Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/joatmon08/terraform-azurerm-boundary
https://github.com/joatmon08/terraform-azurerm-boundary
Last synced: 9 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/joatmon08/terraform-azurerm-boundary
- Owner: joatmon08
- License: mpl-2.0
- Created: 2022-02-22T15:45:49.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2022-03-30T13:50:58.000Z (over 2 years ago)
- Last Synced: 2024-10-27T06:53:29.019Z (about 2 months ago)
- Language: HCL
- Size: 18.6 KB
- Stars: 0
- Watchers: 2
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# terraform-azurerm-boundary
A Terraform module to deploy a Boundary cluster on Azure for testing and exploration.
It uses the latest release of
[HashiCorp Boundary](https://www.boundaryproject.io/) available for Linux.It uses Azure Key Vault and uses a self-signed certificate. For the exact configuration,
review the controller and worker configuration under
`templates/`.**NOTE:** Use this module for testing purposes only!
## Attribution
This module modifies the
[reference architecture for Boundary on Azure](https://github.com/hashicorp/boundary-reference-architecture/tree/main/deployment/azure/azure).## Requirements
| Name | Version |
|------|---------|
| [azuread](#requirement\_azuread) | >=2.0 |
| [azurerm](#requirement\_azurerm) | >=2.0 |## Providers
| Name | Version |
|------|---------|
| [azuread](#provider\_azuread) | 2.18.0 |
| [azurerm](#provider\_azurerm) | 2.97.0 |
| [random](#provider\_random) | 3.1.0 |
| [tls](#provider\_tls) | 3.1.0 |## Modules
No modules.
## Resources
| Name | Type |
|------|------|
| [azuread_application.recovery_sp](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/application) | resource |
| [azuread_service_principal.recovery_sp](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/service_principal) | resource |
| [azuread_service_principal_password.recovery_sp](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/service_principal_password) | resource |
| [azurerm_application_security_group.controller_asg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_security_group) | resource |
| [azurerm_application_security_group.worker_asg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_security_group) | resource |
| [azurerm_availability_set.controller](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/availability_set) | resource |
| [azurerm_key_vault.boundary](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault) | resource |
| [azurerm_key_vault_access_policy.controller](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
| [azurerm_key_vault_access_policy.sp](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
| [azurerm_key_vault_access_policy.worker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
| [azurerm_key_vault_access_policy.you](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
| [azurerm_key_vault_certificate.boundary](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_certificate) | resource |
| [azurerm_key_vault_key.keys](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_key) | resource |
| [azurerm_lb.boundary](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/lb) | resource |
| [azurerm_lb_backend_address_pool.pools](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/lb_backend_address_pool) | resource |
| [azurerm_lb_nat_rule.controller](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/lb_nat_rule) | resource |
| [azurerm_lb_nat_rule.worker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/lb_nat_rule) | resource |
| [azurerm_lb_probe.controller_9200](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/lb_probe) | resource |
| [azurerm_lb_probe.worker_9202](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/lb_probe) | resource |
| [azurerm_lb_rule.controller](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/lb_rule) | resource |
| [azurerm_lb_rule.worker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/lb_rule) | resource |
| [azurerm_linux_virtual_machine.controller](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | resource |
| [azurerm_linux_virtual_machine.worker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | resource |
| [azurerm_network_interface.controller](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | resource |
| [azurerm_network_interface.worker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | resource |
| [azurerm_network_interface_application_security_group_association.controller](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_application_security_group_association) | resource |
| [azurerm_network_interface_application_security_group_association.worker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_application_security_group_association) | resource |
| [azurerm_network_interface_backend_address_pool_association.controller](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_backend_address_pool_association) | resource |
| [azurerm_network_interface_backend_address_pool_association.worker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_backend_address_pool_association) | resource |
| [azurerm_network_interface_nat_rule_association.controller](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_nat_rule_association) | resource |
| [azurerm_network_interface_nat_rule_association.worker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_nat_rule_association) | resource |
| [azurerm_network_interface_security_group_association.controller](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) | resource |
| [azurerm_network_interface_security_group_association.worker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) | resource |
| [azurerm_network_security_group.controller_net](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_group) | resource |
| [azurerm_network_security_group.controller_nics](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_group) | resource |
| [azurerm_network_security_group.worker_net](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_group) | resource |
| [azurerm_network_security_group.worker_nics](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_group) | resource |
| [azurerm_network_security_rule.controller_9200](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
| [azurerm_network_security_rule.controller_9201](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
| [azurerm_network_security_rule.controller_nic_9200](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
| [azurerm_network_security_rule.controller_nic_9201](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
| [azurerm_network_security_rule.controller_nic_ssh](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
| [azurerm_network_security_rule.controller_ssh](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
| [azurerm_network_security_rule.worker_9202](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
| [azurerm_network_security_rule.worker_nic_9202](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
| [azurerm_network_security_rule.worker_nic_ssh](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
| [azurerm_network_security_rule.worker_ssh](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
| [azurerm_postgresql_server.boundary](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_server) | resource |
| [azurerm_postgresql_virtual_network_rule.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_virtual_network_rule) | resource |
| [azurerm_public_ip.boundary](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource |
| [azurerm_subnet_network_security_group_association.controller](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet_network_security_group_association) | resource |
| [azurerm_subnet_network_security_group_association.worker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet_network_security_group_association) | resource |
| [azurerm_user_assigned_identity.controller](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/user_assigned_identity) | resource |
| [azurerm_user_assigned_identity.worker](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/user_assigned_identity) | resource |
| [random_id.id](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
| [random_id.vault](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
| [random_password.database](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
| [tls_private_key.boundary](https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/private_key) | resource |
| [azuread_client_config.current](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/client_config) | data source |
| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [boundary\_version](#input\_boundary\_version) | Version of Boundary to install. Default is `0.7.5`. | `string` | `"0.7.5"` | no |
| [cert\_cn](#input\_cert\_cn) | Certificate common name for Boundary. Default is `boundary-azure`. | `string` | `"boundary-azure"` | no |
| [controller\_subnet\_id](#input\_controller\_subnet\_id) | Azure subnet ID for Boundary controllers. | `string` | n/a | yes |
| [controller\_vm\_count](#input\_controller\_vm\_count) | Number of controller VMs for Boundary. Default is `1`. | `number` | `1` | no |
| [controller\_vm\_size](#input\_controller\_vm\_size) | Size of controller VMs for Boundary. Default is `Standard_D2as_v4`. | `string` | `"Standard_D2as_v4"` | no |
| [db\_username](#input\_db\_username) | PostgreSQL admin username for Boundary. Default is `sqladmin`. | `string` | `"sqladmin"` | no |
| [location](#input\_location) | Location of Azure resource group. | `string` | n/a | yes |
| [resource\_group\_name](#input\_resource\_group\_name) | Name of Azure resource group. | `string` | n/a | yes |
| [tags](#input\_tags) | List of tags to add to Boundary resources. Merged with module tags. | `map(string)` | `{}` | no |
| [worker\_subnet\_id](#input\_worker\_subnet\_id) | Azure subnet ID for Boundary workers. | `string` | n/a | yes |
| [worker\_vm\_count](#input\_worker\_vm\_count) | Number of worker VMs for Boundary. Default is `1`. | `number` | `1` | no |
| [worker\_vm\_size](#input\_worker\_vm\_size) | Size of worker VMs for Boundary. Default is `Standard_D2as_v4`. | `string` | `"Standard_D2as_v4"` | no |## Outputs
| Name | Description |
|------|-------------|
| [boundary\_database\_password](#output\_boundary\_database\_password) | n/a |
| [client\_id](#output\_client\_id) | n/a |
| [client\_secret](#output\_client\_secret) | n/a |
| [key\_vault\_name](#output\_key\_vault\_name) | n/a |
| [private\_key](#output\_private\_key) | n/a |
| [public\_dns\_name](#output\_public\_dns\_name) | n/a |
| [public\_key](#output\_public\_key) | n/a |
| [tenant\_id](#output\_tenant\_id) | n/a |
| [url](#output\_url) | n/a |
| [worker\_security\_group\_id](#output\_worker\_security\_group\_id) | n/a |