modulo

2024-02-15 14:19:57 -06:00
parent 8205de086a
commit 7b032ed33c
7 changed files with 198 additions and 22 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,3 @@
+script.sh
+.terraform 
+.terraform.lock.hcls
--- a/.terraform-docs.yml
+++ b/.terraform-docs.yml
@@ -1,6 +1,6 @@
 ---
 formatter: "markdown table" 
-version: "0.16"
+version: "0.17"
 header-from: ./docs/header.md
 sections:
  show:
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@@ -0,0 +1,21 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/azurerm" {
+  version     = "3.0.0"
+  constraints = "3.0.0"
+  hashes = [
+    "h1:zABIsWI7y89dI3MIHPjLwjzp2VN87f3fOzEypuGI/OA=",
+    "zh:23a039a606cc194594f7c15cd8deef15c5183e11a40e96adee2f7317dbfa18aa",
+    "zh:414890618efc6caccf60b81fcce18a7e69a6d81599678d24f538d53726f49c57",
+    "zh:7c9a5d3c416766c6f624e186ee2f5b216dd5a9ffef40bfea42ceccf2b217e0d3",
+    "zh:82bbeaa6e10d0834d05c2ea55182ce6e147299b1257b445327ff6ff9dfdff3e7",
+    "zh:96d5f7737a3d10cc25815f1a220ef8ffe3641ee3229c7738804dc8cff71663fa",
+    "zh:ac359915e11a4fa234476cca5e701631ba563d8192dd3f1d31b51674411a0394",
+    "zh:bdf07291bb4f41ba304f12b298a066ac70925b3749c01aa90276727cfb0b2662",
+    "zh:cf7b4f9c313155b7d5c98e0cbbcfec40c789fccf431875b4db630e9e58f3ae6c",
+    "zh:d1fd0d3a1017427ab6f4fadb3310b4b488ab020a541778653c03c51e5e1df809",
+    "zh:db946fc8cfc15abe18314dc3dbcbb630243dc34c29f81a728e1397d797dca6a0",
+    "zh:e07f73c2745b56043d8b779f2987eb1a5f812645db6ac8fa7878ad23f6a79459",
+  ]
+}
--- a/README.md
+++ b/README.md
@@ -10,22 +10,36 @@ Description of what the module does
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement_terraform) | >= 1.0 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement_azurerm) | =3.0.0 |
 ## Providers

-No providers.
+| Name | Version |
+|------|---------|
+| <a name="provider_azurerm"></a> [azurerm](#provider_azurerm) | 3.0.0 |
 ## Modules

 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_default_label"></a> [default_label](#module_default_label) | git@gitlab.com:zulunity/terraform/modules/general/label.git | 0.0.0 |
+| <a name="module_default_label"></a> [default_label](#module_default_label) | git::https://gitlab.com/zulunity/terraform/modules/general/label.git | 0.0.0 |
+| <a name="module_secrets_label"></a> [secrets_label](#module_secrets_label) | git::https://gitlab.com/zulunity/terraform/modules/general/label.git | n/a |
 ## Usage
 Basic usage of this module is as follows:
 ```hcl
-module "example" {
+  module "example" {
    	 source  = "<module-path>"
    
+	 # Required variables
+    	 bgp_community  = 
+    	 ddos_protection_plan  = 
+    	 edge_zone  = 
+    	 flow_timeout_in_minutes  = 
+    	 subnets  = 
+    
 	 # Optional variables
    	 account  = null
+    	 address_space  = [
+  "10.0.0.0/16"
+]
    	 attributes  = []
    	 cloud_provider  = null
    	 context  = {
@@ -45,6 +59,10 @@ module "example" {
  "stage": null,
  "tags": {}
 }
+    	 dns_servers  = [
+  "10.0.0.4",
+  "10.0.0.5"
+]
    	 domain  = null
    	 enabled  = true
    	 environment  = null
@@ -53,27 +71,41 @@ module "example" {
    	 region  = null
    	 stage  = null
    	 tags  = {}
-}
+    	 virtual_network  = "network"
+  }
 ```
 ## Resources

-No resources.
+| Name | Type |
+|------|------|
+| [azurerm_network_security_group.example](https://registry.terraform.io/providers/hashicorp/azurerm/3.0.0/docs/resources/network_security_group) | resource |
+| [azurerm_resource_group.example](https://registry.terraform.io/providers/hashicorp/azurerm/3.0.0/docs/resources/resource_group) | resource |
+| [azurerm_subnet.example](https://registry.terraform.io/providers/hashicorp/azurerm/3.0.0/docs/resources/subnet) | resource |
+| [azurerm_virtual_network.example](https://registry.terraform.io/providers/hashicorp/azurerm/3.0.0/docs/resources/virtual_network) | resource |
 ## Inputs

