Azure Service Bus feature

This Terraform module creates an Azure Service Bus.

Global versioning rule for Claranet Azure modules

Module version	Terraform version	OpenTofu version	AzureRM version
>= 8.x.x	Unverified	1.8.x	>= 4.0
>= 7.x.x	1.3.x		>= 3.0
>= 6.x.x	1.x		>= 3.0
>= 5.x.x	0.15.x		>= 2.0
>= 4.x.x	0.13.x / 0.14.x		>= 2.0
>= 3.x.x	0.12.x		>= 2.0
>= 2.x.x	0.12.x		< 2.0
< 2.x.x	0.11.x		< 2.0

Contributing

If you want to contribute to this repository, feel free to use our pre-commit git hook configuration which will help you automatically update and format some files for you by enforcing our Terraform code module best-practices.

More details are available in the CONTRIBUTING.md file.

Usage

This module is optimized to work with the Claranet terraform-wrapper tool which set some terraform variables in the environment needed by this module. More details about variables set by the terraform-wrapper available in the documentation.

⚠️ Since modules version v8.0.0, we do not maintain/check anymore the compatibility with Hashicorp Terraform. Instead, we recommend to use OpenTofu.

module "servicebus" {
  source  = "claranet/service-bus/azurerm"
  version = "x.x.x"

  location       = module.azure_region.location
  location_short = module.azure_region.location_short
  client_name    = var.client_name
  environment    = var.environment
  stack          = var.stack

  resource_group_name = module.rg.name

  logs_destinations_ids = [module.logs.id]
}

Providers

Name	Version
azurecaf	>= 1.2.28
azurerm	~> 4.31

Modules

Name	Source	Version
diagnostics	claranet/diagnostic-settings/azurerm	~> 8.2.0

Resources

Name	Type
azurerm_servicebus_namespace.main	resource
azurerm_servicebus_namespace_authorization_rule.listen	resource
azurerm_servicebus_namespace_authorization_rule.manage	resource
azurerm_servicebus_namespace_authorization_rule.send	resource
azurerm_servicebus_queue.main	resource
azurerm_servicebus_queue_authorization_rule.listen	resource
azurerm_servicebus_queue_authorization_rule.manage	resource
azurerm_servicebus_queue_authorization_rule.send	resource
azurerm_servicebus_subscription.main	resource
azurerm_servicebus_subscription_rule.main	resource
azurerm_servicebus_topic.main	resource
azurerm_servicebus_topic_authorization_rule.listen	resource
azurerm_servicebus_topic_authorization_rule.manage	resource
azurerm_servicebus_topic_authorization_rule.send	resource
azurecaf_name.servicebus_namespace	data source
azurecaf_name.servicebus_namespace_auth_rule	data source
azurecaf_name.servicebus_queue	data source
azurecaf_name.servicebus_queue_auth_rule	data source
azurecaf_name.servicebus_topic	data source
azurecaf_name.servicebus_topic_auth_rule	data source
azurecaf_name.servicebus_topic_sub	data source
azurecaf_name.servicebus_topic_sub_rule	data source

