Working plan

Azure · Dec 11, 2023 · 4a2e62f · 4a2e62f
1 parent 291ffc1
commit 4a2e62f
Show file tree

Hide file tree

Showing 4 changed files with 47 additions and 38 deletions.
diff --git a/templates/complete_vnext/config.yaml b/templates/complete_vnext/config.yaml
@@ -9,7 +9,7 @@
 ---
 management:
   automation_account_name: aa-${default_postfix}
-  location: uksouth
+  location: ${default_location}
   log_analytics_workspace_name: law-${default_postfix}
   resource_group_name: rg-management-${default_postfix}
 

diff --git a/templates/complete_vnext/locals.tf b/templates/complete_vnext/locals.tf
@@ -1,5 +1,4 @@
 locals {
-
   tenant_root_management_group_id = var.tenant_root_management_group_id == "" ? data.azurerm_client_config.current.tenant_id : var.tenant_root_management_group_id
 
   base_config_replacements = {
@@ -11,22 +10,11 @@ locals {
     subscription_id_management      = var.subscription_id_management
   }
 
-  initial_config = yamldecode(templatefile("${path.module}/config.yaml", local.base_config_replacements))
-
-  management        = local.initial_config.management
-  management_groups = local.initial_config.management_groups
-
-  management_groups_layer_1 = { for k, v in local.management_groups : k => v if v.parent_id == local.tenant_root_management_group_id }
-  management_groups_layer_2 = { for k, v in local.management_groups : k => v if contains(values(local.management_groups_layer_1)[*].id, v.parent_id) }
-  management_groups_layer_3 = { for k, v in local.management_groups : k => v if contains(values(local.management_groups_layer_2)[*].id, v.parent_id) }
-  management_groups_layer_4 = { for k, v in local.management_groups : k => v if contains(values(local.management_groups_layer_3)[*].id, v.parent_id) }
-  management_groups_layer_5 = { for k, v in local.management_groups : k => v if contains(values(local.management_groups_layer_4)[*].id, v.parent_id) }
-  management_groups_layer_6 = { for k, v in local.management_groups : k => v if contains(values(local.management_groups_layer_5)[*].id, v.parent_id) }
-  management_groups_layer_7 = { for k, v in local.management_groups : k => v if contains(values(local.management_groups_layer_6)[*].id, v.parent_id) }
-
-
+  raw_config       = yamldecode(file("${path.module}/config.yaml"))
+  templated_config = yamldecode(templatefile("${path.module}/config.yaml", local.base_config_replacements))
 
-  connectivity = local.initial_config.connectivity
+  management                  = local.templated_config.management
+  connectivity = local.templated_config.connectivity
 
   hub_virtual_networks = {
     for k, v in local.connectivity.hub_networking.hub_virtual_networks : k => {

diff --git a/templates/complete_vnext/locals_management_groups.tf b/templates/complete_vnext/locals_management_groups.tf
@@ -0,0 +1,21 @@
+locals { 
+ management_groups_raw       = local.raw_config.management_groups
+
+  management_groups = {
+    for key, value in local.management_groups_raw : key => {
+      id             = replace(value.id, "$${default_postfix}", local.base_config_replacements.default_postfix)
+      parent_id      = replace(replace(value.parent_id, "$${default_postfix}", local.base_config_replacements.default_postfix), "$${tenant_root_management_group_id}", local.base_config_replacements.tenant_root_management_group_id)
+      base_archetype = value.base_archetype
+    }
+  }
+
+  management_groups_templated = local.templated_config.management_groups
+
+  management_groups_layer_1 = { for k, v in local.management_groups : k => v if v.parent_id == "$${tenant_root_management_group_id}" }
+  management_groups_layer_2 = { for k, v in local.management_groups : k => v if contains(values(local.management_groups_layer_1)[*].id, v.parent_id) }
+  management_groups_layer_3 = { for k, v in local.management_groups : k => v if contains(values(local.management_groups_layer_2)[*].id, v.parent_id) }
+  management_groups_layer_4 = { for k, v in local.management_groups : k => v if contains(values(local.management_groups_layer_3)[*].id, v.parent_id) }
+  management_groups_layer_5 = { for k, v in local.management_groups : k => v if contains(values(local.management_groups_layer_4)[*].id, v.parent_id) }
+  management_groups_layer_6 = { for k, v in local.management_groups : k => v if contains(values(local.management_groups_layer_5)[*].id, v.parent_id) }
+  management_groups_layer_7 = { for k, v in local.management_groups : k => v if contains(values(local.management_groups_layer_6)[*].id, v.parent_id) }
+}
diff --git a/templates/complete_vnext/management_groups.tf b/templates/complete_vnext/management_groups.tf
@@ -3,25 +3,25 @@ module "management_groups_layer_1" {
   version                            = "~> 0.4.1"
   for_each                           = local.management_groups_layer_1
   id                                 = each.value.id
-  display_name                       = try(each.value.display_name, each.value.id)
+  display_name                       = try(local.management_groups_templated[each.key].display_name, each.value.id)
   parent_id                          = each.value.parent_id
   base_archetype                     = each.value.base_archetype
   default_location                   = var.default_location
-  default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
-  subscription_ids                   = try(each.value.subscription_ids, [])
+  #default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
+  subscription_ids                   = try(local.management_groups_templated[each.key].subscription_ids, [])
 }
 
