diff --git a/.github/workflows/end-to-end-test.yml b/.github/workflows/end-to-end-test.yml index c8aa5eee..97544385 100644 --- a/.github/workflows/end-to-end-test.yml +++ b/.github/workflows/end-to-end-test.yml @@ -150,7 +150,6 @@ jobs: $Inputs["apply_approvers"] = "" # if ($versionControlSystem -eq "github") { "${{ vars.VCS_APPROVER_GITHUB }}" } else { "${{ vars.VCS_APPROVER_AZUREDEVOPS }}" } $Inputs["root_parent_management_group_display_name"] = "Tenant Root Group" - $Inputs["additional_files"] = "" $Inputs["subscription_id_connectivity"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" $Inputs["subscription_id_identity"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" diff --git a/bootstrap/.config/ALZ-Powershell.config.json b/bootstrap/.config/ALZ-Powershell.config.json index af1bbfb1..4fbab3fe 100644 --- a/bootstrap/.config/ALZ-Powershell.config.json +++ b/bootstrap/.config/ALZ-Powershell.config.json @@ -121,6 +121,11 @@ "Type": "Valid", "Description": "A valid CIDR range e.g '10.0.0.0/16'", "Valid": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(/(3[0-2]|[1-2][0-9]|[0-9]))$" + }, + "configuration_file_path": { + "Type": "Valid", + "Description": "A valid yaml or json configuration file path e.g. './my-folder/my-config-file.yaml' or `c:\\my-folder\\my-config-file.yaml`", + "Valid": "^.+\\.(yaml|yml|json)$" } } } \ No newline at end of file diff --git a/bootstrap/azuredevops/main.tf b/bootstrap/azuredevops/main.tf index 3cce9ff8..c73054a8 100644 --- a/bootstrap/azuredevops/main.tf +++ b/bootstrap/azuredevops/main.tf @@ -8,12 +8,14 @@ module "resource_names" { } module "files" { - source = "./../modules/files" - starter_module_folder_path = local.starter_module_folder_path - pipeline_folder_path = local.pipeline_folder_path - pipeline_files = var.pipeline_files - pipeline_template_files = var.pipeline_template_files - additional_files = var.additional_files + source = "./../modules/files" + starter_module_folder_path = local.starter_module_folder_path + pipeline_folder_path = local.pipeline_folder_path + pipeline_files = var.pipeline_files + pipeline_template_files = var.pipeline_template_files + additional_files = concat(var.additional_files) + configuration_file_path = var.configuration_file_path + built_in_configurartion_file_name = var.built_in_configurartion_file_name } module "azure" { diff --git a/bootstrap/azuredevops/variables.tf b/bootstrap/azuredevops/variables.tf index dd6fc073..750f7305 100644 --- a/bootstrap/azuredevops/variables.tf +++ b/bootstrap/azuredevops/variables.tf @@ -108,7 +108,7 @@ variable "root_parent_management_group_display_name" { } variable "additional_files" { - description = "Additional files to upload to the repository. This must be specified as a comma-separated list of absolute file paths (e.g. c:\\config\\config.yaml or /home/user/config/config.yaml)|19" + description = "Additional files to upload to the repository. This must be specified as a comma-separated list of absolute file paths (e.g. c:\\config\\config.yaml or /home/user/config/config.yaml)|hidden" type = list(string) default = [] } @@ -147,6 +147,18 @@ variable "target_subscriptions" { type = list(string) } +variable "configuration_file_path" { + description = "The name of the configuration file|hidden_configuration_file_path" + type = string + default = "" +} + +variable "built_in_configurartion_file_name" { + description = "The name of the built-in configuration file|hidden" + type = string + default = "config.yaml" +} + variable "module_folder_path" { description = "The folder for the starter modules|hidden" type = string diff --git a/bootstrap/github/main.tf b/bootstrap/github/main.tf index 195b7987..16976f8c 100644 --- a/bootstrap/github/main.tf +++ b/bootstrap/github/main.tf @@ -8,12 +8,14 @@ module "resource_names" { } module "files" { - source = "./../modules/files" - starter_module_folder_path = local.starter_module_folder_path - pipeline_folder_path = local.pipeline_folder_path - pipeline_files = var.pipeline_files - pipeline_template_files = var.pipeline_template_files - additional_files = var.additional_files + source = "./../modules/files" + starter_module_folder_path = local.starter_module_folder_path + pipeline_folder_path = local.pipeline_folder_path + pipeline_files = var.pipeline_files + pipeline_template_files = var.pipeline_template_files + additional_files = var.additional_files + configuration_file_path = var.configuration_file_path + built_in_configurartion_file_name = var.built_in_configurartion_file_name } module "azure" { diff --git a/bootstrap/github/variables.tf b/bootstrap/github/variables.tf index 7560db8b..9515c7bb 100644 --- a/bootstrap/github/variables.tf +++ b/bootstrap/github/variables.tf @@ -81,7 +81,7 @@ variable "root_parent_management_group_display_name" { } variable "additional_files" { - description = "Additional files to upload to the repository. This must be specified as a comma-separated list of absolute file paths (e.g. c:\\config\\config.yaml or /home/user/config/config.yaml)|16" + description = "Additional files to upload to the repository. This must be specified as a comma-separated list of absolute file paths (e.g. c:\\config\\config.yaml or /home/user/config/config.yaml)|hidden" type = list(string) default = [] } @@ -91,6 +91,18 @@ variable "target_subscriptions" { type = list(string) } +variable "configuration_file_path" { + description = "The name of the configuration file to be generated|hidden_configuration_file_path" + type = string + default = "" +} + +variable "built_in_configurartion_file_name" { + description = "The name of the built-in configuration file|hidden" + type = string + default = "config.yaml" +} + variable "module_folder_path" { description = "The folder for the starter modules|hidden" type = string diff --git a/bootstrap/local/main.tf b/bootstrap/local/main.tf index 79d1cfda..15baf4c0 100644 --- a/bootstrap/local/main.tf +++ b/bootstrap/local/main.tf @@ -8,9 +8,11 @@ module "resource_names" { } module "files" { - source = "./../modules/files" - starter_module_folder_path = local.starter_module_folder_path - additional_files = var.additional_files + source = "./../modules/files" + starter_module_folder_path = local.starter_module_folder_path + additional_files = var.additional_files + configuration_file_path = var.configuration_file_path + built_in_configurartion_file_name = var.built_in_configurartion_file_name } module "azure" { diff --git a/bootstrap/local/variables.tf b/bootstrap/local/variables.tf index 14a00b77..e08fe049 100644 --- a/bootstrap/local/variables.tf +++ b/bootstrap/local/variables.tf @@ -53,7 +53,7 @@ variable "root_parent_management_group_display_name" { } variable "additional_files" { - description = "Additional files to upload to the repository. This must be specified as a comma-separated list of absolute file paths (e.g. c:\\config\\config.yaml or /home/user/config/config.yaml)|10" + description = "Additional files to upload to the repository. This must be specified as a comma-separated list of absolute file paths (e.g. c:\\config\\config.yaml or /home/user/config/config.yaml)|hidden" type = list(string) default = [] } @@ -63,6 +63,18 @@ variable "target_subscriptions" { type = list(string) } +variable "configuration_file_path" { + description = "The name of the configuration file to be generated|hidden_configuration_file_path" + type = string + default = "" +} + +variable "built_in_configurartion_file_name" { + description = "The name of the built-in configuration file|hidden" + type = string + default = "config.yaml" +} + variable "module_folder_path" { description = "The folder for the starter modules|hidden" type = string diff --git a/bootstrap/modules/files/main.tf b/bootstrap/modules/files/main.tf index 94c1b489..9ae8dbc0 100644 --- a/bootstrap/modules/files/main.tf +++ b/bootstrap/modules/files/main.tf @@ -7,12 +7,17 @@ locals { } } +locals { + has_configuration_file = var.configuration_file_path != "" +} + locals { starter_module_files = { for file in fileset(var.starter_module_folder_path, "**") : file => { path = "${var.starter_module_folder_path}/${file}" flag = local.file_type_flags.module - } + } if !local.has_configuration_file || file != var.built_in_configurartion_file_name } + pipeline_files = { for key, value in var.pipeline_files : value.target_path => { path = "${var.pipeline_folder_path}/${value.file_path}" flag = local.file_type_flags.pipeline @@ -24,7 +29,8 @@ locals { } } starter_module_repo_files = merge(local.starter_module_files, local.pipeline_files, local.template_files) - additional_repo_files = { for file in var.additional_files : basename(file) => { + final_additional_files = concat(var.additional_files, local.has_configuration_file ? [var.configuration_file_path] : []) + additional_repo_files = { for file in local.final_additional_files : basename(file) => { path = file flag = local.file_type_flags.additional } diff --git a/bootstrap/modules/files/variables.tf b/bootstrap/modules/files/variables.tf index 46ffc126..48654129 100644 --- a/bootstrap/modules/files/variables.tf +++ b/bootstrap/modules/files/variables.tf @@ -32,3 +32,15 @@ variable "additional_files" { type = list(string) default = [] } + +variable "configuration_file_path" { + description = "Configuration file path" + type = string + default = "" +} + +variable "built_in_configurartion_file_name" { + description = "Built-in configuration file name" + type = string + default = "config.yaml" +} diff --git a/docs/wiki/[User-Guide]-Quick-Start-Phase-2-Azure-DevOps.md b/docs/wiki/[User-Guide]-Quick-Start-Phase-2-Azure-DevOps.md index 3990e0f1..bf8baa03 100644 --- a/docs/wiki/[User-Guide]-Quick-Start-Phase-2-Azure-DevOps.md +++ b/docs/wiki/[User-Guide]-Quick-Start-Phase-2-Azure-DevOps.md @@ -22,7 +22,6 @@ 1. `allow_storage_access_from_my_ip`: This controls whether to allow access to the storage account from your IP address. This is only needed for trouble shooting. This only applies if you have `use_private_networking` set to `true`. This defaults to `false`. 1. `apply_approvers`: This is a list of service principal names (SPN) of people you wish to be in the group that approves apply of the Azure landing zone module. This is a comma-separated list like `abc@xyz.com,def@xyz.com,ghi@xyz.com`. You may need to check what the SPN is prior to filling this out as it can vary based on identity provider. 1. `root_parent_management_group_display_name`: This is the name of the root management group that you applied permissions to in a previous step. This defaults to `Tenant Root Group`, but if your organization has changed it or you want to use a different management group you'll need to enter the new display name. - 1. `additional_files`: This is a method to supply additional files to your starter module. This is specifically used when using the `complete` starter module to supply the `config.yaml` file. This must be specified as a comma-separated list of absolute file paths (e.g. c:\\config\\config.yaml or /home/user/config/config.yaml). If you don't supply an absolute path, it will fail. 1. You will now see a green message telling you that the next section is specific to the starter module you choose. Navigate to the documentation for the relevant starter module to get details of the specific inputs. 1. Once you have entered the starter module input, you see that a Terraform `init` and `apply` happen. 1. There will be a pause after the `plan` phase you allow you to validate what is going to be deployed. diff --git a/docs/wiki/[User-Guide]-Quick-Start-Phase-2-GitHub.md b/docs/wiki/[User-Guide]-Quick-Start-Phase-2-GitHub.md index 39c65fe0..bc49f799 100644 --- a/docs/wiki/[User-Guide]-Quick-Start-Phase-2-GitHub.md +++ b/docs/wiki/[User-Guide]-Quick-Start-Phase-2-GitHub.md @@ -18,7 +18,6 @@ 1. `allow_storage_access_from_my_ip`: This controls whether to allow access to the storage account from your IP address. This is only needed for trouble shooting. This only applies if you have `use_private_networking` set to `true`. This defaults to `false`. 1. `apply_approvers`: This is a list of service principal names (SPN) of people you wish to be in the group that approves apply of the Azure landing zone module. This is a comma-separated list like `abc@xyz.com,def@xyz.com,ghi@xyz.com`. You may need to check what the SPN is prior to filling this out as it can vary based on identity provider. 