https://github.com/libre-devops/terraform-azurerm-front-door
A module used to deploy an Azure Front Door
https://github.com/libre-devops/terraform-azurerm-front-door
Last synced: 2 months ago
JSON representation
A module used to deploy an Azure Front Door
- Host: GitHub
- URL: https://github.com/libre-devops/terraform-azurerm-front-door
- Owner: libre-devops
- License: mit
- Created: 2023-04-05T21:28:15.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2023-04-08T15:00:51.000Z (about 2 years ago)
- Last Synced: 2024-12-26T16:12:05.567Z (4 months ago)
- Language: HCL
- Size: 31.3 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
README
## Requirements
No requirements.
## Providers
| Name | Version |
|------|---------|
| [azurerm](#provider\_azurerm) | n/a |
## Modules
No modules.
## Resources
| Name | Type |
|------|------|
| [azurerm_cdn_frontdoor_custom_domain.custom_domain](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_custom_domain) | resource |
| [azurerm_cdn_frontdoor_custom_domain_association.domain_association](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_custom_domain_association) | resource |
| [azurerm_cdn_frontdoor_endpoint.front_door_endpoint](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_endpoint) | resource |
| [azurerm_cdn_frontdoor_firewall_policy.default_firewall_policy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_firewall_policy) | resource |
| [azurerm_cdn_frontdoor_origin.front_door_origin](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_origin) | resource |
| [azurerm_cdn_frontdoor_origin_group.front_door_origin_group](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_origin_group) | resource |
| [azurerm_cdn_frontdoor_profile.front_door_profile](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_profile) | resource |
| [azurerm_cdn_frontdoor_route.front_door_route](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_route) | resource |
| [azurerm_cdn_frontdoor_rule.default_rules](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_rule) | resource |
| [azurerm_cdn_frontdoor_rule_set.front_door_default_ruleset](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_rule_set) | resource |
| [azurerm_dns_zone.dns_zones](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/dns_zone) | resource |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [associate\_custom\_domain](#input\_associate\_custom\_domain) | Whether or not the custom domain (if create) should be associated to the front door | `bool` | `true` | no |
| [cache](#input\_cache) | The cache block in the custom route | `any` | `null` | no |
| [create\_front\_door\_custom\_domain](#input\_create\_front\_door\_custom\_domain) | Whether a custom domain should be made or not | `bool` | `false` | no |
| [create\_front\_door\_firewall\_rules](#input\_create\_front\_door\_firewall\_rules) | Whether you want to create firewall rules or not | `bool` | `true` | no |
| [create\_front\_door\_rules](#input\_create\_front\_door\_rules) | Whether front door rules should be made and added to the default ruleset | `bool` | `false` | no |
| [front\_door\_custom\_domain\_options](#input\_front\_door\_custom\_domain\_options) | The object which the DNS and custom domain resource conform to |
list(object({
resource_name = string
name = string
domain_name = string
host_name = string
tls = object({
certificate_type = optional(string)
minimum_tls_version = optional(string, "TLS12")
cdn_frontdoor_secret_id = optional(string)
})
soa_record = optional(object({
email = optional(string)
host_name = optional(string)
serial_number = optional(string)
expire_time = optional(number)
minimum_ttl = optional(number)
refresh_time = optional(number)
retry_time = optional(number)
ttl = optional(number)
tags = optional(map(string))
}))
routing_rules = optional(list(object({
name = optional(string)
cdn_frontdoor_endpoint_id = optional(string)
cdn_frontdoor_origin_group_id = optional(string)
cdn_frontdoor_origin_ids = optional(list(string))
cdn_frontdoor_rule_set_ids = optional(list(string))
cdn_frontdoor_custom_domain_id = optional(string)
cdn_frontdoor_route_ids = optional(list(string))
enabled = optional(bool, true)
forwarding_protocol = optional(string)
https_redirect_enabled = optional(string)
patterns_to_match = optional(list(string))
supported_protocols = optional(list(string))
cdn_frontdoor_custom_domain_ids = optional(list(string))
link_to_default_domain = optional(bool, false)
cache = optional(object({
query_string_caching_behavior = optional(string)
query_strings = optional(list(string))
compression_enabled = optional(bool)
content_types_to_compress = optional(list(string))
}))
})))
})) | `null` | no |
| [front\_door\_default\_rule\_name](#input\_front\_door\_default\_rule\_name) | The name of the default rule | `string` | `null` | no |
| [front\_door\_default\_ruleset\_name](#input\_front\_door\_default\_ruleset\_name) | The name of the default ruleset | `string` | `null` | no |
