Doing Event Grid Subscription with a EventHub endpoint
resource "azurerm_eventgrid_system_topic_event_subscription" "example" {
name = "example-event-subscription"
system_topic = azurerm_system_topic.example.name
resource_group_name = azurerm_resource_group.example.name
eventhub_endpoint {
eventhub_endpoint_id = azurerm_eventhub.example.id
}
I got the error like
Blocks of type "eventhub_endpoint" are not expected here.
Not sure what I'm missing here. Is the eventhub_endpoint is not a valid one ? How can i configure the eventhub for my event grid sub ?
Regarding the issue, please update your script as
resource "azurerm_eventgrid_system_topic_event_subscription" "example" {
name = "example-event-subscription"
system_topic = azurerm_eventgrid_system_topic.example.name
resource_group_name = azurerm_resource_group.example.name
eventhub_endpoint_id = azurerm_eventhub.example.id
}
For more details, please refer to here.
For example (I use terraform 0.15.4 on windows)
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=2.46.0"
}
}
}
provider "azurerm" {
subscription_id = "e5b0fcfa-e859-43f3-8d84-5e5fe29f4c68"
client_id = "42e0d080-b1f3-40cf-8db6-c4c522d988c4"
client_secret = "Gbx2eK64iqq_g_3NCA.ClJDfQpIjoae:"
tenant_id = "e4c9ab4e-bd27-40d5-8459-230ba2a757fb"
features {}
}
resource "azurerm_resource_group" "example" {
name = "example-rg"
location = "West Europe"
}
resource "azurerm_eventhub_namespace" "example" {
name = "testhubname0123"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
sku = "Standard"
capacity = 1
tags = {
environment = "Production"
}
}
resource "azurerm_eventhub" "example" {
name = "testhub0123"
namespace_name = azurerm_eventhub_namespace.example.name
resource_group_name = azurerm_resource_group.example.name
partition_count = 2
message_retention = 1
}
resource "azurerm_eventgrid_system_topic" "example" {
name = "example-system-topic"
location = "Global"
resource_group_name = azurerm_resource_group.example.name
source_arm_resource_id = azurerm_resource_group.example.id
topic_type = "Microsoft.Resources.ResourceGroups"
}
resource "azurerm_eventgrid_system_topic_event_subscription" "example" {
name = "example-event-subscription"
system_topic = azurerm_eventgrid_system_topic.example.name
resource_group_name = azurerm_resource_group.example.name
eventhub_endpoint_id = azurerm_eventhub.example.id
}
Related
I am trying to research if it is possible to create alerts for azure functions via terraform.
My goal is to create a general rule that can be setup for on going functions that would alert us if an automated/timed function fails for x amount of times
I tried to reproduce the same in my environment to create the Alerts in Function app using Terraform:
Terraform code.
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "thejesh-rg" {
name = "Thejesh-RG-resources"
location = "West Europe"
}
resource "azurerm_storage_account" "thejeshstorage" {
name = "thejeshstorageaccount"
resource_group_name = azurerm_resource_group.thejesh-rg.name
location = azurerm_resource_group.thejesh-rg.location
account_tier = "Standard"
account_replication_type = "LRS"
}
resource "azurerm_service_plan" "thejeshsp" {
name = "thejeshsp-app-service-plan"
resource_group_name = azurerm_resource_group.thejesh-rg.name
location = azurerm_resource_group.thejesh-rg.location
os_type = "Linux"
sku_name = "P1v2"
}
resource "azurerm_linux_function_app" "thejesh" {
name = "thejesh-linux-function-app"
resource_group_name = azurerm_resource_group.thejesh-rg.name
location = azurerm_resource_group.thejesh-rg.location
storage_account_name = azurerm_storage_account.thejeshstorage.name
storage_account_access_key = azurerm_storage_account.thejeshstorage.primary_access_key
service_plan_id = azurerm_service_plan.thejeshsp.id
site_config {}
}
resource "azurerm_monitor_action_group" "actiongroup" {
name = "thejesh-actiongroup"
resource_group_name = azurerm_resource_group.thejesh-rg.name
short_name = "exampleact"
email_receiver{
email_address = "Email-ID"
name = "sendtoadmin"
}
}
resource "azurerm_monitor_metric_alert" "metrics" {
name = "theja-metricalert"
resource_group_name = azurerm_resource_group.thejesh-rg.name
scopes = [azurerm_linux_function_app.thejesh.id]
description = "Action will be triggered when Transactions count is greater than 1."
criteria {
metric_namespace = "Microsoft.Web/sites"
metric_name = "Requests"
aggregation = "Total"
operator = "GreaterThan"
threshold = "1"
}
action {
action_group_id = azurerm_monitor_action_group.actiongroup.id
}
}
Terraform Plan:
Terraform Apply
Once ran the code resources are created.
Alert notification.
Successfully received email.
Yes it's possible. See the documentation here.
Sample taken from the docs is creating a metric alert:
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_storage_account" "to_monitor" {
name = "examplestorageaccount"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
}
resource "azurerm_monitor_action_group" "main" {
name = "example-actiongroup"
resource_group_name = azurerm_resource_group.example.name
short_name = "exampleact"
webhook_receiver {
name = "callmyapi"
service_uri = "http://example.com/alert"
}
}
resource "azurerm_monitor_metric_alert" "example" {
name = "example-metricalert"
resource_group_name = azurerm_resource_group.example.name
scopes = [azurerm_storage_account.to_monitor.id]
description = "Action will be triggered when Transactions count is greater than 50."
criteria {
metric_namespace = "Microsoft.Storage/storageAccounts"
metric_name = "Transactions"
aggregation = "Total"
operator = "GreaterThan"
threshold = 50
dimension {
name = "ApiName"
operator = "Include"
values = ["*"]
}
}
action {
action_group_id = azurerm_monitor_action_group.main.id
}
}
I have deployed a postgreesql server using terraform. I have configured schedule maintenance.
maintenance_window {
day_of_week = 0 // Sunday
start_hour = 21
start_minute = 0
}
Now i want to enable notifications through mail address for upcoming scheduled maintenance events using terraform for azure postgresql flexible server..could you please guide me how can i configure it through the terraform.is it possible to send a test event notification right after the configuration to check whether is it enabled or not ?. I really appreciate any positive reply and thanks in advance.
I tried to add the monitoring and email notifications for the postgresssql flexible server and got the below output
I have added the following script to get the email and notifications for flexible server
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "example" {
name = "RG_NAME"
location = "EASTUS"
}
resource "azurerm_virtual_network" "example" {
name = "example-vn"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
address_space = ["10.0.0.0/16"]
}
resource "azurerm_subnet" "example" {
name = "example-sn"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.example.name
address_prefixes = ["10.0.2.0/24"]
service_endpoints = ["Microsoft.Storage"]
delegation {
name = "fs"
service_delegation {
name = "Microsoft.DBforPostgreSQL/flexibleServers"
actions = [
"Microsoft.Network/virtualNetworks/subnets/join/action",
]
}
}
}
resource "azurerm_private_dns_zone" "example" {
name = "example.postgres.database.azure.com"
resource_group_name = azurerm_resource_group.example.name
}
resource "azurerm_private_dns_zone_virtual_network_link" "example" {
name = "exampleVnetZone.com"
private_dns_zone_name = azurerm_private_dns_zone.example.name
virtual_network_id = azurerm_virtual_network.example.id
resource_group_name = azurerm_resource_group.example.name
}
resource "azurerm_postgresql_flexible_server" "example" {
name = "example-psqlflexibleserver"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
version = "12"
delegated_subnet_id = azurerm_subnet.example.id
private_dns_zone_id = azurerm_private_dns_zone.example.id
administrator_login = "psqladmin"
administrator_password = "H#Sh1CoR3!"
