set which this API is associated with. | `string` | `null` | no |
+| [xml\_content](#input\_xml\_content) | The XML Content for this Policy as a string | `string` | `null` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [id](#output\_id) | n/a |
+| [name](#output\_name) | n/a |
+
## Requirements
@@ -83,7 +143,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [api\_management\_name](#input\_api\_management\_name) | n/a | `string` | n/a | yes |
-| [api\_operation\_policies](#input\_api\_operation\_policies) | List of api policy for given operation. | list(object({
operation_id = string
xml_content = string
}
)) | `[]` | no |
+| [api\_operation\_policies](#input\_api\_operation\_policies) | List of api policy for given operation. | list(object({
operation_id = string
xml_content = string
}
)) | `[]` | no |
| [api\_type](#input\_api\_type) | (Optional) Type of API. Possible values are graphql, http, soap, and websocket. Defaults to http. | `string` | `"http"` | no |
| [api\_version](#input\_api\_version) | The Version number of this API, if this API is versioned. | `string` | `null` | no |
| [content\_format](#input\_content\_format) | The format of the content from which the API Definition should be imported. | `string` | `"swagger-json"` | no |
@@ -91,7 +151,7 @@ No modules.
| [description](#input\_description) | n/a | `string` | n/a | yes |
| [display\_name](#input\_display\_name) | n/a | `string` | n/a | yes |
| [name](#input\_name) | n/a | `string` | n/a | yes |
-| [oauth2\_authorization](#input\_oauth2\_authorization) | n/a | object({
authorization_server_name = string
}
) | {
"authorization_server_name": null
} | no |
+| [oauth2\_authorization](#input\_oauth2\_authorization) | n/a | object({
authorization_server_name = string
}
) | {
"authorization_server_name": null
} | no |
| [path](#input\_path) | n/a | `string` | n/a | yes |
| [product\_ids](#input\_product\_ids) | n/a | `list(string)` | `[]` | no |
| [protocols](#input\_protocols) | n/a | `list(string)` | n/a | yes |
@@ -99,7 +159,7 @@ No modules.
| [revision](#input\_revision) | n/a | `string` | `"1"` | no |
| [revision\_description](#input\_revision\_description) | n/a | `string` | `null` | no |
| [service\_url](#input\_service\_url) | n/a | `string` | n/a | yes |
-| [subscription\_key\_names](#input\_subscription\_key\_names) | Override the default name of the header and query string containing the subscription key header | object({
header = string
query = string
}) | `null` | no |
+| [subscription\_key\_names](#input\_subscription\_key\_names) | Override the default name of the header and query string containing the subscription key header | object({
header = string
query = string
}) | `null` | no |
| [subscription\_required](#input\_subscription\_required) | Should this API require a subscription key? | `bool` | `false` | no |
| [version\_set\_id](#input\_version\_set\_id) | The ID of the Version Set which this API is associated with. | `string` | `null` | no |
| [xml\_content](#input\_xml\_content) | The XML Content for this Policy as a string | `string` | `null` | no |
diff --git a/api_management_product/README.md b/api_management_product/README.md
index fe4f0d4d..569ec474 100644
--- a/api_management_product/README.md
+++ b/api_management_product/README.md
@@ -29,6 +29,55 @@ module "apim_product_devopslab" {
```
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.30 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.30 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_api_management_product.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management_product) | resource |
+| [azurerm_api_management_product_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management_product_group) | resource |
+| [azurerm_api_management_product_policy.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management_product_policy) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [api\_management\_name](#input\_api\_management\_name) | The name of the API Management Service. | `string` | n/a | yes |
+| [approval\_required](#input\_approval\_required) | Do subscribers need to be approved prior to being able to use the Product? | `bool` | n/a | yes |
+| [description](#input\_description) | A description of this Product, which may include HTML formatting tags. | `string` | n/a | yes |
+| [display\_name](#input\_display\_name) | The Display Name for this API Management Product. | `string` | n/a | yes |
+| [groups](#input\_groups) | (Optional) The groups where the product is included | `set(string)` | `[]` | no |
+| [policy\_xml](#input\_policy\_xml) | (Optional) The XML Content for this Product Policy. | `string` | `null` | no |
+| [product\_id](#input\_product\_id) | The Identifier for this Product, which must be unique within the API Management Service. | `string` | n/a | yes |
+| [published](#input\_published) | Is this Product Published? | `bool` | n/a | yes |
+| [resource\_group\_name](#input\_resource\_group\_name) | The name of the Resource Group in which the API Management Service should be exist. | `string` | n/a | yes |
+| [subscription\_required](#input\_subscription\_required) | Is a Subscription required to access API's included in this Product? | `bool` | n/a | yes |
+| [subscriptions\_limit](#input\_subscriptions\_limit) | The number of subscriptions a user can have to this Product at the same time. | `number` | `null` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [id](#output\_id) | n/a |
+| [product\_id](#output\_product\_id) | n/a |
+
## Requirements
diff --git a/app_gateway/README.md b/app_gateway/README.md
index 19f90a5f..e9c5cc70 100644
--- a/app_gateway/README.md
+++ b/app_gateway/README.md
@@ -445,6 +445,73 @@ module "appgateway_snet" {
* `rewrite_rule_sets.rewrite_rule.condition` -> `rewrite_rule_sets.rewrite_rule.conditions`
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.5.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.30 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.30 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_application_gateway.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway) | resource |
+| [azurerm_monitor_diagnostic_setting.app_gw](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_diagnostic_setting) | resource |
+| [azurerm_monitor_metric_alert.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_metric_alert) | resource |
+| [azurerm_key_vault_secret.client_cert](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | +| [alerts\_enabled](#input\_alerts\_enabled) | Should Metric Alerts be enabled? | `bool` | `true` | no | +| [app\_gateway\_max\_capacity](#input\_app\_gateway\_max\_capacity) | (Optional) Maximum capacity for autoscaling. Accepted values are in the range 2 to 125. | `string` | n/a | yes | +| [app\_gateway\_min\_capacity](#input\_app\_gateway\_min\_capacity) | (Required) Minimum capacity for autoscaling. Accepted values are in the range 0 to 100. | `string` | n/a | yes | +| [backends](#input\_backends) | Obj that allow to configure: backend\_address\_pool, backend\_http\_settings, probe |
{
action_group_id = string
webhook_properties = map(string)
}
))
map(object({
protocol = string # The Protocol which should be used. Possible values are Http and Https
host = string # The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if pick_host_name_from_backend_http_settings is set to true
port = number # Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from http settings will be used.
ip_addresses = list(string) # A list of IP Addresses which should be part of the Backend Address Pool.
fqdns = list(string) # A list of FQDN's which should be part of the Backend Address Pool.
probe = string # The Path used for this Probe.
probe_name = string # The Name of the Probe.
request_timeout = number # The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
pick_host_name_from_backend = bool # Whether the host header should be picked from the backend http settings
})) | n/a | yes |
+| [identity\_ids](#input\_identity\_ids) | n/a | `list(string)` | n/a | yes |
+| [listeners](#input\_listeners) | n/a | map(object({
protocol = string # The Protocol which should be used. Possible values are Http and Https
host = string # The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
port = number # The port used for this Frontend Port.
ssl_profile_name = string # The name of the associated SSL Profile which should be used for this HTTP Listener.
firewall_policy_id = string # The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
type = optional(string, "Public") # The type of Listener "Public" - "Private"
certificate = object({
name = string # The Name of the SSL certificate that is unique within this Application Gateway
id = string # Secret Id of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required if data is not set.
})
})) | n/a | yes |
+| [location](#input\_location) | n/a | `string` | `"westeurope"` | no |
+| [monitor\_metric\_alert\_criteria](#input\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for optionsmap(object({
description = string
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# Possible values are 0, 1, 2, 3.
severity = number
# Possible values are true, false
auto_mitigate = bool
# static
criteria = list(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
}
))
# dynamic
dynamic_criteria = list(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
# Possible values are Low, Medium, High
alert_sensitivity = string
evaluation_total_count = number
evaluation_failure_count = number
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
}
))
})) | `{}` | no |
+| [name](#input\_name) | n/a | `string` | n/a | yes |
+| [private\_ip\_address](#input\_private\_ip\_address) | Private frontend ip | `list(string)` | `[]` | no |
+| [public\_ip\_id](#input\_public\_ip\_id) | Public IP | `string` | n/a | yes |
+| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
+| [rewrite\_rule\_sets](#input\_rewrite\_rule\_sets) | Rewrite rules sets obj descriptor | list(object({
name = string # Unique name of the rewrite rule set block
rewrite_rules = list(object({
name = string # Unique name of the rewrite rule block
rule_sequence = number # Rule sequence of the rewrite rule that determines the order of execution in a set.
conditions = list(object({ # One or more condition blocks as defined above.
variable = string # The variable of the condition.
pattern = string # The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
ignore_case = bool # Perform a case in-sensitive comparison. Defaults to false
negate = bool # Negate the result of the condition evaluation. Defaults to false
}))
request_header_configurations = list(object({
header_name = string # Header name of the header configuration.
header_value = string # Header value of the header configuration. To delete a request header set this property to an empty string.
}))
response_header_configurations = list(object({
header_name = string # Header name of the header configuration.
header_value = string # Header value of the header configuration. To delete a response header set this property to an empty string.
}))
url = object({
path = string # The URL path to rewrite.
query_string = string # The query string to rewrite.
reroute = optional(bool, false) # Whether the URL path map should be reevaluated after this rewrite has been applied.
components = optional(string, null) # The components used to rewrite the URL. Possible values are path_only and query_string_only to limit the rewrite to the URL Path or URL Query String only.
})
}))
})) | `[]` | no |
+| [routes](#input\_routes) | n/a | map(object({
listener = string # Prefix for http_listener_name
backend = string # Prefix for backend_address_pool_name, backend_http_settings_name
rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this Routing Rule.
priority = number # Rule evaluation order can be dictated by specifying an integer value from 1 to 20000 with 1 being the highest priority and 20000 being the lowest priority.
})) | n/a | yes |
+| [routes\_path\_based](#input\_routes\_path\_based) | To configure path based routing | map(object({
listener = string # Prefix for http_listener_name
url_map_name = string # The Name of the URL Path Map which should be associated with this Routing Rule.
priority = number # Rule evaluation order can be dictated by specifying an integer value from 1 to 20000 with 1 being the highest priority and 20000 being the lowest priority.
})) | `{}` | no |
+| [sec\_log\_analytics\_workspace\_id](#input\_sec\_log\_analytics\_workspace\_id) | Log analytics workspace security (it should be in a different subscription). | `string` | `null` | no |
+| [sec\_storage\_id](#input\_sec\_storage\_id) | Storage Account security (it should be in a different subscription). | `string` | `null` | no |
+| [sku\_name](#input\_sku\_name) | SKU Name of the App GW | `string` | n/a | yes |
+| [sku\_tier](#input\_sku\_tier) | SKU tier of the App GW | `string` | n/a | yes |
+| [ssl\_profiles](#input\_ssl\_profiles) | n/a | list(object({
name = string # The name of the SSL Profile that is unique within this Application Gateway.
trusted_client_certificate_names = list(string) # The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
verify_client_cert_issuer_dn = bool # Should client certificate issuer DN be verified? Defaults to false
ssl_policy = object({
disabled_protocols = list(string) # A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.
policy_type = string # The Type of the Policy. Possible values are Predefined and Custom.
policy_name = string # The Name of the Policy e.g AppGwSslPolicy20170401S. Required if policy_type is set to Predefined. Possible values can change over time and are published here https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible with disabled_protocols.
cipher_suites = list(string) # A List of accepted cipher suites. see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#cipher_suites for possible values
min_protocol_version = string # The minimal TLS version. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.
})
})) | `[]` | no |
+| [subnet\_id](#input\_subnet\_id) | Subnet dedicated to the app gateway | `string` | n/a | yes |
+| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
+| [trusted\_client\_certificates](#input\_trusted\_client\_certificates) | Note: the attribute secret\_name refers to the secret contaning the client certificate. Secrects'name in the key vault can't have low hyphens but just hyphens in it. | list(object({
secret_name = string # The name of the Trusted Client Certificate that is unique within this Application Gateway.
key_vault_id = string # Key vault id, that contains the certificate.
})) | n/a | yes |
+| [url\_path\_map](#input\_url\_path\_map) | To configure the mapping between path and backend | map(object({
default_backend = string # Prefix for backend_address_pool_name, backend_http_settings_name
default_rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this Routing Rule.
path_rule = map(object({
paths = list(string) # A list of Paths used in this Path Rule
backend = string
rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this URL Path Map
}))
})) | `{}` | no |
+| [waf\_disabled\_rule\_group](#input\_waf\_disabled\_rule\_group) | n/a | list(object({
rule_group_name = string # The rule group where specific rules should be disabled.
rules = list(string) # A list of rules which should be disabled in that group. Disables all rules in the specified group if rules is not specified.
})) | `[]` | no |
+| [waf\_enabled](#input\_waf\_enabled) | Enable WAF | `bool` | `true` | no |
+| [zones](#input\_zones) | (Optional) Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created. | `list(any)` | `null` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [id](#output\_id) | n/a |
+| [name](#output\_name) | n/a |
+
## Requirements
@@ -470,32 +537,32 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | +| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
{
action_group_id = string
webhook_properties = map(string)
}
))
set(object(| `[]` | no | | [alerts\_enabled](#input\_alerts\_enabled) | Should Metric Alerts be enabled? | `bool` | `true` | no | | [app\_gateway\_max\_capacity](#input\_app\_gateway\_max\_capacity) | (Optional) Maximum capacity for autoscaling. Accepted values are in the range 2 to 125. | `string` | n/a | yes | | [app\_gateway\_min\_capacity](#input\_app\_gateway\_min\_capacity) | (Required) Minimum capacity for autoscaling. Accepted values are in the range 0 to 100. | `string` | n/a | yes | -| [backends](#input\_backends) | Obj that allow to configure: backend\_address\_pool, backend\_http\_settings, probe |
{
action_group_id = string
webhook_properties = map(string)
}
))
map(object({
protocol = string # The Protocol which should be used. Possible values are Http and Https
host = string # The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if pick_host_name_from_backend_http_settings is set to true
port = number # Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from http settings will be used.
ip_addresses = list(string) # A list of IP Addresses which should be part of the Backend Address Pool.
fqdns = list(string) # A list of FQDN's which should be part of the Backend Address Pool.
probe = string # The Path used for this Probe.
probe_name = string # The Name of the Probe.
request_timeout = number # The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
pick_host_name_from_backend = bool # Whether the host header should be picked from the backend http settings
})) | n/a | yes |
+| [backends](#input\_backends) | Obj that allow to configure: backend\_address\_pool, backend\_http\_settings, probe | map(object({
protocol = string # The Protocol which should be used. Possible values are Http and Https
host = string # The Hostname used for this Probe. If the Application Gateway is configured for a single site, by default the Host name should be specified as ‘127.0.0.1’, unless otherwise configured in custom probe. Cannot be set if pick_host_name_from_backend_http_settings is set to true
port = number # Custom port which will be used for probing the backend servers. The valid value ranges from 1 to 65535. In case not set, port from http settings will be used.
ip_addresses = list(string) # A list of IP Addresses which should be part of the Backend Address Pool.
fqdns = list(string) # A list of FQDN's which should be part of the Backend Address Pool.
probe = string # The Path used for this Probe.
probe_name = string # The Name of the Probe.
request_timeout = number # The Timeout used for this Probe, which indicates when a probe becomes unhealthy. Possible values range from 1 second to a maximum of 86,400 seconds.
pick_host_name_from_backend = bool # Whether the host header should be picked from the backend http settings
})) | n/a | yes |
| [identity\_ids](#input\_identity\_ids) | n/a | `list(string)` | n/a | yes |
-| [listeners](#input\_listeners) | n/a | map(object({
protocol = string # The Protocol which should be used. Possible values are Http and Https
host = string # The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
port = number # The port used for this Frontend Port.
ssl_profile_name = string # The name of the associated SSL Profile which should be used for this HTTP Listener.
firewall_policy_id = string # The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
type = optional(string, "Public") # The type of Listener "Public" - "Private"
certificate = object({
name = string # The Name of the SSL certificate that is unique within this Application Gateway
id = string # Secret Id of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required if data is not set.
})
})) | n/a | yes |
+| [listeners](#input\_listeners) | n/a | map(object({
protocol = string # The Protocol which should be used. Possible values are Http and Https
host = string # The Hostname which should be used for this HTTP Listener. Setting this value changes Listener Type to 'Multi site'.
port = number # The port used for this Frontend Port.
ssl_profile_name = string # The name of the associated SSL Profile which should be used for this HTTP Listener.
firewall_policy_id = string # The ID of the Web Application Firewall Policy which should be used for this HTTP Listener.
type = optional(string, "Public") # The type of Listener "Public" - "Private"
certificate = object({
name = string # The Name of the SSL certificate that is unique within this Application Gateway
id = string # Secret Id of (base-64 encoded unencrypted pfx) Secret or Certificate object stored in Azure KeyVault. You need to enable soft delete for keyvault to use this feature. Required if data is not set.
})
})) | n/a | yes |
| [location](#input\_location) | n/a | `string` | `"westeurope"` | no |
-| [monitor\_metric\_alert\_criteria](#input\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for optionsmap(object({
description = string
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# Possible values are 0, 1, 2, 3.
severity = number
# Possible values are true, false
auto_mitigate = bool
# static
criteria = list(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
}
))
# dynamic
dynamic_criteria = list(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
# Possible values are Low, Medium, High
alert_sensitivity = string
evaluation_total_count = number
evaluation_failure_count = number
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
}
))
})) | `{}` | no |
+| [monitor\_metric\_alert\_criteria](#input\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for optionsmap(object({
description = string
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# Possible values are 0, 1, 2, 3.
severity = number
# Possible values are true, false
auto_mitigate = bool
# static
criteria = list(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
}
))
# dynamic
dynamic_criteria = list(object(
{
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
# Possible values are Low, Medium, High
alert_sensitivity = string
evaluation_total_count = number
evaluation_failure_count = number
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
}
))
})) | `{}` | no |
| [name](#input\_name) | n/a | `string` | n/a | yes |
| [private\_ip\_address](#input\_private\_ip\_address) | Private frontend ip | `list(string)` | `[]` | no |
| [public\_ip\_id](#input\_public\_ip\_id) | Public IP | `string` | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
-| [rewrite\_rule\_sets](#input\_rewrite\_rule\_sets) | Rewrite rules sets obj descriptor | list(object({
name = string # Unique name of the rewrite rule set block
rewrite_rules = list(object({
name = string # Unique name of the rewrite rule block
rule_sequence = number # Rule sequence of the rewrite rule that determines the order of execution in a set.
conditions = list(object({ # One or more condition blocks as defined above.
variable = string # The variable of the condition.
pattern = string # The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
ignore_case = bool # Perform a case in-sensitive comparison. Defaults to false
negate = bool # Negate the result of the condition evaluation. Defaults to false
}))
request_header_configurations = list(object({
header_name = string # Header name of the header configuration.
header_value = string # Header value of the header configuration. To delete a request header set this property to an empty string.
}))
response_header_configurations = list(object({
header_name = string # Header name of the header configuration.
header_value = string # Header value of the header configuration. To delete a response header set this property to an empty string.
}))
url = object({
path = string # The URL path to rewrite.
query_string = string # The query string to rewrite.
reroute = optional(bool, false) # Whether the URL path map should be reevaluated after this rewrite has been applied.
components = optional(string, null) # The components used to rewrite the URL. Possible values are path_only and query_string_only to limit the rewrite to the URL Path or URL Query String only.
})
}))
})) | `[]` | no |
-| [routes](#input\_routes) | n/a | map(object({
listener = string # Prefix for http_listener_name
backend = string # Prefix for backend_address_pool_name, backend_http_settings_name
rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this Routing Rule.
priority = number # Rule evaluation order can be dictated by specifying an integer value from 1 to 20000 with 1 being the highest priority and 20000 being the lowest priority.
})) | n/a | yes |
-| [routes\_path\_based](#input\_routes\_path\_based) | To configure path based routing | map(object({
listener = string # Prefix for http_listener_name
url_map_name = string # The Name of the URL Path Map which should be associated with this Routing Rule.
priority = number # Rule evaluation order can be dictated by specifying an integer value from 1 to 20000 with 1 being the highest priority and 20000 being the lowest priority.
})) | `{}` | no |
+| [rewrite\_rule\_sets](#input\_rewrite\_rule\_sets) | Rewrite rules sets obj descriptor | list(object({
name = string # Unique name of the rewrite rule set block
rewrite_rules = list(object({
name = string # Unique name of the rewrite rule block
rule_sequence = number # Rule sequence of the rewrite rule that determines the order of execution in a set.
conditions = list(object({ # One or more condition blocks as defined above.
variable = string # The variable of the condition.
pattern = string # The pattern, either fixed string or regular expression, that evaluates the truthfulness of the condition.
ignore_case = bool # Perform a case in-sensitive comparison. Defaults to false
negate = bool # Negate the result of the condition evaluation. Defaults to false
}))
request_header_configurations = list(object({
header_name = string # Header name of the header configuration.
header_value = string # Header value of the header configuration. To delete a request header set this property to an empty string.
}))
response_header_configurations = list(object({
header_name = string # Header name of the header configuration.
header_value = string # Header value of the header configuration. To delete a response header set this property to an empty string.
}))
url = object({
path = string # The URL path to rewrite.
query_string = string # The query string to rewrite.
reroute = optional(bool, false) # Whether the URL path map should be reevaluated after this rewrite has been applied.
components = optional(string, null) # The components used to rewrite the URL. Possible values are path_only and query_string_only to limit the rewrite to the URL Path or URL Query String only.
})
}))
})) | `[]` | no |
+| [routes](#input\_routes) | n/a | map(object({
listener = string # Prefix for http_listener_name
backend = string # Prefix for backend_address_pool_name, backend_http_settings_name
rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this Routing Rule.
priority = number # Rule evaluation order can be dictated by specifying an integer value from 1 to 20000 with 1 being the highest priority and 20000 being the lowest priority.
})) | n/a | yes |
+| [routes\_path\_based](#input\_routes\_path\_based) | To configure path based routing | map(object({
listener = string # Prefix for http_listener_name
url_map_name = string # The Name of the URL Path Map which should be associated with this Routing Rule.
priority = number # Rule evaluation order can be dictated by specifying an integer value from 1 to 20000 with 1 being the highest priority and 20000 being the lowest priority.
})) | `{}` | no |
| [sec\_log\_analytics\_workspace\_id](#input\_sec\_log\_analytics\_workspace\_id) | Log analytics workspace security (it should be in a different subscription). | `string` | `null` | no |
| [sec\_storage\_id](#input\_sec\_storage\_id) | Storage Account security (it should be in a different subscription). | `string` | `null` | no |
| [sku\_name](#input\_sku\_name) | SKU Name of the App GW | `string` | n/a | yes |
| [sku\_tier](#input\_sku\_tier) | SKU tier of the App GW | `string` | n/a | yes |
-| [ssl\_profiles](#input\_ssl\_profiles) | n/a | list(object({
name = string # The name of the SSL Profile that is unique within this Application Gateway.
trusted_client_certificate_names = list(string) # The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
verify_client_cert_issuer_dn = bool # Should client certificate issuer DN be verified? Defaults to false
ssl_policy = object({
disabled_protocols = list(string) # A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.
policy_type = string # The Type of the Policy. Possible values are Predefined and Custom.
policy_name = string # The Name of the Policy e.g AppGwSslPolicy20170401S. Required if policy_type is set to Predefined. Possible values can change over time and are published here https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible with disabled_protocols.
cipher_suites = list(string) # A List of accepted cipher suites. see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#cipher_suites for possible values
min_protocol_version = string # The minimal TLS version. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.
})
})) | `[]` | no |
+| [ssl\_profiles](#input\_ssl\_profiles) | n/a | list(object({
name = string # The name of the SSL Profile that is unique within this Application Gateway.
trusted_client_certificate_names = list(string) # The name of the Trusted Client Certificate that will be used to authenticate requests from clients.
verify_client_cert_issuer_dn = bool # Should client certificate issuer DN be verified? Defaults to false
ssl_policy = object({
disabled_protocols = list(string) # A list of SSL Protocols which should be disabled on this Application Gateway. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.
policy_type = string # The Type of the Policy. Possible values are Predefined and Custom.
policy_name = string # The Name of the Policy e.g AppGwSslPolicy20170401S. Required if policy_type is set to Predefined. Possible values can change over time and are published here https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-ssl-policy-overview. Not compatible with disabled_protocols.
cipher_suites = list(string) # A List of accepted cipher suites. see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#cipher_suites for possible values
min_protocol_version = string # The minimal TLS version. Possible values are TLSv1_0, TLSv1_1 and TLSv1_2.
})
})) | `[]` | no |
| [subnet\_id](#input\_subnet\_id) | Subnet dedicated to the app gateway | `string` | n/a | yes |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
-| [trusted\_client\_certificates](#input\_trusted\_client\_certificates) | Note: the attribute secret\_name refers to the secret contaning the client certificate. Secrects'name in the key vault can't have low hyphens but just hyphens in it. | list(object({
secret_name = string # The name of the Trusted Client Certificate that is unique within this Application Gateway.
key_vault_id = string # Key vault id, that contains the certificate.
})) | n/a | yes |
-| [url\_path\_map](#input\_url\_path\_map) | To configure the mapping between path and backend | map(object({
default_backend = string # Prefix for backend_address_pool_name, backend_http_settings_name
default_rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this Routing Rule.
path_rule = map(object({
paths = list(string) # A list of Paths used in this Path Rule
backend = string
rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this URL Path Map
}))
})) | `{}` | no |
-| [waf\_disabled\_rule\_group](#input\_waf\_disabled\_rule\_group) | n/a | list(object({
rule_group_name = string # The rule group where specific rules should be disabled.
rules = list(string) # A list of rules which should be disabled in that group. Disables all rules in the specified group if rules is not specified.
})) | `[]` | no |
+| [trusted\_client\_certificates](#input\_trusted\_client\_certificates) | Note: the attribute secret\_name refers to the secret contaning the client certificate. Secrects'name in the key vault can't have low hyphens but just hyphens in it. | list(object({
secret_name = string # The name of the Trusted Client Certificate that is unique within this Application Gateway.
key_vault_id = string # Key vault id, that contains the certificate.
})) | n/a | yes |
+| [url\_path\_map](#input\_url\_path\_map) | To configure the mapping between path and backend | map(object({
default_backend = string # Prefix for backend_address_pool_name, backend_http_settings_name
default_rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this Routing Rule.
path_rule = map(object({
paths = list(string) # A list of Paths used in this Path Rule
backend = string
rewrite_rule_set_name = string # The Name of the Rewrite Rule Set which should be used for this URL Path Map
}))
})) | `{}` | no |
+| [waf\_disabled\_rule\_group](#input\_waf\_disabled\_rule\_group) | n/a | list(object({
rule_group_name = string # The rule group where specific rules should be disabled.
rules = list(string) # A list of rules which should be disabled in that group. Disables all rules in the specified group if rules is not specified.
})) | `[]` | no |
| [waf\_enabled](#input\_waf\_enabled) | Enable WAF | `bool` | `true` | no |
| [zones](#input\_zones) | (Optional) Specifies a list of Availability Zones in which this Application Gateway should be located. Changing this forces a new Application Gateway to be created. | `list(any)` | `null` | no |
diff --git a/app_service/README.md b/app_service/README.md
index bfe092c8..d3e8bcdf 100644
--- a/app_service/README.md
+++ b/app_service/README.md
@@ -51,6 +51,92 @@ Now you need to specify **only** one variable of the following list:
Of course, the values listed above may change in the future, so please check which ones are still valid.
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.95 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.95 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_app_service_virtual_network_swift_connection.app_service_virtual_network_swift_connection](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service_virtual_network_swift_connection) | resource |
+| [azurerm_linux_web_app.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_web_app) | resource |
+| [azurerm_service_plan.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/service_plan) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [allowed\_ips](#input\_allowed\_ips) | (Optional) List of ips allowed to call the appserver endpoint. | `list(string)` | `[]` | no |
+| [allowed\_service\_tags](#input\_allowed\_service\_tags) | (Optional) List of service tags allowed to call the appserver endpoint. | `list(string)` | `[]` | no |
+| [allowed\_subnets](#input\_allowed\_subnets) | (Optional) List of subnet allowed to call the appserver endpoint. | `list(string)` | `[]` | no |
+| [always\_on](#input\_always\_on) | (Optional) Should the app be loaded at all times? Defaults to false. | `bool` | `false` | no |
+| [app\_command\_line](#input\_app\_command\_line) | (Optional) App command line to launch, e.g. /sbin/myserver -b 0.0.0.0. | `string` | `null` | no |
+| [app\_settings](#input\_app\_settings) | n/a | `map(string)` | `{}` | no |
+| [auto\_heal\_enabled](#input\_auto\_heal\_enabled) | (Optional) True to enable the auto heal on the app service | `bool` | `false` | no |
+| [auto\_heal\_settings](#input\_auto\_heal\_settings) | (Optional) Auto heal settings | object({
startup_time = string
slow_requests_count = number
slow_requests_interval = string
slow_requests_time = string
}) | `null` | no |
+| [client\_affinity\_enabled](#input\_client\_affinity\_enabled) | (Optional) Should the App Service send session affinity cookies, which route client requests in the same session to the same instance? Defaults to false. | `bool` | `false` | no |
+| [client\_cert\_enabled](#input\_client\_cert\_enabled) | (Optional) Does the App Service require client certificates for incoming requests? Defaults to false. | `bool` | `false` | no |
+| [docker\_image](#input\_docker\_image) | Framework choice | `string` | `null` | no |
+| [docker\_image\_tag](#input\_docker\_image\_tag) | n/a | `string` | `null` | no |
+| [dotnet\_version](#input\_dotnet\_version) | n/a | `string` | `null` | no |
+| [ftps\_state](#input\_ftps\_state) | (Optional) Enable FTPS connection ( Default: Disabled ) | `string` | `"Disabled"` | no |
+| [go\_version](#input\_go\_version) | n/a | `string` | `null` | no |
+| [health\_check\_maxpingfailures](#input\_health\_check\_maxpingfailures) | Max ping failures allowed | `number` | `null` | no |
+| [health\_check\_path](#input\_health\_check\_path) | (Optional) The health check path to be pinged by App Service. | `string` | `null` | no |
+| [https\_only](#input\_https\_only) | (Optional) Can the App Service only be accessed via HTTPS? Defaults to true. | `bool` | `true` | no |
+| [ip\_restriction\_default\_action](#input\_ip\_restriction\_default\_action) | The Default action for traffic that does not match any ip\_restriction rule. possible values include Allow and Deny. | `string` | n/a | yes |
+| [java\_server](#input\_java\_server) | n/a | `string` | `null` | no |
+| [java\_server\_version](#input\_java\_server\_version) | n/a | `string` | `null` | no |
+| [java\_version](#input\_java\_version) | n/a | `string` | `null` | no |
+| [location](#input\_location) | (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | `"westeurope"` | no |
+| [name](#input\_name) | (Required) Specifies the name of the App Service. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [node\_version](#input\_node\_version) | n/a | `string` | `null` | no |
+| [php\_version](#input\_php\_version) | n/a | `string` | `null` | no |
+| [plan\_id](#input\_plan\_id) | (Optional only if plan\_type=internal) Specifies the external app service plan id. | `string` | `null` | no |
+| [plan\_maximum\_elastic\_worker\_count](#input\_plan\_maximum\_elastic\_worker\_count) | (Optional) The maximum number of total workers allowed for this ElasticScaleEnabled App Service Plan. | `number` | `null` | no |
+| [plan\_name](#input\_plan\_name) | (Optional) Specifies the name of the App Service Plan component. Changing this forces a new resource to be created. | `string` | `null` | no |
+| [plan\_per\_site\_scaling](#input\_plan\_per\_site\_scaling) | (Optional) Can Apps assigned to this App Service Plan be scaled independently? If set to false apps assigned to this plan will scale to all instances of the plan. Defaults to false. | `bool` | `false` | no |
+| [plan\_type](#input\_plan\_type) | (Required) Specifies if app service plan is external or internal | `string` | `"internal"` | no |
+| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | (Optional) Should public network access be enabled for the App Service. Defaults to true. | `bool` | `true` | no |
+| [python\_version](#input\_python\_version) | n/a | `string` | `null` | no |
+| [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the resource group in which to create the App Service and App Service Plan. | `string` | n/a | yes |
+| [ruby\_version](#input\_ruby\_version) | n/a | `string` | `null` | no |
+| [sku\_name](#input\_sku\_name) | (Required) The SKU for the plan. | `string` | `null` | no |
+| [sticky\_settings](#input\_sticky\_settings) | (Optional) A list of app\_setting names that the Linux Function App will not swap between Slots when a swap operation is triggered | `list(string)` | `[]` | no |
+| [subnet\_id](#input\_subnet\_id) | (Optional) Subnet id wether you want to integrate the app service to a subnet. | `string` | `null` | no |
+| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
+| [use\_32\_bit\_worker\_process](#input\_use\_32\_bit\_worker\_process) | (Optional) Should the Function App run in 32 bit mode, rather than 64 bit mode? Defaults to false. | `bool` | `false` | no |
+| [vnet\_integration](#input\_vnet\_integration) | (optional) enable vnet integration. Wheter it's true the subnet\_id should not be null. | `bool` | `false` | no |
+| [zone\_balancing\_enabled](#input\_zone\_balancing\_enabled) | (Optional) Should the Service Plan balance across Availability Zones in the region. Changing this forces a new resource to be created. If this setting is set to true and the worker\_count value is specified, it should be set to a multiple of the number of availability zones in the region. Please see the Azure documentation for the number of Availability Zones in your region. | `bool` | `false` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [custom\_domain\_verification\_id](#output\_custom\_domain\_verification\_id) | n/a |
+| [default\_site\_hostname](#output\_default\_site\_hostname) | n/a |
+| [id](#output\_id) | n/a |
+| [name](#output\_name) | n/a |
+| [plan\_id](#output\_plan\_id) | n/a |
+| [plan\_name](#output\_plan\_name) | n/a |
+| [principal\_id](#output\_principal\_id) | n/a |
+| [resource\_group\_name](#output\_resource\_group\_name) | n/a |
+
## Requirements
@@ -82,7 +168,7 @@ No modules.
