-
Notifications
You must be signed in to change notification settings - Fork 232
/
main.tf
82 lines (70 loc) · 1.92 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">= 2.75"
}
azurecaf = {
source = "aztfmod/azurecaf"
version = "1.2.10"
}
}
}
provider "azurerm" {
features {}
}
// ===========resource_group===========
resource "azurecaf_name" "resource_group" {
name = var.application_name
resource_type = "azurerm_resource_group"
random_length = 5
clean_input = true
}
resource "azurerm_resource_group" "main" {
name = azurecaf_name.resource_group.result
location = var.location
tags = {
"terraform" = "true"
"application-name" = var.application_name
"spring-cloud-azure-sample" = var.sample_tag_value
}
}
data "azurerm_client_config" "current" {
}
// ===========azurerm_key_vault===========
resource "azurecaf_name" "kv" {
name = var.application_name
resource_type = "azurerm_key_vault"
random_length = 5
clean_input = true
}
resource "azurerm_key_vault" "kv_account" {
name = azurecaf_name.kv.result
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
enabled_for_disk_encryption = true
tenant_id = data.azurerm_client_config.current.tenant_id
soft_delete_retention_days = 7
purge_protection_enabled = false
sku_name = "standard"
access_policy {
tenant_id = data.azurerm_client_config.current.tenant_id
object_id = data.azurerm_client_config.current.object_id
secret_permissions = [
"Get",
"List",
"Set",
"Purge",
"Delete"
]
}
tags = {
"terraform" = "true"
"spring-cloud-azure-sample" = var.sample_tag_value
}
}
resource "azurerm_key_vault_secret" "kv" {
name = "sampleProperty"
value = "kv: sampleProperty: value"
key_vault_id = azurerm_key_vault.kv_account.id
}