Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix 301-service-fabric-apim #293

Closed
wants to merge 14 commits into from
Closed

Fix 301-service-fabric-apim #293

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
3a440e0
Fix 301-service-fabric-apim
neil-yechenwei Nov 15, 2023
3237add
update code
neil-yechenwei Nov 15, 2023
05e46ad
update code
neil-yechenwei Nov 15, 2023
06d7fb6
update code
neil-yechenwei Nov 15, 2023
7a76b3e
update code
neil-yechenwei Nov 15, 2023
99f16b1
update code
neil-yechenwei Nov 15, 2023
f2f2204
update code
neil-yechenwei Nov 15, 2023
5da2d39
update code
neil-yechenwei Nov 15, 2023
feb35de
update code
neil-yechenwei Nov 15, 2023
1f9606f
Merge remote-tracking branch 'upstream/master' into fixtfexampleservi…
neil-yechenwei Jan 5, 2024
1efb02b
update code
neil-yechenwei Jan 5, 2024
8272afa
Merge remote-tracking branch 'upstream/master' into fixtfexampleservi…
neil-yechenwei Jan 5, 2024
5bd06f3
try to fix example
lonegunmanb Jan 5, 2024
06b533d
Merge pull request #1 from lonegunmanb/fixtfexampleservicefabricapim
neil-yechenwei Jan 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 16 additions & 20 deletions quickstart/301-service-fabric-apim/apim.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,10 @@
resource "azurerm_api_management" "default" {
name = "${var.dns_prefix}-${var.name}-${var.environment}-apim"
location = "${azurerm_resource_group.default.location}"
resource_group_name = "${azurerm_resource_group.default.name}"
publisher_name = "${var.api_publisher_name}"
publisher_email = "${var.api_publisher_email}"

sku {
name = "Developer"
capacity = 1
}
location = azurerm_resource_group.default.location
resource_group_name = azurerm_resource_group.default.name
publisher_name = var.api_publisher_name
publisher_email = var.api_publisher_email
sku_name = "Developer_1"

# Ignore certificate changes in the future
lifecycle {
Expand All @@ -26,8 +22,8 @@ resource "azurerm_api_management" "default" {

resource "azurerm_api_management_api" "default" {
name = "demo"
resource_group_name = "${azurerm_resource_group.default.name}"
api_management_name = "${azurerm_api_management.default.name}"
resource_group_name = azurerm_resource_group.default.name
api_management_name = azurerm_api_management.default.name
revision = "1"
display_name = "Demo API"
path = ""
Expand All @@ -36,23 +32,23 @@ resource "azurerm_api_management_api" "default" {

resource "azurerm_api_management_backend" "sf" {
name = "service-fabric-backend"
resource_group_name = "${azurerm_resource_group.default.name}"
api_management_name = "${azurerm_api_management.default.name}"
resource_group_name = azurerm_resource_group.default.name
api_management_name = azurerm_api_management.default.name
protocol = "http"
url = "fabric:/fake/service"
resource_id = "${azurerm_service_fabric_cluster.default.management_endpoint}"
resource_id = azurerm_service_fabric_cluster.default.management_endpoint

service_fabric_cluster {
client_certificate_thumbprint = "${azurerm_key_vault_certificate.client.thumbprint}"
server_certificate_thumbprints = ["${azurerm_key_vault_certificate.cluster.thumbprint}"]
management_endpoints = ["${azurerm_service_fabric_cluster.default.management_endpoint}"]
max_partition_resolution_retries = 3
client_certificate_thumbprint = azurerm_key_vault_certificate.client.thumbprint
server_certificate_thumbprints = ["${azurerm_key_vault_certificate.cluster.thumbprint}"]
management_endpoints = ["${azurerm_service_fabric_cluster.default.management_endpoint}"]
max_partition_resolution_retries = 3
}
}

resource "azurerm_application_insights" "default" {
name = "${var.name}-${var.environment}-ai"
location = "West US 2"
resource_group_name = "${azurerm_resource_group.default.name}"
resource_group_name = azurerm_resource_group.default.name
application_type = "web"
}
}
43 changes: 22 additions & 21 deletions quickstart/301-service-fabric-apim/azuread.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,47 +1,54 @@
# Service Fabric Cluster
resource "azuread_application" "cluster" {
name = "${var.name}-cluster-${var.environment}"
display_name = "${var.name}-cluster-${var.environment}"
}

resource "azuread_service_principal" "cluster" {
application_id = "${azuread_application.cluster.application_id}"
}

resource "random_string" "cluster_password" {
length = 32
special = true
application_id = azuread_application.cluster.application_id
}

resource "azuread_service_principal_password" "cluster" {
service_principal_id = "${azuread_service_principal.cluster.id}"
value = "${random_string.cluster_password.result}"
service_principal_id = azuread_service_principal.cluster.id
end_date = "2099-01-01T01:00:00Z"
}

resource "random_uuid" "admin" {
}

resource "random_uuid" "reader" {
}

# Service Fabric Client
resource "azuread_application" "client" {
name = "${var.name}-client-${var.environment}"
reply_urls = ["https://${azurerm_public_ip.sf.fqdn}:19080/Explorer/index.html"]
display_name = "${var.name}-client-${var.environment}"

web {
redirect_uris = ["https://${azurerm_public_ip.sf.fqdn}:19080/Explorer/index.html"]
}

app_role {
id = random_uuid.admin.result

allowed_member_types = [
"User",
]

description = "Admins can manage roles and perform all task actions"
display_name = "Admin"
is_enabled = true
enabled = true
value = "Admin"
}

app_role {
id = random_uuid.reader.result

allowed_member_types = [
"User",
]

description = "ReadOnly roles have limited query access"
display_name = "ReadOnly"
is_enabled = true
enabled = true
value = "User"
}

Expand All @@ -57,16 +64,10 @@ resource "azuread_application" "client" {
}

resource "azuread_service_principal" "client" {
application_id = "${azuread_application.client.application_id}"
}

resource "random_string" "client_password" {
length = 32
special = true
application_id = azuread_application.client.application_id
}

resource "azuread_service_principal_password" "client" {
service_principal_id = "${azuread_service_principal.client.id}"
value = "${random_string.client_password.result}"
service_principal_id = azuread_service_principal.client.id
end_date = "2099-01-01T01:00:00Z"
}
88 changes: 44 additions & 44 deletions quickstart/301-service-fabric-apim/keyvault.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,67 +1,67 @@
resource "azurerm_key_vault" "cluster" {
name = "${var.dns_prefix}-${substr(var.name,0,12)}-${var.environment_short}-kv"
location = "${azurerm_resource_group.default.location}"
resource_group_name = "${azurerm_resource_group.default.name}"
tenant_id = "${data.azurerm_client_config.current.tenant_id}"
name = "${random_string.name_suffix.result}-kv"
location = azurerm_resource_group.default.location
resource_group_name = azurerm_resource_group.default.name
tenant_id = data.azurerm_client_config.current.tenant_id
enabled_for_deployment = true
enabled_for_disk_encryption = true
enabled_for_template_deployment = true
sku_name = "standard"

access_policy {
tenant_id = "${data.azurerm_subscription.current.tenant_id}"
object_id = "${var.client_object_id}"
tenant_id = data.azurerm_subscription.current.tenant_id
object_id = var.client_object_id

certificate_permissions = [
"create",
"delete",
"deleteissuers",
"get",
"getissuers",
"import",
"list",
"listissuers",
"managecontacts",
"manageissuers",
"setissuers",
"update",
"Create",
"Delete",
"DeleteIssuers",
"Get",
"GetIssuers",
"Import",
"List",
"ListIssuers",
"ManageContacts",
"ManageIssuers",
"SetIssuers",
"Update",
]

key_permissions = [
"backup",
"create",
"decrypt",
"delete",
"encrypt",
"get",
"import",
"list",
"purge",
"recover",
"restore",
"sign",
"unwrapKey",
"update",
"verify",
"wrapKey",
"Backup",
"Create",
"Decrypt",
"Delete",
"Encrypt",
"Get",
"Import",
"List",
"Purge",
"Recover",
"Restore",
"Sign",
"UnwrapKey",
"Update",
"Verify",
"WrapKey",
]

secret_permissions = [
"backup",
"delete",
"get",
"list",
"purge",
"recover",
"restore",
"set",
"Backup",
"Delete",
"Get",
"List",
"Purge",
"Recover",
"Restore",
"Set",
]
}
}

resource "azurerm_key_vault_certificate" "cluster" {
name = "service-fabric-cluster"
key_vault_id = "${azurerm_key_vault.cluster.id}"
key_vault_id = azurerm_key_vault.cluster.id

certificate_policy {
issuer_parameters {
Expand Down Expand Up @@ -115,7 +115,7 @@ resource "azurerm_key_vault_certificate" "cluster" {

resource "azurerm_key_vault_certificate" "client" {
name = "service-fabric-client"
key_vault_id = "${azurerm_key_vault.cluster.id}"
key_vault_id = azurerm_key_vault.cluster.id

certificate_policy {
issuer_parameters {
Expand Down
9 changes: 8 additions & 1 deletion quickstart/301-service-fabric-apim/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,5 +8,12 @@ provider "azurerm" {

resource "azurerm_resource_group" "default" {
name = "${var.name}-${var.environment}-rg"
location = "${var.location}"
location = var.location
}

resource "random_string" "name_suffix" {
length = 8
lower = true
upper = true
special = false
}
Loading
Loading