diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 92e2bd8a0..ed19403a4 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -15,3 +15,4 @@ repos:
- --tf-init-args=-lockfile=readonly
- --args=-json
- --args=-no-color
+ - --hook-config=--retry-once-with-cleanup=true
diff --git a/src/core/README.md b/src/core/README.md
index 3bf6c5dd0..3cf7c5547 100644
--- a/src/core/README.md
+++ b/src/core/README.md
@@ -52,8 +52,6 @@
| [azdoa\_li\_infra](#module\_azdoa\_li\_infra) | github.com/pagopa/terraform-azurerm-v3//azure_devops_agent | v8.27.0 |
| [azdoa\_loadtest\_li](#module\_azdoa\_loadtest\_li) | github.com/pagopa/terraform-azurerm-v3//azure_devops_agent | v8.27.0 |
| [azdoa\_snet](#module\_azdoa\_snet) | github.com/pagopa/terraform-azurerm-v3//subnet | v8.27.0 |
-| [dns\_forwarder](#module\_dns\_forwarder) | github.com/pagopa/terraform-azurerm-v3//dns_forwarder | v8.27.0 |
-| [dns\_forwarder\_snet](#module\_dns\_forwarder\_snet) | github.com/pagopa/terraform-azurerm-v3//subnet | v8.27.0 |
| [event\_hub](#module\_event\_hub) | github.com/pagopa/terraform-azurerm-v3//eventhub | v8.27.0 |
| [eventhub\_snet](#module\_eventhub\_snet) | github.com/pagopa/terraform-azurerm-v3//subnet | v8.27.0 |
| [locked\_profiles\_storage](#module\_locked\_profiles\_storage) | github.com/pagopa/terraform-azurerm-v3//storage_account | v8.27.0 |
@@ -62,8 +60,6 @@
| [storage\_api](#module\_storage\_api) | github.com/pagopa/terraform-azurerm-v3//storage_account | v8.27.0 |
| [storage\_api\_object\_replication\_to\_replica](#module\_storage\_api\_object\_replication\_to\_replica) | github.com/pagopa/terraform-azurerm-v3//storage_object_replication | v8.27.0 |
| [storage\_api\_replica](#module\_storage\_api\_replica) | github.com/pagopa/terraform-azurerm-v3//storage_account | v8.27.0 |
-| [vpn](#module\_vpn) | github.com/pagopa/terraform-azurerm-v3//vpn_gateway | v8.27.0 |
-| [vpn\_snet](#module\_vpn\_snet) | github.com/pagopa/terraform-azurerm-v3//subnet | v8.27.0 |
| [web\_test\_api](#module\_web\_test\_api) | github.com/pagopa/terraform-azurerm-v3//application_insights_web_test_preview | v8.29.1 |
## Resources
@@ -169,7 +165,6 @@
| [azurerm_subnet_network_security_group_association.snet_nsg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet_network_security_group_association) | resource |
| [azurerm_user_assigned_identity.appgateway](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/user_assigned_identity) | resource |
| [azurerm_web_application_firewall_policy.api_app](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/web_application_firewall_policy) | resource |
-| [azuread_application.vpn_app](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/application) | data source |
| [azuread_group.adgroup_admin](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source |
| [azuread_group.adgroup_developers](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source |
| [azuread_service_principal.app_gw_uai_kvreader](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/service_principal) | data source |
diff --git a/src/core/_modules/vpn/data.tf b/src/core/_modules/vpn/data.tf
new file mode 100644
index 000000000..3e0f836ab
--- /dev/null
+++ b/src/core/_modules/vpn/data.tf
@@ -0,0 +1,3 @@
+data "azuread_application" "vpn_app" {
+ display_name = "${var.prefix}-${var.env_short}-app-vpn"
+}
diff --git a/src/core/_modules/vpn/locals.tf b/src/core/_modules/vpn/locals.tf
new file mode 100644
index 000000000..2ad97aa23
--- /dev/null
+++ b/src/core/_modules/vpn/locals.tf
@@ -0,0 +1,9 @@
+locals {
+ nonstandard = {
+ weu = {
+ vpn = "${var.project}-vpn"
+ dns_forwarder_snet = "${var.project}-dnsforwarder"
+ dns_forwarder = "${var.project}-dns-forwarder"
+ }
+ }
+}
diff --git a/src/core/vpn.tf b/src/core/_modules/vpn/main.tf
similarity index 53%
