Ccpay cpo

application-insights.tf

@@ -12,8 +12,4 @@ resource "azurerm_application_insights" "appinsights" {
       application_type,
     ]
   }
-}
-
-output "appInsightsInstrumentationKey" {
-  value = "${azurerm_application_insights.appinsights.instrumentation_key}"
-}
+}

asp.tf

@@ -1,18 +1,18 @@
-locals {
-  ase_name = join("-", ["core-compute", var.env])
-  asp_capacity = "${var.env == "prod" || var.env == "aat" ? 2 : 1}"
-  // I2 in prod like env, I1 everywhere else
-  sku_size = "${var.env == "prod" || var.env == "aat" ? "I2" : "I1"}"
-}
+# locals {
+#   ase_name = join("-", ["core-compute", var.env])
+#   asp_capacity = "${var.env == "prod" || var.env == "aat" ? 2 : 1}"
+#   // I2 in prod like env, I1 everywhere else
+#   sku_size = "${var.env == "prod" || var.env == "aat" ? "I2" : "I1"}"
+# }
 
-module "asp" {
-  source              = "git@github.com:hmcts/cnp-module-app-service-plan?ref=master"
-  location            = var.location
-  env                 = var.env
-  resource_group_name = azurerm_resource_group.rg.name
-  asp_capacity        = local.asp_capacity
-  asp_sku_size        = local.sku_size
-  asp_name            = var.product
-  ase_name            = local.ase_name
-  tag_list            = local.tags
-}
+# module "asp" {
+#   source              = "git@github.com:hmcts/cnp-module-app-service-plan?ref=master"
+#   location            = var.location
+#   env                 = var.env
+#   resource_group_name = azurerm_resource_group.rg.name
+#   asp_capacity        = local.asp_capacity
+#   asp_sku_size        = local.sku_size
+#   asp_name            = var.product
+#   ase_name            = local.ase_name
+#   tag_list            = local.tags
+# }

key-vault.tf

@@ -39,3 +39,19 @@ data "azurerm_user_assigned_identity" "ccpay-shared-identity" {
   resource_group_name = "managed-identities-${var.env}-rg"
 }
 
+data "azurerm_key_vault" "s2s_key_vault" {
+  name                = local.s2s_key_vault_name
+  resource_group_name = local.s2s_vault_resource_group
+}
+
+data "azurerm_key_vault_secret" "s2s_secret" {
+  name          = "microservicekey-ccpay-cpo-function-node"
+  key_vault_id  = data.azurerm_key_vault.s2s_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "ccpay_cpo_s2s_secret" {
+  name          = "ccpay-cpo-s2s-secret"
+  value         = data.azurerm_key_vault_secret.s2s_secret.value
+  key_vault_id  = data.azurerm_key_vault.ccpay_key_vault.id
+}
+

main.tf

@@ -8,8 +8,12 @@ locals {
     "Team Name" = var.team_name
     "Team Contact" = var.team_contact
   }
-
   tags = merge(var.common_tags, local.local_tags_ccpay)
+  vaultName = join("-", [var.core_product, var.env])
+  s2sUrl = "http://rpe-service-auth-provider-${var.env}.service.core-compute-${var.env}.internal"
+  s2s_rg_prefix               = "rpe-service-auth-provider"
+  s2s_key_vault_name          = var.env == "preview" || var.env == "spreview" ? join("-", ["s2s", "aat"]) : join("-", ["s2s", var.env])
+  s2s_vault_resource_group    = var.env == "preview" || var.env == "spreview" ? join("-", [local.s2s_rg_prefix, "aat"]) : join("-", [local.s2s_rg_prefix, var.env])
 }
 
 resource "azurerm_resource_group" "rg" {

output.tf

@@ -1,7 +0,0 @@
-output "vaultName" {
-  value = "${module.ccpay-vault.key_vault_name}"
-}
-
-output "vaultUri" {
-  value = "${module.ccpay-vault.key_vault_uri}"
-}

servicebus.tf

@@ -19,6 +19,13 @@ module "topic" {
   resource_group_name   = azurerm_resource_group.rg.name
 }
 
+module "topic_cpo" {
+  source                = "git@github.com:hmcts/terraform-module-servicebus-topic"
+  name                  = "ccpay-cpo-Topic"
+  namespace_name        = module.servicebus-namespace.name
+  resource_group_name   = azurerm_resource_group.rg.name
+}
+
 module "queue" {
   source                = "git@github.com:hmcts/terraform-module-servicebus-queue"
   name                  = local.retry_queue
@@ -36,23 +43,25 @@ module "subscription" {
   forward_dead_lettered_messages_to = module.queue.name
 }
 
-
+module "subscription_cpo" {
+  source                = "git@github.com:hmcts/terraform-module-servicebus-subscription"
+  name                  = local.subscription_name
+  namespace_name        = module.servicebus-namespace.name
+  topic_name            = module.topic_cpo.name
+  resource_group_name   = azurerm_resource_group.rg.name
+  max_delivery_count    = "1"
+  # forward_dead_lettered_messages_to = module.queue.name
+}
 
 resource "azurerm_key_vault_secret" "servicebus_primary_connection_string" {
   name      = "sb-primary-connection-string"
   value     = module.servicebus-namespace.primary_send_and_listen_connection_string
   key_vault_id = data.azurerm_key_vault.ccpay_key_vault.id
 }
 
-# primary connection string for send and listen operations
-output "sb_primary_send_and_listen_connection_string" {
-  value = module.servicebus-namespace.primary_send_and_listen_connection_string
-}
-
-output "topic_primary_send_and_listen_connection_string" {
-  value = module.topic.primary_send_and_listen_connection_string
+resource "azurerm_key_vault_secret" "cpo-topic-primary-send-listen-shared-access-key" {
+  name         = "cpo-topic-primary-send-listen-shared-access-key"
+  value        = module.topic_cpo.primary_send_and_listen_shared_access_key
+  key_vault_id = data.azurerm_key_vault.ccpay_key_vault.id
 }
 
-output "psc_subscription_connection_string" {
-  value = "${module.topic.primary_send_and_listen_connection_string}/subscriptions/${local.subscription_name}"
-}

state.tf

@@ -6,6 +6,11 @@ terraform {
       source  = "hashicorp/azurerm"
       version = "~> 2.25"
     }
+
+    azuread = {
+      source  = "hashicorp/azuread"
+      version = "1.6.0"
+    }
   }
 }
 

variables.tf

@@ -3,6 +3,11 @@ variable "product" {
   default = "ccpay"
 }
 
+variable "core_product" {
+  type    = string
+  default = "ccpay"
+}
+
 variable "location" {
   type    = string
   default = "UK South"
@@ -44,11 +49,6 @@ variable "application_type" {
   description = "Type of Application Insights (Web/Other)"
 }
 
-variable "health_check" {
-  default     = "/health"
-  description = "endpoint for healthcheck"
-}
-
 variable "managed_identity_object_id" {
   default = ""
 }