-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.bicep
95 lines (85 loc) · 2.47 KB
/
main.bicep
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
targetScope = 'subscription'
@description('Location / Region for deployment')
param location string = deployment().location
@description('Name part to use in lab name convention')
param labName string = 'ssl'
@description('/24 CIDR Prefix for the Hub vNet')
param hubVnetPrefix string = '10.0.1.0'
@description('Tags for resources')
param tags object = {
'Cost Centre': 'Research and Development'
'Resource Owner': 'CloudySpells Labs'
'Technical Contact': 'Roderick Bant'
}
// Lookup table for short location names for name convention
var shortLocations = {
westeurope: 'weu'
northeurope: 'neu'
swedencentral: 'swc'
uksouth: 'uks'
francecentral: 'frc'
germanywestcentral: 'dewc'
norwayeast: 'noe'
francesouth: 'frs'
germanynorth: 'den'
norwaywest: 'now'
ukwest: 'ukw'
}
// Name convention parts for infra
var infraName = '${ shortLocations[location] }-infra-${ labName }'
var lzName = '${ shortLocations[location] }-lz-${ labName }'
// Name convention resource group names
var rgNetworkName = 'rg-${ infraName }-network'
var rgMonitoringName = 'rg-${ infraName }-monitoring'
var rgLzName = 'rg-${ lzName }'
// Ensure resource group for monitoring exists
resource rgMonitoring 'Microsoft.Resources/resourceGroups@2022-09-01' = {
name: rgMonitoringName
location: location
tags: tags
}
// Ensure monitoring resources are deployed
module monitoring 'modules/monitoring.bicep' = {
scope: rgMonitoring
name: 'deploy-monitoring-${ labName }'
params: {
NameConventionParts: infraName
tags: tags
location: location
}
}
// Ensure networking resource group exists
resource rgNetwork 'Microsoft.Resources/resourceGroups@2022-09-01' = {
name: rgNetworkName
location: location
tags: tags
}
// Deploy hub network resources
module hubNetwork 'modules/hub-network.bicep' = {
scope: rgNetwork
name: 'deploy-hubnetwork-${ labName }'
params: {
NameConventionParts: infraName
hubVnetPrefix: hubVnetPrefix
monitoringLawId: monitoring.outputs.logAnalyticsId
location: location
tags: tags
}
}
resource rgLz 'Microsoft.Resources/resourceGroups@2022-09-01' = {
name: rgLzName
location: location
tags: tags
}
module lzNetwork 'modules/peered-vnet-to-hub.bicep' = {
scope: rgLz
name: 'deploy-lznetwork-${ labName }'
params: {
location: location
firewallIp: hubNetwork.outputs.firewallPrivateIpAddress
hubVnetId: hubNetwork.outputs.hubVnetId
tags: tags
vNetAddressPrefix: '10.0.100.0/24'
vNetName: 'vnet-${ lzName }'
}
}