Merge pull request #49 from Azure/5.3.0

April 2021 Update

.devcontainer/docker-compose.yml

@@ -6,7 +6,7 @@
   version: '3.7'
   services:
     rover:
-      image: aztfmod/rover:0.14.8-2103.1601
+      image: aztfmod/rover:0.14.10-2104.1611
       user: vscode
 
       labels:

.gitignore

@@ -6,16 +6,15 @@
 **/terraform.tfstate.d
 **/terraform.tfstate.backup
 **/.terraform.tfstate.lock.info
-**/*.lock.hcl
+**/.terraform.lock.hcl
 **/~*.*
 **/*.log
 **/backend.azurerm.tf
 public
 aztfmod
-landing_zone_aks
+landingzones
 **/*.crt
 **/*.csr
 **/*.key
 **/*.pem
 **/*.cer
-landing_zone_data_analytics

.pre-commit-config.yaml

@@ -2,14 +2,14 @@
 # See http://pre-commit.com/hooks.html for more hooks
 repos:
   - repo: git://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.45.0
+    rev: v1.48.0
     hooks:
     - id: terraform_fmt
     # - id: terraform_docs
     # - id: terraform_tflint
     # - id: terraform_tfsec
   - repo: git://github.com/pre-commit/pre-commit-hooks
-    rev: v3.3.0
+    rev: v3.4.0
     hooks:
       - id: check-merge-conflict
       - id: trailing-whitespace

.vscode/settings.json

@@ -0,0 +1,7 @@
+{
+    "files.eol": "\n",
+    "terminal.integrated.shell.linux": "/bin/bash",
+    "editor.tabSize": 2,
+    "terminal.integrated.scrollback": 8000,
+    "terminal.integrated.cwd": "/tf/caf",
+}

README.md

@@ -6,6 +6,12 @@ Microsoft [Cloud Adoption Framework for Azure](https://aka.ms/caf) provides you
 
 A landing zone is a segment of a cloud environment, that has been preprovisioned through code, and is dedicated to the support of one or more workloads. Landing zones provide access to foundational tools and controls to establish a compliant place to innovate and build new workloads in the cloud, or to migrate existing workloads to the cloud. Landing zones use defined sets of cloud services and best practices to set you up for success.
 
+## Getting started
+
+To get started with creating your environment, you can fork this repository on your Git environment (inside your personal or organization GitHub, inside an Azure DevOps project or any other Version Control System that your company uses.)
+
+You can then customize your environment by following the steps inside the [configuration folder](./configuration) and review our sample configuration [onboarding video here](https://www.youtube.com/watch?v=M5BXm30IpdY)
+
 ## Starter template
 
 The purpose of this repository is to provide you with a starting point when composing your Cloud Adoption Framework for Azure landing zones on Terraform. It provides with sample files, folder structure and advices on how to get started creating and Infrastructure as Code and DevOps environment.
@@ -21,11 +27,7 @@ This approach allows you to easily:
 * resync the code with the public codebase for updates.
 * customize the code if needed and contribute back to the community.
 
-## Getting started
 
-To get started with creating your environment, you can fork this repository on your Git environment (inside your personal or organization GitHub, inside an Azure DevOps project or any other Version Control System that your company uses.)
-
-You can then customize your environment by following the steps inside the [configuration folder](./configuration) and review our sample configuration [onboarding video here](https://www.youtube.com/watch?v=M5BXm30IpdY)
 
 ## Related repositories
 

configuration/README.md

@@ -29,11 +29,10 @@ You can either click "Use this template" at the root of this GitHub repository,
 First step is to get the landing zones logic in the same work space, so let's clone the environment locally:
 
 ```bash
-git clone --branch 2102.0.1 https://github.com/Azure/caf-terraform-landingzones.git /tf/caf/public
-
+git clone --branch 2104.0 https://github.com/Azure/caf-terraform-landingzones.git /tf/caf/landingzones
 # Or refresh an existing clone
-cd /tf/caf/public
-git checkout 2102.0.1
+cd /tf/caf/landingzones
+git checkout 2104.0
 git pull
 ```
 

configuration/demo/README.md

@@ -17,19 +17,20 @@ You can then specify the environment you are running:
 
 ```bash
 export environment=demo
+export caf_environment=contoso-demo
 ```
 
