Merge pull request #29 from Microsoft/tfglobal

#4 Add script to deploy Resource group and Key Vault
microsoft · Mar 29, 2019 · 06a80e6 · 06a80e6
2 parents eb441b4 + 1cc4e0c
commit 06a80e6
Show file tree

Hide file tree

Showing 4 changed files with 82 additions and 78 deletions.
diff --git a/shared/README.md b/shared/README.md
@@ -1,14 +1,17 @@
-# Infrastructure deployment
+
+# Resource deployment
 
 ## Requirements
 
-- Azure Subscription User (with deployment rights)
+- Azure Subscription
+- Service Principal
 - [Terraform](https://www.terraform.io/downloads.html)
 
 ## Resources
 
 The following respources will be deployed
 - Azure Resource Group
+- Azure KeyVault 
 
 ## Deployment
 
@@ -26,15 +29,11 @@ $ terraform init
 $ terraform apply
 ```
 
-## Environmental Variables 
-
 To stop the command line from prompting questions use a .env file with the following environmental variables:
 
 ```
-export TF_VAR_app_name=cblt
-export TF_VAR_org=cse
-export TF_VAR_env=dev
 export TF_VAR_location=eastus
+export TF_VAR_company=myCompany
 ```
 
 After saving the file set environment using:
@@ -43,28 +42,9 @@ After saving the file set environment using:
 . .env
 ```
 
-Alternative use the variable.tf files in the directories and add the default key on the file as shown on the example below:
-
-``` json
-variable "location" {
-    type = "string"
-    description = "The name of the target location"
-    default = "eastus"
-}
-variable "env" {
-    type = "string",
-    description = "The short name of the target env (i.e. dev, staging, or prod)"
-    defailt = "dev"
-}
-variable "org" {
-    type = "string",
-    description = "The short name of the organization"
-    default = "cse"
-}
-variable "app_name" {
-    type = "string",
-    description = "The short name of the application"
-    default = "cblt"
-}
-
-```
+Alternatively, use the cluster.tfvars file to set parameter values as shown below:
+
+``` 
+location="esatus"
+company="myCompany"
+```
diff --git a/shared/cluster.tfvars b/shared/cluster.tfvars
@@ -0,0 +1,3 @@
+location=""
+company=""
+keyvault_sku=""
diff --git a/shared/main.tf b/shared/main.tf
@@ -1,47 +1,70 @@
-module "azure-provider" {
-    source = "./azure/provider"
+provider "azurerm" {
+    version = "~>1.21.0"
+}
+
+terraform {
+  required_version = "~> 0.11.11"
 }
 
 locals {
   location_suffixes = {
-    eastasia = "asea",
-    southeastasia	= "assw",
-    centralus	= "usce",
-    eastus = "usea",
-    eastus2	= "use2",
-    westus = "uswe",
-    westus2	= "usw2",
-    northcentralus = "usnc",
-    southcentralus = "ussc",
-    westcentralus	= "uswc",
-    northeurope	= "euno",
-    westeurope	= "euwe",
-    japanwest	= "jawe",
-    japaneast	= "jaea",
-    brazilsouth	= "brso",
-    australiaeast	= "auea",
+    eastasia           = "asea",
+    southeastasia      = "assw",
+    centralus          = "usce",
+    eastus             = "usea",
+    eastus2            = "use2",
+    westus             = "uswe",
+    westus2            = "usw2",
+    northcentralus     = "usnc",
+    southcentralus     = "ussc",
+    westcentralus      = "uswc",
+    northeurope        = "euno",
+    westeurope         = "euwe",
+    japanwest          = "jawe",
+    japaneast          = "jaea",
+    brazilsouth        = "brso",
+    australiaeast      = "auea",
     australiasoutheast = "ause",
-    southindia	= "inso",
-    centralindia	= "ince",
-    westindia	= "inwe",
-    canadacentral	= "cace",
-    canadaeast = "caea",
-    uksouth	= "ukso",
-    ukwest = "ukwe",
-    koreacentral = "koce",
-    koreasouth	= "koso",
-    francecentral	= "frce",
-    francesouth	= "frso",
-    australiacentral = "auce",
-    australiacentral2	= "auc2",
-    southafricanorth= "sano",
-    southafricawest	= "sawe",
+    southindia         = "inso",
+    centralindia       = "ince",
+    westindia          = "inwe",
+    canadacentral      = "cace",
+    canadaeast         = "caea",
+    uksouth            = "ukso",
+    ukwest             = "ukwe",
+    koreacentral       = "koce",
+    koreasouth         = "koso",
+    francecentral      = "frce",
+    francesouth        = "frso",
+    australiacentral   = "auce",
+    australiacentral2  = "auc2",
+    southafricanorth   = "sano",
+    southafricawest    = "sawe",
   }
+
   location_suffix = "${local.location_suffixes[var.location]}"
-  suffix = "${var.app_name}-${var.env}-${local.location_suffix}-${var.org}"
 }
 
 resource "azurerm_resource_group" "rg_core" {
-  name = "rg-${local.suffix}"
+  name     = "core-${local.location_suffix}-rg-${var.company}"
   location = "${var.location}"
-}
+}
+
+data "azurerm_client_config" "current" {}
+
+resource "azurerm_key_vault" "keyvault" {
+  name                = "core-${local.location_suffix}-kv-${var.company}"
+  location            = "${var.location}"
+  resource_group_name = "${azurerm_resource_group.rg_core.name}"
+  tenant_id           = "${data.azurerm_client_config.current.tenant_id}"
+  depends_on          = ["azurerm_resource_group.rg_core"]
+
+  sku {
+    name = "${var.keyvault_sku}"
+  }
+
+  network_acls {
+    default_action = "Allow"
+    bypass         = "AzureServices"
+  }
+}
diff --git a/shared/variables.tf b/shared/variables.tf
@@ -1,17 +1,15 @@
 variable "location" {
     type = "string"
     description = "The name of the target location"
+    default = "eastus"
 }
-variable "env" {
+variable "company" {
     type = "string",
-    description = "The short name of the target env (i.e. dev, staging, or prod)"
-}
-variable "org" {
-    type = "string",
-    description = "The short name of the organization"
-}
-variable "app_name" {
-    type = "string",
-    description = "The short name of the application"
+    description = "The short name of the company/app"
+    default = "msft"
 }
 
+variable "keyvault_sku" {
+  description = "SKU of the keyvault to create"
+  default     = "standard"
+}