1. `root_parent_management_group_display_name`: This is the name of the root management group that you applied permissions to in a previous step. This defaults to `Tenant Root Group`, but if your organization has changed it or you want to use a different management group you'll need to enter the new display name. - 1. `additional_files`: This is a method to supply additional files to your starter module. This is specifically used when using the `complete` starter module to supply the `config.yaml` file. This must be specified as a comma-separated list of absolute file paths (e.g. c:\\config\\config.yaml or /home/user/config/config.yaml). If you don't supply an absolute path, it will fail. 1. You will now see a green message telling you that the next section is specific to the starter module you choose. Navigate to the documentation for the relevant starter module to get details of the specific inputs. 1. Once you have entered the starter module input, you see that a Terraform `init` and `apply` happen. 1. There will be a pause after the `plan` phase you allow you to validate what is going to be deployed. diff --git a/docs/wiki/[User-Guide]-Quick-Start-Phase-2-Local.md b/docs/wiki/[User-Guide]-Quick-Start-Phase-2-Local.md index 3f27ccca..4d033131 100644 --- a/docs/wiki/[User-Guide]-Quick-Start-Phase-2-Local.md +++ b/docs/wiki/[User-Guide]-Quick-Start-Phase-2-Local.md @@ -13,7 +13,6 @@ 1. `environment_name`: This is used to build up the names of your Azure and Azure DevOps resources, for example `rg-alz--uksouth-001`. We recommend using `mgmt` for this. 1. `postfix_number`: This is used to build up the names of your Azure and Azure DevOps resources, for example `rg-alz-mgmt-uksouth-`. We recommend using `1` for this. 1. `root_parent_management_group_display_name`: This is the name of the root management group that you applied permissions to in a previous step. This defaults to `Tenant Root Group`, but if your organization has changed it or you want to use a different management group you'll need to enter the new display name. - 1. `additional_files`: This is a method to supply additional files to your starter module. This is specifically used when using the `complete` starter module to supply the `config.yaml` file. This must be specified as a comma-separated list of absolute file paths (e.g. c:\\config\\config.yaml or /home/user/config/config.yaml). If you don't supply an absolute path, it will fail. 1. You will now see a green message telling you that the next section is specific to the starter module you choose. Navigate to the documentation for the relevant starter module to get details of the specific inputs. 1. Once you have entered the starter module input, you see that a Terraform `init` and `apply` happen. 1. There will be a pause after the `plan` phase you allow you to validate what is going to be deployed. diff --git a/docs/wiki/[User-Guide]-Starter-Module-Complete.md b/docs/wiki/[User-Guide]-Starter-Module-Complete.md index 369f656a..819bc31d 100644 --- a/docs/wiki/[User-Guide]-Starter-Module-Complete.md +++ b/docs/wiki/[User-Guide]-Starter-Module-Complete.md @@ -4,17 +4,29 @@ A custom `config.yaml` file can be passed to the `additional_files` argument of If not specified, the default `config.yaml` file will be used, which is as follows: ```yaml +# This file contains templated variables to avoid repeating the same hard-coded values. +# Templated variables are denoted by the dollar curly braces token. The following details each templated variable that you can use: +# `default_location`: This is an Azure location sourced from the `default_location` variable. This can be used to set the location of resources. +# `root_parent_management_group_id`: This is the id of the management group that the ALZ hierarchy will be nested under. +# `subscription_id_identity`: The subscription ID of the subscription to deploy the identity resources to, sourced from the variable `subscription_id_identity`. +# `subscription_id_connectivity`: The subscription ID of the subscription to deploy the connectivity resources to, sourced from the variable `subscription_id_connectivity`. +# `subscription_id_management`: The subscription ID of the subscription to deploy the management resources to, sourced from the variable `subscription_id_management`. --- archetypes: # `caf-enterprise-scale` module, add inputs as listed on the module registry where necessary. root_name: es root_id: Enterprise-Scale + + subscription_id_connectivity: ${subscription_id_connectivity} + subscription_id_identity: ${subscription_id_identity} + subscription_id_management: ${subscription_id_management} + root_parent_id: ${root_parent_management_group_id} deploy_corp_landing_zones: true deploy_online_landing_zones: true - default_location: uksouth + default_location: ${default_location} disable_telemetry: true deploy_management_resources: true configure_management_resources: - location: uksouth + location: ${default_location} settings: security_center: config: @@ -37,7 +49,7 @@ connectivity: primary: name: vnet-hub resource_group_name: rg-connectivity - location: uksouth + location: ${default_location} address_space: - 10.0.0.0/16 firewall: @@ -50,8 +62,11 @@ connectivity: sku: VpnGw1 type: Vpn subnet_address_prefix: 10.0.2.0/24 + ``` +The `config.yaml` file also comes with helpful templated variables such as `default_location` and `root_parent_management_group_id` which get prompted for during the ALZ PowerShell Module run. Alternatively, you can opt to not use the templated variables and hard-code the values in the `config.yaml` file. + > **Note:** We recommend that you use the `caf-enterprise-scale` module for management groups and policies, and the `hubnetworking` module for connectivity resources. However, connectivity resources can be deployed using the `caf-enterprise-scale` module if you desire. The schema for the `config.yaml` is documented here - [YAML Schema for `config.yaml`][wiki_yaml_schema_reference]. @@ -77,22 +92,22 @@ The `vnet-gateway` module is used to deploy a Virtual Network Gateway inside you ## Inputs +- `default_location`: The default location to deploy resources to. +- `root_parent_management_group_id`: The id of the management group that the ALZ hierarchy will be nested under. - `subscription_id_connectivity`: The identifier of the Connectivity Subscription. - `subscription_id_identity`: The identifier of the Identity Subscription. - `subscription_id_management`: The identifier of the Management Subscription. -- `additional_files`: Argument where our custom `config.yaml` file is passed to the module. - -> **IMPORTANT**: The name of the file you supply in `additional_files` must be `config.yaml`. If you use a different file name, your config will not be picked up. +- `configuration_file_path`: This is the path to your custom config file if you wish to supply one. Leaving this empty will use the default `config.yaml` file. This must be specified as an absolute file paths (e.g. c:\\my-config\\my-config.yaml or /home/user/my-config/my-config.yaml). If you don't supply an absolute path, it will fail. ## Example -### Design your Azure Landing Zone through a custom `config.yaml` file +### Design your Azure Landing Zone through a custom config file -Create a custom `config.yaml` to tailor to your needs, for example an Azure Landing Zone with a three-region mesh: +Create a custom yaml config to tailor to your needs, for example an Azure Landing Zone with a three-region mesh: ```yaml -# Path of file: C:\users\johndoe\config.yaml +# Path of file: C:\users\johndoe\my-config.yaml archetypes: # `caf-enterprise-scale` module, add inputs as listed on the module registry where necessary. root_name: es @@ -112,7 +127,7 @@ connectivity: mesh_peering_enabled: true address_space: - 10.0.0.0/16 - secondary: + secondary: name: vnet-hub-ukw resource_group_name: rg-connectivity-ukw location: ukwest @@ -135,39 +150,69 @@ Set your inputs.yaml file (See [Frequently Asked Questions][wiki_frequently_aske > **Note:** This is an alternative way of supplying the input arguments to the ALZ PowerShell Module, you can still run it as documented in the Quick Start guide and be prompted for inputs. +GitHub Example: + ```yaml # Path of file: C:\users\johndoe\inputs.yaml starter_module: "complete" azure_location: "uksouth" -version_control_system_access_token: "xxxxxxxxxx" -version_control_system_organization: "contoso" +github_personal_system_access_token: "xxxxxxxxxx" +github_organization_name: "contoso" azure_location": "uksouth" azure_subscription_id: "00000000-0000-0000-0000-000000000000" service_name: "alz" environment_name: "mgmt" postfix_number: "1" -# repository_visibility: "public" # GitHub Only -azure_devops_use_organisation_legacy_url: "false" # Azure DevOps Only -azure_devops_create_project: "true" # Azure DevOps Only -azure_devops_project_name: "alz-demo" # Azure DevOps Only -azure_devops_authentication_scheme: "WorkloadIdentityFederation" # Azure DevOps Only root_parent_management_group_display_name: "Tenant Root Group" -additional_files: "C:\users\johndoe\config.yaml" version_control_system_use_separate_repository_for_templates: "true" +use_self_hosted_agents: "true" +use_private_networking: "true" +allow_storage_access_from_my_ip: "false" # Starter Module Specific Variables subscription_id_connectivity: "00000000-0000-0000-0000-000000000000" subscription_id_identity: "00000000-0000-0000-0000-000000000000" subscription_id_management: "00000000-0000-0000-0000-000000000000" +configuration_file_path: "C:\users\johndoe\config.yaml" +``` + +Azure DevOps Example: + +```yaml +# Path of file: C:\users\johndoe\inputs.yaml + +starter_module: "complete" +azure_location: "uksouth" +azure_devops_personal_system_access_token: "xxxxxxxxxx" +azure_devops_organization_name: "contoso" +azure_location": "uksouth" +azure_subscription_id: "00000000-0000-0000-0000-000000000000" +service_name: "alz" +environment_name: "mgmt" +postfix_number: "1" +azure_devops_use_organisation_legacy_url: "false" +azure_devops_create_project: "true" +azure_devops_project_name: "alz-demo" +azure_devops_authentication_scheme: "WorkloadIdentityFederation" +root_parent_management_group_display_name: "Tenant Root Group" +version_control_system_use_separate_repository_for_templates: "true" +use_self_hosted_agents: "true" +use_private_networking: "true" +allow_storage_access_from_my_ip: "false" +# Starter Module Specific Variables +subscription_id_connectivity: "00000000-0000-0000-0000-000000000000" +subscription_id_identity: "00000000-0000-0000-0000-000000000000" +subscription_id_management: "00000000-0000-0000-0000-000000000000" +configuration_file_path: "C:\users\johndoe\config.yaml" ``` Run the accelerator: ```powershell # Working Directory: C:\users\johndoe -New-ALZEnvironment -i "terraform" -c "azuredevops" -Inputs "inputs.yaml" -autoApprove -v "v0.1.9" +New-ALZEnvironment -i "terraform" -c "azuredevops" -Inputs "inputs.yaml" -autoApprove -v "v0.4.0" ``` [//]: # (************************) diff --git a/templates/complete/config.yaml b/templates/complete/config.yaml index 59085bd7..220fcfdc 100644 --- a/templates/complete/config.yaml +++ b/templates/complete/config.yaml @@ -1,14 +1,26 @@ +# This file contains templated variables to avoid repeating the same hard-coded values. +# Templated variables are denoted by the dollar curly braces token. The following details each templated variable that you can use: +# `default_location`: This is an Azure location sourced from the `default_location` variable. This can be used to set the location of resources. +# `default_postfix`: This is a string sourced from the variable `default_postfix`. This can be used to append to resource names for consistency. +# `root_parent_management_group_id`: This is the id of the management group that the ALZ hierarchy will be nested under. +# `subscription_id_identity`: The subscription ID of the subscription to deploy the identity resources to, sourced from the variable `subscription_id_identity`. +# `subscription_id_connectivity`: The subscription ID of the subscription to deploy the connectivity resources to, sourced from the variable `subscription_id_connectivity`. +# `subscription_id_management`: The subscription ID of the subscription to deploy the management resources to, sourced from the variable `subscription_id_management`. --- archetypes: # `caf-enterprise-scale` module, add inputs as listed on the module registry where necessary. root_name: es root_id: Enterprise-Scale + subscription_id_connectivity: ${subscription_id_connectivity} + subscription_id_identity: ${subscription_id_identity} + subscription_id_management: ${subscription_id_management} + root_parent_id: ${root_parent_management_group_id} deploy_corp_landing_zones: true deploy_online_landing_zones: true - default_location: uksouth + default_location: ${default_location} disable_telemetry: true