Clean up

Author: aamini7

scenarios/AksOpenAiTerraform/terraform/main.tf

@@ -23,9 +23,9 @@ resource "random_string" "rg_suffix" {
 }
 
 locals {
-  tenant_id = data.azurerm_client_config.current.tenant_id
+  tenant_id       = data.azurerm_client_config.current.tenant_id
   subscription_id = data.azurerm_client_config.current.subscription_id
-  random_id = random_string.rg_suffix.result
+  random_id       = random_string.rg_suffix.result
 
   vm_subnet_name               = "VmSubnet"
   system_node_pool_subnet_name = "SystemSubnet"
@@ -158,7 +158,7 @@ module "deployment_script" {
   resource_group_name = azurerm_resource_group.rg.name
 
   azure_cli_version                   = "2.64.0"
-  aks_cluster_id = module.aks_cluster.id
+  aks_cluster_id                      = module.aks_cluster.id
   managed_identity_name               = "ScriptManagedIdentity"
   aks_cluster_name                    = module.aks_cluster.name
   hostname                            = "magic8ball.contoso.com"
@@ -177,10 +177,12 @@ module "deployment_script" {
 
 module "log_analytics_workspace" {
   source              = "./modules/log_analytics"
-  name                = "${local.log_analytics_workspace_name}"
+  name                = local.log_analytics_workspace_name
   location            = var.location
   resource_group_name = azurerm_resource_group.rg.name
 
+  sku               = "PerGB2018"
+  retention_in_days = local.log_analytics_retention_days
   solution_plan_map = {
     ContainerInsights = {
       product   = "OMSGallery/ContainerInsights"

scenarios/AksOpenAiTerraform/terraform/modules/deployment_script/main.tf

@@ -5,23 +5,23 @@ resource "azurerm_user_assigned_identity" "script_identity" {
 }
 
 resource "azurerm_role_assignment" "network_contributor_assignment" {
-  scope                            = var.aks_cluster_id
-  role_definition_name             = "Azure Kubernetes Service Cluster Admin Role"
-  principal_id                     = azurerm_user_assigned_identity.script_identity.principal_id
+  scope                = var.aks_cluster_id
+  role_definition_name = "Azure Kubernetes Service Cluster Admin Role"
+  principal_id         = azurerm_user_assigned_identity.script_identity.principal_id
 }
 
 resource "azurerm_resource_deployment_script_azure_cli" "script" {
   name                = var.name
   resource_group_name = var.resource_group_name
   location            = var.location
 
-  version             = var.azure_cli_version
-  retention_interval  = "P1D"
-  command_line        = "'foo' 'bar'"
-  cleanup_preference  = "OnSuccess"
-  force_update_tag    = "1"
-  timeout             = "PT30M"
-  primary_script_uri  = var.primary_script_uri
+  version            = var.azure_cli_version
+  retention_interval = "P1D"
+  command_line       = "'foo' 'bar'"
+  cleanup_preference = "OnSuccess"
+  force_update_tag   = "1"
+  timeout            = "PT30M"
+  primary_script_uri = var.primary_script_uri
 
   identity {
     type = "UserAssigned"

scenarios/AksOpenAiTerraform/terraform/modules/deployment_script/variables.tf

@@ -1,57 +1,57 @@
 variable "resource_group_name" {
-  type        = string
+  type = string
 }
 
 variable "location" {
-  type        = string
+  type = string
 }
 
 variable "name" {
-  type        = string
+  type = string
 }
 
 variable "aks_cluster_id" {
-  type        = string
+  type = string
 }
 
 variable "azure_cli_version" {
-  type        = string
+  type = string
 }
 
 variable "managed_identity_name" {
-  type        = string
+  type = string
 }
 
 variable "primary_script_uri" {
-  type        = string
+  type = string
 }
 
 variable "aks_cluster_name" {
-  type        = string
+  type = string
 }
 
 variable "tenant_id" {
-  type        = string
+  type = string
 }
 
 variable "subscription_id" {
-  type        = string
+  type = string
 }
 
 variable "hostname" {
-  type        = string
+  type = string
 }
 
 variable "namespace" {
-  type        = string
+  type = string
 }
 
 variable "service_account_name" {
-  type        = string
+  type = string
 }
 
 variable "workload_managed_identity_client_id" {
-  type        = string
+  type = string
 }
 
