diff --git a/.gitignore b/.gitignore index 6349e36..7b3122b 100644 --- a/.gitignore +++ b/.gitignore @@ -4,6 +4,7 @@ # .tfstate files *.tfstate *.tfstate.* +.terraform.lock.hcl # Crash log files crash.log @@ -13,7 +14,6 @@ crash.*.log # password, private keys, and other secrets. These should not be part of version # control as they are data points which are potentially sensitive and subject # to change depending on the environment. -*.tfvars *.tfvars.json # Ignore override files as they are usually used to override resources locally and so diff --git a/terraform-infrastructure/README.md b/terraform-infrastructure/README.md new file mode 100644 index 0000000..54d8179 --- /dev/null +++ b/terraform-infrastructure/README.md @@ -0,0 +1,113 @@ +# Azure Infrastructure Terraform Templates + +Costa Rica + +[![GitHub](https://img.shields.io/badge/--181717?logo=github&logoColor=ffffff)](https://github.com/) +[brown9804](https://github.com/brown9804) + +Last updated: 2025-05-19 + +---------- + +
+ Centered Image +
+ +
+ Centered Image +
+ +## Overview + +Templates structure: + +``` +. +├── README.md +├────── main.tf +├────── variables.tf +├────── provider.tf +├────── terraform.tfvars +├────── outputs.tf +``` + +- main.tf `(Main Terraform configuration file)`: This file contains the core infrastructure code. It defines the resources you want to create, such as virtual machines, networks, and storage. It's the primary file where you describe your infrastructure in a declarative manner. +- variables.tf `(Variable definitions)`: This file is used to define variables that can be used throughout your Terraform configuration. By using variables, you can make your configuration more flexible and reusable. For example, you can define variables for resource names, sizes, and other parameters that might change between environments. +- provider.tf `(Provider configurations)`: Providers are plugins that Terraform uses to interact with cloud providers, SaaS providers, and other APIs. This file specifies which providers (e.g., AWS, Azure, Google Cloud) you are using and any necessary configuration for them, such as authentication details. +- terraform.tfvars `(Variable values)`: This file contains the actual values for the variables defined in `variables.tf`. By separating variable definitions and values, you can easily switch between different sets of values for different environments (e.g., development, staging, production) without changing the main configuration files. +- outputs.tf `(Output values)`: This file defines the output values that Terraform should return after applying the configuration. Outputs are useful for displaying information about the resources created, such as IP addresses, resource IDs, and other important details. They can also be used as inputs for other Terraform configurations or scripts. + +## How to execute it + +```mermaid +graph TD; + A[az login] --> B(terraform init) + B --> C{Terraform provisioning stage} + C -->|Review| D[terraform plan] + C -->|Order Now| E[terraform apply] + C -->|Delete Resource if needed| F[terraform destroy] +``` + +> [!IMPORTANT] +> Please modify `terraform.tfvars` with your information, then run the following flow. If you need more visual guidance, please check the video that illustrates the provisioning steps. + +1. **Login to Azure**: This command logs you into your Azure account. It opens a browser window where you can enter your Azure credentials. Once logged in, you can manage your Azure resources from the command line. + + > Go to the path where Terraform files are located: + + ```sh + cd terraform-infrastructure + ``` + + ```sh + az login + ``` + + img + + img + +2. **Initialize Terraform**: Initializes the working directory containing the Terraform configuration files. It downloads the necessary provider plugins and sets up the backend for storing the state. + + ``` sh + terraform init + ``` + + img + +3. **Terraform Provisioning Stage**: + + - **Review**: Creates an execution plan, showing what actions Terraform will take to achieve the desired state defined in your configuration files. It uses the variable values specified in `terraform.tfvars`. + + ```sh + terraform plan -var-file terraform.tfvars + ``` + + > At the end, you will see a message in green if everything was executed successfully: + + Screenshot 2025-03-18 145143 + + - **Order Now**: Applies the changes required to reach the desired state of the configuration. It prompts for confirmation before making any changes. It also uses the variable values specified in `terraform.tfvars`. + + ```sh + terraform apply -var-file terraform.tfvars + ``` + + > At the end, you will see a message in green if everything was executed successfully: + + image + + - **Remove**: Destroys the infrastructure managed by Terraform. It prompts for confirmation before deleting any resources. It also uses the variable values specified in `terraform.tfvars`. + + ```sh + terraform destroy -var-file terraform.tfvars + ``` + + > At the end, you will see a message in green if everything was executed successfully: + + image + +
