EvalueTonSavoir/opentofu/azure/network.tf

# Create Virtual Network
resource "azurerm_virtual_network" "vnet" {
  name                = var.vnet_name
  location            = azurerm_resource_group.resource_group.location
  resource_group_name = azurerm_resource_group.resource_group.name
  address_space       = ["10.0.0.0/16"]
}

# Create Subnet
resource "azurerm_subnet" "subnet" {
  name                 = var.subnet_name
  resource_group_name  = azurerm_resource_group.resource_group.name
  virtual_network_name = azurerm_virtual_network.vnet.name
  address_prefixes     = ["10.0.1.0/24"]

  service_endpoints = ["Microsoft.AzureCosmosDB"]
}

# Create Public IP Address
resource "azurerm_public_ip" "public_ip" {
  name                = var.public_ip_name
  location            = azurerm_resource_group.resource_group.location
  resource_group_name = azurerm_resource_group.resource_group.name
  allocation_method   = "Static"
  domain_name_label   = var.dns
}

resource "azurerm_network_security_group" "nsg" {
  name                = var.nsg_name
  location            = azurerm_resource_group.resource_group.location
  resource_group_name = azurerm_resource_group.resource_group.name

  security_rule {
    name                       = "SSH"
    priority                   = 1000
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "22"
    source_address_prefix      = var.nsg_ssh_ip_range
    destination_address_prefix = "*"
  }

  security_rule {
    name                       = "HTTP"
    priority                   = 1001
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "80"
    source_address_prefix      = var.nsg_http_ip_range
    destination_address_prefix = "*"
  }

  security_rule {
    name                       = "HTTPS"
    priority                   = 1002
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "443"
    source_address_prefix      = var.nsg_https_ip_range
    destination_address_prefix = "*"
  }
}

# Create Network Interface
resource "azurerm_network_interface" "nic" {
  name                = var.network_interface_name
  location            = azurerm_resource_group.resource_group.location
  resource_group_name = azurerm_resource_group.resource_group.name

  ip_configuration {
    name                          = "internal"
    subnet_id                     = azurerm_subnet.subnet.id
    private_ip_address_allocation = "Dynamic"
    public_ip_address_id          = azurerm_public_ip.public_ip.id
  }
}

resource "azurerm_network_interface_security_group_association" "example" {
  network_interface_id      = azurerm_network_interface.nic.id
  network_security_group_id = azurerm_network_security_group.nsg.id
}
Add deployment with opentofu 2024-12-09 14:58:48 -05:00			`# Create Virtual Network`
			`resource "azurerm_virtual_network" "vnet" {`
			`name = var.vnet_name`
			`location = azurerm_resource_group.resource_group.location`
			`resource_group_name = azurerm_resource_group.resource_group.name`
			`address_space = ["10.0.0.0/16"]`
			`}`

			`# Create Subnet`
			`resource "azurerm_subnet" "subnet" {`
			`name = var.subnet_name`
			`resource_group_name = azurerm_resource_group.resource_group.name`
			`virtual_network_name = azurerm_virtual_network.vnet.name`
			`address_prefixes = ["10.0.1.0/24"]`

			`service_endpoints = ["Microsoft.AzureCosmosDB"]`
			`}`

			`# Create Public IP Address`
			`resource "azurerm_public_ip" "public_ip" {`
			`name = var.public_ip_name`
			`location = azurerm_resource_group.resource_group.location`
			`resource_group_name = azurerm_resource_group.resource_group.name`
			`allocation_method = "Static"`
			`domain_name_label = var.dns`
			`}`

			`resource "azurerm_network_security_group" "nsg" {`
			`name = var.nsg_name`
			`location = azurerm_resource_group.resource_group.location`
			`resource_group_name = azurerm_resource_group.resource_group.name`

			`security_rule {`
			`name = "SSH"`
			`priority = 1000`
			`direction = "Inbound"`
			`access = "Allow"`
			`protocol = "Tcp"`
			`source_port_range = "*"`
			`destination_port_range = "22"`
			`source_address_prefix = var.nsg_ssh_ip_range`
			`destination_address_prefix = "*"`
			`}`

			`security_rule {`
			`name = "HTTP"`
			`priority = 1001`
			`direction = "Inbound"`
			`access = "Allow"`
			`protocol = "Tcp"`
			`source_port_range = "*"`
			`destination_port_range = "80"`
			`source_address_prefix = var.nsg_http_ip_range`
			`destination_address_prefix = "*"`
			`}`

			`security_rule {`
			`name = "HTTPS"`
			`priority = 1002`
			`direction = "Inbound"`
			`access = "Allow"`
			`protocol = "Tcp"`
			`source_port_range = "*"`
			`destination_port_range = "443"`
			`source_address_prefix = var.nsg_https_ip_range`
			`destination_address_prefix = "*"`
			`}`
			`}`

			`# Create Network Interface`
			`resource "azurerm_network_interface" "nic" {`
			`name = var.network_interface_name`
			`location = azurerm_resource_group.resource_group.location`
			`resource_group_name = azurerm_resource_group.resource_group.name`

			`ip_configuration {`
			`name = "internal"`
			`subnet_id = azurerm_subnet.subnet.id`
			`private_ip_address_allocation = "Dynamic"`
			`public_ip_address_id = azurerm_public_ip.public_ip.id`
			`}`
			`}`

			`resource "azurerm_network_interface_security_group_association" "example" {`
			`network_interface_id = azurerm_network_interface.nic.id`
			`network_security_group_id = azurerm_network_security_group.nsg.id`
			`}`