Azure · herms14 · Sep 29, 2023 · Sep 29, 2023 · Sep 29, 2023 · Oct 1, 2023
diff --git a/README.md b/README.md
@@ -1,9 +1,43 @@
 <!-- BEGIN_TF_DOCS -->
-# terraform-azurerm-avm-template
+# Azure Verified Module for Azure Virtual Networks
+
+This module provides a generic way to create and manage Azure Virtual Networks (vNet) and their associated resources.
+
+## Resources Created
+
+ -Azure Virtual Network (vNet): A virtual network with the specified configurations.
+
+ -Subnets: Subnets within the created virtual network.
+
+ -Network Security Group Association: Associates Network Security Groups to the created subnets.
+
+-Route Table Association: Associates Route Tables to the created subnets.
+
+-Management Lock: Applies a management lock to the virtual network if specified.
+
+-Role Assignment: Assigns roles to the virtual network based on the provided configurations.
+
+-Diagnostic Settings: Creates diagnostic settings for the virtual network.
+Usage
+
+To use this module in your Terraform configuration, you'll need to provide values for the required variables. Here's a basic example:
+
+```
+
+module "azure_vnet" {
+  source = "./path_to_this_module"
+
+  address_spaces = ["10.0.0.0/16"]
+  vnet_location  = "East US"
+  name           = "myVNet"
+  resource_group_name = "myResourceGroup"
+  // ... other required variables ...
+}
+
+```
+
 
-Module to deploy a Virtual Network in Azure along with subnets, NSGs and Route Tables and the ability to integrate existing DDOS protections plans to VNets.
 
-Note that this module requires an existing resource group.
 
 <!-- markdownlint-disable MD033 -->
 ## Requirements

diff --git a/examples/all_default/README.md b/examples/all_default/README.md
diff --git a/examples/all_default/main.tf b/examples/all_default/main.tf
@@ -23,4 +23,16 @@ module "vnet" {
     name = "test-lock"
     kind = "ReadOnly"
   } */
+
+# 
+  /* diagnostic_settings = {
+  vnet_diag = {
+    name                        = "vnet-diag"
+    workspace_resource_id       = "/subscriptions/47d02a61-9001-41bd-b4e7-6be9289027f4/resourceGroups/nvm-diagnostics-rg/providers/Microsoft.OperationalInsights/workspaces/nvm-workspace"
+    storage_account_resource_id = "/subscriptions/47d02a61-9001-41bd-b4e7-6be9289027f4/resourceGroups/nvm-diagnostics-rg/providers/Microsoft.Storage/storageAccounts/nvmdiagnosticsstr"
+  } 
+} */
 }
+
+
+
diff --git a/examples/all_default/outputs.tf b/examples/all_default/outputs.tf
@@ -1,3 +1,34 @@
+
+output "name" {
+  description = "The name of the newly created vNet"
+  value       = module.vnet.name
+}
+
 output "vnet_id" {
-  value = module.vnet.vnet_id
+  description = "The id of the newly created vNet"
+  value       = module.vnet.vnet_id
+}
+
+output "vnet_address_space" {
+  description = "The address space of the newly created vNet"
+  value       = module.vnet.vnet_address_space
+}
+
+output "subnet_names" {
+  description = "The names of the newly created subnets"
+  value = { for name in module.vnet.subnet_names: name => name }
+} 
+
+output "subnet_address_prefixes" {
+  description = "The address prefixes of the newly created subnets"
+  value = { for prefix in module.vnet.subnet_address_prefixes: prefix => prefix }
+}
+
+
+output "vnet_location" {
+  description = "The location of the newly created vNet"
+  value       = module.vnet.vnet_location
 }
+
+
+
diff --git a/examples/all_default/variables.tf b/examples/all_default/variables.tf
@@ -12,7 +12,7 @@ DESCRIPTION
 // Specifies the location of the resource group.
 variable "rg_location" {
   type        = string
-  default     = "westus"
+  default     = "eastus"
   description = <<DESCRIPTION
 This variable defines the Azure region where the resource group will be created.
 The default value is "westus".
@@ -22,7 +22,7 @@ DESCRIPTION
 // Specifies the location of the virtual network.
 variable "vnet_location" {
   type        = string
-  default     = "westus"
+  default     = "eastus"
   description = <<DESCRIPTION
 This variable defines the Azure region where the virtual network will be created.
 The default value is "westus".