| [front\_door\_endpoint\_name](#input\_front\_door\_endpoint\_name) | The name of the front door endpoint name | `string` | `null` | no |
| [front\_door\_firewall\_rules](#input\_front\_door\_firewall\_rules) | The object which front door firewall rules must conform to | list(object({
name = string
mode = string
redirect_url = string
custom_block_response_status_code = number
custom_block_response_body = string
custom_rule = optional(object({
name = optional(string)
action = optional(string)
enabled = optional(bool, true)
priority = optional(number)
type = optional(string)
match_condition = optional(object({
match_variable = string
match_values = list(string)
operator = string
selector = optional(string)
negation_condition = optional(string)
transforms = optional(list(string), [])
}))
rate_limit_duration_in_minutes = optional(number)
rate_limit_threshold = optional(number)
}))
managed_rule = optional(object({
type = optional(string)
version = optional(string, "2.1")
action = optional(string)
override = optional(object({
rule_group_name = optional(string)
exclusion = optional(object({
match_variable = optional(string)
operator = optional(string)
selector = optional(string)
}))
rule = optional(object({
rule_id = optional(string)
action = optional(string)
enabled = optional(bool, false)
exclusion = optional(object({
match_variable = optional(string)
operator = optional(string)
selector = optional(string)
}))
}))
}))
exclusion = optional(object({
match_variable = optional(string)
operator = optional(string)
selector = optional(string)
}))
}))
})) | n/a | yes |
| [front\_door\_name](#input\_front\_door\_name) | The name of the front door resource | `string` | n/a | yes |
| [front\_door\_origin\_group\_name](#input\_front\_door\_origin\_group\_name) | The name of the front door origin group | `string` | `null` | no |
| [front\_door\_origin\_group\_restore\_traffic\_time\_to\_healed\_or\_new\_endpoint\_in\_minutes](#input\_front\_door\_origin\_group\_restore\_traffic\_time\_to\_healed\_or\_new\_endpoint\_in\_minutes) | ifies the amount of time which should elapse before shifting traffic to another endpoint when a healthy endpoint becomes unhealthy or a new endpoint is added. | `number` | `10` | no |
| [front\_door\_origin\_group\_session\_affinity\_enabled](#input\_front\_door\_origin\_group\_session\_affinity\_enabled) | Whether session affinity is enabled in the origin group, defaults to true | `bool` | `true` | no |
| [front\_door\_origin\_name](#input\_front\_door\_origin\_name) | The name of the front door origin resource (not the resource target | `string` | `null` | no |
| [front\_door\_response\_timeout\_seconds](#input\_front\_door\_response\_timeout\_seconds) | The response timeout in seconds of the front door resource | `number` | `120` | no |
| [front\_door\_route\_name](#input\_front\_door\_route\_name) | The resource name of the front door route | `string` | `null` | no |
| [front\_door\_rules](#input\_front\_door\_rules) | The object which front door routing rules must conform to | list(object({
name = string
order = number
behaviour_on_match = string
actions = optional(object({
url_rewrite_action = optional(object({
source_pattern = optional(string)
destination = optional(string)
preserve_unmatched_path = optional(bool)
}))
url_redirect_action = optional(object({
redirect_type = optional(string)
destination_hostname = optional(string)
redirect_protocol = optional(string)
destination_path = optional(string)
query_string = optional(string)
destination_fragment = optional(string)
}))
request_header_action = optional(object({
header_action = optional(string)
header_name = optional(string)
value = optional(string)
}))
response_header_action = optional(object({
header_action = optional(string)
header_name = optional(string)
value = optional(string)
}))
route_configuration_override_action = optional(object({
cdn_frontdoor_origin_group_id = optional(string)
forwarding_protocol = optional(string)
query_string_caching_behavior = optional(string)
query_string_parameters = optional(list(string))
compression_enabled = optional(bool)
cache_behavior = optional(string)
cache_duration = optional(string)
}))
}))
conditions = optional(object({
ssl_protocol_condition = optional(object({
match_values = optional(string, "TLSv1.2")
operator = optional(string)
negate_condition = optional(bool)
}))
host_name_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
transforms = optional(string)
}))
server_port_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
}))
client_port_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
}))
socket_address_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
}))
remote_address_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
}))
request_method_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
}))
query_string_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
transforms = optional(list(string))
}))
post_args_condition = optional(object({
post_args_name = optional(string, "POST")
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
transforms = optional(list(string))
}))
request_uri_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
transforms = optional(list(string))
}))
request_header_condition = optional(object({
header_name = optional(string)
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
transforms = optional(list(string))
}))
request_body_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
transforms = optional(list(string))
}))
request_scheme_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
}))
url_path_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
transforms = optional(list(string))
}))
url_file_extension_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
transforms = optional(list(string))
}))
url_filename_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
transforms = optional(list(string))
}))
http_version_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
}))
cookies_condition = optional(object({
cookie_name = optional(string)
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
transforms = optional(list(string))
}))
is_device_condition = optional(object({
operator = optional(string)
negate_condition = optional(bool)
match_values = optional(list(string))
}))
}))
})) | n/a | yes |
| [front\_door\_sku\_name](#input\_front\_door\_sku\_name) | The name of the front door sku | `string` | `"Standard_AzureFrontDoor"` | no |
| [front\_door\_target\_app\_certificate\_name\_check](#input\_front\_door\_target\_app\_certificate\_name\_check) | Whether cert validation should happen on the app | `bool` | `true` | no |
| [front\_door\_target\_app\_hostname](#input\_front\_door\_target\_app\_hostname) | The host name of the application to sit behind the front door | `string` | n/a | yes |
| [front\_door\_target\_app\_http\_port](#input\_front\_door\_target\_app\_http\_port) | The default http port for the target app | `number` | `80` | no |
| [front\_door\_target\_app\_https\_port](#input\_front\_door\_target\_app\_https\_port) | The default https port for the target app | `number` | `443` | no |
| [front\_door\_target\_app\_priority](#input\_front\_door\_target\_app\_priority) | The priority for the target app | `number` | `1` | no |
| [front\_door\_target\_app\_weight](#input\_front\_door\_target\_app\_weight) | The weight for the target app | `number` | `500` | no |
| [health\_probe](#input\_health\_probe) | The health probe block | `any` | `null` | no |
| [identity\_ids](#input\_identity\_ids) | Specifies a list of user managed identity ids to be assigned to the VM. | `list(string)` | `[]` | no |
| [identity\_type](#input\_identity\_type) | The Managed Service Identity Type of this Virtual Machine. | `string` | `""` | no |
| [load\_balancing](#input\_load\_balancing) | The load balanacing block of front door origin group | `any` | `null` | no |
| [location](#input\_location) | The location for this resource to be put in | `string` | n/a | yes |
| [private\_link](#input\_private\_link) | The private link block of the origin | `any` | `null` | no |
| [rg\_name](#input\_rg\_name) | The name of the resource group, this module does not create a resource group, it is expecting the value of a resource group already exists | `string` | n/a | yes |
| [tags](#input\_tags) | A map of the tags to use on the resources that are deployed with this module. | `map(string)` | {
"source": "terraform"
} | no |
## Outputs
| Name | Description |
|------|-------------|
| [front\_door\_default\_ruleset\_id](#output\_front\_door\_default\_ruleset\_id) | The id of the default ruleset |
| [front\_door\_default\_ruleset\_name](#output\_front\_door\_default\_ruleset\_name) | The name of the default ruleset |
| [front\_door\_endpoint\_hostname](#output\_front\_door\_endpoint\_hostname) | The hostname of the frontdoor endpoint |
| [front\_door\_endpoint\_id](#output\_front\_door\_endpoint\_id) | The id of the frontdoor endpoint |
| [front\_door\_id](#output\_front\_door\_id) | The ID of the Azure Front Door resource |
| [front\_door\_origin\_group\_id](#output\_front\_door\_origin\_group\_id) | The id of the origin group |
| [front\_door\_origin\_group\_name](#output\_front\_door\_origin\_group\_name) | The name of the origin group |
| [front\_door\_origin\_id](#output\_front\_door\_origin\_id) | The id of the front door origin |
| [front\_door\_origin\_name](#output\_front\_door\_origin\_name) | The name of the front door origin |
| [front\_door\_origin\_private\_link](#output\_front\_door\_origin\_private\_link) | The private link block of the front door origin if used |
| [front\_door\_resource\_guid](#output\_front\_door\_resource\_guid) | The resource guid of the Azure Front Door resource |
| [front\_door\_resource\_rg\_name](#output\_front\_door\_resource\_rg\_name) | The resource\_group name of the Azure Front Door resource |