Azure vnet (#28)

* added the azure-vnet files

* added the azure-vnet files

* Added the azure-vnet files

* created examples

* created examples

* Delete terraform/azure/modules/vnet/main.tf

* updated code based on changes requested

* Updated provider version

* Added default values

* Fix the errors of terraform plan

terraform/azure/examples/main.tf

@@ -0,0 +1,36 @@
+module "network" {
+  source                  = "../modules/vnet"
+  vnet_name               = "myvnet"
+  address_space           = ["10.0.0.0/16"]
+  location                = "eastus"
+  resource_group_name     = "testrg"
+  subnet_names            = ["aks_subnet", "appgw_subnet"]
+  subnet_address_prefixes = ["10.0.1.0/24", "10.0.2.0/24"]
+  nsg_name                = "testnsg"
+
+  inbound_rules = {
+    rule1 = {
+      name                       = "inbound_rule1"
+      priority                   = 100
+      access                     = "Allow"
+      protocol                   = "Tcp"
+      source_port_range          = "*"
+      destination_port_range     = "80"
+      source_address_prefix      = "1.2.3.4"
+      destination_address_prefix = "10.0.1.0/24"
+    }
+  }
+
+  outbound_rules = {
+    rule1 = {
+      name                       = "outbound_rule1"
+      priority                   = 100
+      access                     = "Allow"
+      protocol                   = "Tcp"
+      source_port_range          = "*"
+      destination_port_range     = "443"
+      source_address_prefix      = "10.0.1.0/24"
+      destination_address_prefix = "5.6.7.8"
+    }
+  }
+}

terraform/azure/examples/provider.tf

@@ -0,0 +1,18 @@
+terraform {
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~>1.5.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+
+  client_id       = " "
+  client_secret   = " "
+  tenant_id       = " "
+  subscription_id = " "
+  skip_provider_registration = true
+}

terraform/azure/modules/vnet/README.md

@@ -0,0 +1,76 @@
+
+# Azure Virtual Network (VNet) Module
+
+This Terraform module creates an Azure Virtual Network (VNet) along with subnets, a network security group (NSG), and associated security rules in Azure. It simplifies the provisioning of network resources for your Azure infrastructure.
+
+## Features
+
+- Creates an Azure Virtual Network (VNet) with customizable settings.
+- Defines subnets within the VNet with flexible address prefixes.
+- Configures a Network Security Group (NSG) with inbound and outbound security rules.
+- Supports easy customization of security rules based on your requirements.
+- Modular design for reusability across different Azure environments.
+
+## Usage
+
+```hcl
+module "azure_vnet" {
+  source = "./azure_vnet_module"  # Replace with the actual path to the module directory
+
+  # Input variables
+  resource_group_name     = "my-resource-group"
+  vnet_name               = "my-vnet"
+  address_space           = ["10.0.0.0/16"]
+  location                = "East US"
+  subnet_names            = ["subnet1", "subnet2"]
+  subnet_address_prefixes = ["10.0.1.0/24", "10.0.2.0/24"]
+  nsg_name                = "my-nsg"
+
+  inbound_rules = {
+    rule1 = {
+      name                        = "inbound_rule1"
+      priority                    = 100
+      access                      = "Allow"
+      protocol                    = "TCP"
+      source_port_range           = "*"
+      destination_port_range      = "80"
+      source_address_prefix       = "1.2.3.4"
+      destination_address_prefix  = "10.0.1.0/24"
+    }
+  }
+
+  outbound_rules = {
+    rule1 = {
+      name                        = "outbound_rule1"
+      priority                    = 100
+      access                      = "Allow"
+      protocol                    = "TCP"
+      source_port_range           = "*"
+      destination_port_range      = "443"
+      source_address_prefix       = "10.0.1.0/24"
+      destination_address_prefix  = "5.6.7.8"
+    }
+  }
+}
+```
+
+## Inputs
+
+| Name                   | Description                                  | Type       | Default | Required |
+|------------------------|----------------------------------------------|------------|---------|----------|
+| `resource_group_name`  | Name of the Azure Resource Group.            | `string`   |         | Yes      |
+| `vnet_name`            | Name of the Azure Virtual Network.           | `string`   |         | Yes      |
+| `address_space`        | Address space for the VNet.                  | `list(string)` |   | Yes      |
+| `location`             | Azure region where resources will be created.| `string`   |         | Yes      |
+| `subnet_names`         | List of subnet names.                        | `list(string)` |     | Yes      |
+| `subnet_address_prefixes` | List of subnet address prefixes.         | `list(string)` |     | Yes      |
+| `nsg_name`             | Name of the Network Security Group (NSG).   | `string`   |         | Yes      |
+| `inbound_rules`        | Map of inbound security rules.               | `map(object)`  |         | Yes      |
+| `outbound_rules`       | Map of outbound security rules.              | `map(object)`  |         | Yes      |
+
+## Outputs
+
+| Name        | Description                                       |
+|-------------|---------------------------------------------------|
+| `vnet_id`   | The ID of the created Azure Virtual Network.     |
+| `subnet_ids`| List of IDs of the created subnets.              |

terraform/azure/modules/vnet/locals.tf

@@ -0,0 +1,3 @@
+locals {
+  environment = "Development"
+}    

terraform/azure/modules/vnet/outputs.tf

@@ -0,0 +1,10 @@
+output "vnet_id" {
+  description = "ID of the created Azure Virtual Network"
+  value       = azurerm_virtual_network.Vnet.id
+}
+
+output "subnet_ids" {
+  description = "IDs of the created subnets"
+  value       = azurerm_subnet.subnets.*.id
+}
+

