diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 72c8f8e..4ab9367 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1,3 +1,3 @@
# AVM core team owns key files
-.github/policies/ @Azure/avm-core-team-technical
-.github/CODEOWNERS @Azure/avm-core-team-technical
+.github/policies/ @Azure/avm-core-team-technical-terraform
+.github/CODEOWNERS @Azure/avm-core-team-technical-terraform
diff --git a/.github/ISSUE_TEMPLATE/avm_module_issue.yml b/.github/ISSUE_TEMPLATE/avm_module_issue.yml
index 8b05245..ec5d7a9 100644
--- a/.github/ISSUE_TEMPLATE/avm_module_issue.yml
+++ b/.github/ISSUE_TEMPLATE/avm_module_issue.yml
@@ -27,7 +27,6 @@ body:
- ""
- "Feature Request"
- "Bug"
- - "Security Bug"
- "I'm not sure"
validations:
required: true
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
index 1346202..534ea7d 100644
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -16,11 +16,11 @@ Closes #456
- [ ] Non-module change (e.g. CI/CD, documentation, etc.)
- [ ] Azure Verified Module updates:
- - [ ] Bugfix containing backwards compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in `locals.version.tf.json`:
+ - [ ] Bugfix containing backwards compatible bug fixes
- [ ] Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description.
- [ ] The bug was found by the module author, and no one has opened an issue to report it yet.
- - [ ] Feature update backwards compatible feature updates, and I have bumped the MINOR version in `locals.version.tf.json`.
- - [ ] Breaking changes and I have bumped the MAJOR version in `locals.version.tf.json`.
+ - [ ] Feature update backwards compatible feature updates.
+ - [ ] Breaking changes.
- [ ] Update to documentation
# Checklist
diff --git a/.github/policies/eventResponder.yml b/.github/policies/eventResponder.yml
index 1d5ba40..bad111d 100644
--- a/.github/policies/eventResponder.yml
+++ b/.github/policies/eventResponder.yml
@@ -17,18 +17,6 @@ configuration:
then:
- addLabel:
label: "Needs: Triage :mag:"
- - addReply:
- reply: |
- > [!IMPORTANT]
- > **The "Needs: Triage :mag:" label must be removed once the triage process is complete!**
-
-
-
- > [!NOTE]
- > This label was added as per [ITA06](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita06).
- description: 'ITA09 - When #RR is used in an issue, add the "Needs: Author Feedback :ear:" label'
if:
@@ -43,10 +31,6 @@ configuration:
then:
- addLabel:
label: "Needs: Author Feedback :ear:"
- - addReply:
- reply: |
- > [!NOTE]
- > The "Needs: Author Feedback :ear:" label was added as per [ITA09](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita09).
- description: 'ITA10 - When #wontfix is used in an issue, mark it by using the label of "Status: Won''t Fix :broken_heart:"'
if:
@@ -62,10 +46,6 @@ configuration:
- addLabel:
label: "Status: Won't Fix :broken_heart:"
- closeIssue
- - addReply:
- reply: |
- > [!NOTE]
- > The "Status: Won't Fix :broken_heart:" label was added and the issue was closed as per [ITA10](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita10).
- description: 'ITA11 - When a reply from anyone to an issue occurs, remove the "Needs: Author Feedback :ear:" label and label with "Needs: Attention :wave:"'
if:
@@ -82,10 +62,6 @@ configuration:
label: "Needs: Author Feedback :ear:"
- addLabel:
label: "Needs: Attention :wave:"
- - addReply:
- reply: |
- > [!NOTE]
- > The "Needs: Author Feedback :ear:" label was removed and the "Needs: Attention :wave:" label was added as per [ITA11](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita11).
- description: "ITA12 - Clean email replies on every comment"
if:
@@ -113,16 +89,10 @@ configuration:
label: "Type: New Module Proposal :bulb:"
- hasLabel:
label: "Type: Question/Feedback :raising_hand:"
- - hasLabel:
- label: "Type: Security Bug :lock:"
- isAssignedToSomeone
then:
- removeLabel:
label: "Needs: Triage :mag:"
- - addReply:
- reply: |
- > [!NOTE]
- > The "Needs: Triage :mag:" label was removed as per [ITA15](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita15).
- description: 'ITA20 - If the type is feature request, add the "Type: Feature Request :heavy_plus_sign:" label on the issue'
if:
@@ -140,10 +110,6 @@ configuration:
then:
- addLabel:
label: "Type: Feature Request :heavy_plus_sign:"
- - addReply:
- reply: |
- > [!NOTE]
- > The "Type: Feature Request :heavy_plus_sign:" label was added as per [ITA20](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita20).
- description: 'ITA21 - If the type is bug, add the "Type: Bug :bug:" label on the issue'
if:
@@ -161,32 +127,6 @@ configuration:
then:
- addLabel:
label: "Type: Bug :bug:"
- - addReply:
- reply: |
- > [!NOTE]
- > The "Type: Bug :bug:" label was added as per [ITA21](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita21).
-
- - description: 'ITA22 - If the type is security bug, add the "Type: Security Bug :lock:" label on the issue'
- if:
- - payloadType: Issues
- - isAction:
- action: Opened
- - bodyContains:
- pattern: |
- ### Issue Type?
-
- Security Bug
- - not:
- hasLabel:
- label: "Type: Security Bug :lock:"
- then:
- - addLabel:
- label: "Type: Security Bug :lock:"
- - addReply:
- reply: |
- > [!NOTE]
- > The "Type: Security Bug :lock:" label was added as per [ITA22](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita22).
