Add module for user assigned managed identity and update the tags based on new policies (#12)

* DEVOPS-289 added tags to API management module and did terraform fmt

* DEVOPS-289 added tags tologanalytics ws module and did terraform fmt

* DEVOPS-289  terraform fmt

* DEVOPS-289 updated provider version to v4.0 azurerm

* DEVOPS-289 added tags to storage accnt module and added temporarry and did terraform fmt

* DEVOPS-289 did terraform fmt

* DEVOPS-289 created user assigned man

* terraform fmt and temporary tag DEVOPS-291

Author: githubofkrishnadhas

api-management/apim.tf

@@ -1,6 +1,13 @@
 resource "azurerm_resource_group" "rg" {
   name     = var.resource_group_name
   location = var.location
+  tags = {
+    Environment     = upper(var.environment)
+    Orchestrator    = "Terraform"
+    DisplayName     = upper(var.resource_group_name)
+    ApplicationName = lower(var.application_name)
+    Temporary = upper(var.temporary)
+  }
 }
 
 resource "azurerm_api_management" "apim" {
@@ -9,6 +16,12 @@ resource "azurerm_api_management" "apim" {
   resource_group_name = azurerm_resource_group.rg.name
   publisher_name      = tostring(var.publisher_name)
   publisher_email     = tostring(var.publisher_email)
-
   sku_name = "${var.sku_name_part1}_${var.sku_name_part2}"
+  tags = {
+    Environment     = upper(var.environment)
+    Orchestrator    = "Terraform"
+    DisplayName     = upper(var.resource_group_name)
+    ApplicationName = lower(var.application_name)
+    Temporary = upper(var.temporary)
+  }
 }

api-management/output.tf

@@ -1,29 +1,29 @@
 output "azure_resource_group_name" {
   description = "Azure resource group name"
-  value = azurerm_resource_group.rg.name
+  value       = azurerm_resource_group.rg.name
 }
 
 output "azure_api_management_name" {
   description = "Azure API management name"
-  value = azurerm_api_management.apim.name
+  value       = azurerm_api_management.apim.name
 }
 
 output "azure_api_management_location" {
   description = "Azure API management location"
-  value = azurerm_api_management.apim.location
+  value       = azurerm_api_management.apim.location
 }
 
 output "azure_api_management_publisher_name" {
   description = "Azure API management"
-  value = azurerm_api_management.apim.publisher_name
+  value       = azurerm_api_management.apim.publisher_name
 }
 
 output "azure_api_management_publisher_emailids" {
   description = "Azure API management publisher emails"
-  value = azurerm_api_management.apim.publisher_email
+  value       = azurerm_api_management.apim.publisher_email
 }
 
 output "azure_api_management_sku" {
   description = "Azure API management SKU"
-  value = azurerm_api_management.apim.sku_name
+  value       = azurerm_api_management.apim.sku_name
 }

api-management/variables.tf

@@ -1,46 +1,74 @@
 variable "resource_group_name" {
-  type = string
+  type        = string
   description = "Azure Storage Account Rg"
 }
 
 variable "location" {
-  type = string
+  type        = string
   description = "Azure storage account location"
 }
 
 variable "api_management_name" {
   description = "Azure api management name"
-  type = string
+  type        = string
 }
 
 variable "publisher_name" {
   description = "Publisher of API"
-  type = list(string)
+  type        = list(string)
   validation {
-    condition = can(index(var.publisher_name, 0))
+    condition     = can(index(var.publisher_name, 0))
     error_message = "A value is required for Publisher name."
   }
 }
 
 variable "publisher_email" {
   description = "Email ID of API publishers"
-  type = list(string)
+  type        = list(string)
   validation {
     condition     = can(index(var.publisher_email, 0))
-    error_message = "At least one Publisher email is required."    
+    error_message = "At least one Publisher email is required."
   }
 }
 
 variable "sku_name_part1" {
   description = "SKU name of API management "
-  type = string
+  type        = string
   validation {
-    condition = contains(["Consumption","Developer","Basic","Standard", "Premium"], var.sku_name_part1)
+    condition     = contains(["Consumption", "Developer", "Basic", "Standard", "Premium"], var.sku_name_part1)
     error_message = "SKU name should be one among Consumption, Developer,Basic,Standard,Premium."
-  } 
+  }
 }
 
 variable "sku_name_part2" {
   description = "Sku capacity part"
-  type = string
+  type        = string
+}
+
+
+variable "temporary" {
+  default     = "TRUE"
+  description = "Temporary tag value in Azure"
+  type        = string
+  validation {
+    condition     = contains(["TRUE", "FALSE"], upper(var.temporary))
+    error_message = "The temporary tag value must be either 'TRUE' or 'FALSE'."
+  }
+
+}
+
+variable "application_name" {
+  default     = ""
+  description = "Azure application name tag"
+  type        = string
+}
+
+variable "environment" {
+  default     = ""
+  description = "Environment tag value in Azure"
+  type        = string
+  validation {
+    condition     = contains(["DEV", "QA", "UAT", "PROD"], var.environment)
+    error_message = "Environment value should be one among DEV or QA or UAT or PROD."
+  }
 }

log-analytics-workspace/loganalytics.tf

@@ -6,13 +6,21 @@ resource "azurerm_resource_group" "rg" {
     Orchestrator    = "Terraform"
     DisplayName     = upper(var.resource_group_name)
     ApplicationName = lower(var.application_name)
+    Temporary = upper(var.temporary)
   }
 }
 
 resource "azurerm_log_analytics_workspace" "loganalytics_ws" {
-  name = upper(var.loganalytics_workspace_name)
-  sku = var.loganalytics_sku
+  name                = upper(var.loganalytics_workspace_name)
+  sku                 = var.loganalytics_sku
   resource_group_name = azurerm_resource_group.rg.name
-  location = var.location
-  retention_in_days = var.loganalytics_retention_period
+  location            = var.location
+  retention_in_days   = var.loganalytics_retention_period
+  tags = {
+    Environment     = upper(var.environment)
+    Orchestrator    = "Terraform"
+    DisplayName     = upper(var.resource_group_name)
+    ApplicationName = lower(var.application_name)
+    Temporary = upper(var.temporary)
+  }
 }

log-analytics-workspace/output.tf

@@ -1,19 +1,19 @@
 output "loganalytics_workspace_name" {
-  value = azurerm_log_analytics_workspace.loganalytics_ws.name
+  value       = azurerm_log_analytics_workspace.loganalytics_ws.name
   description = "Azure Log analytics workspace name"
 }
 
 output "loganalytics_workspace_resource_group" {
-  value = azurerm_log_analytics_workspace.loganalytics_ws.resource_group_name
-    description = "Azure Log analytics workspace resource group name"
+  value       = azurerm_log_analytics_workspace.loganalytics_ws.resource_group_name
+  description = "Azure Log analytics workspace resource group name"
 }
 
 output "loganalytics_retention_period" {
-  value = azurerm_log_analytics_workspace.loganalytics_ws.retention_in_days
+  value       = azurerm_log_analytics_workspace.loganalytics_ws.retention_in_days
   description = "Azure loganalytics data retention in days"
 }
 
 output "loganalytics_sku" {
-  value = azurerm_log_analytics_workspace.loganalytics_ws.sku
+  value       = azurerm_log_analytics_workspace.loganalytics_ws.sku
   description = "Azure loganalytics SKU"
 }

log-analytics-workspace/variables.tf

@@ -1,27 +1,27 @@
 variable "resource_group_name" {
-  default = ""
+  default     = ""
   description = "Azure resource group name to create log analytics workspace"
-  type = string
+  type        = string
 }
 
 variable "location" {
-  default = ""
+  default     = ""
   description = "Azure location"
-  type = string
+  type        = string
 }
 
 variable "loganalytics_workspace_name" {
-  default = ""
-  type = string
+  default     = ""
+  type        = string
   description = "Loganalytics workspace name"
 }
 
 variable "loganalytics_retention_period" {
-  default = 7
+  default     = 7
   description = "Loganalytics logs retention period"
-  type = number
+  type        = number
   validation {
-    condition = var.loganalytics_retention_period == 7 || (var.loganalytics_retention_period >= 30 && var.loganalytics_retention_period <= 730)
+    condition     = var.loganalytics_retention_period == 7 || (var.loganalytics_retention_period >= 30 && var.loganalytics_retention_period <= 730)
     error_message = "The workspace data retention in days. Possible values are either 7 (Free Tier only) or range between 30 and 730."
   }
 