+

Total Visitors

+ Visitor Count +
diff --git a/terraform-infrastructure/main.tf b/terraform-infrastructure/main.tf new file mode 100644 index 0000000..15f9c82 --- /dev/null +++ b/terraform-infrastructure/main.tf @@ -0,0 +1,174 @@ +# Resource Group +resource "azurerm_resource_group" "rg" { + name = var.resource_group_name + location = var.location + + # Output the resource group name + provisioner "local-exec" { + command = "echo Resource Group: ${self.name}" + } +} +# Storage Account +resource "azurerm_storage_account" "storage" { + name = var.storage_account_name + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location + account_tier = "Standard" + account_replication_type = "LRS" + + depends_on = [azurerm_resource_group.rg] + + # Output the storage account name + provisioner "local-exec" { + command = "echo Storage Account: ${self.name}" + } +} + +# Blob Container for Input Files +resource "azurerm_storage_container" "input_container" { + name = "input" + storage_account_id = azurerm_storage_account.storage.id + container_access_type = "private" + + depends_on = [azurerm_storage_account.storage] + + # Output the container name + provisioner "local-exec" { + command = "echo Input Container: ${self.name}" + } +} + +# Blob Container for Output Files +resource "azurerm_storage_container" "output_container" { + name = "output" + storage_account_id = azurerm_storage_account.storage.id + container_access_type = "private" + + depends_on = [azurerm_storage_account.storage] + + # Output the container name + provisioner "local-exec" { + command = "echo Output Container: ${self.name}" + } +} + +# Linux Function App +resource "azurerm_linux_function_app" "function_app" { + name = var.function_app_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + service_plan_id = azurerm_service_plan.asp.id + storage_account_name = azurerm_storage_account.storage.name + storage_account_access_key = azurerm_storage_account.storage.primary_access_key + + site_config { + # Other configurations can go here + } + + depends_on = [azurerm_service_plan.asp] + + provisioner "local-exec" { + command = "echo Function App: ${self.name}" + } +} + + +# Service Plan +resource "azurerm_service_plan" "asp" { + name = var.app_service_plan_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + os_type = "Linux" + sku_name = "Y1" # Consumption plan + + depends_on = [azurerm_resource_group.rg] + + # Output the service plan name + provisioner "local-exec" { + command = "echo Service Plan: ${self.name}" + } +} + +# Application Insights +resource "azurerm_application_insights" "appinsights" { + name = var.app_insights_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + application_type = "web" + workspace_id = azurerm_log_analytics_workspace.loganalytics.id + + depends_on = [azurerm_resource_group.rg] + + provisioner "local-exec" { + command = "echo Application Insights: ${self.name}" + } +} + +# Log Analytics Workspace +resource "azurerm_log_analytics_workspace" "loganalytics" { + name = var.log_analytics_workspace_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + sku = "PerGB2018" + + depends_on = [azurerm_resource_group.rg] + + # Output the log analytics workspace name + provisioner "local-exec" { + command = "echo Log Analytics Workspace: ${self.name}" + } +} + +# Key Vault +resource "azurerm_key_vault" "keyvault" { + name = var.key_vault_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + tenant_id = data.azurerm_client_config.current.tenant_id + sku_name = "standard" + + depends_on = [azurerm_resource_group.rg] + + # Output the key vault name + provisioner "local-exec" { + command = "echo Key Vault: ${self.name}" + } +} + +# Data source to get tenant ID +data "azurerm_client_config" "current" {} + +# CosmosDB +resource "azurerm_cosmosdb_account" "cosmosdb" { + name = var.cosmosdb_account_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + offer_type = "Standard" + kind = "GlobalDocumentDB" + consistency_policy { + consistency_level = "Session" + } + + geo_location { + location = azurerm_resource_group.rg.location + failover_priority = 0 + } + + depends_on = [azurerm_resource_group.rg] +} + +# Azure Form Recognizer (Document Intelligence) +resource "azurerm_cognitive_account" "form_recognizer" { + name = var.form_recognizer_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + kind = "FormRecognizer" + sku_name = "S0" + + depends_on = [azurerm_resource_group.rg] + + # Output the Form Recognizer name + provisioner "local-exec" { + command = "echo Form Recognizer: ${self.name}" + } +} diff --git a/terraform-infrastructure/output.tf b/terraform-infrastructure/output.tf new file mode 100644 index 0000000..f9ff088 --- /dev/null +++ b/terraform-infrastructure/output.tf @@ -0,0 +1,60 @@ +output "resource_group_name" { + description = "The name of the resource group." + value = azurerm_resource_group.rg.name +} + +output "storage_account_name" { + description = "The name of the storage account" + value = azurerm_storage_account.storage.name +} + +output "input_container_name" { + description = "The name of the input container" + value = azurerm_storage_container.input_container.name +} + +output "output_container_name" { + description = "The name of the output container" + value = azurerm_storage_container.output_container.name +} + +output "function_app_name" { + description = "The name of the Linux Function App." + value = azurerm_linux_function_app.function_app.name +} + +output "app_service_plan_name" { + description = "The name of the Service Plan" + value = azurerm_service_plan.asp.name +} + +output "app_insights_name" { + description = "The name of the Application Insights instance" + value = azurerm_application_insights.appinsights.name +} + +output "log_analytics_workspace_name" { + description = "The name of the Log Analytics workspace" + value = azurerm_log_analytics_workspace.loganalytics.name +} + +output "key_vault_name" { + description = "The name of the Key Vault" + value = azurerm_key_vault.keyvault.name +} + + +output "cosmosdb_account_name" { + description = "The name of the CosmosDB account." + value = azurerm_cosmosdb_account.cosmosdb.name +} + +# Output the Form Recognizer name +output "form_recognizer_name" { + value = azurerm_cognitive_account.form_recognizer.name +} + +# Output the Form Recognizer endpoint +output "form_recognizer_endpoint" { + value = azurerm_cognitive_account.form_recognizer.endpoint +} diff --git a/terraform-infrastructure/provider.tf b/terraform-infrastructure/provider.tf new file mode 100644 index 0000000..2719636 --- /dev/null +++ b/terraform-infrastructure/provider.tf @@ -0,0 +1,25 @@ +# provider.tf +# This file configures the Azure provider to interact with Azure resources. +# It specifies the required provider and its version, along with provider-specific configurations. + +terraform { + required_version = ">= 1.8, < 2.0" + # Specify the required provider and its version + required_providers { + azurerm = { + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider + } + } +} + +provider "azurerm" { + features { # Enable features for the AzureRM provider + key_vault { + recover_soft_deleted_key_vaults = false + purge_soft_delete_on_destroy = true + } + } + + subscription_id = var.subscription_id # Use the subscription ID variable +} \ No newline at end of file diff --git a/terraform-infrastructure/terraform.tfvars b/terraform-infrastructure/terraform.tfvars new file mode 100644 index 0000000..6768f1d --- /dev/null +++ b/terraform-infrastructure/terraform.tfvars @@ -0,0 +1,20 @@ +# Sample values +subscription_id = "" # "your-subscription_id" +resource_group_name = "RG-PDFs-Processing-DocIntelligence" # "your-resource-group-name" +location = "West US" # "your-location" +# Storage Account +storage_account_name = "storageaccountbrownpdf" # "your-storage-account-name" +# Function App +function_app_name = "fapdfbrown" # "your-function-app-name" +# App Service Plan +app_service_plan_name = "asppdfbrown" # "your-app-service-plan-name" +# Application Insights +app_insights_name = "apppdfbrown" # "your-app-insights-name" +# Log Analytics Workspace +log_analytics_workspace_name = "logwspdfbrown" # "your-log-analytics-workspace-name" +# Key Vault +key_vault_name = "kvpdfrbrown" # "your-key-vault-name" +# CosmosDB +cosmosdb_account_name = "cosmospdfbrown" # "your-cosmosdb-account-name" +# Form Recognizer -> Document Intelligence +form_recognizer_name = "docintelligenceacct01" # "your-document-intelligence-name" diff --git a/terraform-infrastructure/variables.tf b/terraform-infrastructure/variables.tf new file mode 100644 index 0000000..86f34d7 --- /dev/null +++ b/terraform-infrastructure/variables.tf @@ -0,0 +1,54 @@ +variable "subscription_id" { + description = "The subscription ID for the Azure account." + type = string +} + +variable "resource_group_name" { + description = "The name of the resource group." + type = string +} + +variable "location" { + description = "The Azure region where resources will be created." + type = string +} + + +variable "storage_account_name" { + description = "The name of the storage account" + type = string +} + +variable "function_app_name" { + description = "The name of the Linux Function App." + type = string +} + +variable "app_service_plan_name" { + description = "The name of the App Service plan" + type = string +} + +variable "app_insights_name" { + description = "The name of the Application Insights instance" + type = string +} + +variable "log_analytics_workspace_name" { + description = "The name of the Log Analytics workspace" + type = string +} + +variable "key_vault_name" { + description = "The name of the Key Vault" + type = string +} +variable "cosmosdb_account_name" { + description = "The name of the CosmosDB account." + type = string +} + +variable "form_recognizer_name" { + description = "The name of the Form Recognizer resource." + type = string +} \ No newline at end of file