Skip to content

Commit

Permalink
add example for vnet peering in different subscription
Browse files Browse the repository at this point in the history
  • Loading branch information
anmolnagpal committed Apr 21, 2023
1 parent 3ab6539 commit 543c22a
Show file tree
Hide file tree
Showing 10 changed files with 196 additions and 24 deletions.
25 changes: 18 additions & 7 deletions README.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -38,16 +38,10 @@ usage: |-
module "vnet_peering" {
source = "clouddrove/vnet-peering/azure"
version = "1.0.0"
depends_on = [module.resource_group_1, module.resource_group_2]
enabled_peering = true
resource_group_1_name = module.resource_group_1.resource_group_name
resource_group_2_name = module.resource_group_2.resource_group_name
allow_gateway_transit_vnet1 = false
use_remote_gateways_vnet1 = false
allow_gateway_transit_vnet2 = false
use_remote_gateways_vnet2 = false
allow_forwarded_traffic_vnet1 = false
allow_forwarded_traffic_vnet2 = false
different_rg = true
vnet_1_name = module.vnet.vnet_name[0]
vnet_1_id = module.vnet.vnet_id[0]
Expand All @@ -56,3 +50,20 @@ usage: |-
}
```
### vnet-peering in different subscription
```hcl
module "vnet_peering" {
source = "clouddrove/vnet-peering/azure"
version = "1.0.0"
enabled_diff_subs_peering = true
resource_group_1_name = module.resource_group_1.resource_group_name
diff_subs_resource_group_name = data.azurerm_resource_group.mgmt-rg.name
alias_subs_id = "82XXXXXXXXXXXXXXXXXXXXa80"
vnet_1_name = module.vnet.vnet_name[0]
vnet_1_id = module.vnet.vnet_id[0]
vnet_diff_subs_name = data.azurerm_virtual_network.mgmt-staging-vnet.name
vnet_diff_subs_id = data.azurerm_virtual_network.mgmt-staging-vnet.id
}
```
64 changes: 64 additions & 0 deletions _example/peering_in_diff_subscription/example.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
provider "azurerm" {
features {}
}

module "resource_group_1" {
source = "clouddrove/resource-group/azure"
version = "1.0.1"

name = "vnet"
environment = "test"
label_order = ["name", "environment"]
location = "North Europe"
}


#Vnet
module "vnet" {
source = "clouddrove/vnet/azure"
version = "1.0.0"

name = "app"
environment = "example"
label_order = ["name", "environment"]

resource_group_name = module.resource_group_1.resource_group_name
location = module.resource_group_1.resource_group_location
address_space = "10.0.0.0/24"
enable_ddos_pp = false
}


provider "azurerm" {
alias = "mgmt"
features {}
subscription_id = "8XXXXXXXXXXXXXXXX53b2a80"
}

data "azurerm_resource_group" "mgmt-rg" {
provider = azurerm.mgmt
name = "example-rg"
}

data "azurerm_virtual_network" "mgmt-staging-vnet" {
provider = azurerm.mgmt
name = "example-vnet"
resource_group_name = data.azurerm_resource_group.mgmt-rg.name
}

module "vnet_peering" {
source = "../.."

enabled_diff_subs_peering = true
resource_group_1_name = module.resource_group_1.resource_group_name
diff_subs_resource_group_name = data.azurerm_resource_group.mgmt-rg.name

alias_subs_id = "82XXXXXXXXXXXXXXXXXXXXa80"
vnet_1_name = module.vnet.vnet_name[0]
vnet_1_id = module.vnet.vnet_id[0]
vnet_diff_subs_name = data.azurerm_virtual_network.mgmt-staging-vnet.name
vnet_diff_subs_id = data.azurerm_virtual_network.mgmt-staging-vnet.id

}


19 changes: 19 additions & 0 deletions _example/peering_in_diff_subscription/output.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
output "vnet_peer_1_id" {
value = module.vnet_peering.*.vnet_peer_1_id
description = "The id of the newly created virtual network peering in on first virtual netowork."
}

output "vnet_peer_1_name" {
value = module.vnet_peering.*.vnet_peer_1_name
description = "The name of the newly created virtual network peering in on first virtual netowork."
}

output "vnet_peer_diff_subs_id" {
value = module.vnet_peering.*.vnet_peer_diff_subs_id
description = "The id of the newly created virtual network peering in on different subscription virtual network."
}

output "vnet_peer_diff_subs_name" {
value = module.vnet_peering.*.vnet_peer_diff_subs_name
description = "The name of the newly created virtual network peering in on different subscription virtual network."
}
File renamed without changes.
Original file line number Diff line number Diff line change
Expand Up @@ -55,23 +55,16 @@ module "vnet_remote" {
}

module "vnet_peering" {
source = "../"
depends_on = [module.resource_group_1, module.resource_group_2]
source = "../.."

enabled_peering = true
resource_group_1_name = module.resource_group_1.resource_group_name
resource_group_2_name = module.resource_group_2.resource_group_name

allow_gateway_transit_vnet1 = false
use_remote_gateways_vnet1 = false
allow_gateway_transit_vnet2 = false
use_remote_gateways_vnet2 = false
allow_forwarded_traffic_vnet1 = false
allow_forwarded_traffic_vnet2 = false
different_rg = true
vnet_1_name = module.vnet.vnet_name[0]
vnet_1_id = module.vnet.vnet_id[0]
vnet_2_name = module.vnet_remote.vnet_name[0]
vnet_2_id = module.vnet_remote.vnet_id[0]
different_rg = true
vnet_1_name = module.vnet.vnet_name[0]
vnet_1_id = module.vnet.vnet_id[0]
vnet_2_name = module.vnet_remote.vnet_name[0]
vnet_2_id = module.vnet_remote.vnet_id[0]

}
File renamed without changes.
13 changes: 13 additions & 0 deletions _example/peering_in_same_subscription/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# Terraform version
terraform {
required_version = ">= 1.0.0"
}

terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">=2.90.0"
}
}
}
26 changes: 23 additions & 3 deletions main.tf
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@

# enable global peering between the two virtual network
resource "azurerm_virtual_network_peering" "peering" {
count = var.enabled_peering ? 1 : 0
name = format("%s-peering-%s", var.vnet_1_name, var.vnet_2_name)
count = var.enabled_peering || var.enabled_diff_subs_peering ? 1 : 0
name = var.enabled_diff_subs_peering == false ? format("%s-peering-%s", var.vnet_1_name, var.vnet_2_name) : format("%s-peering-%s", var.vnet_1_name, var.vnet_diff_subs_name)
resource_group_name = var.resource_group_1_name
virtual_network_name = var.vnet_1_name
remote_virtual_network_id = var.vnet_2_id
remote_virtual_network_id = var.enabled_diff_subs_peering == false ? var.vnet_2_id : var.vnet_diff_subs_id
allow_virtual_network_access = var.allow_virtual_network_access
allow_forwarded_traffic = var.allow_forwarded_traffic_vnet1
allow_gateway_transit = var.allow_gateway_transit_vnet1
Expand All @@ -25,3 +25,23 @@ resource "azurerm_virtual_network_peering" "peering_back" {
allow_gateway_transit = var.allow_gateway_transit_vnet2
use_remote_gateways = var.use_remote_gateways_vnet2
}

provider "azurerm" {
alias = "peer"
features {}
subscription_id = var.alias_subs_id
}

# enable global peering between the two virtual network
resource "azurerm_virtual_network_peering" "peering_back_diff_subs" {
provider = azurerm.peer
count = var.enabled_diff_subs_peering ? 1 : 0
name = format("%s-peering-%s", var.vnet_diff_subs_name, var.vnet_1_name)
resource_group_name = var.diff_subs_resource_group_name
virtual_network_name = var.vnet_diff_subs_name
remote_virtual_network_id = var.vnet_1_id
allow_virtual_network_access = var.allow_virtual_network_access
allow_forwarded_traffic = var.allow_forwarded_traffic_vnet_diff_subs
allow_gateway_transit = var.allow_gateway_transit_vnet_diff_subs
use_remote_gateways = var.use_remote_gateways_vnet_diff_subs
}
10 changes: 10 additions & 0 deletions output.tf
Original file line number Diff line number Diff line change
Expand Up @@ -17,3 +17,13 @@ output "vnet_peer_2_name" {
value = azurerm_virtual_network_peering.peering_back.*.name
description = "The name of the newly created virtual network peering in on second virtual netowork."
}

output "vnet_peer_diff_subs_name" {
value = azurerm_virtual_network_peering.peering_back_diff_subs.*.name
description = "The name of the newly created virtual network peering in on different subscription virtual netowork."
}

output "vnet_peer_diff_subs_id" {
value = azurerm_virtual_network_peering.peering_back_diff_subs.*.id
description = "The id of the newly created virtual network peering in on different subscription virtual netowork."
}
44 changes: 43 additions & 1 deletion variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,11 @@ variable "allow_forwarded_traffic_vnet2" {
default = false
description = "Controls if forwarded traffic from VMs in the remote virtual network is allowed"
}
variable "allow_forwarded_traffic_vnet_diff_subs" {
type = bool
default = false
description = "Controls if forwarded traffic from VMs in the remote virtual network is allowed"
}

variable "allow_gateway_transit_vnet1" {
type = bool
Expand All @@ -90,6 +95,11 @@ variable "allow_gateway_transit_vnet2" {
default = false
description = "Controls gatewayLinks can be used in the remote virtual network’s link to the local virtual network."
}
variable "allow_gateway_transit_vnet_diff_subs" {
type = bool
default = false
description = "Controls gatewayLinks can be used in the different subscription virtual network’s link to the local virtual network."
}

variable "use_remote_gateways_vnet1" {
type = bool
Expand All @@ -103,6 +113,12 @@ variable "use_remote_gateways_vnet2" {
description = "Controls if remote gateways can be used on the local virtual network"
}

variable "use_remote_gateways_vnet_diff_subs" {
type = bool
default = false
description = "Controls if remote gateways can be used on the different subscription virtual network"
}

variable "resource_group_1_name" {
type = string
default = ""
Expand All @@ -118,5 +134,31 @@ variable "resource_group_2_name" {
variable "different_rg" {
type = bool
default = false
description = "Flag to tell whether peering is to be done in same in resource group or deifferent resource group "
description = "Flag to tell whether peering is to be done in same in resource group or different resource group "
}

variable "enabled_diff_subs_peering" {
type = bool
default = false
}
variable "vnet_diff_subs_name" {
type = string
default = ""
description = "The name of the remote virtual network."
}
variable "alias_subs_id" {
type = string
default = ""
description = "Alias for remote provider in module."
}
variable "diff_subs_resource_group_name" {
type = string
default = ""
description = "The name of remote resource group to be imported."
}

variable "vnet_diff_subs_id" {
type = string
default = ""
description = "The id of the remote virtual network."
}

0 comments on commit 543c22a

Please sign in to comment.