Merge pull request #81 from matthiasritter/main

feat(private_endpoint.tf) allow custom location on private-endpoint
Azure · Jul 2, 2024 · bc77f09 · bc77f09
2 parents 1b1c537 + 71363fd
commit bc77f09
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 4 deletions.
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -9,7 +9,10 @@
 		"--network=host"
 	],
 
-	"mounts": [ "source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind" ],
+	"mounts": [ 
+    "source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind",
+    "source=${localEnv:HOME}${localEnv:USERPROFILE},target=/host-home-folder,type=bind,consistency=cached"
+   ],
   "customizations": {
     "vscode": {
       "settings": {

diff --git a/README.md b/README.md
@@ -63,7 +63,7 @@ No modules.
 | <a name="input_outbound_network_access_restricted"></a> [outbound\_network\_access\_restricted](#input\_outbound\_network\_access\_restricted) | Whether outbound network access is restricted for the Cognitive Account. Defaults to `false`. | `bool` | `false` | no |
 | <a name="input_pe_subresource"></a> [pe\_subresource](#input\_pe\_subresource) | A list of subresource names which the Private Endpoint is able to connect to. `subresource_names` corresponds to `group_id`. Possible values are detailed in the product [documentation](https://docs.microsoft.com/azure/private-link/private-endpoint-overview#private-link-resource) in the `Subresources` column. Changing this forces a new resource to be created. | `list(string)` | <pre>[<br>  "account"<br>]</pre> | no |
 | <a name="input_private_dns_zone"></a> [private\_dns\_zone](#input\_private\_dns\_zone) | A map of object that represents the existing Private DNS Zone you'd like to use. Leave this variable as default would create a new Private DNS Zone.<br>type = object({<br>  name                = "(Required) The name of the Private DNS Zone."<br>  resource\_group\_name = "(Optional) The Name of the Resource Group where the Private DNS Zone exists. If the Name of the Resource Group is not provided, the first Private DNS Zone from the list of Private DNS Zones in your subscription that matches `name` will be returned."<br>} | <pre>object({<br>    name                = string<br>    resource_group_name = optional(string)<br>  })</pre> | `null` | no |
-| <a name="input_private_endpoint"></a> [private\_endpoint](#input\_private\_endpoint) | A map of objects that represent the configuration for a private endpoint."<br>type = map(object({<br>  name                               = (Required) Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.<br>  vnet\_rg\_name                       = (Required) Specifies the name of the Resource Group where the Private Endpoint's Virtual Network Subnet exists. Changing this forces a new resource to be created.<br>  vnet\_name                          = (Required) Specifies the name of the Virtual Network where the Private Endpoint's Subnet exists. Changing this forces a new resource to be created.<br>  subnet\_name                        = (Required) Specifies the name of the Subnet which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.<br>  dns\_zone\_virtual\_network\_link\_name = (Optional) The name of the Private DNS Zone Virtual Network Link. Changing this forces a new resource to be created. Default to `dns_zone_link`.<br>  private\_dns\_entry\_enabled          = (Optional) Whether or not to create a `private_dns_zone_group` block for the Private Endpoint. Default to `false`.<br>  private\_service\_connection\_name    = (Optional) Specifies the Name of the Private Service Connection. Changing this forces a new resource to be created. Default to `privateserviceconnection`.<br>  is\_manual\_connection               = (Optional) Does the Private Endpoint require Manual Approval from the remote resource owner? Changing this forces a new resource to be created. Default to `false`.<br>})) | <pre>map(object({<br>    name                               = string<br>    vnet_rg_name                       = string<br>    vnet_name                          = string<br>    subnet_name                        = string<br>    dns_zone_virtual_network_link_name = optional(string, "dns_zone_link")<br>    private_dns_entry_enabled          = optional(bool, false)<br>    private_service_connection_name    = optional(string, "privateserviceconnection")<br>    is_manual_connection               = optional(bool, false)<br>  }))</pre> | `{}` | no |
+| <a name="input_private_endpoint"></a> [private\_endpoint](#input\_private\_endpoint) | A map of objects that represent the configuration for a private endpoint."<br>type = map(object({<br>  name                               = (Required) Specifies the Name of the Private Endpoint. Changing this forces a new resource to be created.<br>  vnet\_rg\_name                       = (Required) Specifies the name of the Resource Group where the Private Endpoint's Virtual Network Subnet exists. Changing this forces a new resource to be created.<br>  vnet\_name                          = (Required) Specifies the name of the Virtual Network where the Private Endpoint's Subnet exists. Changing this forces a new resource to be created.<br>  subnet\_name                        = (Required) Specifies the name of the Subnet which Private IP Addresses will be allocated for this Private Endpoint. Changing this forces a new resource to be created.<br>  dns\_zone\_virtual\_network\_link\_name = (Optional) The name of the Private DNS Zone Virtual Network Link. Changing this forces a new resource to be created. Default to `dns_zone_link`.<br>  private\_dns\_entry\_enabled          = (Optional) Whether or not to create a `private_dns_zone_group` block for the Private Endpoint. Default to `false`.<br>  private\_service\_connection\_name    = (Optional) Specifies the Name of the Private Service Connection. Changing this forces a new resource to be created. Default to `privateserviceconnection`.<br>  is\_manual\_connection               = (Optional) Does the Private Endpoint require Manual Approval from the remote resource owner? Changing this forces a new resource to be created. Default to `false`.<br>})) | <pre>map(object({<br>    name                               = string<br>    vnet_rg_name                       = string<br>    vnet_name                          = string<br>    subnet_name                        = string<br>    location                           = optional(string, null)<br>    dns_zone_virtual_network_link_name = optional(string, "dns_zone_link")<br>    private_dns_entry_enabled          = optional(bool, false)<br>    private_service_connection_name    = optional(string, "privateserviceconnection")<br>    is_manual_connection               = optional(bool, false)<br>  }))</pre> | `{}` | no |
 | <a name="input_public_network_access_enabled"></a> [public\_network\_access\_enabled](#input\_public\_network\_access\_enabled) | Whether public network access is allowed for the Cognitive Account. Defaults to `false`. | `bool` | `false` | no |
 | <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | Name of the azure resource group to use. The resource group must exist. | `string` | n/a | yes |
 | <a name="input_sku_name"></a> [sku\_name](#input\_sku\_name) | Specifies the SKU Name for this Cognitive Service Account. Possible values are `F0`, `F1`, `S0`, `S`, `S1`, `S2`, `S3`, `S4`, `S5`, `S6`, `P0`, `P1`, `P2`, `E0` and `DC0`. Default to `S0`. | `string` | `"S0"` | no |