 module "management_groups_layer_2" {
   source                             = "Azure/avm-ptn-alz/azurerm"
   version                            = "~> 0.4.1"
   for_each                           = local.management_groups_layer_2
   id                                 = each.value.id
-  display_name                       = try(each.value.display_name, each.value.id)
+  display_name                       = try(local.management_groups_templated[each.key].display_name, each.value.id)
   parent_id                          = each.value.parent_id
   base_archetype                     = each.value.base_archetype
   default_location                   = var.default_location
-  default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
-  subscription_ids                   = try(each.value.subscription_ids, [])
+  #default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
+  subscription_ids                   = try(local.management_groups_templated[each.key].subscription_ids, [])
   depends_on                         = [module.management_groups_layer_1]
 }
 
@@ -30,12 +30,12 @@ module "management_groups_layer_3" {
   version                            = "~> 0.4.1"
   for_each                           = local.management_groups_layer_3
   id                                 = each.value.id
-  display_name                       = try(each.value.display_name, each.value.id)
+  display_name                       = try(local.management_groups_templated[each.key].display_name, each.value.id)
   parent_id                          = each.value.parent_id
   base_archetype                     = each.value.base_archetype
   default_location                   = var.default_location
-  default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
-  subscription_ids                   = try(each.value.subscription_ids, [])
+  #default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
+  subscription_ids                   = try(local.management_groups_templated[each.key].subscription_ids, [])
   depends_on                         = [module.management_groups_layer_2]
 }
 
@@ -44,12 +44,12 @@ module "management_groups_layer_4" {
   version                            = "~> 0.4.1"
   for_each                           = local.management_groups_layer_4
   id                                 = each.value.id
-  display_name                       = try(each.value.display_name, each.value.id)
+  display_name                       = try(local.management_groups_templated[each.key].display_name, each.value.id)
   parent_id                          = each.value.parent_id
   base_archetype                     = each.value.base_archetype
   default_location                   = var.default_location
-  default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
-  subscription_ids                   = try(each.value.subscription_ids, [])
+  #default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
+  subscription_ids                   = try(local.management_groups_templated[each.key].subscription_ids, [])
   depends_on                         = [module.management_groups_layer_3]
 }
 
@@ -58,12 +58,12 @@ module "management_groups_layer_5" {
   version                            = "~> 0.4.1"
   for_each                           = local.management_groups_layer_5
   id                                 = each.value.id
-  display_name                       = try(each.value.display_name, each.value.id)
+  display_name                       = try(local.management_groups_templated[each.key].display_name, each.value.id)
   parent_id                          = each.value.parent_id
   base_archetype                     = each.value.base_archetype
   default_location                   = var.default_location
-  default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
-  subscription_ids                   = try(each.value.subscription_ids, [])
+  #default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
+  subscription_ids                   = try(local.management_groups_templated[each.key].subscription_ids, [])
   depends_on                         = [module.management_groups_layer_4]
 }
 
@@ -72,12 +72,12 @@ module "management_groups_layer_6" {
   version                            = "~> 0.4.1"
   for_each                           = local.management_groups_layer_6
   id                                 = each.value.id
-  display_name                       = try(each.value.display_name, each.value.id)
+  display_name                       = try(local.management_groups_templated[each.key].display_name, each.value.id)
   parent_id                          = each.value.parent_id
   base_archetype                     = each.value.base_archetype
   default_location                   = var.default_location
-  default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
-  subscription_ids                   = try(each.value.subscription_ids, [])
+  #default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
+  subscription_ids                   = try(local.management_groups_templated[each.key].subscription_ids, [])
   depends_on                         = [module.management_groups_layer_5]
 }
 
@@ -86,11 +86,11 @@ module "management_groups_layer_7" {
   version                            = "~> 0.4.1"
   for_each                           = local.management_groups_layer_7
   id                                 = each.value.id
-  display_name                       = try(each.value.display_name, each.value.id)
+  display_name                       = try(local.management_groups_templated[each.key].display_name, each.value.id)
   parent_id                          = each.value.parent_id
   base_archetype                     = each.value.base_archetype
   default_location                   = var.default_location
-  default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
-  subscription_ids                   = try(each.value.subscription_ids, [])
+  #default_log_analytics_workspace_id = module.management_resources.log_analytics_workspace.id
+  subscription_ids                   = try(local.management_groups_templated[each.key].subscription_ids, [])
   depends_on                         = [module.management_groups_layer_6]
 }