From 06ae3c1ad99848746f2603f904c0e6c842c9a55a Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Tue, 15 Jul 2025 10:33:08 +0200 Subject: [PATCH 01/32] Updated terraform providers to their latest minor versions --- .gitignore | 4 +++- modules/azure/analysis_services/main.tf | 4 ++-- modules/azure/api_connectors/arm_managed_identity/main.tf | 4 ++-- modules/azure/api_connectors/custom_connector/main.tf | 4 ++-- .../api_connectors/event_hub_managed_identity/main.tf | 4 ++-- modules/azure/api_connectors/excel_online/main.tf | 4 ++-- .../api_connectors/key_vault_managed_identity/main.tf | 4 ++-- modules/azure/api_connectors/log_analytics/main.tf | 4 ++-- .../api_connectors/logic_app_custom_connector/main.tf | 4 ++-- modules/azure/api_connectors/office365/main.tf | 4 ++-- modules/azure/api_connectors/office365_set/main.tf | 4 ++-- .../api_connectors/service_bus_managed_identity/main.tf | 4 ++-- .../service_bus_managed_identity_set/main.tf | 4 ++-- modules/azure/api_connectors/sftp_ssh/main.tf | 4 ++-- modules/azure/api_connectors/sharepoint_online/main.tf | 4 ++-- modules/azure/api_connectors/storage_blob/main.tf | 4 ++-- .../api_connectors/storage_blob_managed_identity/main.tf | 4 ++-- modules/azure/api_connectors/storage_table/main.tf | 4 ++-- modules/azure/api_management/main.tf | 6 +++--- modules/azure/api_management_api/main.tf | 6 +++--- modules/azure/api_management_api_operation/main.tf | 4 ++-- modules/azure/api_management_api_operation_policy/main.tf | 4 ++-- modules/azure/api_management_api_schema/main.tf | 4 ++-- modules/azure/api_management_api_simple/main.tf | 4 ++-- modules/azure/api_management_certificate/main.tf | 4 ++-- modules/azure/api_management_custom_domains/main.tf | 4 ++-- .../azure/api_management_custom_domains_simple/main.tf | 4 ++-- modules/azure/api_management_groups/main.tf | 4 ++-- modules/azure/api_management_logging/main.tf | 4 ++-- modules/azure/api_management_named_values/main.tf | 4 ++-- modules/azure/api_management_permissions/main.tf | 4 ++-- modules/azure/application_insights/main.tf | 4 ++-- .../application_insights_smart_detection_rule/main.tf | 4 ++-- modules/azure/application_insights_workbook/main.tf | 4 ++-- modules/azure/application_performance_workbook/main.tf | 4 ++-- modules/azure/application_role_assignment/main.tf | 4 ++-- .../application_service_principal_role_assignment/main.tf | 4 ++-- modules/azure/container_registery/main.tf | 4 ++-- modules/azure/data_factory/main.tf | 4 ++-- modules/azure/data_factory_blob_to_blob/main.tf | 4 ++-- modules/azure/data_factory_http_to_blob/main.tf | 4 ++-- modules/azure/data_lake_filesystem/main.tf | 4 ++-- modules/azure/data_lake_storage/main.tf | 4 ++-- modules/azure/databricks_cluster/main.tf | 4 ++-- modules/azure/databricks_permissions/main.tf | 4 ++-- modules/azure/databricks_permissions_user_based/main.tf | 4 ++-- modules/azure/databricks_secrets/main.tf | 6 +++--- modules/azure/databricks_workspace/main.tf | 4 ++-- modules/azure/event_grid_topic/main.tf | 4 ++-- modules/azure/event_grid_topic_subscription/main.tf | 4 ++-- modules/azure/event_hub/main.tf | 4 ++-- modules/azure/frontdoor_classic/main.tf | 4 ++-- modules/azure/frontdoor_firewall_policy/main.tf | 4 ++-- modules/azure/function_app_linux/main.tf | 4 ++-- modules/azure/function_app_linux_managed_identity/main.tf | 8 ++++---- modules/azure/function_app_windows/main.tf | 4 ++-- modules/azure/iam/main.tf | 4 ++-- modules/azure/iam_set/main.tf | 4 ++-- modules/azure/key_vault/main.tf | 4 ++-- modules/azure/key_vault_certificate/main.tf | 4 ++-- modules/azure/key_vault_secret/main.tf | 4 ++-- modules/azure/key_vault_secrets_put/main.tf | 4 ++-- modules/azure/key_vault_secrets_put_once/main.tf | 4 ++-- modules/azure/log_analytics_diagnostic_setting/main.tf | 4 ++-- modules/azure/log_analytics_queries/main.tf | 6 +++--- modules/azure/log_analytics_workspace/main.tf | 4 ++-- modules/azure/logic_app/main.tf | 4 ++-- modules/azure/logic_app_bicep/main.tf | 6 +++--- modules/azure/logic_app_set/main.tf | 4 ++-- modules/azure/logic_app_standard/main.tf | 8 ++++---- modules/azure/logic_app_standard_connection/main.tf | 4 ++-- .../logic_app_standard_connection_access_policy/main.tf | 4 ++-- modules/azure/logic_app_trigger_http_request_data/main.tf | 4 ++-- modules/azure/maps_account/main.tf | 4 ++-- modules/azure/monitoring_action_group/main.tf | 4 ++-- modules/azure/monitoring_log_analytics_alert/main.tf | 4 ++-- modules/azure/monitoring_metric_alert/main.tf | 4 ++-- modules/azure/mssql/main.tf | 4 ++-- modules/azure/mysql/main.tf | 4 ++-- modules/azure/mysql_flexible_server/main.tf | 4 ++-- modules/azure/mysql_flexible_server_public/main.tf | 4 ++-- modules/azure/network_security_group/main.tf | 4 ++-- modules/azure/postgresql/main.tf | 4 ++-- modules/azure/postgresql_public/main.tf | 4 ++-- modules/azure/private_dns_zone/main.tf | 4 ++-- modules/azure/private_endpoint/main.tf | 4 ++-- modules/azure/public_ip/main.tf | 4 ++-- modules/azure/recovery_services_vault/main.tf | 4 ++-- modules/azure/resource_group/main.tf | 4 ++-- modules/azure/route_table/main.tf | 4 ++-- modules/azure/service_bus_public/main.tf | 4 ++-- modules/azure/service_bus_subscription/main.tf | 4 ++-- modules/azure/service_bus_topic/main.tf | 4 ++-- modules/azure/service_plan/main.tf | 4 ++-- modules/azure/storage_account_private/main.tf | 4 ++-- modules/azure/storage_account_public/main.tf | 4 ++-- modules/azure/storage_blob/main.tf | 4 ++-- modules/azure/storage_container/main.tf | 4 ++-- modules/azure/storage_event_grid/main.tf | 4 ++-- modules/azure/storage_queue/main.tf | 4 ++-- modules/azure/storage_share/main.tf | 4 ++-- modules/azure/storage_table/main.tf | 4 ++-- modules/azure/storage_table_entities/main.tf | 4 ++-- modules/azure/storage_table_entities_rewritable/main.tf | 4 ++-- modules/azure/storage_table_entity/main.tf | 4 ++-- modules/azure/stream_analytics/main.tf | 4 ++-- modules/azure/subnet/main.tf | 4 ++-- modules/azure/synapse_workspace/main.tf | 4 ++-- modules/azure/virtual_machine/main.tf | 4 ++-- modules/azure/virtual_machine_extension/main.tf | 4 ++-- modules/azure/virtual_network/main.tf | 4 ++-- modules/azure/virtual_network_peering/main.tf | 4 ++-- modules/azure/web_app_linux/main.tf | 4 ++-- modules/azure/web_app_windows/main.tf | 4 ++-- modules/cloudflare/dns_records/main.tf | 4 ++-- modules/elastic/cluster/main.tf | 4 ++-- modules/kubernetes/configmap/main.tf | 4 ++-- modules/kubernetes/cron_job/main.tf | 4 ++-- modules/kubernetes/deployment_with_service/main.tf | 4 ++-- modules/kubernetes/ingress/main.tf | 4 ++-- modules/kubernetes/pvc/main.tf | 4 ++-- modules/kubernetes/secret/main.tf | 4 ++-- modules/other/local_exec/main.tf | 2 +- modules/other/password_generator/main.tf | 2 +- modules/other/vm_with_power_automate_desktop/main.tf | 6 +++--- 125 files changed, 259 insertions(+), 257 deletions(-) diff --git a/.gitignore b/.gitignore index bdb8854e..82fdf38c 100644 --- a/.gitignore +++ b/.gitignore @@ -31,4 +31,6 @@ override.tf.json .terraform.lock.hcl #IDE files -.idea \ No newline at end of file +.idea + +.vs/ \ No newline at end of file diff --git a/modules/azure/analysis_services/main.tf b/modules/azure/analysis_services/main.tf index e3500397..a63d6037 100644 --- a/modules/azure/analysis_services/main.tf +++ b/modules/azure/analysis_services/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/arm_managed_identity/main.tf b/modules/azure/api_connectors/arm_managed_identity/main.tf index 24373813..8102dab5 100644 --- a/modules/azure/api_connectors/arm_managed_identity/main.tf +++ b/modules/azure/api_connectors/arm_managed_identity/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/custom_connector/main.tf b/modules/azure/api_connectors/custom_connector/main.tf index dfdd7ce5..59cccfea 100644 --- a/modules/azure/api_connectors/custom_connector/main.tf +++ b/modules/azure/api_connectors/custom_connector/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/event_hub_managed_identity/main.tf b/modules/azure/api_connectors/event_hub_managed_identity/main.tf index 2217fd24..4a2672c3 100644 --- a/modules/azure/api_connectors/event_hub_managed_identity/main.tf +++ b/modules/azure/api_connectors/event_hub_managed_identity/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/excel_online/main.tf b/modules/azure/api_connectors/excel_online/main.tf index d0d771d2..6c29dd5a 100644 --- a/modules/azure/api_connectors/excel_online/main.tf +++ b/modules/azure/api_connectors/excel_online/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/key_vault_managed_identity/main.tf b/modules/azure/api_connectors/key_vault_managed_identity/main.tf index 0f684fa3..a6180b59 100644 --- a/modules/azure/api_connectors/key_vault_managed_identity/main.tf +++ b/modules/azure/api_connectors/key_vault_managed_identity/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/log_analytics/main.tf b/modules/azure/api_connectors/log_analytics/main.tf index be41210a..84275029 100644 --- a/modules/azure/api_connectors/log_analytics/main.tf +++ b/modules/azure/api_connectors/log_analytics/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/logic_app_custom_connector/main.tf b/modules/azure/api_connectors/logic_app_custom_connector/main.tf index b6ee93f0..d4051ccd 100644 --- a/modules/azure/api_connectors/logic_app_custom_connector/main.tf +++ b/modules/azure/api_connectors/logic_app_custom_connector/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/office365/main.tf b/modules/azure/api_connectors/office365/main.tf index d0d771d2..6c29dd5a 100644 --- a/modules/azure/api_connectors/office365/main.tf +++ b/modules/azure/api_connectors/office365/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/office365_set/main.tf b/modules/azure/api_connectors/office365_set/main.tf index ead069e2..c30abccc 100644 --- a/modules/azure/api_connectors/office365_set/main.tf +++ b/modules/azure/api_connectors/office365_set/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/service_bus_managed_identity/main.tf b/modules/azure/api_connectors/service_bus_managed_identity/main.tf index 1d270bd9..42e92ad9 100644 --- a/modules/azure/api_connectors/service_bus_managed_identity/main.tf +++ b/modules/azure/api_connectors/service_bus_managed_identity/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/service_bus_managed_identity_set/main.tf b/modules/azure/api_connectors/service_bus_managed_identity_set/main.tf index c3e9df6d..d31d3d78 100644 --- a/modules/azure/api_connectors/service_bus_managed_identity_set/main.tf +++ b/modules/azure/api_connectors/service_bus_managed_identity_set/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/sftp_ssh/main.tf b/modules/azure/api_connectors/sftp_ssh/main.tf index b1bdbc0a..5bc37382 100644 --- a/modules/azure/api_connectors/sftp_ssh/main.tf +++ b/modules/azure/api_connectors/sftp_ssh/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/sharepoint_online/main.tf b/modules/azure/api_connectors/sharepoint_online/main.tf index d0d771d2..6c29dd5a 100644 --- a/modules/azure/api_connectors/sharepoint_online/main.tf +++ b/modules/azure/api_connectors/sharepoint_online/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/storage_blob/main.tf b/modules/azure/api_connectors/storage_blob/main.tf index 8d7d4437..f352fd9c 100644 --- a/modules/azure/api_connectors/storage_blob/main.tf +++ b/modules/azure/api_connectors/storage_blob/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/storage_blob_managed_identity/main.tf b/modules/azure/api_connectors/storage_blob_managed_identity/main.tf index 4faebca2..422e471b 100644 --- a/modules/azure/api_connectors/storage_blob_managed_identity/main.tf +++ b/modules/azure/api_connectors/storage_blob_managed_identity/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_connectors/storage_table/main.tf b/modules/azure/api_connectors/storage_table/main.tf index c3eb8b4a..5b101a8a 100644 --- a/modules/azure/api_connectors/storage_table/main.tf +++ b/modules/azure/api_connectors/storage_table/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_management/main.tf b/modules/azure/api_management/main.tf index a0e13245..f720d83a 100644 --- a/modules/azure/api_management/main.tf +++ b/modules/azure/api_management/main.tf @@ -1,14 +1,14 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } azuread = { source = "hashicorp/azuread" - version = "~> 2.36" + version = "~> 2.53" } } diff --git a/modules/azure/api_management_api/main.tf b/modules/azure/api_management_api/main.tf index 79ae21c6..625f9b5e 100644 --- a/modules/azure/api_management_api/main.tf +++ b/modules/azure/api_management_api/main.tf @@ -1,14 +1,14 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } azuread = { source = "hashicorp/azuread" - version = "~> 2.36" + version = "~> 2.53" } } diff --git a/modules/azure/api_management_api_operation/main.tf b/modules/azure/api_management_api_operation/main.tf index d1bacc43..daa959d9 100644 --- a/modules/azure/api_management_api_operation/main.tf +++ b/modules/azure/api_management_api_operation/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_management_api_operation_policy/main.tf b/modules/azure/api_management_api_operation_policy/main.tf index 6dd247ca..cfaac34f 100644 --- a/modules/azure/api_management_api_operation_policy/main.tf +++ b/modules/azure/api_management_api_operation_policy/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_management_api_schema/main.tf b/modules/azure/api_management_api_schema/main.tf index 6f504086..963f656a 100644 --- a/modules/azure/api_management_api_schema/main.tf +++ b/modules/azure/api_management_api_schema/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_management_api_simple/main.tf b/modules/azure/api_management_api_simple/main.tf