Skip to content

DeimosCloud/terraform-azurerm-vnet

BranchesTags
 
 

Repository files navigation

terraform-azurerm-vnet

Build Status

Create a basic virtual network in Azure

This Terraform module deploys a Virtual Network in Azure with a subnet or a set of subnets passed in as input parameters.

The module does not create nor expose a security group. This would need to be defined separately as additional security rules on subnets in the deployed network.

Usage

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "example" {
  name     = "my-resources"
  location = "West Europe"
}

module "vnet" {
  source              = "Azure/vnet/azurerm"
  resource_group_name = azurerm_resource_group.example.name
  address_space       = ["10.0.0.0/16"]
  subnets = [
    { 
      "name"             = "subnet1",
      "address_prefixes" = ["10.0.1.0/24"]
    },
    { 
      "name"             = "subnet2",
      "address_prefixes" = ["10.0.2.0/24"]
    },
    { 
      "name"             = "subnet3",
      "address_prefixes" = ["10.0.3.0/24"]
    },
  ]

  tags = {
    environment = "dev"
    costcenter  = "it"
  }
}

Example adding a network security rule for SSH

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "example" {
  name     = "my-resources"
  location = "West Europe"
}

module "vnet" {
  source              = "Azure/vnet/azurerm"
  resource_group_name = azurerm_resource_group.example.name
  address_space       = ["10.0.0.0/16"]

  subnets = [
    { 
      "name"              = "subnet1",
      "address_prefixes"  = ["10.0.1.0/24"],
      "service_endpoints" = ["Microsoft.Sql"]
    },
    { 
      "name"                                           = "subnet2",
      "address_prefixes"                               = ["10.0.2.0/24"]
      "enforce_private_link_endpoint_network_policies" = true
    },
    { 
      "name"             = "subnet3",
      "address_prefixes" = ["10.0.3.0/24"]
    },
  ]

  nsg_ids = {
    subnet1 = azurerm_network_security_group.ssh.id
    subnet2 = azurerm_network_security_group.ssh.id
    subnet3 = azurerm_network_security_group.ssh.id
  }


  tags = {
    environment = "dev"
    costcenter  = "it"
  }
}

resource "azurerm_network_security_group" "ssh" {
  depends_on          = ["module.vnet"]
  name                = "ssh"
  location            = "westus"
  resource_group_name = "${var.resource_group_name}"

  security_rule {
    name                       = "test123"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "22"
    source_address_prefix      = "*"
    destination_address_prefix = "*"
  }

}

Test

Configurations

We provide 2 ways to build, run, and test the module on a local development machine. Native (Mac/Linux) or Docker.

Native (Mac/Linux)

Prerequisites

Environment setup

We provide simple script to quickly set up module development environment:

$ curl -sSL https://raw.githubusercontent.com/Azure/terramodtest/master/tool/env_setup.sh | sudo bash

Run test

Then simply run it in local shell:

$ cd $GOPATH/src/{directory_name}/
$ bundle install
$ rake build
$ rake full

Docker

We provide a Dockerfile to build a new image based FROM the microsoft/terraform-test Docker hub image which adds additional tools / packages specific for this module (see Custom Image section). Alternatively use only the microsoft/terraform-test Docker hub image by using these instructions.

Prerequisites

Custom Image

This builds the custom image:

$ docker build --build-arg BUILD_ARM_SUBSCRIPTION_ID=$ARM_SUBSCRIPTION_ID --build-arg BUILD_ARM_CLIENT_ID=$ARM_CLIENT_ID --build-arg BUILD_ARM_CLIENT_SECRET=$ARM_CLIENT_SECRET --build-arg BUILD_ARM_TENANT_ID=$ARM_TENANT_ID -t azure-vnet .

This runs the build and unit tests:

$ docker run --rm azure-vnet /bin/bash -c "bundle install && rake build"

This runs the end to end tests:

$ docker run --rm azure-vnet /bin/bash -c "bundle install && rake e2e"

This runs the full tests:

$ docker run --rm azure-vnet /bin/bash -c "bundle install && rake full"

Providers

Name Version
azurerm n/a

Inputs

Name Description Type Default Required
address_space The address space that is used by the virtual network. list(string) 
[
  "10.0.0.0/16"
]
 no
dns_servers The DNS servers to be used with vNet. list [] no
nsg_ids A map of subnet name to Network Security Group IDs map(string) {} no
resource_group_name Name of the resource group to be imported. any n/a yes
subnets List of maps containing Subnets and their inputs to be created. list 
[
  {
    "address_prefixes": [
      "10.0.1.0/24"
    ],
    "enforce_private_link_endpoint_network_policies": false,
    "enforce_private_link_service_network_policies": false,
    "name": "subnet1",
    "service_endpoints": null
  }
]
 no
tags The tags to associate with your network and subnets. map(string) 
{
  "ENV": "test"
}
 no
vnet_name Name of the vnet to create string "acctvnet" no

Outputs

Name Description
vnet_address_space The address space of the newly created vNet
vnet_id The id of the newly created vNet
vnet_location The location of the newly created vNet
vnet_name The Name of the newly created vNet
vnet_subnets The ids of subnets created inside the newl vNet

License

MIT

About

Terraform module to create/provision Azure vnet

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

3 tags

Packages

 
 
 

Contributors

Languages

  • HCL 57.0%
  • Go 17.4%
  • Dockerfile 13.1%
  • Ruby 12.5%