@@ -44,12 +44,23 @@ variable "environment" {
 }
 
 variable "loganalytics_sku" {
-  default = "PerGB2018"
-  type = string
+  default     = "PerGB2018"
+  type        = string
   description = "Specifies the SKU of the Log Analytics Workspace"
   validation {
     condition     = contains(["PerNode", "Premium", "Standard", "Standalone", "Unlimited", "CapacityReservation", "PerGB2018"], var.loganalytics_sku)
     error_message = "Log analytics SKU should be one among PerNode, Premium, Standard, Standalone, Unlimited, CapacityReservation or PerGB2018 ."
   }
 }
 
+variable "temporary" {
+  default     = "TRUE"
+  description = "Temporary tag value in Azure"
+  type        = string
+  validation {
+    condition     = contains(["TRUE", "FALSE"], upper(var.temporary))
+    error_message = "The temporary tag value must be either 'TRUE' or 'FALSE'."
+  }
+
+}
+

storage-account/output.tf

@@ -1,34 +1,34 @@
 output "azurerm_resource_group" {
   description = "Azure resource group name"
-  value = azurerm_resource_group.storage_rg.name
+  value       = azurerm_resource_group.storage_rg.name
 }
 
 output "storage_account_name" {
   description = "Azure storage account name"
-  value = azurerm_storage_account.storage.name
+  value       = azurerm_storage_account.storage.name
 }
 
 output "storage_account_location" {
   description = "Azure storage account location"
-  value = azurerm_storage_account.storage.location
+  value       = azurerm_storage_account.storage.location
 }
 
 output "storage_account_delete_retention_policy" {
   description = "Azure blob retention policy"
-  value = azurerm_storage_account.storage.blob_properties[0].delete_retention_policy
+  value       = azurerm_storage_account.storage.blob_properties[0].delete_retention_policy
 }
 
 output "storage_account_tier" {
   description = "Azure storage account tier"
-  value = azurerm_storage_account.storage.access_tier
+  value       = azurerm_storage_account.storage.access_tier
 }
 
 output "storage_account_replication_type" {
   description = "Azure storage account replication type"
-  value = azurerm_storage_account.storage.account_replication_type
+  value       = azurerm_storage_account.storage.account_replication_type
 }
 
 output "storage_account_tags" {
   description = "Azure storage account tags"
-  value = azurerm_storage_account.storage.tags
+  value       = azurerm_storage_account.storage.tags
 }

storage-account/providers.tf

@@ -3,13 +3,13 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "~> 3.0"
+      version = "<= 4.0"
     }
     random = {
       source  = "hashicorp/random"
       version = ">= 3.1"
     }
-  } 
+  }
 }
 provider "azurerm" {
   features {}

storage-account/storageaccount.tf

@@ -2,22 +2,24 @@ resource "azurerm_resource_group" "storage_rg" {
   name     = var.resource_group_name
   location = var.location
   tags = {
-    Environment = upper(var.environment)
-    Orchestrator = "Terraform"
-    DisplayName = upper(var.resource_group_name)
+    Environment     = upper(var.environment)
+    Orchestrator    = "Terraform"
+    DisplayName     = upper(var.resource_group_name)
     ApplicationName = lower(var.application_name)
+    Temporary       = upper(var.temporary)
+
   }
 }
 
 resource "azurerm_storage_account" "storage" {
-  name                     = var.storage_account_name
-  resource_group_name      = azurerm_resource_group.storage_rg.name
-  location                 = azurerm_resource_group.storage_rg.location
-  account_tier             = var.account_tier
-  account_replication_type = var.account_replication_type
-  account_kind = var.account_kind
+  name                             = var.storage_account_name
+  resource_group_name              = azurerm_resource_group.storage_rg.name
+  location                         = azurerm_resource_group.storage_rg.location
+  account_tier                     = var.account_tier
+  account_replication_type         = var.account_replication_type
+  account_kind                     = var.account_kind
   cross_tenant_replication_enabled = var.cross_tenant_replication_enabled
-  public_network_access_enabled = var.public_network_access_enabled
+  public_network_access_enabled    = var.public_network_access_enabled
 
   blob_properties {
     delete_retention_policy {
@@ -26,9 +28,11 @@ resource "azurerm_storage_account" "storage" {
   }
 
   tags = {
-    Environment = upper(var.environment)
-    Orchestrator = "Terraform"
-    DisplayName = upper(var.storage_account_name)
+    Environment     = upper(var.environment)
+    Orchestrator    = "Terraform"
+    DisplayName     = upper(var.storage_account_name)
     ApplicationName = lower(var.application_name)
+    Temporary       = upper(var.temporary)
+
   }
 }