Commit 2b61a1c8 authored by Daniel Scholl's avatar Daniel Scholl
Browse files

Added Storage Account for Ingest

parent 60fabecb
......@@ -7,6 +7,7 @@ __Infra Changes__
- [Issue 76 - Add Terraform Service Resource Template Feature Flags](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/76)
- [Issue 80 - Feature Change - Data Partition - Enable CORS configuration for Blob Containers on Storage Accounts](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/80)
- [Issue 77 - Architecture Change - Central Resources - Add Graph Database](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/77)
- [Issue 84 - Architecture Change - Data Partition - Add dedicated Storage Account for use by Ingestion Service](https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-azure-provisioning/-/issues/84/)
......
docs/images/architecture.png

143 KB | W: | H:

docs/images/architecture.png

150 KB | W: | H:

docs/images/architecture.png
docs/images/architecture.png
docs/images/architecture.png
docs/images/architecture.png
  • 2-up
  • Swipe
  • Onion skin
......@@ -88,10 +88,11 @@ locals {
resource_group_name = format("%s-%s-%s-rg", var.prefix, local.workspace, random_string.workspace_scope.result)
retention_policy = var.log_retention_days == 0 ? false : true
storage_name = "${replace(local.base_name_21, "-", "")}data"
sdms_storage_name = "${replace(local.base_name_21, "-", "")}sdms"
cosmosdb_name = "${local.base_name}-db"
sb_namespace = "${local.base_name_21}-bus"
storage_name = "${replace(local.base_name_21, "-", "")}data"
sdms_storage_name = "${replace(local.base_name_21, "-", "")}sdms"
ingest_storage_name = "${replace(local.base_name_21, "-", "")}ingest"
cosmosdb_name = "${local.base_name}-db"
sb_namespace = "${local.base_name_21}-bus"
eg_sbtopic_subscriber = "servicebusrecordstopic"
eventgrid_name = "${local.base_name_21}-grid"
......@@ -211,6 +212,37 @@ resource "azurerm_role_assignment" "sdms_storage_data_contributor" {
scope = module.sdms_storage_account.id
}
module "ingest_storage_account" {
source = "../../../modules/providers/azure/storage-account"
name = local.ingest_storage_name
resource_group_name = azurerm_resource_group.main.name
container_names = []
kind = "StorageV2"
replication_type = var.storage_replication_type
resource_tags = var.resource_tags
}
// Add Access Control to Principal
resource "azurerm_role_assignment" "ingest_storage_access" {
count = length(local.rbac_principals)
role_definition_name = "Contributor"
principal_id = local.rbac_principals[count.index]
scope = module.ingest_storage_account.id
}
// Add Data Contributor Role to Principal
resource "azurerm_role_assignment" "ingest_storage_data_contributor" {
count = length(local.rbac_principals)
depends_on = [azurerm_role_assignment.ingest_storage_access]
role_definition_name = "Storage Blob Data Contributor"
principal_id = local.rbac_principals[count.index]
scope = module.ingest_storage_account.id
}
#-------------------------------
# CosmosDB
......
......@@ -33,6 +33,9 @@ locals {
sdms_storage_account_name = format("%s-sdms-storage", var.data_partition_name)
sdms_storage_key_name = format("%s-key", local.sdms_storage_account_name)
ingest_storage_account_name = format("%s-ingest-storage", var.data_partition_name)
ingest_storage_key_name = format("%s-key", local.ingest_storage_account_name)
cosmos_connection = format("%s-cosmos-connection", var.data_partition_name)
cosmos_endpoint = format("%s-cosmos-endpoint", var.data_partition_name)
cosmos_primary_key = format("%s-cosmos-primary-key", var.data_partition_name)
......@@ -92,6 +95,18 @@ resource "azurerm_key_vault_secret" "sdms_storage_key" {
key_vault_id = data.terraform_remote_state.central_resources.outputs.keyvault_id
}
resource "azurerm_key_vault_secret" "ingest_storage_name" {
name = local.ingest_storage_account_name
value = module.ingest_storage_account.name
key_vault_id = data.terraform_remote_state.central_resources.outputs.keyvault_id
}
resource "azurerm_key_vault_secret" "ingest_storage_key" {
name = local.ingest_storage_key_name
value = module.ingest_storage_account.primary_access_key
key_vault_id = data.terraform_remote_state.central_resources.outputs.keyvault_id
}
#-------------------------------
......
......@@ -33,7 +33,6 @@ storage_containers = [
"legal-service-azure-configuration",
"opendes",
"osdu-wks-mappings",
"workflow-tasks-sharing",
"wdms-osdu",
"file-staging-area",
"file-persistent-area"
......
......@@ -49,7 +49,7 @@ func TestTemplate(t *testing.T) {
TfOptions: tfOptions,
Workspace: workspace,
PlanAssertions: nil,
ExpectedResourceCount: 95,
ExpectedResourceCount: 102,
ExpectedResourceAttributeValues: resourceDescription,
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment