azurerm bind9 forwarding-proxy iptables terraform-module

Azure VMSS Forwarder Terraform module

Terraform module for creation Azure VMSS Forwarder

Usage

This module provides an ability to deploy Azure VMSS Forwarder.

data "azurerm_resource_group" "example" {
  name = "example"
}

data "azurerm_subnet" "example" {
  name                 = "example-subnet-name"
  virtual_network_name = "example"
  resource_group_name  = data.azurerm_resource_group.example.name
}

module "vmss_forwarder" {
  source  = "data-platform-hq/vmss-forwarder/azurerm"
  version = "~> 1.0"

  load_balancer_name   = "example-load-balancer-name"
  vm_scale_set_name    = "example-vm-scale-set-name"
  location             = "eastus"
  resource_group       = data.azurerm_resource_group.example.name
  subnet_id            = data.azurerm_subnet.example.id
  spoke_cidrs          = ["10.0.0.0/8"]
  additional_dns_zones =  [
    {
      zone_name           = "example.com"
      server_ip_addresses = ["10.120.0.4"]
    }
  ]
}

Requirements

Name	Version
terraform	>= 1.0.0
azurerm	>= 3.75.0
random	>=3.5.0

Providers

Name	Version
random	>=3.5.0

Modules

Name	Source	Version
lb	data-platform-hq/load-balancer/azurerm	1.0.1
vmss	data-platform-hq/vmss/azurerm	1.2.4

Resources

Name	Type
random_password.this	resource

Inputs

Name	Description	Type	Default	Required
additional_dns_zones	List of objects to configure custom DNS zones. DNS Traffic would be forwarded to mentioned DNS Server IP Address in case zone name is matched in query	list(object({ zone_name = string server_ip_addresses = list(string) }))	`[]`	no
admin_username	VM Scale Set admin username	`string`	`"azureuser"`	no
analytics_workspace_id	Resource ID of Log Analytics Workspace	`string`	`null`	no
default_dns_servers	List of IP Addresses of the DNS Servers that would resolve queries by default. Default value is an Azure DNS Server public ip	`list(string)`	[ "168.63.129.16" ]	no
dnssec_validation	DNSSEC validation value in bind9 config	`string`	`"no"`	no
drc_datasource_name	Datasource syslog name	`string`	`"datasource-syslog"`	no
drc_enabled	Enable data collection rule. var.analytics_workspace_id must be provided	`bool`	`false`	no
drc_facility_names	List of Facility names	`list(string)`	[ "daemon", "syslog", "user" ]	no
drc_log_levels	List of Log levels	`list(string)`	[ "Debug" ]	no
lb_enable_diagnostic_setting	Enable diagnostic setting. var.analytics_workspace_id must be provided	`bool`	`false`	no
load_balancer_name	Load Balancer name	`string`	n/a	yes
location	The Azure Region in which resources would be created.	`string`	n/a	yes
public_ip_prefix_enabled	Boolean flag that determines whether Public IP Address prefix is assigned to VMSS. By default it is disable because NAT Gateway is used for default outbound traffic.	`string`	`false`	no
resource_group	The name of the resource group.	`string`	n/a	yes
spoke_cidrs	List of IP Address CIDRs that would be managed in Iptables configuration. Traffic would be forwarded between those networks.	`list(string)`	`[]`	no
subnet_id	The ID of the Subnet where this Network first Interface should be located in.	`string`	n/a	yes
tags	Resource tags	`map(any)`	`{}`	no
vm_scale_set_name	VM Scale Set name	`string`	n/a	yes

Outputs

Name	Description
lb_id	Load Balancer id
lb_private_ip	Load Balancer private ip address
vmss_id	VM Scale Sets id
vmss_password	VM Scale Sets admin password value
vmss_username	VM Scale Sets admin username value

License

Apache 2 Licensed. For more information please see LICENSE

About

Terraform module for creation of Custom Firewall solution with traffic forwarding

https://registry.terraform.io/modules/data-platform-hq/vmss-forwarder/azurerm/latest

azurerm bind9 forwarding-proxy iptables terraform-module

Other

Languages

Language:HCL 75.4%Language:Shell 24.6%