diff --git a/examples/complete/README.md b/examples/complete/README.md
@@ -0,0 +1,6 @@
+# Examples
+
+Create a directory for each example.
+Create a README.md file in each directory to help consumers understand the example.
+
+> **Note:** Examples must be deployable and idempotent. Ensure that no input variables are requried to run the example and that random values are used to ensure unique resource names. E.g. use `random_pet` to generate a unique name for a resource.
diff --git a/examples/complete/outputs.tf b/examples/complete/outputs.tf
@@ -1,3 +1,34 @@
+
+output "name" {
+  description = "The name of the newly created vNet"
+  value       = module.vnet.name
+}
+
 output "vnet_id" {
-  value = module.vnet.vnet_id
+  description = "The id of the newly created vNet"
+  value       = module.vnet.vnet_id
+}
+
+output "vnet_address_space" {
+  description = "The address space of the newly created vNet"
+  value       = module.vnet.vnet_address_space
+}
+
+output "subnet_names" {
+  description = "The names of the newly created subnets"
+  value       = { for name in module.vnet.subnet_names : name => name }
+}
+
+output "subnet_address_prefixes" {
+  description = "The address prefixes of the newly created subnets"
+  value       = { for prefix in module.vnet.subnet_address_prefixes : prefix => prefix }
+}
+
+
+output "vnet_location" {
+  description = "The location of the newly created vNet"
+  value       = module.vnet.vnet_location
 }
+
+
+
diff --git a/examples/new_route/README.md b/examples/new_route/README.md
@@ -0,0 +1,6 @@
+# Examples
+
+Create a directory for each example.
+Create a README.md file in each directory to help consumers understand the example.
+
+> **Note:** Examples must be deployable and idempotent. Ensure that no input variables are requried to run the example and that random values are used to ensure unique resource names. E.g. use `random_pet` to generate a unique name for a resource.
diff --git a/examples/new_route/outputs.tf b/examples/new_route/outputs.tf
@@ -1,3 +1,34 @@
+
+output "name" {
+  description = "The name of the newly created vNet"
+  value       = module.vnet.name
+}
+
 output "vnet_id" {
-  value = module.vnet.vnet_id
+  description = "The id of the newly created vNet"
+  value       = module.vnet.vnet_id
+}
+
+output "vnet_address_space" {
+  description = "The address space of the newly created vNet"
+  value       = module.vnet.vnet_address_space
+}
+
+output "subnet_names" {
+  description = "The names of the newly created subnets"
+  value       = { for name in module.vnet.subnet_names : name => name }
+}
+
+output "subnet_address_prefixes" {
+  description = "The address prefixes of the newly created subnets"
+  value       = { for prefix in module.vnet.subnet_address_prefixes : prefix => prefix }
+}
+
+
+output "vnet_location" {
+  description = "The location of the newly created vNet"
+  value       = module.vnet.vnet_location
 }
+
+
+
diff --git a/examples/new_security_rule/README.md b/examples/new_security_rule/README.md
@@ -0,0 +1,6 @@
+# Examples
+
+Create a directory for each example.
+Create a README.md file in each directory to help consumers understand the example.
+
+> **Note:** Examples must be deployable and idempotent. Ensure that no input variables are requried to run the example and that random values are used to ensure unique resource names. E.g. use `random_pet` to generate a unique name for a resource.
diff --git a/examples/new_security_rule/outputs.tf b/examples/new_security_rule/outputs.tf
@@ -1,3 +1,34 @@
+
+output "name" {
+  description = "The name of the newly created vNet"
+  value       = module.vnet.name
+}
+
 output "vnet_id" {
-  value = module.vnet.vnet_id
+  description = "The id of the newly created vNet"
+  value       = module.vnet.vnet_id
+}
+
+output "vnet_address_space" {