-
- description: 'ITA23 - Remove the "Status: In PR" label from an issue when it''s closed.'
if:
@@ -198,7 +138,3 @@ configuration:
then:
- removeLabel:
label: "Status: In PR :point_right:"
- - addReply:
- reply: |
- > [!NOTE]
- > The "Status: In PR :point_right:" label was removed as per [ITA23](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita23).
diff --git a/.github/policies/scheduledSearches.yml b/.github/policies/scheduledSearches.yml
index 452cca7..3b4b468 100644
--- a/.github/policies/scheduledSearches.yml
+++ b/.github/policies/scheduledSearches.yml
@@ -36,9 +36,6 @@ configuration:
> [!TIP]
> - To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
> - To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
-
- > [!NOTE]
- > This message was posted as per [ITA01TF](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita01tf1-2).
- addLabel:
label: "Status: Response Overdue :triangular_flag_on_post:"
@@ -68,9 +65,6 @@ configuration:
> [!TIP]
> - To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to.
> - To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)!
-
- > [!NOTE]
- > This message was posted as per [ITA01TF](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita01tf1-2).
- addLabel:
label: "Status: Response Overdue :triangular_flag_on_post:"
- assignTo:
@@ -105,9 +99,6 @@ configuration:
> [!TIP]
> - To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!
> - Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.
-
- > [!NOTE]
- > This message was posted as per [ITA02TF](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita02tf1-2).
- addLabel:
label: "Needs: Immediate Attention :bangbang:"
@@ -137,9 +128,6 @@ configuration:
> [!TIP]
> - To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!
> - Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.
-
- > [!NOTE]
- > This message was posted as per [ITA02TF](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita02tf1-2).
- addLabel:
label: "Needs: Immediate Attention :bangbang:"
@@ -182,9 +170,6 @@ configuration:
> [!TIP]
> - To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to!
> - Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to.
-
- > [!NOTE]
- > This message was posted as per [ITA03TF](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita03tf).
- addLabel:
label: "Needs: Immediate Attention :bangbang:"
- assignTo:
@@ -213,15 +198,6 @@ configuration:
> [!IMPORTANT]
> @${issueAuthor}, this issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for **4 days**. It will be closed if no further activity occurs **within 3 days of this comment**.
- > [!TIP]
- > To prevent further actions to take effect, one of the following conditions must be met:
- > - The author must respond in a comment within 3 days of this comment.
- > - The "Status: No Recent Activity :zzz:" label must be removed.
- > - If applicable, the "Status: Long Term :hourglass_flowing_sand:" or the "Needs: Module Owner :mega:" label must be added.
-
- > [!NOTE]
- > This message was posted as per [ITA04](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita04).
-
- description: 'ITA05A - Close issues that have been marked as requiring author feedback but have not had any activity for 3 days, unless it''s been marked with the "Status long term" label.'
frequencies:
- hourly:
@@ -242,12 +218,6 @@ configuration:
reply: |
> [!WARNING]
> @${issueAuthor}, this issue will now be closed, as it has been marked as requiring author feedback but has not had any activity for **7 days**.
-
- > [!TIP]
- > In case this issue needs to be reopened (e.g., the author responds after the issue was closed), the "Status: No Recent Activity :zzz:" label must be removed.
-
- > [!NOTE]
- > This message was posted as per [ITA05](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita05).
- closeIssue
- description: 'ITA05B - Close issues that have been marked as requiring author feedback but have not had any activity for 3 days, unless it''s been marked with the "Status long term" label.'
@@ -270,10 +240,4 @@ configuration:
reply: |
> [!WARNING]
> @${issueAuthor}, this issue will now be closed, as it has been marked as requiring author feedback but has not had any activity for **7 days**.
-
- > [!TIP]
- > In case this issue needs to be reopened (e.g., the author responds after the issue was closed), the "Status: No Recent Activity :zzz:" label must be removed.
-
- > [!NOTE]
- > This message was posted as per [ITA05](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita05).
- closeIssue
diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
index 4d867dc..7724649 100644
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -1,71 +1,29 @@
---
-name: e2e test
+ name: test examples
+ on:
+ pull_request:
+ types: ['opened', 'reopened', 'synchronize']
+ merge_group:
+ workflow_dispatch:
+
+ jobs:
+ check:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checking for Fork
+ shell: pwsh
+ run: |
+ $isFork = "${{ github.event.pull_request.head.repo.fork }}"
+ if($isFork -eq "true") {
+ echo "### WARNING: This workflow is disabled for forked repositories. Please follow the [release branch process](https://azure.github.io/Azure-Verified-Modules/contributing/terraform/terraform-contribution-flow/#5-create-a-pull-request-to-the-upstream-repository) if end to end tests are required." >> $env:GITHUB_STEP_SUMMARY
+ }
-on:
- pull_request:
- types: ['opened', 'reopened', 'synchronize']
- merge_group:
- workflow_dispatch:
-
-permissions:
- contents: read
- id-token: write
-
-jobs:
- getexamples:
- if: github.event.repository.name != 'terraform-azurerm-avm-template'
- runs-on: ubuntu-latest
- outputs:
- examples: ${{ steps.getexamples.outputs.examples }}
- steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 #v4.1.2
- - name: get examples
- id: getexamples
- uses: Azure/terraform-azurerm-avm-template/.github/actions/e2e-getexamples@main
- with:
- github-token: ${{ secrets.GITHUB_TOKEN }}
-
- testexamples:
- if: github.event.repository.name != 'terraform-azurerm-avm-template'
- runs-on: [ self-hosted, 1ES.Pool=terraform-azurerm-avm-res-cdn-profile ]
- needs: getexamples
- environment: test
- env:
- TF_IN_AUTOMATION: 1
- TF_VAR_enable_telemetry: false
- strategy:
- matrix:
- example: ${{ fromJson(needs.getexamples.outputs.examples) }}
- fail-fast: false
- steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 #v4.1.2
-
- - name: Test example
- shell: bash
- run: |
- set -e
- MAX_RETRIES=10
- RETRY_COUNT=0
- until [ $RETRY_COUNT -ge $MAX_RETRIES ]
- do
- az login --identity --username $MSI_ID > /dev/null && break
- RETRY_COUNT=$[$RETRY_COUNT+1]
- sleep 10
- done
- if [ $RETRY_COUNT -eq $MAX_RETRIES ]; then
- echo "Failed to login after $MAX_RETRIES attempts."
- exit 1
- fi
- export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id')
- export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId')
- export ARM_CLIENT_ID=$(az identity list | jq -r --arg MSI_ID "$MSI_ID" '.[] | select(.principalId == $MSI_ID) | .clientId')
- docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src -w /src --network=host -e TF_IN_AUTOMATION -e TF_VAR_enable_telemetry -e AVM_MOD_PATH=/src -e AVM_EXAMPLE=${{ matrix.example }} -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_USE_MSI=true mcr.microsoft.com/azterraform:latest make test-example
-
- # This job is only run when all the previous jobs are successful.
- # We can use it for PR validation to ensure all examples have completed.
- testexamplescomplete:
- if: github.event.repository.name != 'terraform-azurerm-avm-template'
- runs-on: ubuntu-latest
- needs: testexamples
- steps:
- - run: echo "All tests passed"
+ run-e2e-tests:
+ if: github.event.repository.name != 'terraform-azurerm-avm-template' && github.event.pull_request.head.repo.fork == false
+ uses: Azure/terraform-azurerm-avm-template/.github/workflows/test-examples-template.yml@main
+ name: end to end
+ secrets: inherit
+ permissions:
+ id-token: write
+ contents: read
+
\ No newline at end of file
diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml
index 95aa5f4..254164d 100644
--- a/.github/workflows/linting.yml
+++ b/.github/workflows/linting.yml
@@ -21,7 +21,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: checkout repository
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 #v4.1.2
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
- name: check docs
uses: Azure/terraform-azurerm-avm-template/.github/actions/docs-check@main
@@ -32,7 +32,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: checkout repository
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 #v4.1.2
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
- name: lint terraform
uses: Azure/terraform-azurerm-avm-template/.github/actions/linting@main
@@ -40,12 +40,18 @@ jobs:
github-token: ${{ secrets.GITHUB_TOKEN }}
avmfix:
- if: github.event.repository.name != 'terraform-azurerm-avm-template' && false
+ if: github.event.repository.name != 'terraform-azurerm-avm-template'
name: avmfix
runs-on: ubuntu-latest
steps:
- name: checkout repository
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 #v4.1.2
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
- name: avmfix
uses: Azure/terraform-azurerm-avm-template/.github/actions/avmfix@main
+
+ lintcomplete:
+ needs: [docs, terraform, avmfix]
+ runs-on: ubuntu-latest
+ steps:
+ - run: echo "All linting checks passed"
diff --git a/.github/workflows/version-check.yml b/.github/workflows/version-check.yml
index 8e3e0fd..c117502 100644
--- a/.github/workflows/version-check.yml
+++ b/.github/workflows/version-check.yml
@@ -16,7 +16,7 @@ jobs:
if: github.event.repository.name != 'terraform-azurerm-avm-template'
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 #v4.1.2
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
- name: Check version
uses: Azure/terraform-azurerm-avm-template/.github/actions/version-check@main
with:
diff --git a/.gitignore b/.gitignore
index bd0ae9b..8da5e10 100644
--- a/.gitignore
+++ b/.gitignore
@@ -44,3 +44,5 @@ avm.tflint.merged.hcl
avm.tflint_example.hcl
avm.tflint_example.merged.hcl
avmmakefile
+avm.tflint_module.hcl
+avm.tflint_module.merged.hcl
diff --git a/.terraform-docs.yml b/.terraform-docs.yml
index dd5d16b..5f3b231 100644
--- a/.terraform-docs.yml
+++ b/.terraform-docs.yml
@@ -4,7 +4,7 @@
formatter: "markdown document" # this is required
-version: "~> 0.17.0"
+version: "~> 0.18"
header-from: "_header.md"
footer-from: "_footer.md"
@@ -23,8 +23,6 @@ content: |-
{{ .Requirements }}
- {{ .Providers }}
-
{{ .Resources }}
diff --git a/README.md b/README.md
index d9bf18b..be448d5 100644
--- a/README.md
+++ b/README.md
@@ -23,16 +23,6 @@ The following requirements are needed by this module:
- [random](#requirement\_random) (>= 3.5.0)
-## Providers
-
-The following providers are used by this module:
-
-- [azapi](#provider\_azapi) (1.9.0)
-
-- [azurerm](#provider\_azurerm) (>= 3.71.0)
-
-- [random](#provider\_random) (>= 3.5.0)
-
## Resources
The following resources are used by this module:
@@ -54,10 +44,12 @@ The following resources are used by this module:
- [azurerm_management_lock.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/management_lock) (resource)
- [azurerm_monitor_diagnostic_setting.cdn_endpoint_diag](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_diagnostic_setting) (resource)
- [azurerm_monitor_diagnostic_setting.front_door_diag](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_diagnostic_setting) (resource)
-- [azurerm_resource_group_template_deployment.telemetry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group_template_deployment) (resource)
- [azurerm_role_assignment.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) (resource)
-- [random_id.telem](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) (resource)
+- [modtm_telemetry.telemetry](https://registry.terraform.io/providers/hashicorp/modtm/latest/docs/resources/telemetry) (resource)
+- [random_uuid.telemetry](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/uuid) (resource)
+- [azurerm_client_config.telemetry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) (data source)
- [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) (data source)
+- [modtm_module_source.telemetry](https://registry.terraform.io/providers/hashicorp/modtm/latest/docs/data-sources/module_source) (data source)
## Required Inputs
diff --git a/avm b/avm
index 69f9ce0..9716dfb 100755
--- a/avm
+++ b/avm
@@ -18,4 +18,16 @@ if [ -z "$1" ]; then
exit 1
fi
-$CONTAINER_RUNTIME run --pull always --rm -v "$(pwd)":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make "$1"
+# Mount .azure directory if it exists
+AZURE_VOLUME=""
+if [ -d "$HOME/.azure" ]; then
+ AZURE_VOLUME="-v $HOME/.azure:/home/runtimeuser/.azure"
+fi
+
+# Check if we are running in a container
+# If we are then just run make directly
+if [ -z "$AVM_IN_CONTAINER" ]; then
+ $CONTAINER_RUNTIME run --pull always --user "$(id -u):$(id -g)" --rm $AZURE_VOLUME -v /etc/passwd:/etc/passwd -v /etc/group:/etc/group -v "$(pwd)":/src -w /src -e GITHUB_REPOSITORY -e ARM_SUBSCRIPTION_ID -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make "$1"
+else
+ make "$1"
+fi
diff --git a/avm.bat b/avm.bat
index cdfa812..6b177be 100644
--- a/avm.bat
+++ b/avm.bat
@@ -18,6 +18,6 @@ IF "%~1"=="" (
)
REM Run the make target with CONTAINER_RUNTIME
-%CONTAINER_RUNTIME% run --pull always --rm -v "%cd%":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make %1
+%CONTAINER_RUNTIME% run --pull always --rm -v "%cd%":/src -w /src --user "1000:1000" -e ARM_SUBSCRIPTION_ID -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make %1
ENDLOCAL
diff --git a/examples/.terraform-docs.yml b/examples/.terraform-docs.yml
index f97f3a3..bdfb331 100644
--- a/examples/.terraform-docs.yml
+++ b/examples/.terraform-docs.yml
@@ -4,7 +4,7 @@
formatter: "markdown document" # this is required
-version: "~> 0.17.0"
+version: "~> 0.18"
header-from: "_header.md"
footer-from: "_footer.md"
@@ -27,8 +27,6 @@ content: |-
{{ .Requirements }}
- {{ .Providers }}
-
{{ .Resources }}
diff --git a/examples/afd_custom_domain_managed_secret/README.md b/examples/afd_custom_domain_managed_secret/README.md
index d233581..566933c 100644
--- a/examples/afd_custom_domain_managed_secret/README.md
+++ b/examples/afd_custom_domain_managed_secret/README.md
@@ -262,12 +262,6 @@ The following requirements are needed by this module:
- [azurerm](#requirement\_azurerm) (~> 3.74)
-## Providers
-
-The following providers are used by this module:
-
-- [azurerm](#provider\_azurerm) (~> 3.74)
-
## Resources
The following resources are used by this module:
diff --git a/examples/afd_custom_domain_with_customer_managed_secret/README.md b/examples/afd_custom_domain_with_customer_managed_secret/README.md
index 4f32160..3bc2938 100644
--- a/examples/afd_custom_domain_with_customer_managed_secret/README.md
+++ b/examples/afd_custom_domain_with_customer_managed_secret/README.md
@@ -386,12 +386,6 @@ The following requirements are needed by this module:
- [azurerm](#requirement\_azurerm) (~> 3.74)
-## Providers
-
-The following providers are used by this module:
-
-- [azurerm](#provider\_azurerm) (~> 3.74)
-
## Resources
The following resources are used by this module:
diff --git a/examples/afd_interfaces/README.md b/examples/afd_interfaces/README.md
index 97f70a7..6a76c36 100644
--- a/examples/afd_interfaces/README.md
+++ b/examples/afd_interfaces/README.md
@@ -339,12 +339,6 @@ The following requirements are needed by this module:
- [azurerm](#requirement\_azurerm) (~> 3.103.1)
-## Providers
-
-The following providers are used by this module:
-
-- [azurerm](#provider\_azurerm) (~> 3.103.1)
-
## Resources
The following resources are used by this module:
diff --git a/examples/afd_private_link_service_to_LB/README.md b/examples/afd_private_link_service_to_LB/README.md
index b666b1c..46d3cdf 100644
--- a/examples/afd_private_link_service_to_LB/README.md
+++ b/examples/afd_private_link_service_to_LB/README.md
@@ -280,12 +280,6 @@ The following requirements are needed by this module:
- [azurerm](#requirement\_azurerm) (~> 3.74)
-## Providers
-
-The following providers are used by this module:
-
-- [azurerm](#provider\_azurerm) (~> 3.74)
-
## Resources
The following resources are used by this module:
diff --git a/examples/afd_private_link_to_Linux_WebApp/README.md b/examples/afd_private_link_to_Linux_WebApp/README.md
index d4f1edd..14cb974 100644
--- a/examples/afd_private_link_to_Linux_WebApp/README.md
+++ b/examples/afd_private_link_to_Linux_WebApp/README.md
@@ -261,12 +261,6 @@ The following requirements are needed by this module:
- [azurerm](#requirement\_azurerm) (~> 3.74)
-## Providers
-
-The following providers are used by this module:
-
-- [azurerm](#provider\_azurerm) (~> 3.74)
-
## Resources
The following resources are used by this module:
diff --git a/examples/afd_private_link_to_storage_with_caching/README.md b/examples/afd_private_link_to_storage_with_caching/README.md
index e23137c..8d3a778 100644
--- a/examples/afd_private_link_to_storage_with_caching/README.md
+++ b/examples/afd_private_link_to_storage_with_caching/README.md
@@ -286,12 +286,6 @@ The following requirements are needed by this module:
- [azurerm](#requirement\_azurerm) (~> 3.74)
-## Providers
-
-The following providers are used by this module:
-
-- [azurerm](#provider\_azurerm) (~> 3.74)
-
## Resources
The following resources are used by this module:
diff --git a/examples/afd_security_policies/README.md b/examples/afd_security_policies/README.md
index eb46e81..03b595b 100644
--- a/examples/afd_security_policies/README.md
+++ b/examples/afd_security_policies/README.md
@@ -511,12 +511,6 @@ The following requirements are needed by this module:
- [azurerm](#requirement\_azurerm) (~> 3.74)
-## Providers
-
-The following providers are used by this module:
-
-- [azurerm](#provider\_azurerm) (~> 3.74)
-
## Resources
The following resources are used by this module:
diff --git a/examples/cdn_default_edgeio/README.md b/examples/cdn_default_edgeio/README.md
index a3fae9e..7b905ee 100644
--- a/examples/cdn_default_edgeio/README.md
+++ b/examples/cdn_default_edgeio/README.md
@@ -177,12 +177,6 @@ The following requirements are needed by this module:
- [azurerm](#requirement\_azurerm) (~> 3.74)
-## Providers
-
-The following providers are used by this module:
-
-- [azurerm](#provider\_azurerm) (~> 3.74)
-
## Resources
The following resources are used by this module:
diff --git a/examples/cdn_default_microsoft/README.md b/examples/cdn_default_microsoft/README.md
index 2ac6255..45cc48c 100644
--- a/examples/cdn_default_microsoft/README.md
+++ b/examples/cdn_default_microsoft/README.md
@@ -154,12 +154,6 @@ The following requirements are needed by this module:
- [azurerm](#requirement\_azurerm) (~> 3.74)
-## Providers
-
-The following providers are used by this module:
-
-- [azurerm](#provider\_azurerm) (~> 3.74)
-
## Resources
The following resources are used by this module:
diff --git a/examples/default/README.md b/examples/default/README.md
index 13c8bd9..74ef5a1 100644
--- a/examples/default/README.md
+++ b/examples/default/README.md
@@ -377,12 +377,6 @@ The following requirements are needed by this module:
- [azurerm](#requirement\_azurerm) (~> 3.74)
-## Providers
-
-The following providers are used by this module:
-
-- [azurerm](#provider\_azurerm) (~> 3.74)
-
## Resources
The following resources are used by this module:
diff --git a/locals.telemetry.tf b/locals.telemetry.tf
deleted file mode 100644
index 533b247..0000000
--- a/locals.telemetry.tf
+++ /dev/null
@@ -1,39 +0,0 @@
-locals {
- module_name = "cdn-profile"
- module_type = "res"
- # This constructs the ARM deployment name that is used for the telemetry.
- # We shouldn't ever hit the 64 character limit but use substr just in case.
- telem_arm_deployment_name = substr(
- format(
- "%s.%s.%s.v%s.%s",
- local.telem_puid,
- local.module_type,
- substr(local.module_name, 0, 30),
- replace(local.module_version, ".", "-"),
- local.telem_random_hex
- ),
- 0,
- 64
- )
- # This is an empty ARM deployment template.
- telem_arm_template_content = jsonencode(
- {
- "$schema" = "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
- "contentVersion" = "1.0.0.0",
- "parameters" = {},
- "variables" = {},
- "resources" = [],
- "outputs" = {
- "telemetry" = {
- "type" = "String",
- "value" = "For more information, see https://aka.ms/avm/telemetry"
- }
- }
- }
- )
- # This is the unique id AVM Terraform modules that is supplied by the AVM team.
- # See https://azure.github.io/Azure-Verified-Modules/specs/shared/#id-sfr3---category-telemetry---deploymentusage-telemetry
- telem_puid = "46d3xgtf"
- # This ensures we don't get errors if telemetry is disabled.
- telem_random_hex = can(random_id.telem[0].hex) ? random_id.telem[0].hex : ""
-}
\ No newline at end of file
diff --git a/locals.version.tf.json b/locals.version.tf.json
deleted file mode 100644
index 6d43988..0000000
--- a/locals.version.tf.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
- "locals": {
- "module_version": "0.1.0"
- }
-}
diff --git a/main.cdn_endpoints.tf b/main.cdn_endpoints.tf
index ecf8793..c036500 100644
--- a/main.cdn_endpoints.tf
+++ b/main.cdn_endpoints.tf
@@ -17,6 +17,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
dynamic "origin" {
for_each = each.value.origins
+
content {
host_name = origin.value.host_name
name = origin.value.name
@@ -25,12 +26,14 @@ resource "azurerm_cdn_endpoint" "endpoint" {
# azurerm_cdn_endpoint supports `global_delivery_rule` and `delivery_rule` only when `Standard_Microsoft` sku is used.
dynamic "delivery_rule" {
for_each = coalesce(each.value.delivery_rules, [])
+
content {
name = delivery_rule.value.name
order = delivery_rule.value.order
dynamic "cache_expiration_action" {
for_each = delivery_rule.value.cache_expiration_action
+
content {
behavior = cache_expiration_action.value.behavior
duration = cache_expiration_action.value.duration
@@ -38,6 +41,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "cache_key_query_string_action" {
for_each = delivery_rule.value.cache_key_query_string_action
+
content {
behavior = cache_key_query_string_action.value.behavior
parameters = cache_key_query_string_action.value.parameters
@@ -45,6 +49,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "cookies_condition" {
for_each = delivery_rule.value.cookies_condition
+
content {
operator = cookies_condition.value.operator
selector = cookies_condition.value.selector
@@ -55,6 +60,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "device_condition" {
for_each = delivery_rule.value.device_condition
+
content {
match_values = device_condition.value.match_values
negate_condition = device_condition.value.negate_condition
@@ -63,6 +69,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "http_version_condition" {
for_each = delivery_rule.value.http_version_condition
+
content {
match_values = http_version_condition.value.match_values
negate_condition = http_version_condition.value.negate_condition
@@ -71,6 +78,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "modify_request_header_action" {
for_each = delivery_rule.value.modify_request_header_action
+
content {
action = modify_request_header_action.value.action
name = modify_request_header_action.value.name
@@ -79,6 +87,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "modify_response_header_action" {
for_each = delivery_rule.value.modify_response_header_action
+
content {
action = modify_response_header_action.value.action
name = modify_response_header_action.value.name
@@ -87,6 +96,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "post_arg_condition" {
for_each = delivery_rule.value.post_arg_condition
+
content {
operator = post_arg_condition.value.operator
selector = post_arg_condition.value.selector
@@ -97,6 +107,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "query_string_condition" {
for_each = delivery_rule.value.query_string_condition
+
content {
operator = query_string_condition.value.operator
match_values = query_string_condition.value.match_values
@@ -106,6 +117,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "remote_address_condition" {
for_each = delivery_rule.value.remote_address_condition
+
content {
operator = remote_address_condition.value.operator
match_values = remote_address_condition.value.match_values
@@ -114,6 +126,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "request_body_condition" {
for_each = delivery_rule.value.request_body_condition
+
content {
operator = request_body_condition.value.operator
match_values = request_body_condition.value.match_values
@@ -123,6 +136,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "request_header_condition" {
for_each = delivery_rule.value.request_header_condition
+
content {
operator = request_header_condition.value.operator
selector = request_header_condition.value.selector
@@ -133,6 +147,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "request_method_condition" {
for_each = delivery_rule.value.request_method_condition
+
content {
match_values = request_method_condition.value.match_values
negate_condition = request_method_condition.value.negate_condition
@@ -141,6 +156,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "request_scheme_condition" {
for_each = delivery_rule.value.request_scheme_condition
+
content {
match_values = request_scheme_condition.value.match_values
negate_condition = request_scheme_condition.value.negate_condition
@@ -149,6 +165,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "request_uri_condition" {
for_each = delivery_rule.value.request_uri_condition
+
content {
operator = request_uri_condition.value.operator
match_values = request_uri_condition.value.match_values
@@ -158,6 +175,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "url_file_extension_condition" {
for_each = delivery_rule.value.url_file_extension_condition
+
content {
operator = url_file_extension_condition.value.operator
match_values = url_file_extension_condition.value.match_values
@@ -167,6 +185,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "url_file_name_condition" {
for_each = delivery_rule.value.url_file_name_condition
+
content {
operator = url_file_name_condition.value.operator
match_values = url_file_name_condition.value.match_values
@@ -176,6 +195,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "url_path_condition" {
for_each = delivery_rule.value.url_path_condition
+
content {
operator = url_path_condition.value.operator
match_values = url_path_condition.value.match_values
@@ -185,6 +205,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "url_redirect_action" {
for_each = delivery_rule.value.url_redirect_action
+
content {
redirect_type = url_redirect_action.value.redirect_type
fragment = url_redirect_action.value.fragment
@@ -196,6 +217,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "url_rewrite_action" {
for_each = delivery_rule.value.url_rewrite_action
+
content {
destination = url_rewrite_action.value.destination
source_pattern = url_rewrite_action.value.source_pattern
@@ -206,6 +228,7 @@ resource "azurerm_cdn_endpoint" "endpoint" {
}
dynamic "geo_filter" {
for_each = each.value.geo_filters
+
content {
action = geo_filter.value.action
country_codes = geo_filter.value.country_codes
@@ -223,6 +246,7 @@ resource "azurerm_cdn_endpoint_custom_domain" "cds" {
dynamic "cdn_managed_https" {
for_each = coalesce([each.value.cdn_managed_https], [])
+
content {
certificate_type = cdn_managed_https.value.certificate_type
protocol_type = cdn_managed_https.value.protocol_type
@@ -231,6 +255,7 @@ resource "azurerm_cdn_endpoint_custom_domain" "cds" {
}
dynamic "user_managed_https" {
for_each = coalesce([each.value.user_managed_https], [])
+
content {
key_vault_secret_id = user_managed_https.value.key_vault_secret_id
tls_version = user_managed_https.value.tls_version
diff --git a/main.cdn_frontdoor_endpoints.tf b/main.cdn_frontdoor_endpoints.tf
index 0784049..b3c5c88 100644
--- a/main.cdn_frontdoor_endpoints.tf
+++ b/main.cdn_frontdoor_endpoints.tf
@@ -26,6 +26,7 @@ resource "azurerm_cdn_frontdoor_route" "routes" {
dynamic "cache" {
for_each = each.value.cache
+
content {
compression_enabled = cache.value["compression_enabled"]
content_types_to_compress = cache.value["content_types_to_compress"]
diff --git a/main.cdn_frontdoor_origin_group.tf b/main.cdn_frontdoor_origin_group.tf
index 9f39888..af0017a 100644
--- a/main.cdn_frontdoor_origin_group.tf
+++ b/main.cdn_frontdoor_origin_group.tf
@@ -8,6 +8,7 @@ resource "azurerm_cdn_frontdoor_origin_group" "origin_groups" {
dynamic "load_balancing" {
for_each = each.value.load_balancing
+
content {
additional_latency_in_milliseconds = load_balancing.value["additional_latency_in_milliseconds"]
sample_size = load_balancing.value["sample_size"]
@@ -16,6 +17,7 @@ resource "azurerm_cdn_frontdoor_origin_group" "origin_groups" {
}
dynamic "health_probe" {
for_each = each.value.health_probe
+
content {
interval_in_seconds = health_probe.value["interval_in_seconds"]
protocol = health_probe.value["protocol"]
diff --git a/main.cdn_frontdoor_profile.tf b/main.cdn_frontdoor_profile.tf
index ff74a48..129a356 100644
--- a/main.cdn_frontdoor_profile.tf
+++ b/main.cdn_frontdoor_profile.tf
@@ -18,6 +18,7 @@ resource "azapi_resource" "front_door_profile" {
## Resources supporting both SystemAssigned and UserAssigned
dynamic "identity" {
for_each = local.managed_identities.system_assigned_user_assigned
+
content {
type = identity.value.type
identity_ids = identity.value.user_assigned_resource_ids
diff --git a/main.cdn_frontdoor_rules.tf b/main.cdn_frontdoor_rules.tf
index f763f70..1b4cf01 100644
--- a/main.cdn_frontdoor_rules.tf
+++ b/main.cdn_frontdoor_rules.tf
@@ -16,6 +16,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
actions {
dynamic "request_header_action" {
for_each = each.value.actions.request_header_actions
+
content {
header_action = request_header_action.value.header_action
header_name = request_header_action.value.header_name
@@ -24,6 +25,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "response_header_action" {
for_each = each.value.actions.response_header_actions
+
content {
header_action = response_header_action.value.header_action
header_name = response_header_action.value.header_name
@@ -32,6 +34,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "route_configuration_override_action" {
for_each = each.value.actions.route_configuration_override_actions
+
content {
cache_behavior = route_configuration_override_action.value.cache_behavior
cache_duration = route_configuration_override_action.value.cache_duration
@@ -44,6 +47,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "url_redirect_action" {
for_each = each.value.actions.url_redirect_actions
+
content {
destination_hostname = url_redirect_action.value.destination_hostname
redirect_type = url_redirect_action.value.redirect_type
@@ -55,6 +59,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "url_rewrite_action" {
for_each = each.value.actions.url_rewrite_actions
+
content {
destination = url_rewrite_action.value.destination
source_pattern = url_rewrite_action.value.source_pattern
@@ -65,6 +70,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
conditions {
dynamic "client_port_condition" {
for_each = each.value.conditions.client_port_conditions
+
content {
operator = client_port_condition.value.operator
match_values = client_port_condition.value.match_values
@@ -73,6 +79,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "cookies_condition" {
for_each = each.value.conditions.cookies_conditions
+
content {
cookie_name = cookies_condition.value.cookie_name
operator = cookies_condition.value.operator
@@ -83,6 +90,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "host_name_condition" {
for_each = each.value.conditions.host_name_conditions
+
content {
operator = host_name_condition.value.operator
match_values = host_name_condition.value.match_values
@@ -101,6 +109,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "is_device_condition" {
for_each = each.value.conditions.is_device_conditions
+
content {
match_values = is_device_condition.value.match_values
negate_condition = is_device_condition.value.negate_condition
@@ -109,6 +118,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "post_args_condition" {
for_each = each.value.conditions.post_args_conditions
+
content {
operator = post_args_condition.value.operator
post_args_name = post_args_condition.value.post_args_name
@@ -119,6 +129,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "query_string_condition" {
for_each = each.value.conditions.query_string_conditions
+
content {
operator = query_string_condition.value.operator
match_values = query_string_condition.value.match_values
@@ -128,6 +139,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "remote_address_condition" {
for_each = each.value.conditions.remote_address_conditions
+
content {
match_values = remote_address_condition.value.match_values
negate_condition = remote_address_condition.value.negate_condition
@@ -136,6 +148,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "request_body_condition" {
for_each = each.value.conditions.request_body_conditions
+
content {
match_values = request_body_condition.value.match_values
operator = request_body_condition.value.operator
@@ -145,6 +158,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "request_header_condition" {
for_each = each.value.conditions.request_header_conditions
+
content {
header_name = request_header_condition.value.header_name
operator = request_header_condition.value.operator
@@ -155,6 +169,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "request_method_condition" {
for_each = each.value.conditions.request_method_conditions
+
content {
match_values = request_method_condition.value.match_values
negate_condition = request_method_condition.value.negate_condition
@@ -163,6 +178,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "request_scheme_condition" {
for_each = each.value.conditions.request_scheme_conditions
+
content {
match_values = request_scheme_condition.value.match_values