| [app\_command\_line](#input\_app\_command\_line) | (Optional) App command line to launch, e.g. /sbin/myserver -b 0.0.0.0. | `string` | `null` | no |
| [app\_settings](#input\_app\_settings) | n/a | `map(string)` | `{}` | no |
| [auto\_heal\_enabled](#input\_auto\_heal\_enabled) | (Optional) True to enable the auto heal on the app service | `bool` | `false` | no |
-| [auto\_heal\_settings](#input\_auto\_heal\_settings) | (Optional) Auto heal settings | object({
startup_time = string
slow_requests_count = number
slow_requests_interval = string
slow_requests_time = string
}) | `null` | no |
+| [auto\_heal\_settings](#input\_auto\_heal\_settings) | (Optional) Auto heal settings | object({
startup_time = string
slow_requests_count = number
slow_requests_interval = string
slow_requests_time = string
}) | `null` | no |
| [client\_affinity\_enabled](#input\_client\_affinity\_enabled) | (Optional) Should the App Service send session affinity cookies, which route client requests in the same session to the same instance? Defaults to false. | `bool` | `false` | no |
| [client\_cert\_enabled](#input\_client\_cert\_enabled) | (Optional) Does the App Service require client certificates for incoming requests? Defaults to false. | `bool` | `false` | no |
| [docker\_image](#input\_docker\_image) | Framework choice | `string` | `null` | no |
diff --git a/app_service/tests/OLD/README.md b/app_service/tests/OLD/README.md
index 6c6c0daa..1fb1f085 100644
--- a/app_service/tests/OLD/README.md
+++ b/app_service/tests/OLD/README.md
@@ -7,3 +7,46 @@ Terraform template to test the Azure function_app module
- terraform init
- terraform plan
- terraform apply
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [web\_app\_service\_docker](#module\_web\_app\_service\_docker) | git::https://github.com/pagopa/terraform-azurerm-v3.git//app_service | v8.16.0 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_app_service_plan.app_docker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service_plan) | resource |
+| [azurerm_application_insights.ai](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_insights) | resource |
+| [azurerm_container_registry.reg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry) | resource |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.arm_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | n/a | `string` | `"westeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [subnet\_cidr](#input\_subnet\_cidr) | n/a | `list(string)` | [| no | +| [tags](#input\_tags) | App\_service example | `map(string)` |
"10.0.1.0/26"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [login\_server](#output\_login\_server) | n/a | +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/app_service/tests/README.md b/app_service/tests/README.md index 6c6c0daa..5305863c 100644 --- a/app_service/tests/README.md +++ b/app_service/tests/README.md @@ -7,3 +7,46 @@ Terraform template to test the Azure function_app module - terraform init - terraform plan - terraform apply + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.100.0 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [web\_app\_service\_docker](#module\_web\_app\_service\_docker) | ../ | n/a | + +## Resources + +| Name | Type | +|------|------| +| [azurerm_application_insights.ai](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_insights) | resource | +| [azurerm_container_registry.reg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry) | resource | +| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | +| [azurerm_service_plan.app_docker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/service_plan) | resource | +| [azurerm_subnet.arm_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource | +| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource | +| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [location](#input\_location) | n/a | `string` | `"westeurope"` | no | +| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no | +| [subnet\_cidr](#input\_subnet\_cidr) | n/a | `list(string)` |
"10.0.0.0/16"
]
[| no | +| [tags](#input\_tags) | App\_service example | `map(string)` |
"10.0.1.0/26"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [login\_server](#output\_login\_server) | n/a | +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/app_service_slot/README.md b/app_service_slot/README.md index d9752db6..21ba05dd 100644 --- a/app_service_slot/README.md +++ b/app_service_slot/README.md @@ -50,6 +50,80 @@ Now you need to specify **only** one variable of the following list: Of course, the values listed above may change in the future, so please check which ones are still valid. + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | ~>3.95 | + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | ~>3.95 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azurerm_app_service_slot_virtual_network_swift_connection.app_service_virtual_network_swift_connection](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service_slot_virtual_network_swift_connection) | resource | +| [azurerm_linux_web_app_slot.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_web_app_slot) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [allowed\_ips](#input\_allowed\_ips) | (Optional) List of ips allowed to call the appserver endpoint. | `list(string)` | `[]` | no | +| [allowed\_service\_tags](#input\_allowed\_service\_tags) | (Optional) List of service tags allowed to call the appserver endpoint. | `list(string)` | `[]` | no | +| [allowed\_subnets](#input\_allowed\_subnets) | (Optional) List of subnet allowed to call the appserver endpoint. | `list(string)` | `[]` | no | +| [always\_on](#input\_always\_on) | (Optional) Should the app be loaded at all times? Defaults to false. | `bool` | `false` | no | +| [app\_command\_line](#input\_app\_command\_line) | (Optional) App command line to launch, e.g. /sbin/myserver -b 0.0.0.0. | `string` | `null` | no | +| [app\_service\_id](#input\_app\_service\_id) | (Required) The id of the App Service within which to create the App Service Slot. | `string` | n/a | yes | +| [app\_service\_name](#input\_app\_service\_name) | (Required) The name of the App Service within which to create the App Service Slot. Changing this forces a new resource to be created. | `string` | n/a | yes | +| [app\_settings](#input\_app\_settings) | n/a | `map(string)` | `{}` | no | +| [auto\_heal\_enabled](#input\_auto\_heal\_enabled) | (Optional) True to enable the auto heal on the app service | `bool` | `false` | no | +| [auto\_heal\_settings](#input\_auto\_heal\_settings) | (Optional) Auto heal settings |
"10.0.0.0/16"
]
object({
startup_time = string
slow_requests_count = number
slow_requests_interval = string
slow_requests_time = string
}) | `null` | no |
+| [client\_affinity\_enabled](#input\_client\_affinity\_enabled) | (Optional) Should the App Service send session affinity cookies, which route client requests in the same session to the same instance? Defaults to false. | `bool` | `false` | no |
+| [client\_certificate\_enabled](#input\_client\_certificate\_enabled) | Should the function app use Client Certificates | `bool` | `false` | no |
+| [docker\_image](#input\_docker\_image) | Framework choice | `string` | `null` | no |
+| [docker\_image\_tag](#input\_docker\_image\_tag) | n/a | `string` | `null` | no |
+| [dotnet\_version](#input\_dotnet\_version) | n/a | `string` | `null` | no |
+| [ftps\_state](#input\_ftps\_state) | (Optional) Enable FTPS connection ( Default: Disabled ) | `string` | `"Disabled"` | no |
+| [go\_version](#input\_go\_version) | n/a | `string` | `null` | no |
+| [health\_check\_path](#input\_health\_check\_path) | (Optional) The health check path to be pinged by App Service. | `string` | `null` | no |
+| [https\_only](#input\_https\_only) | (Optional) Can the App Service only be accessed via HTTPS? Defaults to true. | `bool` | `true` | no |
+| [ip\_restriction\_default\_action](#input\_ip\_restriction\_default\_action) | (Optional) The Default action for traffic that does not match any ip\_restriction rule. possible values include Allow and Deny. Defaults to Allow. | `string` | `"Allow"` | no |
+| [java\_server](#input\_java\_server) | n/a | `string` | `null` | no |
+| [java\_server\_version](#input\_java\_server\_version) | n/a | `string` | `null` | no |
+| [java\_version](#input\_java\_version) | n/a | `string` | `null` | no |
+| [location](#input\_location) | (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | `"westeurope"` | no |
+| [name](#input\_name) | (Required) Specifies the name of the App Service. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [node\_version](#input\_node\_version) | n/a | `string` | `null` | no |
+| [php\_version](#input\_php\_version) | n/a | `string` | `null` | no |
+| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | (Optional) Should public network access be enabled for the App Service. Defaults to true. | `bool` | `true` | no |
+| [python\_version](#input\_python\_version) | n/a | `string` | `null` | no |
+| [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the resource group in which to create the App Service and App Service Plan. | `string` | n/a | yes |
+| [ruby\_version](#input\_ruby\_version) | n/a | `string` | `null` | no |
+| [subnet\_id](#input\_subnet\_id) | (Optional) Subnet id wether you want to integrate the app service to a subnet. | `string` | `null` | no |
+| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
+| [use\_32\_bit\_worker\_process](#input\_use\_32\_bit\_worker\_process) | (Optional) Should the App Service Slot run in 32 bit mode, rather than 64 bit mode? Defaults to false. | `bool` | `false` | no |
+| [vnet\_integration](#input\_vnet\_integration) | (optional) enable vnet integration. Wheter it's true the subnet\_id should not be null. | `bool` | `false` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [default\_site\_hostname](#output\_default\_site\_hostname) | n/a |
+| [id](#output\_id) | n/a |
+| [name](#output\_name) | n/a |
+| [principal\_id](#output\_principal\_id) | n/a |
+
## Requirements
@@ -82,7 +156,7 @@ No modules.
| [app\_service\_name](#input\_app\_service\_name) | (Required) The name of the App Service within which to create the App Service Slot. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [app\_settings](#input\_app\_settings) | n/a | `map(string)` | `{}` | no |
| [auto\_heal\_enabled](#input\_auto\_heal\_enabled) | (Optional) True to enable the auto heal on the app service | `bool` | `false` | no |
-| [auto\_heal\_settings](#input\_auto\_heal\_settings) | (Optional) Auto heal settings | object({
startup_time = string
slow_requests_count = number
slow_requests_interval = string
slow_requests_time = string
}) | `null` | no |
+| [auto\_heal\_settings](#input\_auto\_heal\_settings) | (Optional) Auto heal settings | object({
startup_time = string
slow_requests_count = number
slow_requests_interval = string
slow_requests_time = string
}) | `null` | no |
| [client\_affinity\_enabled](#input\_client\_affinity\_enabled) | (Optional) Should the App Service send session affinity cookies, which route client requests in the same session to the same instance? Defaults to false. | `bool` | `false` | no |
| [client\_certificate\_enabled](#input\_client\_certificate\_enabled) | Should the function app use Client Certificates | `bool` | `false` | no |
| [docker\_image](#input\_docker\_image) | Framework choice | `string` | `null` | no |
diff --git a/app_service_slot/tests/OLD/README.md b/app_service_slot/tests/OLD/README.md
index 6c6c0daa..f2ad69ab 100644
--- a/app_service_slot/tests/OLD/README.md
+++ b/app_service_slot/tests/OLD/README.md
@@ -7,3 +7,47 @@ Terraform template to test the Azure function_app module
- terraform init
- terraform plan
- terraform apply
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [web\_app\_service\_docker](#module\_web\_app\_service\_docker) | git::https://github.com/pagopa/terraform-azurerm-v3.git//app_service | v8.16.0 |
+| [web\_app\_service\_slot\_docker](#module\_web\_app\_service\_slot\_docker) | git::https://github.com/pagopa/terraform-azurerm-v3.git//app_service_slot | v8.16.0 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_app_service_plan.app_docker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service_plan) | resource |
+| [azurerm_application_insights.ai](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_insights) | resource |
+| [azurerm_container_registry.reg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry) | resource |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.arm_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | n/a | `string` | `"westeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [subnet\_cidr](#input\_subnet\_cidr) | n/a | `list(string)` | [| no | +| [tags](#input\_tags) | App\_service example | `map(string)` |
"10.0.1.0/26"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [login\_server](#output\_login\_server) | n/a | +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/app_service_slot/tests/README.md b/app_service_slot/tests/README.md index 6c6c0daa..47134962 100644 --- a/app_service_slot/tests/README.md +++ b/app_service_slot/tests/README.md @@ -7,3 +7,47 @@ Terraform template to test the Azure function_app module - terraform init - terraform plan - terraform apply + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.100.0 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [web\_app\_service\_docker](#module\_web\_app\_service\_docker) | ../../app_service | n/a | +| [web\_app\_service\_slot\_docker](#module\_web\_app\_service\_slot\_docker) | ../ | n/a | + +## Resources + +| Name | Type | +|------|------| +| [azurerm_application_insights.ai](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_insights) | resource | +| [azurerm_container_registry.reg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry) | resource | +| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | +| [azurerm_service_plan.app_docker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/service_plan) | resource | +| [azurerm_subnet.arm_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource | +| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource | +| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [location](#input\_location) | n/a | `string` | `"westeurope"` | no | +| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no | +| [subnet\_cidr](#input\_subnet\_cidr) | n/a | `list(string)` |
"10.0.0.0/16"
]
[| no | +| [tags](#input\_tags) | App\_service example | `map(string)` |
"10.0.1.0/26"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | ## Custom variables | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [login\_server](#output\_login\_server) | n/a | +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/application_insights_standard_web_test/README.md b/application_insights_standard_web_test/README.md index 585de51b..5b746764 100644 --- a/application_insights_standard_web_test/README.md +++ b/application_insights_standard_web_test/README.md @@ -22,3 +22,56 @@ module "webservice_monitor_01" { https_probe_method = "POST" } ``` + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | ~>3.30 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azurerm_application_insights_standard_web_test.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_insights_standard_web_test) | resource | +| [azurerm_monitor_metric_alert.alert_this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_metric_alert) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [alert\_auto\_mitigate](#input\_alert\_auto\_mitigate) | (Optional) auto mitigate the alert when triggered | `bool` | `false` | no | +| [alert\_enabled](#input\_alert\_enabled) | (Optional) Is this alert enabled? | `bool` | `true` | no | +| [alert\_name](#input\_alert\_name) | (Optional) Alert name | `string` | `null` | no | +| [alert\_use\_web\_test\_criteria](#input\_alert\_use\_web\_test\_criteria) | (Optional) if true, uses the application\_insights\_web\_test\_location\_availability\_criteria instead of criteria block to read the web test result | `bool` | `false` | no | +| [application\_insights\_action\_group\_ids](#input\_application\_insights\_action\_group\_ids) | (Required) Application insights action group ids | `list(string)` | n/a | yes | +| [application\_insights\_id](#input\_application\_insights\_id) | (Required) Application Insights id | `string` | n/a | yes | +| [application\_insights\_resource\_group](#input\_application\_insights\_resource\_group) | (Required) Application Insights resource group | `string` | n/a | yes | +| [availability\_failed\_location\_threshold](#input\_availability\_failed\_location\_threshold) | (Optional) number of failed location that should trigger the alert. used when 'alert\_use\_web\_test\_criteria' is true | `number` | `1` | no | +| [frequency](#input\_frequency) | (Optional) Interval in seconds between test runs for this WebTest. Valid options are 300, 600 and 900. Defaults to 300. | `number` | `300` | no | +| [https\_endpoint](#input\_https\_endpoint) | Https endpoint to check | `string` | n/a | yes | +| [https\_endpoint\_path](#input\_https\_endpoint\_path) | Https endpoint path to check | `string` | n/a | yes | +| [https\_probe\_body](#input\_https\_probe\_body) | Https request body | `string` | `null` | no | +| [https\_probe\_headers](#input\_https\_probe\_headers) | Https request headers | `string` | `"{}"` | no | +| [https\_probe\_method](#input\_https\_probe\_method) | Https request method | `string` | n/a | yes | +| [https\_probe\_threshold](#input\_https\_probe\_threshold) | threshold for metric alert | `number` | `90` | no | +| [location](#input\_location) | Application insight location. | `string` | n/a | yes | +| [metric\_frequency](#input\_metric\_frequency) | (Optional) The evaluation frequency of this Metric Alert, represented in ISO 8601 duration format. Possible values are PT1M, PT5M, PT15M, PT30M and PT1H. Defaults to PT5M. | `string` | `"PT5M"` | no | +| [metric\_severity](#input\_metric\_severity) | (Optional) The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 0. | `number` | `0` | no | +| [metric\_window\_size](#input\_metric\_window\_size) | (Optional) The period of time that is used to monitor alert activity, represented in ISO 8601 duration format. This value must be greater than frequency. Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D. Defaults to PT5M. | `string` | `"PT5M"` | no | +| [replace\_non\_words\_in\_name](#input\_replace\_non\_words\_in\_name) | (Optional) if true, replaces non words characters in web test name with dash | `bool` | `false` | no | +| [request\_follow\_redirects](#input\_request\_follow\_redirects) | (Optional) Should the following of redirects be enabled? | `bool` | `true` | no | +| [request\_parse\_dependent\_requests\_enabled](#input\_request\_parse\_dependent\_requests\_enabled) | (Optional) Should the parsing of dependend requests be enabled? Defaults to true. | `bool` | `true` | no | +| [retry\_enabled](#input\_retry\_enabled) | (Optional) Should the retry on WebTest failure be enabled? | `bool` | `false` | no | +| [timeout](#input\_timeout) | (Optional) Seconds until this WebTest will timeout and fail. Default is 30. | `number` | `30` | no | +| [validation\_rules](#input\_validation\_rules) | (Optional) validation rules block |
"10.0.0.0/16"
]
object({
content = optional(object({
content_match = string
ignore_case = optional(bool, false)
pass_if_text_found = optional(bool, true)
}), null)
expected_status_code = optional(number, 200)
ssl_cert_remaining_lifetime = optional(number, 7)
ssl_check_enabled = optional(bool, true)
}) | `null` | no |
+
+## Outputs
+
+No outputs.
+
diff --git a/application_insights_standard_web_test/tests/README.md b/application_insights_standard_web_test/tests/README.md
index b2c32357..a97e30a2 100644
--- a/application_insights_standard_web_test/tests/README.md
+++ b/application_insights_standard_web_test/tests/README.md
@@ -11,3 +11,44 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.97.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [\_\_web\_test\_all](#module\_\_\_web\_test\_all) | ../../application_insights_standard_web_test | n/a |
+| [\_\_web\_test\_legacy](#module\_\_\_web\_test\_legacy) | ../../application_insights_standard_web_test | n/a |
+| [alert\_snet](#module\_alert\_snet) | ../../subnet | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_application_insights.application_insights](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_insights) | resource |
+| [azurerm_private_dns_zone.external_zone](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_resource_group.alert_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_resource_group.monitor_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_resource_group.rg_alert](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_resource_group.vnet_alert_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_virtual_network.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"italynorth"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [tags](#input\_tags) | Azurerm test tags | `map(string)` | {
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+
+## Outputs
+
+No outputs.
+
diff --git a/application_insights_web_test_preview/README.md b/application_insights_web_test_preview/README.md
index 11bb56ac..5e2b34b3 100644
--- a/application_insights_web_test_preview/README.md
+++ b/application_insights_web_test_preview/README.md
@@ -44,6 +44,58 @@ module "web_test_availability_alert_rules_for_api" {
```
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.30 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.30 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_monitor_metric_alert.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_metric_alert) | resource |
+| [azurerm_template_deployment.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/template_deployment) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [actions](#input\_actions) | n/a | list(object({
action_group_id = string
})) | n/a | yes |
+| [alert\_description](#input\_alert\_description) | Web Availability Alert description | `string` | `"Web availability check alert triggered when it fails."` | no |
+| [application\_insight\_id](#input\_application\_insight\_id) | Application insight id. | `string` | n/a | yes |
+| [application\_insight\_name](#input\_application\_insight\_name) | Application insight instance name. | `string` | n/a | yes |
+| [auto\_mitigate](#input\_auto\_mitigate) | (Optional) Should the alerts in this Metric Alert be auto resolved? Defaults to false. | `bool` | `false` | no |
+| [content\_validation](#input\_content\_validation) | Required text that should appear in the response for this WebTest. | `string` | `"null"` | no |
+| [expected\_http\_status](#input\_expected\_http\_status) | Expeced http status code. | `number` | `200` | no |
+| [failed\_location\_count](#input\_failed\_location\_count) | The number of failed locations. | `number` | `1` | no |
+| [frequency](#input\_frequency) | Interval in seconds between test runs for this WebTest. | `number` | `300` | no |
+| [ignore\_http\_status](#input\_ignore\_http\_status) | Ignore http status code. | `bool` | `false` | no |
+| [location](#input\_location) | Application insight location. | `string` | n/a | yes |
+| [name](#input\_name) | (Required) Web test name | `string` | n/a | yes |
+| [request\_url](#input\_request\_url) | Url to check. | `string` | n/a | yes |
+| [resource\_group](#input\_resource\_group) | Resource group name | `string` | n/a | yes |
+| [severity](#input\_severity) | The severity of this Metric Alert. | `number` | `1` | no |
+| [ssl\_cert\_remaining\_lifetime\_check](#input\_ssl\_cert\_remaining\_lifetime\_check) | Days before the ssl certificate will expire. An expiry certificate will cause the test failing. | `number` | `7` | no |
+| [subscription\_id](#input\_subscription\_id) | (Required) subscription id. | `string` | n/a | yes |
+| [timeout](#input\_timeout) | Seconds until this WebTest will timeout and fail. | `number` | `30` | no |
+
+## Outputs
+
+No outputs.
+
## Requirements
@@ -67,7 +119,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [actions](#input\_actions) | n/a | list(object({
action_group_id = string
})) | n/a | yes |
+| [actions](#input\_actions) | n/a | list(object({
action_group_id = string
})) | n/a | yes |
| [alert\_description](#input\_alert\_description) | Web Availability Alert description | `string` | `"Web availability check alert triggered when it fails."` | no |
| [application\_insight\_id](#input\_application\_insight\_id) | Application insight id. | `string` | n/a | yes |
| [application\_insight\_name](#input\_application\_insight\_name) | Application insight instance name. | `string` | n/a | yes |
diff --git a/azure_devops_agent/README.md b/azure_devops_agent/README.md
index 702b9c72..ef21ce38 100644
--- a/azure_devops_agent/README.md
+++ b/azure_devops_agent/README.md
@@ -70,6 +70,64 @@ module "module "azdoa_vmss_li" {" {
```
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.30 |
+| [null](#requirement\_null) | ~> 3.2 |
+| [tls](#requirement\_tls) | ~> 4.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.30 |
+| [tls](#provider\_tls) | ~> 4.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_linux_virtual_machine_scale_set.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set) | resource |
+| [azurerm_ssh_public_key.this_public_key](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/ssh_public_key) | resource |
+| [tls_private_key.this_key](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [admin\_password](#input\_admin\_password) | (Optional) The Password which should be used for the local-administrator on this Virtual Machine. Changing this forces a new resource to be created. will be stored in the raw state as plain-text | `string` | `null` | no |
+| [authentication\_type](#input\_authentication\_type) | (Required) Type of authentication to use with the VM. Defaults to password for Windows and SSH public key for Linux. all enables both ssh and password authentication. | `string` | `"SSH"` | no |
+| [encryption\_set\_id](#input\_encryption\_set\_id) | (Optional) An existing encryption set | `string` | `null` | no |
+| [image\_reference](#input\_image\_reference) | (Optional) A source\_image\_reference block as defined below. | object({
publisher = string
offer = string
sku = string
version = string
}) | {
"offer": "0001-com-ubuntu-server-jammy",
"publisher": "Canonical",
"sku": "22_04-lts-gen2",
"version": "latest"
} | no |
+| [image\_resource\_group\_name](#input\_image\_resource\_group\_name) | (Optional) Resource group name where to find the vm image used for azdo vms. If not defined, 'resource\_group\_name' will be used | `string` | `null` | no |
+| [image\_type](#input\_image\_type) | (Required) Defines the source image to be used, whether 'custom' or 'standard'. `custom` requires `source_image_name` to be defined, `standard` requires `image_reference` | `string` | `"custom"` | no |
+| [location](#input\_location) | (Optional) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | `"westeurope"` | no |
+| [name](#input\_name) | (Required) The name of the Linux Virtual Machine Scale Set. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the Resource Group in which the Linux Virtual Machine Scale Set should be exist. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [source\_image\_name](#input\_source\_image\_name) | (Optional) The name of an Image which each Virtual Machine in this Scale Set should be based on. It must be stored in the same subscription & resource group of this resource | `string` | n/a | yes |
+| [storage\_sku](#input\_storage\_sku) | (Optional) The SKU of the storage account with which to persist VM. Use a singular sku that would be applied across all disks, or specify individual disks. Usage: [--storage-sku SKU \| --storage-sku ID=SKU ID=SKU ID=SKU...], where each ID is os or a 0-indexed lun. Allowed values: Standard\_LRS, Premium\_LRS, StandardSSD\_LRS, UltraSSD\_LRS, Premium\_ZRS, StandardSSD\_ZRS. | `string` | `"StandardSSD_LRS"` | no |
+| [subnet\_id](#input\_subnet\_id) | (Required) An existing subnet ID | `string` | `null` | no |
+| [subscription\_id](#input\_subscription\_id) | (Required) Azure subscription id | `string` | n/a | yes |
+| [tags](#input\_tags) | Tags | `map(any)` | `{}` | no |
+| [vm\_sku](#input\_vm\_sku) | (Optional) Size of VMs in the scale set. Default to Standard\_B1s. See https://azure.microsoft.com/pricing/details/virtual-machines/ for size info. | `string` | `"Standard_B2ms"` | no |
+| [vmss\_instances](#input\_vmss\_instances) | (Optional) The number of Virtual Machines in the Scale Set. Defaults to 0. | `number` | `"0"` | no |
+| [zone\_balance](#input\_zone\_balance) | (Optional) If true forces the even distribution of instances across all the configured zones ('zones' variable) | `bool` | `false` | no |
+| [zones](#input\_zones) | (Optional) List of AZ on which the scale set will distribute its instances | `list(string)` | `null` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [scale\_set\_id](#output\_scale\_set\_id) | n/a |
+
## Requirements
@@ -99,7 +157,7 @@ No modules.
| [admin\_password](#input\_admin\_password) | (Optional) The Password which should be used for the local-administrator on this Virtual Machine. Changing this forces a new resource to be created. will be stored in the raw state as plain-text | `string` | `null` | no |
| [authentication\_type](#input\_authentication\_type) | (Required) Type of authentication to use with the VM. Defaults to password for Windows and SSH public key for Linux. all enables both ssh and password authentication. | `string` | `"SSH"` | no |
| [encryption\_set\_id](#input\_encryption\_set\_id) | (Optional) An existing encryption set | `string` | `null` | no |
-| [image\_reference](#input\_image\_reference) | (Optional) A source\_image\_reference block as defined below. | object({
publisher = string
offer = string
sku = string
version = string
}) | {
"offer": "0001-com-ubuntu-server-jammy",
"publisher": "Canonical",
"sku": "22_04-lts-gen2",
"version": "latest"
} | no |
+| [image\_reference](#input\_image\_reference) | (Optional) A source\_image\_reference block as defined below. | object({
publisher = string
offer = string
sku = string
version = string
}) | {
"offer": "0001-com-ubuntu-server-jammy",
"publisher": "Canonical",
"sku": "22_04-lts-gen2",
"version": "latest"
} | no |
| [image\_resource\_group\_name](#input\_image\_resource\_group\_name) | (Optional) Resource group name where to find the vm image used for azdo vms. If not defined, 'resource\_group\_name' will be used | `string` | `null` | no |
| [image\_type](#input\_image\_type) | (Required) Defines the source image to be used, whether 'custom' or 'standard'. `custom` requires `source_image_name` to be defined, `standard` requires `image_reference` | `string` | `"custom"` | no |
| [location](#input\_location) | (Optional) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | `"westeurope"` | no |
diff --git a/azure_devops_agent_custom_image/README.md b/azure_devops_agent_custom_image/README.md
index bf03a994..c0a448f2 100644
--- a/azure_devops_agent_custom_image/README.md
+++ b/azure_devops_agent_custom_image/README.md
@@ -49,6 +49,69 @@ module "azdoa_custom_image" {
```
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azuread](#requirement\_azuread) | ~> 2.47 |
+| [azurerm](#requirement\_azurerm) | ~> 3.100 |
+| [null](#requirement\_null) | ~> 3.2 |
+| [random](#requirement\_random) | ~> 3.6 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azuread](#provider\_azuread) | ~> 2.47 |
+| [azurerm](#provider\_azurerm) | ~> 3.100 |
+| [null](#provider\_null) | ~> 3.2 |
+| [random](#provider\_random) | ~> 3.6 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_resource_group.build_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [null_resource.build_packer_image](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
+| [random_id.rg_randomizer](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+| [azuread_client_config.current](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/client_config) | data source |
+| [azurerm_resource_group.target_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
+| [azurerm_virtual_network.build_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/virtual_network) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [base\_image\_offer](#input\_base\_image\_offer) | (Optional) - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set#source_image_reference | `string` | `"0001-com-ubuntu-server-jammy"` | no |
+| [base\_image\_publisher](#input\_base\_image\_publisher) | (Optional) - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set#source_image_reference | `string` | `"Canonical"` | no |
+| [base\_image\_sku](#input\_base\_image\_sku) | (Optional) - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set#source_image_reference | `string` | `"22_04-lts-gen2"` | no |
+| [base\_image\_version](#input\_base\_image\_version) | (Optional) - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set#source_image_reference | `string` | `"latest"` | no |
+| [build\_rg\_name](#input\_build\_rg\_name) | (Optional) Packer build temporary resource group name | `string` | `"tmp-packer-azdo-image-build"` | no |
+| [build\_subnet\_name](#input\_build\_subnet\_name) | (Optional) Packer build subnet name | `string` | `null` | no |
+| [build\_vnet\_name](#input\_build\_vnet\_name) | (Optional) Packer build vnet name | `string` | `null` | no |
+| [build\_vnet\_rg\_name](#input\_build\_vnet\_rg\_name) | (Optional) Packer build vnet rg name | `string` | `null` | no |
+| [image\_name](#input\_image\_name) | (Required) name assigned to the generated image. Note that the pair list(object({
name = string
order = number
// start conditions
cookies_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
device_conditions = list(object({
operator = string
match_values = string
negate_condition = bool
}))
http_version_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
post_arg_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
query_string_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
remote_address_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
request_body_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
request_header_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
request_method_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
request_scheme_conditions = list(object({
operator = string
match_values = string
negate_condition = bool
}))
request_uri_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_file_extension_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_file_name_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_path_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
// end conditions
// start actions
cache_expiration_actions = list(object({
behavior = string
duration = string
}))
cache_key_query_string_actions = list(object({
behavior = string
parameters = string
}))
modify_request_header_actions = list(object({
action = string
name = string
value = string
}))
modify_response_header_actions = list(object({
action = string
name = string
value = string
}))
url_redirect_actions = list(object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
}))
url_rewrite_actions = list(object({
source_pattern = string
destination = string
preserve_unmatched_path = string
}))
// end actions
})) | `[]` | no |
+| [delivery\_rule\_redirect](#input\_delivery\_rule\_redirect) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
url_redirect_action = object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
})
})) | `[]` | no |
+| [delivery\_rule\_request\_scheme\_condition](#input\_delivery\_rule\_request\_scheme\_condition) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
url_redirect_action = object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
})
})) | `[]` | no |
+| [delivery\_rule\_rewrite](#input\_delivery\_rule\_rewrite) | n/a | list(object({
name = string
order = number
conditions = list(object({
condition_type = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_rewrite_action = object({
source_pattern = string
destination = string
preserve_unmatched_path = string
})
})) | `[]` | no |
+| [delivery\_rule\_url\_path\_condition\_cache\_expiration\_action](#input\_delivery\_rule\_url\_path\_condition\_cache\_expiration\_action) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
behavior = string
duration = string
response_action = string
response_name = string
response_value = string
})) | `[]` | no |
+| [dns\_zone\_name](#input\_dns\_zone\_name) | n/a | `string` | n/a | yes |
+| [dns\_zone\_resource\_group\_name](#input\_dns\_zone\_resource\_group\_name) | n/a | `string` | n/a | yes |
+| [error\_404\_document](#input\_error\_404\_document) | n/a | `string` | n/a | yes |
+| [global\_delivery\_rule](#input\_global\_delivery\_rule) | n/a | object({
cache_expiration_action = list(object({
behavior = string
duration = string
}))
cache_key_query_string_action = list(object({
behavior = string
parameters = string
}))
modify_request_header_action = list(object({
action = string
name = string
value = string
}))
modify_response_header_action = list(object({
action = string
name = string
value = string
}))
}) | `null` | no |
+| [hostname](#input\_hostname) | n/a | `string` | n/a | yes |
+| [https\_rewrite\_enabled](#input\_https\_rewrite\_enabled) | n/a | `bool` | `true` | no |
+| [index\_document](#input\_index\_document) | n/a | `string` | n/a | yes |
+| [keyvault\_id](#input\_keyvault\_id) | Key vault id | `string` | `null` | no |
+| [keyvault\_resource\_group\_name](#input\_keyvault\_resource\_group\_name) | Key vault resource group name | `string` | n/a | yes |
+| [keyvault\_subscription\_id](#input\_keyvault\_subscription\_id) | Key vault subscription id | `string` | n/a | yes |
+| [keyvault\_vault\_name](#input\_keyvault\_vault\_name) | Key vault name | `string` | n/a | yes |
+| [location](#input\_location) | n/a | `string` | n/a | yes |
+| [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | Log Analytics Workspace id to send logs to | `string` | n/a | yes |
+| [name](#input\_name) | n/a | `string` | n/a | yes |
+| [prefix](#input\_prefix) | n/a | `string` | n/a | yes |
+| [querystring\_caching\_behaviour](#input\_querystring\_caching\_behaviour) | n/a | `string` | `"IgnoreQueryString"` | no |
+| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
+| [storage\_access\_tier](#input\_storage\_access\_tier) | n/a | `string` | `"Hot"` | no |
+| [storage\_account\_kind](#input\_storage\_account\_kind) | n/a | `string` | `"StorageV2"` | no |
+| [storage\_account\_nested\_items\_public](#input\_storage\_account\_nested\_items\_public) | (Optional) reflects to property 'allow\_nested\_items\_to\_be\_public' on storage account module | `bool` | `true` | no |
+| [storage\_account\_replication\_type](#input\_storage\_account\_replication\_type) | n/a | `string` | `"GRS"` | no |
+| [storage\_account\_tier](#input\_storage\_account\_tier) | n/a | `string` | `"Standard"` | no |
+| [storage\_public\_network\_access\_enabled](#input\_storage\_public\_network\_access\_enabled) | Flag to set public public network for storage account | `bool` | `true` | no |
+| [tags](#input\_tags) | n/a | `map(string)` | n/a | yes |
+| [tenant\_id](#input\_tenant\_id) | n/a | `string` | `null` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [endpoint\_id](#output\_endpoint\_id) | n/a |
+| [fqdn](#output\_fqdn) | n/a |
+| [hostname](#output\_hostname) | n/a |
+| [id](#output\_id) | Deprecated, use endpoint\_id instead. |
+| [name](#output\_name) | n/a |
+| [profile\_id](#output\_profile\_id) | n/a |
+| [storage\_id](#output\_storage\_id) | n/a |
+| [storage\_primary\_access\_key](#output\_storage\_primary\_access\_key) | n/a |
+| [storage\_primary\_blob\_connection\_string](#output\_storage\_primary\_blob\_connection\_string) | n/a |
+| [storage\_primary\_blob\_host](#output\_storage\_primary\_blob\_host) | n/a |
+| [storage\_primary\_connection\_string](#output\_storage\_primary\_connection\_string) | n/a |
+| [storage\_primary\_web\_host](#output\_storage\_primary\_web\_host) | n/a |
+
## Requirements
@@ -129,15 +222,15 @@ During the apply there will be 1 changed and 1 destroy related to storage see [s
| [azuread\_service\_principal\_azure\_cdn\_frontdoor\_id](#input\_azuread\_service\_principal\_azure\_cdn\_frontdoor\_id) | Azure CDN Front Door Principal ID - Microsoft.AzureFrontDoor-Cdn | `string` | `null` | no |
| [cdn\_location](#input\_cdn\_location) | If the location of the CDN needs to be different from that of the storage account, set this variable to the location where the CDN should be created. For example, cdn\_location = westeurope and location = northitaly | `string` | `null` | no |
| [custom\_hostname\_kv\_enabled](#input\_custom\_hostname\_kv\_enabled) | Flag required to enable the association between KV certificate and CDN when the hostname is different from the APEX | `bool` | `false` | no |
-| [delivery\_rule](#input\_delivery\_rule) | n/a | list(object({
name = string
order = number
// start conditions
cookies_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
device_conditions = list(object({
operator = string
match_values = string
negate_condition = bool
}))
http_version_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
post_arg_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
query_string_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
remote_address_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
request_body_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
request_header_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
request_method_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
request_scheme_conditions = list(object({
operator = string
match_values = string
negate_condition = bool
}))
request_uri_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_file_extension_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_file_name_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_path_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
// end conditions
// start actions
cache_expiration_actions = list(object({
behavior = string
duration = string
}))
cache_key_query_string_actions = list(object({
behavior = string
parameters = string
}))
modify_request_header_actions = list(object({
action = string
name = string
value = string
}))
modify_response_header_actions = list(object({
action = string
name = string
value = string
}))
url_redirect_actions = list(object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
}))
url_rewrite_actions = list(object({
source_pattern = string
destination = string
preserve_unmatched_path = string
}))
// end actions
})) | `[]` | no |
-| [delivery\_rule\_redirect](#input\_delivery\_rule\_redirect) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
url_redirect_action = object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
})
})) | `[]` | no |
-| [delivery\_rule\_request\_scheme\_condition](#input\_delivery\_rule\_request\_scheme\_condition) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
url_redirect_action = object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
})
})) | `[]` | no |
-| [delivery\_rule\_rewrite](#input\_delivery\_rule\_rewrite) | n/a | list(object({
name = string
order = number
conditions = list(object({
condition_type = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_rewrite_action = object({
source_pattern = string
destination = string
preserve_unmatched_path = string
})
})) | `[]` | no |
-| [delivery\_rule\_url\_path\_condition\_cache\_expiration\_action](#input\_delivery\_rule\_url\_path\_condition\_cache\_expiration\_action) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
behavior = string
duration = string
response_action = string
response_name = string
response_value = string
})) | `[]` | no |
+| [delivery\_rule](#input\_delivery\_rule) | n/a | list(object({
name = string
order = number
// start conditions
cookies_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
device_conditions = list(object({
operator = string
match_values = string
negate_condition = bool
}))
http_version_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
post_arg_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
query_string_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
remote_address_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
request_body_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
request_header_conditions = list(object({
selector = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
request_method_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
}))
request_scheme_conditions = list(object({
operator = string
match_values = string
negate_condition = bool
}))
request_uri_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_file_extension_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_file_name_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_path_conditions = list(object({
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
// end conditions
// start actions
cache_expiration_actions = list(object({
behavior = string
duration = string
}))
cache_key_query_string_actions = list(object({
behavior = string
parameters = string
}))
modify_request_header_actions = list(object({
action = string
name = string
value = string
}))
modify_response_header_actions = list(object({
action = string
name = string
value = string
}))
url_redirect_actions = list(object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
}))
url_rewrite_actions = list(object({
source_pattern = string
destination = string
preserve_unmatched_path = string
}))
// end actions
})) | `[]` | no |
+| [delivery\_rule\_redirect](#input\_delivery\_rule\_redirect) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
url_redirect_action = object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
})
})) | `[]` | no |
+| [delivery\_rule\_request\_scheme\_condition](#input\_delivery\_rule\_request\_scheme\_condition) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
url_redirect_action = object({
redirect_type = string
protocol = string
hostname = string
path = string
fragment = string
query_string = string
})
})) | `[]` | no |
+| [delivery\_rule\_rewrite](#input\_delivery\_rule\_rewrite) | n/a | list(object({
name = string
order = number
conditions = list(object({
condition_type = string
operator = string
match_values = list(string)
negate_condition = bool
transforms = list(string)
}))
url_rewrite_action = object({
source_pattern = string
destination = string
preserve_unmatched_path = string
})
})) | `[]` | no |
+| [delivery\_rule\_url\_path\_condition\_cache\_expiration\_action](#input\_delivery\_rule\_url\_path\_condition\_cache\_expiration\_action) | n/a | list(object({
name = string
order = number
operator = string
match_values = list(string)
behavior = string
duration = string
response_action = string
response_name = string
response_value = string
})) | `[]` | no |
| [dns\_zone\_name](#input\_dns\_zone\_name) | n/a | `string` | n/a | yes |
| [dns\_zone\_resource\_group\_name](#input\_dns\_zone\_resource\_group\_name) | n/a | `string` | n/a | yes |
| [error\_404\_document](#input\_error\_404\_document) | n/a | `string` | n/a | yes |
-| [global\_delivery\_rule](#input\_global\_delivery\_rule) | n/a | object({
cache_expiration_action = list(object({
behavior = string
duration = string
}))
cache_key_query_string_action = list(object({
behavior = string
parameters = string
}))
modify_request_header_action = list(object({
action = string
name = string
value = string
}))
modify_response_header_action = list(object({
action = string
name = string
value = string
}))
}) | `null` | no |
+| [global\_delivery\_rule](#input\_global\_delivery\_rule) | n/a | object({
cache_expiration_action = list(object({
behavior = string
duration = string
}))
cache_key_query_string_action = list(object({
behavior = string
parameters = string
}))
modify_request_header_action = list(object({
action = string
name = string
value = string
}))
modify_response_header_action = list(object({
action = string
name = string
value = string
}))
}) | `null` | no |
| [hostname](#input\_hostname) | n/a | `string` | n/a | yes |
| [https\_rewrite\_enabled](#input\_https\_rewrite\_enabled) | n/a | `bool` | `true` | no |
| [index\_document](#input\_index\_document) | n/a | `string` | n/a | yes |
diff --git a/cdn/tests/README.md b/cdn/tests/README.md
index 7cab078e..dcab7d3e 100644
--- a/cdn/tests/README.md
+++ b/cdn/tests/README.md
@@ -10,3 +10,46 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [cdn](#module\_cdn) | ../../cdn | n/a |
+| [cdn\_different\_location](#module\_cdn\_different\_location) | ../../cdn | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_key_vault.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault) | resource |
+| [azurerm_log_analytics_workspace.log_analytics_workspace](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) | resource |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"italynorth"` | no |
+| [location\_cdn](#input\_location\_cdn) | Resorce location CDN | `string` | `"westeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [subnet1\_cidr](#input\_subnet1\_cidr) | n/a | `list(string)` | [| no | +| [subnet2\_cidr](#input\_subnet2\_cidr) | n/a | `list(string)` |
"10.0.1.0/26"
]
[| no | +| [tags](#input\_tags) | Azurerm test tags | `map(string)` |
"10.0.2.0/26"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/cert_mounter/README.md b/cert_mounter/README.md index d32c35dd..4e53de7c 100644 --- a/cert_mounter/README.md +++ b/cert_mounter/README.md @@ -21,6 +21,48 @@ module "cert_mounter" { ``` + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [helm](#requirement\_helm) | ~> 2.12 | +| [null](#requirement\_null) | ~> 3.2 | + +## Providers + +| Name | Version | +|------|---------| +| [helm](#provider\_helm) | ~> 2.12 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [helm_release.cert_mounter](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [cert\_mounter\_chart\_version](#input\_cert\_mounter\_chart\_version) | (Optional) Cert mounter chart version | `string` | `"1.0.4"` | no | +| [certificate\_name](#input\_certificate\_name) | (Required) Name of the certificate stored in the keyvault, that will be installed as a secret in aks | `string` | n/a | yes | +| [kv\_name](#input\_kv\_name) | (Required) Key vault name where to retrieve the certificate | `string` | n/a | yes | +| [namespace](#input\_namespace) | (Required) Namespace where the cert secret will be created | `string` | n/a | yes | +| [tenant\_id](#input\_tenant\_id) | (Required) Tenant identifier | `string` | n/a | yes | +| [workload\_identity\_client\_id](#input\_workload\_identity\_client\_id) | ClientID in form of 'qwerty123-a1aa-1234-xyza-qwerty123' linked to workload identity | `string` | `null` | no | +| [workload\_identity\_enabled](#input\_workload\_identity\_enabled) | Enable workload identity chart | `bool` | `false` | no | +| [workload\_identity\_service\_account\_name](#input\_workload\_identity\_service\_account\_name) | Service account name linked to workload identity | `string` | `null` | no | + +## Outputs + +No outputs. + ## Requirements diff --git a/container_app_environment/README.md b/container_app_environment/README.md index e2ec1510..924a1fa2 100644 --- a/container_app_environment/README.md +++ b/container_app_environment/README.md @@ -5,6 +5,54 @@ This resource allow the creation of a Container app environment + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | ~>3.30 | + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | ~>3.30 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azurerm_resource_group_template_deployment.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group_template_deployment) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [debug\_level](#input\_debug\_level) | (Optional) The Debug Level which should be used for this Resource Group Template Deployment. Possible values are none, requestContent, responseContent and requestContent, responseContent. | `string` | `null` | no | +| [location](#input\_location) | Resource location. | `string` | n/a | yes | +| [log\_analytics\_customer\_id](#input\_log\_analytics\_customer\_id) | Workspace ID if log\_destination is log-analytics type | `string` | n/a | yes | +| [log\_analytics\_shared\_key](#input\_log\_analytics\_shared\_key) | Workspace ID if log\_destination is log-analytics type | `string` | n/a | yes | +| [log\_destination](#input\_log\_destination) | How to send container environment logs | `string` | n/a | yes | +| [name](#input\_name) | (Required) Resource name | `string` | n/a | yes | +| [outbound\_type](#input\_outbound\_type) | Outbound connectivity type, at the moment only allowed value is LoadBalancer | `string` | `"LoadBalancer"` | no | +| [resource\_group\_name](#input\_resource\_group\_name) | Resource group name | `string` | n/a | yes | +| [sku\_name](#input\_sku\_name) | Sku type, at the moment only allowed value is Consumption | `string` | `"Consumption"` | no | +| [subnet\_id](#input\_subnet\_id) | Subnet id if container environment is in a virtual network | `string` | n/a | yes | +| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes | +| [vnet\_internal](#input\_vnet\_internal) | Virtual network integration | `bool` | n/a | yes | +| [zone\_redundant](#input\_zone\_redundant) | Deploy multi zone container environment | `bool` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| [id](#output\_id) | n/a | + ## Requirements diff --git a/container_app_environment_v2/README.md b/container_app_environment_v2/README.md index f9d84d3e..b7b0d5ce 100644 --- a/container_app_environment_v2/README.md +++ b/container_app_environment_v2/README.md @@ -5,6 +5,51 @@ This resource allow the creation of a Container App Environment as Consumption p Deploying the Container app environment in a custom subnet, unlocks other features such as zone redundancy and internal load balancing. + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | ~>3.74 | + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | ~>3.74 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azurerm_container_app_environment.container_app_environment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_app_environment) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [internal\_load\_balancer](#input\_internal\_load\_balancer) | Internal Load Balancing Mode. Can be true only if a subnet\_id is provided | `bool` | `false` | no | +| [location](#input\_location) | Resource location. | `string` | n/a | yes | +| [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | Log Analytics Workspace resource id | `string` | n/a | yes | +| [name](#input\_name) | (Required) Resource name | `string` | n/a | yes | +| [resource\_group\_name](#input\_resource\_group\_name) | Resource group name | `string` | n/a | yes | +| [subnet\_id](#input\_subnet\_id) | (Optional) Subnet id if the environment is in a custom virtual network | `string` | `null` | no | +| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes | +| [zone\_redundant](#input\_zone\_redundant) | Deploy multi zone environment. Can be true only if a subnet\_id is provided | `bool` | `false` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [id](#output\_id) | n/a | +| [name](#output\_name) | n/a | +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + ## Requirements diff --git a/container_app_environment_v2/tests/README.md b/container_app_environment_v2/tests/README.md new file mode 100644 index 00000000..4b3fa76d --- /dev/null +++ b/container_app_environment_v2/tests/README.md @@ -0,0 +1,42 @@ +# tests + + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.5.0 | +| [azurerm](#requirement\_azurerm) | <= 3.94.0 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [container\_app\_environment](#module\_container\_app\_environment) | ../ | n/a | + +## Resources + +| Name | Type | +|------|------| +| [azurerm_log_analytics_workspace.law](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) | resource | +| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | +| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource | +| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [law\_name](#input\_law\_name) | n/a | `string` | `"azrmtest-law"` | no | +| [location](#input\_location) | n/a | `string` | `"westeurope"` | no | +| [prefix](#input\_prefix) | n/a | `string` | `"azrmtest"` | no | +| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | `"azrmtest-rg"` | no | +| [tags](#input\_tags) | List of tags | `map(string)` |
"10.0.0.0/16"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [cae\_id](#output\_cae\_id) | n/a |
+| [random\_id](#output\_random\_id) | n/a |
+
diff --git a/container_app_job_gh_runner/README.md b/container_app_job_gh_runner/README.md
index 1d29b926..00c70dc5 100644
--- a/container_app_job_gh_runner/README.md
+++ b/container_app_job_gh_runner/README.md
@@ -77,6 +77,59 @@ Containers needs these environment variables to connect to GitHub, [grab a regis
- KeyVault reference not supported by `azurerm` ([feature request](https://github.com/hashicorp/terraform-provider-azurerm/issues/21739))
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azapi](#requirement\_azapi) | ~> 1.12 |
+| [azurerm](#requirement\_azurerm) | ~>3.50 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azapi](#provider\_azapi) | ~> 1.12 |
+| [azurerm](#provider\_azurerm) | ~>3.50 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azapi_resource.container_app_job](https://registry.terraform.io/providers/azure/azapi/latest/docs/resources/resource) | resource |
+| [azurerm_key_vault_access_policy.keyvault_containerapp](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
+| [azurerm_container_app_environment.container_app_environment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/container_app_environment) | data source |
+| [azurerm_key_vault.key_vault](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault) | data source |
+| [azurerm_resource_group.rg_runner](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
+| [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [container](#input\_container) | Job Container configuration | object({
cpu = number
memory = string
image = string
}) | {
"cpu": 0.5,
"image": "ghcr.io/pagopa/github-self-hosted-runner-azure:latest",
"memory": "1Gi"
} | no |
+| [env\_short](#input\_env\_short) | Short environment prefix | `string` | n/a | yes |
+| [environment](#input\_environment) | Container App Environment configuration (Log Analytics Workspace) | object({
name = string
resource_group_name = string
}) | n/a | yes |
+| [job](#input\_job) | Container App job configuration | object({
name = string
repo_owner = optional(string, "pagopa")
repo = string
polling_interval = optional(number, 30)
scale_max_executions = optional(number, 5)
}) | n/a | yes |
+| [key\_vault](#input\_key\_vault) | Data of the KeyVault which stores PAT as secret | object({
resource_group_name = string
name = string
secret_name = string
}) | n/a | yes |
+| [location](#input\_location) | Resource group and resources location | `string` | n/a | yes |
+| [prefix](#input\_prefix) | Project prefix | `string` | n/a | yes |
+| [runner\_labels](#input\_runner\_labels) | Labels that allow a GH action to call a specific runner | `list(string)` | `[]` | no |
+| [tags](#input\_tags) | Tags for new resources | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [id](#output\_id) | Container App job id |
+| [name](#output\_name) | Container App job name |
+| [resource\_group\_name](#output\_resource\_group\_name) | Container App job resource group name |
+
## Requirements
@@ -105,15 +158,15 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [container](#input\_container) | Job Container configuration | object({
cpu = number
memory = string
image = string
}) | {
"cpu": 0.5,
"image": "ghcr.io/pagopa/github-self-hosted-runner-azure:latest",
"memory": "1Gi"
} | no |
+| [container](#input\_container) | Job Container configuration | object({
cpu = number
memory = string
image = string
}) | {
"cpu": 0.5,
"image": "ghcr.io/pagopa/github-self-hosted-runner-azure:latest",
"memory": "1Gi"
} | no |
| [env\_short](#input\_env\_short) | Short environment prefix | `string` | n/a | yes |
-| [environment](#input\_environment) | Container App Environment configuration (Log Analytics Workspace) | object({
name = string
resource_group_name = string
}) | n/a | yes |
-| [job](#input\_job) | Container App job configuration | object({
name = string
repo_owner = optional(string, "pagopa")
repo = string
polling_interval = optional(number, 30)
scale_max_executions = optional(number, 5)
}) | n/a | yes |
-| [key\_vault](#input\_key\_vault) | Data of the KeyVault which stores PAT as secret | object({
resource_group_name = string
name = string
secret_name = string
}) | n/a | yes |
+| [environment](#input\_environment) | Container App Environment configuration (Log Analytics Workspace) | object({
name = string
resource_group_name = string
}) | n/a | yes |
+| [job](#input\_job) | Container App job configuration | object({
name = string
repo_owner = optional(string, "pagopa")
repo = string
polling_interval = optional(number, 30)
scale_max_executions = optional(number, 5)
}) | n/a | yes |
+| [key\_vault](#input\_key\_vault) | Data of the KeyVault which stores PAT as secret | object({
resource_group_name = string
name = string
secret_name = string
}) | n/a | yes |
| [location](#input\_location) | Resource group and resources location | `string` | n/a | yes |
| [prefix](#input\_prefix) | Project prefix | `string` | n/a | yes |
| [runner\_labels](#input\_runner\_labels) | Labels that allow a GH action to call a specific runner | `list(string)` | `[]` | no |
-| [tags](#input\_tags) | Tags for new resources | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
+| [tags](#input\_tags) | Tags for new resources | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
## Outputs
diff --git a/container_app_job_gh_runner/tests/README.md b/container_app_job_gh_runner/tests/README.md
new file mode 100644
index 00000000..9c077246
--- /dev/null
+++ b/container_app_job_gh_runner/tests/README.md
@@ -0,0 +1,49 @@
+# tests
+
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | <= 3.94.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [container\_app\_job\_runner](#module\_container\_app\_job\_runner) | ../ | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_container_app_environment.container_app_environment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_app_environment) | resource |
+| [azurerm_key_vault.key_vault](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault) | resource |
+| [azurerm_log_analytics_workspace.law](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) | resource |
+| [azurerm_resource_group.rg_runner](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [job](#input\_job) | Container App job properties | object({
name = optional(string)
repo_owner = optional(string)
repo = optional(string)
polling_interval = optional(number)
scale_max_executions = optional(number)
}) | {
"name": "azurermv3",
"polling_interval": 30,
"repo": "terraform-azurerm-v3",
"repo_owner": "pagopa",
"scale_max_executions": 5
} | no |
+| [key\_vault](#input\_key\_vault) | KeyVault properties | object({
resource_group_name = string
name = string
secret_name = string
}) | {
"name": "azrmtest-keyvault",
"resource_group_name": "azrmtest-keyvault-rg",
"secret_name": "gh-pat"
} | no |
+| [location](#input\_location) | n/a | `string` | `"westeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmte"` | no |
+| [tags](#input\_tags) | List of tags | `map(string)` | {
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [ca\_name](#output\_ca\_name) | Container App job name |
+| [cae\_name](#output\_cae\_name) | Container App Environment name |
+| [random\_id](#output\_random\_id) | n/a |
+| [subnet\_cidr](#output\_subnet\_cidr) | Subnet CIDR blocks |
+| [subnet\_name](#output\_subnet\_name) | Subnet name |
+
diff --git a/container_app_job_gh_runner_v2/README.md b/container_app_job_gh_runner_v2/README.md
index af30fc01..652408ee 100644
--- a/container_app_job_gh_runner_v2/README.md
+++ b/container_app_job_gh_runner_v2/README.md
@@ -69,6 +69,68 @@ Containers needs these environment variables to connect to GitHub, [grab a regis
- REGISTRATION_TOKEN_API_URL: [GitHub API](https://docs.github.com/en/rest/actions/self-hosted-runners?apiVersion=2022-11-28#create-a-registration-token-for-a-repository) to get the registration token
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.116.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.116.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_container_app_job.container_app_job](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_app_job) | resource |
+| [azurerm_key_vault_access_policy.keyvault_containerapp](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
+| [azurerm_container_app_environment.container_app_environment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/container_app_environment) | data source |
+| [azurerm_key_vault.key_vault](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault) | data source |
+| [azurerm_key_vault_secret.github_pat](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
+| [azurerm_resource_group.rg_runner](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
+| [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [container](#input\_container) | Job Container configuration | object({
cpu = number
memory = string
image = string
}) | {
"cpu": 0.5,
"image": "ghcr.io/pagopa/github-self-hosted-runner-azure:latest",
"memory": "1Gi"
} | no |
+| [env\_short](#input\_env\_short) | Short environment prefix | `string` | n/a | yes |
+| [environment\_name](#input\_environment\_name) | (Required) Container App Environment configuration (Log Analytics Workspace) | `string` | n/a | yes |
+| [environment\_rg](#input\_environment\_rg) | (Required) Container App Environment configuration (Log Analytics Workspace) | `string` | n/a | yes |
+| [job](#input\_job) | Container App job configuration | object({
name = string
scale_max_executions = optional(number, 5)
scale_min_executions = optional(number, 0)
}) | n/a | yes |
+| [job\_meta](#input\_job\_meta) | Scaling rules metadata. | object({
repo = string
repo_owner = optional(string, "pagopa")
runner_scope = optional(string, "repo")
target_workflow_queue_length = optional(string, "1")
github_runner = optional(string, "https://api.github.com") #
}) | n/a | yes |
+| [key\_vault\_name](#input\_key\_vault\_name) | Name of the KeyVault which stores PAT as secret | `string` | n/a | yes |
+| [key\_vault\_rg](#input\_key\_vault\_rg) | Resource group of the KeyVault which stores PAT as secret | `string` | n/a | yes |
+| [key\_vault\_secret\_name](#input\_key\_vault\_secret\_name) | Data of the KeyVault which stores PAT as secret | `string` | n/a | yes |
+| [location](#input\_location) | Resource group and resources location | `string` | n/a | yes |
+| [parallelism](#input\_parallelism) | (Optional) Number of parallel replicas of a job that can run at a given time. | `number` | `1` | no |
+| [polling\_interval\_in\_seconds](#input\_polling\_interval\_in\_seconds) | (Optional) Interval to check each event source in seconds. | `number` | `30` | no |
+| [prefix](#input\_prefix) | Project prefix | `string` | n/a | yes |
+| [replica\_completion\_count](#input\_replica\_completion\_count) | (Optional) Minimum number of successful replica completions before overall job completion. | `number` | `1` | no |
+| [replica\_retry\_limit](#input\_replica\_retry\_limit) | (Optional) The maximum number of times a replica is allowed to retry. | `number` | `1` | no |
+| [replica\_timeout\_in\_seconds](#input\_replica\_timeout\_in\_seconds) | (Required) The maximum number of seconds a replica is allowed to run. | `number` | `1800` | no |
+| [resource\_group\_name](#input\_resource\_group\_name) | Resource group name | `string` | n/a | yes |
+| [runner\_labels](#input\_runner\_labels) | Labels that allow a GH action to call a specific runner | `list(string)` | `[]` | no |
+| [tags](#input\_tags) | Tags for new resources | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [id](#output\_id) | Container App job id |
+| [name](#output\_name) | Container App job name |
+| [resource\_group\_name](#output\_resource\_group\_name) | Container App job resource group name |
+
## Requirements
@@ -97,12 +159,12 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [container](#input\_container) | Job Container configuration | object({
cpu = number
memory = string
image = string
}) | {
"cpu": 0.5,
"image": "ghcr.io/pagopa/github-self-hosted-runner-azure:latest",
"memory": "1Gi"
} | no |
+| [container](#input\_container) | Job Container configuration | object({
cpu = number
memory = string
image = string
}) | {
"cpu": 0.5,
"image": "ghcr.io/pagopa/github-self-hosted-runner-azure:latest",
"memory": "1Gi"
} | no |
| [env\_short](#input\_env\_short) | Short environment prefix | `string` | n/a | yes |
| [environment\_name](#input\_environment\_name) | (Required) Container App Environment configuration (Log Analytics Workspace) | `string` | n/a | yes |
| [environment\_rg](#input\_environment\_rg) | (Required) Container App Environment configuration (Log Analytics Workspace) | `string` | n/a | yes |
-| [job](#input\_job) | Container App job configuration | object({
name = string
scale_max_executions = optional(number, 5)
scale_min_executions = optional(number, 0)
}) | n/a | yes |
-| [job\_meta](#input\_job\_meta) | Scaling rules metadata. | object({
repo = string
repo_owner = optional(string, "pagopa")
runner_scope = optional(string, "repo")
target_workflow_queue_length = optional(string, "1")
github_runner = optional(string, "https://api.github.com") #
}) | n/a | yes |
+| [job](#input\_job) | Container App job configuration | object({
name = string
scale_max_executions = optional(number, 5)
scale_min_executions = optional(number, 0)
}) | n/a | yes |
+| [job\_meta](#input\_job\_meta) | Scaling rules metadata. | object({
repo = string
repo_owner = optional(string, "pagopa")
runner_scope = optional(string, "repo")
target_workflow_queue_length = optional(string, "1")
github_runner = optional(string, "https://api.github.com") #
}) | n/a | yes |
| [key\_vault\_name](#input\_key\_vault\_name) | Name of the KeyVault which stores PAT as secret | `string` | n/a | yes |
| [key\_vault\_rg](#input\_key\_vault\_rg) | Resource group of the KeyVault which stores PAT as secret | `string` | n/a | yes |
| [key\_vault\_secret\_name](#input\_key\_vault\_secret\_name) | Data of the KeyVault which stores PAT as secret | `string` | n/a | yes |
@@ -115,7 +177,7 @@ No modules.
| [replica\_timeout\_in\_seconds](#input\_replica\_timeout\_in\_seconds) | (Required) The maximum number of seconds a replica is allowed to run. | `number` | `1800` | no |
| [resource\_group\_name](#input\_resource\_group\_name) | Resource group name | `string` | n/a | yes |
| [runner\_labels](#input\_runner\_labels) | Labels that allow a GH action to call a specific runner | `list(string)` | `[]` | no |
-| [tags](#input\_tags) | Tags for new resources | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
+| [tags](#input\_tags) | Tags for new resources | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
## Outputs
diff --git a/container_app_job_gh_runner_v2/tests/README.md b/container_app_job_gh_runner_v2/tests/README.md
new file mode 100644
index 00000000..e196b417
--- /dev/null
+++ b/container_app_job_gh_runner_v2/tests/README.md
@@ -0,0 +1,50 @@
+# tests
+
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.116.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [container\_app\_job\_runner](#module\_container\_app\_job\_runner) | ../ | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_container_app_environment.container_app_environment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_app_environment) | resource |
+| [azurerm_key_vault.key_vault](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault) | resource |
+| [azurerm_log_analytics_workspace.law](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) | resource |
+| [azurerm_resource_group.rg_runner](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [job](#input\_job) | Container App job properties | object({
name = optional(string)
repo_owner = optional(string)
polling_interval = optional(number)
scale_max_executions = optional(number)
}) | {
"name": "azurermv3",
"polling_interval": 30,
"repo": "terraform-azurerm-v3",
"repo_owner": "pagopa",
"scale_max_executions": 5
} | no |
+| [job\_meta](#input\_job\_meta) | Scaling rules metadata. | object({
repo = optional(string)
}) | {
"repo": "terraform-azurerm-v3"
} | no |
+| [key\_vault](#input\_key\_vault) | KeyVault properties | object({
resource_group_name = string
name = string
secret_name = string
}) | {
"name": "azrmtest-keyvault",
"resource_group_name": "azrmtest-keyvault-rg",
"secret_name": "gh-pat"
} | no |
+| [location](#input\_location) | n/a | `string` | `"westeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmte"` | no |
+| [tags](#input\_tags) | List of tags | `map(string)` | {
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [ca\_name](#output\_ca\_name) | Container App job name |
+| [cae\_name](#output\_cae\_name) | Container App Environment name |
+| [random\_id](#output\_random\_id) | n/a |
+| [subnet\_cidr](#output\_subnet\_cidr) | Subnet CIDR blocks |
+| [subnet\_name](#output\_subnet\_name) | Subnet name |
+
diff --git a/container_registry/README.md b/container_registry/README.md
index 4e1ab37e..743a9833 100644
--- a/container_registry/README.md
+++ b/container_registry/README.md
@@ -30,6 +30,63 @@ All the changed enable the module to be production ready
See tests folder
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.30 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.30 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_container_registry.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry) | resource |
+| [azurerm_monitor_diagnostic_setting.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_diagnostic_setting) | resource |
+| [azurerm_private_endpoint.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [admin\_enabled](#input\_admin\_enabled) | (Optional) Specifies whether the admin user is enabled. Defaults to false. | `bool` | `false` | no |
+| [anonymous\_pull\_enabled](#input\_anonymous\_pull\_enabled) | (Optional) Whether allows anonymous (unauthenticated) pull access to this Container Registry? Defaults to false. This is only supported on resources with the Standard or Premium SKU. | `bool` | `false` | no |
+| [georeplications](#input\_georeplications) | A list of Azure locations where the container registry should be geo-replicated. | list(object({
location = string
regional_endpoint_enabled = bool
zone_redundancy_enabled = bool
})) | `[]` | no |
+| [location](#input\_location) | n/a | `string` | n/a | yes |
+| [monitor\_diagnostic\_setting\_enabled](#input\_monitor\_diagnostic\_setting\_enabled) | Enable monitor diagnostic setting | `bool` | `false` | no |
+| [name](#input\_name) | n/a | `string` | n/a | yes |
+| [network\_rule\_bypass\_option](#input\_network\_rule\_bypass\_option) | (Optional) Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices. | `string` | `"AzureServices"` | no |
+| [network\_rule\_set](#input\_network\_rule\_set) | A list of network rule set defined at https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry#network_rule_set | list(object({
default_action = string
ip_rule = list(object({
action = string
ip_range = string
}))
virtual_network = list(object({
action = string
subnet_id = string
}))
})) | [| no | +| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable and configure private endpoint with required params |
{
"default_action": "Deny",
"ip_rule": [],
"virtual_network": []
}
]
object({
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | {
"private_dns_zone_ids": [
""
],
"subnet_id": null,
"virtual_network_id": null
} | no |
+| [private\_endpoint\_enabled](#input\_private\_endpoint\_enabled) | Enable private endpoint, default: true | `bool` | `true` | no |
+| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | (Optional) Whether public network access is allowed for the container registry. Defaults to true. | `bool` | `false` | no |
+| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
+| [sec\_log\_analytics\_workspace\_id](#input\_sec\_log\_analytics\_workspace\_id) | Log analytics workspace security (it should be in a different subscription). | `string` | `null` | no |
+| [sec\_storage\_id](#input\_sec\_storage\_id) | Storage Account security (it should be in a different subscription). | `string` | `null` | no |
+| [sku](#input\_sku) | (Required) The SKU name of the container registry. Possible values are Basic, Standard and Premium. | `string` | `"Premium"` | no |
+| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
+| [zone\_redundancy\_enabled](#input\_zone\_redundancy\_enabled) | (Optional) Whether zone redundancy is enabled for this Container Registry? Changing this forces a new resource to be created. Defaults to false. | `string` | `true` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [admin\_password](#output\_admin\_password) | n/a |
+| [admin\_username](#output\_admin\_username) | n/a |
+| [id](#output\_id) | n/a |
+| [login\_server](#output\_login\_server) | n/a |
+
## Requirements
@@ -56,13 +113,13 @@ No modules.
|------|-------------|------|---------|:--------:|
| [admin\_enabled](#input\_admin\_enabled) | (Optional) Specifies whether the admin user is enabled. Defaults to false. | `bool` | `false` | no |
| [anonymous\_pull\_enabled](#input\_anonymous\_pull\_enabled) | (Optional) Whether allows anonymous (unauthenticated) pull access to this Container Registry? Defaults to false. This is only supported on resources with the Standard or Premium SKU. | `bool` | `false` | no |
-| [georeplications](#input\_georeplications) | A list of Azure locations where the container registry should be geo-replicated. | list(object({
location = string
regional_endpoint_enabled = bool
zone_redundancy_enabled = bool
})) | `[]` | no |
+| [georeplications](#input\_georeplications) | A list of Azure locations where the container registry should be geo-replicated. | list(object({
location = string
regional_endpoint_enabled = bool
zone_redundancy_enabled = bool
})) | `[]` | no |
| [location](#input\_location) | n/a | `string` | n/a | yes |
| [monitor\_diagnostic\_setting\_enabled](#input\_monitor\_diagnostic\_setting\_enabled) | Enable monitor diagnostic setting | `bool` | `false` | no |
| [name](#input\_name) | n/a | `string` | n/a | yes |
| [network\_rule\_bypass\_option](#input\_network\_rule\_bypass\_option) | (Optional) Whether to allow trusted Azure services to access a network restricted Container Registry? Possible values are None and AzureServices. Defaults to AzureServices. | `string` | `"AzureServices"` | no |
-| [network\_rule\_set](#input\_network\_rule\_set) | A list of network rule set defined at https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry#network_rule_set | list(object({
default_action = string
ip_rule = list(object({
action = string
ip_range = string
}))
virtual_network = list(object({
action = string
subnet_id = string
}))
})) | [| no | -| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable and configure private endpoint with required params |
{
"default_action": "Deny",
"ip_rule": [],
"virtual_network": []
}
]
object({
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | {
"private_dns_zone_ids": [
""
],
"subnet_id": null,
"virtual_network_id": null
} | no |
+| [network\_rule\_set](#input\_network\_rule\_set) | A list of network rule set defined at https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry#network_rule_set | list(object({
default_action = string
ip_rule = list(object({
action = string
ip_range = string
}))
virtual_network = list(object({
action = string
subnet_id = string
}))
})) | [| no | +| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable and configure private endpoint with required params |
{
"default_action": "Deny",
"ip_rule": [],
"virtual_network": []
}
]
object({
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | {
"private_dns_zone_ids": [
""
],
"subnet_id": null,
"virtual_network_id": null
} | no |
| [private\_endpoint\_enabled](#input\_private\_endpoint\_enabled) | Enable private endpoint, default: true | `bool` | `true` | no |
| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | (Optional) Whether public network access is allowed for the container registry. Defaults to true. | `bool` | `false` | no |
| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
diff --git a/container_registry/tests/README.md b/container_registry/tests/README.md
index b2c32357..c3408c38 100644
--- a/container_registry/tests/README.md
+++ b/container_registry/tests/README.md
@@ -11,3 +11,43 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.97.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [\_\_acr\_private](#module\_\_\_acr\_private) | ../../container_registry | n/a |
+| [\_\_acr\_public\_dev](#module\_\_\_acr\_public\_dev) | ../../container_registry | n/a |
+| [acr\_snet](#module\_acr\_snet) | ../../subnet | n/a |
+| [private\_endpoint\_snet](#module\_private\_endpoint\_snet) | ../../subnet | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_private_dns_zone.external_zone](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_resource_group.acr_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_resource_group.rg_acr](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_resource_group.vnet_acr_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_virtual_network.vnet_acr](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"italynorth"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [tags](#input\_tags) | Azurerm test tags | `map(string)` | {
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+
+## Outputs
+
+No outputs.
+
diff --git a/cosmosdb_account/README.md b/cosmosdb_account/README.md
index 0ea58f8d..f0387b28 100644
--- a/cosmosdb_account/README.md
+++ b/cosmosdb_account/README.md
@@ -132,6 +132,97 @@ module "cosmos_core" {
* `secondary_readonly_master_key` -> `secondary_readonly_key`.
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.30 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.30 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_cosmosdb_account.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_account) | resource |
+| [azurerm_monitor_metric_alert.cosmos_db_provisioned_throughput_exceeded](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_metric_alert) | resource |
+| [azurerm_private_endpoint.cassandra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+| [azurerm_private_endpoint.mongo](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+| [azurerm_private_endpoint.sql](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+| [azurerm_private_endpoint.table](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | +| [additional\_geo\_locations](#input\_additional\_geo\_locations) | Specifies a list of additional geo\_location resources, used to define where data should be replicated with the failover\_priority 0 specifying the primary location. |
{
action_group_id = string
webhook_properties = map(string)
}
))
list(object({
location = string # The name of the Azure region to host replicated data.
failover_priority = number # Required) The failover priority of the region. A failover priority of 0 indicates a write region. The maximum value for a failover priority = (total number of regions - 1). Failover priority values must be unique for each of the regions in which the database account exists. Changing this causes the location to be re-provisioned and cannot be changed for the location with failover priority 0.
zone_redundant = bool # Should zone redundancy be enabled for this region? Defaults to false.
})) | `[]` | no |
+| [allowed\_virtual\_network\_subnet\_ids](#input\_allowed\_virtual\_network\_subnet\_ids) | The subnets id that are allowed to access this CosmosDB account. | `list(string)` | `[]` | no |
+| [analytical\_storage\_enabled](#input\_analytical\_storage\_enabled) | Enable Analytical Storage option for this Cosmos DB account | `bool` | `false` | no |
+| [backup\_continuous\_enabled](#input\_backup\_continuous\_enabled) | Enable Continuous Backup | `bool` | `true` | no |
+| [backup\_periodic\_enabled](#input\_backup\_periodic\_enabled) | Enable Periodic Backup | object({
interval_in_minutes = string
retention_in_hours = string
storage_redundancy = string
}) | `null` | no |
+| [capabilities](#input\_capabilities) | The capabilities which should be enabled for this Cosmos DB account. | `list(string)` | `[]` | no |
+| [consistency\_policy](#input\_consistency\_policy) | Specifies a consistency\_policy resource, used to define the consistency policy for this CosmosDB account. | object({
consistency_level = string # The Consistency Level to use for this CosmosDB Account - can be either BoundedStaleness, Eventual, Session, Strong or ConsistentPrefix.
max_interval_in_seconds = number # When used with the Bounded Staleness consistency level, this value represents the time amount of staleness (in seconds) tolerated. Accepted range for this value is 5 - 86400 (1 day). Defaults to 5. Required when consistency_level is set to BoundedStaleness.
max_staleness_prefix = number # When used with the Bounded Staleness consistency level, this value represents the number of stale requests tolerated. Accepted range for this value is 10 – 2147483647. Defaults to 100. Required when consistency_level is set to BoundedStaleness.
}) | {
"consistency_level": "BoundedStaleness",
"max_interval_in_seconds": 5,
"max_staleness_prefix": 100
} | no |
+| [domain](#input\_domain) | (Optional) Specifies the domain of the CosmosDB Account. | `string` | n/a | yes |
+| [enable\_automatic\_failover](#input\_enable\_automatic\_failover) | Enable automatic fail over for this Cosmos DB account. | `bool` | `true` | no |
+| [enable\_free\_tier](#input\_enable\_free\_tier) | Enable Free Tier pricing option for this Cosmos DB account. Defaults to false. Changing this forces a new resource to be created. | `bool` | `true` | no |
+| [enable\_multiple\_write\_locations](#input\_enable\_multiple\_write\_locations) | Enable multi-master support for this Cosmos DB account. | `bool` | `false` | no |
+| [enable\_provisioned\_throughput\_exceeded\_alert](#input\_enable\_provisioned\_throughput\_exceeded\_alert) | Enable the Provisioned Throughput Exceeded alert. Default is true | `bool` | `true` | no |
+| [ip\_range](#input\_ip\_range) | The set of IP addresses or IP address ranges in CIDR form to be included as the allowed list of client IP's for a given database account. | `string` | `null` | no |
+| [is\_virtual\_network\_filter\_enabled](#input\_is\_virtual\_network\_filter\_enabled) | Enables virtual network filtering for this Cosmos DB account. | `bool` | `true` | no |
+| [key\_vault\_key\_id](#input\_key\_vault\_key\_id) | (Optional) A versionless Key Vault Key ID for CMK encryption. Changing this forces a new resource to be created. When referencing an azurerm\_key\_vault\_key resource, use versionless\_id instead of id | `string` | `null` | no |
+| [kind](#input\_kind) | Specifies the Kind of CosmosDB to create - possible values are GlobalDocumentDB and MongoDB. | `string` | n/a | yes |
+| [location](#input\_location) | Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [main\_geo\_location\_location](#input\_main\_geo\_location\_location) | (Required) The name of the Azure region to host replicated data. | `string` | n/a | yes |
+| [main\_geo\_location\_zone\_redundant](#input\_main\_geo\_location\_zone\_redundant) | Should zone redundancy be enabled for main region? Set true for prod environments | `bool` | n/a | yes |
+| [mongo\_server\_version](#input\_mongo\_server\_version) | The Server Version of a MongoDB account. Possible values are 4.0, 3.6, and 3.2. | `string` | `null` | no |
+| [name](#input\_name) | (Required) Specifies the name of the CosmosDB Account. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [offer\_type](#input\_offer\_type) | The CosmosDB account offer type. At the moment can only be set to Standard | `string` | `"Standard"` | no |
+| [private\_dns\_zone\_cassandra\_ids](#input\_private\_dns\_zone\_cassandra\_ids) | Used only for private endpoints | `list(string)` | `[]` | no |
+| [private\_dns\_zone\_mongo\_ids](#input\_private\_dns\_zone\_mongo\_ids) | Used only for private endpoints | `list(string)` | `[]` | no |
+| [private\_dns\_zone\_sql\_ids](#input\_private\_dns\_zone\_sql\_ids) | Used only for private endpoints | `list(string)` | `[]` | no |
+| [private\_dns\_zone\_table\_ids](#input\_private\_dns\_zone\_table\_ids) | Used only for private endpoints | `list(string)` | `[]` | no |
+| [private\_endpoint\_cassandra\_name](#input\_private\_endpoint\_cassandra\_name) | Private endpoint name. If null it will assume the cosmosdb account name. | `string` | `null` | no |
+| [private\_endpoint\_enabled](#input\_private\_endpoint\_enabled) | Enable private endpoint | `bool` | `true` | no |
+| [private\_endpoint\_mongo\_name](#input\_private\_endpoint\_mongo\_name) | Private endpoint name. If null it will assume the cosmosdb account name. | `string` | `null` | no |
+| [private\_endpoint\_sql\_name](#input\_private\_endpoint\_sql\_name) | Private endpoint name. If null it will assume the cosmosdb account name. | `string` | `null` | no |
+| [private\_endpoint\_table\_name](#input\_private\_endpoint\_table\_name) | Private endpoint name. If null it will assume the cosmosdb account name. | `string` | `null` | no |
+| [private\_service\_connection\_cassandra\_name](#input\_private\_service\_connection\_cassandra\_name) | Private service connection name. If null, it will assume the cosmos db account name | `string` | `null` | no |
+| [private\_service\_connection\_mongo\_name](#input\_private\_service\_connection\_mongo\_name) | Private service connection name. If null, it will assume the cosmos db account name | `string` | `null` | no |
+| [private\_service\_connection\_sql\_name](#input\_private\_service\_connection\_sql\_name) | Private service connection name. If null, it will assume the cosmos db account name | `string` | `null` | no |
+| [provisioned\_throughput\_exceeded\_threshold](#input\_provisioned\_throughput\_exceeded\_threshold) | The Provisioned Throughput Exceeded threshold. If metric average is over this value, the alert will be triggered. Default is 0, we want to act as soon as possible. | `number` | `0` | no |
+| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | Whether or not public network access is allowed for this CosmosDB account | `bool` | `false` | no |
+| [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the resource group in which the CosmosDB Account is created. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [subnet\_id](#input\_subnet\_id) | Used only for private endpoints | `string` | `null` | no |
+| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [connection\_strings](#output\_connection\_strings) | n/a |
+| [endpoint](#output\_endpoint) | The endpoint used to connect to the CosmosDB account. |
+| [id](#output\_id) | The id of the CosmosDB account. |
+| [name](#output\_name) | The name of the CosmosDB created. |
+| [primary\_key](#output\_primary\_key) | n/a |
+| [primary\_master\_key](#output\_primary\_master\_key) | @deprecated |
+| [primary\_readonly\_key](#output\_primary\_readonly\_key) | n/a |
+| [primary\_readonly\_master\_key](#output\_primary\_readonly\_master\_key) | @deprecated |
+| [principal\_id](#output\_principal\_id) | n/a |
+| [read\_endpoints](#output\_read\_endpoints) | A list of read endpoints available for this CosmosDB account. |
+| [secondary\_key](#output\_secondary\_key) | n/a |
+| [write\_endpoints](#output\_write\_endpoints) | A list of write endpoints available for this CosmosDB account. |
+
## Requirements
@@ -159,13 +250,14 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | -| [additional\_geo\_locations](#input\_additional\_geo\_locations) | Specifies a list of additional geo\_location resources, used to define where data should be replicated with the failover\_priority 0 specifying the primary location. |
{
action_group_id = string
webhook_properties = map(string)
}
))
list(object({
location = string # The name of the Azure region to host replicated data.
failover_priority = number # Required) The failover priority of the region. A failover priority of 0 indicates a write region. The maximum value for a failover priority = (total number of regions - 1). Failover priority values must be unique for each of the regions in which the database account exists. Changing this causes the location to be re-provisioned and cannot be changed for the location with failover priority 0.
zone_redundant = bool # Should zone redundancy be enabled for this region? Defaults to false.