+  description = "The address space of the newly created vNet"
+  value       = module.vnet.vnet_address_space
+}
+
+output "subnet_names" {
+  description = "The names of the newly created subnets"
+  value       = { for name in module.vnet.subnet_names : name => name }
+}
+
+output "subnet_address_prefixes" {
+  description = "The address prefixes of the newly created subnets"
+  value       = { for prefix in module.vnet.subnet_address_prefixes : prefix => prefix }
+}
+
+
+output "vnet_location" {
+  description = "The location of the newly created vNet"
+  value       = module.vnet.vnet_location
 }
+
+
+
diff --git a/main.tf b/main.tf
@@ -82,3 +82,39 @@ resource "azurerm_role_assignment" "this" {
   skip_service_principal_aad_check       = each.value.skip_service_principal_aad_check
   delegated_managed_identity_resource_id = each.value.delegated_managed_identity_resource_id
 }
+
+# Create diagonostic settings for the virtual network
+resource "azurerm_monitor_diagnostic_setting" "example" {
+  # Filter out entries that don't have any of the required attributes set
+  for_each = {
+    for key, value in var.diagnostic_settings : key => value 
+    if value.workspace_resource_id != null || value.storage_account_resource_id != null || value.event_hub_authorization_rule_resource_id != null
+  }
+
+  name                = each.value.name != null ? each.value.name : "defaultDiagnosticSetting"
+  target_resource_id  = azurerm_virtual_network.vnet.id
+
+  log_analytics_workspace_id = each.value.workspace_resource_id != null ? each.value.workspace_resource_id : null
+  storage_account_id  = each.value.storage_account_resource_id != null ? each.value.storage_account_resource_id : null
+  eventhub_authorization_rule_id = each.value.event_hub_authorization_rule_resource_id != null ? each.value.event_hub_authorization_rule_resource_id : null
+  eventhub_name       = each.value.event_hub_name != null ? each.value.event_hub_name : null
+
+    dynamic "enabled_log" {
+    for_each = each.value.log_categories_and_groups
+    content {
+      category = enabled_log.value
+      retention_policy {
+        enabled = false
+      }
+    }
+  }
+
+  dynamic "metric" {
+    for_each = each.value.metric_categories
+    content {
+      category = metric.value
+      enabled  = true
+    }
+  }
+}
+
diff --git a/outputs.tf b/outputs.tf
@@ -1,25 +1,41 @@
-output "vnet_address_space" {
-  description = "The address space of the newly created vNet"
-  value       = azurerm_virtual_network.vnet.address_space
+
+output "name" {
+  description = "The name of the newly created vNet"
+  value       = azurerm_virtual_network.vnet.name
 }
 
 output "vnet_id" {
   description = "The id of the newly created vNet"
   value       = azurerm_virtual_network.vnet.id
 }
-
-output "vnet_location" {
-  description = "The location of the newly created vNet"
-  value       = azurerm_virtual_network.vnet.location
-}
-
-output "vnet_name" {
-  description = "The name of the newly created vNet"
-  value       = azurerm_virtual_network.vnet.name
+output "vnet_address_space" {
+  description = "The address space of the newly created vNet"
+  value       = azurerm_virtual_network.vnet.address_space
 }
 
 //output subnet ids
 output "subnet_ids" {
   description = "The ids of the newly created subnets"
   value       = { for k, v in azurerm_subnet.subnet : k => v.id }
 }
+
+output "subnet_names" {
+  description = "The names of the newly created subnets"
+  value       = { for k, v in azurerm_subnet.subnet : k => v.name }
+}
+
+
+output "subnet_address_prefixes" {
+  description = "The address prefixes of the newly created subnets"
+  value = flatten([for s in values(azurerm_subnet.subnet) : s.address_prefixes])
+}
+
+
+
+output "vnet_location" {
+  description = "The location of the newly created vNet"
+  value       = azurerm_virtual_network.vnet.location
+}
+
+
+