lz-vending

Azure/lz-vending/azurerm

Terraform Module HCL AZURERM ✓ Verified

Terraform module to deploy landing zone subscriptions (and much more) in Azure

Install

module "lz-vending" {

source = "Azure/lz-vending/azurerm"

version = "7.0.3"

}

plain text: /constructs/tfmod-azure-lz-vending-azurerm/install.txt

⭐ Source on GitHub 📦 Registry page

README

Terraform landing zone vending module for Azure > [!IMPORTANT] > THIS MODULE IS NOW ARCHIVED > Migration is seamless to v0.1.0 of the AVM module > PLEASE SEE Overview The landing zone Terraform module is designed to accelerate deployment of individual landing zones within an Azure tenant. We use the AzAPI provider to create the subscription and deploy the resources in a single terraform apply step. The module is designed to be instantiated many times, once for each desired landing zone. This is currently split logically into the following capabilities: - Subscription creation and management group placement - Networking - deploy multiple vnets with: - Hub & spoke connectivity (peering to a hub network) - vWAN connectivity - Mesh peering (peering between spokes) - Role assignments - Resource

Inputs (29)

Name	Type	Description	Default
location	string	The default location of resources created by this module. Virtual networks will	required
network_security_groups	map(object({ name	A map of the network security groups to create. The map key must be known at the	`{}`
route_table_enabled	bool	Whether to create route tables and routes in the target subscription. Requires `	`false`
wait_for_subscription_before_subscription_operations	object({ create = optiona	The duration to wait after vending a subscription before performing subscription	`{}`
user_managed_identities	map(object({ name	A map of user-managed identities to create. The map key must be known at the pla	`{}`
subscription_register_resource_providers_and_features	map(set(string))	The map of resource providers to register. The map keys are the resource provide	`{ "Microsoft.AVS": [], "Microsoft.Ap`
route_tables	map(object({ name	A map defining route tables and their associated routes to be created: - `name`	`{}`
subscription_management_group_id	string	The destination management group ID for the new subscription. Note: Do no	`null`
subscription_tags	map(string)	A map of tags to assign to the newly created subscription. Only valid when `subs	`{}`
budgets	map(object({ name	Map of budgets to create for the subscription. - `name` - The name of the budge	`{}`
resource_group_creation_enabled	bool	Whether to create additional resource groups in the target subscription. Require	`false`
role_assignment_enabled	bool	Whether to create role assignments. If enabled, supply the list of role assignme	`false`
role_assignments	map(object({ principal_id	Supply a map of objects containing the details of the role assignments to create	`{}`
subscription_display_name	string	The display name of the subscription alias. The string must be comprised of a-z	`null`
budget_enabled	bool	Whether to create budgets. If enabled, supply the list of budgets in `var.budget	`false`
resource_groups	map(object({ name	A map of the resource groups to create. The value is an object with the followin	`{}`
subscription_workload	string	The billing scope for the new subscription alias. The workload type can be eith	`null`
subscription_update_existing	bool	Whether to update an existing subscription with the supplied tags and display na	`false`
virtual_network_enabled	bool	Enables and disables the virtual network submodule.	`false`
subscription_management_group_association_enabled	bool	Whether to create the management group association resource. If enabled, the `s	`false`
subscription_billing_scope	string	The billing scope for the new subscription alias. A valid billing scope starts	`null`

Outputs (11)

umi_resource_ids — The Azure resource id of the user managed identity. Value will be null if `var.umi_enabled` is false

management_group_subscription_association_id — The management_group_subscription_association_id output is the ID of the management group subscripti

umi_client_ids — The client id of the user managed identity. Value will be null if `var.umi_enabled` is false.

umi_principal_ids — The principal id of the user managed identity, sometimes known as the object id. Value will be null

umi_tenant_ids — The tenant id of the user managed identity. Value will be null if `var.umi_enabled` is false.

virtual_network_resource_ids — A map of virtual network resource ids, keyed by the var.virtual_networks input map. Only populated i

budget_resource_id — The created budget resource IDs, expressed as a map.

resource_group_resource_ids — The created resource group IDs, expressed as a map.

route_table_resource_ids — The created route table resource IDs, expressed as a map.

subscription_id — The subscription_id is the Azure subscription id that resources have been deployed into.

subscription_resource_id — The subscription_resource_id is the Azure subscription resource id that resources have been deployed

Resources (1)

azapi_resource

Topics & Tags

azapi-modules terraform terraform-module azure azurerm-modules

Details

FrameworkTerraform Module

LanguageHCL

Version7.0.3

Cloud AZURERM

★ Stars210

Forks102

Total downloads1.0M

Inputs29

Outputs11

Resources1

Examples1

Submodules9

LicenseMIT

NamespaceAzure

Updated

Similar packages

caf-enterprise-scale

Azure landing zones Terraform module

★ 952azure

caf

Terraform supermodule for the Terraform platform engineering for Azure

★ 581azure

label

Terraform Module to define a consistent naming convention by (namespace, stage,

★ 702terraform

avm-ptn-alz

Terraform Azure Verified Pattern Module for Azure Landing Zone

★ 122terraform-module

Tools

⚖ Compare with another construct → 📋 View data schema