Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/libre-devops/terraform-azurerm-event-hub-namespace

A module used to deploy an Azure event hub namespace, based on some parameters :fire:
https://github.com/libre-devops/terraform-azurerm-event-hub-namespace

azure azurerm azurerm-terraform-provider module terraform terraform-module

Last synced: 2 months ago
JSON representation

A module used to deploy an Azure event hub namespace, based on some parameters :fire:

Awesome Lists containing this project

README 

        
```hcl

module "rg" {

  source = "registry.terraform.io/libre-devops/rg/azurerm"



  rg_name  = "rg-${var.short}-${var.loc}-${terraform.workspace}-build" // rg-ldo-euw-dev-build

  location = local.location                                            // compares var.loc with the var.regions var to match a long-hand name, in this case, "euw", so "westeurope"

  tags     = local.tags



  #  lock_level = "CanNotDelete" // Do not set this value to skip lock

}



module "network" {

  source = "registry.terraform.io/libre-devops/network/azurerm"



  rg_name  = module.rg.rg_name // rg-ldo-euw-dev-build

  location = module.rg.rg_location

  tags     = local.tags



  vnet_name     = "vnet-${var.short}-${var.loc}-${terraform.workspace}-01" // vnet-ldo-euw-dev-01

  vnet_location = module.network.vnet_location



  address_space   = ["10.0.0.0/16"]

  subnet_prefixes = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]

  subnet_names    = ["sn1-${module.network.vnet_name}", "sn2-${module.network.vnet_name}", "sn3-${module.network.vnet_name}"] //sn1-vnet-ldo-euw-dev-01

  subnet_service_endpoints = {

    "sn1-${module.network.vnet_name}" = ["Microsoft.Storage", "Microsoft.EventHub"] // Adds extra subnet endpoints to sn1-vnet-ldo-euw-dev-01

    "sn2-${module.network.vnet_name}" = ["Microsoft.Storage", "Microsoft.Sql"],     // Adds extra subnet endpoints to sn2-vnet-ldo-euw-dev-01

    "sn3-${module.network.vnet_name}" = ["Microsoft.AzureActiveDirectory"]          // Adds extra subnet endpoints to sn3-vnet-ldo-euw-dev-01

  }

}



module "nsg" {

  source = "registry.terraform.io/libre-devops/nsg/azurerm"



  rg_name  = module.rg.rg_name

  location = module.rg.rg_location

  tags     = module.rg.rg_tags



  nsg_name  = "nsg-${element(keys(module.network.subnets_ids), 0)}" // nsg-sn1-vnet-ldo-euw-dev-01

  subnet_id = element(values(module.network.subnets_ids), 0)        // Adds NSG to all subnets

}



data "http" "user_ip" {

  url = "https://ipv4.icanhazip.com" // If running locally, running this block will fetch your outbound public IP of your home/office/ISP/VPN and add it.  It will add the hosted agent etc if running from Microsoft/GitLab

}



// This module does not consider for CMKs and allows the users to manually set bypasses

#checkov:skip=CKV2_AZURE_1:CMKs are not considered in this module

#checkov:skip=CKV2_AZURE_18:CMKs are not considered in this module

#checkov:skip=CKV_AZURE_33:Storage logging is not configured by default in this module

#tfsec:ignore:azure-storage-queue-services-logging-enabled tfsec:ignore:azure-storage-allow-microsoft-service-bypass #tfsec:ignore:azure-storage-default-action-deny

module "sa" {

  source = "registry.terraform.io/libre-devops/storage-account/azurerm"



  rg_name  = module.rg.rg_name

  location = module.rg.rg_location

  tags     = module.rg.rg_tags



  storage_account_name            = "st${var.short}${var.loc}${terraform.workspace}01"

  access_tier                     = "Hot"

  identity_type                   = "SystemAssigned"

  allow_nested_items_to_be_public = true



  storage_account_properties = {



    // Set this block to enable network rules

    network_rules = {

      default_action = "Allow"

    }



    blob_properties = {

      versioning_enabled       = false

      change_feed_enabled      = false

      default_service_version  = "2020-06-12"

      last_access_time_enabled = false



      deletion_retention_policies = {

        days = 10

      }



      container_delete_retention_policy = {

        days = 10

      }

    }



    routing = {

      publish_internet_endpoints  = false

      publish_microsoft_endpoints = true

      choice                      = "MicrosoftRouting"

    }

  }

}



#tfsec:ignore:azure-storage-no-public-access

resource "azurerm_storage_container" "event_hub_blob" {

  name                  = "blob${var.short}${var.loc}${terraform.workspace}01"

  storage_account_name  = module.sa.sa_name

  container_access_type = "container"

}



module "event_hub_namespace" {

  source = "registry.terraform.io/libre-devops/event-hub-namespace/azurerm"



  rg_name  = module.rg.rg_name

  location = module.rg.rg_location

  tags     = module.rg.rg_tags



  event_hub_namespace_name = "evhns-${var.short}-${var.loc}-${terraform.workspace}-01"

  identity_type            = "SystemAssigned"

  settings = {

    sku                  = "Standard"

    capacity             = 1

    auto_inflate_enabled = false

    zone_redundant       = false



    network_rulesets = {

      default_action                 = "Deny"

      trusted_service_access_enabled = true



      virtual_network_rule = {

        subnet_id                                       = element(values(module.network.subnets_ids), 0) // uses sn1

        ignore_missing_virtual_network_service_endpoint = false

      }

    }

  }

}

```



## Requirements



No requirements.



## Providers



| Name | Version |

|------|---------|

|  [azurerm](#provider\_azurerm) | n/a |



## Modules



No modules.



## Resources



| Name | Type |

|------|------|

| [azurerm_eventhub_namespace.evh](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/eventhub_namespace) | resource |



## Inputs



| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [event\_hub\_namespace\_name](#input\_event\_hub\_namespace\_name) | The name of the event hub namespace | `string` | n/a | yes |

|  [identity\_ids](#input\_identity\_ids) | Specifies a list of user managed identity ids to be assigned to the VM. | `list(string)` | `[]` | no |

|  [identity\_type](#input\_identity\_type) | The Managed Service Identity Type of this Virtual Machine. | `string` | `""` | no |

|  [location](#input\_location) | The location for this resource to be put in | `string` | n/a | yes |

|  [rg\_name](#input\_rg\_name) | The name of the resource group, this module does not create a resource group, it is expecting the value of a resource group already exists | `string` | n/a | yes |

|  [settings](#input\_settings) | Map used to contain all dynamic settings | `map(any)` | `{}` | no |

|  [tags](#input\_tags) | A map of the tags to use on the resources that are deployed with this module. | `map(string)` | 
{
  "source": "terraform"
}
 | no |



## Outputs



| Name | Description |

|------|-------------|

|  [default\_primary\_connection\_string](#output\_default\_primary\_connection\_string) | The primary connection string |

|  [default\_primary\_connection\_string\_alias](#output\_default\_primary\_connection\_string\_alias) | The primary connection string alias |

|  [default\_primary\_key](#output\_default\_primary\_key) | The primary key |

|  [default\_secondary\_connection\_string](#output\_default\_secondary\_connection\_string) | The primary connection string |

|  [default\_secondary\_connection\_string\_alias](#output\_default\_secondary\_connection\_string\_alias) | The secondary connection string alias |

|  [default\_secondary\_key](#output\_default\_secondary\_key) | The secondary key |

|  [id](#output\_id) | The EventHub Namespace ID. |

|  [name](#output\_name) | The EventHub Namespace name. |