 ### 1. Launchpad-level0 landing zones
 
 #### Deploy the launchpad
 
 ```bash
-rover -lz /tf/caf/public/landingzones/caf_launchpad \
+rover -lz /tf/caf/landingzones/caf_launchpad \
   -launchpad \
   -var-folder /tf/caf/configuration/${environment}/level0/launchpad \
   -parallelism 30 \
   -level level0 \
-  -env ${environment} \
+  -env ${caf_environment} \
   -a [plan|apply|destroy]
 ```
 
@@ -40,11 +41,12 @@ rover -lz /tf/caf/public/landingzones/caf_launchpad \
 In this section we use foundations as passthrough:
 
 ```bash
-rover -lz /tf/caf/public/landingzones/caf_foundations/ \
+rover -lz /tf/caf/landingzones/caf_solution/ \
+  -tfstate caf_foundations.tfstate \
   -var-folder /tf/caf/configuration/${environment}/level1 \
   -parallelism 30 \
   -level level1 \
-  -env ${environment} \
+  -env ${caf_environment} \
   -a [plan|apply|destroy]
 ```
 
@@ -53,24 +55,24 @@ rover -lz /tf/caf/public/landingzones/caf_foundations/ \
 #### Deploy the shared services
 
 ```bash
-rover -lz /tf/caf/public/landingzones/caf_shared_services/ \
+rover -lz /tf/caf/landingzones/caf_solution/ \
   -tfstate caf_shared_services.tfstate \
   -var-folder /tf/caf/configuration/${environment}/level2/shared_services \
   -parallelism 30 \
   -level level2 \
-  -env ${environment} \
+  -env ${caf_environment} \
   -a [plan|apply|destroy]
 ```
 
 #### Deploy the networking hub
 
 ```bash
-rover -lz /tf/caf/public/landingzones/caf_networking/ \
+rover -lz /tf/caf/landingzones/caf_solution/ \
   -tfstate networking_hub.tfstate \
   -var-folder /tf/caf/configuration/${environment}/level2/networking/hub \
   -parallelism 30 \
   -level level2 \
-  -env ${environment} \
+  -env ${caf_environment} \
   -a [plan|apply|destroy]
 ```
 
@@ -79,24 +81,24 @@ rover -lz /tf/caf/public/landingzones/caf_networking/ \
 #### Deploy an AKS landing zone
 
 ```bash
-rover -lz /tf/caf/public/landingzones/caf_solutions/ \
+rover -lz /tf/caf/landingzones/caf_solution/ \
   -tfstate landing_zone_aks.tfstate \
   -var-folder /tf/caf/configuration/${environment}/level3/aks \
   -parallelism 30 \
   -level level3 \
-  -env ${environment} \
+  -env ${caf_environment} \
   -a [plan|apply|destroy]
 ```
 
 #### Deploy a data and analytics landing zone
 
 ```bash
-rover -lz /tf/caf/public/landingzones/caf_solutions/ \
+rover -lz /tf/caf/landingzones/caf_solution/ \
   -tfstate landing_zone_101_aml_workspace.tfstate \
   -var-folder /tf/caf/configuration/${environment}/level3/data_analytics/101-aml-workspace \
   -parallelism 30 \
   -level level3 \
-  -env ${environment} \
+  -env ${caf_environment} \
   -a [plan|apply|destroy]
 ```
 
@@ -105,12 +107,12 @@ rover -lz /tf/caf/public/landingzones/caf_solutions/ \
 Warning: this is time consuming.
 
 ```bash
-rover -lz /tf/caf/public/landingzones/caf_solutions/ \
+rover -lz /tf/caf/landingzones/caf_solution/ \
   -tfstate landing_zone_ase.tfstate \
   -var-folder /tf/caf/configuration/${environment}/level3/app_service \
   -parallelism 30 \
   -level level3 \
-  -env ${environment} \
+  -env ${caf_environment} \
   -a [plan|apply|destroy]
 ```
 

configuration/demo/level1/landingzone.tfvars

@@ -0,0 +1,12 @@
+landingzone = {
+  backend_type        = "azurerm"
+  global_settings_key = "launchpad"
+  level               = "level1"
+  key                 = "foundations"
+  tfstates = {
+    launchpad = {
+      level   = "lower"
+      tfstate = "caf_launchpad.tfstate"
+    }
+  }
+}

configuration/demo/level2/networking/hub/configuration.tfvars → configuration/demo/level2/networking/hub/landingzone.tfvars

@@ -8,20 +8,6 @@ landingzone = {
       level   = "lower"
       tfstate = "caf_foundations.tfstate"
     }
-    launchpad = {
-      level   = "lower"
-      tfstate = "caf_foundations.tfstate"
-    }
   }
 }
 
-resource_groups = {
-  vnet_hub_re1 = {
-    name   = "vnet-hub-re1"
-    region = "region1"
-  }
-  vnet_hub_re2 = {
-    name   = "vnet-hub-re2"
-    region = "region2"
-  }
-}

configuration/demo/level2/networking/hub/resource_groups.tfvars

@@ -0,0 +1,10 @@
+resource_groups = {
+  vnet_hub_re1 = {
+    name   = "vnet-hub-re1"
+    region = "region1"
+  }
+  vnet_hub_re2 = {
+    name   = "vnet-hub-re2"
+    region = "region2"
+  }
+}

configuration/demo/level2/shared_services/automations.tfvars

@@ -0,0 +1,8 @@
+automations = {
+  auto1 = {
+    name               = "autore1"
+    resource_group_key = "primary"
+
+    region = "region1"
+  }
+}

configuration/demo/level2/shared_services/landingzone.tfvars

@@ -0,0 +1,12 @@
+landingzone = {
+  backend_type        = "azurerm"
+  global_settings_key = "foundations"
+  level               = "level2"
+  key                 = "shared_services"
+  tfstates = {
+    foundations = {
+      level   = "lower"
+      tfstate = "caf_foundations.tfstate"
+    }
+  }
+}

configuration/demo/level2/shared_services/configuration.tfvars → configuration/demo/level2/shared_services/recovery_vaults.tfvars

@@ -1,26 +1,3 @@
-landingzone = {
-  backend_type        = "azurerm"
-  global_settings_key = "foundations"
-  level               = "level2"
-  key                 = "shared_services"
-  tfstates = {
-    foundations = {
-      level   = "lower"
-      tfstate = "caf_foundations.tfstate"
-    }
-    launchpad = {
-      level   = "lower"
-      tfstate = "caf_foundations.tfstate"
-    }
-  }
-}
-
-resource_groups = {
-  primary = {
-    name = "sharedsvc_re1"
-  }
-}
-
 recovery_vaults = {
   asr1 = {
     name               = "vault_re1"
@@ -64,14 +41,4 @@ recovery_vaults = {
     }
   }
 
-}
-
-automations = {
-  auto1 = {
-    name               = "autore1"
-    resource_group_key = "primary"
-
-    region = "region1"
-  }
-
 }

configuration/demo/level2/shared_services/resource_groups.tfvars

@@ -0,0 +1,5 @@
+resource_groups = {
+  primary = {
+    name = "sharedsvc_re1"
+  }
+}

configuration/demo/level3/aks/README.md

@@ -37,22 +37,21 @@ Ensure the below is set prior to apply or destroy.
 # Login the Azure subscription
 rover login -t [TENANT_ID/TENANT_NAME] -s [SUBSCRIPTION_GUID]
 # Environment is needed to be defined, otherwise the below LZs will land into sandpit which someone else is working on
-export environment=[YOUR_ENVIRONMENT]
+export environment=demo
 ```
 
 ## Run AKS landing zone deployment
 
 ```bash
 # Set the folder name of this example
-example=101-single-cluster
-
-rover -lz /tf/caf/ \
-  -tfstate landingzone_aks.tfstate \
-  -var-folder /tf/caf/examples/aks/${example} \
-  -var tags={example=\"${example}\"} \
-  -env ${environment} \
+rover -lz /tf/caf/landingzones/caf_solution/ \
+  -tfstate landing_zone_aks.tfstate \
+  -var-folder /tf/caf/configuration/${environment}/level3/aks \
+  -parallelism 30 \
   -level level3 \
-  -a [plan|apply]
+  -env ${environment} \
+  -a [plan|apply|destroy]
+
 ```
 
 ## Destroy an AKS landing zone deployment
@@ -61,13 +60,13 @@ Have fun playing with the landing zone an once you are done, you can simply dele
 
 ```bash
 # Set the folder name of this example
-example=101-single-cluster
+environment=demo
 
-rover -lz /tf/caf/ \
-  -tfstate landingzone_aks.tfstate \
-  -var-folder /tf/caf/examples/aks/${example} \
-  -var tags={example=\"${example}\"} \
-  -env ${environment} \
+rover -lz /tf/caf/landingzones/caf_solution/ \
+  -tfstate landing_zone_aks.tfstate \
+  -var-folder /tf/caf/configuration/${environment}/level3/aks \
+  -parallelism 30 \
   -level level3 \
+  -env ${environment} \
   -a destroy -auto-approve
 ```