diff --git a/modules/azure-disks-backup/.terraform-docs.yml b/modules/azure-disks-backup/.terraform-docs.yml new file mode 100644 index 000000000..bce3ca3a9 --- /dev/null +++ b/modules/azure-disks-backup/.terraform-docs.yml @@ -0,0 +1,48 @@ +formatter: "markdown" # this is required + +version: "" + +header-from: docs/header.md +footer-from: docs/footer.md + +recursive: + enabled: false + path: modules + include-main: true + +sections: + hide: [] + show: [] + +content: "" + +output: + file: "README.md" + mode: inject + template: |- + + {{ .Content }} + + +output-values: + enabled: false + from: "" + +sort: + enabled: true + by: name + +settings: + anchor: true + color: true + default: true + description: false + escape: true + hide-empty: false + html: true + indent: 2 + lockfile: true + read-comments: true + required: true + sensitive: true + type: true \ No newline at end of file diff --git a/modules/azure-disks-backup/README.md b/modules/azure-disks-backup/README.md index 764286c61..bdf2de39f 100644 --- a/modules/azure-disks-backup/README.md +++ b/modules/azure-disks-backup/README.md @@ -1,171 +1,172 @@ -# Azure Disks Backup Module + +# Azure Disks Backup Terraform Module ## Overview -This module creates and configures Azure Backup for managed disks. It sets up a Recovery Services vault, backup policies, and backup instances for specified disks. +This Terraform module allows you to create and configure managed disks backups in Azure, including: +- Creation of Recovery Services vault. +- Definition of custom backup policies. +- Creation of backup instances for specific disks. +- Support for tags and inheritance from the Resource Group. -## DOC +## Main features +- Configurable vault and backup policies. +- Support for multiple disks and policies. +- Retention, redundancy, and soft delete control. +- Realistic configuration example. -- [Resource terraform - azurerm_data_protection_backup_vault](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_vault) -- [Resource terraform - azurerm_data_protection_backup_policy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_policy) -- [Resource terraform - azurerm_data_protection_backup_instance_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_instance_disk) -- [Resource terraform - azurerm_role_assignment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) - -## Notes - -- This module presupposes that: - - The `resource_group_name` was used to create the Recovery Services vault and backuo instances. - - The resource group where the snapshot will be stored is the same as the vault. - - The disk/s resource groups/s are diferent from the vault resource group, otherwise, the module raises an error. - -## Usage - -### Set a module - -```terraform -module "disks-backup" { - source = "git::https://github.com/prefapp/tfm.git//modules/azure-disks-backup?ref=" -} -``` - -### Set a data .tfvars - -#### Example +## Complete usage example ```hcl -# The name of the resource group where the backup vault and related resources will be created resource_group_name = "bk-disks" - -# The name of the Recovery Services vault vault_name = "bk-disks" - -# Whether to use resource group tags as base for module tags -tags_from_rg = true - -# Tags to apply to resources +tags_from_rg = true tags = { Environment = "Production" - Project = "Azure Disks Backup" + Project = "Azure Disks Backup" } - -# The type of datastore to use for backups (Possible values are ArchiveStore, OperationalStore, SnapshotStore and VaultStore) datastore_type = "VaultStore" - -# The redundancy option for the backup vault (LocallyRedundant or GeoRedundant) redundancy = "LocallyRedundant" - -# Whether soft delete is enabled or disabled for the vault soft_delete = "Off" - -# Default retention duration for backups in days before they are deleted (14 days free) retention_duration_in_days = 30 - -# List of backup policies to be created backup_policies = [ { - # Name of the backup policy - name = "foo-policy" - - # Time intervals for repeating backups + name = "foo-policy" backup_repeating_time_intervals = ["R/2024-10-17T11:29:40+00:00/PT1H"] - - # Default retention duration for backups - default_retention_duration = "P7D" - - # Time zone for the backup schedule - time_zone = "Coordinated Universal Time" - - # Retention rules for the backup policy + default_retention_duration = "P7D" + time_zone = "Coordinated Universal Time" retention_rules = [ { - # Name of the retention rule - name = "Daily" - - # Duration for which backups are retained + name = "Daily" duration = "P7D" - - # Priority of the retention rule priority = 25 - - # Criteria for applying the retention rule - criteria = { - absolute_criteria = "FirstOfDay" - } + criteria = { absolute_criteria = "FirstOfDay" } } ] }, { - name = "bar-policy" + name = "bar-policy" backup_repeating_time_intervals = ["R/2024-11-01T10:00:00+00:00/PT2H"] - default_retention_duration = "P14D" - time_zone = "Pacific Standard Time" + default_retention_duration = "P14D" + time_zone = "Pacific Standard Time" retention_rules = [ { - name = "Weekly" + name = "Weekly" duration = "P14D" priority = 30 - criteria = { - absolute_criteria = "FirstOfWeek" - } + criteria = { absolute_criteria = "FirstOfWeek" } }, { - name = "Monthly" + name = "Monthly" duration = "P30D" priority = 35 - criteria = { - absolute_criteria = "FirstOfMonth" - } + criteria = { absolute_criteria = "FirstOfMonth" } } ] } ] - -# List of backup instances to be created backup_instances = [ { - # Name of the disk to be backed up - disk_name = "foo-disk" - - # Resource group where the disk is located - disk_resource_group = "foo-data" - - # Resource group where the snapshot will be stored - snapshot_resource_group_name = "bk-disks" - - # Name of the backup policy to apply - backup_policy_name = "foo-policy" + disk_name = "foo-disk" + disk_resource_group = "foo-data" + snapshot_resource_group_name = "bk-disks" + backup_policy_name = "foo-policy" }, { - disk_name = "foo-disk" - disk_resource_group = "foo-data" - snapshot_resource_group_name = "bk-disks" - backup_policy_name = "bar-policy" + disk_name = "foo-disk" + disk_resource_group = "foo-data" + snapshot_resource_group_name = "bk-disks" + backup_policy_name = "bar-policy" }, { - disk_name = "bar-disk" - disk_resource_group = "bar-data" - snapshot_resource_group_name = "bk-disks" - backup_policy_name = "bar-policy" + disk_name = "bar-disk" + disk_resource_group = "bar-data" + snapshot_resource_group_name = "bk-disks" + backup_policy_name = "bar-policy" } ] ``` +## Notes +- The resource\_group\_name must be the same for the vault and the snapshots. +- Disks can be in different resource groups than the vault. +- The module will throw an error if the disk and vault resource group are the same. + +## File structure + +``` +. +├── main.tf +├── variables.tf +├── outputs.tf +├── README.md +├── CHANGELOG.md +└── docs/ + ├── header.md + └── footer.md +``` + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.7.1 | +| [azurerm](#requirement\_azurerm) | 4.5.0 | + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | 4.5.0 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [azurerm_data_protection_backup_instance_disk.this](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/resources/data_protection_backup_instance_disk) | resource | +| [azurerm_data_protection_backup_policy_disk.this](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/resources/data_protection_backup_policy_disk) | resource | +| [azurerm_data_protection_backup_vault.this](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/resources/data_protection_backup_vault) | resource | +| [azurerm_role_assignment.this_disk](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/resources/role_assignment) | resource | +| [azurerm_role_assignment.this_rg](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/resources/role_assignment) | resource | +| [azurerm_managed_disk.this](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/data-sources/managed_disk) | data source | +| [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/4.5.0/docs/data-sources/resource_group) | data source | + ## Inputs -| Name | Description | Type | Default | Required | | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [resource_group_name](#input_resource_group_name) | The name of the resource group. | `string` | n/a | yes | -| [vault_name](#input_vault_name) | The name of the backup vault. | `string` | n/a | yes | -| [datastore_type](#input_datastore_type) | The type of datastore. Possible values are ArchiveStore, OperationalStore, SnapshotStore and VaultStore. | `string` | `"VaultStore"` | no | -| [redundancy](#input_redundancy) | The redundancy type. | `string` | `"LocallyRedundant"` | no | -| [soft_delete](#input_soft_delete) | Enable soft delete. | `string` | `"Off"` | no | -| [retention_duration_in_days](#input_retention_duration_in_days) | Default retention duration in days. | `number` | `14` | no | -| [backup_policies](#input_backup_policies) | List of backup policies. | `list(object({ name = string, backup_repeating_time_intervals = list(string), default_retention_duration = string, time_zone = string, retention_rules = list(object({ name = string, duration = string, priority = number, criteria = object({ absolute_criteria = string }) })) }))` | n/a | yes | -| [backup_instances](#input_backup_instances) | List of backup instances. | `list(object({ disk_name = string, disk_resource_group = string, snapshot_resource_group_name = string, backup_policy_name = string }))` | n/a | yes | +| [backup\_instances](#input\_backup\_instances) | List of backup instances. | 
list(object({
    disk_name                    = string
    disk_resource_group          = string
    backup_policy_name           = string
  }))
| n/a | yes | +| [backup\_policies](#input\_backup\_policies) | List of backup policies. | 
list(object({
    name                            = string
    backup_repeating_time_intervals = list(string)
    default_retention_duration      = string
    time_zone                       = string
    retention_rules = list(object({
      name     = string
      duration = string
      priority = number
      criteria = object({
        absolute_criteria = string
      })
    }))
  }))
| n/a | yes | +| [datastore\_type](#input\_datastore\_type) | The type of datastore. | `string` | `"VaultStore"` | no | +| [redundancy](#input\_redundancy) | The redundancy type. | `string` | `"LocallyRedundant"` | no | +| [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group used for the backup vault and backup instances. | `string` | n/a | yes | +| [retention\_duration\_in\_days](#input\_retention\_duration\_in\_days) | The retention duration in days before the backup is purged. 14 days free. | `number` | `14` | no | +| [soft\_delete](#input\_soft\_delete) | Enable soft delete. | `string` | `"Off"` | no | | [tags](#input\_tags) | Tags to apply to resources | `map(string)` | `{}` | no | | [tags\_from\_rg](#input\_tags\_from\_rg) | Use resource group tags as base for module tags | `bool` | `false` | no | +| [vault\_name](#input\_vault\_name) | The name of the backup vault. | `string` | n/a | yes | ## Outputs -- `vault_id`: The ID of the Recovery Services vault +| Name | Description | +|------|-------------| +| [vault\_id](#output\_vault\_id) | n/a | + +--- + +## Additional resources + +- [Azure Backup for Disks](https://learn.microsoft.com/en-us/azure/backup/backup-managed-disks) +- [azurerm\_data\_protection\_backup\_vault](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_vault) +- [azurerm\_data\_protection\_backup\_policy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_policy) +- [azurerm\_data\_protection\_backup\_instance\_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_instance_disk) +- [Official Terraform documentation](https://www.terraform.io/docs) + +## Support + +For issues, questions, or contributions related to this module, please visit the repository’s issue tracker: [https://github.com/prefapp/tfm/issues](https://github.com/prefapp/tfm/issues) + \ No newline at end of file diff --git a/modules/azure-disks-backup/_examples/basic/main.tf b/modules/azure-disks-backup/_examples/basic/main.tf new file mode 100644 index 000000000..ab0e0adcc --- /dev/null +++ b/modules/azure-disks-backup/_examples/basic/main.tf @@ -0,0 +1,76 @@ +module "azure_disks_backup" { + source = "../../" + + resource_group_name = "bk-disks" + vault_name = "bk-disks" + tags_from_rg = true + tags = { + Environment = "Production" + Project = "Azure Disks Backup" + } + datastore_type = "VaultStore" + redundancy = "LocallyRedundant" + soft_delete = "Off" + retention_duration_in_days = 30 + + backup_policies = [ + { + name = "foo-policy" + backup_repeating_time_intervals = ["R/2024-10-17T11:29:40+00:00/PT1H"] + default_retention_duration = "P7D" + time_zone = "Coordinated Universal Time" + retention_rules = [ + { + name = "Daily" + duration = "P7D" + priority = 25 + criteria = { + absolute_criteria = "FirstOfDay" + } + } + ] + }, + { + name = "bar-policy" + backup_repeating_time_intervals = ["R/2024-11-01T10:00:00+00:00/PT2H"] + default_retention_duration = "P14D" + time_zone = "Pacific Standard Time" + retention_rules = [ + { + name = "Weekly" + duration = "P14D" + priority = 30 + criteria = { + absolute_criteria = "FirstOfWeek" + } + }, + { + name = "Monthly" + duration = "P30D" + priority = 35 + criteria = { + absolute_criteria = "FirstOfMonth" + } + } + ] + } + ] + + backup_instances = [ + { + disk_name = "foo-disk" + disk_resource_group = "foo-data" + backup_policy_name = "foo-policy" + }, + { + disk_name = "foo-disk" + disk_resource_group = "foo-data" + backup_policy_name = "bar-policy" + }, + { + disk_name = "bar-disk" + disk_resource_group = "bar-data" + backup_policy_name = "bar-policy" + } + ] +} \ No newline at end of file diff --git a/modules/azure-disks-backup/_examples/basic/values.yaml b/modules/azure-disks-backup/_examples/basic/values.yaml new file mode 100644 index 000000000..b713ff096 --- /dev/null +++ b/modules/azure-disks-backup/_examples/basic/values.yaml @@ -0,0 +1,53 @@ +resource_group_name: bk-disks +vault_name: bk-disks +tags_from_rg: true +tags: + Environment: Production + Project: Azure Disks Backup +datastore_type: VaultStore +redundancy: LocallyRedundant +soft_delete: Off +retention_duration_in_days: 30 + +backup_policies: + - name: foo-policy + backup_repeating_time_intervals: + - "R/2024-10-17T11:29:40+00:00/PT1H" + default_retention_duration: P7D + time_zone: Coordinated Universal Time + retention_rules: + - name: Daily + duration: P7D + priority: 25 + criteria: + absolute_criteria: FirstOfDay + - name: bar-policy + backup_repeating_time_intervals: + - "R/2024-11-01T10:00:00+00:00/PT2H" + default_retention_duration: P14D + time_zone: Pacific Standard Time + retention_rules: + - name: Weekly + duration: P14D + priority: 30 + criteria: + absolute_criteria: FirstOfWeek + - name: Monthly + duration: P30D + priority: 35 + criteria: + absolute_criteria: FirstOfMonth + +backup_instances: + - disk_name: foo-disk + disk_resource_group: foo-data + snapshot_resource_group_name: bk-disks + backup_policy_name: foo-policy + - disk_name: foo-disk + disk_resource_group: foo-data + snapshot_resource_group_name: bk-disks + backup_policy_name: bar-policy + - disk_name: bar-disk + disk_resource_group: bar-data + snapshot_resource_group_name: bk-disks + backup_policy_name: bar-policy \ No newline at end of file diff --git a/modules/azure-disks-backup/docs/footer.md b/modules/azure-disks-backup/docs/footer.md new file mode 100644 index 000000000..0daaa45d9 --- /dev/null +++ b/modules/azure-disks-backup/docs/footer.md @@ -0,0 +1,13 @@ +--- + +## Additional resources + +- [Azure Backup for Disks](https://learn.microsoft.com/en-us/azure/backup/backup-managed-disks) +- [azurerm_data_protection_backup_vault](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_vault) +- [azurerm_data_protection_backup_policy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_policy) +- [azurerm_data_protection_backup_instance_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_protection_backup_instance_disk) +- [Official Terraform documentation](https://www.terraform.io/docs) + +## Support + +For issues, questions, or contributions related to this module, please visit the repository’s issue tracker: [https://github.com/prefapp/tfm/issues](https://github.com/prefapp/tfm/issues) \ No newline at end of file diff --git a/modules/azure-disks-backup/docs/header.md b/modules/azure-disks-backup/docs/header.md new file mode 100644 index 000000000..43cbe97c5 --- /dev/null +++ b/modules/azure-disks-backup/docs/header.md @@ -0,0 +1,106 @@ +# Azure Disks Backup Terraform Module + +## Overview + +This Terraform module allows you to create and configure managed disks backups in Azure, including: +- Creation of Recovery Services vault. +- Definition of custom backup policies. +- Creation of backup instances for specific disks. +- Support for tags and inheritance from the Resource Group. + +## Main features +- Configurable vault and backup policies. +- Support for multiple disks and policies. +- Retention, redundancy, and soft delete control. +- Realistic configuration example. + +## Complete usage example + +```hcl +resource_group_name = "bk-disks" +vault_name = "bk-disks" +tags_from_rg = true +tags = { + Environment = "Production" + Project = "Azure Disks Backup" +} +datastore_type = "VaultStore" +redundancy = "LocallyRedundant" +soft_delete = "Off" +retention_duration_in_days = 30 +backup_policies = [ + { + name = "foo-policy" + backup_repeating_time_intervals = ["R/2024-10-17T11:29:40+00:00/PT1H"] + default_retention_duration = "P7D" + time_zone = "Coordinated Universal Time" + retention_rules = [ + { + name = "Daily" + duration = "P7D" + priority = 25 + criteria = { absolute_criteria = "FirstOfDay" } + } + ] + }, + { + name = "bar-policy" + backup_repeating_time_intervals = ["R/2024-11-01T10:00:00+00:00/PT2H"] + default_retention_duration = "P14D" + time_zone = "Pacific Standard Time" + retention_rules = [ + { + name = "Weekly" + duration = "P14D" + priority = 30 + criteria = { absolute_criteria = "FirstOfWeek" } + }, + { + name = "Monthly" + duration = "P30D" + priority = 35 + criteria = { absolute_criteria = "FirstOfMonth" } + } + ] + } +] +backup_instances = [ + { + disk_name = "foo-disk" + disk_resource_group = "foo-data" + snapshot_resource_group_name = "bk-disks" + backup_policy_name = "foo-policy" + }, + { + disk_name = "foo-disk" + disk_resource_group = "foo-data" + snapshot_resource_group_name = "bk-disks" + backup_policy_name = "bar-policy" + }, + { + disk_name = "bar-disk" + disk_resource_group = "bar-data" + snapshot_resource_group_name = "bk-disks" + backup_policy_name = "bar-policy" + } +] +``` + +## Notes +- The resource_group_name must be the same for the vault and the snapshots. +- Disks can be in different resource groups than the vault. +- The module will throw an error if the disk and vault resource group are the same. + +## File structure + +``` +. +├── main.tf +├── variables.tf +├── outputs.tf +├── README.md +├── CHANGELOG.md +└── docs/ + ├── header.md + └── footer.md +``` \ No newline at end of file