diff --git a/README.md b/README.md index 434e0f0..5678584 100644 --- a/README.md +++ b/README.md @@ -162,6 +162,7 @@ You can find examples of code that uses this Terraform module in the [examples]( | [azure\_openai\_deployment\_gpt4o\_mini](#input\_azure\_openai\_deployment\_gpt4o\_mini) | n/a |
object({
name : optional(string, "gpt-4o-mini")
version : optional(string, "2024-07-18")
rate_limit : optional(number, 80)
enabled : optional(bool, true)
})
| `{}` | no | | [azure\_openai\_location](#input\_azure\_openai\_location) | The Azure region where to deploy the Azure OpenAI models.
Note that the models required by Nebuly are supported only in few specific regions. For more information, you can refer to Azure documentation:
https://learn.microsoft.com/en-us/azure/ai-services/openai/concepts/models#standard-deployment-model-availability | `string` | `"EastUS"` | no | | [k8s\_image\_pull\_secret\_name](#input\_k8s\_image\_pull\_secret\_name) | The name of the Kubernetes Image Pull Secret to use.
This value will be used to auto-generate the values.yaml file for installing the Nebuly Platform Helm chart. | `string` | `"nebuly-docker-pull"` | no | +| [key\_vault\_override\_name](#input\_key\_vault\_override\_name) | Override the name of the Key Vault. If not provided, the name is generated based on the resource\_prefix. | `string` | `null` | no | | [key\_vault\_public\_network\_access\_enabled](#input\_key\_vault\_public\_network\_access\_enabled) | Can the Key Vault be accessed from the Internet, according to the firewall rules?
Default to true to to allow the Terraform module to be executed even outside the private virtual network.
When set to true, firewall rules are applied, and all connections are denied by default. | `bool` | `true` | no | | [key\_vault\_purge\_protection\_enabled](#input\_key\_vault\_purge\_protection\_enabled) | Is purge protection enabled for the Key Vault? | `bool` | `false` | no | | [key\_vault\_sku\_name](#input\_key\_vault\_sku\_name) | The SKU of the Key Vault. | `string` | `"Standard"` | no | @@ -200,57 +201,57 @@ You can find examples of code that uses this Terraform module in the [examples]( ## Resources -- resource.azuread_application.main (/terraform-docs/main.tf#309) -- resource.azuread_group.aks_admins (/terraform-docs/main.tf#654) -- resource.azuread_group_member.aks_admin_users (/terraform-docs/main.tf#662) -- resource.azuread_service_principal.main (/terraform-docs/main.tf#319) -- resource.azuread_service_principal_password.main (/terraform-docs/main.tf#324) -- resource.azurerm_cognitive_account.main (/terraform-docs/main.tf#535) -- resource.azurerm_cognitive_deployment.gpt_4o (/terraform-docs/main.tf#555) -- resource.azurerm_cognitive_deployment.gpt_4o_mini (/terraform-docs/main.tf#572) -- resource.azurerm_key_vault.main (/terraform-docs/main.tf#242) -- resource.azurerm_key_vault_secret.azure_openai_api_key (/terraform-docs/main.tf#589) -- resource.azurerm_key_vault_secret.azuread_application_client_id (/terraform-docs/main.tf#328) -- resource.azurerm_key_vault_secret.azuread_application_client_secret (/terraform-docs/main.tf#337) -- resource.azurerm_key_vault_secret.jwt_signing_key (/terraform-docs/main.tf#798) -- resource.azurerm_key_vault_secret.nebuly_azure_client_id (/terraform-docs/main.tf#350) -- resource.azurerm_key_vault_secret.nebuly_azure_client_secret (/terraform-docs/main.tf#359) -- resource.azurerm_key_vault_secret.okta_sso_client_id (/terraform-docs/main.tf#810) -- resource.azurerm_key_vault_secret.okta_sso_client_secret (/terraform-docs/main.tf#821) -- resource.azurerm_key_vault_secret.postgres_password (/terraform-docs/main.tf#514) -- resource.azurerm_key_vault_secret.postgres_user (/terraform-docs/main.tf#505) -- resource.azurerm_kubernetes_cluster_node_pool.linux_pools (/terraform-docs/main.tf#755) -- resource.azurerm_management_lock.postgres_server (/terraform-docs/main.tf#448) -- resource.azurerm_monitor_metric_alert.postgres_server_alerts (/terraform-docs/main.tf#456) -- resource.azurerm_postgresql_flexible_server.main (/terraform-docs/main.tf#378) -- resource.azurerm_postgresql_flexible_server_configuration.mandatory_configurations (/terraform-docs/main.tf#429) -- resource.azurerm_postgresql_flexible_server_configuration.optional_configurations (/terraform-docs/main.tf#422) -- resource.azurerm_postgresql_flexible_server_database.analytics (/terraform-docs/main.tf#442) -- resource.azurerm_postgresql_flexible_server_database.auth (/terraform-docs/main.tf#436) -- resource.azurerm_private_dns_zone.flexible_postgres (/terraform-docs/main.tf#204) -- resource.azurerm_private_dns_zone.key_vault (/terraform-docs/main.tf#222) -- resource.azurerm_private_dns_zone_virtual_network_link.flexible_postgres (/terraform-docs/main.tf#210) -- resource.azurerm_private_dns_zone_virtual_network_link.key_vault (/terraform-docs/main.tf#227) -- resource.azurerm_private_endpoint.key_vault (/terraform-docs/main.tf#268) -- resource.azurerm_role_assignment.aks_network_contributor (/terraform-docs/main.tf#750) -- resource.azurerm_role_assignment.key_vault_secret_officer__current (/terraform-docs/main.tf#299) -- resource.azurerm_role_assignment.key_vault_secret_user__aks (/terraform-docs/main.tf#291) -- resource.azurerm_role_assignment.storage_container_models__data_contributor (/terraform-docs/main.tf#640) -- resource.azurerm_storage_account.main (/terraform-docs/main.tf#616) -- resource.azurerm_storage_container.models (/terraform-docs/main.tf#636) -- resource.azurerm_subnet.aks_nodes (/terraform-docs/main.tf#160) -- resource.azurerm_subnet.flexible_postgres (/terraform-docs/main.tf#182) -- resource.azurerm_subnet.private_endpints (/terraform-docs/main.tf#174) -- resource.azurerm_virtual_network.main (/terraform-docs/main.tf#148) -- resource.random_password.postgres_server_admin_password (/terraform-docs/main.tf#373) -- resource.time_sleep.wait_aks_creation (/terraform-docs/main.tf#737) -- resource.tls_private_key.aks (/terraform-docs/main.tf#650) -- resource.tls_private_key.jwt_signing_key (/terraform-docs/main.tf#794) -- data source.azuread_user.aks_admins (/terraform-docs/main.tf#100) -- data source.azurerm_client_config.current (/terraform-docs/main.tf#92) -- data source.azurerm_private_dns_zone.flexible_postgres (/terraform-docs/main.tf#133) -- data source.azurerm_private_dns_zone.key_vault (/terraform-docs/main.tf#139) -- data source.azurerm_resource_group.main (/terraform-docs/main.tf#89) -- data source.azurerm_subnet.aks_nodes (/terraform-docs/main.tf#105) -- data source.azurerm_subnet.flexible_postgres (/terraform-docs/main.tf#119) -- data source.azurerm_virtual_network.main (/terraform-docs/main.tf#94) +- resource.azuread_application.main (/terraform-docs/main.tf#312) +- resource.azuread_group.aks_admins (/terraform-docs/main.tf#657) +- resource.azuread_group_member.aks_admin_users (/terraform-docs/main.tf#665) +- resource.azuread_service_principal.main (/terraform-docs/main.tf#322) +- resource.azuread_service_principal_password.main (/terraform-docs/main.tf#327) +- resource.azurerm_cognitive_account.main (/terraform-docs/main.tf#538) +- resource.azurerm_cognitive_deployment.gpt_4o (/terraform-docs/main.tf#558) +- resource.azurerm_cognitive_deployment.gpt_4o_mini (/terraform-docs/main.tf#575) +- resource.azurerm_key_vault.main (/terraform-docs/main.tf#245) +- resource.azurerm_key_vault_secret.azure_openai_api_key (/terraform-docs/main.tf#592) +- resource.azurerm_key_vault_secret.azuread_application_client_id (/terraform-docs/main.tf#331) +- resource.azurerm_key_vault_secret.azuread_application_client_secret (/terraform-docs/main.tf#340) +- resource.azurerm_key_vault_secret.jwt_signing_key (/terraform-docs/main.tf#801) +- resource.azurerm_key_vault_secret.nebuly_azure_client_id (/terraform-docs/main.tf#353) +- resource.azurerm_key_vault_secret.nebuly_azure_client_secret (/terraform-docs/main.tf#362) +- resource.azurerm_key_vault_secret.okta_sso_client_id (/terraform-docs/main.tf#813) +- resource.azurerm_key_vault_secret.okta_sso_client_secret (/terraform-docs/main.tf#824) +- resource.azurerm_key_vault_secret.postgres_password (/terraform-docs/main.tf#517) +- resource.azurerm_key_vault_secret.postgres_user (/terraform-docs/main.tf#508) +- resource.azurerm_kubernetes_cluster_node_pool.linux_pools (/terraform-docs/main.tf#758) +- resource.azurerm_management_lock.postgres_server (/terraform-docs/main.tf#451) +- resource.azurerm_monitor_metric_alert.postgres_server_alerts (/terraform-docs/main.tf#459) +- resource.azurerm_postgresql_flexible_server.main (/terraform-docs/main.tf#381) +- resource.azurerm_postgresql_flexible_server_configuration.mandatory_configurations (/terraform-docs/main.tf#432) +- resource.azurerm_postgresql_flexible_server_configuration.optional_configurations (/terraform-docs/main.tf#425) +- resource.azurerm_postgresql_flexible_server_database.analytics (/terraform-docs/main.tf#445) +- resource.azurerm_postgresql_flexible_server_database.auth (/terraform-docs/main.tf#439) +- resource.azurerm_private_dns_zone.flexible_postgres (/terraform-docs/main.tf#207) +- resource.azurerm_private_dns_zone.key_vault (/terraform-docs/main.tf#225) +- resource.azurerm_private_dns_zone_virtual_network_link.flexible_postgres (/terraform-docs/main.tf#213) +- resource.azurerm_private_dns_zone_virtual_network_link.key_vault (/terraform-docs/main.tf#230) +- resource.azurerm_private_endpoint.key_vault (/terraform-docs/main.tf#271) +- resource.azurerm_role_assignment.aks_network_contributor (/terraform-docs/main.tf#753) +- resource.azurerm_role_assignment.key_vault_secret_officer__current (/terraform-docs/main.tf#302) +- resource.azurerm_role_assignment.key_vault_secret_user__aks (/terraform-docs/main.tf#294) +- resource.azurerm_role_assignment.storage_container_models__data_contributor (/terraform-docs/main.tf#643) +- resource.azurerm_storage_account.main (/terraform-docs/main.tf#619) +- resource.azurerm_storage_container.models (/terraform-docs/main.tf#639) +- resource.azurerm_subnet.aks_nodes (/terraform-docs/main.tf#163) +- resource.azurerm_subnet.flexible_postgres (/terraform-docs/main.tf#185) +- resource.azurerm_subnet.private_endpints (/terraform-docs/main.tf#177) +- resource.azurerm_virtual_network.main (/terraform-docs/main.tf#151) +- resource.random_password.postgres_server_admin_password (/terraform-docs/main.tf#376) +- resource.time_sleep.wait_aks_creation (/terraform-docs/main.tf#740) +- resource.tls_private_key.aks (/terraform-docs/main.tf#653) +- resource.tls_private_key.jwt_signing_key (/terraform-docs/main.tf#797) +- data source.azuread_user.aks_admins (/terraform-docs/main.tf#103) +- data source.azurerm_client_config.current (/terraform-docs/main.tf#95) +- data source.azurerm_private_dns_zone.flexible_postgres (/terraform-docs/main.tf#136) +- data source.azurerm_private_dns_zone.key_vault (/terraform-docs/main.tf#142) +- data source.azurerm_resource_group.main (/terraform-docs/main.tf#92) +- data source.azurerm_subnet.aks_nodes (/terraform-docs/main.tf#108) +- data source.azurerm_subnet.flexible_postgres (/terraform-docs/main.tf#122) +- data source.azurerm_virtual_network.main (/terraform-docs/main.tf#97) diff --git a/main.tf b/main.tf index 399c9f5..afa333f 100644 --- a/main.tf +++ b/main.tf @@ -54,11 +54,14 @@ locals { "shared_preload_libraries" : "pgaudit", } - key_vault_name = ( + key_vault_generated_name = ( var.resource_suffix == null ? format("%snebulykv", var.resource_prefix) : format("%snebulykv%s", var.resource_prefix, var.resource_suffix) ) + key_vault_name = ( + var.key_vault_override_name == null ? local.key_vault_generated_name : var.key_vault_override_name + ) use_existing_virtual_network = var.virtual_network != null use_existing_aks_nodes_subnet = var.subnet_name_aks_nodes != null diff --git a/variables.tf b/variables.tf index 5977dd1..77db51e 100644 --- a/variables.tf +++ b/variables.tf @@ -184,6 +184,11 @@ variable "postgres_version" { # ------ Key Vault ------ # +variable "key_vault_override_name" { + type = string + default = null + description = "Override the name of the Key Vault. If not provided, the name is generated based on the resource_prefix." +} variable "key_vault_sku_name" { type = string default = "Standard"