diff --git a/cloud_Azure/terraform/module/README.md b/cloud_Azure/terraform/module/README.md index 9b12a38..30e7a84 100644 --- a/cloud_Azure/terraform/module/README.md +++ b/cloud_Azure/terraform/module/README.md @@ -3,18 +3,18 @@ Module supporting management of Azure and Kentik resources required for flow log export from Azure to Kentik. Module enables: -* Flow logs in all Network Security Groups (NSG) found in requested Resource Groups +* Flow logs in all Virtual Networks (VNets) found in requested Resource Groups Module creates: -* Service Principal for Kentik NSG Flow Exporter application +* Service Principal for Kentik VNet Flow Exporter application * Reader and Contributor Roles for above mentioned Service Principal * One Storage Account for flow logs per requested Resource Group * Registers flow in Kentik platform per requested Resource Group All resources created in Azure are tagged, see variable "resource_tag" in [variables.tf](./variables.tf) -Module assumes that NetworkWatcher resource exists in NetworkWatcherRG resource group in specified Azure location (see variable "location" in [variables.tf](./variables.tf)). -For example, in location "eastus" there should be "NetworkWatcher_eastus" in "NetworkWatcherRG" resource group. +Module assumes that NetworkWatcher resource exists in NetworkWatcherRG resource group in specified Azure location (see variable "location" in [variables.tf](./variables.tf)). +For example, in location "eastus" there should be "NetworkWatcher_eastus" in "NetworkWatcherRG" resource group. NetworkWatcher is automatically created by Azure when VirtualNetwork is created or updated, [as per documentation.](https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-create). This happens eg. when launching a new virtual machine. ## Usage examples @@ -40,27 +40,6 @@ NetworkWatcher is automatically created by Azure when VirtualNetwork is created | null | >= 2.1.2 | | external | >= 2.0.0 | -## Python and dependencies - -This module uses Python script to list all Network Security Groups in specified Resource Groups and exposes the list to Terraform as external data source. -To install Python and required packages: -* [Install Python and PIP](https://docs.python.org/3/using/index.html) -* Install packages - in module directory, execute: - PowerShell: - ```powershell - pip install virtualenv - virtualenv venv - .\venv\Scripts\activate - pip install -r requirements.txt - ``` - - or Bash: - ```bash - pip install virtualenv - virtualenv venv - source venv/bin/activate - pip install -r requirements.txt - ``` ## Inputs | Name | Description | Type | Default | Required | @@ -75,7 +54,7 @@ To install Python and required packages: | enabled | Defines if cloud export to Kentik is enabled | `bool` | true | no | | description | Cloudexport entry description in Kentik | `string` | `Created using Terraform` | no | | resource_tag | Azure Tag value to apply to created resources | `string` | `flow_log_exporter` | no | -| flow_exporter_application_id | Kentik NSG Flow Exporter application ID | `string` | `a20ce222-63c0-46db-86d5-58551eeee89f` | no | +| flow_exporter_application_id | Kentik VNet Flow Exporter application ID | `string` | `a20ce222-63c0-46db-86d5-58551eeee89f` | no | | storage_account_names | Names of Storage Accounts for storing flow logs. Names must meet Azure Storage Account naming restrictions.
The list should either contain 1 Storage Account name for each Resource Group, or be empty, in which case names will be generated automatically. | `list of strings` | `[]` | no | @@ -87,4 +66,4 @@ To install Python and required packages: | subscription_id | Azure subscription ID | | resource_group_names | Names of Resource Groups from which to collect flow logs | | storage_accounts | Storage Account names where flow logs will be collected | -| principal_id | Service Principal ID created for Kentik NSG Flow Exporter application | +| principal_id | Service Principal ID created for Kentik VNet Flow Exporter application | diff --git a/cloud_Azure/terraform/module/variables.tf b/cloud_Azure/terraform/module/variables.tf index ed4e285..2988dcb 100644 --- a/cloud_Azure/terraform/module/variables.tf +++ b/cloud_Azure/terraform/module/variables.tf @@ -62,5 +62,5 @@ variable "enabled" { variable "flow_exporter_application_id" { type = string default = "a20ce222-63c0-46db-86d5-58551eeee89f" - description = "Kentik NSG Flow Exporter application ID" + description = "Kentik VNet Flow Exporter application ID" }