# This file contains templated variables to avoid repeating the same hard-coded values. # Templated variables are denoted by the dollar curly braces token (e.g. ${starter_location_01}). The following details each templated variable that you can use: # `starter_location_01`: This the primary an Azure location sourced from the `starter_locations` variable. This can be used to set the location of resources. # `starter_location_02` to `starter_location_10`: These are the secondary Azure locations sourced from the `starter_locations` variable. This can be used to set the location of resources. # `starter_location_01_availability_zones` to `starter_location_10_availability_zones`: These are the availability zones for the Azure locations sourced from the `starter_locations` variable. This can be used to set the availability zones of resources. # `starter_location_01_virtual_network_gateway_sku_express_route` to `starter_location_10_virtual_network_gateway_sku_express_route`: These are the default SKUs for the Express Route virtual network gateways based on the Azure locations sourced from the `starter_locations` variable. This can be used to set the SKU of the virtual network gateways. # `starter_location_01_virtual_network_gateway_sku_vpn` to `starter_location_10_virtual_network_gateway_sku_vpn`: These are the default SKUs for the VPN virtual network gateways based on the Azure locations sourced from the `starter_locations` variable. This can be used to set the SKU of the virtual network gateways. # `root_parent_management_group_id`: This is the id of the management group that the ALZ hierarchy will be nested under. # `subscription_id_identity`: The subscription ID of the subscription to deploy the identity resources to, sourced from the variable `subscription_id_identity`. # `subscription_id_connectivity`: The subscription ID of the subscription to deploy the connectivity resources to, sourced from the variable `subscription_id_connectivity`. # `subscription_id_management`: The subscription ID of the subscription to deploy the management resources to, sourced from the variable `subscription_id_management`. --- connectivity_resource_groups: ddos: location: ${starter_location_01} name: rg-hub-ddos-${starter_location_01} dns: location: ${starter_location_01} name: rg-hub-dns-${starter_location_01} vnet_primary: location: ${starter_location_01} name: rg-vwan-hub-${starter_location_01} vwan: location: ${starter_location_01} name: rg-vwan-${starter_location_01} connectivity_type: virtual_wan management_settings_es: configure_connectivity_resources: advanced: custom_settings_by_resource_type: azurerm_network_ddos_protection_plan: ddos: ${starter_location_01}: name: ddos-hub-${starter_location_01} azurerm_resource_group: ddos: ${starter_location_01}: name: ${connectivity_resource_group_ddos} dns: ${starter_location_01}: name: ${connectivity_resource_group_dns} settings: ddos_protection_plan: config: location: ${starter_location_01} dns: config: location: ${starter_location_01} configure_management_resources: advanced: asc_export_resource_group_name: rg-management-asc-export-${starter_location_01} azurerm_automation_account: management: name: aa-management-${starter_location_01} azurerm_log_analytics_workspace: management: name: law-management-${starter_location_01} custom_settings_by_resource_type: azurerm_resource_group: management: name: rg-management-${starter_location_01} location: ${starter_location_01} default_location: ${starter_location_01} deploy_connectivity_resources: false deploy_management_resources: true deploy_core_landing_zones: true deploy_corp_landing_zones: true deploy_online_landing_zones: true root_id: alz root_name: Azure-Landing-Zones root_parent_id: ${root_parent_management_group_id} subscription_id_connectivity: ${subscription_id_connectivity} subscription_id_identity: ${subscription_id_identity} subscription_id_management: ${subscription_id_management} virtual_wan_settings: ddos_protection_plan: location: ${starter_location_01} name: ddos-hub-${starter_location_01} resource_group_name: ${connectivity_resource_group_ddos} location: ${starter_location_01} name: vwan-hub-${starter_location_01} resource_group_name: ${connectivity_resource_group_vwan} virtual_wan_virtual_hubs: primary: firewall: firewall_policy: name: fwp-hub-${starter_location_01} name: fw-hub-${starter_location_01} sku_name: AZFW_Hub sku_tier: Standard zones: ${starter_location_01_availability_zones} hub: address_prefix: 10.0.0.0/16 location: ${starter_location_01} name: vwan-hub-${starter_location_01} resource_group_name: ${connectivity_resource_group_vnet_primary} private_dns_zones: is_primary: true networking: private_dns_resolver: name: pdr-hub-dns-${starter_location_01} resource_group_name: ${connectivity_resource_group_vnet_primary} virtual_network: address_space: 10.10.0.0/24 name: vnet-hub-dns-${starter_location_01} private_dns_resolver_subnet: address_prefix: 10.10.0.0/28 name: subnet-hub-dns-${starter_location_01} resource_group_name: ${connectivity_resource_group_vnet_primary} resource_group_name: ${connectivity_resource_group_dns}