From 83addb7bdac11bc1b7f8fd2e006e0cbbabee38f1 Mon Sep 17 00:00:00 2001 From: Michele Zanotti Date: Tue, 10 Dec 2024 09:23:23 +0000 Subject: [PATCH] feat: allow disabling log analytics workspace --- README.md | 15 ++++++++------- main.tf | 5 +++-- variables.tf | 9 +++++++-- 3 files changed, 18 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index a66461e..bf934b3 100644 --- a/README.md +++ b/README.md @@ -151,6 +151,7 @@ You can find examples of code that uses this Terraform module in the [examples]( | [aks\_kubernetes\_version](#input\_aks\_kubernetes\_version) | The Kubernetes version to use. |
object({
workers = string
control_plane = string
})
|
{
"control_plane": "1.30.6",
"workers": "1.30.6"
}
| no | | [aks\_log\_analytics\_solution](#input\_aks\_log\_analytics\_solution) | Existing azurerm\_log\_analytics\_solution to be attached to the azurerm\_log\_analytics\_workspace. Providing the config disables creation of azurerm\_log\_analytics\_solution. |
object({
id = string
name = string
location = optional(string)
resource_group_name = optional(string)
})
| `null` | no | | [aks\_log\_analytics\_workspace](#input\_aks\_log\_analytics\_workspace) | Existing azurerm\_log\_analytics\_workspace to attach azurerm\_log\_analytics\_solution. Providing the config disables creation of azurerm\_log\_analytics\_workspace. |
object({
id = string
name = string
location = optional(string)
resource_group_name = optional(string)
})
| `null` | no | +| [aks\_log\_analytics\_workspace\_enabled](#input\_aks\_log\_analytics\_workspace\_enabled) | Enable the integration of azurerm\_log\_analytics\_workspace and azurerm\_log\_analytics\_solution. | `bool` | `true` | no | | [aks\_net\_profile\_dns\_service\_ip](#input\_aks\_net\_profile\_dns\_service\_ip) | IP address within the Kubernetes service address range that is used by cluster service discovery (kube-dns). Must be inluced in net\_profile\_cidr. Example: 10.32.0.10 | `string` | `"10.32.0.10"` | no | | [aks\_net\_profile\_service\_cidr](#input\_aks\_net\_profile\_service\_cidr) | The Network Range used by the Kubernetes service. Must not overlap with the AKS Nodes address space. Example: 10.32.0.0/24 | `string` | `"10.32.0.0/24"` | no | | [aks\_sku\_tier](#input\_aks\_sku\_tier) | The AKS tier. Possible values are: Free, Standard, Premium. It is recommended to use Standard or Premium for production workloads. | `string` | `"Standard"` | no | @@ -210,14 +211,14 @@ You can find examples of code that uses this Terraform module in the [examples]( - resource.azurerm_key_vault_secret.azure_openai_api_key (/terraform-docs/main.tf#585) - resource.azurerm_key_vault_secret.azuread_application_client_id (/terraform-docs/main.tf#324) - resource.azurerm_key_vault_secret.azuread_application_client_secret (/terraform-docs/main.tf#333) -- resource.azurerm_key_vault_secret.jwt_signing_key (/terraform-docs/main.tf#793) +- resource.azurerm_key_vault_secret.jwt_signing_key (/terraform-docs/main.tf#794) - resource.azurerm_key_vault_secret.nebuly_azure_client_id (/terraform-docs/main.tf#346) - resource.azurerm_key_vault_secret.nebuly_azure_client_secret (/terraform-docs/main.tf#355) -- resource.azurerm_key_vault_secret.okta_sso_client_id (/terraform-docs/main.tf#805) -- resource.azurerm_key_vault_secret.okta_sso_client_secret (/terraform-docs/main.tf#816) +- resource.azurerm_key_vault_secret.okta_sso_client_id (/terraform-docs/main.tf#806) +- resource.azurerm_key_vault_secret.okta_sso_client_secret (/terraform-docs/main.tf#817) - resource.azurerm_key_vault_secret.postgres_password (/terraform-docs/main.tf#510) - resource.azurerm_key_vault_secret.postgres_user (/terraform-docs/main.tf#501) -- resource.azurerm_kubernetes_cluster_node_pool.linux_pools (/terraform-docs/main.tf#750) +- resource.azurerm_kubernetes_cluster_node_pool.linux_pools (/terraform-docs/main.tf#751) - resource.azurerm_management_lock.postgres_server (/terraform-docs/main.tf#444) - resource.azurerm_monitor_metric_alert.postgres_server_alerts (/terraform-docs/main.tf#452) - resource.azurerm_postgresql_flexible_server.main (/terraform-docs/main.tf#374) @@ -230,7 +231,7 @@ You can find examples of code that uses this Terraform module in the [examples]( - resource.azurerm_private_dns_zone_virtual_network_link.flexible_postgres (/terraform-docs/main.tf#206) - resource.azurerm_private_dns_zone_virtual_network_link.key_vault (/terraform-docs/main.tf#223) - resource.azurerm_private_endpoint.key_vault (/terraform-docs/main.tf#264) -- resource.azurerm_role_assignment.aks_network_contributor (/terraform-docs/main.tf#745) +- resource.azurerm_role_assignment.aks_network_contributor (/terraform-docs/main.tf#746) - resource.azurerm_role_assignment.key_vault_secret_officer__current (/terraform-docs/main.tf#295) - resource.azurerm_role_assignment.key_vault_secret_user__aks (/terraform-docs/main.tf#287) - resource.azurerm_role_assignment.storage_container_models__data_contributor (/terraform-docs/main.tf#636) @@ -241,9 +242,9 @@ You can find examples of code that uses this Terraform module in the [examples]( - resource.azurerm_subnet.private_endpints (/terraform-docs/main.tf#170) - resource.azurerm_virtual_network.main (/terraform-docs/main.tf#144) - resource.random_password.postgres_server_admin_password (/terraform-docs/main.tf#369) -- resource.time_sleep.wait_aks_creation (/terraform-docs/main.tf#732) +- resource.time_sleep.wait_aks_creation (/terraform-docs/main.tf#733) - resource.tls_private_key.aks (/terraform-docs/main.tf#646) -- resource.tls_private_key.jwt_signing_key (/terraform-docs/main.tf#789) +- resource.tls_private_key.jwt_signing_key (/terraform-docs/main.tf#790) - data source.azuread_user.aks_admins (/terraform-docs/main.tf#96) - data source.azurerm_client_config.current (/terraform-docs/main.tf#88) - data source.azurerm_private_dns_zone.flexible_postgres (/terraform-docs/main.tf#129) diff --git a/main.tf b/main.tf index 8ec0dae..cf25bd4 100644 --- a/main.tf +++ b/main.tf @@ -688,8 +688,9 @@ module "aks" { local_account_disabled = true private_cluster_enabled = false - log_analytics_workspace = var.aks_log_analytics_workspace - log_analytics_solution = var.aks_log_analytics_solution + log_analytics_workspace = var.aks_log_analytics_workspace + log_analytics_workspace_enabled = var.aks_log_analytics_workspace_enabled + log_analytics_solution = var.aks_log_analytics_solution temporary_name_for_rotation = "systemback" diff --git a/variables.tf b/variables.tf index 62272c6..f2ddba6 100644 --- a/variables.tf +++ b/variables.tf @@ -406,8 +406,13 @@ variable "aks_net_profile_dns_service_ip" { description = " IP address within the Kubernetes service address range that is used by cluster service discovery (kube-dns). Must be inluced in net_profile_cidr. Example: 10.32.0.10" default = "10.32.0.10" } +variable "aks_log_analytics_workspace_enabled" { + description = "Enable the integration of azurerm_log_analytics_workspace and azurerm_log_analytics_solution." + type = bool + default = true +} variable "aks_log_analytics_workspace" { - description = " Existing azurerm_log_analytics_workspace to attach azurerm_log_analytics_solution. Providing the config disables creation of azurerm_log_analytics_workspace." + description = "Existing azurerm_log_analytics_workspace to attach azurerm_log_analytics_solution. Providing the config disables creation of azurerm_log_analytics_workspace." type = object({ id = string name = string @@ -417,7 +422,7 @@ variable "aks_log_analytics_workspace" { default = null } variable "aks_log_analytics_solution" { - description = " Existing azurerm_log_analytics_solution to be attached to the azurerm_log_analytics_workspace. Providing the config disables creation of azurerm_log_analytics_solution." + description = "Existing azurerm_log_analytics_solution to be attached to the azurerm_log_analytics_workspace. Providing the config disables creation of azurerm_log_analytics_solution." type = object({ id = string name = string