Merge pull request #12 from datafold/gerard-p-3434-establish-connecti…

…vity-azure-gcp fix: Add outputs for VPN attributes
datafold · Nov 4, 2024 · 7efdcb9 · 7efdcb9
2 parents d075cdb + 754f54b
commit 7efdcb9
Show file tree

Hide file tree

Showing 9 changed files with 46 additions and 8 deletions.
diff --git a/main.tf b/main.tf
@@ -106,7 +106,6 @@ module "networking" {
   resource_group_name = data.azurerm_resource_group.default.name
   location            = data.azurerm_resource_group.default.location
 
-
   vpc_cidrs                             = var.vpc_cidrs
   virtual_network_tags                  = var.virtual_network_tags
   aks_subnet_cidrs                      = local.aks_subnet_cidrs
@@ -118,6 +117,7 @@ module "networking" {
   app_gw_subnet_cidrs                   = local.app_gw_subnet_cidrs
   private_endpoint_adls_subnet_cidrs    = local.private_endpoint_adls_subnet_cidrs
   jumpbox_custom_data                   = var.jumpbox_custom_data
+  lb_is_public                          = var.lb_is_public
 }
 
 module "identity" {
@@ -152,12 +152,13 @@ module "load_balancer" {
 
   app_gw_subnet = module.networking.app_gw_subnet
   ssl_cert_id   = module.key_vault.ssl_cert_id
-  public_ip     = module.networking.public_ip
+  public_ip     = var.lb_is_public ? module.networking.public_ip : null
   identity      = module.identity.identity
 
   private_ip_address = var.gw_private_ip_address
   domain_name        = var.domain_name
   ssl_cert_name      = var.ssl_cert_name
+  lb_is_public       = var.lb_is_public
 }
 
 module "database" {

diff --git a/modules/load_balancer/main.tf b/modules/load_balancer/main.tf
@@ -43,7 +43,7 @@ resource "azurerm_application_gateway" "default" {
 
   frontend_ip_configuration {
     name                 = local.frontend_ip_configuration_name
-    public_ip_address_id = var.public_ip.id
+    public_ip_address_id = var.public_ip
   }
 
   backend_address_pool {

diff --git a/modules/load_balancer/outputs.tf b/modules/load_balancer/outputs.tf
@@ -5,3 +5,8 @@ output "gateway" {
 output "gateway_id" {
   value = azurerm_application_gateway.default.id
 }
+
+output "lb_ip" {
+  description = "IP of the load balancer"
+  value       = var.lb_is_public ? azurerm_application_gateway.default.frontend_ip_configuration[0].public_ip_address_id : azurerm_application_gateway.default.frontend_ip_configuration[0].private_ip_address
+}
diff --git a/modules/load_balancer/variables.tf b/modules/load_balancer/variables.tf
@@ -44,7 +44,7 @@ variable "ssl_cert_id" {
 }
 
 variable "public_ip" {
-  type = object({ id = string })
+  type    = string
 }
 
 variable "identity" {
@@ -60,3 +60,8 @@ variable "ssl_cert_name" {
   description = "The name of the SSL certificate to use for the load balancer. This needs to be referenced by the k8s azure-application-gateway ingress config."
   type        = string
 }
+
+variable "lb_is_public" {
+  description = "Flag that determines if LB is public"
+  type        = bool
+}
diff --git a/modules/networking/outputs.tf b/modules/networking/outputs.tf
@@ -35,5 +35,9 @@ output "database_private_dns_zone_id" {
 }
 
 output "public_ip" {
-  value = azurerm_public_ip.default
+  value = var.lb_is_public ? azurerm_public_ip.default[0].id : null
+}
+
+output "vnet_name" {
+  value = azurerm_virtual_network.vnet.name
 }
diff --git a/modules/networking/public_ip.tf b/modules/networking/public_ip.tf
@@ -1,4 +1,6 @@
 resource "azurerm_public_ip" "default" {
+  count               = var.lb_is_public ? 1 : 0
+
   name                = "${var.deployment_name}-public-ip"
   resource_group_name = var.resource_group_name
   location            = var.location

diff --git a/modules/networking/variables.tf b/modules/networking/variables.tf
@@ -91,4 +91,9 @@ variable "jumpbox_custom_data" {
   description = "Custom data for the jumpbox. Can be used to e.g. pass on ~/.ssh/authorized_keys with a cloud-init script."
   type        = string
   default     = null
-}
+}
+
+variable "lb_is_public" {
+  description = "Flag that determines if LB is public"
+  type        = bool
+}
diff --git a/outputs.tf b/outputs.tf
@@ -27,6 +27,11 @@ output "cloud_provider" {
   value       = "azure"
 }
 
+output "resource_group_name" {
+  description = "The resource group where resources were deployed"
+  value       = local.resource_group_name
+}
+
 # Network Information
 output "vpc_cidr" {
   description = "The CIDR block of the VPC"
@@ -35,7 +40,12 @@ output "vpc_cidr" {
 
 output "load_balancer_ips" {
   description = "The public IP addresses assigned to the load balancer"
-  value       = module.networking.public_ip.ip_address
+  value       = module.load_balancer.lb_ip
+}
+
+output "vnet_name" {
+  value       = module.networking.vnet_name
+  description = "The name of the virtual network"
 }
 
 # Domain Information
@@ -104,4 +114,4 @@ output "adls_account_key" {
 output "adls_filesystem" {
   description = "The filesystem details for the Azure Data Lake Storage"
   value       = try(local.adls.filesystem, local.default_unset_value)
-}
+}
diff --git a/variables.tf b/variables.tf
@@ -216,6 +216,12 @@ variable "ssl_cert_name" {
   type        = string
 }
 
+variable "lb_is_public" {
+  description = "Flag that determines if LB is public"
+  type        = bool
+  default     = true
+}
+
 # ╺┳┓┏━┓╺┳╸┏━┓┏┓ ┏━┓┏━┓┏━╸
 #  ┃┃┣━┫ ┃ ┣━┫┣┻┓┣━┫┗━┓┣╸
 # ╺┻┛╹ ╹ ╹ ╹ ╹┗━┛╹ ╹┗━┛┗━╸