Table of Contents
Azure terraform basics
Review of a project
AzureRM provider 4.0
map match
Certainly! Let's create a simplified example to illustrate how the map function is used in your Terraform code. We'll simulate the structure of the data and show how the mapping is done.
Imagine you have a module that outputs a list of virtual hub connections. Each connection has a `remote_virtual_network_id` and other properties. We'll use this data to create a new map where the keys are these network IDs, and the values are the entire connection objects.
Here's a hypothetical example:
### Initial Data (Simulated)
Suppose the `module.alz_connectivity.azurerm_virtual_hub_connection.virtual_wan` outputs something like this:
```hcl [
{
id: "connection1",
remote_virtual_network_id: "network1",
// other properties...
},
{
id: "connection2",
remote_virtual_network_id: "network2",
// other properties...
}
] ```
### Terraform Map Function
We want to create a map from this data where the key is `remote_virtual_network_id` and the value is the whole object.
```hcl locals {
virhubconnection_map = { for connection in module.alz_connectivity.azurerm_virtual_hub_connection.virtual_wan : connection.remote_virtual_network_id => connection }
} ```
### Resulting Map
The `local.virhubconnection_map` will look like this:
```hcl {
"network1" = {
id: "connection1",
remote_virtual_network_id: "network1",
// other properties...
},
"network2" = {
id: "connection2",
remote_virtual_network_id: "network2",
// other properties...
}
} ```
### Usage in BGP Connections
You can then use this map to easily find a connection based on its `remote_virtual_network_id`. For example:
```hcl virtual_network_connection_id = local.virhubconnection_map[“network1”].id ```
This line will get the `id` of the connection whose `remote_virtual_network_id` is `“network1”`, effectively retrieving the `id` of `connection1` in our example.
This demonstrates the power of the map function in organizing and accessing data more efficiently in Terraform configurations.
DATA issue replace
delete wit az cli peer
az network vwan bgp-connection delete --name peer1 --vhub-name myVhub --resource-group myResourceGroup --subscription mySubscriptionId
iam
provider "azurerm" {
features {}
}
provider "azuread" {}
# Define Azure subscriptions in locals
locals {
subscriptions = {
dev = {
name = "Dev Subscription"
subscription_id = "YOUR_DEV_SUBSCRIPTION_ID"
},
prod = {
name = "Prod Subscription"
subscription_id = "YOUR_PROD_SUBSCRIPTION_ID"
}
}
}
# Iterate over each subscription
resource "azurerm_role_assignment" "example" {
for_each = local.subscriptions
principal_id = azuread_group.example[each.key].object_id
role_definition_name = "Reader"
scope = "/subscriptions/${each.value.subscription_id}"
}
# Create Azure AD groups and add users for each subscription
resource "azuread_group" "example" {
for_each = local.subscriptions
name = "Group_${each.key}"
description = "Azure AD Group for ${each.value.name}"
}
resource "azuread_group_member" "example" {
for_each = local.subscriptions
group_id = azuread_group.example[each.key].id
members = [
"user1@example.com",
"user2@example.com",
# Add more user email addresses as needed for each subscription
]
}
Azapi
silver-peak
provider "azurerm" {
features = {}
}
resource "azurerm_resource_group" "example" {
name = "your-resource-group-name"
location = "your-location"
}
resource "azurerm_virtual_network" "example" {
name = "your-virtual-network"
address_space = ["10.0.0.0/16"]
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
}
resource "azurerm_subnet" "example" {
name = "your-subnet"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.example.name
address_prefixes = ["10.0.1.0/24"]
}
resource "azurerm_network_security_group" "example" {
name = "your-nsg"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
}
resource "azurerm_subnet_network_security_group_association" "example" {
subnet_id = azurerm_subnet.example.id
network_security_group_id = azurerm_network_security_group.example.id
}
resource "azurerm_network_interface" "example" {
name = "your-network-interface"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
ip_configuration {
name = "internal"
subnet_id = azurerm_subnet.example.id
private_ip_address_allocation = "Dynamic"
}
}
resource "azurerm_windows_virtual_machine" "example" {
name = "your-vm-name"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
size = "Standard_DS2_v2"
admin_username = "your-admin-username"
admin_password = "your-admin-password"
network_interface_ids = [azurerm_network_interface.example.id]
os_profile {
computer_name = "your-vm-name"
admin_username = "your-admin-username"
admin_password = "your-admin-password"
}
os_profile_windows_config {
provision_vm_agent = true
}
}
output "resource_group_name" {
value = azurerm_resource_group.example.name
}
output "virtual_network_id" {
value = azurerm_virtual_network.example.id
}
output "subnet_id" {
value = azurerm_subnet.example.id
}
output "network_security_group_id" {
value = azurerm_network_security_group.example.id
}
output "network_interface_id" {
value = azurerm_network_interface.example.id
}
output "virtual_machine_id" {
value = azurerm_windows_virtual_machine.example.id
}