infra - open framework

Author: brown9804

.gitignore

@@ -4,6 +4,7 @@
 # .tfstate files
 *.tfstate
 *.tfstate.*
+.terraform.lock.hcl
 
 # Crash log files
 crash.log
@@ -13,7 +14,6 @@ crash.*.log
 # password, private keys, and other secrets. These should not be part of version 
 # control as they are data points which are potentially sensitive and subject 
 # to change depending on the environment.
-*.tfvars
 *.tfvars.json
 
 # Ignore override files as they are usually used to override resources locally and so

terraform-infrastructure/main.tf

@@ -0,0 +1,158 @@
+# Resource Group
+resource "azurerm_resource_group" "rg" {
+  name     = var.resource_group_name
+  location = var.location
+
+  # Output the resource group name
+  provisioner "local-exec" {
+    command = "echo Resource Group: ${self.name}"
+  }
+}
+# Storage Account
+resource "azurerm_storage_account" "storage" {
+  name                     = var.storage_account_name
+  resource_group_name      = azurerm_resource_group.rg.name
+  location                 = azurerm_resource_group.rg.location
+  account_tier             = "Standard"
+  account_replication_type = "LRS"
+
+  depends_on = [azurerm_resource_group.rg]
+
+  # Output the storage account name
+  provisioner "local-exec" {
+    command = "echo Storage Account: ${self.name}"
+  }
+}
+
+# Blob Container for Input Files
+resource "azurerm_storage_container" "input_container" {
+  name                  = "input"
+  storage_account_id    = azurerm_storage_account.storage.id
+  container_access_type = "private"
+
+  depends_on = [azurerm_storage_account.storage]
+
+  # Output the container name
+  provisioner "local-exec" {
+    command = "echo Input Container: ${self.name}"
+  }
+}
+
+# Blob Container for Output Files
+resource "azurerm_storage_container" "output_container" {
+  name                  = "output"
+  storage_account_id    = azurerm_storage_account.storage.id
+  container_access_type = "private"
+
+  depends_on = [azurerm_storage_account.storage]
+
+  # Output the container name
+  provisioner "local-exec" {
+    command = "echo Output Container: ${self.name}"
+  }
+}
+
+# Linux Function App
+resource "azurerm_linux_function_app" "function_app" {
+  name                       = var.function_app_name
+  location                   = azurerm_resource_group.rg.location
+  resource_group_name        = azurerm_resource_group.rg.name
+  service_plan_id            = azurerm_service_plan.asp.id
+  storage_account_name       = azurerm_storage_account.storage.name
+  storage_account_access_key = azurerm_storage_account.storage.primary_access_key
+
+  site_config {
+    # Other configurations can go here
+  }
+
+  depends_on = [azurerm_service_plan.asp]
+
+  provisioner "local-exec" {
+    command = "echo Function App: ${self.name}"
+  }
+}
+
+
+# Service Plan
+resource "azurerm_service_plan" "asp" {
+  name                = var.app_service_plan_name
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+  os_type             = "Linux"
+  sku_name            = "Y1" # Consumption plan
+
+  depends_on = [azurerm_resource_group.rg]
+
+  # Output the service plan name
+  provisioner "local-exec" {
+    command = "echo Service Plan: ${self.name}"
+  }
+}
+
+# Application Insights
+resource "azurerm_application_insights" "appinsights" {
+  name                = var.app_insights_name
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+  application_type    = "web"
+  workspace_id        = azurerm_log_analytics_workspace.loganalytics.id
+
+  depends_on = [azurerm_resource_group.rg]
+
+  provisioner "local-exec" {
+    command = "echo Application Insights: ${self.name}"
+  }
+}
+
+# Log Analytics Workspace
+resource "azurerm_log_analytics_workspace" "loganalytics" {
+  name                = var.log_analytics_workspace_name
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+  sku                 = "PerGB2018"
+
+  depends_on = [azurerm_resource_group.rg]
+
+  # Output the log analytics workspace name
+  provisioner "local-exec" {
+    command = "echo Log Analytics Workspace: ${self.name}"
+  }
+}
+
+# Key Vault
+resource "azurerm_key_vault" "keyvault" {
+  name                = var.key_vault_name
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+  tenant_id           = data.azurerm_client_config.current.tenant_id
+  sku_name            = "standard"
+
+  depends_on = [azurerm_resource_group.rg]
+
+  # Output the key vault name
+  provisioner "local-exec" {
+    command = "echo Key Vault: ${self.name}"
+  }
+}
+
+# Data source to get tenant ID
+data "azurerm_client_config" "current" {}
+
+# CosmosDB
+resource "azurerm_cosmosdb_account" "cosmosdb" {
+  name                = var.cosmosdb_account_name
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+  offer_type          = "Standard"
+  kind                = "GlobalDocumentDB"
+  consistency_policy {
+    consistency_level = "Session"
+  }
+
+  geo_location {
+    location          = azurerm_resource_group.rg.location
+    failover_priority = 0
+  }
+
+  depends_on = [azurerm_resource_group.rg]
+}

terraform-infrastructure/outputs.tf

@@ -0,0 +1,50 @@
+output "resource_group_name" {
+  description = "The name of the resource group."
+  value       = azurerm_resource_group.rg.name
+}
+
+output "storage_account_name" {
+  description = "The name of the storage account"
+  value       = azurerm_storage_account.storage.name
+}
+
+output "input_container_name" {
+  description = "The name of the input container"
+  value       = azurerm_storage_container.input_container.name
+}
+
+output "output_container_name" {
+  description = "The name of the output container"
+  value       = azurerm_storage_container.output_container.name
+}
+
+output "function_app_name" {
+  description = "The name of the Linux Function App."
+  value       = azurerm_linux_function_app.function_app.name
+}
+
+output "app_service_plan_name" {
+  description = "The name of the Service Plan"
+  value       = azurerm_service_plan.asp.name
+}
+
+output "app_insights_name" {
+  description = "The name of the Application Insights instance"
+  value       = azurerm_application_insights.appinsights.name
+}
+
+output "log_analytics_workspace_name" {
+  description = "The name of the Log Analytics workspace"
+  value       = azurerm_log_analytics_workspace.loganalytics.name
+}
+
+output "key_vault_name" {
+  description = "The name of the Key Vault"
+  value       = azurerm_key_vault.keyvault.name
+}
+
+
+output "cosmosdb_account_name" {
+  description = "The name of the CosmosDB account."
+  value       = azurerm_cosmosdb_account.cosmosdb.name
+}

terraform-infrastructure/provider.tf

@@ -0,0 +1,25 @@
+# provider.tf
+# This file configures the Azure provider to interact with Azure resources.
+# It specifies the required provider and its version, along with provider-specific configurations.
+
+terraform {
+  required_version = ">= 1.8, < 2.0"
+  # Specify the required provider and its version
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"  # Source of the AzureRM provider
+      version = "~> 4.16.0"          # Version of the AzureRM provider
+    }
+  }
+}
+
+provider "azurerm" {
+    features {  # Enable features for the AzureRM provider
+        key_vault {
+        recover_soft_deleted_key_vaults = false
+        purge_soft_delete_on_destroy    = true
+        }
+  }
+                      
+  subscription_id = var.subscription_id  # Use the subscription ID variable
+}

terraform-infrastructure/terraform.tfvars

@@ -0,0 +1,18 @@
+# Sample values 
+subscription_id       = "" # "your-subscription_id"
+resource_group_name   = "RG-PDFs-Processing-OpenFramework" # "your-resource-group-name"
+location              = "West US" # "your-location"
+# Storage Account
+storage_account_name  = "storageaccountbrownpdfof" # "your-storage-account-name"
+# Function App
+function_app_name     = "fapdfofbrown" # "your-function-app-name"
+# App Service Plan
+app_service_plan_name = "asppdfofbrown" # "your-app-service-plan-name"
+# Application Insights
+app_insights_name     = "apppdfofbrown" # "your-app-insights-name"
+# Log Analytics Workspace
+log_analytics_workspace_name = "logwspdfofbrown" # "your-log-analytics-workspace-name"
+# Key Vault
+key_vault_name        = "kvpdfofrbrown" # "your-key-vault-name"
+# CosmosDB
+cosmosdb_account_name = "cosmospdfofbrown" # "your-cosmosdb-account-name"

terraform-infrastructure/variables.tf

@@ -0,0 +1,49 @@
+variable "subscription_id" {
+  description = "The subscription ID for the Azure account."
+  type        = string
+}
+
+variable "resource_group_name" {
+  description = "The name of the resource group."
+  type        = string
+}
+
+variable "location" {
+  description = "The Azure region where resources will be created."
+  type        = string
+}
+
+
+variable "storage_account_name" {
+  description = "The name of the storage account"
+  type        = string
+}
+
+variable "function_app_name" {
+  description = "The name of the Linux Function App."
+  type        = string
+}
+
+variable "app_service_plan_name" {
+  description = "The name of the App Service plan"
+  type        = string
+}
+
+variable "app_insights_name" {
+  description = "The name of the Application Insights instance"
+  type        = string
+}
+
+variable "log_analytics_workspace_name" {
+  description = "The name of the Log Analytics workspace"
+  type        = string
+}
+
+variable "key_vault_name" {
+  description = "The name of the Key Vault"
+  type        = string
+}
+variable "cosmosdb_account_name" {
+  description = "The name of the CosmosDB account."
+  type        = string
+}