From e8690e6db708c43dc6fcf77635e8a43af7126b2d Mon Sep 17 00:00:00 2001 From: Timna Brown <24630902+brown9804@users.noreply.github.com> Date: Mon, 19 May 2025 11:32:17 -0600 Subject: [PATCH 1/7] Terraform infra - source control --- terraform-infrastructure/README.md | 109 +++++++++++++++++++++++++++++ 1 file changed, 109 insertions(+) create mode 100644 terraform-infrastructure/README.md diff --git a/terraform-infrastructure/README.md b/terraform-infrastructure/README.md new file mode 100644 index 0000000..f641435 --- /dev/null +++ b/terraform-infrastructure/README.md @@ -0,0 +1,109 @@ +# Azure Infrastructure Terraform Templates + +Costa Rica + +[![GitHub](https://img.shields.io/badge/--181717?logo=github&logoColor=ffffff)](https://github.com/) +[brown9804](https://github.com/brown9804) + +Last updated: 2025-03-20 + +---------- + +
+ Centered Image +
+ +## Overview + +Templates structure: + +``` +. +├── README.md +├────── main.tf +├────── variables.tf +├────── provider.tf +├────── terraform.tfvars +├────── outputs.tf +``` + +- main.tf `(Main Terraform configuration file)`: This file contains the core infrastructure code. It defines the resources you want to create, such as virtual machines, networks, and storage. It's the primary file where you describe your infrastructure in a declarative manner. +- variables.tf `(Variable definitions)`: This file is used to define variables that can be used throughout your Terraform configuration. By using variables, you can make your configuration more flexible and reusable. For example, you can define variables for resource names, sizes, and other parameters that might change between environments. +- provider.tf `(Provider configurations)`: Providers are plugins that Terraform uses to interact with cloud providers, SaaS providers, and other APIs. This file specifies which providers (e.g., AWS, Azure, Google Cloud) you are using and any necessary configuration for them, such as authentication details. +- terraform.tfvars `(Variable values)`: This file contains the actual values for the variables defined in `variables.tf`. By separating variable definitions and values, you can easily switch between different sets of values for different environments (e.g., development, staging, production) without changing the main configuration files. +- outputs.tf `(Output values)`: This file defines the output values that Terraform should return after applying the configuration. Outputs are useful for displaying information about the resources created, such as IP addresses, resource IDs, and other important details. They can also be used as inputs for other Terraform configurations or scripts. + +## How to execute it + +```mermaid +graph TD; + A[az login] --> B(terraform init) + B --> C{Terraform provisioning stage} + C -->|Review| D[terraform plan] + C -->|Order Now| E[terraform apply] + C -->|Delete Resource if needed| F[terraform destroy] +``` + +> [!IMPORTANT] +> Please modify `terraform.tfvars` with your information, then run the following flow. If you need more visual guidance, please check the video that illustrates the provisioning steps. + +1. **Login to Azure**: This command logs you into your Azure account. It opens a browser window where you can enter your Azure credentials. Once logged in, you can manage your Azure resources from the command line. + + > Go to the path where Terraform files are located: + + ```sh + cd terraform-infrastructure + ``` + + ```sh + az login + ``` + + img + + img + +2. **Initialize Terraform**: Initializes the working directory containing the Terraform configuration files. It downloads the necessary provider plugins and sets up the backend for storing the state. + + ``` sh + terraform init + ``` + + img + +3. **Terraform Provisioning Stage**: + + - **Review**: Creates an execution plan, showing what actions Terraform will take to achieve the desired state defined in your configuration files. It uses the variable values specified in `terraform.tfvars`. + + ```sh + terraform plan -var-file terraform.tfvars + ``` + + > At the end, you will see a message in green if everything was executed successfully: + + Screenshot 2025-03-18 145143 + + - **Order Now**: Applies the changes required to reach the desired state of the configuration. It prompts for confirmation before making any changes. It also uses the variable values specified in `terraform.tfvars`. + + ```sh + terraform apply -var-file terraform.tfvars + ``` + + > At the end, you will see a message in green if everything was executed successfully: + + image + + - **Remove**: Destroys the infrastructure managed by Terraform. It prompts for confirmation before deleting any resources. It also uses the variable values specified in `terraform.tfvars`. + + ```sh + terraform destroy -var-file terraform.tfvars + ``` + + > At the end, you will see a message in green if everything was executed successfully: + + image + +
