-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.tf
160 lines (140 loc) · 5.75 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "3.111.0"
}
azuread = {
source = "hashicorp/azuread"
version = "2.53.1"
}
}
}
resource "random_integer" "affix" {
min = 100
max = 999
}
locals {
affix = random_integer.affix.result
workload = "${var.project}${local.affix}"
# ssh_public_key = file("${path.module}/${var.mlw_instance_ssh_public_key_rel_path}")
allowed_ip_addresses = [var.allowed_ip_address]
}
resource "azurerm_resource_group" "default" {
name = "rg-${local.workload}"
location = var.location
}
module "vnet" {
source = "./modules/vnet"
workload = local.workload
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
}
module "monitor" {
source = "./modules/monitor"
workload = local.workload
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
}
module "storage" {
source = "./modules/storage"
workload = local.workload
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
ip_network_rules = local.allowed_ip_addresses
subnet_id = module.vnet.default_subnet_id
}
module "keyvault" {
source = "./modules/keyvault"
workload = local.workload
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
subnet_id = module.vnet.default_subnet_id
allowed_ip_addresses = local.allowed_ip_addresses
}
module "cr" {
source = "./modules/cr"
workload = local.workload
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
allowed_ip_address = var.allowed_ip_address
allowed_subnet_id = module.vnet.default_subnet_id
vnet_id = module.vnet.vnet_id
}
module "entra" {
source = "./modules/entra"
workload = local.workload
}
module "data_lake" {
source = "./modules/datalake"
workload = local.workload
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
ip_network_rules = local.allowed_ip_addresses
datastores_service_principal_object_id = module.entra.service_principal_object_id
subnet_id = module.vnet.default_subnet_id
}
module "blobs" {
source = "./modules/blob"
workload = local.workload
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
ip_network_rules = local.allowed_ip_addresses
datastores_service_principal_object_id = module.entra.service_principal_object_id
subnet_id = module.vnet.default_subnet_id
}
module "mssql" {
source = "./modules/mssql"
count = var.mssql_create_flag ? 1 : 0
workload = local.workload
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
sku = var.mssql_sku
max_size_gb = var.mssql_max_size_gb
admin_login = var.mssql_admin_login
admin_login_password = var.mssql_admin_login_password
localfw_start_ip_address = var.allowed_ip_address
localfw_end_ip_address = var.allowed_ip_address
subnet_id = module.vnet.default_subnet_id
aml_identity_principal_id = module.ml_workspace.aml_identity_principal_id
}
module "ml_workspace" {
source = "./modules/ml/workspace"
workload = local.workload
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
public_network_access_enabled = var.mlw_public_network_access_enabled
managed_network_isolation_mode = var.mlw_managed_network_isolation_mode
application_insights_id = module.monitor.application_insights_id
storage_account_id = module.storage.storage_account_id
key_vault_id = module.keyvault.key_vault_id
container_registry_id = module.cr.id
data_lake_id = module.data_lake.id
blobs_id = module.blobs.id
}
module "ml_private_endpoint" {
source = "./modules/ml/private-endpoint"
count = var.mlw_create_private_endpoint_flag ? 1 : 0
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
vnet_id = module.vnet.vnet_id
subnet_id = module.vnet.default_subnet_id
aml_workspace_id = module.ml_workspace.aml_workspace_id
}
# module "ml_compute" {
# source = "./modules/ml/compute"
# count = var.mlw_instance_create_flag ? 1 : 0
# machine_learning_workspace_id = module.ml_workspace.aml_workspace_id
# instance_vm_size = var.mlw_instance_vm_size
# instance_node_public_ip_enabled = var.mlw_instance_node_public_ip_enabled
# ssh_public_key = local.ssh_public_key
# }
module "vm" {
source = "./modules/vm"
count = var.vm_create_flag ? 1 : 0
workload = local.workload
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
size = var.vm_size
subnet = module.vnet.default_subnet_id
}