deploy_management_resources: true configure_management_resources: - location: uksouth + location: ${default_location} settings: security_center: config: @@ -31,7 +43,7 @@ connectivity: primary: name: vnet-hub resource_group_name: rg-connectivity - location: uksouth + location: ${default_location} address_space: - 10.0.0.0/16 firewall: diff --git a/templates/complete/locals.tf b/templates/complete/locals.tf index c29c4738..f078c0b5 100644 --- a/templates/complete/locals.tf +++ b/templates/complete/locals.tf @@ -1,5 +1,25 @@ locals { - config = yamldecode(file("${path.module}/config.yaml")) + const_yaml = "yaml" + const_yml = "yml" + + config_file_name = var.configuration_file_path == "" ? "config.yaml" : basename(var.configuration_file_path) + config_file_split = split(".", local.config_file_name) + config_file_extension = replace(lower(element(local.config_file_split, length(local.config_file_split) - 1)), local.const_yml, local.const_yaml) +} +locals { + config_template_file_variables = { + default_location = var.default_location + default_postfix = var.default_postfix + root_parent_management_group_id = var.root_parent_management_group_id == "" ? data.azurerm_client_config.core.tenant_id : var.root_parent_management_group_id + subscription_id_connectivity = var.subscription_id_connectivity + subscription_id_identity = var.subscription_id_identity + subscription_id_management = var.subscription_id_management + } + + config = (local.config_file_extension == local.const_yaml ? + yamldecode(templatefile("${path.module}/${local.config_file_name}", local.config_template_file_variables)) : + jsondecode(templatefile("${path.module}/${local.config_file_name}", local.config_template_file_variables)) + ) } locals { archetypes = try(merge(local.config.archetypes, {}), {}) diff --git a/templates/complete/main.tf b/templates/complete/main.tf index 2cc1d6fd..74fae6ff 100644 --- a/templates/complete/main.tf +++ b/templates/complete/main.tf @@ -5,7 +5,7 @@ module "enterprise_scale" { count = length(local.archetypes) > 0 ? 1 : 0 disable_telemetry = try(local.archetypes.disable_telemetry, true) - default_location = try(local.archetypes.default_location, "uksouth") + default_location = try(local.archetypes.default_location, var.default_location) root_parent_id = try(local.archetypes.root_parent_id, data.azurerm_client_config.core.tenant_id) archetype_config_overrides = try(local.archetypes.archetype_config_overrides, {}) configure_connectivity_resources = try(local.archetypes.configure_connectivity_resources, {}) diff --git a/templates/complete/variables.tf b/templates/complete/variables.tf index f1ee634b..6bd7583c 100644 --- a/templates/complete/variables.tf +++ b/templates/complete/variables.tf @@ -1,15 +1,37 @@ +variable "default_location" { + description = "The location for Azure resources. (e.g 'uksouth')|1|azure_location" + type = string +} + +variable "default_postfix" { + description = "The default postfix for Azure resources. (e.g 'landing-zone')|2|azure_name" + type = string + default = "landing-zone" +} + +variable "root_parent_management_group_id" { + description = "This is the id of the management group that the ALZ hierarchy will be nested under, will default to the Tenant Root Group|3|azure_name" + type = string + default = "" +} + variable "subscription_id_management" { - description = "value of the subscription id for the Management subscription|1|azure_subscription_id" + description = "value of the subscription id for the Management subscription|4|azure_subscription_id" type = string } variable "subscription_id_connectivity" { - description = "value of the subscription id for the Connectivity subscription|2|azure_subscription_id" + description = "value of the subscription id for the Connectivity subscription|5|azure_subscription_id" type = string } variable "subscription_id_identity" { - description = "value of the subscription id for the Identity subscription|3|azure_subscription_id" + description = "value of the subscription id for the Identity subscription|6|azure_subscription_id" type = string } +variable "configuration_file_path" { + description = "The path of the configuration file|7|configuration_file_path" + type = string + default = "" +}