 variable "email" {

scenarios/AksOpenAiTerraform/terraform/modules/key_vault/main.tf

@@ -1,8 +1,9 @@
 resource "azurerm_key_vault" "key_vault" {
-  name                            = var.name
-  location                        = var.location
-  resource_group_name             = var.resource_group_name
-  tenant_id                       = var.tenant_id
+  name                = var.name
+  location            = var.location
+  resource_group_name = var.resource_group_name
+  tenant_id           = var.tenant_id
+
   sku_name                        = var.sku_name
   enabled_for_deployment          = var.enabled_for_deployment
   enabled_for_disk_encryption     = var.enabled_for_disk_encryption
@@ -16,10 +17,8 @@ resource "azurerm_key_vault" "key_vault" {
   }
 
   network_acls {
-    bypass                     = var.bypass
-    default_action             = var.default_action
-    ip_rules                   = var.ip_rules
-    virtual_network_subnet_ids = var.virtual_network_subnet_ids
+    bypass         = var.bypass
+    default_action = var.default_action
   }
 }
 

scenarios/AksOpenAiTerraform/terraform/modules/key_vault/outputs.tf

@@ -1,9 +1,7 @@
 output "name" {
-  value       = azurerm_key_vault.key_vault.name
-  description = "Specifies the name of the key vault."
+  value = azurerm_key_vault.key_vault.name
 }
 
 output "id" {
-  value       = azurerm_key_vault.key_vault.id
-  description = "Specifies the resource id of the key vault."
+  value = azurerm_key_vault.key_vault.id
 }

scenarios/AksOpenAiTerraform/terraform/modules/key_vault/variables.tf

@@ -1,115 +1,59 @@
 variable "name" {
-  description = "(Required) Specifies the name of the key vault."
-  type        = string
+  type = string
 }
 
 variable "resource_group_name" {
-  description = "(Required) Specifies the resource group name of the key vault."
-  type        = string
+  type = string
 }
 
 variable "location" {
-  description = "(Required) Specifies the location where the key vault will be deployed."
-  type        = string
+  type = string
 }
 
 variable "tenant_id" {
-  description = "(Required) The Azure Active Directory tenant ID that should be used for authenticating requests to the key vault."
-  type        = string
+  type = string
 }
 
 variable "sku_name" {
-  description = "(Required) The Name of the SKU used for this Key Vault. Possible values are standard and premium."
-  type        = string
-  default     = "standard"
-
-  validation {
-    condition     = contains(["standard", "premium"], var.sku_name)
-    error_message = "The value of the sku name property of the key vault is invalid."
-  }
-}
-
-variable "tags" {
-  description = "(Optional) Specifies the tags of the log analytics workspace"
-  type        = map(any)
-  default     = {}
+  type = string
 }
 
 variable "enabled_for_deployment" {
-  description = "(Optional) Boolean flag to specify whether Azure Virtual Machines are permitted to retrieve certificates stored as secrets from the key vault. Defaults to false."
-  type        = bool
-  default     = false
+  type = bool
 }
 
 variable "enabled_for_disk_encryption" {
-  description = " (Optional) Boolean flag to specify whether Azure Disk Encryption is permitted to retrieve secrets from the vault and unwrap keys. Defaults to false."
-  type        = bool
-  default     = false
+  type = bool
 }
 
 variable "enabled_for_template_deployment" {
-  description = "(Optional) Boolean flag to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault. Defaults to false."
-  type        = bool
-  default     = false
+  type = bool
 }
 
 variable "enable_rbac_authorization" {
-  description = "(Optional) Boolean flag to specify whether Azure Key Vault uses Role Based Access Control (RBAC) for authorization of data actions. Defaults to false."
-  type        = bool
-  default     = false
+  type = bool
 }
 
 variable "purge_protection_enabled" {
-  description = "(Optional) Is Purge Protection enabled for this Key Vault? Defaults to false."
-  type        = bool
-  default     = false
+  type = bool
 }
 
 variable "soft_delete_retention_days" {
-  description = "(Optional) The number of days that items should be retained for once soft-deleted. This value can be between 7 and 90 (the default) days."
-  type        = number
-  default     = 30
+  type = number
 }
 