rename from src/core/vpn.tf
rename to src/core/_modules/vpn/main.tf
index c4fd54c33..beec206f7 100644
--- a/src/core/vpn.tf
+++ b/src/core/_modules/vpn/main.tf
@@ -1,25 +1,21 @@
-data "azuread_application" "vpn_app" {
- display_name = format("%s-app-vpn", local.project)
-}
-
## VPN
module "vpn_snet" {
- source = "github.com/pagopa/terraform-azurerm-v3//subnet?ref=v8.27.0"
+ source = "github.com/pagopa/terraform-azurerm-v3//subnet?ref=v8.33.1"
name = "GatewaySubnet"
- address_prefixes = var.cidr_subnet_vpn
- resource_group_name = azurerm_resource_group.rg_common.name
- virtual_network_name = data.azurerm_virtual_network.common.name
+ address_prefixes = var.vpn_cidr_subnet
+ resource_group_name = var.resource_group_name
+ virtual_network_name = var.vnet_common.name
service_endpoints = []
private_endpoint_network_policies_enabled = false
}
module "vpn" {
- source = "github.com/pagopa/terraform-azurerm-v3//vpn_gateway?ref=v8.27.0"
+ source = "github.com/pagopa/terraform-azurerm-v3//vpn_gateway?ref=v8.33.0"
- name = format("%s-vpn", local.project)
+ name = try(local.nonstandard[var.location_short].vpn, "${var.project}-vgw-01")
location = var.location
- resource_group_name = azurerm_resource_group.rg_common.name
+ resource_group_name = var.resource_group_name
sku = var.vpn_sku
pip_sku = var.vpn_pip_sku
subnet_id = module.vpn_snet.id
@@ -29,8 +25,8 @@ module "vpn" {
address_space = ["172.16.2.0/24"],
vpn_client_protocols = ["OpenVPN"],
aad_audience = data.azuread_application.vpn_app.application_id
- aad_issuer = format("https://sts.windows.net/%s/", data.azurerm_subscription.current.tenant_id)
- aad_tenant = format("https://login.microsoftonline.com/%s", data.azurerm_subscription.current.tenant_id)
+ aad_issuer = "https://sts.windows.net/${var.subscription_current.tenant_id}/"
+ aad_tenant = "https://login.microsoftonline.com/${var.subscription_current.tenant_id}"
radius_server_address = null
radius_server_secret = null
revoked_certificate = []
@@ -43,11 +39,11 @@ module "vpn" {
## DNS FORWARDER
module "dns_forwarder_snet" {
- source = "github.com/pagopa/terraform-azurerm-v3//subnet?ref=v8.27.0"
- name = format("%s-dnsforwarder", local.project)
- address_prefixes = var.cidr_subnet_dnsforwarder
- resource_group_name = azurerm_resource_group.rg_common.name
- virtual_network_name = data.azurerm_virtual_network.common.name
+ source = "github.com/pagopa/terraform-azurerm-v3//subnet?ref=v8.33.1"
+ name = try(local.nonstandard[var.location_short].dns_forwarder_snet, "${var.project}-dns-forwarder-snet-01")
+ address_prefixes = var.dnsforwarder_cidr_subnet
+ resource_group_name = var.resource_group_name
+ virtual_network_name = var.vnet_common.name
private_endpoint_network_policies_enabled = false
delegation = {
@@ -60,10 +56,10 @@ module "dns_forwarder_snet" {
}
module "dns_forwarder" {
- source = "github.com/pagopa/terraform-azurerm-v3//dns_forwarder?ref=v8.27.0"
- name = format("%s-dns-forwarder", local.project)
+ source = "github.com/pagopa/terraform-azurerm-v3//dns_forwarder?ref=v8.33.1"
+ name = try(local.nonstandard[var.location_short].dns_forwarder, "${var.project}-dns-forwarder-ci-01")
location = var.location
- resource_group_name = azurerm_resource_group.rg_common.name
+ resource_group_name = var.resource_group_name
subnet_id = module.dns_forwarder_snet.id
tags = var.tags
diff --git a/src/core/_modules/vpn/variables.tf b/src/core/_modules/vpn/variables.tf
new file mode 100644
index 000000000..b0dfaa660
--- /dev/null
+++ b/src/core/_modules/vpn/variables.tf
@@ -0,0 +1,82 @@
+variable "project" {
+ type = string
+ description = "IO prefix, short environment and short location"
+}
+
+variable "prefix" {
+ type = string
+ description = "Prefix for resources"
+ validation {
+ condition = (
+ length(var.prefix) < 6
+ )
+ error_message = "Max length is 6 chars."
+ }
+}
+
+variable "env_short" {
+ type = string
+ validation {
+ condition = (
+ length(var.env_short) == 1
+ )
+ error_message = "Length must be 1 chars."
+ }
+}
+
+variable "location" {
+ type = string
+ description = "Azure region"
+}
+
+variable "location_short" {
+ type = string
+ description = "Azure region short name"
+}
+
+variable "tags" {
+ type = map(any)
+ description = "Resource tags"
+}
+
+variable "resource_group_name" {
+ type = string
+ description = "Resource group name for VNet"
+}
+
+variable "subscription_current" {
+ description = "Current subscription information"
+}
+
+## VPN ##
+variable "vnet_common" {
+ type = object({
+ id = string
+ name = string
+ address_space = list(string)
+ resource_group_name = string
+ })
+ description = "Information of the common VNet"
+}
+
+variable "vpn_sku" {
+ type = string
+ default = "VpnGw1"
+ description = "VPN Gateway SKU"
+}
+
+variable "vpn_pip_sku" {
+ type = string
+ default = "Basic"
+ description = "VPN GW PIP SKU"
+}
+
+variable "vpn_cidr_subnet" {
+ type = list(string)
+ description = "VPN network address space."
+}
+
+variable "dnsforwarder_cidr_subnet" {
+ type = list(string)
+ description = "DNS Forwarder network address space."
+}
diff --git a/src/core/prod/.terraform.lock.hcl b/src/core/prod/.terraform.lock.hcl
index f60ed0533..98d5d78c0 100644
--- a/src/core/prod/.terraform.lock.hcl
+++ b/src/core/prod/.terraform.lock.hcl
@@ -1,6 +1,28 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
+provider "registry.terraform.io/hashicorp/azuread" {
+ version = "2.53.1"
+ hashes = [
+ "h1:0z/718jtR2TJHQQMMqi4nvd6XFPV/iA1jb/5fyAcn5o=",
+ "h1:2rk36pu4YyhBVz/Mf4swYCQxaB31iPaXOiWNlqZMXbM=",
+ "h1:7ZNdNGnUB6N6Z6St3COzRXFaghMEyYkZt7WyOCRKOqo=",
+ "h1:EZNO8sEtUABuRxujQrDrW1z1QsG0dq6iLbzWtnG7Om4=",
+ "zh:162916b037e5133f49298b0ffa3e7dcef7d76530a8ca738e7293373980f73c68",
+ "zh:1c3e89cf19118fc07d7b04257251fc9897e722c16e0a0df7b07fcd261f8c12e7",
+ "zh:492931cea4f30887ab5bca36a8556dfcb897288eddd44619c0217fc5da2d57e7",
+ "zh:4c895e450e18335ad8714cc6d3488fc1a78816ad2851a91b06cb2ef775dd7c66",
+ "zh:60d92fdaf7235574201f2d8f68f733ee00a822993b3fc95e6952e09e6ec76999",
+ "zh:67a169119efa41c1fb867ef1a8e79bf03472a2324384c36eb55370c817dcce42",
+ "zh:9dd4d5ed9233cf9329262200bc5a1aa60942b80dbc611e2ef4b09f47531b39b1",
+ "zh:a3c160e35b9e40fc1497b83c2f37a8e24565b05a1783c7733609f3695735c2a9",
+ "zh:a4a221da42b1f46e7c436c7145e5beaadfd9d03f3be6fd526d132c03f18a5979",
+ "zh:af0d3476a9702d2287e168e3baa670e64daab9c9b01c01e17025a5248f3e28e9",
+ "zh:e3579bff7894f3d36066b74ec324be6d28f56a42a387a2b8a0eabf33cbff86df",
+ "zh:f1749ee8ad972ae6424665aa9d2c0ece8c40c51d41ec2f38b863148cb437e865",
+ ]
+}
+
provider "registry.terraform.io/hashicorp/azurerm" {
version = "3.112.0"
constraints = "~> 3.30, <= 3.112.0"
@@ -23,3 +45,71 @@ provider "registry.terraform.io/hashicorp/azurerm" {
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}
+
+provider "registry.terraform.io/hashicorp/local" {
+ version = "2.5.1"
+ constraints = "~> 2.3"
+ hashes = [
+ "h1:/GAVA/xheGQcbOZEq0qxANOg+KVLCA7Wv8qluxhTjhU=",
+ "h1:8oTPe2VUL6E2d3OcrvqyjI4Nn/Y/UEQN26WLk5O/B0g=",
+ "h1:Np4kERf9SMrqUi7DJ1rK3soMK14k49nfgE7l/ipQ5xw=",
+ "h1:tjcGlQAFA0kmQ4vKkIPPUC4it1UYxLbg4YvHOWRAJHA=",
+ "zh:0af29ce2b7b5712319bf6424cb58d13b852bf9a777011a545fac99c7fdcdf561",
+ "zh:126063ea0d79dad1f68fa4e4d556793c0108ce278034f101d1dbbb2463924561",
+ "zh:196bfb49086f22fd4db46033e01655b0e5e036a5582d250412cc690fa7995de5",
+ "zh:37c92ec084d059d37d6cffdb683ccf68e3a5f8d2eb69dd73c8e43ad003ef8d24",
+ "zh:4269f01a98513651ad66763c16b268f4c2da76cc892ccfd54b401fff6cc11667",
+ "zh:51904350b9c728f963eef0c28f1d43e73d010333133eb7f30999a8fb6a0cc3d8",
+ "zh:73a66611359b83d0c3fcba2984610273f7954002febb8a57242bbb86d967b635",
+ "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+ "zh:7ae387993a92bcc379063229b3cce8af7eaf082dd9306598fcd42352994d2de0",
+ "zh:9e0f365f807b088646db6e4a8d4b188129d9ebdbcf2568c8ab33bddd1b82c867",
+ "zh:b5263acbd8ae51c9cbffa79743fbcadcb7908057c87eb22fd9048268056efbc4",
+ "zh:dfcd88ac5f13c0d04e24be00b686d069b4879cc4add1b7b1a8ae545783d97520",
+ ]
+}
+
+provider "registry.terraform.io/hashicorp/null" {
+ version = "3.2.2"
+ hashes = [
+ "h1:IMVAUHKoydFrlPrl9OzasDnw/8ntZFerCC9iXw1rXQY=",
+ "h1:m467k2tZ9cdFFgHW7LPBK2GLPH43LC6wc3ppxr8yvoE=",
+ "h1:vWAsYRd7MjYr3adj8BVKRohVfHpWQdvkIwUQ2Jf5FVM=",
+ "h1:zT1ZbegaAYHwQa+QwIFugArWikRJI9dqohj8xb0GY88=",
+ "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7",
+ "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a",
+ "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3",
+ "zh:4c2f1faee67af104f5f9e711c4574ff4d298afaa8a420680b0cb55d7bbc65606",
+ "zh:544b33b757c0b954dbb87db83a5ad921edd61f02f1dc86c6186a5ea86465b546",
+ "zh:696cf785090e1e8cf1587499516b0494f47413b43cb99877ad97f5d0de3dc539",
+ "zh:6e301f34757b5d265ae44467d95306d61bef5e41930be1365f5a8dcf80f59452",
+ "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+ "zh:913a929070c819e59e94bb37a2a253c228f83921136ff4a7aa1a178c7cce5422",
+ "zh:aa9015926cd152425dbf86d1abdbc74bfe0e1ba3d26b3db35051d7b9ca9f72ae",
+ "zh:bb04798b016e1e1d49bcc76d62c53b56c88c63d6f2dfe38821afef17c416a0e1",
+ "zh:c23084e1b23577de22603cff752e59128d83cfecc2e6819edadd8cf7a10af11e",
+ ]
+}
+
+provider "registry.terraform.io/hashicorp/random" {
+ version = "3.6.2"
+ constraints = "~> 3.4"
+ hashes = [
+ "h1:5lstwe/L8AZS/CP0lil2nPvmbbjAu8kCaU/ogSGNbxk=",
+ "h1:R5qdQjKzOU16TziCN1vR3Exr/B+8WGK80glLTT4ZCPk=",
+ "h1:VavG5unYCa3SYISMKF9pzc3718M0bhPlcbUZZGl7wuo=",
+ "h1:wmG0QFjQ2OfyPy6BB7mQ57WtoZZGGV07uAPQeDmIrAE=",
+ "zh:0ef01a4f81147b32c1bea3429974d4d104bbc4be2ba3cfa667031a8183ef88ec",
+ "zh:1bcd2d8161e89e39886119965ef0f37fcce2da9c1aca34263dd3002ba05fcb53",
+ "zh:37c75d15e9514556a5f4ed02e1548aaa95c0ecd6ff9af1119ac905144c70c114",
+ "zh:4210550a767226976bc7e57d988b9ce48f4411fa8a60cd74a6b246baf7589dad",
+ "zh:562007382520cd4baa7320f35e1370ffe84e46ed4e2071fdc7e4b1a9b1f8ae9b",
+ "zh:5efb9da90f665e43f22c2e13e0ce48e86cae2d960aaf1abf721b497f32025916",
+ "zh:6f71257a6b1218d02a573fc9bff0657410404fb2ef23bc66ae8cd968f98d5ff6",
+ "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+ "zh:9647e18f221380a85f2f0ab387c68fdafd58af6193a932417299cdcae4710150",
+ "zh:bb6297ce412c3c2fa9fec726114e5e0508dd2638cad6a0cb433194930c97a544",
+ "zh:f83e925ed73ff8a5ef6e3608ad9225baa5376446349572c2449c0c0b3cf184b7",
+ "zh:fbef0781cb64de76b1df1ca11078aecba7800d82fd4a956302734999cfd9a4af",
+ ]
+}
diff --git a/src/core/prod/README.md b/src/core/prod/README.md
index c0c9a2e8a..aad9bf2ec 100644
--- a/src/core/prod/README.md
+++ b/src/core/prod/README.md
@@ -17,6 +17,7 @@
| [networking\_weu](#module\_networking\_weu) | ../_modules/networking | n/a |
| [vnet\_peering\_itn](#module\_vnet\_peering\_itn) | ../_modules/vnet_peering | n/a |
| [vnet\_peering\_weu](#module\_vnet\_peering\_weu) | ../_modules/vnet_peering | n/a |
+| [vpn\_weu](#module\_vpn\_weu) | ../_modules/vpn | n/a |
## Resources
@@ -26,7 +27,8 @@
| [azurerm_api_management.apim_v2](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/api_management) | data source |
| [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
| [azurerm_public_ip.appgateway_public_ip](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/public_ip) | data source |
-| [azurerm_resource_group.vnet_weu](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
+| [azurerm_resource_group.common_weu](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
+| [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
| [azurerm_virtual_network.weu_beta](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/virtual_network) | data source |
| [azurerm_virtual_network.weu_prod01](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/virtual_network) | data source |
diff --git a/src/core/prod/data.tf b/src/core/prod/data.tf
index 759e398f5..33ed8f21f 100644
--- a/src/core/prod/data.tf
+++ b/src/core/prod/data.tf
@@ -1,5 +1,7 @@
data "azurerm_client_config" "current" {}
+data "azurerm_subscription" "current" {}
+
data "azurerm_virtual_network" "weu_beta" {
name = "${local.project_weu}-beta-vnet"
resource_group_name = "${local.project_weu}-beta-vnet-rg"
diff --git a/src/core/prod/refactor.tf b/src/core/prod/refactor.tf
new file mode 100644
index 000000000..1b26f734c
--- /dev/null
+++ b/src/core/prod/refactor.tf
@@ -0,0 +1,24 @@
+import {
+ to = module.vpn_weu.module.dns_forwarder.azurerm_container_group.this
+ id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.ContainerInstance/containerGroups/io-p-dns-forwarder"
+}
+
+import {
+ to = module.vpn_weu.module.dns_forwarder_snet.azurerm_subnet.this
+ id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/io-p-dnsforwarder"
+}
+
+import {
+ to = module.vpn_weu.module.vpn.azurerm_public_ip.gw[0]
+ id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/publicIPAddresses/io-p-vpn-gw-pip"
+}
+
+import {
+ to = module.vpn_weu.module.vpn.azurerm_virtual_network_gateway.gw
+ id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworkGateways/io-p-vpn-gw"
+}
+
+import {
+ to = module.vpn_weu.module.vpn_snet.azurerm_subnet.this
+ id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/GatewaySubnet"
+}
\ No newline at end of file
diff --git a/src/core/prod/westeurope.tf b/src/core/prod/westeurope.tf
index 7af613e14..2dde9b465 100644
--- a/src/core/prod/westeurope.tf
+++ b/src/core/prod/westeurope.tf
@@ -1,13 +1,13 @@
-data "azurerm_resource_group" "vnet_weu" {
+data "azurerm_resource_group" "common_weu" {
name = format("%s-rg-common", local.project_weu_legacy)
}
module "networking_weu" {
source = "../_modules/networking"
- location = data.azurerm_resource_group.vnet_weu.location
- location_short = local.location_short[data.azurerm_resource_group.vnet_weu.location]
- resource_group_name = data.azurerm_resource_group.vnet_weu.name
+ location = data.azurerm_resource_group.common_weu.location
+ location_short = local.location_short[data.azurerm_resource_group.common_weu.location]
+ resource_group_name = data.azurerm_resource_group.common_weu.name
project = local.project_weu_legacy
vnet_cidr_block = "10.0.0.0/16"
@@ -65,8 +65,8 @@ module "vnet_peering_weu" {
module "container_registry" {
source = "../_modules/container_registry"
- location = data.azurerm_resource_group.vnet_weu.location
- location_short = local.location_short[data.azurerm_resource_group.vnet_weu.location]
+ location = data.azurerm_resource_group.common_weu.location
+ location_short = local.location_short[data.azurerm_resource_group.common_weu.location]
project = local.project_weu_legacy
tags = merge(local.tags, { Source = "https://github.com/pagopa/io-infra" })
@@ -75,11 +75,29 @@ module "container_registry" {
module "key_vault_weu" {
source = "../_modules/key_vaults"
- location = data.azurerm_resource_group.vnet_weu.location
- location_short = local.location_short[data.azurerm_resource_group.vnet_weu.location]
+ location = data.azurerm_resource_group.common_weu.location
+ location_short = local.location_short[data.azurerm_resource_group.common_weu.location]
project = local.project_weu_legacy
- resource_group_common = data.azurerm_resource_group.vnet_weu.name
+ resource_group_common = data.azurerm_resource_group.common_weu.name
tenant_id = data.azurerm_client_config.current.tenant_id
tags = merge(local.tags)
}
+
+module "vpn_weu" {
+ source = "../_modules/vpn"
+
+ location = data.azurerm_resource_group.common_weu.location
+ location_short = local.location_short[data.azurerm_resource_group.common_weu.location]
+ resource_group_name = data.azurerm_resource_group.common_weu.name
+ project = local.project_weu_legacy
+ prefix = local.prefix
+ env_short = local.env_short
+
+ subscription_current = data.azurerm_subscription.current
+ vnet_common = module.networking_weu.vnet_common
+ vpn_cidr_subnet = ["10.0.133.0/24"]
+ dnsforwarder_cidr_subnet = ["10.0.252.8/29"]
+
+ tags = local.tags
+}