Modifications to infrastructure for easier creation and deletion of central resources.

Merge Request: Infrastructure Enhancements for Central Resource Management

Summary

This Merge Request (MR) introduces several improvements to the infrastructure codebase to enhance the manageability and configurability of central resources. The primary changes focus on enabling easier creation and deletion of CosmosDB resources and Key Vaults, particularly for development environments.

Changes Introduced

1. Updated .gitignore

• Added infra-azure-provisioning.sln to .gitignore to avoid tracking unwanted solution files.

2. Enhanced CosmosDB Replication Configuration

• Introduced a new variable enable_replication (default: true), allowing users to enable or disable CosmosDB geo-replication.
• Replaced static geo_location definitions with a dynamic block to conditionally configure replication.
• Improved handling of the primary replica location.

3. Key Vault Purge Protection Configuration

• Added keyvault_purge_protection_enabled variable (default: true), making it configurable to disable purge protection for development environments.
• Updated the Key Vault module to respect this variable, ensuring controlled deletions when required.

4. Terraform Variable and Configuration Updates

• Updated variables.tf in multiple locations to introduce:
  • cosmosdb_enable_replication: Controls whether CosmosDB replication is enabled.
  • keyvault_purge_protection_enabled: Configures Key Vault purge protection.
• Adjusted main.tf to properly reference the new variables.

5. Documentation Updates

• Enhanced the README.md to include optional configuration settings for:
  • Disabling Key Vault purge protection.
  • Disabling CosmosDB geo-replication.
• Provided examples for configuring these settings using both custom.tfvars and environment variables in .envrc.

Why These Changes?

• Improved Flexibility: Enables toggling replication and purge protection settings based on environment needs.
• Easier Resource Cleanup: Developers can now disable protections when working in non-production environments, avoiding delays due to soft-delete restrictions.
• Better Maintainability: Reduces hardcoded configurations, leveraging Terraform’s dynamic capabilities.

Testing and Validation

• Terraform plan applied successfully with both default and overridden configurations.
• CosmosDB accounts correctly handle replication settings based on the new variable.
• Key Vault purge protection settings reflect the expected behavior per environment configuration.

assigned to @danielscholl

added 1 commit

• 9dd3c9df - Terraform lint checks.

Compare with previous version

approved this merge request

added 1 commit

• 61e89f66 - Better readme

Compare with previous version

reset approvals from @lucynliu by pushing to the branch

added 1 commit

• 5f7a21d0 - Better readme

Compare with previous version

added 1 commit

• a210e00f - Better readme

Compare with previous version

added 1 commit

• e406f352 - Better readme

Compare with previous version

added 1 commit

• 042a890a - Better readme

Compare with previous version

added Azure label

merged

mentioned in commit 5f457d0a

changed milestone to %M25 - Release 0.28

Hi, this is a friendly reminder to assign appropriate labels and milestone to your future merge requests. Proper labeling and milestone assignment help us to track and prepare effectively for upcoming milestone releases.