})) | `[]` | no |
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | +| [additional\_geo\_locations](#input\_additional\_geo\_locations) | Specifies a list of additional geo\_location resources, used to define where data should be replicated with the failover\_priority 0 specifying the primary location. |
{
action_group_id = string
webhook_properties = map(string)
}
))
list(object({
location = string # The name of the Azure region to host replicated data.
failover_priority = number # Required) The failover priority of the region. A failover priority of 0 indicates a write region. The maximum value for a failover priority = (total number of regions - 1). Failover priority values must be unique for each of the regions in which the database account exists. Changing this causes the location to be re-provisioned and cannot be changed for the location with failover priority 0.
zone_redundant = bool # Should zone redundancy be enabled for this region? Defaults to false.
})) | `[]` | no |
| [allowed\_virtual\_network\_subnet\_ids](#input\_allowed\_virtual\_network\_subnet\_ids) | The subnets id that are allowed to access this CosmosDB account. | `list(string)` | `[]` | no |
+| [analytical\_storage\_enabled](#input\_analytical\_storage\_enabled) | Enable Analytical Storage option for this Cosmos DB account | `bool` | `false` | no |
| [backup\_continuous\_enabled](#input\_backup\_continuous\_enabled) | Enable Continuous Backup | `bool` | `true` | no |
-| [backup\_periodic\_enabled](#input\_backup\_periodic\_enabled) | Enable Periodic Backup | object({
interval_in_minutes = string
retention_in_hours = string
storage_redundancy = string
}) | `null` | no |
+| [backup\_periodic\_enabled](#input\_backup\_periodic\_enabled) | Enable Periodic Backup | object({
interval_in_minutes = string
retention_in_hours = string
storage_redundancy = string
}) | `null` | no |
| [capabilities](#input\_capabilities) | The capabilities which should be enabled for this Cosmos DB account. | `list(string)` | `[]` | no |
-| [consistency\_policy](#input\_consistency\_policy) | Specifies a consistency\_policy resource, used to define the consistency policy for this CosmosDB account. | object({
consistency_level = string # The Consistency Level to use for this CosmosDB Account - can be either BoundedStaleness, Eventual, Session, Strong or ConsistentPrefix.
max_interval_in_seconds = number # When used with the Bounded Staleness consistency level, this value represents the time amount of staleness (in seconds) tolerated. Accepted range for this value is 5 - 86400 (1 day). Defaults to 5. Required when consistency_level is set to BoundedStaleness.
max_staleness_prefix = number # When used with the Bounded Staleness consistency level, this value represents the number of stale requests tolerated. Accepted range for this value is 10 – 2147483647. Defaults to 100. Required when consistency_level is set to BoundedStaleness.
}) | {
"consistency_level": "BoundedStaleness",
"max_interval_in_seconds": 5,
"max_staleness_prefix": 100
} | no |
+| [consistency\_policy](#input\_consistency\_policy) | Specifies a consistency\_policy resource, used to define the consistency policy for this CosmosDB account. | object({
consistency_level = string # The Consistency Level to use for this CosmosDB Account - can be either BoundedStaleness, Eventual, Session, Strong or ConsistentPrefix.
max_interval_in_seconds = number # When used with the Bounded Staleness consistency level, this value represents the time amount of staleness (in seconds) tolerated. Accepted range for this value is 5 - 86400 (1 day). Defaults to 5. Required when consistency_level is set to BoundedStaleness.
max_staleness_prefix = number # When used with the Bounded Staleness consistency level, this value represents the number of stale requests tolerated. Accepted range for this value is 10 – 2147483647. Defaults to 100. Required when consistency_level is set to BoundedStaleness.
}) | {
"consistency_level": "BoundedStaleness",
"max_interval_in_seconds": 5,
"max_staleness_prefix": 100
} | no |
| [domain](#input\_domain) | (Optional) Specifies the domain of the CosmosDB Account. | `string` | n/a | yes |
| [enable\_automatic\_failover](#input\_enable\_automatic\_failover) | Enable automatic fail over for this Cosmos DB account. | `bool` | `true` | no |
| [enable\_free\_tier](#input\_enable\_free\_tier) | Enable Free Tier pricing option for this Cosmos DB account. Defaults to false. Changing this forces a new resource to be created. | `bool` | `true` | no |
diff --git a/cosmosdb_account/main.tf b/cosmosdb_account/main.tf
index ff5445b8..772181aa 100644
--- a/cosmosdb_account/main.tf
+++ b/cosmosdb_account/main.tf
@@ -1,12 +1,13 @@
resource "azurerm_cosmosdb_account" "this" {
- name = var.name
- location = var.location
- resource_group_name = var.resource_group_name
- offer_type = var.offer_type
- kind = var.kind
- enable_free_tier = var.enable_free_tier
- enable_automatic_failover = var.enable_automatic_failover
- key_vault_key_id = var.key_vault_key_id
+ name = var.name
+ location = var.location
+ resource_group_name = var.resource_group_name
+ offer_type = var.offer_type
+ kind = var.kind
+ enable_free_tier = var.enable_free_tier
+ enable_automatic_failover = var.enable_automatic_failover
+ key_vault_key_id = var.key_vault_key_id
+ analytical_storage_enabled = var.analytical_storage_enabled
mongo_server_version = var.mongo_server_version
diff --git a/cosmosdb_account/tests/README.md b/cosmosdb_account/tests/README.md
index f404feff..1ac9f617 100644
--- a/cosmosdb_account/tests/README.md
+++ b/cosmosdb_account/tests/README.md
@@ -7,3 +7,58 @@ Terraform template to test the Azure cosmosdb_account module
- terraform init
- terraform plan
- terraform apply
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.85.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [cosmosdb\_account](#module\_cosmosdb\_account) | ../../cosmosdb_account | n/a |
+| [pendpoints\_snet](#module\_pendpoints\_snet) | ../../subnet | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_private_dns_zone.privatelink_cassandra](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_private_dns_zone.privatelink_mongo](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_private_dns_zone.privatelink_sql](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_private_dns_zone.privatelink_table](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_private_dns_zone_virtual_network_link.cassandra_private_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
+| [azurerm_private_dns_zone_virtual_network_link.mongo_private_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
+| [azurerm_private_dns_zone_virtual_network_link.sql_private_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
+| [azurerm_private_dns_zone_virtual_network_link.table_core_private_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
+| [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [capabilities](#input\_capabilities) | The capabilities which should be enabled for this Cosmos DB account. | `list(string)` | `[]` | no |
+| [cidr\_subnet\_pendpoints](#input\_cidr\_subnet\_pendpoints) | n/a | `list(string)` | [| no | +| [domain](#input\_domain) | (Optional) Specifies the domain of the CosmosDB Account. | `string` | `""` | no | +| [kind](#input\_kind) | Specifies the Kind of CosmosDB to create - possible values are GlobalDocumentDB and MongoDB. | `string` | `"GlobalDocumentDB"` | no | +| [location](#input\_location) | n/a | `string` | `"italynorth"` | no | +| [main\_geo\_location\_zone\_redundant](#input\_main\_geo\_location\_zone\_redundant) | Should zone redundancy be enabled for main region? Set true for prod environments | `bool` | `false` | no | +| [mongo\_server\_version](#input\_mongo\_server\_version) | The Server Version of a MongoDB account. Possible values are 4.0, 3.6, and 3.2. | `string` | `null` | no | +| [offer\_type](#input\_offer\_type) | The CosmosDB account offer type. At the moment can only be set to Standard | `string` | `"Standard"` | no | +| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no | +| [tags](#input\_tags) | CosmosDB account example | `map(string)` |
"10.0.250.0/23"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3",
"Test": "cosmosdb-account"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/cosmosdb_account/variables.tf b/cosmosdb_account/variables.tf index baddbdcb..c18f9543 100644 --- a/cosmosdb_account/variables.tf +++ b/cosmosdb_account/variables.tf @@ -253,3 +253,10 @@ variable "action" { )) default = [] } + +variable "analytical_storage_enabled" { + type = bool + # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_account#analytical_storage_enabled + description = "Enable Analytical Storage option for this Cosmos DB account" + default = false +} diff --git a/cosmosdb_mongodb_collection/README.md b/cosmosdb_mongodb_collection/README.md index 01d3ae68..7dbc2924 100644 --- a/cosmosdb_mongodb_collection/README.md +++ b/cosmosdb_mongodb_collection/README.md @@ -38,6 +38,58 @@ module "mongdb_collection_name" { ``` + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | ~>3.30 | + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | ~>3.30 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azurerm_cosmosdb_mongo_collection.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_mongo_collection) | resource | +| [azurerm_management_lock.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/management_lock) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [analytical\_storage\_ttl](#input\_analytical\_storage\_ttl) | The default time to live of Analytical Storage for this Mongo Collection. If present and the value is set to -1, it is equal to infinity, and items don’t expire by default. If present and the value is set to some number n – items will expire n seconds after their last modified time. | `number` | `null` | no | +| [cosmosdb\_mongo\_account\_name](#input\_cosmosdb\_mongo\_account\_name) | The name of the Cosmos DB Mongo Account in which the Cosmos DB Mongo Database exists. Changing this forces a new resource to be created. | `string` | n/a | yes | +| [cosmosdb\_mongo\_database\_name](#input\_cosmosdb\_mongo\_database\_name) | The name of the Cosmos DB Mongo Database in which the Cosmos DB Mongo Collection is created. Changing this forces a new resource to be created. | `string` | n/a | yes | +| [default\_ttl\_seconds](#input\_default\_ttl\_seconds) | The default Time To Live in seconds. If the value is -1 or 0, items are not automatically expired. | `number` | `null` | no | +| [indexes](#input\_indexes) | One or more indexes. An index with an "\_id" key must be specified. |
"10.0.0.0/16"
]
list(object({
keys = list(string)
unique = bool
})) | n/a | yes |
+| [lock\_enable](#input\_lock\_enable) | Apply lock to block accidental deletions. | `bool` | `false` | no |
+| [max\_throughput](#input\_max\_throughput) | It will activate the autoscale mode setting the maximum throughput of the MongoDB collection (RU/s). Must be between 4,000 and 1,000,000. Must be set in increments of 1,000. Conflicts with throughput. Switching between autoscale and manual throughput is not supported via Terraform and must be completed via the Azure Portal and refreshed. | `number` | `null` | no |
+| [name](#input\_name) | Specifies the name of the Cosmos DB Mongo Collection. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group in which the Cosmos DB Mongo Collection is created. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [shard\_key](#input\_shard\_key) | The name of the key to partition on for sharding. There must not be any other unique index keys. | `string` | `null` | no |
+| [throughput](#input\_throughput) | The throughput of the MongoDB collection (RU/s). Must be set in increments of 100. The minimum value is 400. This must be set upon database creation otherwise it cannot be updated without a manual terraform destroy-apply. | `number` | `null` | no |
+| [timeout\_create](#input\_timeout\_create) | (Defaults to 30 minutes) Used when creating the CosmosDB Mongo Collection. | `string` | `null` | no |
+| [timeout\_delete](#input\_timeout\_delete) | (Defaults to 30 minutes) Used when deleting the CosmosDB Mongo Collection. | `string` | `null` | no |
+| [timeout\_read](#input\_timeout\_read) | (Defaults to 5 minutes) Used when retrieving the CosmosDB Mongo Collection. | `string` | `null` | no |
+| [timeout\_update](#input\_timeout\_update) | (Defaults to 30 minutes) Used when updating the CosmosDB Mongo Collection. | `string` | `null` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [id](#output\_id) | The id of the collection |
+| [lock\_id](#output\_lock\_id) | n/a |
+
## Requirements
@@ -65,7 +117,7 @@ No modules.
| [cosmosdb\_mongo\_account\_name](#input\_cosmosdb\_mongo\_account\_name) | The name of the Cosmos DB Mongo Account in which the Cosmos DB Mongo Database exists. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [cosmosdb\_mongo\_database\_name](#input\_cosmosdb\_mongo\_database\_name) | The name of the Cosmos DB Mongo Database in which the Cosmos DB Mongo Collection is created. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [default\_ttl\_seconds](#input\_default\_ttl\_seconds) | The default Time To Live in seconds. If the value is -1 or 0, items are not automatically expired. | `number` | `null` | no |
-| [indexes](#input\_indexes) | One or more indexes. An index with an "\_id" key must be specified. | list(object({
keys = list(string)
unique = bool
})) | n/a | yes |
+| [indexes](#input\_indexes) | One or more indexes. An index with an "\_id" key must be specified. | list(object({
keys = list(string)
unique = bool
})) | n/a | yes |
| [lock\_enable](#input\_lock\_enable) | Apply lock to block accidental deletions. | `bool` | `false` | no |
| [max\_throughput](#input\_max\_throughput) | It will activate the autoscale mode setting the maximum throughput of the MongoDB collection (RU/s). Must be between 4,000 and 1,000,000. Must be set in increments of 1,000. Conflicts with throughput. Switching between autoscale and manual throughput is not supported via Terraform and must be completed via the Azure Portal and refreshed. | `number` | `null` | no |
| [name](#input\_name) | Specifies the name of the Cosmos DB Mongo Collection. Changing this forces a new resource to be created. | `string` | n/a | yes |
diff --git a/cosmosdb_sql_container/README.md b/cosmosdb_sql_container/README.md
index b6e075c0..4f050e80 100644
--- a/cosmosdb_sql_container/README.md
+++ b/cosmosdb_sql_container/README.md
@@ -49,6 +49,51 @@ module "core_cosmosdb_containers" {
```
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.30 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.30 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_cosmosdb_sql_container.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_sql_container) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [account\_name](#input\_account\_name) | The name of the Cosmos DB Account to create the container within. | `string` | n/a | yes |
+| [autoscale\_settings](#input\_autoscale\_settings) | Autoscale settings for collection | object({
max_throughput = number
}) | `null` | no |
+| [database\_name](#input\_database\_name) | The name of the Cosmos DB SQL Database to create the container within. | `string` | n/a | yes |
+| [default\_ttl](#input\_default\_ttl) | The default time to live of SQL container. If missing, items are not expired automatically. | `number` | `null` | no |
+| [name](#input\_name) | The name of the Cosmos DB instance. | `string` | n/a | yes |
+| [partition\_key\_path](#input\_partition\_key\_path) | Define a partition key. | `string` | `null` | no |
+| [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group in which the Cosmos DB SQL | `string` | n/a | yes |
+| [throughput](#input\_throughput) | The throughput of SQL container (RU/s). Must be set in increments of 100. The minimum value is 400. | `number` | `null` | no |
+| [unique\_key\_paths](#input\_unique\_key\_paths) | A list of paths to use for this unique key. | `list(string)` | `[]` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [id](#output\_id) | n/a |
+| [name](#output\_name) | n/a |
+
## Requirements
@@ -72,7 +117,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [account\_name](#input\_account\_name) | The name of the Cosmos DB Account to create the container within. | `string` | n/a | yes |
-| [autoscale\_settings](#input\_autoscale\_settings) | Autoscale settings for collection | object({
max_throughput = number
}) | `null` | no |
+| [autoscale\_settings](#input\_autoscale\_settings) | Autoscale settings for collection | object({
max_throughput = number
}) | `null` | no |
| [database\_name](#input\_database\_name) | The name of the Cosmos DB SQL Database to create the container within. | `string` | n/a | yes |
| [default\_ttl](#input\_default\_ttl) | The default time to live of SQL container. If missing, items are not expired automatically. | `number` | `null` | no |
| [name](#input\_name) | The name of the Cosmos DB instance. | `string` | n/a | yes |
diff --git a/cosmosdb_sql_database/README.md b/cosmosdb_sql_database/README.md
index 79f23d56..9b854a67 100644
--- a/cosmosdb_sql_database/README.md
+++ b/cosmosdb_sql_database/README.md
@@ -46,6 +46,46 @@ module "core_cosmos_db" {
```
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.30 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.30 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_cosmosdb_sql_database.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cosmosdb_sql_database) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [account\_name](#input\_account\_name) | The name of the Cosmos DB SQL Database to create the table within. | `string` | n/a | yes |
+| [name](#input\_name) | The name of the Cosmos DB SQL Database | `string` | n/a | yes |
+| [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group in which the Cosmos DB SQL Database is created. | `string` | n/a | yes |
+| [throughput](#input\_throughput) | The throughput of SQL database (RU/s). | `number` | `null` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [id](#output\_id) | n/a |
+| [name](#output\_name) | n/a |
+
## Requirements
diff --git a/data_factory/README.md b/data_factory/README.md
index 1d44ee48..6720761d 100644
--- a/data_factory/README.md
+++ b/data_factory/README.md
@@ -1,4 +1,48 @@
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.30 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.30 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_data_factory.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_factory) | resource |
+| [azurerm_data_factory_managed_private_endpoint.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_factory_managed_private_endpoint) | resource |
+| [azurerm_private_dns_a_record.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_a_record) | resource |
+| [azurerm_private_endpoint.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [custom\_domain\_enabled](#input\_custom\_domain\_enabled) | If not null enables custom domain for the private endpoint | `string` | n/a | yes |
+| [github\_conf](#input\_github\_conf) | Configuration of the github repo associated to the data factory | object({
account_name = string
branch_name = string
git_url = string
repository_name = string
root_folder = string
}) | n/a | yes |
+| [location](#input\_location) | Azure Location in which the resources are located | `string` | n/a | yes |
+| [name](#input\_name) | Short Resource Name, used to customize subresource names | `string` | n/a | yes |
+| [private\_endpoint](#input\_private\_endpoint) | Enable private endpoint with required params | object({
enabled = bool
subnet_id = string
private_dns_zone = object({
id = string
name = string
rg = string
})
}) | n/a | yes |
+| [resource\_group\_name](#input\_resource\_group\_name) | Resource Group in which the resources are located | `string` | n/a | yes |
+| [resources\_managed\_private\_enpoint](#input\_resources\_managed\_private\_enpoint) | Map of resource to which a data factory must connect via managed private endpoint | `map(string)` | n/a | yes |
+| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
+
+## Outputs
+
+No outputs.
+
## Requirements
@@ -25,10 +69,10 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [custom\_domain\_enabled](#input\_custom\_domain\_enabled) | If not null enables custom domain for the private endpoint | `string` | n/a | yes |
-| [github\_conf](#input\_github\_conf) | Configuration of the github repo associated to the data factory | object({
account_name = string
branch_name = string
git_url = string
repository_name = string
root_folder = string
}) | n/a | yes |
+| [github\_conf](#input\_github\_conf) | Configuration of the github repo associated to the data factory | object({
account_name = string
branch_name = string
git_url = string
repository_name = string
root_folder = string
}) | n/a | yes |
| [location](#input\_location) | Azure Location in which the resources are located | `string` | n/a | yes |
| [name](#input\_name) | Short Resource Name, used to customize subresource names | `string` | n/a | yes |
-| [private\_endpoint](#input\_private\_endpoint) | Enable private endpoint with required params | object({
enabled = bool
subnet_id = string
private_dns_zone = object({
id = string
name = string
rg = string
})
}) | n/a | yes |
+| [private\_endpoint](#input\_private\_endpoint) | Enable private endpoint with required params | object({
enabled = bool
subnet_id = string
private_dns_zone = object({
id = string
name = string
rg = string
})
}) | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | Resource Group in which the resources are located | `string` | n/a | yes |
| [resources\_managed\_private\_enpoint](#input\_resources\_managed\_private\_enpoint) | Map of resource to which a data factory must connect via managed private endpoint | `map(string)` | n/a | yes |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
diff --git a/data_indexer/README.md b/data_indexer/README.md
index e367ec0a..e1ff72df 100644
--- a/data_indexer/README.md
+++ b/data_indexer/README.md
@@ -7,6 +7,61 @@ In terraform output you can get the the app service's name and id.
Use the example Terraform template, saved in `./tests`, to test this module and get some advices.
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.39 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.39 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [internal\_storage\_account](#module\_internal\_storage\_account) | github.com/pagopa/terraform-azurerm-v3.git//storage_account | v8.16.0 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_linux_web_app.cdc](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_web_app) | resource |
+| [azurerm_linux_web_app.data_ti](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_web_app) | resource |
+| [azurerm_monitor_autoscale_setting.appservice_plan](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_autoscale_setting) | resource |
+| [azurerm_private_endpoint.blob](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+| [azurerm_private_endpoint.queue](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+| [azurerm_private_endpoint.table](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+| [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_role_assignment.evh_listener](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
+| [azurerm_role_assignment.evh_sender](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
+| [azurerm_service_plan.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/service_plan) | resource |
+| [azurerm_subnet.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [config](#input\_config) | n/a | object({
sku_name = optional(string, "P0v3")
app_settings = optional(map(string), {})
allowed_subnets = optional(list(string), [])
allowed_ips = optional(list(string), [])
docker_registry_url = optional(string, "http://ghcr.io")
cdc_docker_image = optional(string, "pagopa/change-data-capturer-ms")
cdc_docker_image_tag = optional(string, "0.1.0@sha256:94379d99d78062e89353b45d6b463cd7bf80e24869b7d2d1a8b7cbf316fd07e4")
data_ti_docker_image = optional(string, "pagopa/data-ti-ms")
data_ti_docker_image_tag = optional(string, "0.1.0@sha256:dc7b8cee0aa1e22658f61a0d5d19be44202f83f0533f35de2ef0eb87697cdb94")
autoscale_minimum = optional(number, 1)
autoscale_maximum = optional(number, 20)
autoscale_default = optional(number, 5)
json_config_path = string
}) | n/a | yes |
+| [evh\_config](#input\_evh\_config) | The Internal Event Hubs (topics) configuration and related ids | object({
hub_ids = map(string)
topics = set(string)
}) | n/a | yes |
+| [internal\_storage](#input\_internal\_storage) | # Internal Storage | object({
account_kind = optional(string, "StorageV2") # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = optional(string, "Standard") # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = optional(string, "ZRS") # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = optional(string, "Hot") # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
private_dns_zone_blob_ids = optional(list(string), [])
private_dns_zone_queue_ids = optional(list(string), [])
private_dns_zone_table_ids = optional(list(string), [])
private_endpoint_subnet_id = optional(string, "")
}) | n/a | yes |
+| [location](#input\_location) | (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | `"northitaly"` | no |
+| [name](#input\_name) | (Required) Specifies the name of the App Service. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [subnet](#input\_subnet) | n/a | object({
address_prefixes = list(string)
service_endpoints = optional(list(string), [
"Microsoft.Web",
"Microsoft.AzureCosmosDB",
"Microsoft.Storage",
"Microsoft.Sql",
"Microsoft.EventHub"
])
}) | n/a | yes |
+| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
+| [virtual\_network](#input\_virtual\_network) | n/a | object({
name = string
resource_group_name = string
}) | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [subnet\_id](#output\_subnet\_id) | n/a |
+
## Requirements
@@ -41,14 +96,14 @@ Use the example Terraform template, saved in `./tests`, to test this module and
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [config](#input\_config) | n/a | object({
sku_name = optional(string, "P0v3")
app_settings = optional(map(string), {})
allowed_subnets = optional(list(string), [])
allowed_ips = optional(list(string), [])
docker_registry_url = optional(string, "http://ghcr.io")
cdc_docker_image = optional(string, "pagopa/change-data-capturer-ms")
cdc_docker_image_tag = optional(string, "0.1.0@sha256:94379d99d78062e89353b45d6b463cd7bf80e24869b7d2d1a8b7cbf316fd07e4")
data_ti_docker_image = optional(string, "pagopa/data-ti-ms")
data_ti_docker_image_tag = optional(string, "0.1.0@sha256:dc7b8cee0aa1e22658f61a0d5d19be44202f83f0533f35de2ef0eb87697cdb94")
autoscale_minimum = optional(number, 1)
autoscale_maximum = optional(number, 20)
autoscale_default = optional(number, 5)
json_config_path = string
}) | n/a | yes |
-| [evh\_config](#input\_evh\_config) | The Internal Event Hubs (topics) configuration and related ids | object({
hub_ids = map(string)
topics = set(string)
}) | n/a | yes |
-| [internal\_storage](#input\_internal\_storage) | # Internal Storage | object({
account_kind = optional(string, "StorageV2") # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = optional(string, "Standard") # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = optional(string, "ZRS") # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = optional(string, "Hot") # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
private_dns_zone_blob_ids = optional(list(string), [])
private_dns_zone_queue_ids = optional(list(string), [])
private_dns_zone_table_ids = optional(list(string), [])
private_endpoint_subnet_id = optional(string, "")
}) | n/a | yes |
+| [config](#input\_config) | n/a | object({
sku_name = optional(string, "P0v3")
app_settings = optional(map(string), {})
allowed_subnets = optional(list(string), [])
allowed_ips = optional(list(string), [])
docker_registry_url = optional(string, "http://ghcr.io")
cdc_docker_image = optional(string, "pagopa/change-data-capturer-ms")
cdc_docker_image_tag = optional(string, "0.1.0@sha256:94379d99d78062e89353b45d6b463cd7bf80e24869b7d2d1a8b7cbf316fd07e4")
data_ti_docker_image = optional(string, "pagopa/data-ti-ms")
data_ti_docker_image_tag = optional(string, "0.1.0@sha256:dc7b8cee0aa1e22658f61a0d5d19be44202f83f0533f35de2ef0eb87697cdb94")
autoscale_minimum = optional(number, 1)
autoscale_maximum = optional(number, 20)
autoscale_default = optional(number, 5)
json_config_path = string
}) | n/a | yes |
+| [evh\_config](#input\_evh\_config) | The Internal Event Hubs (topics) configuration and related ids | object({
hub_ids = map(string)
topics = set(string)
}) | n/a | yes |
+| [internal\_storage](#input\_internal\_storage) | # Internal Storage | object({
account_kind = optional(string, "StorageV2") # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = optional(string, "Standard") # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = optional(string, "ZRS") # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = optional(string, "Hot") # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
private_dns_zone_blob_ids = optional(list(string), [])
private_dns_zone_queue_ids = optional(list(string), [])
private_dns_zone_table_ids = optional(list(string), [])
private_endpoint_subnet_id = optional(string, "")
}) | n/a | yes |
| [location](#input\_location) | (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | `"northitaly"` | no |
| [name](#input\_name) | (Required) Specifies the name of the App Service. Changing this forces a new resource to be created. | `string` | n/a | yes |
-| [subnet](#input\_subnet) | n/a | object({
address_prefixes = list(string)
service_endpoints = optional(list(string), [
"Microsoft.Web",
"Microsoft.AzureCosmosDB",
"Microsoft.Storage",
"Microsoft.Sql",
"Microsoft.EventHub"
])
}) | n/a | yes |
+| [subnet](#input\_subnet) | n/a | object({
address_prefixes = list(string)
service_endpoints = optional(list(string), [
"Microsoft.Web",
"Microsoft.AzureCosmosDB",
"Microsoft.Storage",
"Microsoft.Sql",
"Microsoft.EventHub"
])
}) | n/a | yes |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
-| [virtual\_network](#input\_virtual\_network) | n/a | object({
name = string
resource_group_name = string
}) | n/a | yes |
+| [virtual\_network](#input\_virtual\_network) | n/a | object({
name = string
resource_group_name = string
}) | n/a | yes |
## Outputs
diff --git a/data_indexer/tests/README.md b/data_indexer/tests/README.md
index 6c6c0daa..accf7e60 100644
--- a/data_indexer/tests/README.md
+++ b/data_indexer/tests/README.md
@@ -7,3 +7,53 @@ Terraform template to test the Azure function_app module
- terraform init
- terraform plan
- terraform apply
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.85.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [data\_indexer](#module\_data\_indexer) | ../../data_indexer | n/a |
+| [event\_hub](#module\_event\_hub) | ../../eventhub | n/a |
+| [pendpoints\_snet](#module\_pendpoints\_snet) | ../../subnet | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_private_dns_zone.privatelink_blob_core](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_private_dns_zone.privatelink_queue_core](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_private_dns_zone.privatelink_servicebus](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_private_dns_zone.privatelink_table_core](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_private_dns_zone_virtual_network_link.blob_core_private_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
+| [azurerm_private_dns_zone_virtual_network_link.queue_core_private_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
+| [azurerm_private_dns_zone_virtual_network_link.servicebus_private_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
+| [azurerm_private_dns_zone_virtual_network_link.table_core_private_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
+| [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [cidr\_subnet\_pendpoints](#input\_cidr\_subnet\_pendpoints) | n/a | `list(string)` | [| no | +| [location](#input\_location) | n/a | `string` | `"italynorth"` | no | +| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no | +| [tags](#input\_tags) | Data Indexer example | `map(string)` |
"10.0.250.0/23"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3",
"Test": "data-indexer"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/dns_forwarder/README.md b/dns_forwarder/README.md index dabb9789..fa1d5579 100644 --- a/dns_forwarder/README.md +++ b/dns_forwarder/README.md @@ -50,6 +50,49 @@ module "dns_forwarder" { ``` + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | ~>3.30 | +| [local](#requirement\_local) | ~> 2.3 | + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | ~>3.30 | +| [local](#provider\_local) | ~> 2.3 | +| [null](#provider\_null) | n/a | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azurerm_container_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_group) | resource | +| [null_resource.secret_trigger](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | +| [local_file.corefile](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [location](#input\_location) | n/a | `string` | n/a | yes | +| [name](#input\_name) | n/a | `string` | n/a | yes | +| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes | +| [subnet\_id](#input\_subnet\_id) | n/a | `string` | n/a | yes | +| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes | + +## Outputs + +No outputs. + ## Requirements diff --git a/dns_forwarder_lb_vmss/README.md b/dns_forwarder_lb_vmss/README.md index 61e9de4a..63445266 100644 --- a/dns_forwarder_lb_vmss/README.md +++ b/dns_forwarder_lb_vmss/README.md @@ -29,6 +29,74 @@ module "dns_forwarder" { ``` + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | ~>3.30 | +| [null](#requirement\_null) | ~> 3.2 | +| [random](#requirement\_random) | ~> 3.6 | + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | ~>3.30 | +| [random](#provider\_random) | ~> 3.6 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [load\_balancer](#module\_load\_balancer) | git::https://github.com/pagopa/terraform-azurerm-v3.git//load_balancer | v8.16.0 | +| [subnet\_load\_balancer](#module\_subnet\_load\_balancer) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v8.16.0 | +| [subnet\_vmss](#module\_subnet\_vmss) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v8.16.0 | +| [vmss](#module\_vmss) | git::https://github.com/pagopa/terraform-azurerm-v3.git//vm_scale_set | v8.16.0 | + +## Resources + +| Name | Type | +|------|------| +| [azurerm_key_vault_secret.dns_forwarder_vmss_administrator_password](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource | +| [azurerm_key_vault_secret.dns_forwarder_vmss_administrator_username](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource | +| [azurerm_network_security_group.vmss](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_group) | resource | +| [azurerm_subnet_network_security_group_association.vmss](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet_network_security_group_association) | resource | +| [random_password.psw](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [address\_prefixes\_lb](#input\_address\_prefixes\_lb) | (Optional) The address prefixes to use for load balancer subnet. | `string` | `"10.1.200.0/29"` | no | +| [address\_prefixes\_vmss](#input\_address\_prefixes\_vmss) | (Optional) The address prefixes to use for the virtual machine scale set subnet. | `string` | `"10.1.200.8/29"` | no | +| [admin\_password](#input\_admin\_password) | (Optional) The Password which should be used for the local-administrator on this Virtual Machine. Changing this forces a new resource to be created. will be stored in the raw state as plain-text | `string` | `null` | no | +| [create\_vmss\_nsg](#input\_create\_vmss\_nsg) | (Optional) Boolean flag to create the network security group to virtual machine scale set. | `bool` | `true` | no | +| [key\_vault\_id](#input\_key\_vault\_id) | (Required) The ID of the Key Vault where the Secret should be created. | `string` | n/a | yes | +| [location](#input\_location) | (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | n/a | yes | +| [name](#input\_name) | (Required) The name of the Virtual Machine Scale Set, Load Balancer. Changing this forces a new resource to be created. | `string` | n/a | yes | +| [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the Resource Group in which the resources should be exist. | `string` | n/a | yes | +| [source\_image\_name](#input\_source\_image\_name) | (Required) The name of an Image which each Virtual Machine in this Scale Set should be based on. It must be stored in the same subscription & resource group of this resource | `string` | n/a | yes | +| [static\_address\_lb](#input\_static\_address\_lb) | (Optional) The static address of load balancer. | `string` | `null` | no | +| [storage\_sku](#input\_storage\_sku) | (Optional) The SKU of the storage account with which to persist VM. Use a singular sku that would be applied across all disks, or specify individual disks. Usage: [--storage-sku SKU \| --storage-sku ID=SKU ID=SKU ID=SKU...], where each ID is os or a 0-indexed lun. Allowed values: Standard\_LRS, Premium\_LRS, StandardSSD\_LRS, UltraSSD\_LRS, Premium\_ZRS, StandardSSD\_ZRS. | `string` | `"StandardSSD_ZRS"` | no | +| [subnet\_lb\_id](#input\_subnet\_lb\_id) | (Optional) The subnet id of load balancer. | `string` | `null` | no | +| [subnet\_vmss\_id](#input\_subnet\_vmss\_id) | (Optional) The subnet id of virtual machine scale set. | `string` | `null` | no | +| [subscription\_id](#input\_subscription\_id) | (Required) Azure subscription id | `string` | n/a | yes | +| [tags](#input\_tags) | (Required) Tags of all resources. | `map(any)` | n/a | yes | +| [tenant\_id](#input\_tenant\_id) | (Required) The Azure AD tenant ID that should be used for authenticating requests to the key vault. | `string` | n/a | yes | +| [virtual\_network\_name](#input\_virtual\_network\_name) | (Required) The name of the virtual network in which the resources (Vmss, LB) are located. | `string` | n/a | yes | +| [vm\_sku](#input\_vm\_sku) | (Optional) Size of VMs in the scale set. Default to Standard\_B1s. See https://azure.microsoft.com/pricing/details/virtual-machines/ for size info. | `string` | `"Standard_B1s"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [lb\_id](#output\_lb\_id) | n/a | +| [subnet\_lb\_id](#output\_subnet\_lb\_id) | n/a | +| [subnet\_vmss\_id](#output\_subnet\_vmss\_id) | n/a | +| [vmss\_id](#output\_vmss\_id) | n/a | + ## Requirements diff --git a/dns_forwarder_lb_vmss/tests/README.md b/dns_forwarder_lb_vmss/tests/README.md new file mode 100644 index 00000000..ea50b8e2 --- /dev/null +++ b/dns_forwarder_lb_vmss/tests/README.md @@ -0,0 +1,41 @@ +# tests + + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 | +| [null](#requirement\_null) | ~> 3.2 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [dns\_forwarder\_lb\_vmss](#module\_dns\_forwarder\_lb\_vmss) | ../../dns_forwarder_lb_vmss | n/a | + +## Resources + +| Name | Type | +|------|------| +| [azurerm_key_vault.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault) | resource | +| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | +| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource | +| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source | +| [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [location](#input\_location) | Resorce location | `string` | `"northeurope"` | no | +| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no | +| [source\_image\_name](#input\_source\_image\_name) | n/a | `string` | `"dns-forwarder-ubuntu2204-image-v1"` | no | +| [tags](#input\_tags) | Azurerm test tags | `map(string)` |
"10.0.0.0/16"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +No outputs. + diff --git a/dns_forwarder_scale_set_vm/README.md b/dns_forwarder_scale_set_vm/README.md index 3ca90087..e74973b2 100644 --- a/dns_forwarder_scale_set_vm/README.md +++ b/dns_forwarder_scale_set_vm/README.md @@ -35,6 +35,61 @@ module "dns_forwarder_backup_vmss_li" { ``` + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | ~>3.30 | +| [null](#requirement\_null) | ~> 3.2 | + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | ~>3.30 | +| [tls](#provider\_tls) | n/a | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azurerm_linux_virtual_machine_scale_set.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set) | resource | +| [azurerm_monitor_autoscale_setting.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_autoscale_setting) | resource | +| [azurerm_ssh_public_key.this_public_key](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/ssh_public_key) | resource | +| [tls_private_key.this_key](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [admin\_password](#input\_admin\_password) | (Optional) The Password which should be used for the local-administrator on this Virtual Machine. Changing this forces a new resource to be created. will be stored in the raw state as plain-text | `string` | `null` | no | +| [authentication\_type](#input\_authentication\_type) | (Required) Type of authentication to use with the VM. Defaults to password for Windows and SSH public key for Linux. all enables both ssh and password authentication. | `string` | `"SSH"` | no | +| [capacity\_default\_count](#input\_capacity\_default\_count) | (Required) The number of instances that are available for scaling if metrics are not available for evaluation. The default is only used if the current instance count is lower than the default. Valid values are between 0 and 1000 | `number` | `1` | no | +| [capacity\_maximum\_count](#input\_capacity\_maximum\_count) | (Required) The maximum number of instances for this resource. Valid values are between 0 and 1000 | `number` | `1` | no | +| [capacity\_minimum\_count](#input\_capacity\_minimum\_count) | (Required) The minimum number of instances for this resource. Valid values are between 0 and 1000 | `number` | `1` | no | +| [encryption\_set\_id](#input\_encryption\_set\_id) | (Optional) An existing encryption set | `string` | `null` | no | +| [image\_reference](#input\_image\_reference) | (Optional) A source\_image\_reference block as defined below. |
"10.0.0.0/16"
]
object({
publisher = string
offer = string
sku = string
version = string
}) | {
"offer": "0001-com-ubuntu-server-jammy",
"publisher": "Canonical",
"sku": "22_04-lts-gen2",
"version": "latest"
} | no |
+| [location](#input\_location) | (Optional) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | `"westeurope"` | no |
+| [name](#input\_name) | (Required) The name of the Linux Virtual Machine Scale Set. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the Resource Group in which the Linux Virtual Machine Scale Set should be exist. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [source\_image\_name](#input\_source\_image\_name) | (Optional) The name of an Image which each Virtual Machine in this Scale Set should be based on. It must be stored in the same subscription & resource group of this resource | `string` | n/a | yes |
+| [storage\_sku](#input\_storage\_sku) | (Optional) The SKU of the storage account with which to persist VM. Use a singular sku that would be applied across all disks, or specify individual disks. Usage: [--storage-sku SKU \| --storage-sku ID=SKU ID=SKU ID=SKU...], where each ID is os or a 0-indexed lun. Allowed values: Standard\_LRS, Premium\_LRS, StandardSSD\_LRS, UltraSSD\_LRS, Premium\_ZRS, StandardSSD\_ZRS. | `string` | `"StandardSSD_LRS"` | no |
+| [subnet\_id](#input\_subnet\_id) | (Required) An existing subnet ID | `string` | `null` | no |
+| [subscription\_id](#input\_subscription\_id) | (Required) Azure subscription id | `string` | n/a | yes |
+| [subscription\_name](#input\_subscription\_name) | (Required) Azure subscription name | `string` | n/a | yes |
+| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
+| [vm\_sku](#input\_vm\_sku) | (Optional) Size of VMs in the scale set. Default to Standard\_B1s. See https://azure.microsoft.com/pricing/details/virtual-machines/ for size info. | `string` | `"Standard_B1s"` | no |
+
+## Outputs
+
+No outputs.
+
## Requirements
@@ -67,7 +122,7 @@ No modules.
| [capacity\_maximum\_count](#input\_capacity\_maximum\_count) | (Required) The maximum number of instances for this resource. Valid values are between 0 and 1000 | `number` | `1` | no |
| [capacity\_minimum\_count](#input\_capacity\_minimum\_count) | (Required) The minimum number of instances for this resource. Valid values are between 0 and 1000 | `number` | `1` | no |
| [encryption\_set\_id](#input\_encryption\_set\_id) | (Optional) An existing encryption set | `string` | `null` | no |
-| [image\_reference](#input\_image\_reference) | (Optional) A source\_image\_reference block as defined below. | object({
publisher = string
offer = string
sku = string
version = string
}) | {
"offer": "0001-com-ubuntu-server-jammy",
"publisher": "Canonical",
"sku": "22_04-lts-gen2",
"version": "latest"
} | no |
+| [image\_reference](#input\_image\_reference) | (Optional) A source\_image\_reference block as defined below. | object({
publisher = string
offer = string
sku = string
version = string
}) | {
"offer": "0001-com-ubuntu-server-jammy",
"publisher": "Canonical",
"sku": "22_04-lts-gen2",
"version": "latest"
} | no |
| [location](#input\_location) | (Optional) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. | `string` | `"westeurope"` | no |
| [name](#input\_name) | (Required) The name of the Linux Virtual Machine Scale Set. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the Resource Group in which the Linux Virtual Machine Scale Set should be exist. Changing this forces a new resource to be created. | `string` | n/a | yes |
diff --git a/dns_forwarder_scale_set_vm/tests/README.md b/dns_forwarder_scale_set_vm/tests/README.md
index 7cab078e..27b912a8 100644
--- a/dns_forwarder_scale_set_vm/tests/README.md
+++ b/dns_forwarder_scale_set_vm/tests/README.md
@@ -10,3 +10,45 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 |
+| [null](#requirement\_null) | ~> 3.2 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [dns\_forwarder\_vmss](#module\_dns\_forwarder\_vmss) | ../../dns_forwarder_scale_set_vm | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+| [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"northeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [source\_image\_name](#input\_source\_image\_name) | n/a | `string` | `"dns-forwarder-ubuntu2204-image-v1"` | no |
+| [tags](#input\_tags) | Azurerm test tags | `map(string)` | {
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vms\_subnet\_cidr](#input\_vms\_subnet\_cidr) | n/a | `list(string)` | [| no | +| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` |
"10.0.1.0/26"
]
[| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/dns_forwarder_vm_image/README.md b/dns_forwarder_vm_image/README.md index 98d35744..48cd1ae3 100644 --- a/dns_forwarder_vm_image/README.md +++ b/dns_forwarder_vm_image/README.md @@ -46,6 +46,64 @@ module "dns_forwarder_image" { ``` + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azuread](#requirement\_azuread) | ~> 2.47 | +| [azurerm](#requirement\_azurerm) | ~> 3.97 | +| [null](#requirement\_null) | ~> 3.2 | +| [random](#requirement\_random) | ~> 3.6 | + +## Providers + +| Name | Version | +|------|---------| +| [azuread](#provider\_azuread) | ~> 2.47 | +| [azurerm](#provider\_azurerm) | ~> 3.97 | +| [null](#provider\_null) | ~> 3.2 | +| [random](#provider\_random) | ~> 3.6 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azurerm_resource_group.build_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | +| [null_resource.build_packer_image](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | +| [random_id.rg_randomizer](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource | +| [azuread_client_config.current](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/client_config) | data source | +| [azurerm_resource_group.target_resource_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [base\_image\_offer](#input\_base\_image\_offer) | (Optional) - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set#source_image_reference | `string` | `"0001-com-ubuntu-server-jammy"` | no | +| [base\_image\_publisher](#input\_base\_image\_publisher) | (Optional) - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set#source_image_reference | `string` | `"Canonical"` | no | +| [base\_image\_sku](#input\_base\_image\_sku) | (Optional) - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set#source_image_reference | `string` | `"22_04-lts-gen2"` | no | +| [base\_image\_version](#input\_base\_image\_version) | (Optional) - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine_scale_set#source_image_reference | `string` | `"latest"` | no | +| [build\_rg\_name](#input\_build\_rg\_name) | (Optional) Packer build temporary resource group name | `string` | `"tmp-packer-dnsforwarder-image-build"` | no | +| [image\_name](#input\_image\_name) | (Required) name assigned to the generated image. Note that the pair
"10.0.0.0/16"
]
map(object({
count = string
roles = list(string)
storage = string
storageClassName = string
requestMemory = string
requestCPU = string
limitsMemory = string
limitsCPU = string
})) | {
"default": {
"count": 1,
"limitsCPU": "1",
"limitsMemory": "2Gi",
"requestCPU": "1",
"requestMemory": "2Gi",
"roles": [
"master",
"data",
"data_content",
"data_hot",
"data_warm",
"data_cold",
"data_frozen",
"ingest",
"ml",
"remote_cluster_client",
"transform"
],
"storage": "5Gi",
"storageClassName": "standard"
}
} | no |
+| [secret\_name](#input\_secret\_name) | Secret certificate name | `string` | n/a | yes |
+| [snapshot\_secret\_name](#input\_snapshot\_secret\_name) | n/a | `string` | n/a | yes |
+| [tenant\_id](#input\_tenant\_id) | Tenant ID for azure | `string` | `"7788edaf-0346-4068-9d79-c868aed15b3d"` | no |
+
+## Outputs
+
+No outputs.
+
## Requirements
@@ -57,7 +122,7 @@ No modules.
| [kibana\_external\_domain](#input\_kibana\_external\_domain) | Kibana external domain | `string` | n/a | yes |
| [kibana\_internal\_hostname](#input\_kibana\_internal\_hostname) | Kibana internal hostname | `string` | n/a | yes |
| [namespace](#input\_namespace) | Namespace for ECK Operator | `string` | `"elastic-system"` | no |
-| [nodeset\_config](#input\_nodeset\_config) | n/a | map(object({
count = string
roles = list(string)
storage = string
storageClassName = string
requestMemory = string
requestCPU = string
limitsMemory = string
limitsCPU = string
})) | {
"default": {
"count": 1,
"limitsCPU": "1",
"limitsMemory": "2Gi",
"requestCPU": "1",
"requestMemory": "2Gi",
"roles": [
"master",
"data",
"data_content",
"data_hot",
"data_warm",
"data_cold",
"data_frozen",
"ingest",
"ml",
"remote_cluster_client",
"transform"
],
"storage": "5Gi",
"storageClassName": "standard"
}
} | no |
+| [nodeset\_config](#input\_nodeset\_config) | n/a | map(object({
count = string
roles = list(string)
storage = string
storageClassName = string
requestMemory = string
requestCPU = string
limitsMemory = string
limitsCPU = string
})) | {
"default": {
"count": 1,
"limitsCPU": "1",
"limitsMemory": "2Gi",
"requestCPU": "1",
"requestMemory": "2Gi",
"roles": [
"master",
"data",
"data_content",
"data_hot",
"data_warm",
"data_cold",
"data_frozen",
"ingest",
"ml",
"remote_cluster_client",
"transform"
],
"storage": "5Gi",
"storageClassName": "standard"
}
} | no |
| [secret\_name](#input\_secret\_name) | Secret certificate name | `string` | n/a | yes |
| [snapshot\_secret\_name](#input\_snapshot\_secret\_name) | n/a | `string` | n/a | yes |
| [tenant\_id](#input\_tenant\_id) | Tenant ID for azure | `string` | `"7788edaf-0346-4068-9d79-c868aed15b3d"` | no |
diff --git a/eventhub/README.md b/eventhub/README.md
index 2a265572..304c5cc1 100644
--- a/eventhub/README.md
+++ b/eventhub/README.md
@@ -25,6 +25,79 @@ see folder ../test for more info
* private dns zone: now use `var.internal_private_dns_zone_resource_group_name` and not `var.resource_group_name``
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.30 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.30 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_eventhub.events](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/eventhub) | resource |
+| [azurerm_eventhub_authorization_rule.events](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/eventhub_authorization_rule) | resource |
+| [azurerm_eventhub_consumer_group.events](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/eventhub_consumer_group) | resource |
+| [azurerm_eventhub_namespace.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/eventhub_namespace) | resource |
+| [azurerm_monitor_metric_alert.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_metric_alert) | resource |
+| [azurerm_private_dns_a_record.private_dns_a_record_eventhub](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_a_record) | resource |
+| [azurerm_private_dns_zone.eventhub](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_private_dns_zone_virtual_network_link.eventhub](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
+| [azurerm_private_endpoint.eventhub](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | +| [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no | +| [auto\_inflate\_enabled](#input\_auto\_inflate\_enabled) | Is Auto Inflate enabled for the EventHub Namespace? | `bool` | `false` | no | +| [capacity](#input\_capacity) | Specifies the Capacity / Throughput Units for a Standard SKU namespace. | `number` | `null` | no | +| [eventhubs](#input\_eventhubs) | A list of event hubs to add to namespace. |
{
action_group_id = string
webhook_properties = map(string)
}
))
list(object({
name = string # (Required) Specifies the name of the EventHub resource. Changing this forces a new resource to be created.
partitions = number # (Required) Specifies the current number of shards on the Event Hub.
message_retention = number # (Required) Specifies the number of days to retain the events for this Event Hub.
consumers = list(string) # Manages a Event Hubs Consumer Group as a nested resource within an Event Hub.
keys = list(object({
name = string # (Required) Specifies the name of the EventHub Authorization Rule resource. Changing this forces a new resource to be created.
listen = bool # (Optional) Does this Authorization Rule have permissions to Listen to the Event Hub? Defaults to false.
send = bool # (Optional) Does this Authorization Rule have permissions to Send to the Event Hub? Defaults to false.
manage = bool # (Optional) Does this Authorization Rule have permissions to Manage to the Event Hub? When this property is true - both listen and send must be too. Defaults to false.
})) # Manages a Event Hubs authorization Rule within an Event Hub.
})) | `[]` | no |
+| [internal\_private\_dns\_zone\_created](#input\_internal\_private\_dns\_zone\_created) | (Deprecated: create a standalone dns zone) Choose to allow the creation of the dns zone | `bool` | `false` | no |
+| [internal\_private\_dns\_zone\_resource\_group\_name](#input\_internal\_private\_dns\_zone\_resource\_group\_name) | (Deprecated: create a standalone dns zone) Name of the resource group record in the private dns zone | `string` | `null` | no |
+| [location](#input\_location) | n/a | `string` | n/a | yes |
+| [maximum\_throughput\_units](#input\_maximum\_throughput\_units) | Specifies the maximum number of throughput units when Auto Inflate is Enabled | `number` | `null` | no |
+| [metric\_alerts](#input\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
description = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
+| [metric\_alerts\_create](#input\_metric\_alerts\_create) | Create metric alerts | `bool` | `true` | no |
+| [minimum\_tls\_version](#input\_minimum\_tls\_version) | (Optional) The minimum supported TLS version for this EventHub Namespace. Valid values are: 1.0, 1.1 and 1.2. The current default minimum TLS version is 1.2. | `string` | `"1.2"` | no |
+| [name](#input\_name) | Eventhub namespace description. | `string` | n/a | yes |
+| [network\_rulesets](#input\_network\_rulesets) | n/a | list(object({
default_action = string # (Required) The default action to take when a rule is not matched. Possible values are Allow and Deny.
virtual_network_rule = list(object({
subnet_id = string # (Required) The id of the subnet to match on.
ignore_missing_virtual_network_service_endpoint = bool # (Optional) Are missing virtual network service endpoints ignored?
}))
ip_rule = list(object({
ip_mask = string # (Required) The IP mask to match on.
action = string # (Optional) The action to take when the rule is matched. Possible values are Allow. Defaults to Allow.
}))
trusted_service_access_enabled = bool #Whether Trusted Microsoft Services are allowed to bypass firewall.
})) | `[]` | no |
+| [private\_dns\_zone\_record\_A\_name](#input\_private\_dns\_zone\_record\_A\_name) | Name of the A record in the private dns zone | `string` | `"eventhub"` | no |
+| [private\_dns\_zones](#input\_private\_dns\_zones) | Private DNS Zones where the private endpoint will be created | object({
id = list(string)
name = list(string)
resource_group_name = string
}) | {
"id": [],
"name": [],
"resource_group_name": ""
} | no |
+| [private\_endpoint\_created](#input\_private\_endpoint\_created) | Choose to allow the creation of the private endpoint | `bool` | n/a | yes |
+| [private\_endpoint\_resource\_group\_name](#input\_private\_endpoint\_resource\_group\_name) | Name of the resource group where the private endpoint will be created | `string` | `null` | no |
+| [private\_endpoint\_subnet\_id](#input\_private\_endpoint\_subnet\_id) | The id of the subnet that will be used for the private endpoint. | `string` | `null` | no |
+| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | (Optional) Is public network access enabled for the EventHub Namespace? Defaults to true. | `bool` | `false` | no |
+| [resource\_group\_name](#input\_resource\_group\_name) | Resource Group | `string` | n/a | yes |
+| [sku](#input\_sku) | (Required) Defines which tier to use. Valid options are Basic and Standard. | `string` | n/a | yes |
+| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
+| [virtual\_network\_ids](#input\_virtual\_network\_ids) | The IDs of the Virtual Network that should be linked to the DNS Zone. | `list(string)` | n/a | yes |
+| [zone\_redundant](#input\_zone\_redundant) | Specifies if the EventHub Namespace should be Zone Redundant (created across Availability Zones). | `bool` | `true` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [hub\_ids](#output\_hub\_ids) | Map of hubs and their ids. |
+| [key\_ids](#output\_key\_ids) | List of key ids. |
+| [keys](#output\_keys) | Map of hubs with keys => primary\_key / secondary\_key mapping. |
+| [name](#output\_name) | The name of this Event Hub |
+| [namespace\_id](#output\_namespace\_id) | Id of Event Hub Namespace. |
+| [private\_dns\_zone](#output\_private\_dns\_zone) | ID of the private DNS zone which resolves the name of the Private Endpoint used to connect to EventHub |
+
## Requirements
@@ -55,22 +128,22 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | +| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
{
action_group_id = string
webhook_properties = map(string)
}
))
set(object(| `[]` | no | | [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no | | [auto\_inflate\_enabled](#input\_auto\_inflate\_enabled) | Is Auto Inflate enabled for the EventHub Namespace? | `bool` | `false` | no | | [capacity](#input\_capacity) | Specifies the Capacity / Throughput Units for a Standard SKU namespace. | `number` | `null` | no | -| [eventhubs](#input\_eventhubs) | A list of event hubs to add to namespace. |
{
action_group_id = string
webhook_properties = map(string)
}
))
list(object({
name = string # (Required) Specifies the name of the EventHub resource. Changing this forces a new resource to be created.
partitions = number # (Required) Specifies the current number of shards on the Event Hub.
message_retention = number # (Required) Specifies the number of days to retain the events for this Event Hub.
consumers = list(string) # Manages a Event Hubs Consumer Group as a nested resource within an Event Hub.
keys = list(object({
name = string # (Required) Specifies the name of the EventHub Authorization Rule resource. Changing this forces a new resource to be created.
listen = bool # (Optional) Does this Authorization Rule have permissions to Listen to the Event Hub? Defaults to false.
send = bool # (Optional) Does this Authorization Rule have permissions to Send to the Event Hub? Defaults to false.
manage = bool # (Optional) Does this Authorization Rule have permissions to Manage to the Event Hub? When this property is true - both listen and send must be too. Defaults to false.
})) # Manages a Event Hubs authorization Rule within an Event Hub.
})) | `[]` | no |
+| [eventhubs](#input\_eventhubs) | A list of event hubs to add to namespace. | list(object({
name = string # (Required) Specifies the name of the EventHub resource. Changing this forces a new resource to be created.
partitions = number # (Required) Specifies the current number of shards on the Event Hub.
message_retention = number # (Required) Specifies the number of days to retain the events for this Event Hub.
consumers = list(string) # Manages a Event Hubs Consumer Group as a nested resource within an Event Hub.
keys = list(object({
name = string # (Required) Specifies the name of the EventHub Authorization Rule resource. Changing this forces a new resource to be created.
listen = bool # (Optional) Does this Authorization Rule have permissions to Listen to the Event Hub? Defaults to false.
send = bool # (Optional) Does this Authorization Rule have permissions to Send to the Event Hub? Defaults to false.
manage = bool # (Optional) Does this Authorization Rule have permissions to Manage to the Event Hub? When this property is true - both listen and send must be too. Defaults to false.
})) # Manages a Event Hubs authorization Rule within an Event Hub.
})) | `[]` | no |
| [internal\_private\_dns\_zone\_created](#input\_internal\_private\_dns\_zone\_created) | (Deprecated: create a standalone dns zone) Choose to allow the creation of the dns zone | `bool` | `false` | no |
| [internal\_private\_dns\_zone\_resource\_group\_name](#input\_internal\_private\_dns\_zone\_resource\_group\_name) | (Deprecated: create a standalone dns zone) Name of the resource group record in the private dns zone | `string` | `null` | no |
| [location](#input\_location) | n/a | `string` | n/a | yes |
| [maximum\_throughput\_units](#input\_maximum\_throughput\_units) | Specifies the maximum number of throughput units when Auto Inflate is Enabled | `number` | `null` | no |
-| [metric\_alerts](#input\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
description = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
+| [metric\_alerts](#input\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
description = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
| [metric\_alerts\_create](#input\_metric\_alerts\_create) | Create metric alerts | `bool` | `true` | no |
| [minimum\_tls\_version](#input\_minimum\_tls\_version) | (Optional) The minimum supported TLS version for this EventHub Namespace. Valid values are: 1.0, 1.1 and 1.2. The current default minimum TLS version is 1.2. | `string` | `"1.2"` | no |
| [name](#input\_name) | Eventhub namespace description. | `string` | n/a | yes |
-| [network\_rulesets](#input\_network\_rulesets) | n/a | list(object({
default_action = string # (Required) The default action to take when a rule is not matched. Possible values are Allow and Deny.
virtual_network_rule = list(object({
subnet_id = string # (Required) The id of the subnet to match on.
ignore_missing_virtual_network_service_endpoint = bool # (Optional) Are missing virtual network service endpoints ignored?
}))
ip_rule = list(object({
ip_mask = string # (Required) The IP mask to match on.
action = string # (Optional) The action to take when the rule is matched. Possible values are Allow. Defaults to Allow.
}))
trusted_service_access_enabled = bool #Whether Trusted Microsoft Services are allowed to bypass firewall.
})) | `[]` | no |
+| [network\_rulesets](#input\_network\_rulesets) | n/a | list(object({
default_action = string # (Required) The default action to take when a rule is not matched. Possible values are Allow and Deny.
virtual_network_rule = list(object({
subnet_id = string # (Required) The id of the subnet to match on.
ignore_missing_virtual_network_service_endpoint = bool # (Optional) Are missing virtual network service endpoints ignored?
}))
ip_rule = list(object({
ip_mask = string # (Required) The IP mask to match on.
action = string # (Optional) The action to take when the rule is matched. Possible values are Allow. Defaults to Allow.
}))
trusted_service_access_enabled = bool #Whether Trusted Microsoft Services are allowed to bypass firewall.
})) | `[]` | no |
| [private\_dns\_zone\_record\_A\_name](#input\_private\_dns\_zone\_record\_A\_name) | Name of the A record in the private dns zone | `string` | `"eventhub"` | no |
-| [private\_dns\_zones](#input\_private\_dns\_zones) | Private DNS Zones where the private endpoint will be created | object({
id = list(string)
name = list(string)
resource_group_name = string
}) | {
"id": [],
"name": [],
"resource_group_name": ""
} | no |
+| [private\_dns\_zones](#input\_private\_dns\_zones) | Private DNS Zones where the private endpoint will be created | object({
id = list(string)
name = list(string)
resource_group_name = string
}) | {
"id": [],
"name": [],
"resource_group_name": ""
} | no |
| [private\_endpoint\_created](#input\_private\_endpoint\_created) | Choose to allow the creation of the private endpoint | `bool` | n/a | yes |
| [private\_endpoint\_resource\_group\_name](#input\_private\_endpoint\_resource\_group\_name) | Name of the resource group where the private endpoint will be created | `string` | `null` | no |
| [private\_endpoint\_subnet\_id](#input\_private\_endpoint\_subnet\_id) | The id of the subnet that will be used for the private endpoint. | `string` | `null` | no |
diff --git a/eventhub/tests/README.md b/eventhub/tests/README.md
index b2c32357..236b51c3 100644
--- a/eventhub/tests/README.md
+++ b/eventhub/tests/README.md
@@ -11,3 +11,46 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.97.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [event\_hub\_complete](#module\_event\_hub\_complete) | ../../eventhub | n/a |
+| [event\_hub\_core\_network](#module\_event\_hub\_core\_network) | ../../eventhub | n/a |
+| [event\_hub\_core\_only](#module\_event\_hub\_core\_only) | ../../eventhub | n/a |
+| [eventhub\_snet](#module\_eventhub\_snet) | ../../subnet | n/a |
+| [private\_endpoint\_snet](#module\_private\_endpoint\_snet) | ../../subnet | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_private_dns_zone.external_zone](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_resource_group.eventhub_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_resource_group.rg_eventhub](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_resource_group.vnet_eventhub_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_virtual_network.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"italynorth"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [tags](#input\_tags) | Azurerm test tags | `map(string)` | {
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [resource\_group\_name](#output\_resource\_group\_name) | n/a |
+
diff --git a/eventhub_configuration/README.md b/eventhub_configuration/README.md
index 82ce0656..ce612599 100644
--- a/eventhub_configuration/README.md
+++ b/eventhub_configuration/README.md
@@ -7,6 +7,48 @@ This module allow the creation of a EventHub
See `tests` folder for example and how to use it
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.30 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.30 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_eventhub.events](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/eventhub) | resource |
+| [azurerm_eventhub_authorization_rule.events](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/eventhub_authorization_rule) | resource |
+| [azurerm_eventhub_consumer_group.events](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/eventhub_consumer_group) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [event\_hub\_namespace\_name](#input\_event\_hub\_namespace\_name) | EventHub namespace name | `string` | n/a | yes |
+| [event\_hub\_namespace\_resource\_group\_name](#input\_event\_hub\_namespace\_resource\_group\_name) | EventHub namespace resource group name | `string` | n/a | yes |
+| [eventhubs](#input\_eventhubs) | A list of event hubs to add to namespace. | list(object({
name = string # (Required) Specifies the name of the EventHub resource. Changing this forces a new resource to be created.
partitions = number # (Required) Specifies the current number of shards on the Event Hub.
message_retention = number # (Required) Specifies the number of days to retain the events for this Event Hub.
consumers = list(string) # Manages a Event Hubs Consumer Group as a nested resource within an Event Hub.
keys = list(object({
name = string # (Required) Specifies the name of the EventHub Authorization Rule resource. Changing this forces a new resource to be created.
listen = bool # (Optional) Does this Authorization Rule have permissions to Listen to the Event Hub? Defaults to false.
send = bool # (Optional) Does this Authorization Rule have permissions to Send to the Event Hub? Defaults to false.
manage = bool # (Optional) Does this Authorization Rule have permissions to Manage to the Event Hub? When this property is true - both listen and send must be too. Defaults to false.
})) # Manages a Event Hubs authorization Rule within an Event Hub.
})) | `[]` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [hub\_ids](#output\_hub\_ids) | Map of hubs and their ids. |
+| [key\_ids](#output\_key\_ids) | List of key ids. |
+| [keys](#output\_keys) | Map of hubs with keys => primary\_key / secondary\_key mapping. |
+
## Requirements
@@ -33,7 +75,7 @@ No modules.
|------|-------------|------|---------|:--------:|
| [event\_hub\_namespace\_name](#input\_event\_hub\_namespace\_name) | EventHub namespace name | `string` | n/a | yes |
| [event\_hub\_namespace\_resource\_group\_name](#input\_event\_hub\_namespace\_resource\_group\_name) | EventHub namespace resource group name | `string` | n/a | yes |
-| [eventhubs](#input\_eventhubs) | A list of event hubs to add to namespace. | list(object({
name = string # (Required) Specifies the name of the EventHub resource. Changing this forces a new resource to be created.
partitions = number # (Required) Specifies the current number of shards on the Event Hub.
message_retention = number # (Required) Specifies the number of days to retain the events for this Event Hub.
consumers = list(string) # Manages a Event Hubs Consumer Group as a nested resource within an Event Hub.
keys = list(object({
name = string # (Required) Specifies the name of the EventHub Authorization Rule resource. Changing this forces a new resource to be created.
listen = bool # (Optional) Does this Authorization Rule have permissions to Listen to the Event Hub? Defaults to false.
send = bool # (Optional) Does this Authorization Rule have permissions to Send to the Event Hub? Defaults to false.
manage = bool # (Optional) Does this Authorization Rule have permissions to Manage to the Event Hub? When this property is true - both listen and send must be too. Defaults to false.
})) # Manages a Event Hubs authorization Rule within an Event Hub.
})) | `[]` | no |
+| [eventhubs](#input\_eventhubs) | A list of event hubs to add to namespace. | list(object({
name = string # (Required) Specifies the name of the EventHub resource. Changing this forces a new resource to be created.
partitions = number # (Required) Specifies the current number of shards on the Event Hub.
message_retention = number # (Required) Specifies the number of days to retain the events for this Event Hub.
consumers = list(string) # Manages a Event Hubs Consumer Group as a nested resource within an Event Hub.
keys = list(object({
name = string # (Required) Specifies the name of the EventHub Authorization Rule resource. Changing this forces a new resource to be created.
listen = bool # (Optional) Does this Authorization Rule have permissions to Listen to the Event Hub? Defaults to false.
send = bool # (Optional) Does this Authorization Rule have permissions to Send to the Event Hub? Defaults to false.
manage = bool # (Optional) Does this Authorization Rule have permissions to Manage to the Event Hub? When this property is true - both listen and send must be too. Defaults to false.
})) # Manages a Event Hubs authorization Rule within an Event Hub.
})) | `[]` | no |
## Outputs
diff --git a/eventhub_configuration/tests/README.md b/eventhub_configuration/tests/README.md
index b2c32357..a8af2df8 100644
--- a/eventhub_configuration/tests/README.md
+++ b/eventhub_configuration/tests/README.md
@@ -11,3 +11,47 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.71.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [event\_hub\_core\_network](#module\_event\_hub\_core\_network) | ../../eventhub | n/a |
+| [event\_hub\_core\_network\_configuration](#module\_event\_hub\_core\_network\_configuration) | ../../eventhub_configuration | n/a |
+| [event\_hub\_core\_only](#module\_event\_hub\_core\_only) | ../../eventhub | n/a |
+| [event\_hub\_core\_only\_configuration](#module\_event\_hub\_core\_only\_configuration) | ../../eventhub_configuration | n/a |
+| [eventhub\_snet](#module\_eventhub\_snet) | ../../subnet | n/a |
+| [private\_endpoint\_snet](#module\_private\_endpoint\_snet) | ../../subnet | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_private_dns_zone.external_zone](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_resource_group.eventhub_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_resource_group.rg_eventhub](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_resource_group.vnet_eventhub_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_virtual_network.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"westeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [tags](#input\_tags) | Azurerm test tags | `map(string)` | {
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [resource\_group\_name](#output\_resource\_group\_name) | n/a |
+
diff --git a/function_app/README.md b/function_app/README.md
index b1fd1e34..20ecdcea 100644
--- a/function_app/README.md
+++ b/function_app/README.md
@@ -205,6 +205,116 @@ Output for resource `azurerm_function_app_host_keys` changed
See [Generic resource migration](../.docs/MIGRATION_GUIDE_GENERIC_RESOURCES.md)
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.95 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [azurerm](#provider\_azurerm) | ~>3.95 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [storage\_account](#module\_storage\_account) | github.com/pagopa/terraform-azurerm-v3.git//storage_account | v8.16.0 |
+| [storage\_account\_durable\_function](#module\_storage\_account\_durable\_function) | github.com/pagopa/terraform-azurerm-v3.git//storage_account | v8.16.0 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_app_service_virtual_network_swift_connection.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service_virtual_network_swift_connection) | resource |
+| [azurerm_linux_function_app.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_function_app) | resource |
+| [azurerm_monitor_metric_alert.function_app_health_check](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_metric_alert) | resource |
+| [azurerm_private_endpoint.blob](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+| [azurerm_private_endpoint.queue](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+| [azurerm_private_endpoint.table](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
+| [azurerm_service_plan.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/service_plan) | resource |
+| [azurerm_storage_container.internal_container](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container) | resource |
+| [azurerm_storage_management_policy.internal_deleteafterdays](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_management_policy) | resource |
+| [azurerm_storage_queue.internal_queue](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_queue) | resource |
+| [azurerm_function_app_host_keys.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/function_app_host_keys) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | +| [allowed\_ips](#input\_allowed\_ips) | The IP Address used for this IP Restriction in CIDR notation | `list(string)` | `[]` | no | +| [allowed\_service\_tags](#input\_allowed\_service\_tags) | (Optional) List of service tags allowed to call the function app endpoint. | `list(string)` | `[]` | no | +| [allowed\_subnets](#input\_allowed\_subnets) | List of subnet ids, The Virtual Network Subnet ID used for this IP Restriction. | `list(string)` | `[]` | no | +| [always\_on](#input\_always\_on) | (Optional) Should the app be loaded at all times? Defaults to null. | `bool` | `null` | no | +| [app\_service\_logs](#input\_app\_service\_logs) | disk\_quota\_mb - (Optional) The amount of disk space to use for logs. Valid values are between 25 and 100. Defaults to 35. retention\_period\_days - (Optional) The retention period for logs in days. Valid values are between 0 and 99999.(never delete). |
{
action_group_id = string
webhook_properties = map(string)
}
))
object({
disk_quota_mb = number
retention_period_days = number
}) | `null` | no |
+| [app\_service\_plan\_id](#input\_app\_service\_plan\_id) | The external app service plan id to associate to the function. If null a new plan is created, use app\_service\_plan\_info to configure it. | `string` | `null` | no |
+| [app\_service\_plan\_info](#input\_app\_service\_plan\_info) | Allows to configurate the internal service plan | object({
kind = string # The kind of the App Service Plan to create. Possible values are Windows (also available as App), Linux, elastic (for Premium Consumption) and FunctionApp (for a Consumption Plan).
sku_size = string # Specifies the plan's instance size.
maximum_elastic_worker_count = number # The maximum number of total workers allowed for this ElasticScaleEnabled App Service Plan.
worker_count = number # The number of Workers (instances) to be allocated.
zone_balancing_enabled = bool # Should the Service Plan balance across Availability Zones in the region. Changing this forces a new resource to be created.
}) | {
"kind": "Linux",
"maximum_elastic_worker_count": 0,
"sku_size": "P1v3",
"worker_count": 0,
"zone_balancing_enabled": false
} | no |
+| [app\_service\_plan\_name](#input\_app\_service\_plan\_name) | Name of the app service plan. If null it will be 'computed' | `string` | `null` | no |
+| [app\_settings](#input\_app\_settings) | (Optional) A map of key-value pairs for App Settings and custom values. | `map(any)` | `{}` | no |
+| [application\_insights\_instrumentation\_key](#input\_application\_insights\_instrumentation\_key) | Application insights instrumentation key | `string` | n/a | yes |
+| [client\_certificate\_enabled](#input\_client\_certificate\_enabled) | Should the function app use Client Certificates | `bool` | `false` | no |
+| [client\_certificate\_mode](#input\_client\_certificate\_mode) | (Optional) The mode of the Function App's client certificates requirement for incoming requests. Possible values are Required, Optional, and OptionalInteractiveUser. | `string` | `"Optional"` | no |
+| [cors](#input\_cors) | n/a | object({
allowed_origins = list(string) # A list of origins which should be able to make cross-origin calls. * can be used to allow all calls.
}) | `null` | no |
+| [docker](#input\_docker) | ##################### Framework choice ##################### | `any` | `{}` | no |
+| [domain](#input\_domain) | Specifies the domain of the Function App. | `string` | `null` | no |
+| [dotnet\_version](#input\_dotnet\_version) | n/a | `string` | `null` | no |
+| [enable\_function\_app\_public\_network\_access](#input\_enable\_function\_app\_public\_network\_access) | (Optional) Should public network access be enabled for the Function App. Defaults to true. | `bool` | `true` | no |
+| [enable\_healthcheck](#input\_enable\_healthcheck) | Enable the healthcheck alert. Default is true | `bool` | `true` | no |
+| [export\_keys](#input\_export\_keys) | n/a | `bool` | `false` | no |
+| [health\_check\_maxpingfailures](#input\_health\_check\_maxpingfailures) | Max ping failures allowed | `number` | `10` | no |
+| [health\_check\_path](#input\_health\_check\_path) | Path which will be checked for this function app health. | `string` | `null` | no |
+| [healthcheck\_threshold](#input\_healthcheck\_threshold) | The healthcheck threshold. If metric average is under this value, the alert will be triggered. Default is 50 | `number` | `50` | no |
+| [https\_only](#input\_https\_only) | (Required) Can the Function App only be accessed via HTTPS?. Defaults true | `bool` | `true` | no |
+| [internal\_storage](#input\_internal\_storage) | n/a | object({
enable = bool
private_endpoint_subnet_id = string
private_dns_zone_blob_ids = list(string)
private_dns_zone_queue_ids = list(string)
private_dns_zone_table_ids = list(string)
queues = list(string) # Queues names
containers = list(string) # Containers names
blobs_retention_days = number
}) | {
"blobs_retention_days": 1,
"containers": [],
"enable": false,
"private_dns_zone_blob_ids": [],
"private_dns_zone_queue_ids": [],
"private_dns_zone_table_ids": [],
"private_endpoint_subnet_id": "dummy",
"queues": []
} | no |
+| [internal\_storage\_account\_info](#input\_internal\_storage\_account\_info) | n/a | object({
account_kind = string # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = string # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = string # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = string # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
advanced_threat_protection_enable = bool
use_legacy_defender_version = bool
public_network_access_enabled = bool
}) | `null` | no |
+| [ip\_restriction\_default\_action](#input\_ip\_restriction\_default\_action) | (Optional) The Default action for traffic that does not match any ip\_restriction rule. possible values include 'Allow' and 'Deny'. If not set, it will be set to Allow if no ip restriction rules have been configured. | `string` | `null` | no |
+| [java\_version](#input\_java\_version) | n/a | `string` | `null` | no |
+| [location](#input\_location) | n/a | `string` | n/a | yes |
+| [name](#input\_name) | (Required) Specifies the name of the Function App. Changing this forces a new resource to be created. | `string` | n/a | yes |
+| [node\_version](#input\_node\_version) | n/a | `string` | `null` | no |
+| [powershell\_core\_version](#input\_powershell\_core\_version) | n/a | `string` | `null` | no |
+| [pre\_warmed\_instance\_count](#input\_pre\_warmed\_instance\_count) | The number of pre-warmed instances for this function app. Only affects apps on the Premium plan. | `number` | `1` | no |
+| [python\_version](#input\_python\_version) | n/a | `string` | `null` | no |
+| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
+| [runtime\_version](#input\_runtime\_version) | The runtime version associated with the Function App. Version ~3 is required for Linux Function Apps. | `string` | `"~3"` | no |
+| [sticky\_app\_setting\_names](#input\_sticky\_app\_setting\_names) | (Optional) A list of app\_setting names that the Linux Function App will not swap between Slots when a swap operation is triggered | `list(string)` | `[]` | no |
+| [sticky\_connection\_string\_names](#input\_sticky\_connection\_string\_names) | (Optional) A list of connection string names that the Linux Function App will not swap between Slots when a swap operation is triggered | `list(string)` | `null` | no |
+| [storage\_account\_durable\_name](#input\_storage\_account\_durable\_name) | Storage account name only used by the durable function. If null it will be 'computed' | `string` | `null` | no |
+| [storage\_account\_info](#input\_storage\_account\_info) | n/a | object({
account_kind = string # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = string # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = string # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = string # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
advanced_threat_protection_enable = bool
use_legacy_defender_version = bool
public_network_access_enabled = bool
}) | {
"access_tier": "Hot",
"account_kind": "StorageV2",
"account_replication_type": "ZRS",
"account_tier": "Standard",
"advanced_threat_protection_enable": true,
"public_network_access_enabled": false,
"use_legacy_defender_version": true
} | no |
+| [storage\_account\_name](#input\_storage\_account\_name) | Storage account name. If null it will be 'computed' | `string` | `null` | no |
+| [subnet\_id](#input\_subnet\_id) | The ID of the subnet the app service will be associated to (the subnet must have a service\_delegation configured for Microsoft.Web/serverFarms) | `string` | n/a | yes |
+| [system\_identity\_enabled](#input\_system\_identity\_enabled) | Enable the System Identity and create relative Service Principal. | `bool` | `false` | no |
+| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
+| [use\_32\_bit\_worker\_process](#input\_use\_32\_bit\_worker\_process) | (Optional) Should the Function App run in 32 bit mode, rather than 64 bit mode? Defaults to false. | `bool` | `false` | no |
+| [use\_custom\_runtime](#input\_use\_custom\_runtime) | n/a | `string` | `null` | no |
+| [use\_dotnet\_isolated\_runtime](#input\_use\_dotnet\_isolated\_runtime) | n/a | `string` | `null` | no |
+| [vnet\_integration](#input\_vnet\_integration) | (optional) Enable vnet integration. Wheter it's true the subnet\_id should not be null. | `bool` | `true` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [app\_service\_plan\_id](#output\_app\_service\_plan\_id) | n/a |
+| [app\_service\_plan\_name](#output\_app\_service\_plan\_name) | n/a |
+| [default\_hostname](#output\_default\_hostname) | n/a |
+| [default\_key](#output\_default\_key) | n/a |
+| [id](#output\_id) | n/a |
+| [master\_key](#output\_master\_key) | n/a |
+| [name](#output\_name) | n/a |
+| [possible\_outbound\_ip\_addresses](#output\_possible\_outbound\_ip\_addresses) | n/a |
+| [primary\_key](#output\_primary\_key) | n/a |
+| [resource\_group\_name](#output\_resource\_group\_name) | n/a |
+| [storage\_account](#output\_storage\_account) | n/a |
+| [storage\_account\_internal\_function](#output\_storage\_account\_internal\_function) | Storage account used by the function for internal operations. |
+| [storage\_account\_internal\_function\_name](#output\_storage\_account\_internal\_function\_name) | Storage account used by the function for internal operations. |
+| [storage\_account\_name](#output\_storage\_account\_name) | n/a |
+| [system\_identity\_principal](#output\_system\_identity\_principal) | Service Principal of the System Identity generated by Azure. |
+
## Requirements
@@ -240,20 +350,20 @@ See [Generic resource migration](../.docs/MIGRATION_GUIDE_GENERIC_RESOURCES.md)
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | +| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
{
action_group_id = string
webhook_properties = map(string)
}
))
set(object(| `[]` | no | | [allowed\_ips](#input\_allowed\_ips) | The IP Address used for this IP Restriction in CIDR notation | `list(string)` | `[]` | no | | [allowed\_service\_tags](#input\_allowed\_service\_tags) | (Optional) List of service tags allowed to call the function app endpoint. | `list(string)` | `[]` | no | | [allowed\_subnets](#input\_allowed\_subnets) | List of subnet ids, The Virtual Network Subnet ID used for this IP Restriction. | `list(string)` | `[]` | no | | [always\_on](#input\_always\_on) | (Optional) Should the app be loaded at all times? Defaults to null. | `bool` | `null` | no | -| [app\_service\_logs](#input\_app\_service\_logs) | disk\_quota\_mb - (Optional) The amount of disk space to use for logs. Valid values are between 25 and 100. Defaults to 35. retention\_period\_days - (Optional) The retention period for logs in days. Valid values are between 0 and 99999.(never delete). |
{
action_group_id = string
webhook_properties = map(string)
}
))
object({
disk_quota_mb = number
retention_period_days = number
}) | `null` | no |
+| [app\_service\_logs](#input\_app\_service\_logs) | disk\_quota\_mb - (Optional) The amount of disk space to use for logs. Valid values are between 25 and 100. Defaults to 35. retention\_period\_days - (Optional) The retention period for logs in days. Valid values are between 0 and 99999.(never delete). | object({
disk_quota_mb = number
retention_period_days = number
}) | `null` | no |
| [app\_service\_plan\_id](#input\_app\_service\_plan\_id) | The external app service plan id to associate to the function. If null a new plan is created, use app\_service\_plan\_info to configure it. | `string` | `null` | no |
-| [app\_service\_plan\_info](#input\_app\_service\_plan\_info) | Allows to configurate the internal service plan | object({
kind = string # The kind of the App Service Plan to create. Possible values are Windows (also available as App), Linux, elastic (for Premium Consumption) and FunctionApp (for a Consumption Plan).
sku_size = string # Specifies the plan's instance size.
maximum_elastic_worker_count = number # The maximum number of total workers allowed for this ElasticScaleEnabled App Service Plan.
worker_count = number # The number of Workers (instances) to be allocated.
zone_balancing_enabled = bool # Should the Service Plan balance across Availability Zones in the region. Changing this forces a new resource to be created.
}) | {
"kind": "Linux",
"maximum_elastic_worker_count": 0,
"sku_size": "P1v3",
"worker_count": 0,
"zone_balancing_enabled": false
} | no |
+| [app\_service\_plan\_info](#input\_app\_service\_plan\_info) | Allows to configurate the internal service plan | object({
kind = string # The kind of the App Service Plan to create. Possible values are Windows (also available as App), Linux, elastic (for Premium Consumption) and FunctionApp (for a Consumption Plan).
sku_size = string # Specifies the plan's instance size.
maximum_elastic_worker_count = number # The maximum number of total workers allowed for this ElasticScaleEnabled App Service Plan.
worker_count = number # The number of Workers (instances) to be allocated.
zone_balancing_enabled = bool # Should the Service Plan balance across Availability Zones in the region. Changing this forces a new resource to be created.
}) | {
"kind": "Linux",
"maximum_elastic_worker_count": 0,
"sku_size": "P1v3",
"worker_count": 0,
"zone_balancing_enabled": false
} | no |
| [app\_service\_plan\_name](#input\_app\_service\_plan\_name) | Name of the app service plan. If null it will be 'computed' | `string` | `null` | no |
| [app\_settings](#input\_app\_settings) | (Optional) A map of key-value pairs for App Settings and custom values. | `map(any)` | `{}` | no |
| [application\_insights\_instrumentation\_key](#input\_application\_insights\_instrumentation\_key) | Application insights instrumentation key | `string` | n/a | yes |
| [client\_certificate\_enabled](#input\_client\_certificate\_enabled) | Should the function app use Client Certificates | `bool` | `false` | no |
| [client\_certificate\_mode](#input\_client\_certificate\_mode) | (Optional) The mode of the Function App's client certificates requirement for incoming requests. Possible values are Required, Optional, and OptionalInteractiveUser. | `string` | `"Optional"` | no |
-| [cors](#input\_cors) | n/a | object({
allowed_origins = list(string) # A list of origins which should be able to make cross-origin calls. * can be used to allow all calls.
}) | `null` | no |
+| [cors](#input\_cors) | n/a | object({
allowed_origins = list(string) # A list of origins which should be able to make cross-origin calls. * can be used to allow all calls.
}) | `null` | no |
| [docker](#input\_docker) | ##################### Framework choice ##################### | `any` | `{}` | no |
| [domain](#input\_domain) | Specifies the domain of the Function App. | `string` | `null` | no |
| [dotnet\_version](#input\_dotnet\_version) | n/a | `string` | `null` | no |
@@ -264,8 +374,8 @@ See [Generic resource migration](../.docs/MIGRATION_GUIDE_GENERIC_RESOURCES.md)
| [health\_check\_path](#input\_health\_check\_path) | Path which will be checked for this function app health. | `string` | `null` | no |
| [healthcheck\_threshold](#input\_healthcheck\_threshold) | The healthcheck threshold. If metric average is under this value, the alert will be triggered. Default is 50 | `number` | `50` | no |
| [https\_only](#input\_https\_only) | (Required) Can the Function App only be accessed via HTTPS?. Defaults true | `bool` | `true` | no |
-| [internal\_storage](#input\_internal\_storage) | n/a | object({
enable = bool
private_endpoint_subnet_id = string
private_dns_zone_blob_ids = list(string)
private_dns_zone_queue_ids = list(string)
private_dns_zone_table_ids = list(string)
queues = list(string) # Queues names
containers = list(string) # Containers names
blobs_retention_days = number
}) | {
"blobs_retention_days": 1,
"containers": [],
"enable": false,
"private_dns_zone_blob_ids": [],
"private_dns_zone_queue_ids": [],
"private_dns_zone_table_ids": [],
"private_endpoint_subnet_id": "dummy",
"queues": []
} | no |
-| [internal\_storage\_account\_info](#input\_internal\_storage\_account\_info) | n/a | object({
account_kind = string # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = string # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = string # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = string # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
advanced_threat_protection_enable = bool
use_legacy_defender_version = bool
public_network_access_enabled = bool
}) | `null` | no |
+| [internal\_storage](#input\_internal\_storage) | n/a | object({
enable = bool
private_endpoint_subnet_id = string
private_dns_zone_blob_ids = list(string)
private_dns_zone_queue_ids = list(string)
private_dns_zone_table_ids = list(string)
queues = list(string) # Queues names
containers = list(string) # Containers names
blobs_retention_days = number
}) | {
"blobs_retention_days": 1,
"containers": [],
"enable": false,
"private_dns_zone_blob_ids": [],
"private_dns_zone_queue_ids": [],
"private_dns_zone_table_ids": [],
"private_endpoint_subnet_id": "dummy",
"queues": []
} | no |
+| [internal\_storage\_account\_info](#input\_internal\_storage\_account\_info) | n/a | object({
account_kind = string # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = string # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = string # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = string # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
advanced_threat_protection_enable = bool
use_legacy_defender_version = bool
public_network_access_enabled = bool
}) | `null` | no |
| [ip\_restriction\_default\_action](#input\_ip\_restriction\_default\_action) | (Optional) The Default action for traffic that does not match any ip\_restriction rule. possible values include 'Allow' and 'Deny'. If not set, it will be set to Allow if no ip restriction rules have been configured. | `string` | `null` | no |
| [java\_version](#input\_java\_version) | n/a | `string` | `null` | no |
| [location](#input\_location) | n/a | `string` | n/a | yes |
@@ -279,7 +389,7 @@ See [Generic resource migration](../.docs/MIGRATION_GUIDE_GENERIC_RESOURCES.md)
| [sticky\_app\_setting\_names](#input\_sticky\_app\_setting\_names) | (Optional) A list of app\_setting names that the Linux Function App will not swap between Slots when a swap operation is triggered | `list(string)` | `[]` | no |
| [sticky\_connection\_string\_names](#input\_sticky\_connection\_string\_names) | (Optional) A list of connection string names that the Linux Function App will not swap between Slots when a swap operation is triggered | `list(string)` | `null` | no |
| [storage\_account\_durable\_name](#input\_storage\_account\_durable\_name) | Storage account name only used by the durable function. If null it will be 'computed' | `string` | `null` | no |
-| [storage\_account\_info](#input\_storage\_account\_info) | n/a | object({
account_kind = string # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = string # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = string # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = string # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
advanced_threat_protection_enable = bool
use_legacy_defender_version = bool
public_network_access_enabled = bool
}) | {
"access_tier": "Hot",
"account_kind": "StorageV2",
"account_replication_type": "ZRS",
"account_tier": "Standard",
"advanced_threat_protection_enable": true,
"public_network_access_enabled": false,
"use_legacy_defender_version": true
} | no |
+| [storage\_account\_info](#input\_storage\_account\_info) | n/a | object({
account_kind = string # Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. Defaults to Storage.
account_tier = string # Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid.
account_replication_type = string # Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS.
access_tier = string # Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot.
advanced_threat_protection_enable = bool
use_legacy_defender_version = bool
public_network_access_enabled = bool
}) | {
"access_tier": "Hot",
"account_kind": "StorageV2",
"account_replication_type": "ZRS",
"account_tier": "Standard",
"advanced_threat_protection_enable": true,
"public_network_access_enabled": false,
"use_legacy_defender_version": true
} | no |
| [storage\_account\_name](#input\_storage\_account\_name) | Storage account name. If null it will be 'computed' | `string` | `null` | no |
| [subnet\_id](#input\_subnet\_id) | The ID of the subnet the app service will be associated to (the subnet must have a service\_delegation configured for Microsoft.Web/serverFarms) | `string` | n/a | yes |
| [system\_identity\_enabled](#input\_system\_identity\_enabled) | Enable the System Identity and create relative Service Principal. | `bool` | `false` | no |
diff --git a/function_app/tests/README.md b/function_app/tests/README.md
index 7cab078e..836a78cc 100644
--- a/function_app/tests/README.md
+++ b/function_app/tests/README.md
@@ -10,3 +10,43 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.76.0, <= 3.100.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [function\_app](#module\_function\_app) | ../../function_app | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_application_insights.ai](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_insights) | resource |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.function_app_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [function\_app\_subnet\_cidr](#input\_function\_app\_subnet\_cidr) | n/a | `list(string)` | [| no | +| [location](#input\_location) | Resorce location | `string` | `"northeurope"` | no | +| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no | +| [tags](#input\_tags) | Azurerm test tags | `map(string)` |
"10.0.1.0/26"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/function_app_slot/README.md b/function_app_slot/README.md index 8050575d..5d2bb5d4 100644 --- a/function_app_slot/README.md +++ b/function_app_slot/README.md @@ -29,4 +29,81 @@ Output for resource `azurerm_function_app_host_keys` changed See [Generic resorce migration](../docs/MIGRATION_GUIDE_GENERIC_RESOURCES.md) + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | ~>3.95 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azurerm_app_service_slot_virtual_network_swift_connection.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service_slot_virtual_network_swift_connection) | resource | +| [azurerm_linux_function_app_slot.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_function_app_slot) | resource | +| [azurerm_function_app_host_keys.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/function_app_host_keys) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [allowed\_ips](#input\_allowed\_ips) | Ip from wich is allowed to call the function. An empty list means from everywhere. | `list(string)` | `[]` | no | +| [allowed\_service\_tags](#input\_allowed\_service\_tags) | (Optional) List of service tags allowed to call the function app endpoint. | `list(string)` | `[]` | no | +| [allowed\_subnets](#input\_allowed\_subnets) | List of subnet ids which are allowed to call the function. An empty list means from each subnet. | `list(string)` | `[]` | no | +| [always\_on](#input\_always\_on) | (Optional) Should the app be loaded at all times? Defaults to null. | `bool` | `null` | no | +| [app\_service\_plan\_id](#input\_app\_service\_plan\_id) | The app service plan id to associate to the function. | `string` | `null` | no | +| [app\_settings](#input\_app\_settings) | n/a | `map(any)` | `{}` | no | +| [application\_insights\_instrumentation\_key](#input\_application\_insights\_instrumentation\_key) | n/a | `string` | n/a | yes | +| [auto\_swap\_slot\_name](#input\_auto\_swap\_slot\_name) | The name of the slot to automatically swap to during deployment | `string` | `null` | no | +| [client\_certificate\_enabled](#input\_client\_certificate\_enabled) | Should the function app use Client Certificates | `bool` | `false` | no | +| [cors](#input\_cors) | n/a |
"10.0.0.0/16"
]
object({
allowed_origins = list(string)
}) | `null` | no |
+| [docker](#input\_docker) | ##################### Framework choice ##################### | `any` | `{}` | no |
+| [dotnet\_version](#input\_dotnet\_version) | n/a | `string` | `null` | no |
+| [enable\_function\_app\_public\_network\_access](#input\_enable\_function\_app\_public\_network\_access) | (Optional) Should public network access be enabled for the Function App. Defaults to true. | `bool` | `true` | no |
+| [export\_keys](#input\_export\_keys) | n/a | `bool` | `false` | no |
+| [function\_app\_id](#input\_function\_app\_id) | Id of the function app. (The production slot) | `string` | n/a | yes |
+| [health\_check\_maxpingfailures](#input\_health\_check\_maxpingfailures) | Max ping failures allowed | `number` | `10` | no |
+| [health\_check\_path](#input\_health\_check\_path) | Path which will be checked for this function app health. | `string` | `null` | no |
+| [https\_only](#input\_https\_only) | (Required) n the Function App only be accessed via HTTPS? Defaults to true. | `bool` | `true` | no |
+| [internal\_storage\_connection\_string](#input\_internal\_storage\_connection\_string) | Storage account connection string for durable functions. Null in case of standard function | `string` | `null` | no |
+| [ip\_restriction\_default\_action](#input\_ip\_restriction\_default\_action) | (Optional) The Default action for traffic that does not match any ip\_restriction rule. possible values include 'Allow' and 'Deny'. If not set, it will be set to Allow if no ip restriction rules have been configured. | `string` | `null` | no |
+| [java\_version](#input\_java\_version) | n/a | `string` | `null` | no |
+| [location](#input\_location) | n/a | `string` | n/a | yes |
+| [name](#input\_name) | n/a | `string` | n/a | yes |
+| [node\_version](#input\_node\_version) | n/a | `string` | `null` | no |
+| [os\_type](#input\_os\_type) | (Optional) A string indicating the Operating System type for this function app. This value will be linux for Linux derivatives, or an empty string for Windows (default). When set to linux you must also set azurerm\_app\_service\_plan arguments as kind = Linux and reserved = true | `string` | `null` | no |
+| [powershell\_core\_version](#input\_powershell\_core\_version) | n/a | `string` | `null` | no |
+| [pre\_warmed\_instance\_count](#input\_pre\_warmed\_instance\_count) | n/a | `number` | `1` | no |
+| [python\_version](#input\_python\_version) | n/a | `string` | `null` | no |
+| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
+| [runtime\_version](#input\_runtime\_version) | n/a | `string` | `"~4"` | no |
+| [storage\_account\_access\_key](#input\_storage\_account\_access\_key) | Access key of the sorege account used by the function. | `string` | `null` | no |
+| [storage\_account\_name](#input\_storage\_account\_name) | Storage account in use by the function. | `string` | `null` | no |
+| [subnet\_id](#input\_subnet\_id) | The ID of the subnet the app service will be associated to (the subnet must have a service\_delegation configured for Microsoft.Web/serverFarms) | `string` | n/a | yes |
+| [system\_identity\_enabled](#input\_system\_identity\_enabled) | Enable the System Identity and create relative Service Principal. | `bool` | `false` | no |
+| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
+| [use\_32\_bit\_worker\_process](#input\_use\_32\_bit\_worker\_process) | (Optional) Should the Function App run in 32 bit mode, rather than 64 bit mode? Defaults to false. | `bool` | `false` | no |
+| [use\_custom\_runtime](#input\_use\_custom\_runtime) | n/a | `string` | `null` | no |
+| [use\_dotnet\_isolated\_runtime](#input\_use\_dotnet\_isolated\_runtime) | n/a | `string` | `null` | no |
+| [vnet\_integration](#input\_vnet\_integration) | (optional) Enable vnet integration. Wheter it's true the subnet\_id should not be null. | `bool` | `true` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [default\_hostname](#output\_default\_hostname) | n/a |
+| [default\_key](#output\_default\_key) | n/a |
+| [id](#output\_id) | n/a |
+| [master\_key](#output\_master\_key) | n/a |
+| [name](#output\_name) | n/a |
+| [possible\_outbound\_ip\_addresses](#output\_possible\_outbound\_ip\_addresses) | n/a |
+| [primary\_key](#output\_primary\_key) | n/a |
+| [system\_identity\_principal](#output\_system\_identity\_principal) | Service Principal of the System Identity generated by Azure. |
+
diff --git a/function_app_slot/tests/README.md b/function_app_slot/tests/README.md
index 7cab078e..259c3906 100644
--- a/function_app_slot/tests/README.md
+++ b/function_app_slot/tests/README.md
@@ -10,3 +10,44 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.95.0, <= 3.100.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [function\_app](#module\_function\_app) | ../../function_app | n/a |
+| [function\_app\_slot](#module\_function\_app\_slot) | ../../function_app_slot | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_application_insights.ai](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_insights) | resource |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.function_app_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [function\_app\_subnet\_cidr](#input\_function\_app\_subnet\_cidr) | n/a | `list(string)` | [| no | +| [location](#input\_location) | Resorce location | `string` | `"westeurope"` | no | +| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no | +| [tags](#input\_tags) | Azurerm test tags | `map(string)` |
"10.0.1.0/26"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/github_federated_identity/README.md b/github_federated_identity/README.md index 0d7f7f01..73faa655 100644 --- a/github_federated_identity/README.md +++ b/github_federated_identity/README.md @@ -86,11 +86,11 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [app\_name](#input\_app\_name) | Application name | `string` | `""` | no | -| [cd\_rbac\_roles](#input\_cd\_rbac\_roles) | Set of CD identity roles for the current subscription and the specified resource groups |
"10.0.0.0/16"
]
object({
subscription_roles = set(string)
resource_groups = map(list(string))
}) | {
"resource_groups": {},
"subscription_roles": [
"Contributor"
]
} | no |
-| [ci\_rbac\_roles](#input\_ci\_rbac\_roles) | Set of CI identity roles for the current subscription and the specified resource groups | object({
subscription_roles = set(string)
resource_groups = map(list(string))
}) | {
"resource_groups": {},
"subscription_roles": [
"Reader"
]
} | no |
+| [cd\_rbac\_roles](#input\_cd\_rbac\_roles) | Set of CD identity roles for the current subscription and the specified resource groups | object({
subscription_roles = set(string)
resource_groups = map(list(string))
}) | {
"resource_groups": {},
"subscription_roles": [
"Contributor"
]
} | no |
+| [ci\_rbac\_roles](#input\_ci\_rbac\_roles) | Set of CI identity roles for the current subscription and the specified resource groups | object({
subscription_roles = set(string)
resource_groups = map(list(string))
}) | {
"resource_groups": {},
"subscription_roles": [
"Reader"
]
} | no |
| [domain](#input\_domain) | App domain name | `string` | `""` | no |
| [env\_short](#input\_env\_short) | Short environment prefix | `string` | n/a | yes |
-| [github\_federations](#input\_github\_federations) | GitHub Organization, repository name and scope permissions | list(object({
org = optional(string, "pagopa")
repository = string
audience = optional(set(string), ["api://AzureADTokenExchange"])
issuer = optional(string, "https://token.actions.githubusercontent.com")
credentials_scope = optional(string, "environment")
subject = string
})) | n/a | yes |
+| [github\_federations](#input\_github\_federations) | GitHub Organization, repository name and scope permissions | list(object({
org = optional(string, "pagopa")
repository = string
audience = optional(set(string), ["api://AzureADTokenExchange"])
issuer = optional(string, "https://token.actions.githubusercontent.com")
credentials_scope = optional(string, "environment")
subject = string
})) | n/a | yes |
| [identity\_role](#input\_identity\_role) | Identity role should be either ci or cd | `string` | n/a | yes |
| [location](#input\_location) | Azure region for the Managed Identity | `string` | `null` | no |
| [prefix](#input\_prefix) | Project prefix | `string` | n/a | yes |
diff --git a/github_federated_identity/tests/README.md b/github_federated_identity/tests/README.md
index b2c32357..7a685c2c 100644
--- a/github_federated_identity/tests/README.md
+++ b/github_federated_identity/tests/README.md
@@ -11,3 +11,48 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | <= 3.94.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [identity-cd](#module\_identity-cd) | ../ | n/a |
+| [identity-ci](#module\_identity-ci) | ../ | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_resource_group.identity_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [domain](#input\_domain) | App domain name | `string` | `""` | no |
+| [location](#input\_location) | Resorce location | `string` | `"westeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [repository](#input\_repository) | Repository name | `string` | `"terraform-azurerm-v3"` | no |
+| [tags](#input\_tags) | Azurerm test tags | `map(string)` | {
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [identity\_cd\_app\_name](#output\_identity\_cd\_app\_name) | User Managed Identity name |
+| [identity\_cd\_client\_id](#output\_identity\_cd\_client\_id) | User Managed Identity client id |
+| [identity\_cd\_principal\_id](#output\_identity\_cd\_principal\_id) | User Managed Identity principal id |
+| [identity\_cd\_resource\_group\_name](#output\_identity\_cd\_resource\_group\_name) | User Managed Identity resource group |
+| [identity\_ci\_app\_name](#output\_identity\_ci\_app\_name) | User Managed Identity name |
+| [identity\_ci\_client\_id](#output\_identity\_ci\_client\_id) | User Managed Identity client id |
+| [identity\_ci\_principal\_id](#output\_identity\_ci\_principal\_id) | User Managed Identity principal id |
+| [identity\_ci\_resource\_group\_name](#output\_identity\_ci\_resource\_group\_name) | User Managed Identity resource group |
+
diff --git a/jwt_keys/README.md b/jwt_keys/README.md
index 364e99d3..336dc2a2 100644
--- a/jwt_keys/README.md
+++ b/jwt_keys/README.md
@@ -63,7 +63,7 @@ No modules.
| [early\_renewal\_hours](#input\_early\_renewal\_hours) | n/a | `number` | `720` | no |
| [jwt\_name](#input\_jwt\_name) | n/a | `string` | n/a | yes |
| [key\_vault\_id](#input\_key\_vault\_id) | n/a | `string` | n/a | yes |
-| [tags](#input\_tags) | n/a | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
+| [tags](#input\_tags) | n/a | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
## Outputs
diff --git a/kubernetes_cluster/README.md b/kubernetes_cluster/README.md
index f28c5650..9eaf6f51 100644
--- a/kubernetes_cluster/README.md
+++ b/kubernetes_cluster/README.md
@@ -692,21 +692,21 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [aad\_admin\_group\_ids](#input\_aad\_admin\_group\_ids) | IDs of the Azure AD group for cluster-admin access | `list(string)` | n/a | yes |
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | +| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
{
action_group_id = string
webhook_properties = map(string)
}
))
set(object(| `[]` | no | | [addon\_azure\_key\_vault\_secrets\_provider\_enabled](#input\_addon\_azure\_key\_vault\_secrets\_provider\_enabled) | Should the Azure Secrets Store CSI addon be enabled for this Node Pool? | `bool` | `false` | no | | [addon\_azure\_pod\_identity\_enabled](#input\_addon\_azure\_pod\_identity\_enabled) | Should the AAD pod-managed identities be enabled for this Node Pool? | `bool` | `false` | no | | [addon\_azure\_policy\_enabled](#input\_addon\_azure\_policy\_enabled) | Should the Azure Policy addon be enabled for this Node Pool? | `bool` | `false` | no | | [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no | | [automatic\_channel\_upgrade](#input\_automatic\_channel\_upgrade) | (Optional) The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none. | `string` | `null` | no | -| [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects |
{
action_group_id = string
webhook_properties = map(string)
}
))
map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
-| [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | {
"node_cpu_usage_percentage": {
"aggregation": "Average",
"dimension": [
{
"name": "node",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "node_cpu_usage_percentage",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT1H"
},
"node_disk": {
"aggregation": "Average",
"dimension": [
{
"name": "node",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "device",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "node_disk_usage_percentage",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT1H"
},
"node_memory_working_set_percentage": {
"aggregation": "Average",
"dimension": [
{
"name": "node",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "node_memory_working_set_percentage",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT1H"
},
"node_not_ready": {
"aggregation": "Average",
"dimension": [
{
"name": "status2",
"operator": "Include",
"values": [
"NotReady"
]
}
],
"frequency": "PT15M",
"metric_name": "kube_node_status_condition",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT1H"
},
"pods_failed": {
"aggregation": "Average",
"dimension": [
{
"name": "phase",
"operator": "Include",
"values": [
"Failed"
]
},
{
"name": "namespace",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "kube_pod_status_phase",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT1H"
}
} | no |
+| [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
+| [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | {
"node_cpu_usage_percentage": {
"aggregation": "Average",
"dimension": [
{
"name": "node",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "node_cpu_usage_percentage",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT1H"
},
"node_disk": {
"aggregation": "Average",
"dimension": [
{
"name": "node",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "device",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "node_disk_usage_percentage",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT1H"
},
"node_memory_working_set_percentage": {
"aggregation": "Average",
"dimension": [
{
"name": "node",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "node_memory_working_set_percentage",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT1H"
},
"node_not_ready": {
"aggregation": "Average",
"dimension": [
{
"name": "status2",
"operator": "Include",
"values": [
"NotReady"
]
}
],
"frequency": "PT15M",
"metric_name": "kube_node_status_condition",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT1H"
},
"pods_failed": {
"aggregation": "Average",
"dimension": [
{
"name": "phase",
"operator": "Include",
"values": [
"Failed"
]
},
{
"name": "namespace",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT15M",
"metric_name": "kube_pod_status_phase",
"metric_namespace": "Microsoft.ContainerService/managedClusters",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT1H"
}
} | no |
| [dns\_prefix](#input\_dns\_prefix) | (Required) DNS prefix specified when creating the managed cluster. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [kubernetes\_version](#input\_kubernetes\_version) | (Required) Version of Kubernetes specified when creating the AKS managed cluster. | `string` | n/a | yes |
| [location](#input\_location) | n/a | `string` | n/a | yes |
| [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | The ID of the Log Analytics Workspace which the OMS Agent should send data to. | `string` | `null` | no |
| [microsoft\_defender\_log\_analytics\_workspace\_id](#input\_microsoft\_defender\_log\_analytics\_workspace\_id) | Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to | `string` | `null` | no |
| [name](#input\_name) | (Required) Cluster name | `string` | n/a | yes |
-| [network\_profile](#input\_network\_profile) | See variable description to understand how to use it, and see examples | object({
dns_service_ip = optional(string, "10.2.0.10") # e.g. '10.2.0.10'. IP address within the Kubernetes service address range that will be used by cluster service discovery (kube-dns)
network_policy = optional(string, "azure") # e.g. 'azure'. Sets up network policy to be used with Azure CNI. Currently supported values are calico and azure.
network_plugin = optional(string, "azure") # e.g. 'azure'. Network plugin to use for networking. Currently supported values are azure and kubenet
network_plugin_mode = optional(string, null) # e.g. 'azure'. Network plugin mode to use for networking. Currently supported value is overlay
outbound_type = optional(string, "loadBalancer") # e.g. 'loadBalancer'. The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are loadBalancer, userDefinedRouting, managedNATGateway and userAssignedNATGateway. Defaults to loadBalancer
service_cidr = optional(string, "10.2.0.0/16") # e.g. '10.2.0.0/16'. The Network Range used by the Kubernetes service
network_data_plane = optional(string, "azure") # e.g. 'azure'. (Optional) Specifies the data plane used for building the Kubernetes network. Possible values are azure and cilium. Defaults to azure. Disabling this forces a new resource to be created.
}) | {
"dns_service_ip": "10.2.0.10",
"network_data_plane": "azure",
"network_plugin": "azure",
"network_plugin_mode": null,
"network_policy": "azure",
"outbound_type": "loadBalancer",
"service_cidr": "10.2.0.0/16"
} | no |
+| [network\_profile](#input\_network\_profile) | See variable description to understand how to use it, and see examples | object({
dns_service_ip = optional(string, "10.2.0.10") # e.g. '10.2.0.10'. IP address within the Kubernetes service address range that will be used by cluster service discovery (kube-dns)
network_policy = optional(string, "azure") # e.g. 'azure'. Sets up network policy to be used with Azure CNI. Currently supported values are calico and azure.
network_plugin = optional(string, "azure") # e.g. 'azure'. Network plugin to use for networking. Currently supported values are azure and kubenet
network_plugin_mode = optional(string, null) # e.g. 'azure'. Network plugin mode to use for networking. Currently supported value is overlay
outbound_type = optional(string, "loadBalancer") # e.g. 'loadBalancer'. The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are loadBalancer, userDefinedRouting, managedNATGateway and userAssignedNATGateway. Defaults to loadBalancer
service_cidr = optional(string, "10.2.0.0/16") # e.g. '10.2.0.0/16'. The Network Range used by the Kubernetes service
network_data_plane = optional(string, "azure") # e.g. 'azure'. (Optional) Specifies the data plane used for building the Kubernetes network. Possible values are azure and cilium. Defaults to azure. Disabling this forces a new resource to be created.