 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_account"></a> [account](#input_account) | Name of the account being used (master, nonprod, prod, etc) | `string` | `null` | no |
+| <a name="input_address_space"></a> [address_space](#input_address_space) | El espacio de direcciones que se usa en la red virtual. Puede proporcionar más de un espacio de direcciones. | `list(string)` | <pre>[<br>  "10.0.0.0/16"<br>]</pre> | no |
 | <a name="input_attributes"></a> [attributes](#input_attributes) | Additional attributes (e.g. `1`) | `list(string)` | `[]` | no |
+| <a name="input_bgp_community"></a> [bgp_community](#input_bgp_community) | El atributo de comunidad BGP en formato <as-number>:<community-value>. | `number` | n/a | yes |
 | <a name="input_cloud_provider"></a> [cloud_provider](#input_cloud_provider) | Cloud provider name if any | `string` | `null` | no |
 | <a name="input_context"></a> [context](#input_context) | Single object for setting entire context at once.<br>See description of individual variables for details.<br>Leave string and numeric variables as `null` to use default value.<br>Individual variable settings (non-null) override settings in context object,<br>except for attributes, tags, and additional_tag_map, which are merged. | <pre>object({<br>    enabled             = bool<br>    namespace           = string<br>    cloud_provider      = string<br>    account             = string<br>    region              = string<br>    environment         = string<br>    stage               = string<br>    name                = string<br>    delimiter           = string<br>    attributes          = list(string)<br>    tags                = map(string)<br>    additional_tag_map  = map(string)<br>    regex_replace_chars = string<br>    label_order         = list(string)<br>    id_length_limit     = number<br>  })</pre> | <pre>{<br>  "account": null,<br>  "additional_tag_map": {},<br>  "attributes": [],<br>  "cloud_provider": null,<br>  "delimiter": null,<br>  "enabled": true,<br>  "environment": null,<br>  "id_length_limit": null,<br>  "label_order": [],<br>  "name": null,<br>  "namespace": null,<br>  "regex_replace_chars": null,<br>  "region": null,<br>  "stage": null,<br>  "tags": {}<br>}</pre> | no |
+| <a name="input_ddos_protection_plan"></a> [ddos_protection_plan](#input_ddos_protection_plan) | configuración de un plan de protección contra ataques de denegación de servicio distribuido | <pre>map(object({<br>    id     = string #id de la configuración de un plan de protección contra ataques de denegación de servicio distribuido<br>    enable = bool   #se define si esta activado o no <br>  }))</pre> | n/a | yes |
+| <a name="input_dns_servers"></a> [dns_servers](#input_dns_servers) | Lista de direcciones IP de servidores DNS | `list(string)` | <pre>[<br>  "10.0.0.4",<br>  "10.0.0.5"<br>]</pre> | no |
 | <a name="input_domain"></a> [domain](#input_domain) | TLD to use when deploying assets | `string` | `null` | no |
+| <a name="input_edge_zone"></a> [edge_zone](#input_edge_zone) | Especifica la zona perimetral dentro de la región de Azure en la que debe existir esta red virtual. Cambiar esto obliga a crear una nueva red virtual. | `string` | n/a | yes |
 | <a name="input_enabled"></a> [enabled](#input_enabled) | Set to false to prevent the module from creating any resources | `bool` | `true` | no |
 | <a name="input_environment"></a> [environment](#input_environment) | Environment, e.g. 'prod', 'staging', 'dev', 'pre-prod', 'UAT' | `string` | `null` | no |
+| <a name="input_flow_timeout_in_minutes"></a> [flow_timeout_in_minutes](#input_flow_timeout_in_minutes) | El tiempo de espera del flujo en minutos para la red virtual, que se usa para habilitar el seguimiento de conexiones para los flujos dentro de la máquina virtual. Los valores posibles están entre 4 y 30 minutos | `number` | n/a | yes |
 | <a name="input_name"></a> [name](#input_name) | Module name, e.g. 'app' or 'jenkins' | `string` | `"hi"` | no |
 | <a name="input_namespace"></a> [namespace](#input_namespace) | Namespace, which could be your organization name or abbreviation, e.g. 'eg' or 'cp' | `string` | `null` | no |
 | <a name="input_region"></a> [region](#input_region) | AWS region to deploy asset into | `string` | `null` | no |
 | <a name="input_stage"></a> [stage](#input_stage) | Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
+| <a name="input_subnets"></a> [subnets](#input_subnets) | n/a | <pre>map(object({<br>    name                = string<br>    address_space       = string<br>    resource_group_name = string<br>    security_group      = string<br>  }))</pre> | n/a | yes |
 | <a name="input_tags"></a> [tags](#input_tags) | Additional tags (e.g. `map('BusinessUnit','XYZ')` | `map(string)` | `{}` | no |
+| <a name="input_virtual_network"></a> [virtual_network](#input_virtual_network) | n/a | `string` | `"network"` | no |
 ## Outputs

 | Name | Description |
--- a/main.tf
+++ b/main.tf
@@ -1,11 +1,67 @@
+#recursos locales (Zulunity)
 # Local
 locals {
  tags = {}
 }

-# Label
+# Default Label
 module "default_label" {
-  source = "git@gitlab.com:zulunity/terraform/modules/general/label.git?ref=0.0.0"
+  source = "git::https://gitlab.com/zulunity/terraform/modules/general/label.git?ref=0.0.0"
  name   = var.name
  tags   = merge(var.tags, local.tags)
 }
+
+# Secret Label
+module "secrets_label" {
+  source     = "git::https://gitlab.com/zulunity/terraform/modules/general/label.git"
+  context    = module.default_label.normalized_context
+  attributes = ["secret"]
+}
+#----------------------------------------------------------------------------------------------
+#recusos externos necesarios para el modulo 
+resource "azurerm_resource_group" "example" {
+  name     = "${var.name}_group"
+  location = var.region #recuerda que en azure la region o "location cambia"
+}
+
+resource "azurerm_network_security_group" "example" {
+  name                = "${var.name}_segurity-network-group"
+  location            = azurerm_resource_group.example.location
+  resource_group_name = azurerm_resource_group.example.name
+}
+
+resource "azurerm_virtual_network" "example" {
+  name                    = var.virtual_network
+  location                = azurerm_resource_group.example.location
+  resource_group_name     = azurerm_resource_group.example.name
+  address_space           = var.address_space
+  dns_servers             = var.dns_servers
+  bgp_community           = var.bgp_community
+  edge_zone               = var.edge_zone
+  flow_timeout_in_minutes = var.flow_timeout_in_minutes
+
+  #este es un bloque de codigo que define el como especificar la configuración de un plan de protección contra ataques de denegación de servicio distribuido 
+  dynamic "ddos_protection_plan" {
+    for_each = var.ddos_protection_plan
+
+    content {
+      id     = ddos_protection_plan.value.id
+      enable = ddos_protection_plan.value.id
+    }
+  }
+  tags = module.default_label.tags
+}
+
+
+
+resource "azurerm_subnet" "example" {
+  for_each = var.subnets
+
+
+  name                 = each.value.name
+  resource_group_name  = azurerm_virtual_network.example.resource_group_name
+  virtual_network_name = azurerm_virtual_network.example.name
+  address_prefixes     = [each.value.address_prefix]
+
+}
+
--- a/variables.tf
+++ b/variables.tf
@@ -120,3 +120,58 @@ variable "tags" {
 #
 # Variables specific to this module
 #
+
+variable "virtual_network" {
+  type    = string
+  default = "network"
+}
+
+locals {
+  virtual_network = "${var.name}_${var.virtual_network}"
+}
+
+variable "address_space" {
+  type        = list(string)
+  default     = ["10.0.0.0/16"]
+  description = "El espacio de direcciones que se usa en la red virtual. Puede proporcionar más de un espacio de direcciones."
+}
+
+variable "dns_servers" {
+  type        = list(string)
+  default     = ["10.0.0.4", "10.0.0.5"]
+  description = "Lista de direcciones IP de servidores DNS"
+}
+variable "bgp_community" {
+  type        = number
+  description = " El atributo de comunidad BGP en formato <as-number>:<community-value>."
+}
+
+variable "edge_zone" {
+  type        = string
+  description = " Especifica la zona perimetral dentro de la región de Azure en la que debe existir esta red virtual. Cambiar esto obliga a crear una nueva red virtual."
+
+}
+
+variable "flow_timeout_in_minutes" {
+  type        = number
+  description = "El tiempo de espera del flujo en minutos para la red virtual, que se usa para habilitar el seguimiento de conexiones para los flujos dentro de la máquina virtual. Los valores posibles están entre 4 y 30 minutos"
+}
+
+variable "ddos_protection_plan" {
+  type = map(object({
+    id     = string #id de la configuración de un plan de protección contra ataques de denegación de servicio distribuido
+    enable = bool   #se define si esta activado o no 
+  }))
+  description = "configuración de un plan de protección contra ataques de denegación de servicio distribuido "
+}
+
+variable "subnets" {
+  type = map(object({
+    name                = string
+    address_space       = string
+    resource_group_name = string
+    security_group      = string
+  }))
+
+}
+
--- a/versions.tf
+++ b/versions.tf
@@ -1,3 +1,12 @@
 terraform {
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "=3.0.0"
+    }
+  }
  required_version = ">= 1.0"
 }
+provider "azurerm" {
+  features {}
+}