Inputs

Name	Description	Type	Default	Required
allowed_cidrs	List of CIDR to allow access to that Service Bus Namespace.	list(string)	[]	no
client_name	Client name/account used in naming.	string	n/a	yes
default_firewall_action	Which default firewalling policy to apply. Valid values are Allow or Deny.	string	"Deny"	no
default_tags_enabled	Option to enable or disable default tags.	bool	true	no
diagnostic_settings_custom_name	Custom name of the diagnostics settings, name will be 'default' if not set.	string	"default"	no
environment	Project environment.	string	n/a	yes
extra_tags	Extra tags to add.	map(string)	{}	no
identity_ids	Specifies a list of User Assigned Managed Identity IDs to be assigned to this Service Bus.	list(string)	null	no
identity_type	Specifies the type of Managed Service Identity that should be configured on this Service Bus. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both).	string	"SystemAssigned"	no
location	Azure location.	string	n/a	yes
location_short	Short string for Azure location.	string	n/a	yes
logs_categories	Log categories to send to destinations.	list(string)	null	no
logs_destinations_ids	List of destination resources IDs for logs diagnostic destination. Can be Storage Account, Log Analytics Workspace and Event Hub. No more than one of each can be set. If you want to specify an Azure EventHub to send logs and metrics to, you need to provide a formated string with both the EventHub Namespace authorization send ID and the EventHub name (name of the queue to use in the Namespace) separated by the `	` character.	list(string)	n/a
logs_metrics_categories	Metrics categories to send to destinations.	list(string)	null	no
name_prefix	Optional prefix for the generated name.	string	""	no
name_suffix	Optional suffix for the generated name.	string	""	no
namespace_authorizations	Object to specify which Namespace Authorization Rules need to be created.	object({ listen = optional(bool, true) send = optional(bool, true) manage = optional(bool, true) })	{}	no
namespace_parameters	Object to handle Service Bus Namespace options. custom_name = To override default resource name, generated if not set. sku = Defines which tier to use. Options are Basic, Standard or Premium. capacity = Specifies the capacity. When SKU is Premium, capacity can be 1, 2, 4, 8 or 16. premium_messaging_partitions = Specifies the number messaging partitions. Only valid when sku is Premium and the minimum number is 1. Possible values include 0, 1, 2, and 4. Changing this forces a new resource to be created. local_auth_enabled = Whether or not SAS authentication is enabled for the Service Bus Namespace. minimum_tls_version = The minimum supported TLS version for this Service Bus Namespace. public_network_access_enabled = Is public network access enabled for the Service Bus Namespace?	object({ custom_name = optional(string) sku = optional(string, "Standard") capacity = optional(number, 0) premium_messaging_partitions = optional(number, 0) local_auth_enabled = optional(bool, true) minimum_tls_version = optional(string, "1.2") public_network_access_enabled = optional(bool, true) })	{}	no
network_rules_enabled	Boolean to enable Network Rules on the Service Bus Namespace, requires trusted_services_allowed, allowed_cidrs, subnet_ids or default_firewall_action correctly set if enabled.	bool	false	no
resource_group_name	Resource group name.	string	n/a	yes
servicebus_queues	List of objects to create Queues with their options. name = Short Queue name. custom_name = Custom name for Azure resource. status = The status of the Queue. Possible values are Active, Creating, Deleting, Disabled, ReceiveDisabled, Renaming, SendDisabled, Unknown. Note that Restoring is not accepted. auto_delete_on_idle = Duration of the idle interval after which the Queue is automatically deleted. default_message_ttl = Duration of the TTL of messages sent to this Queue. duplicate_detection_history_time_window = Duration during which duplicates can be detected. lock_duration = Duration of a peek-lock that is, the amount of time that the message is locked for other receivers. Maximum value is 5 minutes. max_message_size_in_kilobytes = Integer value which controls the maximum size of a message allowed on the Queue for Premium SKU. max_size_in_megabytes = Integer value which controls the size of memory allocated for the Queue. max_delivery_count = Integer value which controls when a message is automatically dead lettered. batched_operations_enabled = Boolean flag which controls whether server-side batched operations are enabled. partitioning_enabled = Boolean flag which controls whether to enable the Queue to be partitioned across multiple message brokers. Partitioning is available at entity creation for all Queues and Topics in Basic or Standard SKUs. express_enabled = Boolean flag which controls whether Express Entities are enabled. An express Queue holds a message in memory temporarily before writing it to persistent storage. dead_lettering_on_message_expiration = Boolean flag which controls whether the Queue has dead letter support when a message expires. requires_duplicate_detection = Boolean flag which controls whether the Queue requires duplicate detection. requires_session = Boolean flag which controls whether the Queue requires sessions. This will allow ordered handling of unbounded sequences of related messages. With sessions enabled a Queue can guarantee first-in-first-out delivery of messages. forward_to = The name of a Queue or Topic to automatically forward messages to. forward_dead_lettered_messages_to = The name of a Queue or Topic to automatically forward dead lettered messages to. authorizations_custom_name = To override default Queue Authorization Rules names, generated if not set (first with the custom name of the Queue if set, otherwise with Azure CAF). authorizations = Object with listen, send and manage attributes to create Queues Authorizations Rules.	list(object({ name = string custom_name = optional(string) status = optional(string, "Active") auto_delete_on_idle = optional(string) default_message_ttl = optional(string) duplicate_detection_history_time_window = optional(string) lock_duration = optional(string) max_message_size_in_kilobytes = optional(number) max_size_in_megabytes = optional(number) max_delivery_count = optional(number, 10) batched_operations_enabled = optional(bool, true) partitioning_enabled = optional(bool) express_enabled = optional(bool) dead_lettering_on_message_expiration = optional(bool) requires_duplicate_detection = optional(bool) requires_session = optional(bool) forward_to = optional(string) forward_dead_lettered_messages_to = optional(string) authorizations_custom_name = optional(string) authorizations = optional(object({ listen = optional(bool, true) send = optional(bool, true) manage = optional(bool, true) }), {}) }))	[]	no
servicebus_topics	List of objects to create Topics with their options. name = Short Topic name. custom_name = Custom name for Azure resource. status = The status of the Service Bus Topic. Acceptable values are Active or Disabled. auto_delete_on_idle = Duration of the idle interval after which the Topic is automatically deleted, minimum of 5 minutes. default_message_ttl = Duration of TTL of messages sent to this Topic if no TTL value is set on the message itself. duplicate_detection_history_time_window = Duration during which duplicates can be detected. max_message_size_in_kilobytes = Integer value which controls the maximum size of a message allowed on the Topic for Premium SKU. max_size_in_megabytes = Integer value which controls the size of memory allocated for the Topic. batched_operations_enabled = Boolean flag which controls if server-side batched operations are enabled. partitioning_enabled = Boolean flag which controls whether to enable the Topic to be partitioned across multiple message brokers. express_enabled = Boolean flag which controls whether Express Entities are enabled. An express Topic holds a message in memory temporarily before writing it to persistent storage. requires_duplicate_detection = Boolean flag which controls whether the Topic requires duplicate detection. support_ordering = Boolean flag which controls whether the Topic supports ordering. authorizations_custom_name = To override default Topic Authorization Rules names, generated if not set (first with the custom name of the Topic if set, otherwise with Azure CAF). authorizations = Object with listen, send and manage attributes to create Topics Authorizations Rules. subscriptions = List of subscriptions per Topic.	list(object({ name = string custom_name = optional(string) status = optional(string, "Active") auto_delete_on_idle = optional(string) default_message_ttl = optional(string) duplicate_detection_history_time_window = optional(string) max_message_size_in_kilobytes = optional(number) max_size_in_megabytes = optional(number) batched_operations_enabled = optional(bool) partitioning_enabled = optional(bool) express_enabled = optional(bool) requires_duplicate_detection = optional(bool) support_ordering = optional(bool) authorizations_custom_name = optional(string) authorizations = optional(object({ listen = optional(bool, true) send = optional(bool, true) manage = optional(bool, true) }), {}) # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/servicebus_subscription subscriptions = optional(list(object({ name = string custom_name = optional(string) status = optional(string, "Active") auto_delete_on_idle = optional(string) default_message_ttl = optional(string) lock_duration = optional(string) max_delivery_count = number batched_operations_enabled = optional(bool, true) dead_lettering_on_message_expiration = optional(bool) dead_lettering_on_filter_evaluation_error = optional(bool) requires_session = optional(bool) forward_to = optional(string) forward_dead_lettered_messages_to = optional(string) # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/servicebus_subscription_rule rules = optional(list(object({ name = string custom_name = optional(string) filter_type = optional(string, "SqlFilter") sql_filter = optional(string) correlation_filter = optional(object({ correlation_id = optional(string) content_type = optional(string) label = optional(string) reply_to = optional(string) reply_to_session_id = optional(string) session_id = optional(string) to = optional(string) properties = optional(map(string)) })) action_type = optional(string) })), []) })), []) }))	[]	no
stack	Project stack name.	string	n/a	yes
subnet_ids	Subnets to allow access to that Service Bus Namespace.	list(string)	[]	no
trusted_services_allowed	If True, then Azure Services that are known and trusted for this resource type are allowed to bypass firewall configuration.	bool	true	no

Outputs

Name	Description
module_diagnostics	Diagnostics settings module outputs.
namespace_listen_authorization_rule	Service Bus namespace listen only authorization rule.
namespace_manage_authorization_rule	Service Bus namespace manage authorization rule.
namespace_send_authorization_rule	Service Bus namespace send only authorization rule.
queues	Service Bus queues outputs.
queues_listen_authorization_rule	Service Bus queues listen only authorization rules.
queues_manage_authorization_rule	Service Bus queues manage authorization rules.
queues_send_authorization_rule	Service Bus queues send only authorization rules.
resource	Service Bus Namespace outputs.
subscriptions	Service Bus topics subscriptions outputs.
topics	Service Bus topics outputs.
topics_listen_authorization_rule	Service Bus topics listen only authorization rules.
topics_manage_authorization_rule	Service Bus topics manage authorization rules.
topics_send_authorization_rule	Service Bus topics send only authorization rules.

Related documentation

Microsoft Azure documentation: docs.microsoft.com/en-us/azure/service-bus/