Skip to content

Commit

Permalink
Merge branch 'visiativ/feat/mgnt_configuration' of https://github.com…
Browse files Browse the repository at this point in the history
…/visiativ-agora/terraform-azurerm-caf into visiativ-agora-visiativ/feat/mgnt_configuration
  • Loading branch information
arnaudlh committed Jan 8, 2024
2 parents 8ac739a + 887162b commit 558074c
Show file tree
Hide file tree
Showing 23 changed files with 761 additions and 35 deletions.
4 changes: 4 additions & 0 deletions .github/workflows/standalone-scenarios.json
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,10 @@
"machine_learning/100-aml",
"machine_learning/101-aml-vnet",
"machine_learning/102-aml-compute_instance",
"maintenance_configuration/100-maintenance-configuration",
"maintenance_configuration/101-maintenance-configuration-schedule",
"maintenance_configuration/200-maintenance-configuration-assignment-vm-windows",
"maintenance_configuration/201-maintenance-configuration-assignment-vm-linux",
"maps/101-azure-maps-account",
"managed_service_identity/100-msi-levels",
"mariadb_server/100-simple-mariadb",
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
global_settings = {
default_region = "region1"
regions = {
region1 = "northeurope"
}
}

resource_groups = {
rg1 = {
name = "rsg_umc"
region = "region1"
}
}

maintenance_configuration = {
mc_re1 = {
name = "example-mc"
region = "region1"
resource_group_key = "rg1"
scope = "Host"
# tags = {} # optional
}
}



Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
global_settings = {
default_region = "region1"
regions = {
region1 = "northeurope"
}
}

resource_groups = {
rg1 = {
name = "rsg_umc"
region = "region1"
}
}

maintenance_configuration = {
mc_re1 = {
name = "example-mc"
region = "region1"
resource_group_key = "rg1"
scope = "InGuestPatch"
in_guest_user_patch_mode = "User"
window = {
start_date_time = "2023-06-08 15:04"
duration = "03:55"
time_zone = "Romance Standard Time"
recur_every = "2Day"
}

install_patches = {
windows = {
classifications_to_include = ["Critical", "Security"]
# kb_numbers_to_exclude = ["KB123456", "KB789012"]
# kb_numbers_to_include = ["KB345678", "KB901234"]
}
reboot = "IfRequired"
}
# tags = {} # optional
}
}


Original file line number Diff line number Diff line change
@@ -0,0 +1,156 @@
global_settings = {
default_region = "region1"
regions = {
region1 = "northeurope"
}
}

resource_groups = {
rg1 = {
name = "rsg_umc"
region = "region1"
}
}

keyvaults = {
example_vm_rg1 = {
name = "vmsecrets"
resource_group_key = "rg1"
sku_name = "standard"
creation_policies = {
logged_in_user = {
secret_permissions = ["Set", "Get", "List", "Delete", "Purge", "Recover"]
}
}
}
}

vnets = {
vnet_region1 = {
resource_group_key = "rg1"
vnet = {
name = "virtual_machines"
address_space = ["10.100.100.0/24"]
}
specialsubnets = {}
subnets = {
example = {
name = "examples"
cidr = ["10.100.100.0/29"]
}
}

}
}

public_ip_addresses = {
example_vm_pip1_rg1 = {
name = "example_vm_pip1"
resource_group_key = "rg1"
sku = "Standard"
allocation_method = "Static"
ip_version = "IPv4"
idle_timeout_in_minutes = "4"

}
}

virtual_machines = {

# Configuration to deploy a bastion host linux virtual machine
example_vm1 = {
resource_group_key = "rg1"
provision_vm_agent = true
# when boot_diagnostics_storage_account_key is empty string "", boot diagnostics will be put on azure managed storage
# when boot_diagnostics_storage_account_key is a non-empty string, it needs to point to the key of a user managed storage defined in diagnostic_storage_accounts
# if boot_diagnostics_storage_account_key is not defined, but global_settings.resource_defaults.virtual_machines.use_azmanaged_storage_for_boot_diagnostics is true, boot diagnostics will be put on azure managed storage

os_type = "windows"

# the auto-generated ssh key in keyvault secret. Secret name being {VM name}-ssh-public and {VM name}-ssh-private
keyvault_key = "example_vm_rg1"

# Define the number of networking cards to attach the virtual machine
networking_interfaces = {
nic0 = {
# Value of the keys from networking.tfvars
vnet_key = "vnet_region1"
subnet_key = "example"
name = "0"
enable_ip_forwarding = false
internal_dns_name_label = "nic0"
public_ip_address_key = "example_vm_pip1_rg1"
}
}

virtual_machine_settings = {
windows = {
name = "example_vm1"
size = "Standard_F2"
admin_username = "adminuser"


# Spot VM to save money
priority = "Spot"
eviction_policy = "Deallocate"

patch_mode = "AutomaticByPlatform"
bypass_platform_safety_checks_on_user_schedule_enabled = true
# When you want to load the file from the folder in the custom_data always use the relative path from the caf_solution in landing zones
custom_data = "../../examples/compute/virtual_machine/101-single-windows-vm/scripts/custom.ps1"
# Value of the nic keys to attach the VM. The first one in the list is the default nic
network_interface_keys = ["nic0"]

os_disk = {
name = "example_vm1-os"
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}

source_image_reference = {
publisher = "MicrosoftWindowsServer"
offer = "WindowsServer"
sku = "2019-Datacenter"
version = "latest"
}

}
}
}
}

maintenance_configuration = {
mc_re1 = {
name = "example-mc"
region = "region1"
resource_group_key = "rg1"
scope = "InGuestPatch"
in_guest_user_patch_mode = "User"
window = {
start_date_time = "2023-06-08 15:04"
duration = "03:55"
time_zone = "Romance Standard Time"
recur_every = "2Day"
}

install_patches = {
windows = {
classifications_to_include = ["Critical", "Security"]
# kb_numbers_to_exclude = ["KB123456", "KB789012"]
# kb_numbers_to_include = ["KB345678", "KB901234"]
}
reboot = "IfRequired"
}
# tags = {} # optional
}
}

maintenance_assignment_virtual_machine = {
example = {
region = "region1"
maintenance_configuration_key = "mc_re1"
virtual_machine = {
key = "example_vm1"
}
}
}
Loading

0 comments on commit 558074c

Please sign in to comment.