Azure Firewall Terraform module

Terraform module for creation Azure Firewall

Usage

This module is provisioning Azure Firewall

data "azurerm_virtual_network" "example" {
  name                = "example-name"
  resource_group_name = "example-rg"
}

data "azurerm_resource_group" "example" {
  name = "example-rg"
}

module "firewall" {
  source = "data-platform-hq/firewall/azurerm"

  firewall_name  = "fw-data-hq-dev-example"
  resource_group = data.azurerm_resource_group.example.name
  location       = "eastus"
  vnet_name      = data.azurerm_virtual_network.example.name
  subnet_cidr    = "10.0.0.0/8"
  sku            = "Standard"
  dns_servers    = ["1.1.1.1"]
}

Requirements

Name	Version
terraform	>= 1.0.0
azurerm	>= 3.65.0

Providers

Name	Version
azurerm	>= 3.65.0

Modules

Name	Source	Version
firewall_rule_collections	./modules/firewall-rule-collections	n/a
subnet	data-platform-hq/subnet/azurerm	1.2.6
subnet_mgmt	data-platform-hq/subnet/azurerm	1.2.6

Resources

Name	Type
azurerm_firewall.this	resource
azurerm_public_ip.fw	resource
azurerm_public_ip.mgmt	resource

Inputs

Name	Description	Type	Default	Required
dns_servers	A list of DNS servers that the Azure Firewall will direct DNS traffic to the for name resolution.	`list(string)`	`[]`	no
firewall_name	Specifies the name of the Firewall.	`string`	n/a	yes
location	Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.	`string`	n/a	yes
network_rule_collections	List of object with parameters to create network rule collections	list(object({ name = string, priority = number, action = string, rules = list(object({ name = string, source_addresses = optional(list(string), null), source_ip_groups = optional(list(string), null), destination_ports = optional(list(string), null), destination_addresses = optional(list(string), null), destination_ip_groups = optional(list(string), null), destination_fqdns = optional(list(string), null), protocols = optional(list(string), ["TCP"]) })) }))	`[]`	no
resource_group	The name of the resource group in which to create the Azure firewall.	`string`	n/a	yes
sku	SKU tier of the Firewall. Possible values are Premium, Standard and Basic.	`string`	`"Basic"`	no
subnet_cidr	IP addresses range of 'AzureFirewallSubnet', has to be at least /26	`string`	n/a	yes
subnet_management_cidr	IP addresses range of 'AzureFirewallManagementSubnet', has to be at least /26. This subnet created only when SKU is set to 'Basic'	`string`	`null`	no
vnet_name	Name of VNet where Firewall would be created.	`string`	n/a	yes

Outputs

Name	Description
id	Azure Firewall id
name	Azure Firewall name
private_ip_address	Azure Firewall private ip address
public_ip_address	Azure Firewall public ip address
public_ip_id	Azure Firewall public ip address id
public_ip_name	Azure Firewall public ip address name
public_mgmt_ip_name	Azure Firewall public mgmt ip address name
resource_group	Azure Firewall resource group
subnet_id	Azure Firewall subnet id
subnet_mgmt_id	Azure Firewall Management subnet id

License

Apache 2 Licensed. For more information please see LICENSE

About

Terraform module for creation of Azure Firewall

https://registry.terraform.io/modules/data-platform-hq/azure-firewall/azurerm/latest

azurerm terraform-module

Other

Languages

Language:HCL 100.0%