diff --git a/CHANGELOG.md b/CHANGELOG.md index 742af5c1cc0cca93a7c818912b2bd1482ee7b5a6..2f3e51fcacf490787edea9d6fba5d69fe895d131 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,7 +15,6 @@ __Infra Changes__ - [Feature 277 - Alerts framework for Monitoring](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/merge_requests/277) - [Feature 169 - Container hardening for Java based services](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/169) - [Feature 159 - Added default JVM Parameters](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/159) -- [Issue 163 - Architecture change- service resources- Add cosmos db and Storage account](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/163) # v0.8 (2021-4-9) diff --git a/infra/templates/osdu-r3-mvp/service_resources/diagnostics.tf b/infra/templates/osdu-r3-mvp/service_resources/diagnostics.tf index 070188d3313f46e10868ce32efb31858a32602b6..5564ed5c63b12dbfe1c45a5fa1e52b3a6562b348 100644 --- a/infra/templates/osdu-r3-mvp/service_resources/diagnostics.tf +++ b/infra/templates/osdu-r3-mvp/service_resources/diagnostics.tf @@ -245,101 +245,3 @@ resource "azurerm_monitor_diagnostic_setting" "redis_diagnostics" { } -#------------------------------- -# CosmosDB -#------------------------------- -resource "azurerm_monitor_diagnostic_setting" "db_diagnostics" { - name = "db_diagnostics" - target_resource_id = module.cosmosdb_account.account_id - log_analytics_workspace_id = data.terraform_remote_state.central_resources.outputs.log_analytics_id - - // This one always off. - log { - category = "CassandraRequests" - enabled = false - - retention_policy { - days = 0 - enabled = false - } - } - - log { - category = "ControlPlaneRequests" - - retention_policy { - days = var.log_retention_days - enabled = local.retention_policy - } - } - - log { - category = "DataPlaneRequests" - enabled = true - - retention_policy { - days = var.log_retention_days - enabled = local.retention_policy - } - } - - // This one always off. - log { - category = "GremlinRequests" - enabled = false - - retention_policy { - days = 0 - enabled = false - } - } - - // This one always off. - log { - category = "MongoRequests" - enabled = false - - retention_policy { - days = 0 - enabled = false - } - } - - log { - category = "PartitionKeyRUConsumption" - - retention_policy { - days = var.log_retention_days - enabled = local.retention_policy - } - } - - log { - category = "PartitionKeyStatistics" - - retention_policy { - days = var.log_retention_days - enabled = local.retention_policy - } - } - - log { - category = "QueryRuntimeStatistics" - enabled = true - - retention_policy { - days = var.log_retention_days - enabled = local.retention_policy - } - } - - metric { - category = "Requests" - - retention_policy { - days = var.log_retention_days - enabled = local.retention_policy - } - } -} - diff --git a/infra/templates/osdu-r3-mvp/service_resources/main.tf b/infra/templates/osdu-r3-mvp/service_resources/main.tf index 409b6e580c20d7f1718dbf7ccdef34fc2dea5106..24ba4d7aeb155f59f70d4c0756aa83ef19624258 100644 --- a/infra/templates/osdu-r3-mvp/service_resources/main.tf +++ b/infra/templates/osdu-r3-mvp/service_resources/main.tf @@ -127,8 +127,6 @@ locals { aks_identity_name = format("%s-pod-identity", local.aks_cluster_name) aks_dns_prefix = local.base_name_60 - cosmosdb_name = "${local.base_name}-system-db" - nodepool_zones = [ "1", "2", @@ -509,33 +507,6 @@ resource "azurerm_role_assignment" "redis_queue" { scope = module.redis_queue.id } - -#------------------------------- -# CosmosDB -#------------------------------- -module "cosmosdb_account" { - source = "../../../modules/providers/azure/cosmosdb" - - name = local.cosmosdb_name - resource_group_name = azurerm_resource_group.main.name - primary_replica_location = var.cosmosdb_replica_location - automatic_failover = var.cosmosdb_automatic_failover - consistency_level = var.cosmosdb_consistency_level - databases = var.cosmos_databases - sql_collections = var.cosmos_sql_collections - - resource_tags = var.resource_tags -} - -// Add Access Control to Principal -resource "azurerm_role_assignment" "cosmos_access" { - count = length(local.rbac_principals) - - role_definition_name = "Contributor" - principal_id = local.rbac_principals[count.index] - scope = module.cosmosdb_account.account_id -} - #------------------------------- # Locks #------------------------------- @@ -547,13 +518,3 @@ resource "azurerm_management_lock" "sa_lock" { lock_level = "CanNotDelete" } -# Cosmos db lock -resource "azurerm_management_lock" "db_lock" { - name = "osdu_system_db_lock" - scope = module.cosmosdb_account.properties.cosmosdb.id - lock_level = "CanNotDelete" -} - - - - diff --git a/infra/templates/osdu-r3-mvp/service_resources/override.tfvars b/infra/templates/osdu-r3-mvp/service_resources/override.tfvars index 67222dd504ef37cae42f584aca4887227ab5288f..d76cf45af5d1b39c6b6ba96348c88d178704b786 100644 --- a/infra/templates/osdu-r3-mvp/service_resources/override.tfvars +++ b/infra/templates/osdu-r3-mvp/service_resources/override.tfvars @@ -39,39 +39,4 @@ aks_agent_vm_size = "Standard_E4s_v3" aks_agent_vm_count = "5" subnet_aks_prefix = "10.10.2.0/23" -# cosmos DB SQL collections -cosmos_sql_collections = [ - { - name = "Authority" - database_name = "osdu-system-db" - partition_key_path = "/id" - partition_key_version = null - - }, - { - name = "EntityType" - database_name = "osdu-system-db" - partition_key_path = "/id" - partition_key_version = null - }, - { - name = "SchemaInfo" - database_name = "osdu-system-db" - partition_key_path = "/partitionId" - partition_key_version = null - }, - { - name = "Source" - database_name = "osdu-system-db" - partition_key_path = "/id" - partition_key_version = null - }, - { - name = "WorkflowV2" - database_name = "osdu-system-db" - partition_key_path = "/partitionKey" - partition_key_version = 2 - }, -] - */ diff --git a/infra/templates/osdu-r3-mvp/service_resources/secrets.tf b/infra/templates/osdu-r3-mvp/service_resources/secrets.tf index 06bd3d0a301570f08ab71e05fdcd139430bda5e1..6b99567490311f943799fcda022fb9d31b882a9f 100644 --- a/infra/templates/osdu-r3-mvp/service_resources/secrets.tf +++ b/infra/templates/osdu-r3-mvp/service_resources/secrets.tf @@ -63,13 +63,7 @@ resource "azurerm_key_vault_secret" "storage_connection" { # Network #------------------------------- locals { - partition_id = "system" - ssl_cert_name = "appgw-ssl-cert" - - cosmos_connection = format("%s-cosmos-connection", local.partition_id) - cosmos_endpoint = format("%s-cosmos-endpoint", local.partition_id) - cosmos_primary_key = format("%s-cosmos-primary-key", local.partition_id) } resource "azurerm_key_vault_certificate" "default" { @@ -182,25 +176,4 @@ resource "azurerm_key_vault_secret" "redis_queue_password" { name = local.redis_queue_password_name value = module.redis_queue.primary_access_key key_vault_id = data.terraform_remote_state.central_resources.outputs.keyvault_id -} - -#------------------------------- -# CosmosDB -#------------------------------- -resource "azurerm_key_vault_secret" "cosmos_connection" { - name = local.cosmos_connection - value = module.cosmosdb_account.properties.cosmosdb.connection_strings[0] - key_vault_id = data.terraform_remote_state.central_resources.outputs.keyvault_id -} - -resource "azurerm_key_vault_secret" "cosmos_endpoint" { - name = local.cosmos_endpoint - value = module.cosmosdb_account.properties.cosmosdb.endpoint - key_vault_id = data.terraform_remote_state.central_resources.outputs.keyvault_id -} - -resource "azurerm_key_vault_secret" "cosmos_key" { - name = local.cosmos_primary_key - value = module.cosmosdb_account.properties.cosmosdb.primary_master_key - key_vault_id = data.terraform_remote_state.central_resources.outputs.keyvault_id } \ No newline at end of file diff --git a/infra/templates/osdu-r3-mvp/service_resources/terraform.tfvars b/infra/templates/osdu-r3-mvp/service_resources/terraform.tfvars index 31f8caaea8aaa21dbcf39104461afe116241d073..73d2947d911ee3e53c41d49243386665d1f6827b 100644 --- a/infra/templates/osdu-r3-mvp/service_resources/terraform.tfvars +++ b/infra/templates/osdu-r3-mvp/service_resources/terraform.tfvars @@ -62,50 +62,4 @@ feature_flag = { osdu_namespace = true flux = true sa_lock = true -} - - -# cosmos DB SQL collections -cosmos_sql_collections = [ - { - name = "Authority" - database_name = "osdu-system-db" - partition_key_path = "/id" - partition_key_version = null - - }, - { - name = "EntityType" - database_name = "osdu-system-db" - partition_key_path = "/id" - partition_key_version = null - }, - { - name = "SchemaInfo" - database_name = "osdu-system-db" - partition_key_path = "/partitionId" - partition_key_version = null - }, - { - name = "Source" - database_name = "osdu-system-db" - partition_key_path = "/id" - partition_key_version = null - }, - { - name = "WorkflowV2" - database_name = "osdu-system-db" - partition_key_path = "/partitionKey" - partition_key_version = 2 - }, -] - -# Database Settings -cosmosdb_consistency_level = "Session" -cosmos_databases = [ - { - name = "osdu-system-db" - throughput = 12000 - } -] - +} \ No newline at end of file diff --git a/infra/templates/osdu-r3-mvp/service_resources/tests/unit/unit_test.go b/infra/templates/osdu-r3-mvp/service_resources/tests/unit/unit_test.go index 6c054df4277dde9619380adff9b42dbc0b62f9b8..978741487ca5082d916734fdc61bb60e565e0f04 100644 --- a/infra/templates/osdu-r3-mvp/service_resources/tests/unit/unit_test.go +++ b/infra/templates/osdu-r3-mvp/service_resources/tests/unit/unit_test.go @@ -49,7 +49,7 @@ func TestTemplate(t *testing.T) { TfOptions: tfOptions, Workspace: workspace, PlanAssertions: nil, - ExpectedResourceCount: 114, + ExpectedResourceCount: 99, ExpectedResourceAttributeValues: resourceDescription, } diff --git a/infra/templates/osdu-r3-mvp/service_resources/variables.tf b/infra/templates/osdu-r3-mvp/service_resources/variables.tf index a4ec41344975abd0b4df662d768133c18597ee71..0259860f954bc3ac0eb892717d0e339585ae5d55 100644 --- a/infra/templates/osdu-r3-mvp/service_resources/variables.tf +++ b/infra/templates/osdu-r3-mvp/service_resources/variables.tf @@ -313,40 +313,3 @@ variable "appgw_max_capacity" { type = number default = 10 } - -variable "cosmosdb_replica_location" { - description = "The name of the Azure region to host replicated data. i.e. 'East US' 'East US 2'. More locations can be found at https://azure.microsoft.com/en-us/global-infrastructure/locations/" - type = string -} - -variable "cosmosdb_consistency_level" { - description = "The level of consistency backed by SLAs for Cosmos database. Developers can chose from five well-defined consistency levels on the consistency spectrum." - type = string - default = "Session" -} - -variable "cosmosdb_automatic_failover" { - description = "Determines if automatic failover is enabled for CosmosDB." - type = bool - default = true -} - -variable "cosmos_databases" { - description = "The list of Cosmos DB SQL Databases." - type = list(object({ - name = string - throughput = number - })) - default = [] -} - -variable "cosmos_sql_collections" { - description = "The list of cosmos collection names to create. Names must be unique per cosmos instance." - type = list(object({ - name = string - database_name = string - partition_key_path = string - partition_key_version = number - })) - default = [] -}