Commit 4104b3b3 authored by Daniel Scholl's avatar Daniel Scholl
Browse files

Fixed critical bugs

parent 4dc3c8ab
......@@ -179,7 +179,7 @@ __Installed Azure Resources__
6. An AD application to be leveraged in the future that defines and controls access to the OSDU Environment for AD Identity. _(future)_
7. An AD application to be used for negative integration testing
> Removal would require deletion of all AD elements `osdu-mvp-{UNIQUE}-*`, unlocking and deleting the resource group then purging the KV.
> Removal would require deletion of all AD elements `osdu-mvp-{UNIQUE}-*`, unlocking and deleting the resource group.
__Azure AD Admin Consent__
......
......@@ -22,8 +22,8 @@
// *** WARNING ****
// This template includes locks and won't delete by destroy if locks aren't removed first.
// Lock: KeyVault
// Lock: Container Registry
// Lock: Storage
// Lock: Graph DB
// *** WARNING ****
terraform {
......@@ -347,6 +347,8 @@ resource "azurerm_user_assigned_identity" "osduidentity" {
// Lock the KV
resource "azurerm_management_lock" "kv_lock" {
count = var.feature_flag.kv_lock ? 1 : 0
name = "osdu_cr_kv_lock"
scope = module.keyvault.keyvault_id
lock_level = "CanNotDelete"
......@@ -361,6 +363,8 @@ resource "azurerm_management_lock" "sa_lock" {
// Lock the Container Registry
resource "azurerm_management_lock" "acr_lock" {
count = var.feature_flag.acr_lock ? 1 : 0
name = "osdu_acr_lock"
scope = module.container_registry.container_registry_id
lock_level = "CanNotDelete"
......
......@@ -27,4 +27,9 @@ resource_tags = {
environment = "OSDU Demo"
}
feature_flag = {
acr_lock = false
kv_lock = false
}
*/
......@@ -28,6 +28,18 @@ variable "prefix" {
type = string
}
variable "feature_flag" {
description = "(Optional) A toggle for incubator features"
type = object({
kv_lock = bool
acr_lock = bool
})
default = {
kv_lock = true
acr_lock = true
}
}
variable "randomization_level" {
description = "Number of additional random characters to include in resource names to insulate against unexpected resource name collisions."
type = number
......
......@@ -20,12 +20,6 @@
This file holds the main control and resoures for bootstraping an OSDU Azure Devops Project.
*/
// *** WARNING ****
// This template makes changes into the Central Resources and the locks in Central have to be removed to delete.
// Lock: Key Vault
// Lock: Container Registry
// *** WARNING ****
terraform {
required_version = ">= 0.14"
......@@ -329,6 +323,7 @@ module "aks" {
dns_prefix = local.aks_dns_prefix
agent_vm_count = var.aks_agent_vm_count
agent_vm_size = var.aks_agent_vm_size
agent_vm_disk = var.aks_agent_vm_disk
vnet_subnet_id = module.network.subnets.1
ssh_public_key = file(var.ssh_public_key_file)
kubernetes_version = var.kubernetes_version
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment