Skip to content

Commit

Permalink
feat(vnet): Introduce DDOS Protection Plan to VNET module (#107)
Browse files Browse the repository at this point in the history
  • Loading branch information
@acelebanski
acelebanski authored Nov 27, 2024
1 parent 6a0248c commit 7dc3fe1
Show file tree
Hide file tree
Showing 30 changed files with 654 additions and 457 deletions.
55 changes: 31 additions & 24 deletions examples/common_vmseries/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -292,36 +292,43 @@ A map defining VNETs.

For detailed documentation on each property refer to [module documentation](../../modules/vnet/README.md)

- `create_virtual_network` - (`bool`, optional, defaults to `true`) when set to `true` will create a VNET, `false` will source
an existing VNET.
- `name` - (`string`, required) a name of a VNET. In case `create_virtual_network = false` this should be a
full resource name, including prefixes.
- `resource_group_name` - (`string`, optional, defaults to current RG) a name of an existing Resource Group in which the
VNET will reside or is sourced from.
- `address_space` - (`list`, required when `create_virtual_network = false`) a list of CIDRs for a newly created VNET.
- `dns_servers` - (`list`, optional, defaults to module defaults) a list of IP addresses of custom DNS servers (by
default Azure DNS is used).
- `vnet_encryption` - (`string`, optional, defaults to module default) enables Azure Virtual Network Encryption when
set, only possible value at the moment is `AllowUnencrypted`. When set to `null`, the feature is
disabled.
- `network_security_groups` - (`map`, optional) map of Network Security Groups to create, for details see
[VNET module documentation](../../modules/vnet/README.md#network_security_groups).
- `route_tables` - (`map`, optional) map of Route Tables to create, for details see
[VNET module documentation](../../modules/vnet/README.md#route_tables).
- `subnets` - (`map`, optional) map of Subnets to create or source, for details see
[VNET module documentation](../../modules/vnet/README.md#subnets).
- `create_virtual_network` - (`bool`, optional, defaults to `true`) when set to `true` will create a VNET,
`false` will source an existing VNET.
- `name` - (`string`, required) a name of a VNET. In case `create_virtual_network = false`
this should be a full resource name, including prefixes.
- `resource_group_name` - (`string`, optional, defaults to current RG) a name of an existing Resource
Group in which the VNET will reside or is sourced from.
- `address_space` - (`list`, required when `create_virtual_network = false`) a list of CIDRs for a
newly created VNET.
- `dns_servers` - (`list`, optional, defaults to module defaults) a list of IP addresses of custom
DNS servers (by default Azure DNS is used).
- `vnet_encryption` - (`string`, optional, defaults to module default) enables Azure Virtual Network
Encryption when set, only possible value at the moment is `AllowUnencrypted`.
When set to `null`, the feature is disabled.
- `ddos_protection_plan_name` - (`string`, optional, defaults to `null`) name of an existing Azure Network DDOS
Protection Plan to be associated with the VNET.
- `ddos_protection_plan_resource_group_name` - (`string`, optional, defaults to `null`) name of the Resource Group containing
an existing Azure Network DDOS Protection Plan to be associated with the VNET.
- `network_security_groups` - (`map`, optional) map of Network Security Groups to create, for details see
[VNET module documentation](../../modules/vnet/README.md#network_security_groups).
- `route_tables` - (`map`, optional) map of Route Tables to create, for details see
[VNET module documentation](../../modules/vnet/README.md#route_tables).
- `subnets` - (`map`, optional) map of Subnets to create or source, for details see
[VNET module documentation](../../modules/vnet/README.md#subnets).