}) | {
"dns_service_ip": "10.2.0.10",
"network_data_plane": "azure",
"network_plugin": "azure",
"network_plugin_mode": null,
"network_policy": "azure",
"outbound_type": "loadBalancer",
"service_cidr": "10.2.0.0/16"
} | no |
| [oidc\_issuer\_enabled](#input\_oidc\_issuer\_enabled) | (Optional) Enable or Disable the OIDC issuer URL | `bool` | `false` | no |
| [oms\_agent\_monitoring\_metrics\_role\_assignment\_enabled](#input\_oms\_agent\_monitoring\_metrics\_role\_assignment\_enabled) | Enabled oms agent monitoring metrics roles | `bool` | `true` | no |
| [oms\_agent\_msi\_auth\_for\_monitoring\_enabled](#input\_oms\_agent\_msi\_auth\_for\_monitoring\_enabled) | (Optional) Is managed identity authentication for monitoring enabled? Default false | `bool` | `false` | no |
@@ -721,7 +721,7 @@ No modules.
| [storage\_profile\_disk\_driver\_version](#input\_storage\_profile\_disk\_driver\_version) | (Optional) Disk CSI Driver version to be used. Possible values are v1 and v2. Defaults to v1 | `string` | `"v1"` | no |
| [storage\_profile\_file\_driver\_enabled](#input\_storage\_profile\_file\_driver\_enabled) | (Optional) Is the File CSI driver enabled? Defaults to true | `bool` | `true` | no |
| [storage\_profile\_snapshot\_controller\_enabled](#input\_storage\_profile\_snapshot\_controller\_enabled) | (Optional) Is the Snapshot Controller enabled? Defaults to true | `bool` | `true` | no |
-| [system\_node\_pool\_availability\_zones](#input\_system\_node\_pool\_availability\_zones) | (Optional) List of availability zones for system node pool | `list(string)` | [| no | +| [system\_node\_pool\_availability\_zones](#input\_system\_node\_pool\_availability\_zones) | (Optional) List of availability zones for system node pool | `list(string)` |
"1",
"2",
"3"
]
[| no | | [system\_node\_pool\_enable\_host\_encryption](#input\_system\_node\_pool\_enable\_host\_encryption) | (Optional) Should the nodes in the Default Node Pool have host encryption enabled? Defaults to true. | `bool` | `true` | no | | [system\_node\_pool\_max\_pods](#input\_system\_node\_pool\_max\_pods) | (Optional) The maximum number of pods that can run on each agent. Changing this forces a new resource to be created. | `number` | `250` | no | | [system\_node\_pool\_name](#input\_system\_node\_pool\_name) | (Required) The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created. | `string` | n/a | yes | @@ -737,7 +737,7 @@ No modules. | [system\_node\_pool\_vm\_size](#input\_system\_node\_pool\_vm\_size) | (Required) The size of the Virtual Machine, such as Standard\_B4ms or Standard\_D4s\_vX. See https://pagopa.atlassian.net/wiki/spaces/DEVOPS/pages/134840344/Best+practice+su+prodotti | `string` | n/a | yes | | [tags](#input\_tags) | n/a | `map(any)` | n/a | yes | | [upgrade\_settings\_max\_surge](#input\_upgrade\_settings\_max\_surge) | The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade. | `string` | `"33%"` | no | -| [user\_node\_pool\_availability\_zones](#input\_user\_node\_pool\_availability\_zones) | (Optional) List of availability zones for user node pool | `list(string)` |
"1",
"2",
"3"
]
[| no | +| [user\_node\_pool\_availability\_zones](#input\_user\_node\_pool\_availability\_zones) | (Optional) List of availability zones for user node pool | `list(string)` |
"1",
"2",
"3"
]
[| no | | [user\_node\_pool\_enable\_host\_encryption](#input\_user\_node\_pool\_enable\_host\_encryption) | (Optional) Should the nodes in the Default Node Pool have host encryption enabled? Defaults to true. | `bool` | `false` | no | | [user\_node\_pool\_enabled](#input\_user\_node\_pool\_enabled) | Is user node pool enabled? | `bool` | `false` | no | | [user\_node\_pool\_max\_pods](#input\_user\_node\_pool\_max\_pods) | (Optional) The maximum number of pods that can run on each agent. Changing this forces a new resource to be created. | `number` | `250` | no | diff --git a/kubernetes_cluster_udr/README.md b/kubernetes_cluster_udr/README.md index 897280c5..f717f7f5 100644 --- a/kubernetes_cluster_udr/README.md +++ b/kubernetes_cluster_udr/README.md @@ -685,15 +685,15 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [aad\_admin\_group\_ids](#input\_aad\_admin\_group\_ids) | IDs of the Azure AD group for cluster-admin access | `list(string)` | n/a | yes | -| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
"1",
"2",
"3"
]
set(object(| `[]` | no | +| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
{
action_group_id = string
webhook_properties = map(string)
}
))
set(object(| `[]` | no | | [addon\_azure\_key\_vault\_secrets\_provider\_enabled](#input\_addon\_azure\_key\_vault\_secrets\_provider\_enabled) | Should the Azure Secrets Store CSI addon be enabled for this Node Pool? | `bool` | `false` | no | | [addon\_azure\_pod\_identity\_enabled](#input\_addon\_azure\_pod\_identity\_enabled) | Should the AAD pod-managed identities be enabled for this Node Pool? | `bool` | `false` | no | | [addon\_azure\_policy\_enabled](#input\_addon\_azure\_policy\_enabled) | Should the Azure Policy addon be enabled for this Node Pool? | `bool` | `false` | no | | [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no | | [api\_server\_authorized\_ip\_ranges](#input\_api\_server\_authorized\_ip\_ranges) | The IP ranges to whitelist for incoming traffic to the masters. | `list(string)` | `[]` | no | | [automatic\_channel\_upgrade](#input\_automatic\_channel\_upgrade) | (Optional) The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none. | `string` | `null` | no | -| [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects |
{
action_group_id = string
webhook_properties = map(string)
}
))
map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
-| [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | {
"container_cpu": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "cpuExceededPercentage",
"metric_namespace": "Insights.Container/containers",
"operator": "GreaterThan",
"threshold": 95,
"window_size": "PT30M"
},
"container_memory": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "memoryWorkingSetExceededPercentage",
"metric_namespace": "Insights.Container/containers",
"operator": "GreaterThan",
"threshold": 95,
"window_size": "PT30M"
},
"container_oom": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "oomKilledContainerCount",
"metric_namespace": "Insights.Container/pods",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"container_restart": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "restartingContainerCount",
"metric_namespace": "Insights.Container/pods",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"node_cpu": {
"aggregation": "Average",
"dimension": [
{
"name": "host",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "cpuUsagePercentage",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT30M"
},
"node_disk": {
"aggregation": "Average",
"dimension": [
{
"name": "host",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "device",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "DiskUsedPercentage",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT30M"
},
"node_memory": {
"aggregation": "Average",
"dimension": [
{
"name": "host",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "memoryWorkingSetPercentage",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT30M"
},
"node_not_ready": {
"aggregation": "Average",
"dimension": [
{
"name": "status",
"operator": "Include",
"values": [
"NotReady"
]
}
],
"frequency": "PT5M",
"metric_name": "nodesCount",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"pods_failed": {
"aggregation": "Average",
"dimension": [
{
"name": "phase",
"operator": "Include",
"values": [
"Failed"
]
}
],
"frequency": "PT5M",
"metric_name": "podCount",
"metric_namespace": "Insights.Container/pods",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"pods_ready": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "PodReadyPercentage",
"metric_namespace": "Insights.Container/pods",
"operator": "LessThan",
"threshold": 80,
"window_size": "PT30M"
}
} | no |
+| [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
+| [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | {
"container_cpu": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "cpuExceededPercentage",
"metric_namespace": "Insights.Container/containers",
"operator": "GreaterThan",
"threshold": 95,
"window_size": "PT30M"
},
"container_memory": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "memoryWorkingSetExceededPercentage",
"metric_namespace": "Insights.Container/containers",
"operator": "GreaterThan",
"threshold": 95,
"window_size": "PT30M"
},
"container_oom": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "oomKilledContainerCount",
"metric_namespace": "Insights.Container/pods",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"container_restart": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "restartingContainerCount",
"metric_namespace": "Insights.Container/pods",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"node_cpu": {
"aggregation": "Average",
"dimension": [
{
"name": "host",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "cpuUsagePercentage",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT30M"
},
"node_disk": {
"aggregation": "Average",
"dimension": [
{
"name": "host",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "device",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "DiskUsedPercentage",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT30M"
},
"node_memory": {
"aggregation": "Average",
"dimension": [
{
"name": "host",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "memoryWorkingSetPercentage",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 80,
"window_size": "PT30M"
},
"node_not_ready": {
"aggregation": "Average",
"dimension": [
{
"name": "status",
"operator": "Include",
"values": [
"NotReady"
]
}
],
"frequency": "PT5M",
"metric_name": "nodesCount",
"metric_namespace": "Insights.Container/nodes",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"pods_failed": {
"aggregation": "Average",
"dimension": [
{
"name": "phase",
"operator": "Include",
"values": [
"Failed"
]
}
],
"frequency": "PT5M",
"metric_name": "podCount",
"metric_namespace": "Insights.Container/pods",
"operator": "GreaterThan",
"threshold": 0,
"window_size": "PT30M"
},
"pods_ready": {
"aggregation": "Average",
"dimension": [
{
"name": "kubernetes namespace",
"operator": "Include",
"values": [
"*"
]
},
{
"name": "controllerName",
"operator": "Include",
"values": [
"*"
]
}
],
"frequency": "PT5M",
"metric_name": "PodReadyPercentage",
"metric_namespace": "Insights.Container/pods",
"operator": "LessThan",
"threshold": 80,
"window_size": "PT30M"
}
} | no |
| [disk\_encryption\_set\_id](#input\_disk\_encryption\_set\_id) | ID of the disk EncryptionSet . | `string` | `null` | no |
| [dns\_prefix](#input\_dns\_prefix) | (Required) DNS prefix specified when creating the managed cluster. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [dns\_prefix\_private\_cluster](#input\_dns\_prefix\_private\_cluster) | Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created. | `string` | `null` | no |
@@ -702,7 +702,7 @@ No modules.
| [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | The ID of the Log Analytics Workspace which the OMS Agent should send data to. | `string` | `null` | no |
| [microsoft\_defender\_log\_analytics\_workspace\_id](#input\_microsoft\_defender\_log\_analytics\_workspace\_id) | Specifies the ID of the Log Analytics Workspace where the audit logs collected by Microsoft Defender should be sent to | `string` | `null` | no |
| [name](#input\_name) | (Required) Cluster name | `string` | n/a | yes |
-| [network\_profile](#input\_network\_profile) | See variable description to understand how to use it, and see examples | object({
network_plugin = string # e.g. 'azure'. Network plugin to use for networking. Currently supported values are azure and kubenet
outbound_type = string # e.g. 'loadBalancer'. The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are loadBalancer, userDefinedRouting, managedNATGateway and userAssignedNATGateway. Defaults to loadBalancer
network_plugin_mode = string
}) | {
"network_plugin": "azure",
"network_plugin_mode": "Overlay",
"outbound_type": "userDefinedRouting"
} | no |
+| [network\_profile](#input\_network\_profile) | See variable description to understand how to use it, and see examples | object({
network_plugin = string # e.g. 'azure'. Network plugin to use for networking. Currently supported values are azure and kubenet
outbound_type = string # e.g. 'loadBalancer'. The outbound (egress) routing method which should be used for this Kubernetes Cluster. Possible values are loadBalancer, userDefinedRouting, managedNATGateway and userAssignedNATGateway. Defaults to loadBalancer
network_plugin_mode = string
}) | {
"network_plugin": "azure",
"network_plugin_mode": "Overlay",
"outbound_type": "userDefinedRouting"
} | no |
| [outbound\_ip\_address\_ids](#input\_outbound\_ip\_address\_ids) | The ID of the Public IP Addresses which should be used for outbound communication for the cluster load balancer. | `list(string)` | `[]` | no |
| [private\_cluster\_enabled](#input\_private\_cluster\_enabled) | (Optional) Provides a Private IP Address for the Kubernetes API on the Virtual Network where the Kubernetes Cluster is located. | `bool` | `false` | no |
| [rbac\_enabled](#input\_rbac\_enabled) | Is Role Based Access Control Enabled? | `bool` | `true` | no |
@@ -710,7 +710,7 @@ No modules.
| [sec\_log\_analytics\_workspace\_id](#input\_sec\_log\_analytics\_workspace\_id) | Log analytics workspace security (it should be in a different subscription). | `string` | `null` | no |
| [sec\_storage\_id](#input\_sec\_storage\_id) | Storage Account security (it should be in a different subscription). | `string` | `null` | no |
| [sku\_tier](#input\_sku\_tier) | (Optional) The SKU Tier that should be used for this Kubernetes Cluster. Possible values are Free and Paid (which includes the Uptime SLA) | `string` | `"Free"` | no |
-| [system\_node\_pool\_availability\_zones](#input\_system\_node\_pool\_availability\_zones) | (Optional) List of availability zones for system node pool | `list(string)` | [| no | +| [system\_node\_pool\_availability\_zones](#input\_system\_node\_pool\_availability\_zones) | (Optional) List of availability zones for system node pool | `list(string)` |
"1",
"2",
"3"
]
[| no | | [system\_node\_pool\_enable\_host\_encryption](#input\_system\_node\_pool\_enable\_host\_encryption) | (Optional) Should the nodes in the Default Node Pool have host encryption enabled? Defaults to true. | `bool` | `true` | no | | [system\_node\_pool\_max\_pods](#input\_system\_node\_pool\_max\_pods) | (Optional) The maximum number of pods that can run on each agent. Changing this forces a new resource to be created. | `number` | `250` | no | | [system\_node\_pool\_name](#input\_system\_node\_pool\_name) | (Required) The name which should be used for the default Kubernetes Node Pool. Changing this forces a new resource to be created. | `string` | n/a | yes | @@ -725,7 +725,7 @@ No modules. | [system\_node\_pool\_vm\_size](#input\_system\_node\_pool\_vm\_size) | (Required) The size of the Virtual Machine, such as Standard\_B4ms or Standard\_D4s\_vX. See https://pagopa.atlassian.net/wiki/spaces/DEVOPS/pages/134840344/Best+practice+su+prodotti | `string` | n/a | yes | | [tags](#input\_tags) | n/a | `map(any)` | n/a | yes | | [upgrade\_settings\_max\_surge](#input\_upgrade\_settings\_max\_surge) | The maximum number or percentage of nodes which will be added to the Node Pool size during an upgrade. | `string` | `"33%"` | no | -| [user\_node\_pool\_availability\_zones](#input\_user\_node\_pool\_availability\_zones) | (Optional) List of availability zones for user node pool | `list(string)` |
"1",
"2",
"3"
]
[| no | +| [user\_node\_pool\_availability\_zones](#input\_user\_node\_pool\_availability\_zones) | (Optional) List of availability zones for user node pool | `list(string)` |
"1",
"2",
"3"
]
[| no | | [user\_node\_pool\_enable\_host\_encryption](#input\_user\_node\_pool\_enable\_host\_encryption) | (Optional) Should the nodes in the Default Node Pool have host encryption enabled? Defaults to true. | `bool` | `false` | no | | [user\_node\_pool\_enabled](#input\_user\_node\_pool\_enabled) | Is user node pool enabled? | `bool` | `false` | no | | [user\_node\_pool\_max\_pods](#input\_user\_node\_pool\_max\_pods) | (Optional) The maximum number of pods that can run on each agent. Changing this forces a new resource to be created. | `number` | `250` | no | diff --git a/kubernetes_prometheus_install/README.md b/kubernetes_prometheus_install/README.md index bfdffacd..35ea8a0f 100644 --- a/kubernetes_prometheus_install/README.md +++ b/kubernetes_prometheus_install/README.md @@ -42,7 +42,7 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [prometheus\_helm](#input\_prometheus\_helm) | Prometheus helm chart configuration |
"1",
"2",
"3"
]
object({
chart_version = optional(string, "25.24.1")
server = object({
image_name = optional(string, "quay.io/prometheus/prometheus"),
image_tag = optional(string, "v2.53.1"),
}),
alertmanager = object({
image_name = optional(string, "quay.io/prometheus/alertmanager"),
image_tag = optional(string, "v0.27.0"),
}),
node_exporter = object({
image_name = optional(string, "quay.io/prometheus/node-exporter"),
image_tag = optional(string, "v1.8.2"),
}),
configmap_reload_prometheus = object({
image_name = optional(string, "jimmidyson/configmap-reload"),
image_tag = optional(string, "v0.13.1"),
}),
configmap_reload_alertmanager = object({
image_name = optional(string, "jimmidyson/configmap-reload"),
image_tag = optional(string, "v0.13.1"),
}),
pushgateway = object({
image_name = optional(string, "prom/pushgateway"),
image_tag = optional(string, "v1.9.0"),
}),
}) | {
"alertmanager": {
"image_name": "quay.io/prometheus/alertmanager",
"image_tag": "v0.27.0"
},
"chart_version": "25.24.1",
"configmap_reload_alertmanager": {
"image_name": "jimmidyson/configmap-reload",
"image_tag": "v0.13.1"
},
"configmap_reload_prometheus": {
"image_name": "jimmidyson/configmap-reload",
"image_tag": "v0.13.1"
},
"node_exporter": {
"image_name": "quay.io/prometheus/node-exporter",
"image_tag": "v1.8.2"
},
"pushgateway": {
"image_name": "prom/pushgateway",
"image_tag": "v1.9.0"
},
"server": {
"image_name": "quay.io/prometheus/prometheus",
"image_tag": "v2.53.1"
}
} | no |
+| [prometheus\_helm](#input\_prometheus\_helm) | Prometheus helm chart configuration | object({
chart_version = optional(string, "25.24.1")
server = object({
image_name = optional(string, "quay.io/prometheus/prometheus"),
image_tag = optional(string, "v2.53.1"),
}),
alertmanager = object({
image_name = optional(string, "quay.io/prometheus/alertmanager"),
image_tag = optional(string, "v0.27.0"),
}),
node_exporter = object({
image_name = optional(string, "quay.io/prometheus/node-exporter"),
image_tag = optional(string, "v1.8.2"),
}),
configmap_reload_prometheus = object({
image_name = optional(string, "jimmidyson/configmap-reload"),
image_tag = optional(string, "v0.13.1"),
}),
configmap_reload_alertmanager = object({
image_name = optional(string, "jimmidyson/configmap-reload"),
image_tag = optional(string, "v0.13.1"),
}),
pushgateway = object({
image_name = optional(string, "prom/pushgateway"),
image_tag = optional(string, "v1.9.0"),
}),
}) | {
"alertmanager": {
"image_name": "quay.io/prometheus/alertmanager",
"image_tag": "v0.27.0"
},
"chart_version": "25.24.1",
"configmap_reload_alertmanager": {
"image_name": "jimmidyson/configmap-reload",
"image_tag": "v0.13.1"
},
"configmap_reload_prometheus": {
"image_name": "jimmidyson/configmap-reload",
"image_tag": "v0.13.1"
},
"node_exporter": {
"image_name": "quay.io/prometheus/node-exporter",
"image_tag": "v1.8.2"
},
"pushgateway": {
"image_name": "prom/pushgateway",
"image_tag": "v1.9.0"
},
"server": {
"image_name": "quay.io/prometheus/prometheus",
"image_tag": "v2.53.1"
}
} | no |
| [prometheus\_namespace](#input\_prometheus\_namespace) | (Required) Name of the monitoring namespace, used to install prometheus resources | `string` | n/a | yes |
| [storage\_class\_name](#input\_storage\_class\_name) | (Optional) Storage class name used for prometheus server and alertmanager | `string` | `"default"` | no |
diff --git a/load_balancer/README.md b/load_balancer/README.md
index f79294b2..61e4c935 100644
--- a/load_balancer/README.md
+++ b/load_balancer/README.md
@@ -31,9 +31,9 @@ No modules.
| [frontend\_private\_ip\_address](#input\_frontend\_private\_ip\_address) | (Optional) Private ip address to assign to frontend. Use it with type = private | `string` | `""` | no |
| [frontend\_private\_ip\_address\_allocation](#input\_frontend\_private\_ip\_address\_allocation) | (Optional) Frontend ip allocation type (Static or Dynamic) | `string` | `"Dynamic"` | no |
| [frontend\_subnet\_id](#input\_frontend\_subnet\_id) | (Optional) Frontend subnet id to use when in private mode | `string` | `""` | no |
-| [lb\_backend\_pools](#input\_lb\_backend\_pools) | (Optional) Backend pool and ip address configuration | list(object(|
{
name = string
ips = list(object(
{
ip = string
type = optional(string)
vnet_id = string
}))
}))
[| no | -| [lb\_port](#input\_lb\_port) | Protocols to be used for lb rules. Format as name => {frontend\_port, protocol, backend\_port, backend\_pool\_name, probe\_name} |
{
"ips": [],
"name": "default"
}
]
map(object({
frontend_port = string
protocol = string
backend_port = string
backend_pool_name = string
probe_name = string
})) | `{}` | no |
-| [lb\_probe](#input\_lb\_probe) | (Optional) Protocols to be used for lb health probes. Format as name => {protocol, port, request\_path} | map(object({
protocol = string
port = string
request_path = string
})) | `{}` | no |
+| [lb\_backend\_pools](#input\_lb\_backend\_pools) | (Optional) Backend pool and ip address configuration | list(object(|
{
name = string
ips = list(object(
{
ip = string
type = optional(string)
vnet_id = string
}))
}))
[| no | +| [lb\_port](#input\_lb\_port) | Protocols to be used for lb rules. Format as name => {frontend\_port, protocol, backend\_port, backend\_pool\_name, probe\_name} |
{
"ips": [],
"name": "default"
}
]
map(object({
frontend_port = string
protocol = string
backend_port = string
backend_pool_name = string
probe_name = string
})) | `{}` | no |
+| [lb\_probe](#input\_lb\_probe) | (Optional) Protocols to be used for lb health probes. Format as name => {protocol, port, request\_path} | map(object({
protocol = string
port = string
request_path = string
})) | `{}` | no |
| [lb\_probe\_interval](#input\_lb\_probe\_interval) | Interval in seconds the load balancer health probe rule does a check | `number` | `5` | no |
| [lb\_probe\_unhealthy\_threshold](#input\_lb\_probe\_unhealthy\_threshold) | Number of times the load balancer health probe has an unsuccessful attempt before considering the endpoint unhealthy. | `number` | `2` | no |
| [lb\_sku](#input\_lb\_sku) | (Optional) The SKU of the Azure Load Balancer. Accepted values are Basic and Standard. | `string` | `"Basic"` | no |
@@ -41,7 +41,7 @@ No modules.
| [name](#input\_name) | Name of the load balancer. | `string` | n/a | yes |
| [pip\_sku](#input\_pip\_sku) | (Optional) The SKU of the Azure Public IP. Accepted values are Basic and Standard. | `string` | `"Basic"` | no |
| [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the resource group where the load balancer resources will be imported. | `string` | n/a | yes |
-| [tags](#input\_tags) | n/a | `map(string)` | {
"source": "terraform"
} | no |
+| [tags](#input\_tags) | n/a | `map(string)` | {
"source": "terraform"
} | no |
| [type](#input\_type) | (Optional) Defined if the loadbalancer is private or public | `string` | `"public"` | no |
## Outputs
diff --git a/load_balancer/tests/README.md b/load_balancer/tests/README.md
index b2c32357..8327ade3 100644
--- a/load_balancer/tests/README.md
+++ b/load_balancer/tests/README.md
@@ -11,3 +11,43 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 |
+| [null](#requirement\_null) | ~> 3.2 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [lb\_private](#module\_lb\_private) | ../../load_balancer | n/a |
+| [lb\_public](#module\_lb\_public) | ../../load_balancer | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_virtual_network.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"northeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [private\_ip\_address](#input\_private\_ip\_address) | n/a | `string` | `"10.0.1.10"` | no |
+| [tags](#input\_tags) | Azurerm test tags | `map(string)` | {
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vms\_subnet\_cidr](#input\_vms\_subnet\_cidr) | n/a | `list(string)` | [| no | +| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` |
"10.0.1.0/26"
]
[| no | + +## Outputs + +No outputs. + diff --git a/monitoring_function/README.md b/monitoring_function/README.md index 056445dd..f2da6fb6 100644 --- a/monitoring_function/README.md +++ b/monitoring_function/README.md @@ -201,16 +201,16 @@ module "monitoring_function" { | [application\_insight\_name](#input\_application\_insight\_name) | (Required) name of the application insight instance where to publish metrics | `string` | n/a | yes | | [application\_insight\_rg\_name](#input\_application\_insight\_rg\_name) | (Required) name of the application insight instance resource group where to publish metrics | `string` | n/a | yes | | [application\_insights\_action\_group\_ids](#input\_application\_insights\_action\_group\_ids) | (Required) Application insights action group ids | `list(string)` | n/a | yes | -| [docker\_settings](#input\_docker\_settings) | n/a |
"10.0.0.0/16"
]
object({
registry_url = optional(string, "ghcr.io") #(Optional) Docker container registry url where to find the monitoring image
image_tag = string #(Optional) Docker image tag
image_name = optional(string, "pagopa/azure-synthetic-monitoring") #(Optional) Docker image name
}) | {
"image_name": "pagopa/azure-synthetic-monitoring",
"image_tag": "1.0.0",
"registry_url": "ghcr.io"
} | no |
-| [job\_settings](#input\_job\_settings) | n/a | object({
execution_timeout_seconds = optional(number, 300) #(Optional) Job execution timeout, in seconds
cron_scheduling = optional(string, "* * * * *") #(Optional) Cron expression defining the execution scheduling of the monitoring function
cpu_requirement = optional(number, 0.25) #(Optional) Decimal; cpu requirement
memory_requirement = optional(string, "0.5Gi") #(Optional) Memory requirement
http_client_timeout = optional(number, 30000) #(Optional) Default http client response timeout, in milliseconds
default_duration_limit = optional(number, 10000) #(Optional) Duration limit applied if none is given in the monitoring configuration. in milliseconds
availability_prefix = optional(string, "synthetic") #(Optional) Prefix used for prefixing availability test names
container_app_environment_id = string #(Required) If defined, the id of the container app environment tu be used to run the monitoring job. If provided, skips the creation of a dedicated subnet
cert_validity_range_days = optional(number, 7) #(Optional) Number of days before the expiration date of a certificate over which the check is considered success
}) | {
"availability_prefix": "synthetic",
"cert_validity_range_days": 7,
"container_app_environment_id": null,
"cpu_requirement": 0.25,
"cron_scheduling": "* * * * *",
"default_duration_limit": 10000,
"execution_timeout_seconds": 300,
"http_client_timeout": 30000,
"memory_requirement": "0.5Gi"
} | no |
+| [docker\_settings](#input\_docker\_settings) | n/a | object({
registry_url = optional(string, "ghcr.io") #(Optional) Docker container registry url where to find the monitoring image
image_tag = string #(Optional) Docker image tag
image_name = optional(string, "pagopa/azure-synthetic-monitoring") #(Optional) Docker image name
}) | {
"image_name": "pagopa/azure-synthetic-monitoring",
"image_tag": "1.0.0",
"registry_url": "ghcr.io"
} | no |
+| [job\_settings](#input\_job\_settings) | n/a | object({
execution_timeout_seconds = optional(number, 300) #(Optional) Job execution timeout, in seconds
cron_scheduling = optional(string, "* * * * *") #(Optional) Cron expression defining the execution scheduling of the monitoring function
cpu_requirement = optional(number, 0.25) #(Optional) Decimal; cpu requirement
memory_requirement = optional(string, "0.5Gi") #(Optional) Memory requirement
http_client_timeout = optional(number, 30000) #(Optional) Default http client response timeout, in milliseconds
default_duration_limit = optional(number, 10000) #(Optional) Duration limit applied if none is given in the monitoring configuration. in milliseconds
availability_prefix = optional(string, "synthetic") #(Optional) Prefix used for prefixing availability test names
container_app_environment_id = string #(Required) If defined, the id of the container app environment tu be used to run the monitoring job. If provided, skips the creation of a dedicated subnet
cert_validity_range_days = optional(number, 7) #(Optional) Number of days before the expiration date of a certificate over which the check is considered success
}) | {
"availability_prefix": "synthetic",
"cert_validity_range_days": 7,
"container_app_environment_id": null,
"cpu_requirement": 0.25,
"cron_scheduling": "* * * * *",
"default_duration_limit": 10000,
"execution_timeout_seconds": 300,
"http_client_timeout": 30000,
"memory_requirement": "0.5Gi"
} | no |
| [legacy](#input\_legacy) | (Optional) Enable new terraform resource features for container app job. | `bool` | `true` | no |
| [location](#input\_location) | (Required) Resource location | `string` | n/a | yes |
| [monitoring\_configuration\_encoded](#input\_monitoring\_configuration\_encoded) | (Required) monitoring configuration provided in JSON string format (use jsonencode) | `string` | n/a | yes |
| [prefix](#input\_prefix) | (Required) Prefix used in the Velero dedicated resource names | `string` | n/a | yes |
| [private\_endpoint\_subnet\_id](#input\_private\_endpoint\_subnet\_id) | (Optional) Subnet id where to create the private endpoint for backups storage account | `string` | `null` | no |
| [resource\_group\_name](#input\_resource\_group\_name) | (Required) Name of the resource group in which the function and its related components are created | `string` | n/a | yes |
-| [self\_alert\_configuration](#input\_self\_alert\_configuration) | Configuration for the alert on the job itself | object({
enabled = optional(bool, true) # "(Optional) if true, enables the alert on the self monitoring availability metric"
frequency = optional(string, "PT1M") # (Optional) The evaluation frequency of this Metric Alert, represented in ISO 8601 duration format. Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
severity = optional(number, 0) # (Optional) The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4
threshold = optional(number, 100) # (Optional) The criteria threshold value that activates the alert
operator = optional(string, "LessThan") # (Optional) The criteria operator. Possible values are Equals, GreaterThan, GreaterThanOrEqual, LessThan and LessThanOrEqual
aggregation = optional(string, "Average") # (Required) The statistic that runs over the metric values. Possible values are Average, Count, Minimum, Maximum and Total.
}) | {
"aggregation": "Average",
"enabled": true,
"frequency": "PT1M",
"operator": "LessThan",
"severity": 0,
"threshold": 100
} | no |
-| [storage\_account\_settings](#input\_storage\_account\_settings) | n/a | object({
tier = optional(string, "Standard") #(Optional) Tier used for the backup storage account
replication_type = optional(string, "ZRS") #(Optional) Replication type used for the backup storage account
kind = optional(string, "StorageV2") #(Optional) Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2
backup_retention_days = optional(number, 0) #(Optional) number of days for which the storage account is available for point in time recovery
backup_enabled = optional(bool, false) # (Optional) enables storage account point in time recovery
private_endpoint_enabled = optional(bool, false) #(Optional) enables the creation and usage of private endpoint
table_private_dns_zone_id = string # (Optional) table storage private dns zone id
}) | {
"backup_enabled": false,
"backup_retention_days": 0,
"kind": "StorageV2",
"private_endpoint_enabled": false,
"replication_type": "ZRS",
"table_private_dns_zone_id": null,
"tier": "Standard"
} | no |
+| [self\_alert\_configuration](#input\_self\_alert\_configuration) | Configuration for the alert on the job itself | object({
enabled = optional(bool, true) # "(Optional) if true, enables the alert on the self monitoring availability metric"
frequency = optional(string, "PT1M") # (Optional) The evaluation frequency of this Metric Alert, represented in ISO 8601 duration format. Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
severity = optional(number, 0) # (Optional) The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4
threshold = optional(number, 100) # (Optional) The criteria threshold value that activates the alert
operator = optional(string, "LessThan") # (Optional) The criteria operator. Possible values are Equals, GreaterThan, GreaterThanOrEqual, LessThan and LessThanOrEqual
aggregation = optional(string, "Average") # (Required) The statistic that runs over the metric values. Possible values are Average, Count, Minimum, Maximum and Total.
}) | {
"aggregation": "Average",
"enabled": true,
"frequency": "PT1M",
"operator": "LessThan",
"severity": 0,
"threshold": 100
} | no |
+| [storage\_account\_settings](#input\_storage\_account\_settings) | n/a | object({
tier = optional(string, "Standard") #(Optional) Tier used for the backup storage account
replication_type = optional(string, "ZRS") #(Optional) Replication type used for the backup storage account
kind = optional(string, "StorageV2") #(Optional) Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2
backup_retention_days = optional(number, 0) #(Optional) number of days for which the storage account is available for point in time recovery
backup_enabled = optional(bool, false) # (Optional) enables storage account point in time recovery
private_endpoint_enabled = optional(bool, false) #(Optional) enables the creation and usage of private endpoint
table_private_dns_zone_id = string # (Optional) table storage private dns zone id
}) | {
"backup_enabled": false,
"backup_retention_days": 0,
"kind": "StorageV2",
"private_endpoint_enabled": false,
"replication_type": "ZRS",
"table_private_dns_zone_id": null,
"tier": "Standard"
} | no |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
## Outputs
diff --git a/monitoring_function/tests/README.md b/monitoring_function/tests/README.md
new file mode 100644
index 00000000..6a338d00
--- /dev/null
+++ b/monitoring_function/tests/README.md
@@ -0,0 +1,62 @@
+# tests
+
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azapi](#requirement\_azapi) | ~> 1.11.0 |
+| [azurerm](#requirement\_azurerm) | <=3.116.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [monitoring\_function](#module\_monitoring\_function) | ../ | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_application_insights.application_insights](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_insights) | resource |
+| [azurerm_container_app_environment.container_app_environment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_app_environment) | resource |
+| [azurerm_key_vault.key_vault](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault) | resource |
+| [azurerm_log_analytics_workspace.law](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) | resource |
+| [azurerm_log_analytics_workspace.log_analytics_workspace](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) | resource |
+| [azurerm_resource_group.rg_runner](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_resource_group.synthetic_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [alert\_set\_auto\_mitigate](#input\_alert\_set\_auto\_mitigate) | (Optional) Should the alerts in this Metric Alert be auto resolved? Defaults to true. | `bool` | `true` | no |
+| [enabled\_resource](#input\_enabled\_resource) | Feature flags | object({
container_app_tools_cae = optional(bool, false),
}) | n/a | yes |
+| [env](#input\_env) | n/a | `string` | n/a | yes |
+| [env\_short](#input\_env\_short) | n/a | `string` | n/a | yes |
+| [law\_daily\_quota\_gb](#input\_law\_daily\_quota\_gb) | The workspace daily quota for ingestion in GB. | `number` | `-1` | no |
+| [law\_retention\_in\_days](#input\_law\_retention\_in\_days) | The workspace data retention in days | `number` | `30` | no |
+| [law\_sku](#input\_law\_sku) | Sku of the Log Analytics Workspace | `string` | `"PerGB2018"` | no |
+| [legacy](#input\_legacy) | (Optional) Enable new terraform resource features for container app job. | `bool` | n/a | yes |
+| [location](#input\_location) | One of westeurope, northeurope | `string` | n/a | yes |
+| [location\_short](#input\_location\_short) | One of wue, neu | `string` | n/a | yes |
+| [prefix](#input\_prefix) | n/a | `string` | n/a | yes |
+| [self\_alert\_enabled](#input\_self\_alert\_enabled) | (Optional) enables the alert on the function itself | `bool` | `true` | no |
+| [storage\_account\_replication\_type](#input\_storage\_account\_replication\_type) | (Required) table storage replication type | `string` | n/a | yes |
+| [tags](#input\_tags) | n/a | `map(any)` | {
"CreatedBy": "Terraform"
} | no |
+| [use\_private\_endpoint](#input\_use\_private\_endpoint) | (Required) if true enables the usage of private endpoint | `bool` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [cae\_name](#output\_cae\_name) | Container App Environment name |
+| [random\_id](#output\_random\_id) | n/a |
+| [subnet\_cidr](#output\_subnet\_cidr) | Subnet CIDR blocks |
+| [subnet\_name](#output\_subnet\_name) | Subnet name |
+
diff --git a/nat_gateway/tests/README.md b/nat_gateway/tests/README.md
index 7cab078e..3a9a2d09 100644
--- a/nat_gateway/tests/README.md
+++ b/nat_gateway/tests/README.md
@@ -10,3 +10,48 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [nat\_gateway](#module\_nat\_gateway) | ../../nat_gateway | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_public_ip.nat_ip_2](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource |
+| [azurerm_public_ip.nat_ip_3](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.subnet1](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_subnet.subnet2](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_subnet_nat_gateway_association.subnet1](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet_nat_gateway_association) | resource |
+| [azurerm_subnet_nat_gateway_association.subnet2](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet_nat_gateway_association) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"westeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [subnet1\_cidr](#input\_subnet1\_cidr) | n/a | `list(string)` | [| no | +| [subnet2\_cidr](#input\_subnet2\_cidr) | n/a | `list(string)` |
"10.0.1.0/26"
]
[| no | +| [tags](#input\_tags) | Azurerm test tags | `map(string)` |
"10.0.2.0/26"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/postgres_flexible_server/README.md b/postgres_flexible_server/README.md index 3a2a22bf..bf95b434 100644 --- a/postgres_flexible_server/README.md +++ b/postgres_flexible_server/README.md @@ -317,15 +317,15 @@ No modules. |------|-------------|------|---------|:--------:| | [administrator\_login](#input\_administrator\_login) | Flexible PostgreSql server administrator\_login | `string` | n/a | yes | | [administrator\_password](#input\_administrator\_password) | Flexible PostgreSql server administrator\_password | `string` | n/a | yes | -| [alert\_action](#input\_alert\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
"10.0.0.0/16"
]
set(object(| `[]` | no | +| [alert\_action](#input\_alert\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
{
action_group_id = string
webhook_properties = map(string)
}
))
set(object(| `[]` | no | | [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no | | [backup\_retention\_days](#input\_backup\_retention\_days) | (Optional) The backup retention days for the PostgreSQL Flexible Server. Possible values are between 7 and 35 days. | `number` | `7` | no | | [create\_mode](#input\_create\_mode) | (Optional) The creation mode. Can be used to restore or replicate existing servers. Possible values are Default, Replica, GeoRestore, and PointInTimeRestore | `string` | `"Default"` | no | -| [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects |
{
action_group_id = string
webhook_properties = map(string)
}
))
map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | `null` | no |
+| [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | `null` | no |
| [customer\_managed\_key\_enabled](#input\_customer\_managed\_key\_enabled) | enable customer\_managed\_key | `bool` | `false` | no |
| [customer\_managed\_key\_kv\_key\_id](#input\_customer\_managed\_key\_kv\_key\_id) | The ID of the Key Vault Key | `string` | `null` | no |
| [db\_version](#input\_db\_version) | (Required) The version of PostgreSQL Flexible Server to use. Possible values are 11,12 and 13. Required when create\_mode is Default | `number` | n/a | yes |
-| [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | {
"active_connections": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "active_connections",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"connections_failed": {
"aggregation": "Total",
"frequency": "PT5M",
"metric_name": "connections_failed",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"cpu_percent": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "cpu_percent",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"memory_percent": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "memory_percent",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"storage_percent": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "storage_percent",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
}
} | no |
+| [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | {
"active_connections": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "active_connections",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"connections_failed": {
"aggregation": "Total",
"frequency": "PT5M",
"metric_name": "connections_failed",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"cpu_percent": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "cpu_percent",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"memory_percent": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "memory_percent",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
},
"storage_percent": {
"aggregation": "Average",
"frequency": "PT5M",
"metric_name": "storage_percent",
"metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",
"operator": "GreaterThan",
"severity": 2,
"threshold": 80,
"window_size": "PT30M"
}
} | no |
| [delegated\_subnet\_id](#input\_delegated\_subnet\_id) | (Optional) The ID of the virtual network subnet to create the PostgreSQL Flexible Server. The provided subnet should not have any other resource deployed in it and this subnet will be delegated to the PostgreSQL Flexible Server, if not already delegated. | `string` | `null` | no |
| [diagnostic\_setting\_destination\_storage\_id](#input\_diagnostic\_setting\_destination\_storage\_id) | (Optional) The ID of the Storage Account where logs should be sent. Changing this forces a new resource to be created. | `string` | `null` | no |
| [diagnostic\_settings\_enabled](#input\_diagnostic\_settings\_enabled) | Is diagnostic settings enabled? | `bool` | `true` | no |
@@ -333,7 +333,7 @@ No modules.
| [high\_availability\_enabled](#input\_high\_availability\_enabled) | (Required) Is the High Availability Enabled | `bool` | n/a | yes |
| [location](#input\_location) | (Required) The Azure Region where the PostgreSQL Flexible Server should exist. | `string` | n/a | yes |
| [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | (Optional) Specifies the ID of a Log Analytics Workspace where Diagnostics Data should be sent. | `string` | `null` | no |
-| [maintenance\_window\_config](#input\_maintenance\_window\_config) | (Optional) Allows the configuration of the maintenance window, if not configured default is Wednesday@2.00am | object({
day_of_week = number
start_hour = number
start_minute = number
}) | {
"day_of_week": 3,
"start_hour": 2,
"start_minute": 0
} | no |
+| [maintenance\_window\_config](#input\_maintenance\_window\_config) | (Optional) Allows the configuration of the maintenance window, if not configured default is Wednesday@2.00am | object({
day_of_week = number
start_hour = number
start_minute = number
}) | {
"day_of_week": 3,
"start_hour": 2,
"start_minute": 0
} | no |
| [name](#input\_name) | (Required) The name which should be used for this PostgreSQL Flexible Server. Changing this forces a new PostgreSQL Flexible Server to be created. | `string` | n/a | yes |
| [pgbouncer\_enabled](#input\_pgbouncer\_enabled) | Is PgBouncer enabled into configurations? | `bool` | `true` | no |
| [primary\_user\_assigned\_identity\_id](#input\_primary\_user\_assigned\_identity\_id) | Manages a User Assigned Identity | `string` | `null` | no |
diff --git a/postgres_flexible_server/tests/README.md b/postgres_flexible_server/tests/README.md
new file mode 100644
index 00000000..96c2f1c8
--- /dev/null
+++ b/postgres_flexible_server/tests/README.md
@@ -0,0 +1,56 @@
+# tests
+
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 |
+| [random](#requirement\_random) | = 3.5.1 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [key\_vault\_test](#module\_key\_vault\_test) | ../../key_vault | n/a |
+| [postgres\_flexible\_server\_private](#module\_postgres\_flexible\_server\_private) | ../ | n/a |
+| [storage\_account](#module\_storage\_account) | ../../storage_account | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_key_vault_access_policy.pgsql](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
+| [azurerm_key_vault_access_policy.user](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
+| [azurerm_key_vault_key.pgsqlkey](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key) | resource |
+| [azurerm_key_vault_secret.pgres_flex_admin_login](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
+| [azurerm_key_vault_secret.pgres_flex_admin_pwd](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
+| [azurerm_log_analytics_workspace.test](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) | resource |
+| [azurerm_private_dns_zone.privatelink_postgres_database_azure_com](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_private_dns_zone_virtual_network_link.privatelink_postgres_database_azure_com_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
+| [azurerm_resource_group.postgres_dbs](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.test_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_user_assigned_identity.pgsql](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/user_assigned_identity) | resource |
+| [azurerm_virtual_network.test_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/3.5.1/docs/resources/id) | resource |
+| [random_password.password](https://registry.terraform.io/providers/hashicorp/random/3.5.1/docs/resources/password) | resource |
+| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [function\_app\_subnet\_cidr](#input\_function\_app\_subnet\_cidr) | n/a | `list(string)` | [| no | +| [location](#input\_location) | Resorce location | `string` | `"westeurope"` | no | +| [pgres\_flex\_admin\_login](#input\_pgres\_flex\_admin\_login) | The Administrator Login for the PostgreSQL Flexible Server. Required when create\_mode is Default. | `string` | `"postgres"` | no | +| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no | +| [tags](#input\_tags) | Azurerm test tags | `map(string)` |
"10.0.1.0/26"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/postgres_flexible_server_replica/README.md b/postgres_flexible_server_replica/README.md index 98f6183e..16bbf719 100644 --- a/postgres_flexible_server_replica/README.md +++ b/postgres_flexible_server_replica/README.md @@ -171,7 +171,7 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [alert\_action](#input\_alert\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
"10.0.0.0/16"
]
set(object(| `[]` | no | +| [alert\_action](#input\_alert\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
{
action_group_id = string
webhook_properties = map(string)
}
))
set(object(| `[]` | no | | [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no | | [delegated\_subnet\_id](#input\_delegated\_subnet\_id) | (Optional) The ID of the virtual network subnet to create the PostgreSQL Flexible Server. The provided subnet should not have any other resource deployed in it and this subnet will be delegated to the PostgreSQL Flexible Server, if not already delegated. | `string` | `null` | no | | [diagnostic\_setting\_destination\_storage\_id](#input\_diagnostic\_setting\_destination\_storage\_id) | (Optional) The ID of the Storage Account where logs should be sent. Changing this forces a new resource to be created. | `string` | `null` | no | @@ -179,13 +179,13 @@ No modules. | [high\_availability\_enabled](#input\_high\_availability\_enabled) | (Required) Is the High Availability Enabled | `bool` | n/a | yes | | [location](#input\_location) | (Required) The Azure Region where the PostgreSQL Flexible Server should exist. | `string` | n/a | yes | | [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | (Optional) Specifies the ID of a Log Analytics Workspace where Diagnostics Data should be sent. | `string` | `null` | no | -| [main\_server\_additional\_alerts](#input\_main\_server\_additional\_alerts) | Map of name = criteria objects |
{
action_group_id = string
webhook_properties = map(string)
}
))
map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | `{}` | no |
-| [maintenance\_window\_config](#input\_maintenance\_window\_config) | (Optional) Allows the configuration of the maintenance window, if not configured default is Wednesday@2.00am | object({
day_of_week = number
start_hour = number
start_minute = number
}) | {
"day_of_week": 3,
"start_hour": 2,
"start_minute": 0
} | no |
+| [main\_server\_additional\_alerts](#input\_main\_server\_additional\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | `{}` | no |
+| [maintenance\_window\_config](#input\_maintenance\_window\_config) | (Optional) Allows the configuration of the maintenance window, if not configured default is Wednesday@2.00am | object({
day_of_week = number
start_hour = number
start_minute = number
}) | {
"day_of_week": 3,
"start_hour": 2,
"start_minute": 0
} | no |
| [name](#input\_name) | (Required) The name which should be used for this PostgreSQL Flexible Server. Changing this forces a new PostgreSQL Flexible Server to be created. | `string` | n/a | yes |
| [pgbouncer\_enabled](#input\_pgbouncer\_enabled) | Is PgBouncer enabled into configurations? | `bool` | `true` | no |
| [private\_dns\_zone\_id](#input\_private\_dns\_zone\_id) | (Optional) The ID of the private dns zone to create the PostgreSQL Flexible Server. Changing this forces a new PostgreSQL Flexible Server to be created. | `string` | `null` | no |
| [private\_endpoint\_enabled](#input\_private\_endpoint\_enabled) | Is this instance private only? | `bool` | n/a | yes |
-| [replica\_server\_metric\_alerts](#input\_replica\_server\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | `{}` | no |
+| [replica\_server\_metric\_alerts](#input\_replica\_server\_metric\_alerts) | Map of name = criteria objects | map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# "Insights.Container/pods" "Insights.Container/nodes"
metric_namespace = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
# severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
severity = number
})) | `{}` | no |
| [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the Resource Group where the PostgreSQL Flexible Server should exist. | `string` | n/a | yes |
| [sku\_name](#input\_sku\_name) | The SKU Name for the PostgreSQL Flexible Server. The name of the SKU, follows the tier + name pattern (e.g. B\_Standard\_B1ms, GP\_Standard\_D2s\_v3, MO\_Standard\_E4s\_v3). | `string` | n/a | yes |
| [source\_server\_id](#input\_source\_server\_id) | (Required) Id of the source server to be replicated | `string` | n/a | yes |
diff --git a/postgresql_server/README.md b/postgresql_server/README.md
index b54d5b3d..47436c73 100644
--- a/postgresql_server/README.md
+++ b/postgresql_server/README.md
@@ -201,7 +201,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | +| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
{
action_group_id = string
webhook_properties = map(string)
}
))
set(object(| `[]` | no | | [administrator\_login](#input\_administrator\_login) | The Administrator Login for the PostgreSQL Server. | `string` | n/a | yes | | [administrator\_login\_password](#input\_administrator\_login\_password) | The Password associated with the administrator\_login for the PostgreSQL Server. | `string` | n/a | yes | | [alerts\_enabled](#input\_alerts\_enabled) | Should Metric Alerts be enabled? | `bool` | `true` | no | @@ -216,15 +216,15 @@ No modules. | [geo\_redundant\_backup\_enabled](#input\_geo\_redundant\_backup\_enabled) | Turn Geo-redundant server backups on/off. | `bool` | `false` | no | | [location](#input\_location) | n/a | `string` | n/a | yes | | [lock\_enable](#input\_lock\_enable) | Apply lock to block accedentaly deletions. | `bool` | `false` | no | -| [monitor\_metric\_alert\_criteria](#input\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for options
{
action_group_id = string
webhook_properties = map(string)
}
))
map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
+| [monitor\_metric\_alert\_criteria](#input\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for optionsmap(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
| [name](#input\_name) | n/a | `string` | n/a | yes |
-| [network\_rules](#input\_network\_rules) | Network rules restricting access to the postgresql server. | object({
ip_rules = list(string)
allow_access_to_azure_services = bool
}) | {
"allow_access_to_azure_services": false,
"ip_rules": []
} | no |
-| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable vnet private endpoint with required params | object({
enabled = bool
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | n/a | yes |
+| [network\_rules](#input\_network\_rules) | Network rules restricting access to the postgresql server. | object({
ip_rules = list(string)
allow_access_to_azure_services = bool
}) | {
"allow_access_to_azure_services": false,
"ip_rules": []
} | no |
+| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable vnet private endpoint with required params | object({
enabled = bool
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | n/a | yes |
| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | Whether or not public network access is allowed for this server. | `bool` | `false` | no |
-| [replica\_action](#input\_replica\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | +| [replica\_action](#input\_replica\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
{
action_group_id = string
webhook_properties = map(string)
}
))
set(object(| `[]` | no | | [replica\_allowed\_subnets](#input\_replica\_allowed\_subnets) | (Optional) Allowed subnets ids | `list(string)` | `[]` | no | -| [replica\_monitor\_metric\_alert\_criteria](#input\_replica\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for options
{
action_group_id = string
webhook_properties = map(string)
}
))
map(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
-| [replica\_network\_rules](#input\_replica\_network\_rules) | Network rules restricting access to the replica postgresql server. | object({
ip_rules = list(string)
allow_access_to_azure_services = bool
}) | {
"allow_access_to_azure_services": false,
"ip_rules": []
} | no |
+| [replica\_monitor\_metric\_alert\_criteria](#input\_replica\_monitor\_metric\_alert\_criteria) | Map of name = criteria objects, see these docs for optionsmap(object({
# criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
aggregation = string
metric_name = string
# criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
operator = string
threshold = number
# Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
frequency = string
# Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
window_size = string
dimension = list(object(
{
name = string
operator = string
values = list(string)
}
))
})) | `{}` | no |
+| [replica\_network\_rules](#input\_replica\_network\_rules) | Network rules restricting access to the replica postgresql server. | object({
ip_rules = list(string)
allow_access_to_azure_services = bool
}) | {
"allow_access_to_azure_services": false,
"ip_rules": []
} | no |
| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
| [restore\_point\_in\_time](#input\_restore\_point\_in\_time) | When create\_mode is PointInTimeRestore the point in time to restore from creation\_source\_server\_id. | `string` | `null` | no |
| [sku\_name](#input\_sku\_name) | Specifies the SKU Name for this PostgreSQL Server. | `string` | n/a | yes |
diff --git a/redis_cache/README.md b/redis_cache/README.md
index 71245fa5..89bc4977 100644
--- a/redis_cache/README.md
+++ b/redis_cache/README.md
@@ -67,7 +67,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [backup\_configuration](#input\_backup\_configuration) | n/a | object({
frequency = number
max_snapshot_count = number
storage_connection_string = string
}) | `null` | no |
+| [backup\_configuration](#input\_backup\_configuration) | n/a | object({
frequency = number
max_snapshot_count = number
storage_connection_string = string
}) | `null` | no |
| [capacity](#input\_capacity) | The size of the Redis cache to deploy | `number` | `1` | no |
| [data\_persistence\_authentication\_method](#input\_data\_persistence\_authentication\_method) | (Optional) Preferred auth method to communicate to storage account used for data persistence. Possible values are SAS and ManagedIdentity. Defaults to SAS. | `string` | `"SAS"` | no |
| [enable\_authentication](#input\_enable\_authentication) | If set to false, the Redis instance will be accessible without authentication. Defaults to true. | `bool` | `true` | no |
@@ -75,8 +75,8 @@ No modules.
| [family](#input\_family) | The SKU family/pricing group to use | `string` | n/a | yes |
| [location](#input\_location) | The location of the resource group. | `string` | n/a | yes |
| [name](#input\_name) | The name of the Redis instance. | `string` | n/a | yes |
-| [patch\_schedules](#input\_patch\_schedules) | n/a | list(object({
day_of_week = string
start_hour_utc = number
})) | `[]` | no |
-| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable private endpoint with required params | object({
enabled = bool
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | n/a | yes |
+| [patch\_schedules](#input\_patch\_schedules) | n/a | list(object({
day_of_week = string
start_hour_utc = number
})) | `[]` | no |
+| [private\_endpoint](#input\_private\_endpoint) | (Required) Enable private endpoint with required params | object({
enabled = bool
virtual_network_id = string
subnet_id = string
private_dns_zone_ids = list(string)
}) | n/a | yes |
| [private\_static\_ip\_address](#input\_private\_static\_ip\_address) | The Static IP Address to assign to the Redis Cache when hosted inside the Virtual Network | `string` | `null` | no |
| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | Whether or not public network access is allowed for this Redis Cache. true means this resource could be accessed by both public and private endpoint. false means only private endpoint access is allowed. Defaults to false. | `string` | `false` | no |
| [redis\_version](#input\_redis\_version) | The version of Redis to use: 4 (deprecated) or 6 | `string` | n/a | yes |
diff --git a/redis_cache/tests/README.md b/redis_cache/tests/README.md
index 7cab078e..e1c88a9f 100644
--- a/redis_cache/tests/README.md
+++ b/redis_cache/tests/README.md
@@ -10,3 +10,44 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [redis\_cache](#module\_redis\_cache) | ../../redis_cache | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_private_dns_zone.privatelink_redis_cache_windows_net](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) | resource |
+| [azurerm_private_dns_zone_virtual_network_link.privatelink_redis_cache_windows_net_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.private_endpoint_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"westeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [private\_endpoint\_subnet\_cidr](#input\_private\_endpoint\_subnet\_cidr) | n/a | `list(string)` | [| no | +| [tags](#input\_tags) | Azurerm test tags | `map(string)` |
"10.0.1.0/26"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +| Name | Description | +|------|-------------| +| [resource\_group\_name](#output\_resource\_group\_name) | n/a | + diff --git a/route_table/README.md b/route_table/README.md index eba57001..c4ab5bc1 100644 --- a/route_table/README.md +++ b/route_table/README.md @@ -26,7 +26,7 @@ No modules. | [location](#input\_location) | The location of the resource group. | `string` | n/a | yes | | [name](#input\_name) | The name of route table | `string` | n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes | -| [routes](#input\_routes) | n/a |
"10.0.0.0/16"
]
list(object({
name = string
address_prefix = string
next_hop_type = string
next_hop_in_ip_address = string
})) | n/a | yes |
+| [routes](#input\_routes) | n/a | list(object({
name = string
address_prefix = string
next_hop_type = string
next_hop_in_ip_address = string
})) | n/a | yes |
| [subnet\_ids](#input\_subnet\_ids) | List of ids of subnet to associate to the route table. | `list(string)` | n/a | yes |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
diff --git a/storage_account/README.md b/storage_account/README.md
index 5501ee01..c30d46fc 100644
--- a/storage_account/README.md
+++ b/storage_account/README.md
@@ -146,7 +146,7 @@ No modules.
| [account\_kind](#input\_account\_kind) | (Optional) Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Changing this forces a new resource to be created. | `string` | `"StorageV2"` | no |
| [account\_replication\_type](#input\_account\_replication\_type) | Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS. Changing this forces a new resource to be created when types LRS, GRS and RAGRS are changed to ZRS, GZRS or RAGZRS and vice versa | `string` | n/a | yes |
| [account\_tier](#input\_account\_tier) | Defines the Tier to use for this storage account. Valid options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid. Changing this forces a new resource to be created. | `string` | n/a | yes |
-| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | set(object(| `[]` | no | +| [action](#input\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. |
{
action_group_id = string
webhook_properties = map(string)
}
))
set(object(| `[]` | no | | [advanced\_threat\_protection](#input\_advanced\_threat\_protection) | Should Advanced Threat Protection be enabled on this resource? | `bool` | `false` | no | | [allow\_nested\_items\_to\_be\_public](#input\_allow\_nested\_items\_to\_be\_public) | Allow or disallow public access to all blobs or containers in the storage account. | `bool` | `false` | no | | [blob\_change\_feed\_enabled](#input\_blob\_change\_feed\_enabled) | (Optional) Is the blob service properties for change feed events enabled? Default to false. | `bool` | `false` | no | @@ -154,15 +154,15 @@ No modules. | [blob\_container\_delete\_retention\_days](#input\_blob\_container\_delete\_retention\_days) | Retention days for deleted container. Valid value is between 1 and 365 (set to 0 to disable). | `number` | `0` | no | | [blob\_delete\_retention\_days](#input\_blob\_delete\_retention\_days) | Retention days for deleted blob. Valid value is between 1 and 365 (set to 0 to disable). | `number` | `0` | no | | [blob\_last\_access\_time\_enabled](#input\_blob\_last\_access\_time\_enabled) | (Optional) Is the blob service properties for trace last access time. Default to false. | `bool` | `false` | no | -| [blob\_storage\_policy](#input\_blob\_storage\_policy) | Handle immutability policy for stored elements |
{
action_group_id = string
webhook_properties = map(string)
}
))
object({
enable_immutability_policy = bool
blob_restore_policy_days = number
}) | {
"blob_restore_policy_days": 0,
"enable_immutability_policy": false
} | no |
+| [blob\_storage\_policy](#input\_blob\_storage\_policy) | Handle immutability policy for stored elements | object({
enable_immutability_policy = bool
blob_restore_policy_days = number
}) | {
"blob_restore_policy_days": 0,
"enable_immutability_policy": false
} | no |
| [blob\_versioning\_enabled](#input\_blob\_versioning\_enabled) | Controls whether blob object versioning is enabled. | `bool` | `false` | no |
| [cross\_tenant\_replication\_enabled](#input\_cross\_tenant\_replication\_enabled) | (Optional) Should cross Tenant replication be enabled? Defaults to false. | `bool` | `false` | no |
-| [custom\_domain](#input\_custom\_domain) | Custom domain for accessing blob data | object({
name = string
use_subdomain = bool
}) | {
"name": null,
"use_subdomain": false
} | no |
+| [custom\_domain](#input\_custom\_domain) | Custom domain for accessing blob data | object({
name = string
use_subdomain = bool
}) | {
"name": null,
"use_subdomain": false
} | no |
| [domain](#input\_domain) | (Optional) Specifies the domain of the Storage Account. | `string` | `null` | no |
| [enable\_identity](#input\_enable\_identity) | (Optional) If true, set the identity as SystemAssigned | `bool` | `false` | no |
| [enable\_low\_availability\_alert](#input\_enable\_low\_availability\_alert) | Enable the Low Availability alert. Default is true | `bool` | `true` | no |
| [error\_404\_document](#input\_error\_404\_document) | The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file. | `string` | `null` | no |
-| [immutability\_policy\_props](#input\_immutability\_policy\_props) | Properties to setup the immutability policy. The resource can be created only with "Disabled" and "Unlocked" state. Change to "Locked" state doens't update the resource for a bug of the current module. | object({
allow_protected_append_writes = bool
period_since_creation_in_days = number
}) | {
"allow_protected_append_writes": false,
"period_since_creation_in_days": 730
} | no |
+| [immutability\_policy\_props](#input\_immutability\_policy\_props) | Properties to setup the immutability policy. The resource can be created only with "Disabled" and "Unlocked" state. Change to "Locked" state doens't update the resource for a bug of the current module. | object({
allow_protected_append_writes = bool
period_since_creation_in_days = number
}) | {
"allow_protected_append_writes": false,
"period_since_creation_in_days": 730
} | no |
| [index\_document](#input\_index\_document) | The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive. | `string` | `null` | no |
| [is\_hns\_enabled](#input\_is\_hns\_enabled) | Enable Hierarchical Namespace enabled (Azure Data Lake Storage Gen 2). Changing this forces a new resource to be created. | `bool` | `false` | no |
| [is\_sftp\_enabled](#input\_is\_sftp\_enabled) | Enable SFTP | `bool` | `false` | no |
@@ -170,7 +170,7 @@ No modules.
| [low\_availability\_threshold](#input\_low\_availability\_threshold) | The Low Availability threshold. If metric average is under this value, the alert will be triggered. Default is 99.8 | `number` | `99.8` | no |
| [min\_tls\_version](#input\_min\_tls\_version) | The minimum supported TLS version for the storage account. Possible values are TLS1\_0, TLS1\_1, and TLS1\_2 | `string` | `"TLS1_2"` | no |
| [name](#input\_name) | n/a | `string` | n/a | yes |
-| [network\_rules](#input\_network\_rules) | n/a | object({
default_action = string # Specifies the default action of allow or deny when no other rules match. Valid options are Deny or Allow
bypass = set(string) # Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None
ip_rules = list(string) # List of public IP or IP ranges in CIDR Format. Only IPV4 addresses are allowed
virtual_network_subnet_ids = list(string) # A list of resource ids for subnets.
}) | `null` | no |
+| [network\_rules](#input\_network\_rules) | n/a | object({
default_action = string # Specifies the default action of allow or deny when no other rules match. Valid options are Deny or Allow
bypass = set(string) # Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None
ip_rules = list(string) # List of public IP or IP ranges in CIDR Format. Only IPV4 addresses are allowed
virtual_network_subnet_ids = list(string) # A list of resource ids for subnets.
}) | `null` | no |
| [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | Enable or Disable public access. It should always set to false unless there are special needs | `bool` | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
| [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
diff --git a/storage_account/tests/README.md b/storage_account/tests/README.md
index 7cab078e..ab329853 100644
--- a/storage_account/tests/README.md
+++ b/storage_account/tests/README.md
@@ -10,3 +10,39 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.76.0, <= 3.100.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [storage\_account](#module\_storage\_account) | ../../storage_account | n/a |
+| [storage\_account\_immutable](#module\_storage\_account\_immutable) | ../../storage_account | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"westeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [tags](#input\_tags) | Azurerm test tags | `map(string)` | {
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [resource\_group\_name](#output\_resource\_group\_name) | n/a |
+
diff --git a/storage_account_customer_managed_key/README.md b/storage_account_customer_managed_key/README.md
new file mode 100644
index 00000000..91c88dab
--- /dev/null
+++ b/storage_account_customer_managed_key/README.md
@@ -0,0 +1,43 @@
+# storage_account_customer_managed_key
+
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | ~>3.30 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_key_vault_access_policy.storage](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
+| [azurerm_key_vault_key.key](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key) | resource |
+| [azurerm_storage_account_customer_managed_key.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account_customer_managed_key) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [key\_name](#input\_key\_name) | The arbitrary name of the key that will be created in the key vault | `string` | n/a | yes |
+| [key\_size](#input\_key\_size) | The RSA, EC key size | `number` | `4096` | no |
+| [key\_type](#input\_key\_type) | Key type | `string` | `"RSA"` | no |
+| [key\_vault\_id](#input\_key\_vault\_id) | The id of the keyvault containing the customer key to use for encryption | `string` | n/a | yes |
+| [location](#input\_location) | n/a | `string` | n/a | yes |
+| [resource\_group\_name](#input\_resource\_group\_name) | n/a | `string` | n/a | yes |
+| [storage\_id](#input\_storage\_id) | The target storage account id (e.g. azurerm\_storage\_account.example.id ) | `string` | n/a | yes |
+| [storage\_principal\_id](#input\_storage\_principal\_id) | The target storage account principal (e.g. azurerm\_storage\_account.example.identity.0.principal\_id ) | `string` | n/a | yes |
+| [tenant\_id](#input\_tenant\_id) | n/a | `string` | `null` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [id](#output\_id) | n/a |
+| [key\_id](#output\_key\_id) | n/a |
+
diff --git a/storage_account_customer_managed_key/tests/README.md b/storage_account_customer_managed_key/tests/README.md
index 7cab078e..75fdb216 100644
--- a/storage_account_customer_managed_key/tests/README.md
+++ b/storage_account_customer_managed_key/tests/README.md
@@ -10,3 +10,43 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [key\_vault](#module\_key\_vault) | ../../key_vault | n/a |
+| [storage\_account](#module\_storage\_account) | ../../storage_account | n/a |
+| [storage\_account\_customer\_managed\_key](#module\_storage\_account\_customer\_managed\_key) | ../../storage_account_customer_managed_key | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_key_vault_access_policy.current_user](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
+| [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"westeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [tags](#input\_tags) | Azurerm test tags | `map(string)` | {
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [resource\_group\_name](#output\_resource\_group\_name) | n/a |
+
diff --git a/storage_management_policy/README.md b/storage_management_policy/README.md
index 3a5c2c54..1e3320c7 100644
--- a/storage_management_policy/README.md
+++ b/storage_management_policy/README.md
@@ -55,7 +55,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [rules](#input\_rules) | n/a | list(object({
name = string
enabled = bool
filters = object({
prefix_match = list(string) # (Optional) An array of strings for prefixes to be matched.
blob_types = list(string) # (Required) An array of predefined values. Valid options are blockBlob and appendBlob.
})
actions = object({
base_blob = object({
delete_after_days_since_modification_greater_than = optional(number, null)
delete_after_days_since_creation_greater_than = optional(number, null)
delete_after_days_since_last_access_time_greater_than = optional(number, null)
tier_to_cool_after_days_since_modification_greater_than = optional(number, null)
tier_to_cool_after_days_since_creation_greater_than = optional(number, null)
tier_to_cool_after_days_since_last_access_time_greater_than = optional(number, null)
tier_to_archive_after_days_since_modification_greater_than = optional(number, null)
tier_to_archive_after_days_since_creation_greater_than = optional(number, null)
tier_to_archive_after_days_since_last_access_time_greater_than = optional(number, null)
tier_to_archive_after_days_since_last_tier_change_greater_than = optional(number, null)
})
snapshot = optional(object({
change_tier_to_archive_after_days_since_creation = optional(number, null)
change_tier_to_cool_after_days_since_creation = optional(number, null)
delete_after_days_since_creation_greater_than = optional(number, null)
tier_to_archive_after_days_since_last_tier_change_greater_than = optional(number, null)
}), null)
version = optional(object({
change_tier_to_archive_after_days_since_creation = optional(number, null)
change_tier_to_cool_after_days_since_creation = optional(number, null)
delete_after_days_since_creation = optional(number, null)
tier_to_archive_after_days_since_last_tier_change_greater_than = optional(number, null)
}), null)
})
})) | `[]` | no |
+| [rules](#input\_rules) | n/a | list(object({
name = string
enabled = bool
filters = object({
prefix_match = list(string) # (Optional) An array of strings for prefixes to be matched.
blob_types = list(string) # (Required) An array of predefined values. Valid options are blockBlob and appendBlob.
})
actions = object({
base_blob = object({
delete_after_days_since_modification_greater_than = optional(number, null)
delete_after_days_since_creation_greater_than = optional(number, null)
delete_after_days_since_last_access_time_greater_than = optional(number, null)
tier_to_cool_after_days_since_modification_greater_than = optional(number, null)
tier_to_cool_after_days_since_creation_greater_than = optional(number, null)
tier_to_cool_after_days_since_last_access_time_greater_than = optional(number, null)
tier_to_archive_after_days_since_modification_greater_than = optional(number, null)
tier_to_archive_after_days_since_creation_greater_than = optional(number, null)
tier_to_archive_after_days_since_last_access_time_greater_than = optional(number, null)
tier_to_archive_after_days_since_last_tier_change_greater_than = optional(number, null)
})
snapshot = optional(object({
change_tier_to_archive_after_days_since_creation = optional(number, null)
change_tier_to_cool_after_days_since_creation = optional(number, null)
delete_after_days_since_creation_greater_than = optional(number, null)
tier_to_archive_after_days_since_last_tier_change_greater_than = optional(number, null)
}), null)
version = optional(object({
change_tier_to_archive_after_days_since_creation = optional(number, null)
change_tier_to_cool_after_days_since_creation = optional(number, null)
delete_after_days_since_creation = optional(number, null)
tier_to_archive_after_days_since_last_tier_change_greater_than = optional(number, null)
}), null)
})
})) | `[]` | no |
| [storage\_account\_id](#input\_storage\_account\_id) | Specifies the id of the storage account to apply the management policy to. | `string` | n/a | yes |
## Outputs
diff --git a/storage_management_policy/tests/README.md b/storage_management_policy/tests/README.md
index b2c32357..a9fa40f0 100644
--- a/storage_management_policy/tests/README.md
+++ b/storage_management_policy/tests/README.md
@@ -11,3 +11,39 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [storage\_account](#module\_storage\_account) | ../../storage_account | n/a |
+| [storage\_account\_management\_policy\_example](#module\_storage\_account\_management\_policy\_example) | ../../storage_management_policy | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"westeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [tags](#input\_tags) | Azurerm test tags | `map(string)` | {
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [resource\_group\_name](#output\_resource\_group\_name) | n/a |
+
diff --git a/storage_object_replication/README.md b/storage_object_replication/README.md
index 4bbf1242..a5346c6e 100644
--- a/storage_object_replication/README.md
+++ b/storage_object_replication/README.md
@@ -26,7 +26,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [destination\_storage\_account\_id](#input\_destination\_storage\_account\_id) | The ID of the destination storage account. | `string` | n/a | yes |
-| [rules](#input\_rules) | n/a | list(| n/a | yes | +| [rules](#input\_rules) | n/a |
object({
source_container_name = string
destination_container_name = string
copy_blobs_created_after = string
})
)
list(| n/a | yes | | [source\_storage\_account\_id](#input\_source\_storage\_account\_id) | The ID of the source storage account. | `string` | n/a | yes | ## Outputs diff --git a/storage_object_replication/tests/README.md b/storage_object_replication/tests/README.md index 7cab078e..b2c7a514 100644 --- a/storage_object_replication/tests/README.md +++ b/storage_object_replication/tests/README.md @@ -10,3 +10,42 @@ You need the access to DevOpsLab Subscription or change backend.ini value. - ./terraform.sh plan - ./terraform.sh apply - ./terraform.sh destroy + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [storage\_account](#module\_storage\_account) | ../../storage_account | n/a | +| [storage\_account\_replica](#module\_storage\_account\_replica) | ../../storage_account | n/a | +| [storage\_object\_replication](#module\_storage\_object\_replication) | ../../storage_object_replication | n/a | + +## Resources + +| Name | Type | +|------|------| +| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | +| [azurerm_storage_container.storage_account_mycontainer](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container) | resource | +| [azurerm_storage_container.storage_account_replica_mycontainer](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container) | resource | +| [random_id.unique](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [location](#input\_location) | Resorce location | `string` | `"westeurope"` | no | +| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no | +| [tags](#input\_tags) | Azurerm test tags | `map(string)` |
object({
source_container_name = string
destination_container_name = string
copy_blobs_created_after = string
})
)
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [resource\_group\_name](#output\_resource\_group\_name) | n/a |
+
diff --git a/subnet/README.md b/subnet/README.md
index 7e151fe7..3287eeb4 100644
--- a/subnet/README.md
+++ b/subnet/README.md
@@ -85,7 +85,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [address\_prefixes](#input\_address\_prefixes) | (Optional) The address prefixes to use for the subnet. (e.g. ['10.1.137.0/24']) | `list(string)` | `[]` | no |
-| [delegation](#input\_delegation) | n/a | object({
name = string #(Required) A name for this delegation.
service_delegation = object({
name = string #(Required) The name of service to delegate to. Possible values are https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet#service_delegation
actions = list(string) #(Optional) A list of Actions which should be delegated. Here the list: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet#actions
})
}) | `null` | no |
+| [delegation](#input\_delegation) | n/a | object({
name = string #(Required) A name for this delegation.
service_delegation = object({
name = string #(Required) The name of service to delegate to. Possible values are https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet#service_delegation
actions = list(string) #(Optional) A list of Actions which should be delegated. Here the list: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet#actions
})
}) | `null` | no |
| [name](#input\_name) | n/a | `string` | n/a | yes |
| [private\_endpoint\_network\_policies\_enabled](#input\_private\_endpoint\_network\_policies\_enabled) | (Optional) Enable or Disable network policies for the private endpoint on the subnet. Setting this to true will Enable the policy and setting this to false will Disable the policy. Defaults to true. | `bool` | `false` | no |
| [private\_link\_service\_network\_policies\_enabled](#input\_private\_link\_service\_network\_policies\_enabled) | (Optional) Enable or Disable network policies for the private link service on the subnet. Setting this to true will Enable the policy and setting this to false will Disable the policy. Defaults to true. | `bool` | `true` | no |
diff --git a/virtual_network/README.md b/virtual_network/README.md
index a47af086..6431b33b 100644
--- a/virtual_network/README.md
+++ b/virtual_network/README.md
@@ -49,7 +49,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [address\_space](#input\_address\_space) | n/a | `list(string)` | n/a | yes |
-| [ddos\_protection\_plan](#input\_ddos\_protection\_plan) | n/a | object({
id = string
enable = bool
}) | `null` | no |
+| [ddos\_protection\_plan](#input\_ddos\_protection\_plan) | n/a | object({
id = string
enable = bool
}) | `null` | no |
| [location](#input\_location) | The location/region where the virtual network is created. | `string` | n/a | yes |
| [name](#input\_name) | The name of the virtual network. Changing this forces a new resource to be created. | `string` | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group in which to create the virtual network. | `string` | n/a | yes |
diff --git a/vm_scale_set/tests/README.md b/vm_scale_set/tests/README.md
index 7cab078e..d54d91cc 100644
--- a/vm_scale_set/tests/README.md
+++ b/vm_scale_set/tests/README.md
@@ -10,3 +10,42 @@ You need the access to DevOpsLab Subscription or change backend.ini value.
- ./terraform.sh plan
- ./terraform.sh apply
- ./terraform.sh destroy
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 1.3.0 |
+| [azurerm](#requirement\_azurerm) | >= 3.30.0, <= 3.94.0 |
+| [null](#requirement\_null) | ~> 3.2 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [vmss](#module\_vmss) | ../../vm_scale_set | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.snet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [location](#input\_location) | Resorce location | `string` | `"northeurope"` | no |
+| [prefix](#input\_prefix) | Resorce prefix | `string` | `"azrmtest"` | no |
+| [source\_image\_name](#input\_source\_image\_name) | n/a | `string` | `"ubuntu2204-image-v1"` | no |
+| [subnet\_cidr\_vmss](#input\_subnet\_cidr\_vmss) | n/a | `list(string)` | [| no | +| [tags](#input\_tags) | Azurerm test tags | `map(string)` |
"10.0.1.0/26"
]
{
"CreatedBy": "Terraform",
"Source": "https://github.com/pagopa/terraform-azurerm-v3"
} | no |
+| [vnet\_address\_space](#input\_vnet\_address\_space) | n/a | `list(string)` | [| no | + +## Outputs + +No outputs. + diff --git a/vpn_gateway/README.md b/vpn_gateway/README.md index 03c8fcd5..c725a3fd 100644 --- a/vpn_gateway/README.md +++ b/vpn_gateway/README.md @@ -105,7 +105,7 @@ No modules. | [sku](#input\_sku) | Configuration of the size and capacity of the virtual network gateway. | `any` | n/a | yes | | [subnet\_id](#input\_subnet\_id) | Id of subnet where gateway should be deployed, have to be names GatewaySubnet. | `any` | n/a | yes | | [tags](#input\_tags) | Tags to apply to all resources created. | `map(string)` | `{}` | no | -| [vpn\_client\_configuration](#input\_vpn\_client\_configuration) | If set it will activate point-to-site configuration. |
"10.0.0.0/16"
]
list(object(| `[]` | no | +| [vpn\_client\_configuration](#input\_vpn\_client\_configuration) | If set it will activate point-to-site configuration. |
{
aad_audience = string
aad_issuer = string
aad_tenant = string
address_space = list(string)
radius_server_address = string
radius_server_secret = string
revoked_certificate = list(object(
{
name = string
thumbprint = string
}
))
root_certificate = list(object(
{
name = string
public_cert_data = string
}
))
vpn_client_protocols = list(string)
}
))
list(object(| `[]` | no | ## Outputs
{
aad_audience = string
aad_issuer = string
aad_tenant = string
address_space = list(string)
radius_server_address = string
radius_server_secret = string
revoked_certificate = list(object(
{
name = string
thumbprint = string
}
))
root_certificate = list(object(
{
name = string
public_cert_data = string
}
))
vpn_client_protocols = list(string)
}
))