terraform/azure/modules/vnet/variables.tf

@@ -0,0 +1,93 @@
+variable "vnet_name" {
+  description = "Name of the Azure Virtual Network"
+  default     = "testvnet"
+  type        = string
+}
+
+variable "address_space" {
+  description = "Address space for the Azure Virtual Network"
+  default     = ["10.0.0.0/16"]
+  type        = list(string)
+}
+
+variable "location" {
+  description = "Azure region where the resources will be created"
+  default     = "us-east-1"
+  type        = string
+}
+
+variable "resource_group_name" {
+  description = "Name of the Azure Resource Group"
+  default     = "testrg"
+  type        = string
+}
+
+variable "subnet_names" {
+  description = "Names of the subnets"
+  default     = ["testsubnet"]
+  type        = list(string)
+}
+
+variable "subnet_address_prefixes" {
+  description = "Address prefixes for the subnets"
+  default     = ["10.0.1.0/24"]
+  type        = list(string)
+}
+
+variable "nsg_name" {
+  description = "Name of Security group"
+  default     = "testnsg"
+  type        = string
+}
+
+variable "inbound_rules" {
+  description = "A map of inbound security rules"
+  default     = {
+    rule1 = {
+      name                        = "inbound_rule1"
+      priority                    = 100
+      access                      = "Allow"
+      protocol                    = "TCP"
+      source_port_range           = "*"
+      destination_port_range      = "80"
+      source_address_prefix       = "1.2.3.4"
+      destination_address_prefix  = "10.0.1.0/24"
+    }
+  }
+  type = map(object({
+    name                        = string
+    priority                    = number
+    access                      = string
+    protocol                    = string
+    source_port_range           = string
+    destination_port_range      = string
+    source_address_prefix       = string
+    destination_address_prefix  = string
+  }))
+}
+
+variable "outbound_rules" {
+  description = "A map of outbound security rules"
+  default     = {
+    rule1 = {
+      name                        = "outbound_rule1"
+      priority                    = 100
+      access                      = "Allow"
+      protocol                    = "TCP"
+      source_port_range           = "*"
+      destination_port_range      = "443"
+      source_address_prefix       = "10.0.1.0/24"
+      destination_address_prefix  = "5.6.7.8"
+    }
+  }
+  type = map(object({
+    name                        = string
+    priority                    = number
+    access                      = string
+    protocol                    = string
+    source_port_range           = string
+    destination_port_range      = string
+    source_address_prefix       = string
+    destination_address_prefix  = string
+  }))
+}

terraform/azure/modules/vnet/vnet.tf

@@ -0,0 +1,86 @@
+#To create resource group
+resource "azurerm_resource_group" "resourcegroup" {
+  name     = var.resource_group_name
+  location = var.location
+
+  tags = {
+    Name        = var.resource_group_name
+    Environment = "${local.environment}"
+  }
+}
+
+#To create virtual network
+resource "azurerm_virtual_network" "Vnet" {
+  name                = var.vnet_name
+  address_space       = var.address_space
+  location            = var.location
+  resource_group_name = azurerm_resource_group.resourcegroup.name
+
+  tags = {
+    Name        = var.vnet_name
+    Environment = "${local.environment}"
+  }  
+}
+
+#To create subnets
+resource "azurerm_subnet" "subnets" {
+  count                = length(var.subnet_names)
+  name                 = var.subnet_names[count.index]
+  resource_group_name  = azurerm_resource_group.resourcegroup.name
+  virtual_network_name = azurerm_virtual_network.Vnet.name
+  address_prefixes     = [var.subnet_address_prefixes[count.index]]
+  }
+
+#To create network security group
+resource "azurerm_network_security_group" "default_nsg" {
+  name                = var.nsg_name
+  location            = var.location
+  resource_group_name = azurerm_resource_group.resourcegroup.name
+
+  tags = {
+    Name        = var.nsg_name
+    Environment = "${local.environment}"
+  }  
+}
+
+#To add inbound rules
+resource "azurerm_network_security_rule" "inbound" {
+  for_each = var.inbound_rules
+
+  name                        = each.value.name
+  priority                    = each.value.priority
+  direction                   = "Inbound"
+  access                      = each.value.access
+  protocol                    = each.value.protocol
+  source_port_range           = each.value.source_port_range
+  destination_port_range      = each.value.destination_port_range
+  source_address_prefix       = each.value.source_address_prefix
+  destination_address_prefix  = each.value.destination_address_prefix
+  resource_group_name         = azurerm_resource_group.resourcegroup.name
+  network_security_group_name = azurerm_network_security_group.default_nsg.name
+}
+
+#To add outbound rules
+resource "azurerm_network_security_rule" "outbound" {
+  for_each = var.outbound_rules
+
+  name                        = each.value.name
+  priority                    = each.value.priority
+  direction                   = "Outbound"
+  access                      = each.value.access
+  protocol                    = each.value.protocol  
+  source_port_range           = each.value.source_port_range
+  destination_port_range      = each.value.destination_port_range
+  source_address_prefix       = each.value.source_address_prefix 
+  destination_address_prefix  = each.value.destination_address_prefix
+  resource_group_name         = azurerm_resource_group.resourcegroup.name
+  network_security_group_name = azurerm_network_security_group.default_nsg.name
+}
+
+#To create network security group association
+resource "azurerm_subnet_network_security_group_association" "nsg_association" {
+  count                     = length(azurerm_subnet.subnets)
+  subnet_id                 = azurerm_subnet.subnets[count.index].id
+  network_security_group_id = azurerm_network_security_group.default_nsg.id
+}
+