Type:

```hcl
map(object({
create_virtual_network = optional(bool, true)
name = string
resource_group_name = optional(string)
address_space = optional(list(string))
dns_servers = optional(list(string))
vnet_encryption = optional(string)
create_virtual_network = optional(bool, true)
name = string
resource_group_name = optional(string)
address_space = optional(list(string))
dns_servers = optional(list(string))
vnet_encryption = optional(string)
ddos_protection_plan_name = optional(string)
ddos_protection_plan_resource_group_name = optional(string)
network_security_groups = optional(map(object({
name = string
rules = optional(map(object({
Expand Down
8 changes: 5 additions & 3 deletions examples/common_vmseries/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,9 +60,11 @@ module "vnet" {
resource_group_name = coalesce(each.value.resource_group_name, local.resource_group.name)
region = var.region

address_space = each.value.address_space
dns_servers = each.value.dns_servers
vnet_encryption = each.value.vnet_encryption
address_space = each.value.address_space
dns_servers = each.value.dns_servers
vnet_encryption = each.value.vnet_encryption
ddos_protection_plan_name = each.value.ddos_protection_plan_name
ddos_protection_plan_resource_group_name = each.value.ddos_protection_plan_resource_group_name

subnets = each.value.subnets

Expand Down
55 changes: 31 additions & 24 deletions examples/common_vmseries/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,32 +65,39 @@ variable "vnets" {
For detailed documentation on each property refer to [module documentation](../../modules/vnet/README.md)
- `create_virtual_network` - (`bool`, optional, defaults to `true`) when set to `true` will create a VNET, `false` will source
an existing VNET.
- `name` - (`string`, required) a name of a VNET. In case `create_virtual_network = false` this should be a
full resource name, including prefixes.
- `resource_group_name` - (`string`, optional, defaults to current RG) a name of an existing Resource Group in which the
VNET will reside or is sourced from.
- `address_space` - (`list`, required when `create_virtual_network = false`) a list of CIDRs for a newly created VNET.
- `dns_servers` - (`list`, optional, defaults to module defaults) a list of IP addresses of custom DNS servers (by
default Azure DNS is used).
- `vnet_encryption` - (`string`, optional, defaults to module default) enables Azure Virtual Network Encryption when
set, only possible value at the moment is `AllowUnencrypted`. When set to `null`, the feature is
disabled.
- `network_security_groups` - (`map`, optional) map of Network Security Groups to create, for details see
[VNET module documentation](../../modules/vnet/README.md#network_security_groups).
- `route_tables` - (`map`, optional) map of Route Tables to create, for details see
[VNET module documentation](../../modules/vnet/README.md#route_tables).
- `subnets` - (`map`, optional) map of Subnets to create or source, for details see
[VNET module documentation](../../modules/vnet/README.md#subnets).
- `create_virtual_network` - (`bool`, optional, defaults to `true`) when set to `true` will create a VNET,
`false` will source an existing VNET.
- `name` - (`string`, required) a name of a VNET. In case `create_virtual_network = false`
this should be a full resource name, including prefixes.
- `resource_group_name` - (`string`, optional, defaults to current RG) a name of an existing Resource
Group in which the VNET will reside or is sourced from.
- `address_space` - (`list`, required when `create_virtual_network = false`) a list of CIDRs for a
newly created VNET.
- `dns_servers` - (`list`, optional, defaults to module defaults) a list of IP addresses of custom
DNS servers (by default Azure DNS is used).
- `vnet_encryption` - (`string`, optional, defaults to module default) enables Azure Virtual Network
Encryption when set, only possible value at the moment is `AllowUnencrypted`.
When set to `null`, the feature is disabled.
- `ddos_protection_plan_name` - (`string`, optional, defaults to `null`) name of an existing Azure Network DDOS
Protection Plan to be associated with the VNET.
- `ddos_protection_plan_resource_group_name` - (`string`, optional, defaults to `null`) name of the Resource Group containing
an existing Azure Network DDOS Protection Plan to be associated with the VNET.
- `network_security_groups` - (`map`, optional) map of Network Security Groups to create, for details see
[VNET module documentation](../../modules/vnet/README.md#network_security_groups).
- `route_tables` - (`map`, optional) map of Route Tables to create, for details see
[VNET module documentation](../../modules/vnet/README.md#route_tables).
- `subnets` - (`map`, optional) map of Subnets to create or source, for details see
[VNET module documentation](../../modules/vnet/README.md#subnets).
EOF
type = map(object({
create_virtual_network = optional(bool, true)
name = string
resource_group_name = optional(string)
address_space = optional(list(string))
dns_servers = optional(list(string))
vnet_encryption = optional(string)
create_virtual_network = optional(bool, true)
name = string
resource_group_name = optional(string)
address_space = optional(list(string))
dns_servers = optional(list(string))
vnet_encryption = optional(string)
ddos_protection_plan_name = optional(string)
ddos_protection_plan_resource_group_name = optional(string)
network_security_groups = optional(map(object({
name = string
rules = optional(map(object({
Expand Down
55 changes: 31 additions & 24 deletions examples/common_vmseries_and_autoscale/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -319,36 +319,43 @@ A map defining VNETs.

For detailed documentation on each property refer to [module documentation](../../modules/vnet/README.md)

- `create_virtual_network` - (`bool`, optional, defaults to `true`) when set to `true` will create a VNET, `false` will source
an existing VNET.
- `name` - (`string`, required) a name of a VNET. In case `create_virtual_network = false` this should be a
full resource name, including prefixes.
- `resource_group_name` - (`string`, optional, defaults to current RG) a name of an existing Resource Group in which the
VNET will reside or is sourced from.
- `address_space` - (`list`, required when `create_virtual_network = false`) a list of CIDRs for a newly created VNET.
- `dns_servers` - (`list`, optional, defaults to module defaults) a list of IP addresses of custom DNS servers (by
default Azure DNS is used).
- `vnet_encryption` - (`string`, optional, defaults to module default) enables Azure Virtual Network Encryption when
set, only possible value at the moment is `AllowUnencrypted`. When set to `null`, the feature is
disabled.
- `network_security_groups` - (`map`, optional) map of Network Security Groups to create, for details see
[VNET module documentation](../../modules/vnet/README.md#network_security_groups).
- `route_tables` - (`map`, optional) map of Route Tables to create, for details see
[VNET module documentation](../../modules/vnet/README.md#route_tables).
- `subnets` - (`map`, optional) map of Subnets to create or source, for details see
[VNET module documentation](../../modules/vnet/README.md#subnets).
- `create_virtual_network` - (`bool`, optional, defaults to `true`) when set to `true` will create a VNET,
`false` will source an existing VNET.
- `name` - (`string`, required) a name of a VNET. In case `create_virtual_network = false`
this should be a full resource name, including prefixes.
- `resource_group_name` - (`string`, optional, defaults to current RG) a name of an existing Resource
Group in which the VNET will reside or is sourced from.
- `address_space` - (`list`, required when `create_virtual_network = false`) a list of CIDRs for a
newly created VNET.
- `dns_servers` - (`list`, optional, defaults to module defaults) a list of IP addresses of custom
DNS servers (by default Azure DNS is used).
- `vnet_encryption` - (`string`, optional, defaults to module default) enables Azure Virtual Network
Encryption when set, only possible value at the moment is `AllowUnencrypted`.
When set to `null`, the feature is disabled.
- `ddos_protection_plan_name` - (`string`, optional, defaults to `null`) name of an existing Azure Network DDOS
Protection Plan to be associated with the VNET.
- `ddos_protection_plan_resource_group_name` - (`string`, optional, defaults to `null`) name of the Resource Group containing
an existing Azure Network DDOS Protection Plan to be associated with the VNET.
- `network_security_groups` - (`map`, optional) map of Network Security Groups to create, for details see
[VNET module documentation](../../modules/vnet/README.md#network_security_groups).
- `route_tables` - (`map`, optional) map of Route Tables to create, for details see
[VNET module documentation](../../modules/vnet/README.md#route_tables).
- `subnets` - (`map`, optional) map of Subnets to create or source, for details see
[VNET module documentation](../../modules/vnet/README.md#subnets).


Type:

```hcl
map(object({
create_virtual_network = optional(bool, true)
name = string
resource_group_name = optional(string)
address_space = optional(list(string))
dns_servers = optional(list(string))
vnet_encryption = optional(string)
create_virtual_network = optional(bool, true)
name = string
resource_group_name = optional(string)
address_space = optional(list(string))
dns_servers = optional(list(string))
vnet_encryption = optional(string)
ddos_protection_plan_name = optional(string)
ddos_protection_plan_resource_group_name = optional(string)
network_security_groups = optional(map(object({
name = string
rules = optional(map(object({
Expand Down
8 changes: 5 additions & 3 deletions examples/common_vmseries_and_autoscale/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,9 +63,11 @@ module "vnet" {
resource_group_name = coalesce(each.value.resource_group_name, local.resource_group.name)
region = var.region

address_space = each.value.address_space
dns_servers = each.value.dns_servers
vnet_encryption = each.value.vnet_encryption
address_space = each.value.address_space
dns_servers = each.value.dns_servers
vnet_encryption = each.value.vnet_encryption
ddos_protection_plan_name = each.value.ddos_protection_plan_name
ddos_protection_plan_resource_group_name = each.value.ddos_protection_plan_resource_group_name

subnets = each.value.subnets

Expand Down
Loading

0 comments on commit 7dc3fe1

Please sign in to comment.