zone = "1"
storage_mb = 32768
backup_retention_days = 30
geo_redundant_backup_enabled = true
sku_name = "GP_Standard_D4s_v3"
depends_on = [azurerm_private_dns_zone_virtual_network_link.example]
}
resource "azurerm_postgresql_flexible_server" "examplez" {
administrator_login = "psqladmin"
administrator_password = "H#Sh1CoR3!"
name = "dbserverex"
resource_group_name= "RG_NAME"
location = "eastus"
storage_mb = 32768
backup_retention_days = 30
geo_redundant_backup_enabled = true
sku_name = "GP_Standard_D4s_v3"
depends_on = [azurerm_private_dns_zone_virtual_network_link.example]
}
resource "azurerm_postgresql_flexible_server" "dbtomonitor" {
resource_group_name = "RG_NAME"
name = "testdb"
location = "eastus"
geo_redundant_backup_enabled = true
sku_name = "GP_Standard_D4s_v3"
depends_on = [azurerm_private_dns_zone_virtual_network_link.example]
}
resource "azurerm_monitor_metric_alert" "example" {
name = "example-metricalert"
resource_group_name = azurerm_postgresql_flexible_server.examplez.resource_group_name
scopes = [azurerm_postgresql_flexible_server.dbtomonitor.id]
description = "action will be triggered when cpu percent is greater than 80."
criteria {
metric_namespace = "Microsoft.Sql/servers/databases"
metric_name = "cpu_percent"
aggregation = "Average"
operator = "GreaterThan"
threshold = 80
}
action {
action_group_id = azurerm_monitor_action_group.example.id
}
}
resource "azurerm_monitor_action_group" "example" {
name = "CriticalAlertsAction"
resource_group_name = data.azurerm_mssql_server.example.resource_group_name
short_name = "p0action"
email_receiver {
name = "komaliXXXXXX#.com"
email_address = "youremailid"
use_common_alert_schema = true
}
}
After adding the above script run the below steps to execute the terraform file
terraform init
This will initialise the file
Terraform plan
This will creates an execution plan and it will preview the changes that terraform plans to make the infrastructure
it will show the monitoring and email notification rules
terraform apply
This will creates or updates the infrastructure depending on the configuration and also creates the metric rules for the flexible server
For more information use this reference link
NOTE:
Please make sure while writing the script, resource group , version, sku_name, admin credentials, location, storage_mb, email should be given
I want to create AKS and ACR resources in my Azure environment. The script is able to create the two resources, and I am able to connect to each of them. But the AKS node cannot pull images from the ACR. After some research, I found I need to create a Private Endpoint between the AKS and ACR.
The strange thing is that if I create the PE using Terraform the AKS and ACR still cannot communicate. If I create the PE manually, they can communicate. I compared the parameters of the two PEs on the UI and they look the same.
Could someone help me define the PE using the following script? Or let me know what I did wrong?
Thanks!
Full TF script without the Private Endpoint
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=2.97.0"
}
}
required_version = ">= 1.1.7"
}
provider "azurerm" {
features {}
subscription_id = "xxx"
}
resource "azurerm_resource_group" "rg" {
name = "aks-rg"
location = "East US"
}
resource "azurerm_kubernetes_cluster" "aks" {
name = "my-aks"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
dns_prefix = "myaks"
default_node_pool {
name = "default"
node_count = 2
vm_size = "Standard_B2s"
}
identity {
type = "SystemAssigned"
}
}
resource "azurerm_container_registry" "acr" {
name = "my-aks-acr-123"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
sku = "Premium"
admin_enabled = true
network_rule_set {
default_action = "Deny"
}
}
resource "azurerm_role_assignment" "acrpull" {
principal_id = azurerm_kubernetes_cluster.aks.kubelet_identity[0].object_id
role_definition_name = "AcrPull"
scope = azurerm_container_registry.acr.id
skip_service_principal_aad_check = true
}
Then you need to create a VNET, a Subnet (no part of this code ) plus a private DNS zone:
Private DNS zone:
resource "azurerm_private_dns_zone" "example" {
name = "mydomain.com"
resource_group_name = azurerm_resource_group.example.name
}
AKS Part:
resource "azurerm_kubernetes_cluster" "aks" {
name = "my-aks"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
dns_prefix = "myaks"
private_cluster_enabled = true
default_node_pool {
name = "default"
node_count = 2
vm_size = "Standard_B2s"
}
identity {
type = "SystemAssigned"
}
}
You need to create the ACR and a private endpoint for the ACR:
resource "azurerm_container_registry" "acr" {
name = "my-aks-acr-123"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
public_network_access_enabled = false
sku = "Premium"
admin_enabled = true
}
resource "azurerm_private_endpoint" "acr" {
name = "pvep-acr"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
subnet_id = YOUR_SUBNET
private_service_connection {
name = "example-acr"
private_connection_resource_id = azurerm_container_registry.acr.id
is_manual_connection = false
subresource_names = ["registry"]
}
private_dns_zone_group {
name = data.azurerm_private_dns_zone.example.name
private_dns_zone_ids = [data.azurerm_private_dns_zone.example.id]
}
}
resource "azurerm_role_assignment" "acrpull" {
principal_id = azurerm_kubernetes_cluster.aks.kubelet_identity[0].object_id
role_definition_name = "AcrPull"
scope = azurerm_container_registry.acr.id
skip_service_principal_aad_check = true
}
I want to create a serverless SQL pool database (that is associated with synapse) with terraform, I can not find a provider to do this. Is it possible?
I have tried using azurerm_mssql_server provider, but to no avail, eg:
data "azurerm_mssql_server" "synapseserverless" {
name = "${var.environment}${local.application_namespace}${local.location_id}synws-ondemand.sql.azuresynapse.net"
resource_group_name = azurerm_resource_group.rg_data.name
}
resource "azurerm_mssql_database" "reporting" {
name = "${var.environment}-${local.application_namespace}-${local.location_id}-sqldb-reporting"
server_id = data.azurerm_mssql_server.synapseserverless.id
read_scale = true
sku_name = "GP_S_Gen5_6"
zone_redundant = true
}
Thank you
You can use the below terraform code to create the serverless SQL pool database (that is associated with synapse).
provider "azurerm" {
features{}
}
data "azurerm_resource_group" "example" {
name = "XXXXXXXXX"
}
resource "azurerm_storage_account" "example" {
name = "examplestorageacc4353"
resource_group_name = data.azurerm_resource_group.example.name
location = data.azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
account_kind = "BlobStorage"
is_hns_enabled = true
}
resource "azurerm_storage_data_lake_gen2_filesystem" "example" {
name = "example"
storage_account_id = azurerm_storage_account.example.id
}
resource "azurerm_synapse_workspace" "example" {
name = "example77354"
resource_group_name = data.azurerm_resource_group.example.name
location = data.azurerm_resource_group.example.location
storage_data_lake_gen2_filesystem_id = azurerm_storage_data_lake_gen2_filesystem.example.id
sql_administrator_login = "sqladminuser"
sql_administrator_login_password = "H#Sh1CoR3!"
}
resource "azurerm_synapse_sql_pool" "example" {
name = "examplesqlpool456"
synapse_workspace_id = azurerm_synapse_workspace.example.id
sku_name = "DW100c"
create_mode = "Default"
}
Output
i am trying to create a windows webapp stack using terraform but it creates windows container service plan here is my code
can anyone please help
**code**
provider "azurerm" {
version = "= 2.69.0"
features {}
}
resource "azurerm_resource_group" "example" {
name = "functoss11"
location = "East Asia"
}
resource "azurerm_app_service_plan" "example" {
name = "ASP-ush-9388"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
sku {
tier = "basic"
size = "B1"
}
}
resource "azurerm_app_service" "example" {
name = "newddshaikh"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
app_service_plan_id = azurerm_app_service_plan.example.id
site_config {
dotnet_framework_version = "v5.0"
}
}