From 5759764a4456d1f93929045cd2c97db38d5b626a Mon Sep 17 00:00:00 2001 From: Arnaud Lheureux Date: Wed, 21 Apr 2021 06:58:38 +0000 Subject: [PATCH] FMT --- application_gateway_waf_policies.tf | 4 +-- dynamic_secrets.tf | 2 +- .../102-waf-policy/application.tfvars | 2 +- .../app_gateway/102-waf-policy/waf.tfvars | 6 ++-- .../101-single-cluster/aks.tfvars | 2 +- .../102-multi-nodepools/aks.tfvars | 16 +++++----- .../104-private-cluster/aks.tfvars | 16 +++++----- .../configuration.tfvars | 10 +++---- .../102-sqlserver-extend/configuration.tfvars | 6 ++-- .../configuration.tfvars | 6 ++-- .../configuration.tfvars | 6 ++-- .../configuration.tfvars | 12 ++++---- .../keyvaults.tfvars | 4 +-- keyvault_keys.tf | 4 +-- locals.combined_objects.tf | 2 +- locals.tf | 30 +++++++++---------- .../compute/container_registry/registry.tf | 2 +- modules/compute/virtual_machine/vm_linux.tf | 2 +- modules/compute/virtual_machine/vm_windows.tf | 2 +- .../waf_policy.tf | 20 ++++++------- .../virtual_hub_route_tables/route_table.tf | 4 +-- modules/security/keyvault_key/main.tf | 2 +- mssql_databases.tf | 4 +-- 23 files changed, 82 insertions(+), 82 deletions(-) diff --git a/application_gateway_waf_policies.tf b/application_gateway_waf_policies.tf index bc38a1c4c7..081cb1c4ef 100644 --- a/application_gateway_waf_policies.tf +++ b/application_gateway_waf_policies.tf @@ -1,6 +1,6 @@ module "application_gateway_waf_policies" { - source = "./modules/networking/application_gateway_waf_policies" - for_each = local.networking.application_gateway_waf_policies + source = "./modules/networking/application_gateway_waf_policies" + for_each = local.networking.application_gateway_waf_policies global_settings = local.global_settings settings = each.value diff --git a/dynamic_secrets.tf b/dynamic_secrets.tf index 01b31f9832..2c48bb2ca7 100755 --- a/dynamic_secrets.tf +++ b/dynamic_secrets.tf @@ -6,7 +6,7 @@ module "dynamic_keyvault_secrets" { source = "./modules/security/dynamic_keyvault_secrets" depends_on = [module.keyvaults] - for_each = { + for_each = { for keyvault_key, secrets in try(var.security.dynamic_keyvault_secrets, {}) : keyvault_key => { for key, value in secrets : key => value if try(value.value, null) != null diff --git a/examples/app_gateway/102-waf-policy/application.tfvars b/examples/app_gateway/102-waf-policy/application.tfvars index 5e9dd815cc..1af729073e 100644 --- a/examples/app_gateway/102-waf-policy/application.tfvars +++ b/examples/app_gateway/102-waf-policy/application.tfvars @@ -11,7 +11,7 @@ application_gateway_applications = { front_end_port_key = "80" host_name = "cafdemo.internal" request_routing_rule_key = "default" - waf_policy = { + waf_policy = { key = "wp1" } } diff --git a/examples/app_gateway/102-waf-policy/waf.tfvars b/examples/app_gateway/102-waf-policy/waf.tfvars index c980d860e0..701c96e005 100644 --- a/examples/app_gateway/102-waf-policy/waf.tfvars +++ b/examples/app_gateway/102-waf-policy/waf.tfvars @@ -1,7 +1,7 @@ application_gateway_waf_policies = { wp1 = { - name = "examplewafpolicy" - resource_group_key = "agw_waf" + name = "examplewafpolicy" + resource_group_key = "agw_waf" custom_rules = { rule1 = { @@ -60,7 +60,7 @@ application_gateway_waf_policies = { file_upload_limit_in_mb = 100 max_request_body_size_in_kb = 128 } - + managed_rules = { exclusion = { ex1 = { diff --git a/examples/compute/kubernetes_services/101-single-cluster/aks.tfvars b/examples/compute/kubernetes_services/101-single-cluster/aks.tfvars index 14b8774042..f15391be3d 100644 --- a/examples/compute/kubernetes_services/101-single-cluster/aks.tfvars +++ b/examples/compute/kubernetes_services/101-single-cluster/aks.tfvars @@ -22,7 +22,7 @@ aks_clusters = { type = "SystemAssigned" } - vnet_key = "spoke_aks_re1" + vnet_key = "spoke_aks_re1" network_profile = { network_plugin = "azure" diff --git a/examples/compute/kubernetes_services/102-multi-nodepools/aks.tfvars b/examples/compute/kubernetes_services/102-multi-nodepools/aks.tfvars index 64cab977f6..a450a8d8ec 100644 --- a/examples/compute/kubernetes_services/102-multi-nodepools/aks.tfvars +++ b/examples/compute/kubernetes_services/102-multi-nodepools/aks.tfvars @@ -47,14 +47,14 @@ aks_clusters = { node_pools = { pool1 = { - name = "nodepool1" - mode = "User" - subnet_key = "aks_nodepool_user1" - max_pods = 30 - vm_size = "Standard_DS2_v2" - node_count = 1 - enable_auto_scaling = false - os_disk_size_gb = 512 + name = "nodepool1" + mode = "User" + subnet_key = "aks_nodepool_user1" + max_pods = 30 + vm_size = "Standard_DS2_v2" + node_count = 1 + enable_auto_scaling = false + os_disk_size_gb = 512 tags = { "project" = "user services" } diff --git a/examples/compute/kubernetes_services/104-private-cluster/aks.tfvars b/examples/compute/kubernetes_services/104-private-cluster/aks.tfvars index b98df13b63..fd1d6b79ec 100644 --- a/examples/compute/kubernetes_services/104-private-cluster/aks.tfvars +++ b/examples/compute/kubernetes_services/104-private-cluster/aks.tfvars @@ -56,14 +56,14 @@ aks_clusters = { node_pools = { pool1 = { - name = "nodepool1" - mode = "User" - subnet_key = "aks_nodepool_user1" - max_pods = 30 - vm_size = "Standard_DS2_v2" - node_count = 2 - enable_auto_scaling = false - os_disk_size_gb = 512 + name = "nodepool1" + mode = "User" + subnet_key = "aks_nodepool_user1" + max_pods = 30 + vm_size = "Standard_DS2_v2" + node_count = 2 + enable_auto_scaling = false + os_disk_size_gb = 512 tags = { "project" = "user services" } diff --git a/examples/compute/virtual_machine/105-single-windows-vm-kv-admin-secrets/configuration.tfvars b/examples/compute/virtual_machine/105-single-windows-vm-kv-admin-secrets/configuration.tfvars index 2b73ff8717..2ccc616d24 100755 --- a/examples/compute/virtual_machine/105-single-windows-vm-kv-admin-secrets/configuration.tfvars +++ b/examples/compute/virtual_machine/105-single-windows-vm-kv-admin-secrets/configuration.tfvars @@ -119,11 +119,11 @@ dynamic_keyvault_secrets = { keyvaults = { example_vm_rg1 = { - name = "vmsecretskv" - resource_group_key = "vm_region1" - sku_name = "standard" - soft_delete_enabled = true - purge_protection_enabled = true + name = "vmsecretskv" + resource_group_key = "vm_region1" + sku_name = "standard" + soft_delete_enabled = true + purge_protection_enabled = true tags = { env = "Standalone" } diff --git a/examples/mssql_server/102-sqlserver-extend/configuration.tfvars b/examples/mssql_server/102-sqlserver-extend/configuration.tfvars index e3732dc138..2975e1776e 100644 --- a/examples/mssql_server/102-sqlserver-extend/configuration.tfvars +++ b/examples/mssql_server/102-sqlserver-extend/configuration.tfvars @@ -78,9 +78,9 @@ mssql_servers = { connection_policy = "Default" public_network_access_enabled = false - - identity = { - type = "SystemAssigned" + + identity = { + type = "SystemAssigned" } extended_auditing_policy = { diff --git a/examples/mssql_server/103-sqlserver-two-regions/configuration.tfvars b/examples/mssql_server/103-sqlserver-two-regions/configuration.tfvars index ef2b2ec26a..127a6bdc7e 100644 --- a/examples/mssql_server/103-sqlserver-two-regions/configuration.tfvars +++ b/examples/mssql_server/103-sqlserver-two-regions/configuration.tfvars @@ -190,9 +190,9 @@ mssql_servers = { keyvault_key = "sql-rg1" connection_policy = "Default" - - identity = { - type = "SystemAssigned" + + identity = { + type = "SystemAssigned" } extended_auditing_policy = { diff --git a/examples/mssql_server/104-sqlserver-elastic_pools/configuration.tfvars b/examples/mssql_server/104-sqlserver-elastic_pools/configuration.tfvars index 2d99e3998e..2e02b4ab19 100644 --- a/examples/mssql_server/104-sqlserver-elastic_pools/configuration.tfvars +++ b/examples/mssql_server/104-sqlserver-elastic_pools/configuration.tfvars @@ -90,9 +90,9 @@ mssql_servers = { connection_policy = "Default" public_network_access_enabled = false - - identity = { - type = "SystemAssigned" + + identity = { + type = "SystemAssigned" } extended_auditing_policy = { diff --git a/examples/mssql_server/105-sqlserver-failover_groups/configuration.tfvars b/examples/mssql_server/105-sqlserver-failover_groups/configuration.tfvars index a578651d4c..289051a367 100644 --- a/examples/mssql_server/105-sqlserver-failover_groups/configuration.tfvars +++ b/examples/mssql_server/105-sqlserver-failover_groups/configuration.tfvars @@ -38,14 +38,14 @@ mssql_servers = { mssql_databases = { db1-rg1 = { - mssql_server_key = "sql-server-rg1" - resource_group_key = "sql_region1" - name = "db1rg1" + mssql_server_key = "sql-server-rg1" + resource_group_key = "sql_region1" + name = "db1rg1" } db2-rg1 = { - mssql_server_key = "sql-server-rg1" - resource_group_key = "sql_region1" - name = "db2rg1" + mssql_server_key = "sql-server-rg1" + resource_group_key = "sql_region1" + name = "db2rg1" } } diff --git a/examples/storage_accounts/100-simple-storage-account-blob-container/keyvaults.tfvars b/examples/storage_accounts/100-simple-storage-account-blob-container/keyvaults.tfvars index 44e2a6c41e..1eae003942 100644 --- a/examples/storage_accounts/100-simple-storage-account-blob-container/keyvaults.tfvars +++ b/examples/storage_accounts/100-simple-storage-account-blob-container/keyvaults.tfvars @@ -18,8 +18,8 @@ keyvault_access_policies = { } diastg = { diagnostic_storage_account_key = "dsa1" - key_permissions = ["get", "create", "list", "restore", "recover", "unwrapkey", "wrapkey", "purge", "encrypt", "decrypt", "sign", "verify"] - secret_permissions = ["Set", "Get", "List", "Delete", "Purge", "Recover"] + key_permissions = ["get", "create", "list", "restore", "recover", "unwrapkey", "wrapkey", "purge", "encrypt", "decrypt", "sign", "verify"] + secret_permissions = ["Set", "Get", "List", "Delete", "Purge", "Recover"] } logged_in_user = { key_permissions = ["get", "create", "delete", "list", "restore", "recover", "unwrapkey", "wrapkey", "purge", "encrypt", "decrypt", "sign", "verify"] diff --git a/keyvault_keys.tf b/keyvault_keys.tf index 540f7842bf..60a5487d71 100755 --- a/keyvault_keys.tf +++ b/keyvault_keys.tf @@ -6,8 +6,8 @@ module "keyvault_keys" { for_each = local.security.keyvault_keys global_settings = local.global_settings - settings = each.value - keyvault = try(local.combined_objects_keyvaults[local.client_config.landingzone_key][each.value.keyvault_key], local.combined_objects_keyvaults[each.value.lz_key][each.value.keyvault_key]) + settings = each.value + keyvault = try(local.combined_objects_keyvaults[local.client_config.landingzone_key][each.value.keyvault_key], local.combined_objects_keyvaults[each.value.lz_key][each.value.keyvault_key]) } diff --git a/locals.combined_objects.tf b/locals.combined_objects.tf index 5f2746c9dc..8e52ea606d 100755 --- a/locals.combined_objects.tf +++ b/locals.combined_objects.tf @@ -24,7 +24,7 @@ locals { combined_objects_keyvault_keys = merge(tomap({ (local.client_config.landingzone_key) = module.keyvault_keys }), try(var.remote_objects.keyvault_keys, {})) combined_objects_keyvaults = merge(tomap({ (local.client_config.landingzone_key) = module.keyvaults }), try(var.remote_objects.keyvaults, {})) combined_objects_logic_app_integration_account = merge(tomap({ (local.client_config.landingzone_key) = module.logic_app_integration_account }), try(var.remote_objects.logic_app_integration_account, {})) - combined_objects_logic_app_workflow = merge(tomap({ (local.client_config.landingzone_key) = module.logic_app_workflow}), try(var.remote_objects.logic_app_workflow, {})) + combined_objects_logic_app_workflow = merge(tomap({ (local.client_config.landingzone_key) = module.logic_app_workflow }), try(var.remote_objects.logic_app_workflow, {})) combined_objects_machine_learning = merge(tomap({ (local.client_config.landingzone_key) = module.machine_learning_workspaces }), try(var.remote_objects.machine_learning_workspaces, {})) combined_objects_managed_identities = merge(tomap({ (local.client_config.landingzone_key) = module.managed_identities }), try(var.remote_objects.managed_identities, {})) combined_objects_mssql_databases = merge(tomap({ (local.client_config.landingzone_key) = module.mssql_databases }), try(var.remote_objects.mssql_databases, {})) diff --git a/locals.tf b/locals.tf index 7b1d31d509..bf23671a61 100755 --- a/locals.tf +++ b/locals.tf @@ -96,21 +96,21 @@ locals { storage_accounts = local.combined_objects_storage_accounts } - global_settings = merge( { - default_region = try(var.global_settings.default_region, "region1") - environment = try(var.global_settings.environment, var.environment) - inherit_tags = try(var.global_settings.inherit_tags, false) - passthrough = try(var.global_settings.passthrough, false) - prefix = try(var.global_settings.prefix, null) - # prefix_with_hyphen = try(var.global_settings.prefix_with_hyphen, format("%s-", try(var.global_settings.prefixes[0], random_string.prefix.0.result))) - # prefixes = var.global_settings.prefix == "" ? null : try(var.global_settings.prefixes, [random_string.prefix.0.result]) - prefix_with_hyphen = try(var.global_settings.prefix_with_hyphen, format("%s-", try(var.global_settings.prefix, try(var.global_settings.prefixes[0], random_string.prefix.0.result)))) - prefixes = try(var.global_settings.prefix, null) == "" ? null : try([var.global_settings.prefix], try(var.global_settings.prefixes, [random_string.prefix.0.result])) - random_length = try(var.global_settings.random_length, 0) - regions = var.global_settings.regions - tags = try(var.global_settings.tags, null) - use_slug = try(var.global_settings.use_slug, true) - }, var.global_settings) + global_settings = merge({ + default_region = try(var.global_settings.default_region, "region1") + environment = try(var.global_settings.environment, var.environment) + inherit_tags = try(var.global_settings.inherit_tags, false) + passthrough = try(var.global_settings.passthrough, false) + prefix = try(var.global_settings.prefix, null) + # prefix_with_hyphen = try(var.global_settings.prefix_with_hyphen, format("%s-", try(var.global_settings.prefixes[0], random_string.prefix.0.result))) + # prefixes = var.global_settings.prefix == "" ? null : try(var.global_settings.prefixes, [random_string.prefix.0.result]) + prefix_with_hyphen = try(var.global_settings.prefix_with_hyphen, format("%s-", try(var.global_settings.prefix, try(var.global_settings.prefixes[0], random_string.prefix.0.result)))) + prefixes = try(var.global_settings.prefix, null) == "" ? null : try([var.global_settings.prefix], try(var.global_settings.prefixes, [random_string.prefix.0.result])) + random_length = try(var.global_settings.random_length, 0) + regions = var.global_settings.regions + tags = try(var.global_settings.tags, null) + use_slug = try(var.global_settings.use_slug, true) + }, var.global_settings) logic_app = { integration_service_environment = try(var.logic_app.integration_service_environment, {}) diff --git a/modules/compute/container_registry/registry.tf b/modules/compute/container_registry/registry.tf index 1c1b20dc15..6f1156add0 100755 --- a/modules/compute/container_registry/registry.tf +++ b/modules/compute/container_registry/registry.tf @@ -36,7 +36,7 @@ resource "azurerm_container_registry" "acr" { content { action = "Allow" - subnet_id = try(var.vnets[try(virtual_network.value.lz_key,var.client_config.landingzone_key)][virtual_network.value.vnet_key].subnets[virtual_network.value.subnet_key].id, {}) + subnet_id = try(var.vnets[try(virtual_network.value.lz_key, var.client_config.landingzone_key)][virtual_network.value.vnet_key].subnets[virtual_network.value.subnet_key].id, {}) } } } diff --git a/modules/compute/virtual_machine/vm_linux.tf b/modules/compute/virtual_machine/vm_linux.tf index 062d2f5362..6ef17887c9 100755 --- a/modules/compute/virtual_machine/vm_linux.tf +++ b/modules/compute/virtual_machine/vm_linux.tf @@ -22,7 +22,7 @@ resource "azurecaf_name" "linux" { # Name of the Linux computer name resource "azurecaf_name" "linux_computer_name" { depends_on = [azurerm_network_interface.nic, azurerm_network_interface_security_group_association.nic_nsg] - for_each = local.os_type == "linux" ? var.settings.virtual_machine_settings : {} + for_each = local.os_type == "linux" ? var.settings.virtual_machine_settings : {} name = try(each.value.computer_name, each.value.name) resource_type = "azurerm_linux_virtual_machine" diff --git a/modules/compute/virtual_machine/vm_windows.tf b/modules/compute/virtual_machine/vm_windows.tf index 89e5398210..55b842f346 100755 --- a/modules/compute/virtual_machine/vm_windows.tf +++ b/modules/compute/virtual_machine/vm_windows.tf @@ -39,7 +39,7 @@ resource "azurecaf_name" "os_disk_windows" { resource "azurerm_windows_virtual_machine" "vm" { depends_on = [azurerm_network_interface.nic, azurerm_network_interface_security_group_association.nic_nsg] - for_each = local.os_type == "windows" ? var.settings.virtual_machine_settings : {} + for_each = local.os_type == "windows" ? var.settings.virtual_machine_settings : {} name = azurecaf_name.windows[each.key].result location = var.location diff --git a/modules/networking/application_gateway_waf_policies/waf_policy.tf b/modules/networking/application_gateway_waf_policies/waf_policy.tf index 448f2274f3..0a400623c6 100644 --- a/modules/networking/application_gateway_waf_policies/waf_policy.tf +++ b/modules/networking/application_gateway_waf_policies/waf_policy.tf @@ -1,17 +1,17 @@ resource "azurerm_web_application_firewall_policy" "wafpolicy" { - name = var.settings.name - resource_group_name = var.resource_group_name - location = var.location - tags = local.tags + name = var.settings.name + resource_group_name = var.resource_group_name + location = var.location + tags = local.tags dynamic "custom_rules" { for_each = try(var.settings.custom_rules, {}) content { - name = custom_rules.value.name - priority = custom_rules.value.priority - rule_type = custom_rules.value.rule_type - action = custom_rules.value.action + name = custom_rules.value.name + priority = custom_rules.value.priority + rule_type = custom_rules.value.rule_type + action = custom_rules.value.action dynamic "match_conditions" { for_each = custom_rules.value.match_conditions @@ -58,8 +58,8 @@ resource "azurerm_web_application_firewall_policy" "wafpolicy" { dynamic "managed_rule_set" { for_each = var.settings.managed_rules.managed_rule_set content { - type = try(managed_rule_set.value.type, null) - version = managed_rule_set.value.version + type = try(managed_rule_set.value.type, null) + version = managed_rule_set.value.version dynamic "rule_group_override" { for_each = try(managed_rule_set.value.rule_group_override, {}) diff --git a/modules/networking/virtual_hub_route_tables/route_table.tf b/modules/networking/virtual_hub_route_tables/route_table.tf index fff5a84f32..1825d952a8 100644 --- a/modules/networking/virtual_hub_route_tables/route_table.tf +++ b/modules/networking/virtual_hub_route_tables/route_table.tf @@ -53,8 +53,8 @@ resource "null_resource" "virtual_hub_route_table" { on_failure = fail environment = { - METHOD = "PUT" - URL = self.triggers.URL + METHOD = "PUT" + URL = self.triggers.URL PROPERTIES = jsonencode( { properties = {} diff --git a/modules/security/keyvault_key/main.tf b/modules/security/keyvault_key/main.tf index 8b88947f02..696ed87d0d 100755 --- a/modules/security/keyvault_key/main.tf +++ b/modules/security/keyvault_key/main.tf @@ -11,5 +11,5 @@ locals { "module" = basename(abspath(path.module)) } base_tags = try(var.global_settings.inherit_tags, false) ? try(var.keyvault.base_tags, {}) : {} - tags = merge(local.base_tags, local.module_tag, try(var.settings.tags, {})) + tags = merge(local.base_tags, local.module_tag, try(var.settings.tags, {})) } \ No newline at end of file diff --git a/mssql_databases.tf b/mssql_databases.tf index e8d5902a26..ca046d6306 100755 --- a/mssql_databases.tf +++ b/mssql_databases.tf @@ -24,7 +24,7 @@ data "azurerm_storage_account" "mssqldb_auditing" { for_each = { for key, value in local.database.mssql_databases : key => value if try(value.extended_auditing_policy, null) != null - } + } name = module.storage_accounts[each.value.extended_auditing_policy.storage_account.key].name resource_group_name = module.storage_accounts[each.value.extended_auditing_policy.storage_account.key].resource_group_name @@ -36,7 +36,7 @@ resource "azurerm_mssql_server_extended_auditing_policy" "mssqldb" { for key, value in local.database.mssql_databases : key => value if try(value.extended_auditing_policy, null) != null } - + log_monitoring_enabled = try(each.value.extended_auditing_policy.log_monitoring_enabled, false) server_id = module.mssql_servers[each.key].id