negate_condition = request_scheme_condition.value.negate_condition
@@ -171,6 +187,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "request_uri_condition" {
for_each = each.value.conditions.request_uri_conditions
+
content {
operator = request_uri_condition.value.operator
match_values = request_uri_condition.value.match_values
@@ -180,6 +197,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "server_port_condition" {
for_each = each.value.conditions.server_port_conditions
+
content {
match_values = server_port_condition.value.match_values
operator = server_port_condition.value.operator
@@ -188,6 +206,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "socket_address_condition" {
for_each = each.value.conditions.socket_address_conditions
+
content {
match_values = socket_address_condition.value.match_values
negate_condition = socket_address_condition.value.negate_condition
@@ -196,6 +215,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "ssl_protocol_condition" {
for_each = each.value.conditions.ssl_protocol_conditions
+
content {
match_values = ssl_protocol_condition.value.match_values
negate_condition = ssl_protocol_condition.value.negate_condition
@@ -204,6 +224,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "url_file_extension_condition" {
for_each = each.value.conditions.url_file_extension_conditions
+
content {
match_values = url_file_extension_condition.value.match_values
operator = url_file_extension_condition.value.operator
@@ -213,6 +234,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "url_filename_condition" {
for_each = each.value.conditions.url_filename_conditions
+
content {
operator = url_filename_condition.value.operator
match_values = url_filename_condition.value.match_values
@@ -222,6 +244,7 @@ resource "azurerm_cdn_frontdoor_rule" "rules" {
}
dynamic "url_path_condition" {
for_each = each.value.conditions.url_path_conditions
+
content {
operator = url_path_condition.value.operator
match_values = url_path_condition.value.match_values
diff --git a/main.cdn_frontdoor_wafandsecuritypolicy.tf b/main.cdn_frontdoor_wafandsecuritypolicy.tf
index 7212148..af7b11c 100644
--- a/main.cdn_frontdoor_wafandsecuritypolicy.tf
+++ b/main.cdn_frontdoor_wafandsecuritypolicy.tf
@@ -16,6 +16,7 @@ resource "azurerm_cdn_frontdoor_firewall_policy" "wafs" {
dynamic "custom_rule" {
for_each = try(each.value.custom_rules, null)
+
content {
action = custom_rule.value.action
name = custom_rule.value.name
@@ -27,6 +28,7 @@ resource "azurerm_cdn_frontdoor_firewall_policy" "wafs" {
dynamic "match_condition" {
for_each = try(custom_rule.value.match_conditions, null)
+
content {
match_values = match_condition.value.match_values
match_variable = match_condition.value.match_variable
@@ -40,6 +42,7 @@ resource "azurerm_cdn_frontdoor_firewall_policy" "wafs" {
}
dynamic "managed_rule" {
for_each = try(each.value.managed_rules, null)
+
content {
action = managed_rule.value.action
type = managed_rule.value.type
@@ -47,6 +50,7 @@ resource "azurerm_cdn_frontdoor_firewall_policy" "wafs" {
dynamic "exclusion" {
for_each = try(managed_rule.value.exclusions, null)
+
content {
match_variable = exclusion.value.match_variable
operator = exclusion.value.operator
@@ -55,11 +59,13 @@ resource "azurerm_cdn_frontdoor_firewall_policy" "wafs" {
}
dynamic "override" {
for_each = try(managed_rule.value.overrides, null)
+
content {
rule_group_name = override.value.rule_group_name
dynamic "exclusion" {
for_each = try(override.value.exclusions, null)
+
content {
match_variable = exclusion.value.match_variable
operator = exclusion.value.operator
@@ -68,6 +74,7 @@ resource "azurerm_cdn_frontdoor_firewall_policy" "wafs" {
}
dynamic "rule" {
for_each = try(override.value.rules, null)
+
content {
action = rule.value.action
rule_id = rule.value.rule_id
@@ -75,6 +82,7 @@ resource "azurerm_cdn_frontdoor_firewall_policy" "wafs" {
dynamic "exclusion" {
for_each = try(rule.value.exclusions, null)
+
content {
match_variable = exclusion.value.match_variable
operator = exclusion.value.operator
@@ -104,6 +112,7 @@ resource "azurerm_cdn_frontdoor_security_policy" "security_policies" {
dynamic "domain" {
for_each = local.filtered_epcds_for_security_policy[each.key]
+
content {
cdn_frontdoor_domain_id = domain.value
}
diff --git a/main.telemetry.tf b/main.telemetry.tf
index ca2cca2..25144c3 100644
--- a/main.telemetry.tf
+++ b/main.telemetry.tf
@@ -1,17 +1,25 @@
-resource "random_id" "telem" {
+data "azurerm_client_config" "telemetry" {
+ count = var.enable_telemetry ? 1 : 0
+}
+
+data "modtm_module_source" "telemetry" {
count = var.enable_telemetry ? 1 : 0
- byte_length = 4
+ module_path = path.module
+}
+
+resource "random_uuid" "telemetry" {
+ count = var.enable_telemetry ? 1 : 0
}
-# This is the module telemetry deployment that is only created if telemetry is enabled.
-# It is deployed to the resource's resource group.
-resource "azurerm_resource_group_template_deployment" "telemetry" {
+resource "modtm_telemetry" "telemetry" {
count = var.enable_telemetry ? 1 : 0
- deployment_mode = "Incremental"
- name = local.telem_arm_deployment_name
- resource_group_name = var.resource_group_name
- tags = var.tags
- template_content = local.telem_arm_template_content
+ tags = {
+ subscription_id = one(data.azurerm_client_config.telemetry).subscription_id
+ tenant_id = one(data.azurerm_client_config.telemetry).tenant_id
+ module_source = one(data.modtm_module_source.telemetry).module_source
+ module_version = one(data.modtm_module_source.telemetry).module_version
+ random_id = one(random_uuid.telemetry).result
+ }
}
diff --git a/main.tf b/main.tf
index dfd7dfe..a84a228 100644
--- a/main.tf
+++ b/main.tf
@@ -17,18 +17,21 @@ resource "azurerm_monitor_diagnostic_setting" "front_door_diag" {
dynamic "enabled_log" {
for_each = each.value.log_categories
+
content {
category = enabled_log.value
}
}
dynamic "enabled_log" {
for_each = each.value.log_groups
+
content {
category_group = enabled_log.value
}
}
dynamic "metric" {
for_each = each.value.metric_categories
+
content {
category = metric.value
}
@@ -57,18 +60,21 @@ resource "azurerm_monitor_diagnostic_setting" "cdn_endpoint_diag" {
dynamic "enabled_log" {
for_each = each.value.diagnostic_setting.log_categories
+
content {
category = enabled_log.value
}
}
dynamic "enabled_log" {
for_each = each.value.diagnostic_setting.log_groups
+
content {
category_group = enabled_log.value
}
}
dynamic "metric" {
for_each = each.value.diagnostic_setting.metric_categories
+
content {
category = metric.value
}