Terraform中Azure资源的创建和链接

需要通过Terraform创建Azure资源并将其链接到APIM，如应用程序洞察、密钥库和日志分析。我浏览了Terraform文档和其他网站，但没有找到任何示例。以下是我的Terraform脚本，用于初始化资源组下的资源，但不包括APIM和应用程序洞察，登录Azure门户后需要链接密钥保管库和日志分析。我期待创建要链接的资源，避免在Azure门户中手动链接。

terraform {
      required_providers {
        azurerm = {
          source  = "hashicorp/azurerm"
          version = "~> 3.0.2"
        }
      }
      required_version = ">= 1.1.0"
    }
    
    provider "azurerm" {
      features {}
    }
    
    data "azurerm_client_config" "current" {}
    
    
    #APIM Resource
    resource "azurerm_resource_group" "TerraformPOC-DevResourceGroup" {
      name     = "TerraformPOC-DevResourceGroup"
      location = "WestEurope"
    }
    
    
    resource "azurerm_application_insights" "TerraformPOC-Application-Insights" {
      name                = "TerraformPOC-Application-Insights"
      location            = azurerm_resource_group.TerraformPOC-DevResourceGroup.location
      resource_group_name = azurerm_resource_group.TerraformPOC-DevResourceGroup.name
      application_type    = "other"
    }
    
    
    resource "azurerm_api_management" "TerraformPOC-APIManagement" {
      name                = "TerraformPOC-APIManagement"
      location            = azurerm_resource_group.TerraformPOC-DevResourceGroup.location
      resource_group_name = azurerm_resource_group.TerraformPOC-DevResourceGroup.name
      publisher_name      = "TestDemo"
      publisher_email     = "pradeep.mathada@amadeus.com"
      sku_name            = "Developer_1"
    }
    
    
    resource "azurerm_log_analytics_workspace" "TerraformPOC-Log-Analytics" {
      name                = "TerraformPOC-Log-Analytics"
      location            = azurerm_resource_group.TerraformPOC-DevResourceGroup.location
      resource_group_name = azurerm_resource_group.TerraformPOC-DevResourceGroup.name
      retention_in_days   = 30
    }

我尝试在我的环境中重现该方案：

我使用下面的代码将日志分析工作区链接到azure keyvalt：

- 代码：**

resource "azurerm_key_vault" "test" {
  name                = "kavymykeyvault"
  resource_group_name = data.azurerm_resource_group.example.name
  location = data.azurerm_resource_group.example.location
  enabled_for_disk_encryption = true
  tenant_id                   = data.azurerm_client_config.current.tenant_id
  soft_delete_retention_days  = 7
  purge_protection_enabled    = false

  sku_name = "standard"

  access_policy {
    tenant_id = data.azurerm_client_config.current.tenant_id
    object_id = data.azurerm_client_config.current.object_id

    key_permissions = [
      "Get"
    ]

    secret_permissions = [
      "Get"
    ]

    storage_permissions = [
      "Get"
    ]
  }

}

resource "azurerm_log_analytics_workspace" "test" {
  name                = "myloganalyticskav"
  resource_group_name = data.azurerm_resource_group.example.name
  location = data.azurerm_resource_group.example.location
}

resource "azurerm_storage_account" "test" {
  name                = "kamystorageaccountname"
  location = data.azurerm_resource_group.example.location
  resource_group_name = data.azurerm_resource_group.example.name
  account_tier             = "Standard"
  account_replication_type = "LRS" 
}

resource "azurerm_monitor_diagnostic_setting" "test" {
  name               = "kavyaexamplediag"
  target_resource_id = azurerm_key_vault.test.id
  storage_account_id = azurerm_storage_account.test.id
  log_analytics_workspace_id = azurerm_log_analytics_workspace.test.id

  log {
    category = "AuditEvent"
    enabled  = false

    retention_policy {
      enabled = false
    }
  }

  metric {
    category = "AllMetrics"

    retention_policy {
      enabled = false
    }
  }
}

并能成功创造

- 门户网站：**

同样，您可以使用以下代码将Azure应用洞察链接到APIM
代码：

resource "azurerm_application_insights" "example" {
  name                = "kaaexample-appinsights"
  location            = data.azurerm_resource_group.example.location
  resource_group_name = data.azurerm_resource_group.example.name
  application_type    = "web"
}

resource "azurerm_api_management" "example" {
  name                = "kavyaaaexample-apim"
  location            = data.azurerm_resource_group.example.location
  resource_group_name = data.azurerm_resource_group.example.name
  publisher_name      = "My Company"
  publisher_email     = "company@terraform.io"
  sku_name            = "Developer_1"
}
resource "azurerm_api_management_logger" "example" {
  name                = "kaavexample-apimlogger"
  api_management_name = azurerm_api_management.example.name
  resource_group_name = data.azurerm_resource_group.example.name

  application_insights {
    instrumentation_key = azurerm_application_insights.example.instrumentation_key
  }
}

resource "azurerm_api_management_diagnostic" "example" {
  identifier               = "applicationinsights"
  resource_group_name      = data.azurerm_resource_group.example.name
  api_management_name      = azurerm_api_management.example.name
  api_management_logger_id = azurerm_api_management_logger.example.id

  sampling_percentage       = 5.0
  always_log_errors         = true
  log_client_ip             = true
  verbosity                 = "verbose"
  http_correlation_protocol = "W3C"

  frontend_request {
    body_bytes = 32
    headers_to_log = [
      "content-type",
      "accept",
      "origin",
    ]
  }

  frontend_response {
    body_bytes = 32
    headers_to_log = [
      "content-type",
      "content-length",
      "origin",
    ]
  }

  backend_request {
    body_bytes = 32
    headers_to_log = [
      "content-type",
      "accept",
      "origin",
    ]
  }

  backend_response {
    body_bytes = 32
    headers_to_log = [
      "content-type",
      "content-length",
      "origin",
    ]
  }
}

Terraform中Azure资源的创建和链接

1条答案

相关问题

热门标签

最新问答