 variable "bypass" {
-  description = "(Required) Specifies which traffic can bypass the network rules. Possible values are AzureServices and None."
-  type        = string
-  default     = "AzureServices"
-
-  validation {
-    condition     = contains(["AzureServices", "None"], var.bypass)
-    error_message = "The valut of the bypass property of the key vault is invalid."
-  }
+  type = string
 }
 
 variable "default_action" {
-  description = "(Required) The Default Action to use when no rules match from ip_rules / virtual_network_subnet_ids. Possible values are Allow and Deny."
-  type        = string
-  default     = "Allow"
-
-  validation {
-    condition     = contains(["Allow", "Deny"], var.default_action)
-    error_message = "The value of the default action property of the key vault is invalid."
-  }
-}
-
-variable "ip_rules" {
-  description = "(Optional) One or more IP Addresses, or CIDR Blocks which should be able to access the Key Vault."
-  default     = []
-}
-
-variable "virtual_network_subnet_ids" {
-  description = "(Optional) One or more Subnet ID's which should be able to access this Key Vault."
-  default     = []
+  type = string
 }
 
 variable "log_analytics_workspace_id" {
-  description = "Specifies the log analytics workspace id"
-  type        = string
+  type = string
 }
 
 variable "log_analytics_retention_days" {
-  description = "Specifies the number of days of the retention policy"
-  type        = number
-  default     = 7
+  type = number
 }

scenarios/AksOpenAiTerraform/terraform/modules/log_analytics/main.tf

@@ -3,7 +3,7 @@ resource "azurerm_log_analytics_workspace" "log_analytics_workspace" {
   location            = var.location
   resource_group_name = var.resource_group_name
   sku                 = var.sku
-  retention_in_days   = var.retention_in_days != "" ? var.retention_in_days : null
+  retention_in_days   = var.retention_in_days
 }
 
 resource "azurerm_log_analytics_solution" "la_solution" {
@@ -19,10 +19,4 @@ resource "azurerm_log_analytics_solution" "la_solution" {
     product   = each.value.product
     publisher = each.value.publisher
   }
-
-  lifecycle {
-    ignore_changes = [
-      tags
-    ]
-  }
 }

scenarios/AksOpenAiTerraform/terraform/modules/log_analytics/variables.tf

@@ -1,42 +1,23 @@
 variable "resource_group_name" {
-  description = "(Required) Specifies the resource group name"
-  type        = string
+  type = string
 }
 
 variable "location" {
-  description = "(Required) Specifies the location of the log analytics workspace"
-  type        = string
+  type = string
 }
 
 variable "name" {
-  description = "(Required) Specifies the name of the log analytics workspace"
-  type        = string
+  type = string
 }
 
 variable "sku" {
-  description = "(Optional) Specifies the sku of the log analytics workspace"
-  type        = string
-  default     = "PerGB2018"
-
-  validation {
-    condition     = contains(["Free", "Standalone", "PerNode", "PerGB2018"], var.sku)
-    error_message = "The log analytics sku is incorrect."
-  }
+  type = string
 }
 
 variable "solution_plan_map" {
-  description = "(Required) Specifies the map structure containing the list of solutions to be enabled."
-  type        = map(any)
-}
-
-variable "tags" {
-  description = "(Optional) Specifies the tags of the log analytics workspace"
-  type        = map(any)
-  default     = {}
+  type = map(any)
 }
 
 variable "retention_in_days" {
-  description = " (Optional) Specifies the workspace data retention in days. Possible values are either 7 (Free Tier only) or range between 30 and 730."
-  type        = number
-  default     = 30
+  type = number
 }

scenarios/AksOpenAiTerraform/terraform/modules/openai/main.tf

@@ -1,8 +1,8 @@
 resource "azurerm_cognitive_account" "openai" {
-  name                          = var.name
-  location                      = var.location
-  resource_group_name           = var.resource_group_name
-  
+  name                = var.name
+  location            = var.location
+  resource_group_name = var.resource_group_name
+
   kind                          = "OpenAI"
   custom_subdomain_name         = var.custom_subdomain_name
   sku_name                      = var.sku_name