index 0de95bfd..a6afec9b 100644 --- a/modules/azure/api_management_api_simple/main.tf +++ b/modules/azure/api_management_api_simple/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_management_certificate/main.tf b/modules/azure/api_management_certificate/main.tf index 1ef3f98d..65074c9c 100644 --- a/modules/azure/api_management_certificate/main.tf +++ b/modules/azure/api_management_certificate/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_management_custom_domains/main.tf b/modules/azure/api_management_custom_domains/main.tf index d9663c57..4a4e3b99 100644 --- a/modules/azure/api_management_custom_domains/main.tf +++ b/modules/azure/api_management_custom_domains/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_management_custom_domains_simple/main.tf b/modules/azure/api_management_custom_domains_simple/main.tf index d206f6c2..b0d5cb4d 100644 --- a/modules/azure/api_management_custom_domains_simple/main.tf +++ b/modules/azure/api_management_custom_domains_simple/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_management_groups/main.tf b/modules/azure/api_management_groups/main.tf index dc307c88..419281ac 100644 --- a/modules/azure/api_management_groups/main.tf +++ b/modules/azure/api_management_groups/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_management_logging/main.tf b/modules/azure/api_management_logging/main.tf index ab2b7d90..e99276bc 100644 --- a/modules/azure/api_management_logging/main.tf +++ b/modules/azure/api_management_logging/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_management_named_values/main.tf b/modules/azure/api_management_named_values/main.tf index ea5ebf08..80f4e7e2 100644 --- a/modules/azure/api_management_named_values/main.tf +++ b/modules/azure/api_management_named_values/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/api_management_permissions/main.tf b/modules/azure/api_management_permissions/main.tf index c2739f87..640b876b 100644 --- a/modules/azure/api_management_permissions/main.tf +++ b/modules/azure/api_management_permissions/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/application_insights/main.tf b/modules/azure/application_insights/main.tf index cdbd9d6e..5b5c3b35 100644 --- a/modules/azure/application_insights/main.tf +++ b/modules/azure/application_insights/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/application_insights_smart_detection_rule/main.tf b/modules/azure/application_insights_smart_detection_rule/main.tf index 07a4d478..19185fb9 100644 --- a/modules/azure/application_insights_smart_detection_rule/main.tf +++ b/modules/azure/application_insights_smart_detection_rule/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/application_insights_workbook/main.tf b/modules/azure/application_insights_workbook/main.tf index e786f2fd..95ad7082 100644 --- a/modules/azure/application_insights_workbook/main.tf +++ b/modules/azure/application_insights_workbook/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/application_performance_workbook/main.tf b/modules/azure/application_performance_workbook/main.tf index 77572b66..0b8f64f9 100644 --- a/modules/azure/application_performance_workbook/main.tf +++ b/modules/azure/application_performance_workbook/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/application_role_assignment/main.tf b/modules/azure/application_role_assignment/main.tf index 211c2d0f..e7ecf243 100644 --- a/modules/azure/application_role_assignment/main.tf +++ b/modules/azure/application_role_assignment/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azuread = { source = "hashicorp/azuread" - version = "~> 2.36" + version = "~> 2.53" } } diff --git a/modules/azure/application_service_principal_role_assignment/main.tf b/modules/azure/application_service_principal_role_assignment/main.tf index 47bbd5a0..60b74201 100644 --- a/modules/azure/application_service_principal_role_assignment/main.tf +++ b/modules/azure/application_service_principal_role_assignment/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azuread = { source = "hashicorp/azuread" - version = "~> 2.36" + version = "~> 2.53" } } diff --git a/modules/azure/container_registery/main.tf b/modules/azure/container_registery/main.tf index b73fc55c..fb9a8971 100644 --- a/modules/azure/container_registery/main.tf +++ b/modules/azure/container_registery/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/data_factory/main.tf b/modules/azure/data_factory/main.tf index 567ec3aa..cf4279f0 100644 --- a/modules/azure/data_factory/main.tf +++ b/modules/azure/data_factory/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/data_factory_blob_to_blob/main.tf b/modules/azure/data_factory_blob_to_blob/main.tf index 7e6e6441..a90d2992 100644 --- a/modules/azure/data_factory_blob_to_blob/main.tf +++ b/modules/azure/data_factory_blob_to_blob/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/data_factory_http_to_blob/main.tf b/modules/azure/data_factory_http_to_blob/main.tf index 81e85a60..844d2e75 100644 --- a/modules/azure/data_factory_http_to_blob/main.tf +++ b/modules/azure/data_factory_http_to_blob/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/data_lake_filesystem/main.tf b/modules/azure/data_lake_filesystem/main.tf index 5aae4e72..80093c90 100644 --- a/modules/azure/data_lake_filesystem/main.tf +++ b/modules/azure/data_lake_filesystem/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/data_lake_storage/main.tf b/modules/azure/data_lake_storage/main.tf index f11a3fb4..0531c282 100644 --- a/modules/azure/data_lake_storage/main.tf +++ b/modules/azure/data_lake_storage/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/databricks_cluster/main.tf b/modules/azure/databricks_cluster/main.tf index 730debb8..a35f9924 100644 --- a/modules/azure/databricks_cluster/main.tf +++ b/modules/azure/databricks_cluster/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { databricks = { source = "databricks/databricks" - version = "~> 1.0" + version = "~> 1.84" } } diff --git a/modules/azure/databricks_permissions/main.tf b/modules/azure/databricks_permissions/main.tf index 5d62e467..dc5609c4 100644 --- a/modules/azure/databricks_permissions/main.tf +++ b/modules/azure/databricks_permissions/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { databricks = { source = "databricks/databricks" - version = "~> 1.0" + version = "~> 1.84" } } diff --git a/modules/azure/databricks_permissions_user_based/main.tf b/modules/azure/databricks_permissions_user_based/main.tf index dbec6211..c3531632 100644 --- a/modules/azure/databricks_permissions_user_based/main.tf +++ b/modules/azure/databricks_permissions_user_based/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { databricks = { source = "databricks/databricks" - version = "~> 1.0" + version = "~> 1.84" } } diff --git a/modules/azure/databricks_secrets/main.tf b/modules/azure/databricks_secrets/main.tf index c5a1b55e..ed099186 100644 --- a/modules/azure/databricks_secrets/main.tf +++ b/modules/azure/databricks_secrets/main.tf @@ -1,14 +1,14 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } databricks = { source = "databricks/databricks" - version = "~> 1.0" + version = "~> 1.84" } } diff --git a/modules/azure/databricks_workspace/main.tf b/modules/azure/databricks_workspace/main.tf index f9477002..a093670e 100644 --- a/modules/azure/databricks_workspace/main.tf +++ b/modules/azure/databricks_workspace/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/event_grid_topic/main.tf b/modules/azure/event_grid_topic/main.tf index 7b05f8cd..3be36752 100644 --- a/modules/azure/event_grid_topic/main.tf +++ b/modules/azure/event_grid_topic/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/event_grid_topic_subscription/main.tf b/modules/azure/event_grid_topic_subscription/main.tf index 45d4d3fb..815c1065 100644 --- a/modules/azure/event_grid_topic_subscription/main.tf +++ b/modules/azure/event_grid_topic_subscription/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/event_hub/main.tf b/modules/azure/event_hub/main.tf index f4561735..491db493 100644 --- a/modules/azure/event_hub/main.tf +++ b/modules/azure/event_hub/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/frontdoor_classic/main.tf b/modules/azure/frontdoor_classic/main.tf index ccfbc824..9a05937b 100644 --- a/modules/azure/frontdoor_classic/main.tf +++ b/modules/azure/frontdoor_classic/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/frontdoor_firewall_policy/main.tf b/modules/azure/frontdoor_firewall_policy/main.tf index 829053de..1e14da6b 100644 --- a/modules/azure/frontdoor_firewall_policy/main.tf +++ b/modules/azure/frontdoor_firewall_policy/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/function_app_linux/main.tf b/modules/azure/function_app_linux/main.tf index 3b4578c0..20d6f3f0 100644 --- a/modules/azure/function_app_linux/main.tf +++ b/modules/azure/function_app_linux/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/function_app_linux_managed_identity/main.tf b/modules/azure/function_app_linux_managed_identity/main.tf index 0bf622d3..e86158e8 100644 --- a/modules/azure/function_app_linux_managed_identity/main.tf +++ b/modules/azure/function_app_linux_managed_identity/main.tf @@ -1,18 +1,18 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } azuread = { source = "hashicorp/azuread" - version = "~> 2.36" + version = "~> 2.53" } azapi = { source = "Azure/azapi" - version = "~> 1.4" + version = "~> 1.15" } } diff --git a/modules/azure/function_app_windows/main.tf b/modules/azure/function_app_windows/main.tf index b6111873..9bf77075 100644 --- a/modules/azure/function_app_windows/main.tf +++ b/modules/azure/function_app_windows/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/iam/main.tf b/modules/azure/iam/main.tf index 7d52774b..f4aac225 100644 --- a/modules/azure/iam/main.tf +++ b/modules/azure/iam/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/iam_set/main.tf b/modules/azure/iam_set/main.tf index 68bcbfd4..62eebaf2 100644 --- a/modules/azure/iam_set/main.tf +++ b/modules/azure/iam_set/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/key_vault/main.tf b/modules/azure/key_vault/main.tf index cf6fb547..99421146 100644 --- a/modules/azure/key_vault/main.tf +++ b/modules/azure/key_vault/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/key_vault_certificate/main.tf b/modules/azure/key_vault_certificate/main.tf index 3acec146..0e18b1dd 100644 --- a/modules/azure/key_vault_certificate/main.tf +++ b/modules/azure/key_vault_certificate/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/key_vault_secret/main.tf b/modules/azure/key_vault_secret/main.tf index 2a04f2cb..ba70c290 100644 --- a/modules/azure/key_vault_secret/main.tf +++ b/modules/azure/key_vault_secret/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/key_vault_secrets_put/main.tf b/modules/azure/key_vault_secrets_put/main.tf index debaadd9..76c10235 100644 --- a/modules/azure/key_vault_secrets_put/main.tf +++ b/modules/azure/key_vault_secrets_put/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/key_vault_secrets_put_once/main.tf b/modules/azure/key_vault_secrets_put_once/main.tf index 3cb4f3ee..a145570e 100644 --- a/modules/azure/key_vault_secrets_put_once/main.tf +++ b/modules/azure/key_vault_secrets_put_once/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/log_analytics_diagnostic_setting/main.tf b/modules/azure/log_analytics_diagnostic_setting/main.tf index 3ca22ff5..d4b6860b 100644 --- a/modules/azure/log_analytics_diagnostic_setting/main.tf +++ b/modules/azure/log_analytics_diagnostic_setting/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/log_analytics_queries/main.tf b/modules/azure/log_analytics_queries/main.tf index 14104bb2..5cf8e1ef 100644 --- a/modules/azure/log_analytics_queries/main.tf +++ b/modules/azure/log_analytics_queries/main.tf @@ -1,14 +1,14 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } random = { source = "hashicorp/random" - version = "~> 3.4" + version = "~> 3.7.2" } } diff --git a/modules/azure/log_analytics_workspace/main.tf b/modules/azure/log_analytics_workspace/main.tf index 9d9a360a..e1cdfec6 100644 --- a/modules/azure/log_analytics_workspace/main.tf +++ b/modules/azure/log_analytics_workspace/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/logic_app/main.tf b/modules/azure/logic_app/main.tf index be923480..338c2054 100644 --- a/modules/azure/logic_app/main.tf +++ b/modules/azure/logic_app/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/logic_app_bicep/main.tf b/modules/azure/logic_app_bicep/main.tf index ee28f0a4..483124fb 100644 --- a/modules/azure/logic_app_bicep/main.tf +++ b/modules/azure/logic_app_bicep/main.tf @@ -1,15 +1,15 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } local = { source = "hashicorp/local" - version = "2.4.1" + version = "2.5.3" } } diff --git a/modules/azure/logic_app_set/main.tf b/modules/azure/logic_app_set/main.tf index d6c69fc8..2e8a70bf 100644 --- a/modules/azure/logic_app_set/main.tf +++ b/modules/azure/logic_app_set/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/logic_app_standard/main.tf b/modules/azure/logic_app_standard/main.tf index 50a51eb8..2e94f2ce 100644 --- a/modules/azure/logic_app_standard/main.tf +++ b/modules/azure/logic_app_standard/main.tf @@ -1,18 +1,18 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } azapi = { source = "Azure/azapi" - version = "~> 1.4" + version = "~> 1.15" } azuread = { source = "hashicorp/azuread" - version = "~> 2.36" + version = "~> 2.53" } } diff --git a/modules/azure/logic_app_standard_connection/main.tf b/modules/azure/logic_app_standard_connection/main.tf index f49bf24f..6a2d97a0 100644 --- a/modules/azure/logic_app_standard_connection/main.tf +++ b/modules/azure/logic_app_standard_connection/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/logic_app_standard_connection_access_policy/main.tf b/modules/azure/logic_app_standard_connection_access_policy/main.tf index 8592dd22..6587ff1f 100644 --- a/modules/azure/logic_app_standard_connection_access_policy/main.tf +++ b/modules/azure/logic_app_standard_connection_access_policy/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/logic_app_trigger_http_request_data/main.tf b/modules/azure/logic_app_trigger_http_request_data/main.tf index b2521329..c1992d37 100644 --- a/modules/azure/logic_app_trigger_http_request_data/main.tf +++ b/modules/azure/logic_app_trigger_http_request_data/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azapi = { source = "Azure/azapi" - version = "~> 1.4" + version = "~> 1.15" } } diff --git a/modules/azure/maps_account/main.tf b/modules/azure/maps_account/main.tf index 4eabf524..fc221fbb 100644 --- a/modules/azure/maps_account/main.tf +++ b/modules/azure/maps_account/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/monitoring_action_group/main.tf b/modules/azure/monitoring_action_group/main.tf index b9b7729a..2bda0b15 100644 --- a/modules/azure/monitoring_action_group/main.tf +++ b/modules/azure/monitoring_action_group/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/monitoring_log_analytics_alert/main.tf b/modules/azure/monitoring_log_analytics_alert/main.tf index 9322d6e2..f132fb0f 100644 --- a/modules/azure/monitoring_log_analytics_alert/main.tf +++ b/modules/azure/monitoring_log_analytics_alert/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/monitoring_metric_alert/main.tf b/modules/azure/monitoring_metric_alert/main.tf index aa833faf..22f6b585 100644 --- a/modules/azure/monitoring_metric_alert/main.tf +++ b/modules/azure/monitoring_metric_alert/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/mssql/main.tf b/modules/azure/mssql/main.tf index a962bc0b..13a6ea8d 100644 --- a/modules/azure/mssql/main.tf +++ b/modules/azure/mssql/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/mysql/main.tf b/modules/azure/mysql/main.tf index 842f625a..6ed78897 100644 --- a/modules/azure/mysql/main.tf +++ b/modules/azure/mysql/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/mysql_flexible_server/main.tf b/modules/azure/mysql_flexible_server/main.tf index 9a84d16b..1ca534d9 100644 --- a/modules/azure/mysql_flexible_server/main.tf +++ b/modules/azure/mysql_flexible_server/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/mysql_flexible_server_public/main.tf b/modules/azure/mysql_flexible_server_public/main.tf index 815ab2b7..899ec8c8 100644 --- a/modules/azure/mysql_flexible_server_public/main.tf +++ b/modules/azure/mysql_flexible_server_public/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/network_security_group/main.tf b/modules/azure/network_security_group/main.tf index 120a2ba7..61b5b003 100644 --- a/modules/azure/network_security_group/main.tf +++ b/modules/azure/network_security_group/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/postgresql/main.tf b/modules/azure/postgresql/main.tf index 5ad473f4..60fee1ef 100644 --- a/modules/azure/postgresql/main.tf +++ b/modules/azure/postgresql/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/postgresql_public/main.tf b/modules/azure/postgresql_public/main.tf index 906e35b9..141635ad 100644 --- a/modules/azure/postgresql_public/main.tf +++ b/modules/azure/postgresql_public/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/private_dns_zone/main.tf b/modules/azure/private_dns_zone/main.tf index 35bc7666..ea5e81f4 100644 --- a/modules/azure/private_dns_zone/main.tf +++ b/modules/azure/private_dns_zone/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/private_endpoint/main.tf b/modules/azure/private_endpoint/main.tf index 2b3fcbdb..dcacdd77 100644 --- a/modules/azure/private_endpoint/main.tf +++ b/modules/azure/private_endpoint/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/public_ip/main.tf b/modules/azure/public_ip/main.tf index bf85d686..0f8c37ed 100644 --- a/modules/azure/public_ip/main.tf +++ b/modules/azure/public_ip/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/recovery_services_vault/main.tf b/modules/azure/recovery_services_vault/main.tf index 702926d7..c35d6be2 100644 --- a/modules/azure/recovery_services_vault/main.tf +++ b/modules/azure/recovery_services_vault/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/resource_group/main.tf b/modules/azure/resource_group/main.tf index 4c1ee412..42d3a54c 100644 --- a/modules/azure/resource_group/main.tf +++ b/modules/azure/resource_group/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/route_table/main.tf b/modules/azure/route_table/main.tf index 3b44c3e6..436a5f41 100644 --- a/modules/azure/route_table/main.tf +++ b/modules/azure/route_table/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/service_bus_public/main.tf b/modules/azure/service_bus_public/main.tf index fd77acd7..32098965 100644 --- a/modules/azure/service_bus_public/main.tf +++ b/modules/azure/service_bus_public/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/service_bus_subscription/main.tf b/modules/azure/service_bus_subscription/main.tf index 8c2f40f0..467caac4 100644 --- a/modules/azure/service_bus_subscription/main.tf +++ b/modules/azure/service_bus_subscription/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/service_bus_topic/main.tf b/modules/azure/service_bus_topic/main.tf index 829cadee..137d0388 100644 --- a/modules/azure/service_bus_topic/main.tf +++ b/modules/azure/service_bus_topic/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/service_plan/main.tf b/modules/azure/service_plan/main.tf index 654f3750..886e4fa5 100644 --- a/modules/azure/service_plan/main.tf +++ b/modules/azure/service_plan/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.1" + required_version = "~> 1.2.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/storage_account_private/main.tf b/modules/azure/storage_account_private/main.tf index fe389b0d..0fe1ce22 100644 --- a/modules/azure/storage_account_private/main.tf +++ b/modules/azure/storage_account_private/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/storage_account_public/main.tf b/modules/azure/storage_account_public/main.tf index 49f8480b..724e33e9 100644 --- a/modules/azure/storage_account_public/main.tf +++ b/modules/azure/storage_account_public/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/storage_blob/main.tf b/modules/azure/storage_blob/main.tf index efb59c8e..8d9d0d8b 100644 --- a/modules/azure/storage_blob/main.tf +++ b/modules/azure/storage_blob/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/storage_container/main.tf b/modules/azure/storage_container/main.tf index c372c6da..7b16075f 100644 --- a/modules/azure/storage_container/main.tf +++ b/modules/azure/storage_container/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/storage_event_grid/main.tf b/modules/azure/storage_event_grid/main.tf index 70daf236..f89bb345 100644 --- a/modules/azure/storage_event_grid/main.tf +++ b/modules/azure/storage_event_grid/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/storage_queue/main.tf b/modules/azure/storage_queue/main.tf index fb912016..faa1b08d 100644 --- a/modules/azure/storage_queue/main.tf +++ b/modules/azure/storage_queue/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/storage_share/main.tf b/modules/azure/storage_share/main.tf index 424d62f9..d4d68abd 100644 --- a/modules/azure/storage_share/main.tf +++ b/modules/azure/storage_share/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/storage_table/main.tf b/modules/azure/storage_table/main.tf index 88377bae..5b775d28 100644 --- a/modules/azure/storage_table/main.tf +++ b/modules/azure/storage_table/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/storage_table_entities/main.tf b/modules/azure/storage_table_entities/main.tf index 97c9ac56..10524e7a 100644 --- a/modules/azure/storage_table_entities/main.tf +++ b/modules/azure/storage_table_entities/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/storage_table_entities_rewritable/main.tf b/modules/azure/storage_table_entities_rewritable/main.tf index 445f3ff7..09b86b22 100644 --- a/modules/azure/storage_table_entities_rewritable/main.tf +++ b/modules/azure/storage_table_entities_rewritable/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/storage_table_entity/main.tf b/modules/azure/storage_table_entity/main.tf index e65c8178..ab6102e4 100644 --- a/modules/azure/storage_table_entity/main.tf +++ b/modules/azure/storage_table_entity/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/stream_analytics/main.tf b/modules/azure/stream_analytics/main.tf index 5bb8c5e7..7e90b18e 100644 --- a/modules/azure/stream_analytics/main.tf +++ b/modules/azure/stream_analytics/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/subnet/main.tf b/modules/azure/subnet/main.tf index 0474284c..c37517c7 100644 --- a/modules/azure/subnet/main.tf +++ b/modules/azure/subnet/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/synapse_workspace/main.tf b/modules/azure/synapse_workspace/main.tf index 758533b0..9bff6906 100644 --- a/modules/azure/synapse_workspace/main.tf +++ b/modules/azure/synapse_workspace/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/virtual_machine/main.tf b/modules/azure/virtual_machine/main.tf index 359ea8e1..fc5fc9a6 100644 --- a/modules/azure/virtual_machine/main.tf +++ b/modules/azure/virtual_machine/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/virtual_machine_extension/main.tf b/modules/azure/virtual_machine_extension/main.tf index 75445cdf..320be548 100644 --- a/modules/azure/virtual_machine_extension/main.tf +++ b/modules/azure/virtual_machine_extension/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/virtual_network/main.tf b/modules/azure/virtual_network/main.tf index a3f4484e..70cc11d3 100644 --- a/modules/azure/virtual_network/main.tf +++ b/modules/azure/virtual_network/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/virtual_network_peering/main.tf b/modules/azure/virtual_network_peering/main.tf index e8a2ab6e..746ade33 100644 --- a/modules/azure/virtual_network_peering/main.tf +++ b/modules/azure/virtual_network_peering/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } } diff --git a/modules/azure/web_app_linux/main.tf b/modules/azure/web_app_linux/main.tf index cbf56776..90d91260 100644 --- a/modules/azure/web_app_linux/main.tf +++ b/modules/azure/web_app_linux/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.1" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.70" + version = "~> 3.117" } } diff --git a/modules/azure/web_app_windows/main.tf b/modules/azure/web_app_windows/main.tf index 17e1f9c7..6822d373 100644 --- a/modules/azure/web_app_windows/main.tf +++ b/modules/azure/web_app_windows/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.1" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.70" + version = "~> 3.117" } } diff --git a/modules/cloudflare/dns_records/main.tf b/modules/cloudflare/dns_records/main.tf index 61cc1d19..a71e9e3e 100644 --- a/modules/cloudflare/dns_records/main.tf +++ b/modules/cloudflare/dns_records/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { cloudflare = { source = "cloudflare/cloudflare" - version = "~> 4.0" + version = "~> 4.52" } } diff --git a/modules/elastic/cluster/main.tf b/modules/elastic/cluster/main.tf index c3da819b..6a94e915 100644 --- a/modules/elastic/cluster/main.tf +++ b/modules/elastic/cluster/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { ec = { source = "elastic/ec" - version = "0.1.1" + version = "0.12.2" } } diff --git a/modules/kubernetes/configmap/main.tf b/modules/kubernetes/configmap/main.tf index 414908dd..f798f3ed 100644 --- a/modules/kubernetes/configmap/main.tf +++ b/modules/kubernetes/configmap/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { kubernetes = { source = "hashicorp/kubernetes" - version = "~> 2.20" + version = "~> 2.37" } } diff --git a/modules/kubernetes/cron_job/main.tf b/modules/kubernetes/cron_job/main.tf index c1b0d3ba..273a32cb 100644 --- a/modules/kubernetes/cron_job/main.tf +++ b/modules/kubernetes/cron_job/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { kubernetes = { source = "hashicorp/kubernetes" - version = "~> 2.20" + version = "~> 2.37" } } diff --git a/modules/kubernetes/deployment_with_service/main.tf b/modules/kubernetes/deployment_with_service/main.tf index 8f501484..437973da 100644 --- a/modules/kubernetes/deployment_with_service/main.tf +++ b/modules/kubernetes/deployment_with_service/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { kubernetes = { source = "hashicorp/kubernetes" - version = "~> 2.20" + version = "~> 2.37" } } diff --git a/modules/kubernetes/ingress/main.tf b/modules/kubernetes/ingress/main.tf index ad3fa2f8..d3da04a5 100644 --- a/modules/kubernetes/ingress/main.tf +++ b/modules/kubernetes/ingress/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { kubernetes = { source = "hashicorp/kubernetes" - version = "~> 2.20" + version = "~> 2.37" } } diff --git a/modules/kubernetes/pvc/main.tf b/modules/kubernetes/pvc/main.tf index ecf30d1a..686f309f 100644 --- a/modules/kubernetes/pvc/main.tf +++ b/modules/kubernetes/pvc/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { kubernetes = { source = "hashicorp/kubernetes" - version = "~> 2.20" + version = "~> 2.37" } } diff --git a/modules/kubernetes/secret/main.tf b/modules/kubernetes/secret/main.tf index 332399d1..ed74b61f 100644 --- a/modules/kubernetes/secret/main.tf +++ b/modules/kubernetes/secret/main.tf @@ -1,10 +1,10 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { kubernetes = { source = "hashicorp/kubernetes" - version = "~> 2.20" + version = "~> 2.37" } } diff --git a/modules/other/local_exec/main.tf b/modules/other/local_exec/main.tf index dce35d91..3c592480 100644 --- a/modules/other/local_exec/main.tf +++ b/modules/other/local_exec/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" backend "azurerm" {} } diff --git a/modules/other/password_generator/main.tf b/modules/other/password_generator/main.tf index b6b5a433..cbf670bf 100644 --- a/modules/other/password_generator/main.tf +++ b/modules/other/password_generator/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" backend "azurerm" {} } diff --git a/modules/other/vm_with_power_automate_desktop/main.tf b/modules/other/vm_with_power_automate_desktop/main.tf index f8cb763b..2773d8c1 100644 --- a/modules/other/vm_with_power_automate_desktop/main.tf +++ b/modules/other/vm_with_power_automate_desktop/main.tf @@ -1,14 +1,14 @@ terraform { - required_version = "~> 1.3" + required_version = "~> 1.12" required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~> 3.48" + version = "~> 3.117" } random = { source = "hashicorp/random" - version = "~> 3.5" + version = "~> 3.7.2" } } From 4729612c4fabdc4bb607d189acc75f23872aa57c Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Tue, 15 Jul 2025 11:25:34 +0200 Subject: [PATCH 02/32] Fixed azurerm version for service_plan --- modules/azure/service_plan/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/azure/service_plan/main.tf b/modules/azure/service_plan/main.tf index 886e4fa5..ced81857 100644 --- a/modules/azure/service_plan/main.tf +++ b/modules/azure/service_plan/main.tf @@ -1,5 +1,5 @@ terraform { - required_version = "~> 1.2.12" + required_version = "~> 1.12" required_providers { azurerm = { From 43a2c8ceb82470dae20ccd20663171ead03d4b71 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Tue, 15 Jul 2025 11:39:47 +0200 Subject: [PATCH 03/32] reverted elastic/ec version --- modules/elastic/cluster/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/elastic/cluster/main.tf b/modules/elastic/cluster/main.tf index 6a94e915..782d37c3 100644 --- a/modules/elastic/cluster/main.tf +++ b/modules/elastic/cluster/main.tf @@ -4,7 +4,7 @@ terraform { required_providers { ec = { source = "elastic/ec" - version = "0.12.2" + version = "0.1.1" } } From 292acbd5ad3c1914813c7ee93ca26dfd6b3669f2 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic <111054513+nikola-petrovic-valcon@users.noreply.github.com> Date: Wed, 16 Jul 2025 20:33:21 +0200 Subject: [PATCH 04/32] Update main.tf deprecated application_id -> client_id --- modules/azure/function_app_linux_managed_identity/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/azure/function_app_linux_managed_identity/main.tf b/modules/azure/function_app_linux_managed_identity/main.tf index e86158e8..17fef21e 100644 --- a/modules/azure/function_app_linux_managed_identity/main.tf +++ b/modules/azure/function_app_linux_managed_identity/main.tf @@ -153,7 +153,7 @@ resource "azapi_update_resource" "setup_auth_settings" { azureActiveDirectory = { enabled = true, registration = { - clientId = "${local.should_create_app ? azuread_application.application[0].application_id : var.managed_identity_provider.existing.client_id}", + clientId = "${local.should_create_app ? azuread_application.application[0].client_id : var.managed_identity_provider.existing.client_id}", clientSecretSettingName = "MICROSOFT_PROVIDER_AUTHENTICATION_SECRET" }, validation = { From e63c878b651de5650abfe14cc5d6ceeeac3aa61e Mon Sep 17 00:00:00 2001 From: Nikola Petrovic <111054513+nikola-petrovic-valcon@users.noreply.github.com> Date: Wed, 16 Jul 2025 21:28:18 +0200 Subject: [PATCH 05/32] Update main.tf --- modules/azure/function_app_linux_managed_identity/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/azure/function_app_linux_managed_identity/main.tf b/modules/azure/function_app_linux_managed_identity/main.tf index 17fef21e..bb8708c1 100644 --- a/modules/azure/function_app_linux_managed_identity/main.tf +++ b/modules/azure/function_app_linux_managed_identity/main.tf @@ -221,7 +221,7 @@ resource "azuread_application" "application" { resource "azuread_service_principal" "application" { count = local.should_assign_group ? 1 : 0 - application_id = azuread_application.application[0].application_id + application_id = azuread_application.application[0].client_id app_role_assignment_required = false owners = [data.azuread_client_config.current.object_id] } From 99052b3628f17e6a7be05bbca945ed4d34a8048a Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Thu, 17 Jul 2025 18:52:46 +0200 Subject: [PATCH 06/32] Added separate frontdoor firewall policy, extracted classic. --- .../azure/frontdoor_firewall_policy/main.tf | 3 +- .../frontdoor_firewall_policy/outputs.tf | 4 +- .../frontdoor_firewall_policy/variables.tf | 19 ++- .../frontdoor_firewall_policy_classic/main.tf | 144 ++++++++++++++++++ .../outputs.tf | 7 + .../variables.tf | 98 ++++++++++++ 6 files changed, 270 insertions(+), 5 deletions(-) create mode 100644 modules/azure/frontdoor_firewall_policy_classic/main.tf create mode 100644 modules/azure/frontdoor_firewall_policy_classic/outputs.tf create mode 100644 modules/azure/frontdoor_firewall_policy_classic/variables.tf diff --git a/modules/azure/frontdoor_firewall_policy/main.tf b/modules/azure/frontdoor_firewall_policy/main.tf index 1e14da6b..2d6dabca 100644 --- a/modules/azure/frontdoor_firewall_policy/main.tf +++ b/modules/azure/frontdoor_firewall_policy/main.tf @@ -15,9 +15,10 @@ provider "azurerm" { features {} } -resource "azurerm_frontdoor_firewall_policy" "firewall_policy" { +resource "azurerm_cdn_frontdoor_firewall_policy" "firewall_policy" { name = var.name resource_group_name = var.resource_group_name + sku_name = var.sku_name enabled = var.enabled mode = var.mode redirect_url = var.redirect_url diff --git a/modules/azure/frontdoor_firewall_policy/outputs.tf b/modules/azure/frontdoor_firewall_policy/outputs.tf index 6f2bf691..6c0599af 100644 --- a/modules/azure/frontdoor_firewall_policy/outputs.tf +++ b/modules/azure/frontdoor_firewall_policy/outputs.tf @@ -1,7 +1,7 @@ output "id" { - value = azurerm_frontdoor_firewall_policy.firewall_policy.id + value = azurerm_cdn_frontdoor_firewall_policy.firewall_policy.id } output "frontend_endpoint_ids" { - value = azurerm_frontdoor_firewall_policy.firewall_policy.frontend_endpoint_ids + value = azurerm_cdn_frontdoor_firewall_policy.firewall_policy.frontend_endpoint_ids } diff --git a/modules/azure/frontdoor_firewall_policy/variables.tf b/modules/azure/frontdoor_firewall_policy/variables.tf index 74148fe6..8ac2b495 100644 --- a/modules/azure/frontdoor_firewall_policy/variables.tf +++ b/modules/azure/frontdoor_firewall_policy/variables.tf @@ -13,6 +13,16 @@ variable "resource_group_name" { description = "Name of the resource group." } +variable "sku_name" { + type = string + description = "The SKU name of the WAF policy. Possible values are Standard_AzureFrontDoor and Premium_AzureFrontDoor." + + validation { + condition = can(regex("^(Standard_AzureFrontDoor|Premium_AzureFrontDoor)$", var.sku_name)) + error_message = "The SKU name must be either Standard_AzureFrontDoor or Premium_AzureFrontDoor." + } +} + variable "enabled" { type = bool description = "Is the WAF policy in a enabled state or disabled state." @@ -23,6 +33,11 @@ variable "mode" { type = string description = "The firewall policy mode. Possible values are Detection, Prevention." default = "Prevention" + + validation { + condition = can(regex("^(Detection|Prevention)$", var.mode)) + error_message = "The mode must be either Detection or Prevention." + } } variable "redirect_url" { @@ -61,7 +76,7 @@ variable "custom_block_response_status_code" { variable "custom_block_response_body" { type = string - description = "If a custom_rule block's action type is block, this is the response body. Must be bas64 encoded." + description = "If a custom_rule block's action type is block, this is the response body. Must be base64 encoded." default = null } @@ -93,6 +108,6 @@ variable "managed_rules" { }))) }))) })) - description = "A list of managed rule objects. For details see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/frontdoor_firewall_policy#managed_rule" + description = "A list of managed rule objects. For details see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_firewall_policy#managed_rule" default = [] } diff --git a/modules/azure/frontdoor_firewall_policy_classic/main.tf b/modules/azure/frontdoor_firewall_policy_classic/main.tf new file mode 100644 index 00000000..1e14da6b --- /dev/null +++ b/modules/azure/frontdoor_firewall_policy_classic/main.tf @@ -0,0 +1,144 @@ +terraform { + required_version = "~> 1.12" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~> 3.117" + } + } + + backend "azurerm" {} +} + +provider "azurerm" { + features {} +} + +resource "azurerm_frontdoor_firewall_policy" "firewall_policy" { + name = var.name + resource_group_name = var.resource_group_name + enabled = var.enabled + mode = var.mode + redirect_url = var.redirect_url + custom_block_response_status_code = var.custom_block_response_status_code + custom_block_response_body = var.custom_block_response_body + + dynamic "custom_rule" { + for_each = { + for rule in var.custom_rules : + rule.name => rule + } + iterator = rule + + content { + name = rule.value.name + action = rule.value.action + enabled = rule.value.enabled + priority = rule.value.priority + type = rule.value.type + rate_limit_duration_in_minutes = rule.value.rate_limit_duration_in_minutes + rate_limit_threshold = rule.value.rate_limit_threshold + + dynamic "match_condition" { + for_each = { + for index, condition in rule.value.match_conditions : + index => condition + } + iterator = condition + + content { + match_variable = condition.value.match_variable + match_values = condition.value.match_values + operator = condition.value.operator + selector = condition.value.selector + negation_condition = condition.value.negation_condition + transforms = condition.value.transforms + } + } + } + } + + dynamic "managed_rule" { + for_each = { + for rule in var.managed_rules : + rule.name => rule + } + iterator = rule + + content { + type = rule.value.type + version = rule.value.version + + # Managed rule exclusions + dynamic "exclusion" { + for_each = { + for index, exclusion in rule.value.exclusions : + index => exclusion + } + + content { + match_variable = exclusion.value.match_variable + operator = exclusion.value.operator + selector = exclusion.value.selector + } + } + + # Managed rule overrides + dynamic "override" { + for_each = { + for index, override in rule.value.overrides : + index => override + } + + content { + rule_group_name = override.value.rule_group_name + + # Managed rule overrides exclusions + dynamic "exclusion" { + for_each = { + for index, exclusion in override.value.exclusions : + index => exclusion + } + iterator = override_exclusion + + content { + match_variable = override_exclusion.value.match_variable + operator = override_exclusion.value.operator + selector = override_exclusion.value.selector + } + } + + # Managed rule overrides rules + dynamic "rule" { + for_each = { + for rule in override.value.rules : + rule.rule_id => rule + } + + content { + rule_id = rule.value.rule_id + action = rule.value.action + enabled = rule.value.enabled + + # Managed rule overrides rules exlusions + dynamic "exclusion" { + for_each = { + for index, exclusion in rule.value.exclusions : + index => exclusion + } + iterator = rule_exclusion + + content { + match_variable = rule_exclusion.value.match_variable + operator = rule_exclusion.value.operator + selector = rule_exclusion.value.selector + } + } + } + } + } + } + } + } +} diff --git a/modules/azure/frontdoor_firewall_policy_classic/outputs.tf b/modules/azure/frontdoor_firewall_policy_classic/outputs.tf new file mode 100644 index 00000000..6f2bf691 --- /dev/null +++ b/modules/azure/frontdoor_firewall_policy_classic/outputs.tf @@ -0,0 +1,7 @@ +output "id" { + value = azurerm_frontdoor_firewall_policy.firewall_policy.id +} + +output "frontend_endpoint_ids" { + value = azurerm_frontdoor_firewall_policy.firewall_policy.frontend_endpoint_ids +} diff --git a/modules/azure/frontdoor_firewall_policy_classic/variables.tf b/modules/azure/frontdoor_firewall_policy_classic/variables.tf new file mode 100644 index 00000000..74148fe6 --- /dev/null +++ b/modules/azure/frontdoor_firewall_policy_classic/variables.tf @@ -0,0 +1,98 @@ +variable "name" { + type = string + description = "The name of the WAF policy." + + validation { + condition = can(regex("^waf", var.name)) + error_message = "The name of this resource must start with 'waf'. For a list of common Azure abbreviations see https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations." + } +} + +variable "resource_group_name" { + type = string + description = "Name of the resource group." +} + +variable "enabled" { + type = bool + description = "Is the WAF policy in a enabled state or disabled state." + default = true +} + +variable "mode" { + type = string + description = "The firewall policy mode. Possible values are Detection, Prevention." + default = "Prevention" +} + +variable "redirect_url" { + type = string + description = "If action type is redirect, this field represents redirect URL for the client." + default = null +} + +variable "custom_rules" { + type = list(object({ + name = string + action = string + enabled = optional(bool) + priority = optional(number) + type = string + match_conditions = list(object({ + match_variable = string + match_values = list(string) + operator = string + selector = optional(string) + negation_condition = optional(bool) + transforms = optional(list(string)) + })) + rate_limit_duration_in_minutes = optional(number) + rate_limit_threshold = optional(number) + })) + description = "A list of custom rule objects. For details see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/frontdoor_firewall_policy#custom_rule" + default = [] +} + +variable "custom_block_response_status_code" { + type = number + description = "If a custom_rule block's action type is block, this is the response status code." + default = null +} + +variable "custom_block_response_body" { + type = string + description = "If a custom_rule block's action type is block, this is the response body. Must be bas64 encoded." + default = null +} + +variable "managed_rules" { + type = list(object({ + type = string + version = string + exclusion = optional(list(object({ + match_variable = string + operator = string + selector = string + }))) + override = optional(list(object({ + rule_group_name = string + exclusion = optional(list(object({ + match_variable = string + operator = string + selector = string + }))) + rule = optional(list(object({ + rule_id = string + action = string + enabled = optional(bool) + exclusion = optional(list(object({ + match_variable = string + operator = string + selector = string + }))) + }))) + }))) + })) + description = "A list of managed rule objects. For details see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/frontdoor_firewall_policy#managed_rule" + default = [] +} From 6b6e839dffe1454c8486ab0b80d4bf4deec30335 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Thu, 17 Jul 2025 19:11:28 +0200 Subject: [PATCH 07/32] Fixed managed_rule action and details link --- modules/azure/frontdoor_firewall_policy/main.tf | 1 + modules/azure/frontdoor_firewall_policy/variables.tf | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/azure/frontdoor_firewall_policy/main.tf b/modules/azure/frontdoor_firewall_policy/main.tf index 2d6dabca..eeb5d4af 100644 --- a/modules/azure/frontdoor_firewall_policy/main.tf +++ b/modules/azure/frontdoor_firewall_policy/main.tf @@ -70,6 +70,7 @@ resource "azurerm_cdn_frontdoor_firewall_policy" "firewall_policy" { content { type = rule.value.type version = rule.value.version + action = rule.value.action # Managed rule exclusions dynamic "exclusion" { diff --git a/modules/azure/frontdoor_firewall_policy/variables.tf b/modules/azure/frontdoor_firewall_policy/variables.tf index 8ac2b495..762fcaf0 100644 --- a/modules/azure/frontdoor_firewall_policy/variables.tf +++ b/modules/azure/frontdoor_firewall_policy/variables.tf @@ -64,7 +64,7 @@ variable "custom_rules" { rate_limit_duration_in_minutes = optional(number) rate_limit_threshold = optional(number) })) - description = "A list of custom rule objects. For details see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/frontdoor_firewall_policy#custom_rule" + description = "A list of custom rule objects. For details see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_frontdoor_firewall_policy#custom_rule-1" default = [] } From 36ebd7dd77ba4776fc2518da8725690993ebcc95 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Fri, 18 Jul 2025 18:01:01 +0200 Subject: [PATCH 08/32] Added support for Front Door Standard --- modules/azure/frontdoor_standard/main.tf | 179 ++++++++++++++++++ modules/azure/frontdoor_standard/outputs.tf | 7 + modules/azure/frontdoor_standard/variables.tf | 87 +++++++++ 3 files changed, 273 insertions(+) create mode 100644 modules/azure/frontdoor_standard/main.tf create mode 100644 modules/azure/frontdoor_standard/outputs.tf create mode 100644 modules/azure/frontdoor_standard/variables.tf diff --git a/modules/azure/frontdoor_standard/main.tf b/modules/azure/frontdoor_standard/main.tf new file mode 100644 index 00000000..75a6908c --- /dev/null +++ b/modules/azure/frontdoor_standard/main.tf @@ -0,0 +1,179 @@ +terraform { + required_version = "~> 1.12" + + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~> 3.117" + } + } + + backend "azurerm" {} +} + +provider "azurerm" { + features {} +} + +# Front Door Profile +resource "azurerm_cdn_frontdoor_profile" "fd_profile" { + name = var.name + resource_group_name = var.resource_group_name + sku_name = "Standard_AzureFrontDoor" +} + +# Endpoints +resource "azurerm_cdn_frontdoor_endpoint" "fd_endpoints" { + for_each = { for endpoint in var.endpoints : endpoint => endpoint } + + name = each.value + cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd_profile.id +} + +# Custom domains +resource "azurerm_cdn_frontdoor_custom_domain" "fd_custom_domains" { + for_each = { for fd_endpoint in azurerm_cdn_frontdoor_endpoint.fd_endpoints : fd_endpoint.name => fd_endpoint } + + name = each.key + cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd_profile.id + host_name = each.value.host_name + + tls { + certificate_type = "ManagedCertificate" + } +} + +# Origin groups +resource "azurerm_cdn_frontdoor_origin_group" "fd_origin_groups" { + for_each = { for group in var.origin_groups : group.name => group } + + name = each.key + cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd_profile.id + + session_affinity_enabled = false + + health_probe { + interval_in_seconds = each.value.health_probe.interval_in_seconds + protocol = each.value.health_probe.protocol + path = each.value.health_probe.path + request_type = each.value.health_probe.request_type + } + + load_balancing { } +} + +# Origins +resource "azurerm_cdn_frontdoor_origin" "fd_origins" { + for_each = { + for group in var.origin_groups : + group.name => group.fd_origins[0] # assumes 1 origin per pool (can be expanded) + } + + name = each.key + cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.fd_origin_groups[each.key].id + + certificate_name_check_enabled = false + + host_name = each.value.host_name + http_port = each.value.http_port + https_port = each.value.https_port + origin_host_header = each.value.origin_host_header + priority = each.value.priority + weight = each.value.weight + enabled = each.value.enabled +} + +# Redirect Rule Set +resource "azurerm_cdn_frontdoor_rule_set" "fd_rs_redirect" { + name = "fdRedirectRuleSet" + cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd_profile.id +} + +# HTTP to HTTPS Redirect Rule +resource "azurerm_cdn_frontdoor_rule" "fd_rule_http_to_https" { + depends_on = [azurerm_cdn_frontdoor_origin_group.fd_origin_groups, azurerm_cdn_frontdoor_origin.fd_origins] + + name = "FdRuleHttpToHttps" + cdn_frontdoor_rule_set_id = azurerm_cdn_frontdoor_rule_set.fd_rs_redirect.id + order = 1 + behavior_on_match = "Continue" + + actions { + url_redirect_action { + redirect_type = "PermanentRedirect" + redirect_protocol = "Https" + destination_hostname = "" + } + } +} + +# Routes (redirects) +resource "azurerm_cdn_frontdoor_route" "fd_redirect_routes" { + for_each = { + for route in var.redirect_routes : route.name => route + } + + name = each.key + cdn_frontdoor_endpoint_id = azurerm_cdn_frontdoor_endpoint.fd_endpoints[each.value.frontend_endpoint].id + cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.fd_origin_groups[each.value.origin_group_name].id + cdn_frontdoor_origin_ids = [azurerm_cdn_frontdoor_origin.fd_origins[each.value.origin_group_name].id] + cdn_frontdoor_rule_set_ids = [azurerm_cdn_frontdoor_rule_set.fd_rs_redirect.id] + enabled = lookup(each.value, "enabled", true) + + patterns_to_match = each.value.patterns_to_match + supported_protocols = each.value.supported_protocols + link_to_default_domain = false +} + +# Routes (forwarding) +resource "azurerm_cdn_frontdoor_route" "fd_forwarding_routes" { + for_each = { + for route in var.forwarding_routes : route.name => route + } + + name = each.key + cdn_frontdoor_endpoint_id = azurerm_cdn_frontdoor_endpoint.fd_endpoints[each.value.frontend_endpoint].id + cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.fd_origin_groups[each.value.origin_group_name].id + cdn_frontdoor_origin_ids = [azurerm_cdn_frontdoor_origin.fd_origins[each.value.origin_group_name].id] + enabled = lookup(each.value, "enabled", true) + + forwarding_protocol = "HttpsOnly" + patterns_to_match = each.value.patterns_to_match + supported_protocols = each.value.supported_protocols + + cdn_frontdoor_custom_domain_ids = [azurerm_cdn_frontdoor_custom_domain.fd_custom_domains[each.value.frontend_endpoint].id] + link_to_default_domain = false +} + +# Diagnostic settings +data "azurerm_monitor_diagnostic_categories" "fd_categories" { + count = var.log_analytics_workspace_id == null ? 0 : 1 + resource_id = azurerm_cdn_frontdoor_profile.fd_profile.id +} + +resource "azurerm_monitor_diagnostic_setting" "fd_diagnostics" { + count = var.log_analytics_workspace_id == null ? 0 : 1 + name = "diag-${var.name}" + target_resource_id = azurerm_cdn_frontdoor_profile.fd_profile.id + log_analytics_workspace_id = var.log_analytics_workspace_id + + dynamic "enabled_log" { + for_each = data.azurerm_monitor_diagnostic_categories.fd_categories[0].log_category_types + content { + category = enabled_log.value + retention_policy { + enabled = false + } + } + } + + dynamic "metric" { + for_each = data.azurerm_monitor_diagnostic_categories.fd_categories[0].metrics + content { + category = metric.value + retention_policy { + enabled = false + } + } + } +} diff --git a/modules/azure/frontdoor_standard/outputs.tf b/modules/azure/frontdoor_standard/outputs.tf new file mode 100644 index 00000000..c158b1ce --- /dev/null +++ b/modules/azure/frontdoor_standard/outputs.tf @@ -0,0 +1,7 @@ +output "id" { + value = azurerm_cdn_frontdoor_profile.fd_profile.id +} + +output "resource_guid" { + value = azurerm_cdn_frontdoor_profile.fd_profile.resource_guid +} diff --git a/modules/azure/frontdoor_standard/variables.tf b/modules/azure/frontdoor_standard/variables.tf new file mode 100644 index 00000000..54664603 --- /dev/null +++ b/modules/azure/frontdoor_standard/variables.tf @@ -0,0 +1,87 @@ + +variable "resource_group_name" { + type = string + description = "Name of the resource group." +} + +variable "name" { + type = string + description = "Specifies the name of the Front Door service." + + validation { + condition = can(regex("^fd", var.name)) + error_message = "The name of this resource must start with 'fd'. For a list of common Azure abbreviations see https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations." + } +} + +variable "endpoints" { + type = list(string) + description = "List of frontend_endpoint names for frontdoor." + + validation { + condition = length(var.endpoints) > 0 + error_message = "The list with endpoints should at least contain one object." + } +} + +variable "redirect_routes" { + type = list(object({ + name = string + frontend_endpoint = string + origin_group_name = string + enabled = optional(bool) + supported_protocols = list(string) + patterns_to_match = list(string) + })) + description = "A list of redirect routes for frontdoor." + + validation { + condition = length(var.redirect_routes) > 0 + error_message = "The list with redirect routes should at least contain one object." + } +} + +variable "forwarding_routes" { + type = list(object({ + name = string + frontend_endpoint = string + origin_group_name = string + enabled = optional(bool) + supported_protocols = list(string) + patterns_to_match = list(string) + })) + description = "A list of forwarding routes for frontdoor." + + validation { + condition = length(var.forwarding_routes) > 0 + error_message = "The list with forwarding routes should at least contain one object." + } +} + +variable "origin_groups" { + type = list(object({ + name = string + health_probe = optional(object({ + protocol = string + interval_in_seconds = number + path = optional(string) + request_type = optional(string) + })) + origins = list(object({ + host_name = string + origin_host_header = string + http_port = number + https_port = number + enabled = optional(bool) + priority = optional(number) + weight = optional(number) + })) + })) + description = "A list of origin groups for frontdoor." +} + +variable "log_analytics_workspace_id" { + type = string + description = "ID of a log analytics workspace (optional)." + default = null +} From c68ae5d0ccb1235ccfc2858afb382bbee6c619b1 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Sat, 19 Jul 2025 21:44:07 +0200 Subject: [PATCH 09/32] Fixed origins parameter reference --- modules/azure/frontdoor_standard/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/azure/frontdoor_standard/main.tf b/modules/azure/frontdoor_standard/main.tf index 75a6908c..dbf1861f 100644 --- a/modules/azure/frontdoor_standard/main.tf +++ b/modules/azure/frontdoor_standard/main.tf @@ -66,7 +66,7 @@ resource "azurerm_cdn_frontdoor_origin_group" "fd_origin_groups" { resource "azurerm_cdn_frontdoor_origin" "fd_origins" { for_each = { for group in var.origin_groups : - group.name => group.fd_origins[0] # assumes 1 origin per pool (can be expanded) + group.name => group.origins[0] # assumes 1 origin per origin group (can be expanded) } name = each.key From 8a90f1ee31f38263e323a971745e2830af3f4773 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Sat, 19 Jul 2025 23:24:00 +0200 Subject: [PATCH 10/32] Added https_redirect_enabled=false --- modules/azure/frontdoor_standard/main.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/azure/frontdoor_standard/main.tf b/modules/azure/frontdoor_standard/main.tf index dbf1861f..17b287da 100644 --- a/modules/azure/frontdoor_standard/main.tf +++ b/modules/azure/frontdoor_standard/main.tf @@ -122,6 +122,7 @@ resource "azurerm_cdn_frontdoor_route" "fd_redirect_routes" { patterns_to_match = each.value.patterns_to_match supported_protocols = each.value.supported_protocols + https_redirect_enabled = false link_to_default_domain = false } From 69dbe35b613e74fae915cb3b131aeae0b58ee193 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Sun, 20 Jul 2025 00:20:56 +0200 Subject: [PATCH 11/32] Removed link_to_default_domain initialization --- modules/azure/frontdoor_standard/main.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/azure/frontdoor_standard/main.tf b/modules/azure/frontdoor_standard/main.tf index 17b287da..6116c8c9 100644 --- a/modules/azure/frontdoor_standard/main.tf +++ b/modules/azure/frontdoor_standard/main.tf @@ -123,7 +123,6 @@ resource "azurerm_cdn_frontdoor_route" "fd_redirect_routes" { patterns_to_match = each.value.patterns_to_match supported_protocols = each.value.supported_protocols https_redirect_enabled = false - link_to_default_domain = false } # Routes (forwarding) From 118d8b54ec410562dc66e29eaca18d8d6ac5d377 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Mon, 21 Jul 2025 09:29:18 +0200 Subject: [PATCH 12/32] FD: Updated optional variables --- modules/azure/frontdoor_standard/variables.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/azure/frontdoor_standard/variables.tf b/modules/azure/frontdoor_standard/variables.tf index 54664603..b47fced3 100644 --- a/modules/azure/frontdoor_standard/variables.tf +++ b/modules/azure/frontdoor_standard/variables.tf @@ -69,9 +69,9 @@ variable "origin_groups" { })) origins = list(object({ host_name = string - origin_host_header = string - http_port = number - https_port = number + origin_host_header = optional(string) + http_port = optional(number) + https_port = optional(number) enabled = optional(bool) priority = optional(number) weight = optional(number) From b9d42cf78b393aec94b8f84d7671180ae659f81a Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Mon, 21 Jul 2025 14:52:08 +0200 Subject: [PATCH 13/32] Updated FD templates according to migrated FD example --- modules/azure/frontdoor_standard/main.tf | 47 +++++++++++-------- modules/azure/frontdoor_standard/variables.tf | 17 +++---- 2 files changed, 35 insertions(+), 29 deletions(-) diff --git a/modules/azure/frontdoor_standard/main.tf b/modules/azure/frontdoor_standard/main.tf index 6116c8c9..3c36c01a 100644 --- a/modules/azure/frontdoor_standard/main.tf +++ b/modules/azure/frontdoor_standard/main.tf @@ -22,17 +22,26 @@ resource "azurerm_cdn_frontdoor_profile" "fd_profile" { sku_name = "Standard_AzureFrontDoor" } -# Endpoints -resource "azurerm_cdn_frontdoor_endpoint" "fd_endpoints" { - for_each = { for endpoint in var.endpoints : endpoint => endpoint } +# Endpoint +resource "azurerm_cdn_frontdoor_endpoint" "fd_endpoint" { + name = var.name + cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd_profile.id +} - name = each.value +# Default FD domain +resource "azurerm_cdn_frontdoor_custom_domain" "fd_default_domain" { + name = "default" cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd_profile.id + host_name = "{var.name}.azurefd.net" + + tls { + certificate_type = "ManagedCertificate" + } } # Custom domains resource "azurerm_cdn_frontdoor_custom_domain" "fd_custom_domains" { - for_each = { for fd_endpoint in azurerm_cdn_frontdoor_endpoint.fd_endpoints : fd_endpoint.name => fd_endpoint } + for_each = { for custom_domain in var.custom_domains: custom_domain.name => custom_domain } name = each.key cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd_profile.id @@ -113,16 +122,17 @@ resource "azurerm_cdn_frontdoor_route" "fd_redirect_routes" { for route in var.redirect_routes : route.name => route } - name = each.key - cdn_frontdoor_endpoint_id = azurerm_cdn_frontdoor_endpoint.fd_endpoints[each.value.frontend_endpoint].id - cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.fd_origin_groups[each.value.origin_group_name].id - cdn_frontdoor_origin_ids = [azurerm_cdn_frontdoor_origin.fd_origins[each.value.origin_group_name].id] - cdn_frontdoor_rule_set_ids = [azurerm_cdn_frontdoor_rule_set.fd_rs_redirect.id] - enabled = lookup(each.value, "enabled", true) - - patterns_to_match = each.value.patterns_to_match - supported_protocols = each.value.supported_protocols - https_redirect_enabled = false + name = each.key + cdn_frontdoor_endpoint_id = azurerm_cdn_frontdoor_endpoint.fd_endpoint.id + cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.fd_origin_groups[each.value.origin_group_name].id + cdn_frontdoor_origin_ids = [azurerm_cdn_frontdoor_origin.fd_origins[each.value.origin_group_name].id] + cdn_frontdoor_rule_set_ids = [azurerm_cdn_frontdoor_rule_set.fd_rs_redirect.id] + cdn_frontdoor_custom_domain_ids = [azurerm_cdn_frontdoor_custom_domain.fd_custom_domains[each.value.custom_domain_name].id] + + enabled = each.value.enabled + patterns_to_match = each.value.patterns_to_match + supported_protocols = each.value.supported_protocols + https_redirect_enabled = false } # Routes (forwarding) @@ -132,16 +142,15 @@ resource "azurerm_cdn_frontdoor_route" "fd_forwarding_routes" { } name = each.key - cdn_frontdoor_endpoint_id = azurerm_cdn_frontdoor_endpoint.fd_endpoints[each.value.frontend_endpoint].id + cdn_frontdoor_endpoint_id = azurerm_cdn_frontdoor_endpoint.fd_endpoint.id cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.fd_origin_groups[each.value.origin_group_name].id cdn_frontdoor_origin_ids = [azurerm_cdn_frontdoor_origin.fd_origins[each.value.origin_group_name].id] - enabled = lookup(each.value, "enabled", true) + cdn_frontdoor_custom_domain_ids = [azurerm_cdn_frontdoor_custom_domain.fd_custom_domains[each.value.custom_domain_name].id] forwarding_protocol = "HttpsOnly" patterns_to_match = each.value.patterns_to_match supported_protocols = each.value.supported_protocols - - cdn_frontdoor_custom_domain_ids = [azurerm_cdn_frontdoor_custom_domain.fd_custom_domains[each.value.frontend_endpoint].id] + enabled = each.value.enabled link_to_default_domain = false } diff --git a/modules/azure/frontdoor_standard/variables.tf b/modules/azure/frontdoor_standard/variables.tf index b47fced3..d33b8125 100644 --- a/modules/azure/frontdoor_standard/variables.tf +++ b/modules/azure/frontdoor_standard/variables.tf @@ -14,20 +14,17 @@ variable "name" { } } -variable "endpoints" { - type = list(string) - description = "List of frontend_endpoint names for frontdoor." - - validation { - condition = length(var.endpoints) > 0 - error_message = "The list with endpoints should at least contain one object." - } +variable "custom_domains" { + type = list(object({ + name = string + host_name = string + })) + description = "List of custom domains for frontdoor." } - variable "redirect_routes" { type = list(object({ name = string - frontend_endpoint = string + custom_domain_name = string origin_group_name = string enabled = optional(bool) supported_protocols = list(string) From fbeefeb1eaadda5b0676b56fccf5adc832e85152 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Mon, 21 Jul 2025 15:07:44 +0200 Subject: [PATCH 14/32] Fixed variable property name. Aligned spaces --- modules/azure/frontdoor_standard/variables.tf | 44 +++++++++---------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/modules/azure/frontdoor_standard/variables.tf b/modules/azure/frontdoor_standard/variables.tf index d33b8125..0f1987ca 100644 --- a/modules/azure/frontdoor_standard/variables.tf +++ b/modules/azure/frontdoor_standard/variables.tf @@ -16,19 +16,19 @@ variable "name" { variable "custom_domains" { type = list(object({ - name = string - host_name = string + name = string + host_name = string })) description = "List of custom domains for frontdoor." } variable "redirect_routes" { type = list(object({ - name = string + name = string custom_domain_name = string - origin_group_name = string - enabled = optional(bool) + origin_group_name = string + enabled = optional(bool) supported_protocols = list(string) - patterns_to_match = list(string) + patterns_to_match = list(string) })) description = "A list of redirect routes for frontdoor." @@ -40,12 +40,12 @@ variable "redirect_routes" { variable "forwarding_routes" { type = list(object({ - name = string - frontend_endpoint = string - origin_group_name = string - enabled = optional(bool) + name = string + custom_domain_name = string + origin_group_name = string + enabled = optional(bool) supported_protocols = list(string) - patterns_to_match = list(string) + patterns_to_match = list(string) })) description = "A list of forwarding routes for frontdoor." @@ -57,21 +57,21 @@ variable "forwarding_routes" { variable "origin_groups" { type = list(object({ - name = string - health_probe = optional(object({ - protocol = string + name = string + health_probe = optional(object({ + protocol = string interval_in_seconds = number - path = optional(string) - request_type = optional(string) + path = optional(string) + request_type = optional(string) })) origins = list(object({ - host_name = string + host_name = string origin_host_header = optional(string) - http_port = optional(number) - https_port = optional(number) - enabled = optional(bool) - priority = optional(number) - weight = optional(number) + http_port = optional(number) + https_port = optional(number) + enabled = optional(bool) + priority = optional(number) + weight = optional(number) })) })) description = "A list of origin groups for frontdoor." From fcc0a2562d6752583491a2e78009444f81bba88f Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Mon, 21 Jul 2025 15:33:29 +0200 Subject: [PATCH 15/32] FD: Fixed variable interpolation. Initialized necessary property --- modules/azure/frontdoor_standard/main.tf | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/modules/azure/frontdoor_standard/main.tf b/modules/azure/frontdoor_standard/main.tf index 3c36c01a..2f049d2e 100644 --- a/modules/azure/frontdoor_standard/main.tf +++ b/modules/azure/frontdoor_standard/main.tf @@ -32,7 +32,7 @@ resource "azurerm_cdn_frontdoor_endpoint" "fd_endpoint" { resource "azurerm_cdn_frontdoor_custom_domain" "fd_default_domain" { name = "default" cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd_profile.id - host_name = "{var.name}.azurefd.net" + host_name = "${var.name}.azurefd.net" tls { certificate_type = "ManagedCertificate" @@ -147,10 +147,11 @@ resource "azurerm_cdn_frontdoor_route" "fd_forwarding_routes" { cdn_frontdoor_origin_ids = [azurerm_cdn_frontdoor_origin.fd_origins[each.value.origin_group_name].id] cdn_frontdoor_custom_domain_ids = [azurerm_cdn_frontdoor_custom_domain.fd_custom_domains[each.value.custom_domain_name].id] - forwarding_protocol = "HttpsOnly" + enabled = each.value.enabled patterns_to_match = each.value.patterns_to_match supported_protocols = each.value.supported_protocols - enabled = each.value.enabled + https_redirect_enabled = false + forwarding_protocol = "HttpsOnly" link_to_default_domain = false } From cb9229750cce8d1e93026cf75482d15b79df7f0f Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Mon, 21 Jul 2025 16:20:28 +0200 Subject: [PATCH 16/32] FD: Set link_to_default_domain to false --- modules/azure/frontdoor_standard/main.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/azure/frontdoor_standard/main.tf b/modules/azure/frontdoor_standard/main.tf index 2f049d2e..5d0caeb7 100644 --- a/modules/azure/frontdoor_standard/main.tf +++ b/modules/azure/frontdoor_standard/main.tf @@ -133,6 +133,7 @@ resource "azurerm_cdn_frontdoor_route" "fd_redirect_routes" { patterns_to_match = each.value.patterns_to_match supported_protocols = each.value.supported_protocols https_redirect_enabled = false + link_to_default_domain = false } # Routes (forwarding) From 339ce5a6197f99201ec2f323599e9a42506e9a0b Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Mon, 21 Jul 2025 22:09:06 +0200 Subject: [PATCH 17/32] Temporarily set cloudfare records as data source --- modules/cloudflare/dns_records/main.tf | 29 ++++++++++++++--------- modules/cloudflare/dns_records/outputs.tf | 4 ++-- 2 files changed, 20 insertions(+), 13 deletions(-) diff --git a/modules/cloudflare/dns_records/main.tf b/modules/cloudflare/dns_records/main.tf index a71e9e3e..4b7f0c25 100644 --- a/modules/cloudflare/dns_records/main.tf +++ b/modules/cloudflare/dns_records/main.tf @@ -17,14 +17,21 @@ data "cloudflare_zone" "zone" { name = var.zone_name } -resource "cloudflare_record" "record" { - for_each = { for idx, rec in var.records : rec.name => rec } - zone_id = data.cloudflare_zone.zone.id - name = each.value.name - value = each.value.value - type = each.value.type - ttl = each.value.ttl - priority = each.value.priority - proxied = each.value.proxied - allow_overwrite = each.value.allow_overwrite -} +# Temporarily set to data, just to extract into state +# resource "cloudflare_record" "record" { +# for_each = { for idx, rec in var.records : rec.name => rec } +# zone_id = data.cloudflare_zone.zone.id +# name = each.value.name +# value = each.value.value +# type = each.value.type +# ttl = each.value.ttl +# priority = each.value.priority +# proxied = each.value.proxied +# allow_overwrite = each.value.allow_overwrite +#} + +data "cloudflare_record" "record" { + for_each = { for rec in var.records : rec.name => rec } + zone_id = data.cloudflare_zone.zone.id + hostname = each.key +} \ No newline at end of file diff --git a/modules/cloudflare/dns_records/outputs.tf b/modules/cloudflare/dns_records/outputs.tf index e6872988..3d8b30f6 100644 --- a/modules/cloudflare/dns_records/outputs.tf +++ b/modules/cloudflare/dns_records/outputs.tf @@ -1,7 +1,7 @@ output "created_on" { - value = { for k, v in cloudflare_record.record : k => v.created_on } + value = { for k, v in data.cloudflare_record.record : k => v.created_on } } output "modified_on" { - value = { for k, v in cloudflare_record.record : k => v.modified_on } + value = { for k, v in data.cloudflare_record.record : k => v.modified_on } } From e74a746b73f12ccc4b7c3c60cc9463a19e013640 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Mon, 21 Jul 2025 22:27:29 +0200 Subject: [PATCH 18/32] CF: added type filter --- modules/cloudflare/dns_records/main.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/cloudflare/dns_records/main.tf b/modules/cloudflare/dns_records/main.tf index 4b7f0c25..f6cbaa9e 100644 --- a/modules/cloudflare/dns_records/main.tf +++ b/modules/cloudflare/dns_records/main.tf @@ -34,4 +34,5 @@ data "cloudflare_record" "record" { for_each = { for rec in var.records : rec.name => rec } zone_id = data.cloudflare_zone.zone.id hostname = each.key + type = "CNAME" } \ No newline at end of file From 5e1beb3e7fbdf68ac37cc7018aef261d88ceab8a Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Mon, 21 Jul 2025 22:32:30 +0200 Subject: [PATCH 19/32] CF: Temporarily commented outputs --- modules/cloudflare/dns_records/outputs.tf | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/cloudflare/dns_records/outputs.tf b/modules/cloudflare/dns_records/outputs.tf index 3d8b30f6..014b9930 100644 --- a/modules/cloudflare/dns_records/outputs.tf +++ b/modules/cloudflare/dns_records/outputs.tf @@ -1,7 +1,7 @@ -output "created_on" { - value = { for k, v in data.cloudflare_record.record : k => v.created_on } -} +#output "created_on" { + #value = { for k, v in data.cloudflare_record.record : k => v.created_on } +#} -output "modified_on" { - value = { for k, v in data.cloudflare_record.record : k => v.modified_on } -} +#output "modified_on" { + #value = { for k, v in data.cloudflare_record.record : k => v.modified_on } +#} From 6c35859afde95f9f0f8cb87ead2553f0f16824c7 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic <111054513+nikola-petrovic-valcon@users.noreply.github.com> Date: Tue, 22 Jul 2025 15:34:47 +0200 Subject: [PATCH 20/32] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 10432093..bd4c8a68 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Terraform +(Delete this line) + This repository contains terraform modules which can be used in combination with [Terragrunt](https://terragrunt.gruntwork.io/). Terragrunt allows you to keep your Terraform backend configuration DRY (“Don’t Repeat Yourself”) by defining versioned modules once and reusing those modules inside terragrunt configuration files. ## Getting started From feb0d5afdcd28256abfae7c5c135439faf36e6db Mon Sep 17 00:00:00 2001 From: Nikola Petrovic <111054513+nikola-petrovic-valcon@users.noreply.github.com> Date: Tue, 22 Jul 2025 15:35:35 +0200 Subject: [PATCH 21/32] Update README.md --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index bd4c8a68..10432093 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,5 @@ # Terraform -(Delete this line) - This repository contains terraform modules which can be used in combination with [Terragrunt](https://terragrunt.gruntwork.io/). Terragrunt allows you to keep your Terraform backend configuration DRY (“Don’t Repeat Yourself”) by defining versioned modules once and reusing those modules inside terragrunt configuration files. ## Getting started From 9b11c609b6a3331a9cd597d02b572dd9eadba60f Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Tue, 22 Jul 2025 21:53:53 +0200 Subject: [PATCH 22/32] FD: introduced FD security policy --- .../frontdoor_firewall_policy/outputs.tf | 4 +- modules/azure/frontdoor_standard/main.tf | 37 +++++++++++++------ modules/azure/frontdoor_standard/variables.tf | 8 ++++ 3 files changed, 36 insertions(+), 13 deletions(-) diff --git a/modules/azure/frontdoor_firewall_policy/outputs.tf b/modules/azure/frontdoor_firewall_policy/outputs.tf index 6c0599af..5d7466c8 100644 --- a/modules/azure/frontdoor_firewall_policy/outputs.tf +++ b/modules/azure/frontdoor_firewall_policy/outputs.tf @@ -2,6 +2,6 @@ output "id" { value = azurerm_cdn_frontdoor_firewall_policy.firewall_policy.id } -output "frontend_endpoint_ids" { - value = azurerm_cdn_frontdoor_firewall_policy.firewall_policy.frontend_endpoint_ids +output "name" { + value = azurerm_cdn_frontdoor_firewall_policy.firewall_policy.name } diff --git a/modules/azure/frontdoor_standard/main.tf b/modules/azure/frontdoor_standard/main.tf index 5d0caeb7..e677b770 100644 --- a/modules/azure/frontdoor_standard/main.tf +++ b/modules/azure/frontdoor_standard/main.tf @@ -28,17 +28,6 @@ resource "azurerm_cdn_frontdoor_endpoint" "fd_endpoint" { cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd_profile.id } -# Default FD domain -resource "azurerm_cdn_frontdoor_custom_domain" "fd_default_domain" { - name = "default" - cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd_profile.id - host_name = "${var.name}.azurefd.net" - - tls { - certificate_type = "ManagedCertificate" - } -} - # Custom domains resource "azurerm_cdn_frontdoor_custom_domain" "fd_custom_domains" { for_each = { for custom_domain in var.custom_domains: custom_domain.name => custom_domain } @@ -156,6 +145,32 @@ resource "azurerm_cdn_frontdoor_route" "fd_forwarding_routes" { link_to_default_domain = false } +data "azurerm_cdn_frontdoor_firewall_policy" "fd_firewall_policy" { + count = var.security_policy == null ? 0 : 1 + name = var.security_policy.firewall_policy_name + resource_group_name = var.resource_group_name +} + +# Security policy +resource "azurerm_cdn_frontdoor_security_policy" "fd_security_policy" { + count = var.security_policy == null ? 0 : 1 + name = "${var.security_policy.firewall_policy_name}-securityPolicy" + cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd_profile.id + + security_policies { + firewall { + cdn_frontdoor_firewall_policy_id = data.azurerm_cdn_frontdoor_firewall_policy.fd_firewall_policy[0].id + + association { + domain { + cdn_frontdoor_domain_id = azurerm_cdn_frontdoor_custom_domain.fd_custom_domains[var.security_policy.custom_domain_name].id + } + patterns_to_match = ["/*"] + } + } + } +} + # Diagnostic settings data "azurerm_monitor_diagnostic_categories" "fd_categories" { count = var.log_analytics_workspace_id == null ? 0 : 1 diff --git a/modules/azure/frontdoor_standard/variables.tf b/modules/azure/frontdoor_standard/variables.tf index 0f1987ca..ed169914 100644 --- a/modules/azure/frontdoor_standard/variables.tf +++ b/modules/azure/frontdoor_standard/variables.tf @@ -14,6 +14,14 @@ variable "name" { } } +variable "security_policy" { + type = object({ + firewall_policy_name = string + custom_domain_name = string + }) + description = "Specifies front door security policy details." +} + variable "custom_domains" { type = list(object({ name = string From 6d401f2bdc5a4aae8024366845912a6c54436adb Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Wed, 23 Jul 2025 10:47:54 +0200 Subject: [PATCH 23/32] Reverted main and outputs of cloudflare dns records --- modules/cloudflare/dns_records/main.tf | 28 ++++++++--------------- modules/cloudflare/dns_records/outputs.tf | 12 +++++----- 2 files changed, 16 insertions(+), 24 deletions(-) diff --git a/modules/cloudflare/dns_records/main.tf b/modules/cloudflare/dns_records/main.tf index f6cbaa9e..312f57c9 100644 --- a/modules/cloudflare/dns_records/main.tf +++ b/modules/cloudflare/dns_records/main.tf @@ -17,22 +17,14 @@ data "cloudflare_zone" "zone" { name = var.zone_name } -# Temporarily set to data, just to extract into state -# resource "cloudflare_record" "record" { -# for_each = { for idx, rec in var.records : rec.name => rec } -# zone_id = data.cloudflare_zone.zone.id -# name = each.value.name -# value = each.value.value -# type = each.value.type -# ttl = each.value.ttl -# priority = each.value.priority -# proxied = each.value.proxied -# allow_overwrite = each.value.allow_overwrite -#} - -data "cloudflare_record" "record" { - for_each = { for rec in var.records : rec.name => rec } - zone_id = data.cloudflare_zone.zone.id - hostname = each.key - type = "CNAME" + resource "cloudflare_record" "record" { + for_each = { for idx, rec in var.records : rec.name => rec } + zone_id = data.cloudflare_zone.zone.id + name = each.value.name + value = each.value.value + type = each.value.type + ttl = each.value.ttl + priority = each.value.priority + proxied = each.value.proxied + allow_overwrite = each.value.allow_overwrite } \ No newline at end of file diff --git a/modules/cloudflare/dns_records/outputs.tf b/modules/cloudflare/dns_records/outputs.tf index 014b9930..3d8b30f6 100644 --- a/modules/cloudflare/dns_records/outputs.tf +++ b/modules/cloudflare/dns_records/outputs.tf @@ -1,7 +1,7 @@ -#output "created_on" { - #value = { for k, v in data.cloudflare_record.record : k => v.created_on } -#} +output "created_on" { + value = { for k, v in data.cloudflare_record.record : k => v.created_on } +} -#output "modified_on" { - #value = { for k, v in data.cloudflare_record.record : k => v.modified_on } -#} +output "modified_on" { + value = { for k, v in data.cloudflare_record.record : k => v.modified_on } +} From 3f12113763f079982e093252c68a662786648542 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Wed, 23 Jul 2025 12:26:53 +0200 Subject: [PATCH 24/32] Replaced some deprecated properties --- modules/azure/api_management/main.tf | 4 ++-- modules/azure/api_management_api/main.tf | 8 ++++---- modules/azure/api_management_api/outputs.tf | 4 ++-- modules/azure/application_role_assignment/main.tf | 4 ++-- modules/azure/application_role_assignment/variables.tf | 4 ++-- modules/azure/function_app_linux_managed_identity/main.tf | 4 ++-- modules/azure/logic_app_standard/main.tf | 4 ++-- 7 files changed, 16 insertions(+), 16 deletions(-) diff --git a/modules/azure/api_management/main.tf b/modules/azure/api_management/main.tf index f720d83a..eb41f6b2 100644 --- a/modules/azure/api_management/main.tf +++ b/modules/azure/api_management/main.tf @@ -204,13 +204,13 @@ resource "azuread_application" "application" { } resource "azuread_application_password" "password" { - application_object_id = azuread_application.application.object_id + application_id = azuread_application.application.object_id } resource "azurerm_api_management_identity_provider_aad" "identity_provider_aad" { resource_group_name = var.resource_group_name api_management_name = azurerm_api_management.api_management.name - client_id = azuread_application.application.application_id + client_id = azuread_application.application.client_id client_secret = azuread_application_password.password.value allowed_tenants = var.allowed_tenants signin_tenant = var.signin_tenant diff --git a/modules/azure/api_management_api/main.tf b/modules/azure/api_management_api/main.tf index 625f9b5e..ca5144ad 100644 --- a/modules/azure/api_management_api/main.tf +++ b/modules/azure/api_management_api/main.tf @@ -125,7 +125,7 @@ resource "azurerm_api_management_api_policy" "api_policy" { - ${azuread_application.application.application_id} + ${azuread_application.application.client_id} ${var.aad_settings.issuer} @@ -316,7 +316,7 @@ resource "azurerm_api_management_authorization_server" "oauth2" { authorization_endpoint = var.auth_endpoint != null ? var.auth_endpoint : "https://login.microsoftonline.com/${var.authorization_tenant}/oauth2/v2.0/authorize" token_endpoint = var.token_endpoint != null ? var.token_endpoint : "https://login.microsoftonline.com/${var.authorization_tenant}/oauth2/v2.0/token" client_registration_endpoint = var.client_registration_endpoint - client_id = azuread_application.application.application_id + client_id = azuread_application.application.client_id client_secret = azuread_application_password.password.value bearer_token_sending_methods = ["authorizationHeader"] client_authentication_method = ["Body"] @@ -326,7 +326,7 @@ resource "azurerm_api_management_authorization_server" "oauth2" { resource "azuread_service_principal" "application" { count = local.should_assign_group ? 1 : 0 - application_id = azuread_application.application.application_id + client_id = azuread_application.application.client_id app_role_assignment_required = false owners = [data.azuread_client_config.current.object_id] } @@ -338,7 +338,7 @@ resource "azuread_group_member" "registered_app_member" { } resource "azuread_application_password" "password" { - application_object_id = azuread_application.application.object_id + application_id = azuread_application.application.object_id } resource "random_uuid" "oath2_uuid" {} diff --git a/modules/azure/api_management_api/outputs.tf b/modules/azure/api_management_api/outputs.tf index 85263e2e..f5c7f77a 100644 --- a/modules/azure/api_management_api/outputs.tf +++ b/modules/azure/api_management_api/outputs.tf @@ -6,8 +6,8 @@ output "api_management_api_diagnostic" { value = (var.api_diagnostic_settings != null && var.api_management_logger_id != null) ? azurerm_api_management_api_diagnostic.api_diagnostic[0].id : null } -output "application_id" { - value = azuread_application.application.application_id +output "client_id" { + value = azuread_application.application.client_id } output "default_role" { diff --git a/modules/azure/application_role_assignment/main.tf b/modules/azure/application_role_assignment/main.tf index e7ecf243..08239a71 100644 --- a/modules/azure/application_role_assignment/main.tf +++ b/modules/azure/application_role_assignment/main.tf @@ -14,8 +14,8 @@ terraform { provider "azuread" {} resource "azuread_service_principal" "internal" { - application_id = var.application_id - use_existing = var.use_existing_service_principal + client_id = var.client_id + use_existing = var.use_existing_service_principal } resource "azuread_app_role_assignment" "role_assignment" { diff --git a/modules/azure/application_role_assignment/variables.tf b/modules/azure/application_role_assignment/variables.tf index bfbfbb00..bde8f8fa 100644 --- a/modules/azure/application_role_assignment/variables.tf +++ b/modules/azure/application_role_assignment/variables.tf @@ -6,9 +6,9 @@ variable "assignments" { description = "The assignments you want to add to an application." } -variable "application_id" { +variable "client_id" { type = string - description = "The application ID of the application the assignments are added to." + description = "The client ID of the application the assignments are added to." } variable "use_existing_service_principal" { diff --git a/modules/azure/function_app_linux_managed_identity/main.tf b/modules/azure/function_app_linux_managed_identity/main.tf index bb8708c1..f9f61820 100644 --- a/modules/azure/function_app_linux_managed_identity/main.tf +++ b/modules/azure/function_app_linux_managed_identity/main.tf @@ -221,7 +221,7 @@ resource "azuread_application" "application" { resource "azuread_service_principal" "application" { count = local.should_assign_group ? 1 : 0 - application_id = azuread_application.application[0].client_id + client_id = azuread_application.application[0].client_id app_role_assignment_required = false owners = [data.azuread_client_config.current.object_id] } @@ -234,7 +234,7 @@ resource "azuread_group_member" "registered_app_member" { resource "azuread_application_password" "password" { count = local.should_create_app ? 1 : 0 - application_object_id = azuread_application.application[0].object_id + application_id = azuread_application.application[0].object_id } resource "random_uuid" "oath2_uuid" {} diff --git a/modules/azure/logic_app_standard/main.tf b/modules/azure/logic_app_standard/main.tf index 2e94f2ce..b8628828 100644 --- a/modules/azure/logic_app_standard/main.tf +++ b/modules/azure/logic_app_standard/main.tf @@ -263,7 +263,7 @@ resource "azapi_update_resource" "setup_auth_settings" { azureActiveDirectory = { enabled = true, registration = { - clientId = azuread_application.application[0].application_id + clientId = azuread_application.application[0].client_id clientSecretSettingName = "MICROSOFT_PROVIDER_AUTHENTICATION_SECRET" }, validation = { @@ -286,5 +286,5 @@ resource "azapi_update_resource" "setup_auth_settings" { resource "azuread_application_password" "password" { count = var.managed_identity_provider != null ? 1 : 0 - application_object_id = azuread_application.application[0].object_id + application_id = azuread_application.application[0].object_id } From cdbf792d5b724e2f73cfc47ebfb26f98773ddf3d Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Thu, 24 Jul 2025 10:19:32 +0200 Subject: [PATCH 25/32] CF: fixed outputs --- modules/cloudflare/dns_records/outputs.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/cloudflare/dns_records/outputs.tf b/modules/cloudflare/dns_records/outputs.tf index 3d8b30f6..e6872988 100644 --- a/modules/cloudflare/dns_records/outputs.tf +++ b/modules/cloudflare/dns_records/outputs.tf @@ -1,7 +1,7 @@ output "created_on" { - value = { for k, v in data.cloudflare_record.record : k => v.created_on } + value = { for k, v in cloudflare_record.record : k => v.created_on } } output "modified_on" { - value = { for k, v in data.cloudflare_record.record : k => v.modified_on } + value = { for k, v in cloudflare_record.record : k => v.modified_on } } From a362ac2f0a155ac0aaaa8ed0b3e8389737310195 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Thu, 24 Jul 2025 20:07:33 +0200 Subject: [PATCH 26/32] Fixed setting application_id for app password --- modules/azure/api_management/main.tf | 2 +- modules/azure/api_management_api/main.tf | 2 +- modules/azure/function_app_linux_managed_identity/main.tf | 2 +- modules/azure/logic_app_standard/main.tf | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/azure/api_management/main.tf b/modules/azure/api_management/main.tf index eb41f6b2..9baf1e05 100644 --- a/modules/azure/api_management/main.tf +++ b/modules/azure/api_management/main.tf @@ -204,7 +204,7 @@ resource "azuread_application" "application" { } resource "azuread_application_password" "password" { - application_id = azuread_application.application.object_id + application_id = azuread_application.application.id } resource "azurerm_api_management_identity_provider_aad" "identity_provider_aad" { diff --git a/modules/azure/api_management_api/main.tf b/modules/azure/api_management_api/main.tf index ca5144ad..06e30bb4 100644 --- a/modules/azure/api_management_api/main.tf +++ b/modules/azure/api_management_api/main.tf @@ -338,7 +338,7 @@ resource "azuread_group_member" "registered_app_member" { } resource "azuread_application_password" "password" { - application_id = azuread_application.application.object_id + application_id = azuread_application.application.id } resource "random_uuid" "oath2_uuid" {} diff --git a/modules/azure/function_app_linux_managed_identity/main.tf b/modules/azure/function_app_linux_managed_identity/main.tf index f9f61820..c2caba86 100644 --- a/modules/azure/function_app_linux_managed_identity/main.tf +++ b/modules/azure/function_app_linux_managed_identity/main.tf @@ -234,7 +234,7 @@ resource "azuread_group_member" "registered_app_member" { resource "azuread_application_password" "password" { count = local.should_create_app ? 1 : 0 - application_id = azuread_application.application[0].object_id + application_id = azuread_application.application[0].id } resource "random_uuid" "oath2_uuid" {} diff --git a/modules/azure/logic_app_standard/main.tf b/modules/azure/logic_app_standard/main.tf index b8628828..0c23114e 100644 --- a/modules/azure/logic_app_standard/main.tf +++ b/modules/azure/logic_app_standard/main.tf @@ -286,5 +286,5 @@ resource "azapi_update_resource" "setup_auth_settings" { resource "azuread_application_password" "password" { count = var.managed_identity_provider != null ? 1 : 0 - application_id = azuread_application.application[0].object_id + application_id = azuread_application.application[0].id } From eaf80ca84c29494ddd5e1d38110b8edc3cb0673e Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Fri, 25 Jul 2025 16:09:09 +0200 Subject: [PATCH 27/32] Added temporary output of API policy XML content --- modules/azure/api_management_api_simple/main.tf | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/modules/azure/api_management_api_simple/main.tf b/modules/azure/api_management_api_simple/main.tf index a6afec9b..b88ce44a 100644 --- a/modules/azure/api_management_api_simple/main.tf +++ b/modules/azure/api_management_api_simple/main.tf @@ -111,6 +111,12 @@ resource "azurerm_api_management_api_diagnostic" "api_diagnostic" { ########## API Policy ########## ####################################################### +# This temporary output is used to retrieve the XML content of the API policy. +output "api_policy_xml_content" { + value = azurerm_api_management_api_policy.api_policy.xml_content + description = "The XML content of the API policy." +} + resource "azurerm_api_management_api_policy" "api_policy" { api_name = azurerm_api_management_api.api.name api_management_name = var.api_management_name From 8be27cd2a038c063d164e95e3bebfaca8b0a1fea Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Thu, 31 Jul 2025 10:07:10 +0200 Subject: [PATCH 28/32] Reverted auth v2 logic for function app --- .../main.tf | 33 +++++++++++++++---- 1 file changed, 27 insertions(+), 6 deletions(-) diff --git a/modules/azure/function_app_linux_managed_identity/main.tf b/modules/azure/function_app_linux_managed_identity/main.tf index c2caba86..99612b07 100644 --- a/modules/azure/function_app_linux_managed_identity/main.tf +++ b/modules/azure/function_app_linux_managed_identity/main.tf @@ -31,6 +31,9 @@ provider "null" { } +data "azurerm_client_config" "current" { +} + locals { should_create_app = var.managed_identity_provider.existing != null ? false : true should_assign_group = var.managed_identity_provider.create.group_id != null ? true : false @@ -93,6 +96,26 @@ resource "azurerm_linux_function_app" "function_app" { } } + auth_settings_v2 { + auth_enabled = true + require_authentication = var.authentication_settings.require_authentication == null ? false : var.authentication_settings.require_authentication + unauthenticated_action = var.authentication_settings.unauthenticated_action == null ? null : var.authentication_settings.unauthenticated_action + excluded_paths = var.authentication_settings.excluded_paths == null ? [] : var.authentication_settings.excluded_paths + + active_directory_v2 { + client_id = local.should_create_app ? azuread_application.application[0].client_id : var.managed_identity_provider.existing.client_id + client_secret_setting_name = "MICROSOFT_PROVIDER_AUTHENTICATION_SECRET" + tenant_auth_endpoint = "https://login.microsoftonline.com/v2.0/${data.azurerm_client_config.current.tenant_id}/" + allowed_audiences = local.allowed_audiences + } + + login { + // Bug within terraform module it just requires it + // https://github.com/hashicorp/terraform-provider-azurerm/issues/21002 + } + } + + dynamic "connection_string" { for_each = var.connection_strings content { @@ -115,7 +138,6 @@ resource "azurerm_linux_function_app" "function_app" { } } - /* * https://github.com/hashicorp/terraform-provider-azurerm/issues/12928 blocked by https://github.com/Azure/azure-rest-api-specs/issues/18888 * @@ -126,7 +148,7 @@ resource "azurerm_linux_function_app" "function_app" { */ // Needed to have a trigger that allows recreating some resource every time -resource "null_resource" "always_run" { +/*resource "null_resource" "always_run" { triggers = { timestamp = "${timestamp()}" } @@ -165,15 +187,14 @@ resource "azapi_update_resource" "setup_auth_settings" { } }) lifecycle { - /* This action should always be replaces since is works under the hood as an api call - * So it does not really track issues with the function app properly - */ + // This action should always be replaces since is works under the hood as an api call + // So it does not really track issues with the function app properly replace_triggered_by = [ null_resource.always_run ] } } - +*/ # Managed Identity Provider data "azuread_client_config" "current" {} From c687d81bd5f25af19c1f968e4c45813fa7fc682f Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Wed, 13 Aug 2025 09:57:03 +0200 Subject: [PATCH 29/32] Creating an API will now always create an SP --- modules/azure/api_management_api/main.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/azure/api_management_api/main.tf b/modules/azure/api_management_api/main.tf index 06e30bb4..4435b4c6 100644 --- a/modules/azure/api_management_api/main.tf +++ b/modules/azure/api_management_api/main.tf @@ -325,7 +325,6 @@ resource "azurerm_api_management_authorization_server" "oauth2" { } resource "azuread_service_principal" "application" { - count = local.should_assign_group ? 1 : 0 client_id = azuread_application.application.client_id app_role_assignment_required = false owners = [data.azuread_client_config.current.object_id] From 434af91610210f3ee72dde9ed700af18f5485a12 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Wed, 13 Aug 2025 10:18:18 +0200 Subject: [PATCH 30/32] Fixed syntax error --- modules/azure/api_management_api/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/azure/api_management_api/main.tf b/modules/azure/api_management_api/main.tf index 4435b4c6..0ba82aed 100644 --- a/modules/azure/api_management_api/main.tf +++ b/modules/azure/api_management_api/main.tf @@ -333,7 +333,7 @@ resource "azuread_service_principal" "application" { resource "azuread_group_member" "registered_app_member" { count = local.should_assign_group ? 1 : 0 group_object_id = var.group_id - member_object_id = azuread_service_principal.application[0].object_id + member_object_id = azuread_service_principal.application.object_id } resource "azuread_application_password" "password" { From 0e45c13f7486f69a589a6344026c7665d82be2ce Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Wed, 13 Aug 2025 23:08:49 +0200 Subject: [PATCH 31/32] Fixed tenant auth settings URL --- modules/azure/function_app_linux_managed_identity/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/azure/function_app_linux_managed_identity/main.tf b/modules/azure/function_app_linux_managed_identity/main.tf index 99612b07..f1d1b58a 100644 --- a/modules/azure/function_app_linux_managed_identity/main.tf +++ b/modules/azure/function_app_linux_managed_identity/main.tf @@ -105,7 +105,7 @@ resource "azurerm_linux_function_app" "function_app" { active_directory_v2 { client_id = local.should_create_app ? azuread_application.application[0].client_id : var.managed_identity_provider.existing.client_id client_secret_setting_name = "MICROSOFT_PROVIDER_AUTHENTICATION_SECRET" - tenant_auth_endpoint = "https://login.microsoftonline.com/v2.0/${data.azurerm_client_config.current.tenant_id}/" + tenant_auth_endpoint = "https://login.microsoftonline.com/${data.azurerm_client_config.current.tenant_id}/v2.0/" allowed_audiences = local.allowed_audiences } From a715a94adea94de4d94e60df1ce2963ef238e4f6 Mon Sep 17 00:00:00 2001 From: Nikola Petrovic Date: Fri, 15 Aug 2025 19:05:33 +0200 Subject: [PATCH 32/32] Set use_existing to true for API SP --- modules/azure/api_management_api/main.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/azure/api_management_api/main.tf b/modules/azure/api_management_api/main.tf index 0ba82aed..af400e76 100644 --- a/modules/azure/api_management_api/main.tf +++ b/modules/azure/api_management_api/main.tf @@ -328,6 +328,7 @@ resource "azuread_service_principal" "application" { client_id = azuread_application.application.client_id app_role_assignment_required = false owners = [data.azuread_client_config.current.object_id] + use_existing = true } resource "azuread_group_member" "registered_app_member" {