diff --git a/private_endpoint.tf b/private_endpoint.tf
@@ -6,7 +6,7 @@ locals {
 resource "azurerm_private_endpoint" "this" {
   for_each = var.private_endpoint
 
-  location            = data.azurerm_resource_group.pe_vnet_rg[each.key].location
+  location            = each.value.location != null ? each.value.location : data.azurerm_resource_group.pe_vnet_rg[each.key].location
   name                = each.value.name
   resource_group_name = data.azurerm_resource_group.pe_vnet_rg[each.key].name
   subnet_id           = data.azurerm_subnet.pe_subnet[each.key].id
@@ -79,4 +79,4 @@ resource "azurerm_private_dns_zone_virtual_network_link" "dns_zone_link" {
     } /*<box>*/ : replace(k, "avm_", var.tracing_tags_prefix) => v } : {}) /*</box>*/), (/*<box>*/ (var.tracing_tags_enabled ? { for k, v in /*</box>*/ {
     avm_yor_name = "dns_zone_link"
   } /*<box>*/ : replace(k, "avm_", var.tracing_tags_prefix) => v } : {}) /*</box>*/))
-}
+}
diff --git a/variables.tf b/variables.tf
@@ -226,6 +226,7 @@ variable "private_endpoint" {
     vnet_rg_name                       = string
     vnet_name                          = string
     subnet_name                        = string
+    location                           = optional(string, null)
     dns_zone_virtual_network_link_name = optional(string, "dns_zone_link")
     private_dns_entry_enabled          = optional(bool, false)
     private_service_connection_name    = optional(string, "privateserviceconnection")