Skip to content

Commit f5ff2a9

Browse files
gumodengumoden
authored
Merge pull request #3 from gumoden/gumoden-patch-4
Update HubAndSpoke.tf
2 parents 17c29f5 + 995f806 commit f5ff2a9

1 file changed

Lines changed: 53 additions & 5 deletions

File tree

  • Azure Firewall/Template - Inspecting traffic to PE with Azure Firewall

Azure Firewall/Template - Inspecting traffic to PE with Azure Firewall/HubAndSpoke.tf

Lines changed: 53 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -14,19 +14,67 @@ provider "azurerm" {
1414
features {}
1515
}
1616

17+
data "azurerm_client_config" "current" {}
18+
1719
resource "random_string" "random" {
1820
length = 6
1921
special = false
2022
upper = false
2123
}
2224

23-
//Resource Group AzureFWLab1
25+
resource "random_password" "password" {
26+
length = 12
27+
lower = true
28+
numeric = true
29+
special = true
30+
upper = true
31+
}
32+
33+
//Resource Group FwPeHubAndSpokeLab10
2434

2535
resource "azurerm_resource_group" "rg" {
2636
name = "FwPeHubAndSpokeLab10"
2737
location = "eastus2"
2838
}
2939

40+
//Keyvault
41+
42+
resource "azurerm_key_vault" "mykeyvault" {
43+
name = "${random_string.random.result}-kv"
44+
location = azurerm_resource_group.rg.location
45+
resource_group_name = azurerm_resource_group.rg.name
46+
tenant_id = data.azurerm_client_config.current.tenant_id
47+
sku_name = "standard"
48+
purge_protection_enabled = false
49+
50+
access_policy {
51+
tenant_id = data.azurerm_client_config.current.tenant_id
52+
object_id = data.azurerm_client_config.current.object_id
53+
54+
secret_permissions = [
55+
"List",
56+
"Set",
57+
"Get",
58+
]
59+
}
60+
}
61+
62+
//VM Secret
63+
64+
resource "azurerm_key_vault_secret" "vmsecret" {
65+
name = "AzureUser"
66+
value = "${random_password.password.result}"
67+
key_vault_id = azurerm_key_vault.mykeyvault.id
68+
}
69+
70+
//MySql Secret
71+
72+
resource "azurerm_key_vault_secret" "mysqlsecret" {
73+
name = "mysqladmin"
74+
value = "${random_password.password.result}"
75+
key_vault_id = azurerm_key_vault.mykeyvault.id
76+
}
77+
3078
//MySQL PaaS Service
3179

3280
resource "azurerm_mysql_server" "mysql" {
@@ -35,7 +83,7 @@ resource "azurerm_mysql_server" "mysql" {
3583
resource_group_name = azurerm_resource_group.rg.name
3684
version = "8.0"
3785
administrator_login = "mysqladmin"
38-
administrator_login_password = "H@Sh1CoR3!"
86+
administrator_login_password = "${random_password.password.result}"
3987
ssl_enforcement_enabled = "true"
4088
sku_name = "GP_Gen5_2"
4189
}
@@ -289,8 +337,8 @@ resource "azurerm_virtual_machine" "AppVm1" {
289337

290338
os_profile {
291339
computer_name = "appvm1"
292-
admin_username = "fwbasicadmin"
293-
admin_password = "Password1234!"
340+
admin_username = "AzureUser"
341+
admin_password = "${random_password.password.result}"
294342
}
295343

296344
os_profile_windows_config {
@@ -362,4 +410,4 @@ resource "azurerm_monitor_diagnostic_setting" "azfw-diag" {
362410
enabled = false
363411
}
364412
}
365-
}
413+
}

0 commit comments

Comments
 (0)