[CES-465] Added new storage account iopweucitizenauthst for ITN migration

[cfcuffari120400]

Motivation and Context

Storage accounts must be replicated to italy north in view of the infrastructure migration

Major Changes

Create replication of iopweucitizenauthst in italy north

Dependencies

Testing

Documentation

Other Considerations

[christian-calabrese]

Since the data is only used to get the name of the resource group and its input is actually that name, I think we can get rid of it

Suggested change

	data "azurerm_resource_group" "data_rg_itn" {
	name = "${local.project_itn}-data-rg-01"
	}

[christian-calabrese]

We can use the common_values module to get the information of the PEPs subnet.
I'd add the following code to the main.tf file:

module "common_values" {
 source = "github.com/pagopa/io-infra//src/_modules/common_values?ref=main"
}

Suggested change

	data "azurerm_virtual_network" "vnet_itn" {
	name = "${local.prefix}-${local.env_short}-itn-common-vnet-01"
	resource_group_name = "${local.prefix}-${local.env_short}-itn-common-rg-01"
	}
	data "azurerm_subnet" "subnet_pep_itn" {
	name = "io-p-itn-pep-snet-01 "
	resource_group_name = data.azurerm_virtual_network.vnet_itn.resource_group_name
	virtual_network_name = data.azurerm_virtual_network.vnet_itn.name
	}

[christian-calabrese]

Suggested change

	app_name = local.app_name
	app_name = var.domain

[christian-calabrese]

Suggested change

	prefix = local.prefix
	env_short = local.env_short
	prefix = var.prefix
	env_short = var.env_short

[christian-calabrese]

I think it is not necessary to have these locals since we have the itn_environment dictionary

Suggested change

	prefix = "io"
	env_short = "p"
	# domain = "citizenauth"
	app_name = "citizenauth"
	instance_number = "01"

[christian-calabrese]

After initializing the module common_values, we can get the pep snet id from it

Suggested change

	subnet_pep_id = data.azurerm_subnet.subnet_pep_itn.id
	subnet_pep_id = module.common_values.pep_subnets.itn.id

[christian-calabrese]

Since we have the common_values module, we can get the resource group name straight from it

Suggested change

	private_dns_zone_resource_group_name = "${local.prefix}-${local.env_short}-rg-common"
	private_dns_zone_resource_group_name = module.common_values.resource_groups.weu.common

[christian-calabrese]

Since the data is only used to get the name of the resource group and its input is actually that name, I think we can get rid of it

Suggested change

	resource_group_name = data.azurerm_resource_group.data_rg_itn.name
	resource_group_name = "${local.project_itn}-data-rg-01"

[christian-calabrese]

As you can see here, the original storage account has a table and a queue defined via terraform.
Can you please add them for the new storage account as well?

resource "azurerm_storage_table" "profile_emails_itn" {
  name                 = "profileEmails"
  storage_account_name = module.io_citizen_auth_storage_itn.name
}

resource "azurerm_storage_queue" "profiles_to_sanitize_itn" {
  name                 = "profiles-to-sanitize"
  storage_account_name = module.io_citizen_auth_storage_itn.name
}

[christian-calabrese]

I would give the module a more talking name. Most importantly when other storage accounts are defined in the same terraform configuration.

Suggested change

	module "azure_storage_account" {
	module "io_citizen_auth_storage_itn" {

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud