Resource Group exists or is created external to the module.
Provider must be created external to the module.
Grant terraform-service account permission to create records in the respective private dns zones for the private endpoint
The terraform-service account that will deploy this module will need Application Administrator role in order to create the ADLS Service Principal
Usage
IMPORTANT - If you require DNS records and vnet links to be created in the private dns zones make sure the terraform-SOMETHING account has "read" over core services resource group (business-rg or engineering-rg) and "contributor" on the private dns zone you require.
## Usage Varsvariable"name" {
type=stringdescription="Name of the product/subscription"
}
variable"product_alias" {
type=stringdescription="The alias for the project"
}
variable"environment_name" {
type=stringdescription="Name of the environmet the resource will run in"
}
variable"location" {
type=stringdescription="Location the resource will run in"
}
variable"resource_group_name" {
type=stringdescription="Resource Group name"
}
variable"org" {
description="Organisation"
}
variable"main_storage_account" {
description="Main ADLS storage account name"
}
variable"main_storage_account_id" {
description="Main ADLS storage account id"
}
variable"key_vault_id" {
description="Main key vault id"
}
variable"org_ip_addresses" {
#type = list(string)description="external-facing IP addresses"
}
variable"build_agent_subnet_ids" {
type=list(string)
description="Subnet IDs for build agents"
}
variable"subnet_ids" {
description="ID's of main subnet"
}
variable"pe_subnet_id" {
description="ID's of PE subnet"
}
variable"virtual_network_id" {
description="id of vnet"
}
variable"dns_zone_rg" {
description="the resource group of the dns zone"
}
variable"main_storage_account_primary_dfs_endpoint" {
description="dfs endpoint for main storage account"
}
variable"source_container" {
description="source container that the data is being backed up from"
}
variable"alert_email_address" {
description="Email Address for alerts"
}
#Example refmodule"data_factory" {
source="github.com/UKHO/tfmodule-azure-data-factory"providers={
azurerm.sub = azurerm.sub
azurerm.hub = azurerm.hub
}
depends_on=[# Refer to existing SA]main_storage_account = var.main_samain_storage_account_id = format("/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Storage/storageAccounts/%s", var.subscription_id, var.rg, azurerm_storage_account.edu_storage_account_data.name)
main_storage_account_primary_dfs_endpoint = var.main_sa_dfs_endpointsource_container = var.source_containerproduct_alias = var.aliasname = var.nameenvironment_name = var.environmentlocation = var.locationresource_group_name = var.rgvirtual_network_id = var.vnet_idkey_vault_id = "/subscriptions/${var.subscription_id}/resourceGroups/${var.rg}/providers/Microsoft.KeyVault/vaults/${var.key_vault}"subnet_ids = var.subnet_idspe_subnet_id = var.pe_subnet_iddns_zone_rg = var.dns_resource_grouporg_ip_addresses = var.org_ipsbuild_agent_subnet_ids = var.agent_subnet_idsalert_email_address = var.alert_email_address