Add CDN FrontDoor Terraform Modules

.github/workflows/tffmt.yml

@@ -1,8 +1,9 @@
+---
 name: TF Formatting Check
 on:
   pull_request:
     branches: 
-        - main
+      - main
 
 jobs:
   build:

.github/workflows/tflinter.yml

@@ -1,3 +1,4 @@
+---
 name: TF Linter Check
 on:
   pull_request:

.github/workflows/trivy.yaml

@@ -1,3 +1,4 @@
+---
 name: Trivy Scan
 on:
   pull_request:

modules/azurerm/AKS-Firewall/aks_cluster.tf

@@ -15,7 +15,7 @@ resource "azurerm_kubernetes_cluster" "aks_cluster" {
   resource_group_name                 = var.resource_group_name
   dns_prefix                          = join("-", ["aks", var.aks_cluster_dns_prefix])
   kubernetes_version                  = var.kubernetes_version
-  api_server_authorized_ip_ranges     = try(var.api_server_authorized_ip_ranges, null)
+  api_server_authorized_ip_ranges     = var.api_server_authorized_ip_ranges
   node_resource_group                 = join("-", ["rg", var.aks_node_pool_resource_group_name])
   sku_tier                            = var.sku_tier
   private_cluster_enabled             = var.private_cluster_enabled

modules/azurerm/AKS-Generic/aks_cluster.tf

@@ -15,6 +15,7 @@ resource "azurerm_kubernetes_cluster" "aks_cluster" {
   resource_group_name                 = var.aks_resource_group_name
   dns_prefix                          = join("-", ["aks", var.aks_cluster_dns_prefix])
   kubernetes_version                  = var.kubernetes_version
+  api_server_authorized_ip_ranges     = var.api_server_authorized_ip_ranges
   node_resource_group                 = join("-", ["rg", var.aks_node_pool_resource_group_name])
   sku_tier                            = var.sku_tier
   private_cluster_enabled             = var.private_cluster_enabled

modules/azurerm/AKS-Generic/variables.tf

@@ -307,3 +307,8 @@ variable "internal_load_balancer_subnet_enforce_private_link_endpoint_network_po
   description = "Enable or Disable network policies for the private link endpoint on the internal load balancer subnet"
   type        = bool
 }
+
+variable "api_server_authorized_ip_ranges" {
+  description = "List of authorized IP ranges for the Kubernetes API server"
+  type        = list(string)
+}

modules/azurerm/Bastion-Host/variables.tf

@@ -102,7 +102,7 @@ variable "public_ip_zones" {
 }
 
 variable "allow_https_internet_inbound" {
-  default     = true
+  default     = false
   description = "Specify whether to allow HTTPS Inbound internet traffic or not"
   type        = bool
 }

modules/azurerm/CDN-FrontDoor-Custom-Domain-Association/cdn_frontdoor_custom_domain_association.tf

@@ -0,0 +1,24 @@
+# -------------------------------------------------------------------------------------
+#
+# Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com) All Rights Reserved.
+#
+# WSO2 LLC. licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file except
+# in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# --------------------------------------------------------------------------------------
+
+resource "azurerm_cdn_frontdoor_custom_domain_association" "cdn_frontdoor_custom_domain_association" {
+  cdn_frontdoor_custom_domain_id = var.cdn_frontdoor_custom_domain_id
+  cdn_frontdoor_route_ids        = var.cdn_frontdoor_route_ids
+}

modules/azurerm/CDN-FrontDoor-Custom-Domain-Association/outputs.tf

@@ -0,0 +1,24 @@
+# -------------------------------------------------------------------------------------
+#
+# Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com) All Rights Reserved.
+#
+# WSO2 LLC. licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file except
+# in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# --------------------------------------------------------------------------------------
+
+output "id" {
+  depends_on = [azurerm_cdn_frontdoor_custom_domain_association.cdn_frontdoor_custom_domain_association]
+  value      = azurerm_cdn_frontdoor_custom_domain_association.cdn_frontdoor_custom_domain_association.id
+}

modules/azurerm/CDN-FrontDoor-Custom-Domain-Association/variables.tf

@@ -0,0 +1,29 @@
+# -------------------------------------------------------------------------------------
+#
+# Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com) All Rights Reserved.
+#
+# WSO2 LLC. licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file except
+# in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# --------------------------------------------------------------------------------------
+
+variable "cdn_frontdoor_custom_domain_id" {
+  description = "The ID of the CDN Front Door Custom Domain."
+  type        = string
+}
+
+variable "cdn_frontdoor_route_ids" {
+  description = "The IDs of the CDN Front Door Routes."
+  type        = list(string)
+}

modules/azurerm/CDN-FrontDoor-Custom-Domain-Association/versions.tf

@@ -0,0 +1,29 @@
+# -------------------------------------------------------------------------------------
+#
+# Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com) All Rights Reserved.
+#
+# WSO2 LLC. licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file except
+# in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# --------------------------------------------------------------------------------------
+
+terraform {
+  required_version = ">= 0.14"
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = ">= 3.52.0"
+    }
+  }
+}

modules/azurerm/CDN-FrontDoor-Custom-Domain/cdn_frontdoor_custom_domain.tf

@@ -0,0 +1,32 @@
+# -------------------------------------------------------------------------------------
+#
+# Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com) All Rights Reserved.
+#
+# WSO2 LLC. licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file except
+# in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# --------------------------------------------------------------------------------------
+
+resource "azurerm_cdn_frontdoor_custom_domain" "cdn_frontdoor_custom_domain" {
+  name                     = join("-", [var.custom_domain_name, var.custom_domain_suffix])
+  cdn_frontdoor_profile_id = var.cdn_frontdoor_profile_id
+  dns_zone_id              = var.dns_zone_id
+  host_name                = var.host_name
+
+  tls {
+    certificate_type        = var.certificate_type
+    minimum_tls_version     = var.minimum_tls_version
+    cdn_frontdoor_secret_id = var.certificate_type == "CustomerCertificate" ? var.cdn_frontdoor_secret_id : null
+  }
+}

modules/azurerm/CDN-FrontDoor-Custom-Domain/outputs.tf

@@ -0,0 +1,34 @@
+# -------------------------------------------------------------------------------------
+#
+# Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com) All Rights Reserved.
+#
+# WSO2 LLC. licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file except
+# in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# --------------------------------------------------------------------------------------
+
+output "id" {
+  depends_on = [azurerm_cdn_frontdoor_custom_domain.cdn_frontdoor_custom_domain]
+  value      = azurerm_cdn_frontdoor_custom_domain.cdn_frontdoor_custom_domain.id
+}
+
+output "expiration_date" {
+  depends_on = [azurerm_cdn_frontdoor_custom_domain.cdn_frontdoor_custom_domain]
+  value      = azurerm_cdn_frontdoor_custom_domain.cdn_frontdoor_custom_domain.expiration_date
+}
+
+output "validation_token" {
+  depends_on = [azurerm_cdn_frontdoor_custom_domain.cdn_frontdoor_custom_domain]
+  value      = azurerm_cdn_frontdoor_custom_domain.cdn_frontdoor_custom_domain.validation_token
+}

modules/azurerm/CDN-FrontDoor-Custom-Domain/variables.tf

@@ -0,0 +1,61 @@
+# -------------------------------------------------------------------------------------
+#
+# Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com) All Rights Reserved.
+#
+# WSO2 LLC. licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file except
+# in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# --------------------------------------------------------------------------------------
+
+variable "custom_domain_name" {
+  description = "The custom domain name."
+  type        = string
+}
+
+variable "custom_domain_suffix" {
+  description = "The custom domain suffix."
+  type        = string
+  default     = "custom-domain"
+}
+
+variable "cdn_frontdoor_profile_id" {
+  description = "The ID of the CDN Front Door Profile."
+  type        = string
+}
+
+variable "dns_zone_id" {
+  description = "The ID of the DNS Zone."
+  type        = string
+}
+
+variable "host_name" {
+  description = "The host name of the custom domain."
+  type        = string
+}
+
+variable "certificate_type" {
+  description = "The type of the certificate."
+  type        = string
+}
+
+variable "minimum_tls_version" {
+  description = "The minimum TLS version."
+  type        = string
+  default     = "TLS12"
+}
+
+variable "cdn_frontdoor_secret_id" {
+  description = "The ID of the CDN Front Door Secret."
+  type        = string
+}

modules/azurerm/CDN-FrontDoor-Custom-Domain/versions.tf

@@ -0,0 +1,29 @@
+# -------------------------------------------------------------------------------------
+#
+# Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com) All Rights Reserved.
+#
+# WSO2 LLC. licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file except
+# in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# --------------------------------------------------------------------------------------
+
+terraform {
+  required_version = ">= 0.14"
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = ">= 3.52.0"
+    }
+  }
+}

modules/azurerm/CDN-FrontDoor-Endpoint/cdn_frontdoor_endpoint.tf

@@ -0,0 +1,26 @@
+# -------------------------------------------------------------------------------------
+#
+# Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com) All Rights Reserved.
+#
+# WSO2 LLC. licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file except
+# in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# --------------------------------------------------------------------------------------
+
+resource "azurerm_cdn_frontdoor_endpoint" "cdn_frontdoor_endpoint" {
+  name                     = join("-", [var.frontdoor_endpoint_abbreviation, var.frontdoor_endpoint_name])
+  cdn_frontdoor_profile_id = var.cdn_frontdoor_profile_id
+  enabled                  = var.enabled
+  tags                     = var.tags
+}

modules/azurerm/CDN-FrontDoor-Endpoint/outputs.tf

@@ -0,0 +1,29 @@
+# -------------------------------------------------------------------------------------
+#
+# Copyright (c) 2024, WSO2 LLC. (https://www.wso2.com) All Rights Reserved.
+#
+# WSO2 LLC. licenses this file to you under the Apache License,
+# Version 2.0 (the "License"); you may not use this file except
+# in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# --------------------------------------------------------------------------------------
+
+output "id" {
+  depends_on = [azurerm_cdn_frontdoor_endpoint.cdn_frontdoor_endpoint]
+  value      = azurerm_cdn_frontdoor_endpoint.cdn_frontdoor_endpoint.id
+}
+
+output "host_name" {
+  depends_on = [azurerm_cdn_frontdoor_endpoint.cdn_frontdoor_endpoint]
+  value      = azurerm_cdn_frontdoor_endpoint.cdn_frontdoor_endpoint.host_name
+}