+

Total Visitors

+ Visitor Count +
From 8ab2906f4116a840a14808b78d9fcc5067c18027 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 19 May 2025 17:32:41 +0000 Subject: [PATCH 2/7] Update last modified date in Markdown files --- terraform-infrastructure/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform-infrastructure/README.md b/terraform-infrastructure/README.md index f641435..4c38ec5 100644 --- a/terraform-infrastructure/README.md +++ b/terraform-infrastructure/README.md @@ -5,7 +5,7 @@ Costa Rica [![GitHub](https://img.shields.io/badge/--181717?logo=github&logoColor=ffffff)](https://github.com/) [brown9804](https://github.com/brown9804) -Last updated: 2025-03-20 +Last updated: 2025-05-19 ---------- From 5a09ebb9be60547dafe4960ca8b37ff8b4b6bca6 Mon Sep 17 00:00:00 2001 From: brown9804 Date: Mon, 19 May 2025 13:17:21 -0600 Subject: [PATCH 3/7] tf insfrastructure - template --- .gitignore | 1 - terraform-infrastructure/.terraform.lock.hcl | 22 +++ terraform-infrastructure/main.tf | 174 +++++++++++++++++++ terraform-infrastructure/output.tf | 60 +++++++ terraform-infrastructure/provider.tf | 25 +++ terraform-infrastructure/terraform.tfvars | 20 +++ terraform-infrastructure/variables.tf | 54 ++++++ 7 files changed, 355 insertions(+), 1 deletion(-) create mode 100644 terraform-infrastructure/.terraform.lock.hcl create mode 100644 terraform-infrastructure/main.tf create mode 100644 terraform-infrastructure/output.tf create mode 100644 terraform-infrastructure/provider.tf create mode 100644 terraform-infrastructure/terraform.tfvars create mode 100644 terraform-infrastructure/variables.tf diff --git a/.gitignore b/.gitignore index 6349e36..ba294d5 100644 --- a/.gitignore +++ b/.gitignore @@ -13,7 +13,6 @@ crash.*.log # password, private keys, and other secrets. These should not be part of version # control as they are data points which are potentially sensitive and subject # to change depending on the environment. -*.tfvars *.tfvars.json # Ignore override files as they are usually used to override resources locally and so diff --git a/terraform-infrastructure/.terraform.lock.hcl b/terraform-infrastructure/.terraform.lock.hcl new file mode 100644 index 0000000..d7fb4c0 --- /dev/null +++ b/terraform-infrastructure/.terraform.lock.hcl @@ -0,0 +1,22 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/azurerm" { + version = "4.16.0" + constraints = "~> 4.16.0" + hashes = [ + "h1:HZdmFPnC/+x6si15pq4rGYv/1TrCcyQXLnDMqq1SONw=", + "zh:2035e461a94bd4180557a06f8e56f228a8a035608d0dac4d08e5870cf9265276", + "zh:3f15778a22ef1b9d0fa28670e5ea6ef1094b0be2533f43f350a2ef15d471b353", + "zh:4f1a4d03b008dd958bcd6bf82cf088fbaa9c121be2fd35e10e6b06c6e8f6aaa1", + "zh:5859f31c342364e849b4f8c437a46f33e927fa820244d0732b8d2ec74a95712d", + "zh:693d0f15512ca8c6b5e999b3a7551503feb06b408b3836bc6a6403e518b9ddab", + "zh:7f4912bec5b04f5156935292377c12484c13582151eb3c2555df409a7e5fb6e0", + "zh:bb9a509497f3a131c52fac32348919bf1b9e06c69a65f24607b03f7b56fb47b6", + "zh:c1b0c64e49ac591fd038ad71e71403ff71c07476e27e8da718c29f0028ea6d0d", + "zh:dd4ca432ee14eb0bb0cdc0bb463c8675b8ef02497be870a20d8dfee3e7fe52b3", + "zh:df58bb7fea984d2b11709567842ca4d55b3f24e187aa6be99e3677f55cbbe7da", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + "zh:f7fb37704da50c096f9c7c25e8a95fe73ce1d3c5aab0d616d506f07bc5cfcdd8", + ] +} diff --git a/terraform-infrastructure/main.tf b/terraform-infrastructure/main.tf new file mode 100644 index 0000000..15f9c82 --- /dev/null +++ b/terraform-infrastructure/main.tf @@ -0,0 +1,174 @@ +# Resource Group +resource "azurerm_resource_group" "rg" { + name = var.resource_group_name + location = var.location + + # Output the resource group name + provisioner "local-exec" { + command = "echo Resource Group: ${self.name}" + } +} +# Storage Account +resource "azurerm_storage_account" "storage" { + name = var.storage_account_name + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location + account_tier = "Standard" + account_replication_type = "LRS" + + depends_on = [azurerm_resource_group.rg] + + # Output the storage account name + provisioner "local-exec" { + command = "echo Storage Account: ${self.name}" + } +} + +# Blob Container for Input Files +resource "azurerm_storage_container" "input_container" { + name = "input" + storage_account_id = azurerm_storage_account.storage.id + container_access_type = "private" + + depends_on = [azurerm_storage_account.storage] + + # Output the container name + provisioner "local-exec" { + command = "echo Input Container: ${self.name}" + } +} + +# Blob Container for Output Files +resource "azurerm_storage_container" "output_container" { + name = "output" + storage_account_id = azurerm_storage_account.storage.id + container_access_type = "private" + + depends_on = [azurerm_storage_account.storage] + + # Output the container name + provisioner "local-exec" { + command = "echo Output Container: ${self.name}" + } +} + +# Linux Function App +resource "azurerm_linux_function_app" "function_app" { + name = var.function_app_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + service_plan_id = azurerm_service_plan.asp.id + storage_account_name = azurerm_storage_account.storage.name + storage_account_access_key = azurerm_storage_account.storage.primary_access_key + + site_config { + # Other configurations can go here + } + + depends_on = [azurerm_service_plan.asp] + + provisioner "local-exec" { + command = "echo Function App: ${self.name}" + } +} + + +# Service Plan +resource "azurerm_service_plan" "asp" { + name = var.app_service_plan_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + os_type = "Linux" + sku_name = "Y1" # Consumption plan + + depends_on = [azurerm_resource_group.rg] + + # Output the service plan name + provisioner "local-exec" { + command = "echo Service Plan: ${self.name}" + } +} + +# Application Insights +resource "azurerm_application_insights" "appinsights" { + name = var.app_insights_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + application_type = "web" + workspace_id = azurerm_log_analytics_workspace.loganalytics.id + + depends_on = [azurerm_resource_group.rg] + + provisioner "local-exec" { + command = "echo Application Insights: ${self.name}" + } +} + +# Log Analytics Workspace +resource "azurerm_log_analytics_workspace" "loganalytics" { + name = var.log_analytics_workspace_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + sku = "PerGB2018" + + depends_on = [azurerm_resource_group.rg] + + # Output the log analytics workspace name + provisioner "local-exec" { + command = "echo Log Analytics Workspace: ${self.name}" + } +} + +# Key Vault +resource "azurerm_key_vault" "keyvault" { + name = var.key_vault_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + tenant_id = data.azurerm_client_config.current.tenant_id + sku_name = "standard" + + depends_on = [azurerm_resource_group.rg] + + # Output the key vault name + provisioner "local-exec" { + command = "echo Key Vault: ${self.name}" + } +} + +# Data source to get tenant ID +data "azurerm_client_config" "current" {} + +# CosmosDB +resource "azurerm_cosmosdb_account" "cosmosdb" { + name = var.cosmosdb_account_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + offer_type = "Standard" + kind = "GlobalDocumentDB" + consistency_policy { + consistency_level = "Session" + } + + geo_location { + location = azurerm_resource_group.rg.location + failover_priority = 0 + } + + depends_on = [azurerm_resource_group.rg] +} + +# Azure Form Recognizer (Document Intelligence) +resource "azurerm_cognitive_account" "form_recognizer" { + name = var.form_recognizer_name + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + kind = "FormRecognizer" + sku_name = "S0" + + depends_on = [azurerm_resource_group.rg] + + # Output the Form Recognizer name + provisioner "local-exec" { + command = "echo Form Recognizer: ${self.name}" + } +} diff --git a/terraform-infrastructure/output.tf b/terraform-infrastructure/output.tf new file mode 100644 index 0000000..f9ff088 --- /dev/null +++ b/terraform-infrastructure/output.tf @@ -0,0 +1,60 @@ +output "resource_group_name" { + description = "The name of the resource group." + value = azurerm_resource_group.rg.name +} + +output "storage_account_name" { + description = "The name of the storage account" + value = azurerm_storage_account.storage.name +} + +output "input_container_name" { + description = "The name of the input container" + value = azurerm_storage_container.input_container.name +} + +output "output_container_name" { + description = "The name of the output container" + value = azurerm_storage_container.output_container.name +} + +output "function_app_name" { + description = "The name of the Linux Function App." + value = azurerm_linux_function_app.function_app.name +} + +output "app_service_plan_name" { + description = "The name of the Service Plan" + value = azurerm_service_plan.asp.name +} + +output "app_insights_name" { + description = "The name of the Application Insights instance" + value = azurerm_application_insights.appinsights.name +} + +output "log_analytics_workspace_name" { + description = "The name of the Log Analytics workspace" + value = azurerm_log_analytics_workspace.loganalytics.name +} + +output "key_vault_name" { + description = "The name of the Key Vault" + value = azurerm_key_vault.keyvault.name +} + + +output "cosmosdb_account_name" { + description = "The name of the CosmosDB account." + value = azurerm_cosmosdb_account.cosmosdb.name +} + +# Output the Form Recognizer name +output "form_recognizer_name" { + value = azurerm_cognitive_account.form_recognizer.name +} + +# Output the Form Recognizer endpoint +output "form_recognizer_endpoint" { + value = azurerm_cognitive_account.form_recognizer.endpoint +} diff --git a/terraform-infrastructure/provider.tf b/terraform-infrastructure/provider.tf new file mode 100644 index 0000000..2719636 --- /dev/null +++ b/terraform-infrastructure/provider.tf @@ -0,0 +1,25 @@ +# provider.tf +# This file configures the Azure provider to interact with Azure resources. +# It specifies the required provider and its version, along with provider-specific configurations. + +terraform { + required_version = ">= 1.8, < 2.0" + # Specify the required provider and its version + required_providers { + azurerm = { + source = "hashicorp/azurerm" # Source of the AzureRM provider + version = "~> 4.16.0" # Version of the AzureRM provider + } + } +} + +provider "azurerm" { + features { # Enable features for the AzureRM provider + key_vault { + recover_soft_deleted_key_vaults = false + purge_soft_delete_on_destroy = true + } + } + + subscription_id = var.subscription_id # Use the subscription ID variable +} \ No newline at end of file diff --git a/terraform-infrastructure/terraform.tfvars b/terraform-infrastructure/terraform.tfvars new file mode 100644 index 0000000..6768f1d --- /dev/null +++ b/terraform-infrastructure/terraform.tfvars @@ -0,0 +1,20 @@ +# Sample values +subscription_id = "" # "your-subscription_id" +resource_group_name = "RG-PDFs-Processing-DocIntelligence" # "your-resource-group-name" +location = "West US" # "your-location" +# Storage Account +storage_account_name = "storageaccountbrownpdf" # "your-storage-account-name" +# Function App +function_app_name = "fapdfbrown" # "your-function-app-name" +# App Service Plan +app_service_plan_name = "asppdfbrown" # "your-app-service-plan-name" +# Application Insights +app_insights_name = "apppdfbrown" # "your-app-insights-name" +# Log Analytics Workspace +log_analytics_workspace_name = "logwspdfbrown" # "your-log-analytics-workspace-name" +# Key Vault +key_vault_name = "kvpdfrbrown" # "your-key-vault-name" +# CosmosDB +cosmosdb_account_name = "cosmospdfbrown" # "your-cosmosdb-account-name" +# Form Recognizer -> Document Intelligence +form_recognizer_name = "docintelligenceacct01" # "your-document-intelligence-name" diff --git a/terraform-infrastructure/variables.tf b/terraform-infrastructure/variables.tf new file mode 100644 index 0000000..86f34d7 --- /dev/null +++ b/terraform-infrastructure/variables.tf @@ -0,0 +1,54 @@ +variable "subscription_id" { + description = "The subscription ID for the Azure account." + type = string +} + +variable "resource_group_name" { + description = "The name of the resource group." + type = string +} + +variable "location" { + description = "The Azure region where resources will be created." + type = string +} + + +variable "storage_account_name" { + description = "The name of the storage account" + type = string +} + +variable "function_app_name" { + description = "The name of the Linux Function App." + type = string +} + +variable "app_service_plan_name" { + description = "The name of the App Service plan" + type = string +} + +variable "app_insights_name" { + description = "The name of the Application Insights instance" + type = string +} + +variable "log_analytics_workspace_name" { + description = "The name of the Log Analytics workspace" + type = string +} + +variable "key_vault_name" { + description = "The name of the Key Vault" + type = string +} +variable "cosmosdb_account_name" { + description = "The name of the CosmosDB account." + type = string +} + +variable "form_recognizer_name" { + description = "The name of the Form Recognizer resource." + type = string +} \ No newline at end of file From 3c1566bb1f30f74369d23269e87d0cf01c63ca92 Mon Sep 17 00:00:00 2001 From: Timna Brown <24630902+brown9804@users.noreply.github.com> Date: Mon, 19 May 2025 13:21:11 -0600 Subject: [PATCH 4/7] Delete terraform-infrastructure/.terraform.lock.hcl --- terraform-infrastructure/.terraform.lock.hcl | 22 -------------------- 1 file changed, 22 deletions(-) delete mode 100644 terraform-infrastructure/.terraform.lock.hcl diff --git a/terraform-infrastructure/.terraform.lock.hcl b/terraform-infrastructure/.terraform.lock.hcl deleted file mode 100644 index d7fb4c0..0000000 --- a/terraform-infrastructure/.terraform.lock.hcl +++ /dev/null @@ -1,22 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/azurerm" { - version = "4.16.0" - constraints = "~> 4.16.0" - hashes = [ - "h1:HZdmFPnC/+x6si15pq4rGYv/1TrCcyQXLnDMqq1SONw=", - "zh:2035e461a94bd4180557a06f8e56f228a8a035608d0dac4d08e5870cf9265276", - "zh:3f15778a22ef1b9d0fa28670e5ea6ef1094b0be2533f43f350a2ef15d471b353", - "zh:4f1a4d03b008dd958bcd6bf82cf088fbaa9c121be2fd35e10e6b06c6e8f6aaa1", - "zh:5859f31c342364e849b4f8c437a46f33e927fa820244d0732b8d2ec74a95712d", - "zh:693d0f15512ca8c6b5e999b3a7551503feb06b408b3836bc6a6403e518b9ddab", - "zh:7f4912bec5b04f5156935292377c12484c13582151eb3c2555df409a7e5fb6e0", - "zh:bb9a509497f3a131c52fac32348919bf1b9e06c69a65f24607b03f7b56fb47b6", - "zh:c1b0c64e49ac591fd038ad71e71403ff71c07476e27e8da718c29f0028ea6d0d", - "zh:dd4ca432ee14eb0bb0cdc0bb463c8675b8ef02497be870a20d8dfee3e7fe52b3", - "zh:df58bb7fea984d2b11709567842ca4d55b3f24e187aa6be99e3677f55cbbe7da", - "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:f7fb37704da50c096f9c7c25e8a95fe73ce1d3c5aab0d616d506f07bc5cfcdd8", - ] -} From 3bbf72a27ded555d5327f7f92577871abe641e10 Mon Sep 17 00:00:00 2001 From: Timna Brown <24630902+brown9804@users.noreply.github.com> Date: Mon, 19 May 2025 13:21:29 -0600 Subject: [PATCH 5/7] ignore lock --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index ba294d5..7b3122b 100644 --- a/.gitignore +++ b/.gitignore @@ -4,6 +4,7 @@ # .tfstate files *.tfstate *.tfstate.* +.terraform.lock.hcl # Crash log files crash.log From 10ff5ac567c4480071aec69ee54108dd3d6b2e80 Mon Sep 17 00:00:00 2001 From: Timna Brown <24630902+brown9804@users.noreply.github.com> Date: Mon, 19 May 2025 13:24:21 -0600 Subject: [PATCH 6/7] visual ref of deployment --- terraform-infrastructure/README.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/terraform-infrastructure/README.md b/terraform-infrastructure/README.md index 4c38ec5..faa15bd 100644 --- a/terraform-infrastructure/README.md +++ b/terraform-infrastructure/README.md @@ -10,9 +10,14 @@ Last updated: 2025-05-19 ----------
- Centered Image + Centered Image
+
+ Centered Image +
+ + ## Overview Templates structure: From 7aa1157a1b60a4c2ba2d71f4c79c78d38d213c4c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 19 May 2025 19:24:37 +0000 Subject: [PATCH 7/7] Fix Markdown syntax issues --- terraform-infrastructure/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/terraform-infrastructure/README.md b/terraform-infrastructure/README.md index faa15bd..54d8179 100644 --- a/terraform-infrastructure/README.md +++ b/terraform-infrastructure/README.md @@ -17,7 +17,6 @@ Last updated: 2025-05-19 Centered Image - ## Overview Templates structure: