Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: fix reachability from appbel3 to downstream applications #1232

Merged
merged 8 commits into from
Oct 4, 2024
Merged

feat: fix reachability from appbel3 to downstream applications #1232

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
6ba73c3
feat: add peps to appbackends downstream applications
christian-calabrese Oct 4, 2024
6e75347
chore: ran precommit
christian-calabrese Oct 4, 2024
a6b3bfc
fix: data name in eucovidcert
christian-calabrese Oct 4, 2024
0823707
fix: remove peps for safer intervention
christian-calabrese Oct 4, 2024
a079b1f
fix: removed peps
christian-calabrese Oct 4, 2024
5ae6b3f
fix: move appbel3 to latest
christian-calabrese Oct 4, 2024
e9a49ca
docs: ran pre-commit
christian-calabrese Oct 4, 2024
fc5b6f6
Merge branch 'main' into add-peps-to-appbackend-downstreams
christian-calabrese Oct 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions src/domains/cgn/_modules/functions_apps/data.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,12 @@ data "azurerm_subnet" "snet_backendl2" {
resource_group_name = local.resource_group_name_common
}

data "azurerm_subnet" "snet_backendl3" {
name = "appbackendl3"
virtual_network_name = local.vnet_name_common
resource_group_name = local.resource_group_name_common
}

data "azurerm_subnet" "snet_backendli" {
name = "appbackendli"
virtual_network_name = local.vnet_name_common
Expand Down Expand Up @@ -82,3 +88,14 @@ data "azurerm_monitor_action_group" "error_action_group" {
name = "${replace("${var.project}", "-", "")}error"
resource_group_name = local.resource_group_name_common
}

data "azurerm_subnet" "private_endpoints_subnet" {
name = "pendpoints"
virtual_network_name = local.vnet_name_common
resource_group_name = local.resource_group_name_common
}

data "azurerm_private_dns_zone" "function_app" {
name = "privatelink.azurewebsites.net"
resource_group_name = local.resource_group_name_common
}
44 changes: 44 additions & 0 deletions src/domains/cgn/_modules/functions_apps/function_app_cgn.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ module "function_cgn" {
var.subnet_id,
data.azurerm_subnet.snet_backendl1.id,
data.azurerm_subnet.snet_backendl2.id,
data.azurerm_subnet.snet_backendl3.id,
data.azurerm_subnet.snet_backendli.id,
data.azurerm_subnet.snet_apim_v2.id,
]
Expand Down Expand Up @@ -89,9 +90,52 @@ module "function_cgn_staging_slot" {
data.azurerm_subnet.snet_azdoa.id,
data.azurerm_subnet.snet_backendl1.id,
data.azurerm_subnet.snet_backendl2.id,
data.azurerm_subnet.snet_backendl3.id,
data.azurerm_subnet.snet_backendli.id,
data.azurerm_subnet.snet_apim_v2.id,
]

tags = var.tags
}

resource "azurerm_private_endpoint" "function_sites" {
name = "${var.project}-cgn-fn-pep"
location = var.location
resource_group_name = var.resource_group_name
subnet_id = data.azurerm_subnet.private_endpoints_subnet.id

private_service_connection {
name = "${var.project}-cgn-fn-pep"
private_connection_resource_id = module.function_cgn.id
is_manual_connection = false
subresource_names = ["sites"]
}

private_dns_zone_group {
name = "private-dns-zone-group"
private_dns_zone_ids = [data.azurerm_private_dns_zone.function_app.id]
}

tags = var.tags
}

resource "azurerm_private_endpoint" "staging_function_sites" {
name = "${var.project}-cgn-fn-staging-pep"
location = var.location
resource_group_name = var.resource_group_name
subnet_id = data.azurerm_subnet.private_endpoints_subnet.id

private_service_connection {
name = "${var.project}-cgn-fn-pep"
private_connection_resource_id = module.function_cgn.id
is_manual_connection = false
subresource_names = ["sites-${module.function_cgn_staging_slot.name}"]
}

private_dns_zone_group {
name = "private-dns-zone-group"
private_dns_zone_ids = [data.azurerm_private_dns_zone.function_app.id]
}

tags = var.tags
}
17 changes: 17 additions & 0 deletions src/domains/eucovidcert/_modules/function_apps/data.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,12 @@ data "azurerm_subnet" "snet_backendl2" {
resource_group_name = local.resource_group_name_common
}

data "azurerm_subnet" "snet_backendl3" {
name = "appbackendl3"
virtual_network_name = local.vnet_name_common
resource_group_name = local.resource_group_name_common
}

data "azurerm_subnet" "snet_pblevtdispatcher" {
name = "fnpblevtdispatcherout"
virtual_network_name = local.vnet_name_common
Expand Down Expand Up @@ -113,3 +119,14 @@ data "azurerm_monitor_action_group" "error_action_group" {
name = "${replace("${var.project}", "-", "")}error"
resource_group_name = local.resource_group_name_common
}

data "azurerm_subnet" "private_endpoints_subnet" {
name = "pendpoints"
virtual_network_name = local.vnet_name_common
resource_group_name = local.resource_group_name_common
}

data "azurerm_private_dns_zone" "function_app" {
name = "privatelink.azurewebsites.net"
resource_group_name = local.resource_group_name_common
}
44 changes: 44 additions & 0 deletions src/domains/eucovidcert/_modules/function_apps/function_app_eucovidcert.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ module "function_eucovidcert" {
var.subnet_id,
data.azurerm_subnet.snet_backendl1.id,
data.azurerm_subnet.snet_backendl2.id,
data.azurerm_subnet.snet_backendl3.id,
data.azurerm_subnet.snet_pblevtdispatcher.id,
data.azurerm_subnet.snet_apim_v2.id,
]
Expand Down Expand Up @@ -77,9 +78,52 @@ module "function_eucovidcert_staging_slot" {
var.subnet_id,
data.azurerm_subnet.snet_backendl1.id,
data.azurerm_subnet.snet_backendl2.id,
data.azurerm_subnet.snet_backendl3.id,
data.azurerm_subnet.snet_pblevtdispatcher.id,
data.azurerm_subnet.snet_apim_v2.id,
]

tags = var.tags
}

resource "azurerm_private_endpoint" "function_sites" {
name = "${var.project}-eucovidcert-fn-pep"
location = var.location
resource_group_name = var.resource_group_name
subnet_id = data.azurerm_subnet.private_endpoints_subnet.id

private_service_connection {
name = "${var.project}-eucovidcert-fn-pep"
private_connection_resource_id = module.function_eucovidcert.id
is_manual_connection = false
subresource_names = ["sites"]
}

private_dns_zone_group {
name = "private-dns-zone-group"
private_dns_zone_ids = [data.azurerm_private_dns_zone.function_app.id]
}

tags = var.tags
}

resource "azurerm_private_endpoint" "staging_function_sites" {
name = "${var.project}-eucovidcert-fn-staging-pep"
location = var.location
resource_group_name = var.resource_group_name
subnet_id = data.azurerm_subnet.private_endpoints_subnet.id

private_service_connection {
name = "${var.project}-eucovidcert-fn-pep"
private_connection_resource_id = module.function_eucovidcert.id
is_manual_connection = false
subresource_names = ["sites-${module.function_eucovidcert_staging_slot.name}"]
}

private_dns_zone_group {
name = "private-dns-zone-group"
private_dns_zone_ids = [data.azurerm_private_dns_zone.function_app.id]
}

tags = var.tags
}
18 changes: 18 additions & 0 deletions src/domains/messages-app/01_network.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,12 @@ data "azurerm_subnet" "app_backendl2_snet" {
resource_group_name = local.vnet_common_resource_group_name
}

data "azurerm_subnet" "app_backendl3_snet" {
name = "appbackendl3"
virtual_network_name = local.vnet_common_name
resource_group_name = local.vnet_common_resource_group_name
}

data "azurerm_subnet" "apim_snet" {
name = "apimv2api"
virtual_network_name = local.vnet_common_name
Expand All @@ -86,3 +92,15 @@ data "azurerm_private_dns_zone" "privatelink_servicebus_windows_net" {
name = "privatelink.servicebus.windows.net"
resource_group_name = format("%s-evt-rg", local.product)
}


data "azurerm_subnet" "private_endpoints_subnet" {
name = "pendpoints"
virtual_network_name = local.vnet_common_name
resource_group_name = local.vnet_common_resource_group_name
}

data "azurerm_private_dns_zone" "function_app" {
name = "privatelink.azurewebsites.net"
resource_group_name = local.vnet_common_resource_group_name
}
46 changes: 46 additions & 0 deletions src/domains/messages-app/10_function_messages.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -167,6 +167,7 @@ module "app_messages_function" {
module.app_messages_snet[count.index].id,
data.azurerm_subnet.app_backendl1_snet.id,
data.azurerm_subnet.app_backendl2_snet.id,
data.azurerm_subnet.app_backendl3_snet.id,
data.azurerm_subnet.apim_snet.id,
]

Expand Down Expand Up @@ -220,6 +221,7 @@ module "app_messages_function_staging_slot" {
module.app_messages_snet[count.index].id,
data.azurerm_subnet.app_backendl1_snet.id,
data.azurerm_subnet.app_backendl2_snet.id,
data.azurerm_subnet.app_backendl3_snet.id,
data.azurerm_subnet.azdoa_snet.id,
]

Expand Down Expand Up @@ -691,3 +693,47 @@ resource "azurerm_monitor_autoscale_setting" "app_messages_function" {

tags = var.tags
}

resource "azurerm_private_endpoint" "function_sites" {
count = var.app_messages_count
name = format("%s-app-messages-fn-pep-%d", local.product, count.index + 1)
location = azurerm_resource_group.app_messages_rg[count.index].location
resource_group_name = azurerm_resource_group.app_messages_rg[count.index].name
subnet_id = data.azurerm_subnet.private_endpoints_subnet.id

private_service_connection {
name = format("%s-app-messages-fn-pep-%d", local.product, count.index + 1)
private_connection_resource_id = module.app_messages_function.id
is_manual_connection = false
subresource_names = ["sites"]
}

private_dns_zone_group {
name = "private-dns-zone-group"
private_dns_zone_ids = [data.azurerm_private_dns_zone.function_app.id]
}

tags = var.tags
}

resource "azurerm_private_endpoint" "staging_function_sites" {
count = var.app_messages_count
name = format("%s-app-messages-fn-staging-pep-%d", local.product, count.index + 1)
location = azurerm_resource_group.app_messages_rg[count.index].location
resource_group_name = azurerm_resource_group.app_messages_rg[count.index].name
subnet_id = data.azurerm_subnet.private_endpoints_subnet.id

private_service_connection {
name = format("%s-app-messages-fn-staging-pep-%d", local.product, count.index + 1)
private_connection_resource_id = module.app_messages_function.id
is_manual_connection = false
subresource_names = ["sites-${module.app_messages_function_staging_slot.name}"]
}

private_dns_zone_group {
name = "private-dns-zone-group"
private_dns_zone_ids = [data.azurerm_private_dns_zone.function_app.id]
}

tags = var.tags
}
90 changes: 90 additions & 0 deletions src/domains/messages-app/10_function_messages_xl.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,7 @@ module "app_messages_function_xl" {
module.app_messages_snet_xl[count.index].id,
data.azurerm_subnet.app_backendl1_snet.id,
data.azurerm_subnet.app_backendl2_snet.id,
data.azurerm_subnet.app_backendl3_snet.id,
data.azurerm_subnet.apim_snet.id,
]

Expand Down Expand Up @@ -145,6 +146,7 @@ module "app_messages_function_staging_slot_xl" {
module.app_messages_snet_xl[count.index].id,
data.azurerm_subnet.app_backendl1_snet.id,
data.azurerm_subnet.app_backendl2_snet.id,
data.azurerm_subnet.app_backendl3_snet.id,
data.azurerm_subnet.azdoa_snet.id,
data.azurerm_subnet.github_snet.id,
]
Expand Down Expand Up @@ -623,3 +625,91 @@ resource "azurerm_subnet_nat_gateway_association" "net_gateway_association_subne
nat_gateway_id = data.azurerm_nat_gateway.nat_gateway.id
subnet_id = module.app_messages_snet_xl[count.index].id
}

resource "azurerm_private_endpoint" "function_sites_xl" {
count = var.app_messages_count
name = format("%s-weu-com-citizen-func-pep-0%d", local.product, count.index + 1)
location = azurerm_resource_group.app_messages_rg_xl.location
resource_group_name = azurerm_resource_group.app_messages_rg_xl.name
subnet_id = data.azurerm_subnet.private_endpoints_subnet.id

private_service_connection {
name = format("%s-weu-com-citizen-func-pep-0%d", local.product, count.index + 1)
private_connection_resource_id = module.app_messages_function_xl.id
is_manual_connection = false
subresource_names = ["sites"]
}

private_dns_zone_group {
name = "private-dns-zone-group"
private_dns_zone_ids = [data.azurerm_private_dns_zone.function_app.id]
}

tags = var.tags
}

resource "azurerm_private_endpoint" "staging_function_sites_xl" {
count = var.app_messages_count
name = format("%s-weu-com-citizen-func-staging-pep-0%d", local.product, count.index + 1)
location = azurerm_resource_group.app_messages_rg_xl.location
resource_group_name = azurerm_resource_group.app_messages_rg_xl.name
subnet_id = data.azurerm_subnet.private_endpoints_subnet.id

private_service_connection {
name = format("%s-weu-com-citizen-func-staging-pep-0%d", local.product, count.index + 1)
private_connection_resource_id = module.app_messages_function_xl.id
is_manual_connection = false
subresource_names = ["sites-${module.app_messages_function_staging_slot_xl.name}"]
}

private_dns_zone_group {
name = "private-dns-zone-group"
private_dns_zone_ids = [data.azurerm_private_dns_zone.function_app.id]
}

tags = var.tags
}

resource "azurerm_private_endpoint" "function_sites_xl" {
christian-calabrese marked this conversation as resolved.
Show resolved Hide resolved
count = var.app_messages_count
name = format("%s-weu-com-citizen-func-pep-0%d", local.product, count.index + 1)
location = azurerm_resource_group.app_messages_rg_xl.location
resource_group_name = azurerm_resource_group.app_messages_rg_xl.name
subnet_id = data.azurerm_subnet.private_endpoints_subnet.id

private_service_connection {
name = format("%s-weu-com-citizen-func-pep-0%d", local.product, count.index + 1)
private_connection_resource_id = module.app_messages_function_xl.id
is_manual_connection = false
subresource_names = ["sites"]
}

private_dns_zone_group {
name = "private-dns-zone-group"
private_dns_zone_ids = [data.azurerm_private_dns_zone.function_app.id]
}

tags = var.tags
}

resource "azurerm_private_endpoint" "staging_function_sites_xl" {
count = var.app_messages_count
name = format("%s-weu-com-citizen-func-staging-pep-0%d", local.product, count.index + 1)
location = azurerm_resource_group.app_messages_rg_xl.location
resource_group_name = azurerm_resource_group.app_messages_rg_xl.name
subnet_id = data.azurerm_subnet.private_endpoints_subnet.id

private_service_connection {
name = format("%s-weu-com-citizen-func-staging-pep-0%d", local.product, count.index + 1)
private_connection_resource_id = module.app_messages_function_xl.id
is_manual_connection = false
subresource_names = ["sites-${module.app_messages_function_staging_slot_xl.name}"]
}

private_dns_zone_group {
name = "private-dns-zone-group"
private_dns_zone_ids = [data.azurerm_private_dns_zone.function_app.id]
}

tags = var.tags
}
Loading
Loading