Skip to content

Commit

Permalink
feat: allow override key vault name
Browse files Browse the repository at this point in the history
  • Loading branch information
Telemaco019 committed Dec 10, 2024
1 parent df74439 commit 8cf6434
Show file tree
Hide file tree
Showing 3 changed files with 64 additions and 55 deletions.
109 changes: 55 additions & 54 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -162,6 +162,7 @@ You can find examples of code that uses this Terraform module in the [examples](
| <a name="input_azure_openai_deployment_gpt4o_mini"></a> [azure\_openai\_deployment\_gpt4o\_mini](#input\_azure\_openai\_deployment\_gpt4o\_mini) | n/a | <pre>object({<br/> name : optional(string, "gpt-4o-mini")<br/> version : optional(string, "2024-07-18")<br/> rate_limit : optional(number, 80)<br/> enabled : optional(bool, true)<br/> })</pre> | `{}` | no |
| <a name="input_azure_openai_location"></a> [azure\_openai\_location](#input\_azure\_openai\_location) | The Azure region where to deploy the Azure OpenAI models. <br/> Note that the models required by Nebuly are supported only in few specific regions. For more information, you can refer to Azure documentation:<br/> https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models#standard-deployment-model-availability | `string` | `"EastUS"` | no |
| <a name="input_k8s_image_pull_secret_name"></a> [k8s\_image\_pull\_secret\_name](#input\_k8s\_image\_pull\_secret\_name) | The name of the Kubernetes Image Pull Secret to use. <br/> This value will be used to auto-generate the values.yaml file for installing the Nebuly Platform Helm chart. | `string` | `"nebuly-docker-pull"` | no |
| <a name="input_key_vault_override_name"></a> [key\_vault\_override\_name](#input\_key\_vault\_override\_name) | Override the name of the Key Vault. If not provided, the name is generated based on the resource\_prefix. | `string` | `null` | no |
| <a name="input_key_vault_public_network_access_enabled"></a> [key\_vault\_public\_network\_access\_enabled](#input\_key\_vault\_public\_network\_access\_enabled) | Can the Key Vault be accessed from the Internet, according to the firewall rules?<br/> Default to true to to allow the Terraform module to be executed even outside the private virtual network. <br/> When set to true, firewall rules are applied, and all connections are denied by default. | `bool` | `true` | no |
| <a name="input_key_vault_purge_protection_enabled"></a> [key\_vault\_purge\_protection\_enabled](#input\_key\_vault\_purge\_protection\_enabled) | Is purge protection enabled for the Key Vault? | `bool` | `false` | no |
| <a name="input_key_vault_sku_name"></a> [key\_vault\_sku\_name](#input\_key\_vault\_sku\_name) | The SKU of the Key Vault. | `string` | `"Standard"` | no |
Expand Down Expand Up @@ -200,57 +201,57 @@ You can find examples of code that uses this Terraform module in the [examples](
## Resources


- resource.azuread_application.main (/terraform-docs/main.tf#309)
- resource.azuread_group.aks_admins (/terraform-docs/main.tf#654)
- resource.azuread_group_member.aks_admin_users (/terraform-docs/main.tf#662)
- resource.azuread_service_principal.main (/terraform-docs/main.tf#319)
- resource.azuread_service_principal_password.main (/terraform-docs/main.tf#324)
- resource.azurerm_cognitive_account.main (/terraform-docs/main.tf#535)
- resource.azurerm_cognitive_deployment.gpt_4o (/terraform-docs/main.tf#555)
- resource.azurerm_cognitive_deployment.gpt_4o_mini (/terraform-docs/main.tf#572)
- resource.azurerm_key_vault.main (/terraform-docs/main.tf#242)
- resource.azurerm_key_vault_secret.azure_openai_api_key (/terraform-docs/main.tf#589)
- resource.azurerm_key_vault_secret.azuread_application_client_id (/terraform-docs/main.tf#328)
- resource.azurerm_key_vault_secret.azuread_application_client_secret (/terraform-docs/main.tf#337)
- resource.azurerm_key_vault_secret.jwt_signing_key (/terraform-docs/main.tf#798)
- resource.azurerm_key_vault_secret.nebuly_azure_client_id (/terraform-docs/main.tf#350)
- resource.azurerm_key_vault_secret.nebuly_azure_client_secret (/terraform-docs/main.tf#359)
- resource.azurerm_key_vault_secret.okta_sso_client_id (/terraform-docs/main.tf#810)
- resource.azurerm_key_vault_secret.okta_sso_client_secret (/terraform-docs/main.tf#821)
- resource.azurerm_key_vault_secret.postgres_password (/terraform-docs/main.tf#514)
- resource.azurerm_key_vault_secret.postgres_user (/terraform-docs/main.tf#505)
- resource.azurerm_kubernetes_cluster_node_pool.linux_pools (/terraform-docs/main.tf#755)
- resource.azurerm_management_lock.postgres_server (/terraform-docs/main.tf#448)
- resource.azurerm_monitor_metric_alert.postgres_server_alerts (/terraform-docs/main.tf#456)
- resource.azurerm_postgresql_flexible_server.main (/terraform-docs/main.tf#378)
- resource.azurerm_postgresql_flexible_server_configuration.mandatory_configurations (/terraform-docs/main.tf#429)
- resource.azurerm_postgresql_flexible_server_configuration.optional_configurations (/terraform-docs/main.tf#422)
- resource.azurerm_postgresql_flexible_server_database.analytics (/terraform-docs/main.tf#442)
- resource.azurerm_postgresql_flexible_server_database.auth (/terraform-docs/main.tf#436)
- resource.azurerm_private_dns_zone.flexible_postgres (/terraform-docs/main.tf#204)
- resource.azurerm_private_dns_zone.key_vault (/terraform-docs/main.tf#222)
- resource.azurerm_private_dns_zone_virtual_network_link.flexible_postgres (/terraform-docs/main.tf#210)
- resource.azurerm_private_dns_zone_virtual_network_link.key_vault (/terraform-docs/main.tf#227)
- resource.azurerm_private_endpoint.key_vault (/terraform-docs/main.tf#268)
- resource.azurerm_role_assignment.aks_network_contributor (/terraform-docs/main.tf#750)
- resource.azurerm_role_assignment.key_vault_secret_officer__current (/terraform-docs/main.tf#299)
- resource.azurerm_role_assignment.key_vault_secret_user__aks (/terraform-docs/main.tf#291)
- resource.azurerm_role_assignment.storage_container_models__data_contributor (/terraform-docs/main.tf#640)
- resource.azurerm_storage_account.main (/terraform-docs/main.tf#616)
- resource.azurerm_storage_container.models (/terraform-docs/main.tf#636)
- resource.azurerm_subnet.aks_nodes (/terraform-docs/main.tf#160)
- resource.azurerm_subnet.flexible_postgres (/terraform-docs/main.tf#182)
- resource.azurerm_subnet.private_endpints (/terraform-docs/main.tf#174)
- resource.azurerm_virtual_network.main (/terraform-docs/main.tf#148)
- resource.random_password.postgres_server_admin_password (/terraform-docs/main.tf#373)
- resource.time_sleep.wait_aks_creation (/terraform-docs/main.tf#737)
- resource.tls_private_key.aks (/terraform-docs/main.tf#650)
- resource.tls_private_key.jwt_signing_key (/terraform-docs/main.tf#794)
- data source.azuread_user.aks_admins (/terraform-docs/main.tf#100)
- data source.azurerm_client_config.current (/terraform-docs/main.tf#92)
- data source.azurerm_private_dns_zone.flexible_postgres (/terraform-docs/main.tf#133)
- data source.azurerm_private_dns_zone.key_vault (/terraform-docs/main.tf#139)
- data source.azurerm_resource_group.main (/terraform-docs/main.tf#89)
- data source.azurerm_subnet.aks_nodes (/terraform-docs/main.tf#105)
- data source.azurerm_subnet.flexible_postgres (/terraform-docs/main.tf#119)
- data source.azurerm_virtual_network.main (/terraform-docs/main.tf#94)
- resource.azuread_application.main (/terraform-docs/main.tf#312)
- resource.azuread_group.aks_admins (/terraform-docs/main.tf#657)
- resource.azuread_group_member.aks_admin_users (/terraform-docs/main.tf#665)
- resource.azuread_service_principal.main (/terraform-docs/main.tf#322)
- resource.azuread_service_principal_password.main (/terraform-docs/main.tf#327)
- resource.azurerm_cognitive_account.main (/terraform-docs/main.tf#538)
- resource.azurerm_cognitive_deployment.gpt_4o (/terraform-docs/main.tf#558)
- resource.azurerm_cognitive_deployment.gpt_4o_mini (/terraform-docs/main.tf#575)
- resource.azurerm_key_vault.main (/terraform-docs/main.tf#245)
- resource.azurerm_key_vault_secret.azure_openai_api_key (/terraform-docs/main.tf#592)
- resource.azurerm_key_vault_secret.azuread_application_client_id (/terraform-docs/main.tf#331)
- resource.azurerm_key_vault_secret.azuread_application_client_secret (/terraform-docs/main.tf#340)
- resource.azurerm_key_vault_secret.jwt_signing_key (/terraform-docs/main.tf#801)
- resource.azurerm_key_vault_secret.nebuly_azure_client_id (/terraform-docs/main.tf#353)
- resource.azurerm_key_vault_secret.nebuly_azure_client_secret (/terraform-docs/main.tf#362)
- resource.azurerm_key_vault_secret.okta_sso_client_id (/terraform-docs/main.tf#813)
- resource.azurerm_key_vault_secret.okta_sso_client_secret (/terraform-docs/main.tf#824)
- resource.azurerm_key_vault_secret.postgres_password (/terraform-docs/main.tf#517)
- resource.azurerm_key_vault_secret.postgres_user (/terraform-docs/main.tf#508)
- resource.azurerm_kubernetes_cluster_node_pool.linux_pools (/terraform-docs/main.tf#758)
- resource.azurerm_management_lock.postgres_server (/terraform-docs/main.tf#451)
- resource.azurerm_monitor_metric_alert.postgres_server_alerts (/terraform-docs/main.tf#459)
- resource.azurerm_postgresql_flexible_server.main (/terraform-docs/main.tf#381)
- resource.azurerm_postgresql_flexible_server_configuration.mandatory_configurations (/terraform-docs/main.tf#432)
- resource.azurerm_postgresql_flexible_server_configuration.optional_configurations (/terraform-docs/main.tf#425)
- resource.azurerm_postgresql_flexible_server_database.analytics (/terraform-docs/main.tf#445)
- resource.azurerm_postgresql_flexible_server_database.auth (/terraform-docs/main.tf#439)
- resource.azurerm_private_dns_zone.flexible_postgres (/terraform-docs/main.tf#207)
- resource.azurerm_private_dns_zone.key_vault (/terraform-docs/main.tf#225)
- resource.azurerm_private_dns_zone_virtual_network_link.flexible_postgres (/terraform-docs/main.tf#213)
- resource.azurerm_private_dns_zone_virtual_network_link.key_vault (/terraform-docs/main.tf#230)
- resource.azurerm_private_endpoint.key_vault (/terraform-docs/main.tf#271)
- resource.azurerm_role_assignment.aks_network_contributor (/terraform-docs/main.tf#753)
- resource.azurerm_role_assignment.key_vault_secret_officer__current (/terraform-docs/main.tf#302)
- resource.azurerm_role_assignment.key_vault_secret_user__aks (/terraform-docs/main.tf#294)
- resource.azurerm_role_assignment.storage_container_models__data_contributor (/terraform-docs/main.tf#643)
- resource.azurerm_storage_account.main (/terraform-docs/main.tf#619)
- resource.azurerm_storage_container.models (/terraform-docs/main.tf#639)
- resource.azurerm_subnet.aks_nodes (/terraform-docs/main.tf#163)
- resource.azurerm_subnet.flexible_postgres (/terraform-docs/main.tf#185)
- resource.azurerm_subnet.private_endpints (/terraform-docs/main.tf#177)
- resource.azurerm_virtual_network.main (/terraform-docs/main.tf#151)
- resource.random_password.postgres_server_admin_password (/terraform-docs/main.tf#376)
- resource.time_sleep.wait_aks_creation (/terraform-docs/main.tf#740)
- resource.tls_private_key.aks (/terraform-docs/main.tf#653)
- resource.tls_private_key.jwt_signing_key (/terraform-docs/main.tf#797)
- data source.azuread_user.aks_admins (/terraform-docs/main.tf#103)
- data source.azurerm_client_config.current (/terraform-docs/main.tf#95)
- data source.azurerm_private_dns_zone.flexible_postgres (/terraform-docs/main.tf#136)
- data source.azurerm_private_dns_zone.key_vault (/terraform-docs/main.tf#142)
- data source.azurerm_resource_group.main (/terraform-docs/main.tf#92)
- data source.azurerm_subnet.aks_nodes (/terraform-docs/main.tf#108)
- data source.azurerm_subnet.flexible_postgres (/terraform-docs/main.tf#122)
- data source.azurerm_virtual_network.main (/terraform-docs/main.tf#97)
5 changes: 4 additions & 1 deletion main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -54,11 +54,14 @@ locals {
"shared_preload_libraries" : "pgaudit",
}

key_vault_name = (
key_vault_generated_name = (
var.resource_suffix == null ?
format("%snebulykv", var.resource_prefix) :
format("%snebulykv%s", var.resource_prefix, var.resource_suffix)
)
key_vault_name = (
var.key_vault_override_name == null ? local.key_vault_generated_name : var.key_vault_override_name
)

use_existing_virtual_network = var.virtual_network != null
use_existing_aks_nodes_subnet = var.subnet_name_aks_nodes != null
Expand Down
5 changes: 5 additions & 0 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -184,6 +184,11 @@ variable "postgres_version" {


# ------ Key Vault ------ #
variable "key_vault_override_name" {
type = string
default = null
description = "Override the name of the Key Vault. If not provided, the name is generated based on the resource_prefix."
}
variable "key_vault_sku_name" {
type = string
default = "Standard"
Expand Down

0 comments on commit 8cf6434

Please sign in to comment.