From 3d567bb97e2102e8dd14bcff12c4c93e1973348b Mon Sep 17 00:00:00 2001 From: Diego Lagos <92735530+diegolagospagopa@users.noreply.github.com> Date: Thu, 27 Jun 2024 16:48:35 +0200 Subject: [PATCH] feat: Printit Eventhub on DEV & UAT (#2217) * upgrated providers to last version * migrated eventhub in prod * removed eventhub from prod core * fix eventhubs in UAT and DEV * pre-commit fixs * pre-commit fixs --- src/core-itn/00_network.tf | 12 --- src/core-itn/10_evenhubs.tf | 52 ---------- src/core-itn/99_locals.tf | 4 - src/core-itn/99_variables.tf | 80 ---------------- src/core-itn/README.md | 13 --- src/core-itn/env/prod/terraform.tfvars | 59 ------------ src/domains/printit-app/.terraform.lock.hcl | 28 +++--- src/domains/printit-app/99_main.tf | 2 +- src/domains/printit-app/README.md | 2 +- .../printit-common/.terraform.lock.hcl | 40 +++----- src/domains/printit-common/00_network.tf | 12 +++ src/domains/printit-common/01_network.tf | 8 +- src/domains/printit-common/03_eventhub.tf | 59 +++++++++++- src/domains/printit-common/99_locals.tf | 4 +- src/domains/printit-common/99_main.tf | 2 +- src/domains/printit-common/99_variables.tf | 46 ++++----- src/domains/printit-common/README.md | 27 ++++-- .../env/itn-dev/terraform.tfvars | 94 ++++++++++++------- .../env/itn-prod/terraform.tfvars | 84 +++++++++++------ .../env/itn-uat/terraform.tfvars | 90 +++++++++++------- .../printit-legacy/.terraform.lock.hcl | 70 ++++++-------- src/domains/printit-legacy/99_main.tf | 2 +- src/domains/printit-legacy/README.md | 2 +- .../printit-secrets/.terraform.lock.hcl | 76 ++++++--------- src/domains/printit-secrets/01_keyvault.tf | 4 +- src/domains/printit-secrets/99_main.tf | 4 +- src/domains/printit-secrets/README.md | 8 +- src/next-core/README.md | 5 - 28 files changed, 383 insertions(+), 506 deletions(-) delete mode 100644 src/core-itn/10_evenhubs.tf diff --git a/src/core-itn/00_network.tf b/src/core-itn/00_network.tf index d7a55029c1..ddbb51a7e0 100644 --- a/src/core-itn/00_network.tf +++ b/src/core-itn/00_network.tf @@ -21,18 +21,6 @@ data "azurerm_resource_group" "rg_vnet_integration" { name = local.vnet_integration_resource_group_name } -# -# Eventhub -# -data "azurerm_private_dns_zone" "eventhub" { - name = "privatelink.servicebus.windows.net" - resource_group_name = local.msg_resource_group_name -} - -data "azurerm_resource_group" "rg_event_private_dns_zone" { - name = local.msg_resource_group_name -} - # # App GW integration # diff --git a/src/core-itn/10_evenhubs.tf b/src/core-itn/10_evenhubs.tf deleted file mode 100644 index 10788b6541..0000000000 --- a/src/core-itn/10_evenhubs.tf +++ /dev/null @@ -1,52 +0,0 @@ -resource "azurerm_resource_group" "eventhub_ita_rg" { - name = local.eventhub_resource_group_name - location = var.location - - tags = var.tags -} - - -module "eventhub_meucci" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//eventhub?ref=v8.13.0" - name = "${local.project}-evh-meucci" - location = var.location - resource_group_name = azurerm_resource_group.eventhub_ita_rg.name - auto_inflate_enabled = var.ehns_auto_inflate_enabled - sku = var.ehns_sku_name - capacity = var.ehns_capacity - maximum_throughput_units = var.ehns_maximum_throughput_units - #zone_redundat is always true - - virtual_network_ids = [module.vnet_italy[0].id, data.azurerm_virtual_network.vnet_core.id] - private_endpoint_subnet_id = azurerm_subnet.eventhubs_italy.id - public_network_access_enabled = var.ehns_public_network_access - private_endpoint_created = var.ehns_private_endpoint_is_present - - private_endpoint_resource_group_name = azurerm_resource_group.eventhub_ita_rg.name - - private_dns_zones = { - id = [data.azurerm_private_dns_zone.eventhub.id] - name = [data.azurerm_private_dns_zone.eventhub.name] - resource_group_name = data.azurerm_resource_group.rg_event_private_dns_zone.name - } - - private_dns_zone_record_A_name = "eventhub-meucci" - - action = [ - { - action_group_id = azurerm_monitor_action_group.slack.id - webhook_properties = null - }, - { - action_group_id = azurerm_monitor_action_group.email.id - webhook_properties = null - } - ] - - metric_alerts_create = var.ehns_metric_alerts_create - metric_alerts = var.ehns_metric_alerts - - tags = var.tags -} - - diff --git a/src/core-itn/99_locals.tf b/src/core-itn/99_locals.tf index 7ec7690acf..2ad2447f29 100644 --- a/src/core-itn/99_locals.tf +++ b/src/core-itn/99_locals.tf @@ -17,8 +17,4 @@ locals { vnet_integration_name = "${local.product}-vnet-integration" vnet_integration_resource_group_name = "${local.product}-vnet-rg" - - msg_resource_group_name = "${local.product}-msg-rg" - eventhub_resource_group_name = "${local.product_ita}-evenhub-rg" - } diff --git a/src/core-itn/99_variables.tf b/src/core-itn/99_variables.tf index 5cf167fe0a..27b3981aab 100644 --- a/src/core-itn/99_variables.tf +++ b/src/core-itn/99_variables.tf @@ -171,86 +171,6 @@ variable "dns_default_ttl_sec" { description = "Dns default ttl secs" } -# -# Event hub -# -variable "ehns_auto_inflate_enabled" { - type = bool - description = "Is Auto Inflate enabled for the EventHub Namespace?" - default = false -} - -variable "ehns_sku_name" { - type = string - description = "Defines which tier to use." -} - -variable "ehns_capacity" { - type = number - description = "Specifies the Capacity / Throughput Units for a Standard SKU namespace." -} - -variable "ehns_maximum_throughput_units" { - type = number - description = "Specifies the maximum number of throughput units when Auto Inflate is Enabled" -} - -variable "ehns_zone_redundant" { - type = bool - description = "Specifies if the EventHub Namespace should be Zone Redundant (created across Availability Zones)." -} - -# variable "ehns_alerts_enabled" { -# type = bool -# default = false -# description = "Event hub alerts enabled?" -# } - -variable "ehns_public_network_access" { - type = bool - description = "(Required) enables public network access to the event hubs" -} - -variable "ehns_private_endpoint_is_present" { - type = bool - description = "(Required) create private endpoint to the event hubs" -} - -variable "ehns_metric_alerts_create" { - type = bool - description = "Create metrics alerts for eventhub" -} - -variable "ehns_metric_alerts" { - default = {} - - description = < [container\_registry\_ita](#module\_container\_registry\_ita) | git::https://github.com/pagopa/terraform-azurerm-v3.git//container_registry | v8.13.0 | | [domain\_key\_vault\_secrets\_query](#module\_domain\_key\_vault\_secrets\_query) | git::https://github.com/pagopa/terraform-azurerm-v3.git//key_vault_secrets_query | v8.13.0 | -| [eventhub\_meucci](#module\_eventhub\_meucci) | git::https://github.com/pagopa/terraform-azurerm-v3.git//eventhub | v8.13.0 | | [key\_vault](#module\_key\_vault) | git::https://github.com/pagopa/terraform-azurerm-v3.git//key_vault | v8.13.0 | | [vnet\_ita\_peering](#module\_vnet\_ita\_peering) | git::https://github.com/pagopa/terraform-azurerm-v3.git//virtual_network_peering | v8.13.0 | | [vnet\_ita\_to\_integration\_peering](#module\_vnet\_ita\_to\_integration\_peering) | git::https://github.com/pagopa/terraform-azurerm-v3.git//virtual_network_peering | v8.13.0 | @@ -148,7 +147,6 @@ No outputs. | [azurerm_private_dns_zone_virtual_network_link.privatelink_table_cosmos_azure_com_vnet_link](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource | | [azurerm_public_ip.aks_leonardo_public_ip](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource | | [azurerm_resource_group.acr_ita_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | -| [azurerm_resource_group.eventhub_ita_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | | [azurerm_resource_group.monitor_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | | [azurerm_resource_group.rg_ita_vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | | [azurerm_resource_group.sec_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | @@ -165,7 +163,6 @@ No outputs. | [azurerm_key_vault_secret.monitor_notification_email](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source | | [azurerm_key_vault_secret.monitor_notification_slack_email](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source | | [azurerm_private_dns_zone.db_nodo_pagamenti_com](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | -| [azurerm_private_dns_zone.eventhub](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | | [azurerm_private_dns_zone.internal_env_platform_pagopa_it](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | | [azurerm_private_dns_zone.internal_postgresql_pagopa_it](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | | [azurerm_private_dns_zone.privatelink_azurecr_io](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | @@ -178,7 +175,6 @@ No outputs. | [azurerm_private_dns_zone.privatelink_servicebus_windows_net](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | | [azurerm_private_dns_zone.privatelink_table_core_windows_net](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | | [azurerm_private_dns_zone.privatelink_table_cosmos_azure_com](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | -| [azurerm_resource_group.rg_event_private_dns_zone](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source | | [azurerm_resource_group.rg_vnet_core](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source | | [azurerm_resource_group.rg_vnet_integration](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source | | [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source | @@ -198,15 +194,6 @@ No outputs. | [dns\_default\_ttl\_sec](#input\_dns\_default\_ttl\_sec) | Dns default ttl secs | `number` | n/a | yes | | [dns\_zone\_internal\_prefix](#input\_dns\_zone\_internal\_prefix) | The dns subdomain. | `string` | n/a | yes | | [domain](#input\_domain) | n/a | `string` | n/a | yes | -| [ehns\_auto\_inflate\_enabled](#input\_ehns\_auto\_inflate\_enabled) | Is Auto Inflate enabled for the EventHub Namespace? | `bool` | `false` | no | -| [ehns\_capacity](#input\_ehns\_capacity) | Specifies the Capacity / Throughput Units for a Standard SKU namespace. | `number` | n/a | yes | -| [ehns\_maximum\_throughput\_units](#input\_ehns\_maximum\_throughput\_units) | Specifies the maximum number of throughput units when Auto Inflate is Enabled | `number` | n/a | yes | -| [ehns\_metric\_alerts](#input\_ehns\_metric\_alerts) | Map of name = criteria objects | 
map(object({
    # criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
    aggregation = string
    metric_name = string
    description = string
    # criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
    operator  = string
    threshold = number
    # Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
    frequency = string
    # Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
    window_size = string

    dimension = list(object(
      {
        name     = string
        operator = string
        values   = list(string)
      }
    ))
  }))
| `{}` | no | -| [ehns\_metric\_alerts\_create](#input\_ehns\_metric\_alerts\_create) | Create metrics alerts for eventhub | `bool` | n/a | yes | -| [ehns\_private\_endpoint\_is\_present](#input\_ehns\_private\_endpoint\_is\_present) | (Required) create private endpoint to the event hubs | `bool` | n/a | yes | -| [ehns\_public\_network\_access](#input\_ehns\_public\_network\_access) | (Required) enables public network access to the event hubs | `bool` | n/a | yes | -| [ehns\_sku\_name](#input\_ehns\_sku\_name) | Defines which tier to use. | `string` | n/a | yes | -| [ehns\_zone\_redundant](#input\_ehns\_zone\_redundant) | Specifies if the EventHub Namespace should be Zone Redundant (created across Availability Zones). | `bool` | n/a | yes | | [env](#input\_env) | n/a | `string` | n/a | yes | | [env\_short](#input\_env\_short) | n/a | `string` | n/a | yes | | [external\_domain](#input\_external\_domain) | Domain for delegation | `string` | `"pagopa.it"` | no | diff --git a/src/core-itn/env/prod/terraform.tfvars b/src/core-itn/env/prod/terraform.tfvars index d4ca469083..ed77e63408 100644 --- a/src/core-itn/env/prod/terraform.tfvars +++ b/src/core-itn/env/prod/terraform.tfvars @@ -59,65 +59,6 @@ monitor_resource_group_name = "pagopa-p-monitor-rg" log_analytics_workspace_name = "pagopa-p-law" log_analytics_workspace_resource_group_name = "pagopa-p-monitor-rg" - -# to avoid https://docs.microsoft.com/it-it/azure/event-hubs/event-hubs-messaging-exceptions#error-code-50002 -ehns_auto_inflate_enabled = true -ehns_maximum_throughput_units = 5 -ehns_capacity = 5 -ehns_zone_redundant = true -ehns_public_network_access = true -ehns_private_endpoint_is_present = true -ehns_sku_name = "Standard" -ehns_metric_alerts_create = true - -ehns_metric_alerts = { - no_trx = { - aggregation = "Total" - metric_name = "IncomingMessages" - description = "No transactions received from acquirer in the last 24h" - operator = "LessThanOrEqual" - threshold = 1000 - frequency = "PT1H" - window_size = "P1D" - dimension = [ - { - name = "EntityName" - operator = "Include" - values = ["rtd-trx"] - } - ], - }, - active_connections = { - aggregation = "Average" - metric_name = "ActiveConnections" - description = null - operator = "LessThanOrEqual" - threshold = 0 - frequency = "PT5M" - window_size = "PT15M" - dimension = [], - }, - error_trx = { - aggregation = "Total" - metric_name = "IncomingMessages" - description = "Transactions rejected from one acquirer file received. trx write on eventhub. check immediately" - operator = "GreaterThan" - threshold = 0 - frequency = "PT5M" - window_size = "PT30M" - dimension = [ - { - name = "EntityName" - operator = "Include" - values = [ - "nodo-dei-pagamenti-log", - "nodo-dei-pagamenti-re" - ] - } - ], - }, -} - # # Container registry ACR # diff --git a/src/domains/printit-app/.terraform.lock.hcl b/src/domains/printit-app/.terraform.lock.hcl index a8eea138fa..127de99537 100644 --- a/src/domains/printit-app/.terraform.lock.hcl +++ b/src/domains/printit-app/.terraform.lock.hcl @@ -22,22 +22,22 @@ provider "registry.terraform.io/hashicorp/azuread" { } provider "registry.terraform.io/hashicorp/azurerm" { - version = "3.101.0" - constraints = "~> 3.30, ~> 3.39, <= 3.101.0" + version = "3.106.0" + constraints = "~> 3.30, ~> 3.39, <= 3.106.0" hashes = [ - "h1:zMIUEwRG0bqSrAQXh5ddqDRB89ipqEdK6RVQ5ZopbmU=", - "zh:38b02bce5cbe83f938a71716bbf9e8b07fed8b2c6b83c19b5e708eda7dee0f1d", - "zh:3ed094366ab35c4fcd632471a7e45a84ca6c72b00477cdf1276e541a0171b369", - "zh:62bf7cde429f465173e40eebb6840f4e380dfc9dcec2d89dbcb6ce5bce379e50", - "zh:90761096666575f0a21275822011e08d72389a575f45e4c1c8e1d26c3b794750", - "zh:9494acbacc2b67cf87ae510862ca2c826d0e04662274477f8de1707cefa7c0f3", - "zh:9a01128004eab67ed90e9decb92271c187e95e0d6e9f136b5bbc8bf3a2189d41", - "zh:9e4eed599cecc2b2aff4dc334b154aad0ad80b5a07439139fc28b22fcff0c8aa", - "zh:a5f940e5b8b813b18d9ecd974fdda1ae989870a8a5d897fda8cff4c5368e6e24", - "zh:bc7c6bfad523f6c0fad7ef9f8d4c264f72cb9f29fce3a69f8483c63e70eb5085", - "zh:d9ba2c6bd082775e6d2d6453486ebb3ecc86ecf127e1d86eddf1a952b545c04e", - "zh:e288cce3c324a26d1e01a83e3fe2215537075ab897364539b6cabba298122654", + "h1:Mxe1/I27IZK3BP6cm84Gt0+7PXd2EDaDUMxuljm/rUA=", + "zh:07980d6fdc40c0adb670c8413a5c667917d6dbb51fcedc467c35d64c2f3a1f47", + "zh:2e6e8491b1f089644b0d23f8da83398f1e10cf5a62b16efcef2b5454fe923038", + "zh:450dbd72821c5619cc3bcdc20fdd0e29515147e44b733f9c79d3a75851810055", + "zh:5e234c0a2f3c9677ea72b2a6e6ca90defb99fab29ae565f5d1f70728ba4ba78f", + "zh:83fd042ece6977429d79affd03d6ce963d2f122604dbf15a1abf203d7a7bbc8a", + "zh:93027e1f66b3bf83398d572d4e6f6e7777330c78c54da3226dadd50fd868ada9", + "zh:ae3d1dd66140c303df97d93c47a60f16735ce17cf156f45475dcee4a7360af5b", + "zh:daf9d2eb89e785458a76b88bf2ef0696c472094c77cc9cff3b3ea4b885c5a482", + "zh:dd46370141651e6549da6d85e25c7a6770c47581bbaaa27eda2886d41d849747", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + "zh:f77405c0d8f6e0d93d9da83256b3b02c164bad4c791ed9604310ff02ae086ad1", + "zh:ffa769147bda833aef8802e3a391bd175ec749862764d61cbdaa8200d5b8f893", ] } diff --git a/src/domains/printit-app/99_main.tf b/src/domains/printit-app/99_main.tf index 9308505763..8bf0b91ba8 100644 --- a/src/domains/printit-app/99_main.tf +++ b/src/domains/printit-app/99_main.tf @@ -3,7 +3,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "<= 3.101.0" + version = "<= 3.106.0" } azuread = { source = "hashicorp/azuread" diff --git a/src/domains/printit-app/README.md b/src/domains/printit-app/README.md index d1b31efaee..c816229b4b 100644 --- a/src/domains/printit-app/README.md +++ b/src/domains/printit-app/README.md @@ -123,7 +123,7 @@ No outputs. |------|---------| | [terraform](#requirement\_terraform) | >= 1.6.0 | | [azuread](#requirement\_azuread) | <= 2.47.0 | -| [azurerm](#requirement\_azurerm) | <= 3.101.0 | +| [azurerm](#requirement\_azurerm) | <= 3.106.0 | | [helm](#requirement\_helm) | <= 2.12.1 | | [kubernetes](#requirement\_kubernetes) | <= 2.29.0 | | [null](#requirement\_null) | <= 3.2.1 | diff --git a/src/domains/printit-common/.terraform.lock.hcl b/src/domains/printit-common/.terraform.lock.hcl index cbfe45ce34..e65c67e1b3 100644 --- a/src/domains/printit-common/.terraform.lock.hcl +++ b/src/domains/printit-common/.terraform.lock.hcl @@ -5,11 +5,7 @@ provider "registry.terraform.io/hashicorp/azuread" { version = "2.47.0" constraints = "<= 2.47.0" hashes = [ - "h1:8J74v92UvtqVNucugAtB+Sd44oTgnhfct+Xf8ObOZug=", - "h1:KB9BNRNStbdsfdRmVXUwXtN77qgX5VjBy2UALcqp218=", - "h1:g8+gBFM4QVOEQFqAEs5pR6iXpbGvgPvcEi1evHwziyw=", "h1:iRwDQBdXBpVBoYwM9au2RG01RQuJSm3TGQ2kioFVAas=", - "h1:zYMGokLn44KSWir7Nr4t8lEAPMB6JuXd2LlP2Ac2tMY=", "zh:1372d81eb24ef3b4b00ea350fe87219f22da51691b8e42ce91d662f6c2a8af5e", "zh:1c3e89cf19118fc07d7b04257251fc9897e722c16e0a0df7b07fcd261f8c12e7", "zh:1e654a74d171d6ff8f9f6f67e3ff1421d4c5e56a18607703626bf12cd23ba001", @@ -26,26 +22,22 @@ provider "registry.terraform.io/hashicorp/azuread" { } provider "registry.terraform.io/hashicorp/azurerm" { - version = "3.97.1" - constraints = ">= 3.30.0, >= 3.76.0, <= 3.97.1, <= 3.100.0" + version = "3.106.0" + constraints = "~> 3.30, ~> 3.76, <= 3.106.0" hashes = [ - "h1:LtwGbd4HEb5QCXmdxSvTjPSh8/Gp8eAQMYfiAKaubV4=", - "h1:b8yfRYs+CepOlnx1JeQVMTX3N6HHfS85iOXE8hn8yok=", - "h1:klBuN2uVZF7AVMhskbbgF8pygyhPBxsjedB1GUV79PA=", - "h1:m5wyoRGjbVfJU2YaGZrN1lfGgjpyuwi7Ykw1uHdwlAg=", - "h1:vwYchGsh1TY+/GjUv6CUS6It2opnMYYYVt4GBvCmesY=", - "zh:15171efcc3aa3a37748c502c493cb16ecff603b81ada4499a843574976bac524", - "zh:2ca6c13a4a96f67763ecced0015c7b101ee02d54ea54b28a8df4ae06468071b1", - "zh:2e3c77dbfd8f760132ecef2d6117e939cbea26b96aba5e4d926e7f7f0f7afe72", - "zh:4bc346eece1622be93c73801d8256502b11fd7c2e7f7cea12d048bb9fc9fe900", - "zh:4f1042942ed8d0433680a367527289459d43b0894a51eaba83ac414e80d5187f", - "zh:63e674c31482ae3579ea84daf5b1ba066ce40cb23475f54e17b6b131320a1bec", - "zh:8327148766dcb7a174673729a832c8095d7e137d0e6c7e2a9a01da48b8b73fbe", - "zh:851b3ae417059a80c7813e7f0063298a590a42f056004f2c2558ea14061c207e", - "zh:ac081b48907139c121a422ae9b1f40fc72c6aaaeb05cbdbf848102a6a5f426f4", - "zh:dc1d663df2d95e4ba91070ceb20d3560b6ea5c465d39c57a5979319302643e41", - "zh:ed26457367cbbb94237e935d297cb31b5687f9abf697377da0ee46974480db9b", + "h1:Mxe1/I27IZK3BP6cm84Gt0+7PXd2EDaDUMxuljm/rUA=", + "zh:07980d6fdc40c0adb670c8413a5c667917d6dbb51fcedc467c35d64c2f3a1f47", + "zh:2e6e8491b1f089644b0d23f8da83398f1e10cf5a62b16efcef2b5454fe923038", + "zh:450dbd72821c5619cc3bcdc20fdd0e29515147e44b733f9c79d3a75851810055", + "zh:5e234c0a2f3c9677ea72b2a6e6ca90defb99fab29ae565f5d1f70728ba4ba78f", + "zh:83fd042ece6977429d79affd03d6ce963d2f122604dbf15a1abf203d7a7bbc8a", + "zh:93027e1f66b3bf83398d572d4e6f6e7777330c78c54da3226dadd50fd868ada9", + "zh:ae3d1dd66140c303df97d93c47a60f16735ce17cf156f45475dcee4a7360af5b", + "zh:daf9d2eb89e785458a76b88bf2ef0696c472094c77cc9cff3b3ea4b885c5a482", + "zh:dd46370141651e6549da6d85e25c7a6770c47581bbaaa27eda2886d41d849747", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + "zh:f77405c0d8f6e0d93d9da83256b3b02c164bad4c791ed9604310ff02ae086ad1", + "zh:ffa769147bda833aef8802e3a391bd175ec749862764d61cbdaa8200d5b8f893", ] } @@ -53,11 +45,7 @@ provider "registry.terraform.io/hashicorp/null" { version = "3.2.2" constraints = "<= 3.2.2" hashes = [ - "h1:Gef5VGfobY5uokA5nV/zFvWeMNR2Pmq79DH94QnNZPM=", - "h1:IMVAUHKoydFrlPrl9OzasDnw/8ntZFerCC9iXw1rXQY=", - "h1:m467k2tZ9cdFFgHW7LPBK2GLPH43LC6wc3ppxr8yvoE=", "h1:vWAsYRd7MjYr3adj8BVKRohVfHpWQdvkIwUQ2Jf5FVM=", - "h1:zT1ZbegaAYHwQa+QwIFugArWikRJI9dqohj8xb0GY88=", "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7", "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a", "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3", diff --git a/src/domains/printit-common/00_network.tf b/src/domains/printit-common/00_network.tf index 856ec4d6ae..4e392b4ce4 100644 --- a/src/domains/printit-common/00_network.tf +++ b/src/domains/printit-common/00_network.tf @@ -43,3 +43,15 @@ data "azurerm_private_dns_zone" "privatelink_queue_azure_com" { name = "privatelink.queue.core.windows.net" resource_group_name = local.vnet_core_resource_group_name } + +# +# Eventhub +# +data "azurerm_private_dns_zone" "eventhub" { + name = "privatelink.servicebus.windows.net" + resource_group_name = local.msg_resource_group_name +} + +data "azurerm_resource_group" "rg_event_private_dns_zone" { + name = local.msg_resource_group_name +} diff --git a/src/domains/printit-common/01_network.tf b/src/domains/printit-common/01_network.tf index cd3139baf0..8ff9289671 100644 --- a/src/domains/printit-common/01_network.tf +++ b/src/domains/printit-common/01_network.tf @@ -41,7 +41,6 @@ resource "azurerm_subnet" "cidr_postgres_italy" { address_prefixes = var.cidr_printit_postgresql_italy } - resource "azurerm_subnet" "pdf_engine_italy_snet" { name = "${local.project}-pdf-engine-snet" resource_group_name = data.azurerm_resource_group.rg_vnet_italy.name @@ -56,3 +55,10 @@ resource "azurerm_subnet" "pdf_engine_italy_snet" { } } } + +resource "azurerm_subnet" "eventhub_italy" { + name = "${local.project}-eventhub-snet" + resource_group_name = data.azurerm_resource_group.rg_vnet_italy.name + virtual_network_name = data.azurerm_virtual_network.vnet_italy.name + address_prefixes = var.cidr_printit_eventhub_italy +} diff --git a/src/domains/printit-common/03_eventhub.tf b/src/domains/printit-common/03_eventhub.tf index 6ea5208c75..e4e042d231 100644 --- a/src/domains/printit-common/03_eventhub.tf +++ b/src/domains/printit-common/03_eventhub.tf @@ -1,9 +1,62 @@ -module "eventhub_printit" { +resource "azurerm_resource_group" "eventhub_ita_rg" { + name = local.eventhub_resource_group_name + location = var.location + + tags = var.tags +} + +module "eventhub_namespace" { + source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//eventhub?ref=v8.22.0" + name = "${local.project}-evh" + location = var.location + resource_group_name = azurerm_resource_group.eventhub_ita_rg.name + auto_inflate_enabled = var.ehns_auto_inflate_enabled + sku = var.ehns_sku_name + capacity = var.ehns_capacity + maximum_throughput_units = var.ehns_maximum_throughput_units + #zone_redundat is always true + + virtual_network_ids = [data.azurerm_virtual_network.vnet_italy.id] + private_endpoint_subnet_id = azurerm_subnet.eventhub_italy.id + public_network_access_enabled = var.ehns_public_network_access + private_endpoint_created = var.ehns_private_endpoint_is_present + + private_endpoint_resource_group_name = azurerm_resource_group.eventhub_ita_rg.name + + private_dns_zones = { + id = [data.azurerm_private_dns_zone.eventhub.id] + name = [data.azurerm_private_dns_zone.eventhub.name] + resource_group_name = data.azurerm_resource_group.rg_event_private_dns_zone.name + } + + private_dns_zone_record_A_name = "${var.domain}.${var.location_short}" + + action = [ + { + action_group_id = data.azurerm_monitor_action_group.slack.id + webhook_properties = null + }, + { + action_group_id = data.azurerm_monitor_action_group.email.id + webhook_properties = null + } + ] + + metric_alerts_create = var.ehns_alerts_enabled + metric_alerts = var.ehns_metric_alerts + + tags = var.tags +} + +# +# CONFIGURATION +# +module "eventhub_printit_configuration" { source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//eventhub_configuration?ref=v8.22.0" count = var.is_feature_enabled.eventhub ? 1 : 0 - event_hub_namespace_name = "${var.prefix}-${var.env_short}-${var.location_short}-core-evh-meucci" - event_hub_namespace_resource_group_name = "${var.prefix}-${var.env_short}-${var.location_short}-evenhub-rg" + event_hub_namespace_name = module.eventhub_namespace.name + event_hub_namespace_resource_group_name = azurerm_resource_group.eventhub_ita_rg.name eventhubs = [ { diff --git a/src/domains/printit-common/99_locals.tf b/src/domains/printit-common/99_locals.tf index e30fbca639..68e8a53627 100644 --- a/src/domains/printit-common/99_locals.tf +++ b/src/domains/printit-common/99_locals.tf @@ -5,7 +5,6 @@ locals { project_core_itn = "${var.prefix}-${var.env_short}-${var.location_short}-core" - monitor_appinsights_name = "${local.product}-appinsights" monitor_appinsights_italy_name = "${local.project_core_itn}-appinsights" monitor_action_group_slack_name = "SlackPagoPA" @@ -31,4 +30,7 @@ locals { ["azdo-${var.env}-pagopa-iac-deploy", "azdo-${var.env}-pagopa-iac-plan"] ) + + msg_resource_group_name = "${local.product}-msg-rg" + eventhub_resource_group_name = "${local.project}-evh-rg" } diff --git a/src/domains/printit-common/99_main.tf b/src/domains/printit-common/99_main.tf index 35e05f8aa4..cb415d65d1 100644 --- a/src/domains/printit-common/99_main.tf +++ b/src/domains/printit-common/99_main.tf @@ -3,7 +3,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "<= 3.97.1" + version = "<= 3.106.0" } azuread = { source = "hashicorp/azuread" diff --git a/src/domains/printit-common/99_variables.tf b/src/domains/printit-common/99_variables.tf index 1c5f98c5a6..72253d202a 100644 --- a/src/domains/printit-common/99_variables.tf +++ b/src/domains/printit-common/99_variables.tf @@ -110,6 +110,11 @@ variable "cidr_printit_pdf_engine_italy" { description = "Address prefixes for all pdf engine accounts in italy." } +variable "cidr_printit_eventhub_italy" { + type = list(string) + description = "Address prefixes for all evh accounts in italy." +} + ### External resources variable "monitor_resource_group_name" { @@ -203,6 +208,9 @@ variable "cosmos_mongo_db_notices_params" { }) } +# +# Storage account +# variable "notices_storage_account" { type = object({ account_kind = string @@ -253,41 +261,50 @@ variable "institutions_storage_account" { } +# +# Eventhub +# + +variable "ehns_public_network_access" { + type = bool + description = "(Required) enables public network access to the event hubs" +} + +variable "ehns_private_endpoint_is_present" { + type = bool + description = "(Required) create private endpoint to the event hubs" +} + variable "ehns_sku_name" { type = string description = "Defines which tier to use." - default = "Basic" } variable "ehns_capacity" { type = number description = "Specifies the Capacity / Throughput Units for a Standard SKU namespace." - default = null } variable "ehns_maximum_throughput_units" { type = number description = "Specifies the maximum number of throughput units when Auto Inflate is Enabled" - default = null } variable "ehns_auto_inflate_enabled" { type = bool description = "Is Auto Inflate enabled for the EventHub Namespace?" - default = false } variable "ehns_zone_redundant" { type = bool description = "Specifies if the EventHub Namespace should be Zone Redundant (created across Availability Zones)." - default = false } variable "ehns_alerts_enabled" { type = bool - default = true description = "Event hub alerts enabled?" } + variable "ehns_metric_alerts" { default = {} @@ -317,20 +334,3 @@ EOD )) })) } - -variable "eventhubs" { - description = "A list of event hubs to add to namespace." - type = list(object({ - name = string - partitions = number - message_retention = number - consumers = list(string) - keys = list(object({ - name = string - listen = bool - send = bool - manage = bool - })) - })) - default = [] -} diff --git a/src/domains/printit-common/README.md b/src/domains/printit-common/README.md index 2dcf23ff0d..1017e81848 100644 --- a/src/domains/printit-common/README.md +++ b/src/domains/printit-common/README.md @@ -110,7 +110,7 @@ No outputs. |------|---------| | [terraform](#requirement\_terraform) | >= 1.6 | | [azuread](#requirement\_azuread) | <= 2.47.0 | -| [azurerm](#requirement\_azurerm) | <= 3.97.1 | +| [azurerm](#requirement\_azurerm) | <= 3.106.0 | | [null](#requirement\_null) | <= 3.2.2 | ## Modules @@ -119,7 +119,8 @@ No outputs. |------|--------|---------| | [cosmosdb\_account\_mongodb](#module\_cosmosdb\_account\_mongodb) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_account | v8.22.0 | | [cosmosdb\_notices\_collections](#module\_cosmosdb\_notices\_collections) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cosmosdb_mongodb_collection | v8.22.0 | -| [eventhub\_printit](#module\_eventhub\_printit) | git::https://github.com/pagopa/terraform-azurerm-v3.git//eventhub_configuration | v8.22.0 | +| [eventhub\_namespace](#module\_eventhub\_namespace) | git::https://github.com/pagopa/terraform-azurerm-v3.git//eventhub | v8.22.0 | +| [eventhub\_printit\_configuration](#module\_eventhub\_printit\_configuration) | git::https://github.com/pagopa/terraform-azurerm-v3.git//eventhub_configuration | v8.22.0 | | [identity\_cd\_01](#module\_identity\_cd\_01) | github.com/pagopa/terraform-azurerm-v3//github_federated_identity | v8.22.0 | | [identity\_pr\_01](#module\_identity\_pr\_01) | github.com/pagopa/terraform-azurerm-v3//github_federated_identity | v8.22.0 | | [institutions\_sa](#module\_institutions\_sa) | git::https://github.com/pagopa/terraform-azurerm-v3.git//storage_account | v8.22.0 | @@ -140,6 +141,7 @@ No outputs. | [azurerm_private_endpoint.notices_table_private_endpoint](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource | | [azurerm_private_endpoint.templates_blob_private_endpoint](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource | | [azurerm_resource_group.db_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | +| [azurerm_resource_group.eventhub_ita_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | | [azurerm_resource_group.printit_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | | [azurerm_role_assignment.role_blob_storage_pdf](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource | | [azurerm_storage_container.institutions_blob_file](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container) | resource | @@ -152,6 +154,7 @@ No outputs. | [azurerm_subnet.cidr_redis_italy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource | | [azurerm_subnet.cidr_storage_italy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource | | [azurerm_subnet.cosmosdb_italy_snet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource | +| [azurerm_subnet.eventhub_italy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource | | [azurerm_subnet.pdf_engine_italy_snet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource | | [azurerm_user_assigned_identity.identity_blob_storage_pdf](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/user_assigned_identity) | resource | | [null_resource.github_runner_app_permissions_to_namespace_cd_01](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | @@ -164,12 +167,14 @@ No outputs. | [azurerm_monitor_action_group.email](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/monitor_action_group) | data source | | [azurerm_monitor_action_group.slack](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/monitor_action_group) | data source | | [azurerm_private_dns_zone.cosmos](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | +| [azurerm_private_dns_zone.eventhub](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | | [azurerm_private_dns_zone.internal](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | | [azurerm_private_dns_zone.privatelink_blob_azure_com](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | | [azurerm_private_dns_zone.privatelink_queue_azure_com](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | | [azurerm_private_dns_zone.privatelink_table_azure_com](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source | | [azurerm_resource_group.identity_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source | | [azurerm_resource_group.monitor_italy_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source | +| [azurerm_resource_group.rg_event_private_dns_zone](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source | | [azurerm_resource_group.rg_vnet_italy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source | | [azurerm_subnet.aks_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subnet) | data source | | [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source | @@ -180,6 +185,7 @@ No outputs. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [cidr\_printit\_cosmosdb\_italy](#input\_cidr\_printit\_cosmosdb\_italy) | Address prefixes for all cosmosdb in italy. | `list(string)` | n/a | yes | +| [cidr\_printit\_eventhub\_italy](#input\_cidr\_printit\_eventhub\_italy) | Address prefixes for all evh accounts in italy. | `list(string)` | n/a | yes | | [cidr\_printit\_pdf\_engine\_italy](#input\_cidr\_printit\_pdf\_engine\_italy) | Address prefixes for all pdf engine accounts in italy. | `list(string)` | n/a | yes | | [cidr\_printit\_postgresql\_italy](#input\_cidr\_printit\_postgresql\_italy) | Address prefixes for all postgresql accounts in italy. | `list(string)` | n/a | yes | | [cidr\_printit\_redis\_italy](#input\_cidr\_printit\_redis\_italy) | Address prefixes for all redis accounts in italy. | `list(string)` | n/a | yes | @@ -189,16 +195,17 @@ No outputs. | [dns\_zone\_platform](#input\_dns\_zone\_platform) | The platform dns subdomain. | `string` | `null` | no | | [dns\_zone\_prefix](#input\_dns\_zone\_prefix) | The wallet dns subdomain. | `string` | `null` | no | | [domain](#input\_domain) | n/a | `string` | n/a | yes | -| [ehns\_alerts\_enabled](#input\_ehns\_alerts\_enabled) | Event hub alerts enabled? | `bool` | `true` | no | -| [ehns\_auto\_inflate\_enabled](#input\_ehns\_auto\_inflate\_enabled) | Is Auto Inflate enabled for the EventHub Namespace? | `bool` | `false` | no | -| [ehns\_capacity](#input\_ehns\_capacity) | Specifies the Capacity / Throughput Units for a Standard SKU namespace. | `number` | `null` | no | -| [ehns\_maximum\_throughput\_units](#input\_ehns\_maximum\_throughput\_units) | Specifies the maximum number of throughput units when Auto Inflate is Enabled | `number` | `null` | no | +| [ehns\_alerts\_enabled](#input\_ehns\_alerts\_enabled) | Event hub alerts enabled? | `bool` | n/a | yes | +| [ehns\_auto\_inflate\_enabled](#input\_ehns\_auto\_inflate\_enabled) | Is Auto Inflate enabled for the EventHub Namespace? | `bool` | n/a | yes | +| [ehns\_capacity](#input\_ehns\_capacity) | Specifies the Capacity / Throughput Units for a Standard SKU namespace. | `number` | n/a | yes | +| [ehns\_maximum\_throughput\_units](#input\_ehns\_maximum\_throughput\_units) | Specifies the maximum number of throughput units when Auto Inflate is Enabled | `number` | n/a | yes | | [ehns\_metric\_alerts](#input\_ehns\_metric\_alerts) | Map of name = criteria objects | 
map(object({
    # criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]
    aggregation = string
    metric_name = string
    description = string
    # criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]
    operator  = string
    threshold = number
    # Possible values are PT1M, PT5M, PT15M, PT30M and PT1H
    frequency = string
    # Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.
    window_size = string

    dimension = list(object(
      {
        name     = string
        operator = string
        values   = list(string)
      }
    ))
  }))
| `{}` | no | -| [ehns\_sku\_name](#input\_ehns\_sku\_name) | Defines which tier to use. | `string` | `"Basic"` | no | -| [ehns\_zone\_redundant](#input\_ehns\_zone\_redundant) | Specifies if the EventHub Namespace should be Zone Redundant (created across Availability Zones). | `bool` | `false` | no | +| [ehns\_private\_endpoint\_is\_present](#input\_ehns\_private\_endpoint\_is\_present) | (Required) create private endpoint to the event hubs | `bool` | n/a | yes | +| [ehns\_public\_network\_access](#input\_ehns\_public\_network\_access) | (Required) enables public network access to the event hubs | `bool` | n/a | yes | +| [ehns\_sku\_name](#input\_ehns\_sku\_name) | Defines which tier to use. | `string` | n/a | yes | +| [ehns\_zone\_redundant](#input\_ehns\_zone\_redundant) | Specifies if the EventHub Namespace should be Zone Redundant (created across Availability Zones). | `bool` | n/a | yes | | [env](#input\_env) | n/a | `string` | n/a | yes | | [env\_short](#input\_env\_short) | n/a | `string` | n/a | yes | -| [eventhubs](#input\_eventhubs) | A list of event hubs to add to namespace. | 
list(object({
    name              = string
    partitions        = number
    message_retention = number
    consumers         = list(string)
    keys = list(object({
      name   = string
      listen = bool
      send   = bool
      manage = bool
    }))
  }))
| `[]` | no | | [external\_domain](#input\_external\_domain) | Domain for delegation | `string` | `null` | no | | [ingress\_load\_balancer\_ip](#input\_ingress\_load\_balancer\_ip) | n/a | `string` | n/a | yes | | [instance](#input\_instance) | One of beta, prod01, prod02 | `string` | n/a | yes | @@ -212,7 +219,7 @@ No outputs. | [log\_analytics\_workspace\_resource\_group\_name](#input\_log\_analytics\_workspace\_resource\_group\_name) | The name of the resource group in which the Log Analytics workspace is located in. | `string` | n/a | yes | | [monitor\_italy\_resource\_group\_name](#input\_monitor\_italy\_resource\_group\_name) | Monitor Italy resource group name | `string` | n/a | yes | | [monitor\_resource\_group\_name](#input\_monitor\_resource\_group\_name) | Monitor resource group name | `string` | n/a | yes | -| [notices\_storage\_account](#input\_notices\_storage\_account) | n/a | 
object({
    account_kind                                                        = string
    account_tier                                                        = string
    account_replication_type                                            = string
    advanced_threat_protection                                          = bool
    blob_versioning_enabled                                             = bool
    public_network_access_enabled                                       = bool
    blob_delete_retention_days                                          = number
    enable_low_availability_alert                                       = bool
    backup_enabled                                                      = optional(bool, false)
    backup_retention                                                    = optional(number, 0)
    blob_tier_to_cool_after_last_access                                 = number
    blob_tier_to_archive_after_days_since_last_access_time_greater_than = number
    blob_delete_after_last_access                                       = number
  })
| n/a | yes | +| [notices\_storage\_account](#input\_notices\_storage\_account) | Storage account | 
object({
    account_kind                                                        = string
    account_tier                                                        = string
    account_replication_type                                            = string
    advanced_threat_protection                                          = bool
    blob_versioning_enabled                                             = bool
    public_network_access_enabled                                       = bool
    blob_delete_retention_days                                          = number
    enable_low_availability_alert                                       = bool
    backup_enabled                                                      = optional(bool, false)
    backup_retention                                                    = optional(number, 0)
    blob_tier_to_cool_after_last_access                                 = number
    blob_tier_to_archive_after_days_since_last_access_time_greater_than = number
    blob_delete_after_last_access                                       = number
  })
| n/a | yes | | [prefix](#input\_prefix) | general | `string` | n/a | yes | | [tags](#input\_tags) | n/a | `map(any)` | 
{
  "CreatedBy": "Terraform"
}
| no | | [templates\_storage\_account](#input\_templates\_storage\_account) | n/a | 
object({
    account_kind                  = string
    account_tier                  = string
    account_replication_type      = string
    advanced_threat_protection    = bool
    blob_versioning_enabled       = bool
    public_network_access_enabled = bool
    blob_delete_retention_days    = number
    enable_low_availability_alert = bool
    backup_enabled                = optional(bool, false)
    backup_retention              = optional(number, 0)
  })
| n/a | yes | diff --git a/src/domains/printit-common/env/itn-dev/terraform.tfvars b/src/domains/printit-common/env/itn-dev/terraform.tfvars index 0a25f9b900..0f8d583068 100644 --- a/src/domains/printit-common/env/itn-dev/terraform.tfvars +++ b/src/domains/printit-common/env/itn-dev/terraform.tfvars @@ -31,7 +31,7 @@ cidr_printit_storage_italy = ["10.3.12.32/27"] cidr_printit_redis_italy = ["10.3.12.64/27"] cidr_printit_postgresql_italy = ["10.3.12.96/27"] cidr_printit_pdf_engine_italy = ["10.3.12.128/27"] - +cidr_printit_eventhub_italy = ["10.3.12.160/27"] ### External resources @@ -115,44 +115,66 @@ institutions_storage_account = { enable_low_availability_alert = false } -enable_iac_pipeline = true - -# eventhub -eventhub_enabled = true - +# +# EventHub +# ehns_sku_name = "Standard" -ehns_alerts_enabled = false -ehns_metric_alerts = {} - -eventhubs = [ - { - name = "payment-notice-evt" - partitions = 1 - message_retention = 1 - consumers = [ - "pagopa-notice-evt-rx", "pagopa-notice-complete-evt-rx", - "pagopa-notice-error-evt-rx" - ] - keys = [ +# to avoid https://docs.microsoft.com/it-it/azure/event-hubs/event-hubs-messaging-exceptions#error-code-50002 +ehns_auto_inflate_enabled = false +ehns_maximum_throughput_units = 5 +ehns_capacity = 1 +ehns_alerts_enabled = false +ehns_zone_redundant = false + +ehns_public_network_access = true +ehns_private_endpoint_is_present = false + +ehns_metric_alerts = { + no_trx = { + aggregation = "Total" + metric_name = "IncomingMessages" + description = "No transactions received from acquirer in the last 24h" + operator = "LessThanOrEqual" + threshold = 1000 + frequency = "PT1H" + window_size = "P1D" + dimension = [ { - name = "pagopa-notice-evt-rx" - listen = false - send = true - manage = false - }, - { - name = "pagopa-notice-complete-evt-rx" - listen = true - send = false - manage = false - }, + name = "EntityName" + operator = "Include" + values = ["rtd-trx"] + } + ], + }, + active_connections = { + aggregation = "Average" + metric_name = "ActiveConnections" + description = null + operator = "LessThanOrEqual" + threshold = 0 + frequency = "PT5M" + window_size = "PT15M" + dimension = [], + }, + error_trx = { + aggregation = "Total" + metric_name = "IncomingMessages" + description = "Transactions rejected from one acquirer file received. trx write on eventhub. check immediately" + operator = "GreaterThan" + threshold = 0 + frequency = "PT5M" + window_size = "PT30M" + dimension = [ { - name = "pagopa-notice-error-evt-rxv" - listen = true - send = false - manage = false + name = "EntityName" + operator = "Include" + values = [ + "nodo-dei-pagamenti-log", + "nodo-dei-pagamenti-re" + ] } - ] + ], }, -] +} + diff --git a/src/domains/printit-common/env/itn-prod/terraform.tfvars b/src/domains/printit-common/env/itn-prod/terraform.tfvars index dcebe400dd..03d4b789a6 100644 --- a/src/domains/printit-common/env/itn-prod/terraform.tfvars +++ b/src/domains/printit-common/env/itn-prod/terraform.tfvars @@ -31,6 +31,7 @@ cidr_printit_storage_italy = ["10.3.12.32/27"] cidr_printit_redis_italy = ["10.3.12.64/27"] cidr_printit_postgresql_italy = ["10.3.12.96/27"] cidr_printit_pdf_engine_italy = ["10.3.12.128/27"] +cidr_printit_eventhub_italy = ["10.3.12.160/27"] ### External resources @@ -118,41 +119,66 @@ institutions_storage_account = { enable_low_availability_alert = true } +# +# EventHub +# ehns_sku_name = "Standard" # to avoid https://docs.microsoft.com/it-it/azure/event-hubs/event-hubs-messaging-exceptions#error-code-50002 ehns_auto_inflate_enabled = true ehns_maximum_throughput_units = 5 - -ehns_alerts_enabled = false - -ehns_metric_alerts = {} - -eventhubs = [ - { - name = "payment-notice-evt" - partitions = 32 - message_retention = 7 - consumers = ["pagopa-notice-evt-rx", "pagopa-notice-complete-evt-rx", "pagopa-notice-error-evt-rx"] - keys = [ +ehns_capacity = 5 +ehns_alerts_enabled = true +ehns_zone_redundant = true + +ehns_public_network_access = false +ehns_private_endpoint_is_present = true + +ehns_metric_alerts = { + no_trx = { + aggregation = "Total" + metric_name = "IncomingMessages" + description = "No transactions received from acquirer in the last 24h" + operator = "LessThanOrEqual" + threshold = 1000 + frequency = "PT1H" + window_size = "P1D" + dimension = [ { - name = "pagopa-notice-evt-rx" - listen = false - send = true - manage = false - }, - { - name = "pagopa-notice-complete-evt-rx" - listen = true - send = false - manage = false - }, + name = "EntityName" + operator = "Include" + values = ["rtd-trx"] + } + ], + }, + active_connections = { + aggregation = "Average" + metric_name = "ActiveConnections" + description = null + operator = "LessThanOrEqual" + threshold = 0 + frequency = "PT5M" + window_size = "PT15M" + dimension = [], + }, + error_trx = { + aggregation = "Total" + metric_name = "IncomingMessages" + description = "Transactions rejected from one acquirer file received. trx write on eventhub. check immediately" + operator = "GreaterThan" + threshold = 0 + frequency = "PT5M" + window_size = "PT30M" + dimension = [ { - name = "pagopa-notice-error-evt-rxv" - listen = true - send = false - manage = false + name = "EntityName" + operator = "Include" + values = [ + "nodo-dei-pagamenti-log", + "nodo-dei-pagamenti-re" + ] } - ] + ], }, -] +} + diff --git a/src/domains/printit-common/env/itn-uat/terraform.tfvars b/src/domains/printit-common/env/itn-uat/terraform.tfvars index ba0f2a7ed0..c141b95975 100644 --- a/src/domains/printit-common/env/itn-uat/terraform.tfvars +++ b/src/domains/printit-common/env/itn-uat/terraform.tfvars @@ -31,8 +31,7 @@ cidr_printit_storage_italy = ["10.3.12.32/27"] cidr_printit_redis_italy = ["10.3.12.64/27"] cidr_printit_postgresql_italy = ["10.3.12.96/27"] cidr_printit_pdf_engine_italy = ["10.3.12.128/27"] - - +cidr_printit_eventhub_italy = ["10.3.12.160/27"] ### External resources @@ -116,43 +115,66 @@ institutions_storage_account = { enable_low_availability_alert = false } -enable_iac_pipeline = true - - +# +# EventHub +# ehns_sku_name = "Standard" + # to avoid https://docs.microsoft.com/it-it/azure/event-hubs/event-hubs-messaging-exceptions#error-code-50002 ehns_auto_inflate_enabled = true ehns_maximum_throughput_units = 5 - -ehns_alerts_enabled = false - -ehns_metric_alerts = {} - -eventhubs = [ - { - name = "payment-notice-evt" - partitions = 32 - message_retention = 7 - consumers = ["pagopa-notice-evt-rx", "pagopa-notice-complete-evt-rx", "pagopa-notice-error-evt-rx"] - keys = [ - { - name = "pagopa-notice-evt-rx" - listen = false - send = true - manage = false - }, +ehns_capacity = 1 +ehns_alerts_enabled = false +ehns_zone_redundant = false + +ehns_public_network_access = false +ehns_private_endpoint_is_present = true + +ehns_metric_alerts = { + no_trx = { + aggregation = "Total" + metric_name = "IncomingMessages" + description = "No transactions received from acquirer in the last 24h" + operator = "LessThanOrEqual" + threshold = 1000 + frequency = "PT1H" + window_size = "P1D" + dimension = [ { - name = "pagopa-notice-complete-evt-rx" - listen = true - send = false - manage = false - }, + name = "EntityName" + operator = "Include" + values = ["rtd-trx"] + } + ], + }, + active_connections = { + aggregation = "Average" + metric_name = "ActiveConnections" + description = null + operator = "LessThanOrEqual" + threshold = 0 + frequency = "PT5M" + window_size = "PT15M" + dimension = [], + }, + error_trx = { + aggregation = "Total" + metric_name = "IncomingMessages" + description = "Transactions rejected from one acquirer file received. trx write on eventhub. check immediately" + operator = "GreaterThan" + threshold = 0 + frequency = "PT5M" + window_size = "PT30M" + dimension = [ { - name = "pagopa-notice-error-evt-rxv" - listen = true - send = false - manage = false + name = "EntityName" + operator = "Include" + values = [ + "nodo-dei-pagamenti-log", + "nodo-dei-pagamenti-re" + ] } - ] + ], }, -] +} + diff --git a/src/domains/printit-legacy/.terraform.lock.hcl b/src/domains/printit-legacy/.terraform.lock.hcl index 7c0e48405c..7915b92711 100644 --- a/src/domains/printit-legacy/.terraform.lock.hcl +++ b/src/domains/printit-legacy/.terraform.lock.hcl @@ -5,11 +5,7 @@ provider "registry.terraform.io/hashicorp/azuread" { version = "2.47.0" constraints = "<= 2.47.0" hashes = [ - "h1:8J74v92UvtqVNucugAtB+Sd44oTgnhfct+Xf8ObOZug=", - "h1:KB9BNRNStbdsfdRmVXUwXtN77qgX5VjBy2UALcqp218=", - "h1:g8+gBFM4QVOEQFqAEs5pR6iXpbGvgPvcEi1evHwziyw=", "h1:iRwDQBdXBpVBoYwM9au2RG01RQuJSm3TGQ2kioFVAas=", - "h1:zYMGokLn44KSWir7Nr4t8lEAPMB6JuXd2LlP2Ac2tMY=", "zh:1372d81eb24ef3b4b00ea350fe87219f22da51691b8e42ce91d662f6c2a8af5e", "zh:1c3e89cf19118fc07d7b04257251fc9897e722c16e0a0df7b07fcd261f8c12e7", "zh:1e654a74d171d6ff8f9f6f67e3ff1421d4c5e56a18607703626bf12cd23ba001", @@ -26,26 +22,22 @@ provider "registry.terraform.io/hashicorp/azuread" { } provider "registry.terraform.io/hashicorp/azurerm" { - version = "3.99.0" - constraints = "<= 3.99.0" + version = "3.106.0" + constraints = "<= 3.106.0" hashes = [ - "h1:1+d7Ciq/7GN4hY/+VshO2p4uOlUqHH6WpK2Zu4YocqE=", - "h1:AW/DLozc7V9dTutRS4jegogjKYVa8rJ88D8gFnyRh0M=", - "h1:b24Yw8/EneYHRV3aPoVexmw0Eo252ur30tN+sPajzXk=", - "h1:dawmYJUMGlL3t1mKDyaLJc08uSxPaUBoCAb/YCbVxPM=", - "h1:yHNaEhlR3kqlItAXFLWlIH2xxu4i7r2XzQnS04f/qBo=", - "zh:20581c1f4c586a37af45ed4c2a86ff4d868cee79139a755bd29750d804cee3ef", - "zh:28b3cc4e5f8bc65a595eab011d5965203a39e92aa9e26df842ffc979305ac823", - "zh:4cb167f8bb82f9065b7b50d012be3045fce3c699b0ea0e257ad1995441227f72", - "zh:6fa5c6fa430921a4e0fe8d44eaf12210fb90afdf3f83cedfde1c691ae36e953c", - "zh:75eff5b0ea9fca46ed5a0425c5e33fbda470e6448917817e80ae898688568665", - "zh:9af0aeaa74bfc764c60eec7d212d31deb70e03e970d22449f11170f75108f9cf", - "zh:b5055767199a2927d41b543a16e905c1e0b209f14a2144c756786194e133b41d", - "zh:c3e30b0eed068a148498ac78a9e013bc2eef0eb3cc3b4484f77421d64a797dc2", - "zh:ce87cd35cef9e5805f921978a91a7a4e139e8cbc7674a94076cb1a20a0c2feb1", - "zh:d87b84f144c865145bd10093ead99b653ea363fd4e7315675727659ca78544d0", - "zh:ee5900a50d69e046aab6581f6d888014b3f8d543e5b17c50761579d3370935f2", + "h1:Mxe1/I27IZK3BP6cm84Gt0+7PXd2EDaDUMxuljm/rUA=", + "zh:07980d6fdc40c0adb670c8413a5c667917d6dbb51fcedc467c35d64c2f3a1f47", + "zh:2e6e8491b1f089644b0d23f8da83398f1e10cf5a62b16efcef2b5454fe923038", + "zh:450dbd72821c5619cc3bcdc20fdd0e29515147e44b733f9c79d3a75851810055", + "zh:5e234c0a2f3c9677ea72b2a6e6ca90defb99fab29ae565f5d1f70728ba4ba78f", + "zh:83fd042ece6977429d79affd03d6ce963d2f122604dbf15a1abf203d7a7bbc8a", + "zh:93027e1f66b3bf83398d572d4e6f6e7777330c78c54da3226dadd50fd868ada9", + "zh:ae3d1dd66140c303df97d93c47a60f16735ce17cf156f45475dcee4a7360af5b", + "zh:daf9d2eb89e785458a76b88bf2ef0696c472094c77cc9cff3b3ea4b885c5a482", + "zh:dd46370141651e6549da6d85e25c7a6770c47581bbaaa27eda2886d41d849747", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + "zh:f77405c0d8f6e0d93d9da83256b3b02c164bad4c791ed9604310ff02ae086ad1", + "zh:ffa769147bda833aef8802e3a391bd175ec749862764d61cbdaa8200d5b8f893", ] } @@ -53,11 +45,7 @@ provider "registry.terraform.io/hashicorp/null" { version = "3.2.1" constraints = "<= 3.2.1" hashes = [ - "h1:FbGfc+muBsC17Ohy5g806iuI1hQc4SIexpYCrQHQd8w=", "h1:tSj1mL6OQ8ILGqR2mDu7OYYYWf+hoir0pf9KAQ8IzO8=", - "h1:vUW21lLLsKlxtBf0QF7LKJreKxs0CM7YXGzqW1N/ODY=", - "h1:wqgRvlyVIbkCeCQs+5jj6zVuQL0KDxZZtNofGqqlSdI=", - "h1:ydA0/SNRVB1o95btfshvYsmxA+jZFRZcvKzZSB+4S1M=", "zh:58ed64389620cc7b82f01332e27723856422820cfd302e304b5f6c3436fb9840", "zh:62a5cc82c3b2ddef7ef3a6f2fedb7b9b3deff4ab7b414938b08e51d6e8be87cb", "zh:63cff4de03af983175a7e37e52d4bd89d990be256b16b5c7f919aff5ad485aa5", @@ -74,24 +62,20 @@ provider "registry.terraform.io/hashicorp/null" { } provider "registry.terraform.io/hashicorp/time" { - version = "0.11.1" + version = "0.11.2" hashes = [ - "h1:IkDriv5C9G+kQQ+mP+8QGIahwKgbQcw1/mzh9U6q+ZI=", - "h1:UyhbtF79Wy4EVNrnvMcOPzmZLVQQyzM2ostfjs2l5PI=", - "h1:bf7JCfBV8KHOJ0iicZ705maRJTeme0Br4QdBYnu1gMw=", - "h1:lRdsNTvt4IT3LGDrgQbepriDTbMKbIsbceTbM/bLGfw=", - "h1:pQGSL9mdgw4qsLndFYsEF93mbsIxyxNoAyIbBqhS3Xo=", - "zh:19a393db736ec4fd024d098d55aefaef07056c37a448ece3b55b3f5f4c2c7e4a", - "zh:227fa1e221de2907f37be78d40c06ca6a6f7b243a1ec33ade014dfaf6d92cd9c", - "zh:29970fecbf4a3ca23bacbb05d6b90cdd33dd379f90059fe39e08289951502d9f", - "zh:65024596f22f10e7dcb5e0e4a75277f275b529daa0bc0daf34ca7901c678ab88", - "zh:694d080cb5e3bf5ef08c7409208d061c135a4f5f4cdc93ea8607860995264b2e", + "h1:Mzc+zxpIDPJZppQUe6qaYS9NGva4KNWF4oy1HHyj2s8=", + "zh:02588b5b8ba5d31e86d93edc93b306bcbf47c789f576769245968cc157a9e8c5", + "zh:088a30c23796133678d1d6614da5cf5544430570408a17062288b58c0bd67ac8", + "zh:0df5faa072d67616154d38021934d8a8a316533429a3f582df3b4b48c836cf89", + "zh:12edeeaef96c47f694bd1ba7ead6ccdb96028b25df352eea4bc5e40de7a59177", + "zh:1e859504a656a6e988f07b908e6ffe946b28bfb56889417c0a07ea9605a3b7b0", + "zh:64a6ae0320d4956c4fdb05629cfcebd03bcbd2206e2d733f2f18e4a97f4d5c7c", "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:b29d15d13e1b3412e6a4e1627d378dbd102659132f7488f64017dd6b6d5216d3", - "zh:bb79f4cae9f8c17c73998edc54aa16c2130a03227f7f4e71fc6ac87e230575ec", - "zh:ceccf80e95929d97f62dcf1bb3c7c7553d5757b2d9e7d222518722fc934f7ad5", - "zh:f40e638336527490e294d9c938ae55919069e6987e85a80506784ba90348792a", - "zh:f99ef33b1629a3b2278201142a3011a8489e66d92da832a5b99e442204de18fb", - "zh:fded14754ea46fdecc62a52cd970126420d4cd190e598cb61190b4724a727edb", + "zh:924d137959193bf7aee6ebf241fbb9aec46d6eef828c5cf8d3c588770acae7b2", + "zh:b3cc76281a4faa9c2293a2460fc6962f6539e900994053f85185304887dddab8", + "zh:cbb40c791d4a1cdba56cffa43a9c0ed8e69930d49aa6bd931546b18c36e3b720", + "zh:d227d43594f8cb3d24f1fdd71382f14502cbe2a6deaddbc74242656bb5b38daf", + "zh:d4840641c46176bb9d70ba3aff09de749282136c779996b546c81e5ff701bbf6", ] } diff --git a/src/domains/printit-legacy/99_main.tf b/src/domains/printit-legacy/99_main.tf index 54b186cae6..bdd2628259 100644 --- a/src/domains/printit-legacy/99_main.tf +++ b/src/domains/printit-legacy/99_main.tf @@ -2,7 +2,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "<= 3.99.0" + version = "<= 3.106.0" } azuread = { source = "hashicorp/azuread" diff --git a/src/domains/printit-legacy/README.md b/src/domains/printit-legacy/README.md index 4287ebcda9..11156131fd 100644 --- a/src/domains/printit-legacy/README.md +++ b/src/domains/printit-legacy/README.md @@ -101,7 +101,7 @@ No outputs. | Name | Version | |------|---------| | [azuread](#requirement\_azuread) | <= 2.47.0 | -| [azurerm](#requirement\_azurerm) | <= 3.99.0 | +| [azurerm](#requirement\_azurerm) | <= 3.106.0 | | [null](#requirement\_null) | <= 3.2.1 | ## Modules diff --git a/src/domains/printit-secrets/.terraform.lock.hcl b/src/domains/printit-secrets/.terraform.lock.hcl index 6678eeacbc..cfeb9fbf70 100644 --- a/src/domains/printit-secrets/.terraform.lock.hcl +++ b/src/domains/printit-secrets/.terraform.lock.hcl @@ -5,11 +5,7 @@ provider "registry.terraform.io/hashicorp/azuread" { version = "2.47.0" constraints = "<= 2.47.0" hashes = [ - "h1:8J74v92UvtqVNucugAtB+Sd44oTgnhfct+Xf8ObOZug=", - "h1:KB9BNRNStbdsfdRmVXUwXtN77qgX5VjBy2UALcqp218=", - "h1:g8+gBFM4QVOEQFqAEs5pR6iXpbGvgPvcEi1evHwziyw=", "h1:iRwDQBdXBpVBoYwM9au2RG01RQuJSm3TGQ2kioFVAas=", - "h1:zYMGokLn44KSWir7Nr4t8lEAPMB6JuXd2LlP2Ac2tMY=", "zh:1372d81eb24ef3b4b00ea350fe87219f22da51691b8e42ce91d662f6c2a8af5e", "zh:1c3e89cf19118fc07d7b04257251fc9897e722c16e0a0df7b07fcd261f8c12e7", "zh:1e654a74d171d6ff8f9f6f67e3ff1421d4c5e56a18607703626bf12cd23ba001", @@ -26,26 +22,22 @@ provider "registry.terraform.io/hashicorp/azuread" { } provider "registry.terraform.io/hashicorp/azurerm" { - version = "3.97.1" - constraints = ">= 3.30.0, <= 3.97.1, <= 3.99.0" + version = "3.106.0" + constraints = "~> 3.30, <= 3.106.0" hashes = [ - "h1:LtwGbd4HEb5QCXmdxSvTjPSh8/Gp8eAQMYfiAKaubV4=", - "h1:b8yfRYs+CepOlnx1JeQVMTX3N6HHfS85iOXE8hn8yok=", - "h1:klBuN2uVZF7AVMhskbbgF8pygyhPBxsjedB1GUV79PA=", - "h1:m5wyoRGjbVfJU2YaGZrN1lfGgjpyuwi7Ykw1uHdwlAg=", - "h1:vwYchGsh1TY+/GjUv6CUS6It2opnMYYYVt4GBvCmesY=", - "zh:15171efcc3aa3a37748c502c493cb16ecff603b81ada4499a843574976bac524", - "zh:2ca6c13a4a96f67763ecced0015c7b101ee02d54ea54b28a8df4ae06468071b1", - "zh:2e3c77dbfd8f760132ecef2d6117e939cbea26b96aba5e4d926e7f7f0f7afe72", - "zh:4bc346eece1622be93c73801d8256502b11fd7c2e7f7cea12d048bb9fc9fe900", - "zh:4f1042942ed8d0433680a367527289459d43b0894a51eaba83ac414e80d5187f", - "zh:63e674c31482ae3579ea84daf5b1ba066ce40cb23475f54e17b6b131320a1bec", - "zh:8327148766dcb7a174673729a832c8095d7e137d0e6c7e2a9a01da48b8b73fbe", - "zh:851b3ae417059a80c7813e7f0063298a590a42f056004f2c2558ea14061c207e", - "zh:ac081b48907139c121a422ae9b1f40fc72c6aaaeb05cbdbf848102a6a5f426f4", - "zh:dc1d663df2d95e4ba91070ceb20d3560b6ea5c465d39c57a5979319302643e41", - "zh:ed26457367cbbb94237e935d297cb31b5687f9abf697377da0ee46974480db9b", + "h1:Mxe1/I27IZK3BP6cm84Gt0+7PXd2EDaDUMxuljm/rUA=", + "zh:07980d6fdc40c0adb670c8413a5c667917d6dbb51fcedc467c35d64c2f3a1f47", + "zh:2e6e8491b1f089644b0d23f8da83398f1e10cf5a62b16efcef2b5454fe923038", + "zh:450dbd72821c5619cc3bcdc20fdd0e29515147e44b733f9c79d3a75851810055", + "zh:5e234c0a2f3c9677ea72b2a6e6ca90defb99fab29ae565f5d1f70728ba4ba78f", + "zh:83fd042ece6977429d79affd03d6ce963d2f122604dbf15a1abf203d7a7bbc8a", + "zh:93027e1f66b3bf83398d572d4e6f6e7777330c78c54da3226dadd50fd868ada9", + "zh:ae3d1dd66140c303df97d93c47a60f16735ce17cf156f45475dcee4a7360af5b", + "zh:daf9d2eb89e785458a76b88bf2ef0696c472094c77cc9cff3b3ea4b885c5a482", + "zh:dd46370141651e6549da6d85e25c7a6770c47581bbaaa27eda2886d41d849747", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + "zh:f77405c0d8f6e0d93d9da83256b3b02c164bad4c791ed9604310ff02ae086ad1", + "zh:ffa769147bda833aef8802e3a391bd175ec749862764d61cbdaa8200d5b8f893", ] } @@ -53,11 +45,7 @@ provider "registry.terraform.io/hashicorp/external" { version = "2.2.3" constraints = "<= 2.2.3" hashes = [ - "h1:648ZjJR81c2W1OLtYmUQa9/1rGr3vvZSuX9dR1ucGWY=", "h1:D2RKjqoU26isFINpmeKG9NS0LvkPmrQkNXeYO2TdgyA=", - "h1:V0BU7yCU9725cmj2KIIDtcR6hlkT3yA9f0jcX4D4zAs=", - "h1:gnO1GLcP1yRASZvuXqakVdgtTYg8JEvuyuuZ6oWEdqg=", - "h1:uvOYRWcVIqOZSl8YjjaB18yZFz1AWIt2CnK7O45rckg=", "zh:184ecd339d764de845db0e5b8a9c87893dcd0c9d822167f73658f89d80ec31c9", "zh:2661eaca31d17d6bbb18a8f673bbfe3fe1b9b7326e60d0ceb302017003274e3c", "zh:2c0a180f6d1fc2ba6e03f7dfc5f73b617e45408681f75bca75aa82f3796df0e4", @@ -77,11 +65,7 @@ provider "registry.terraform.io/hashicorp/kubernetes" { version = "2.16.1" constraints = "<= 2.16.1" hashes = [ - "h1:O23HBuu2cPnLfW/lqvMM6eAeVx7eZgjqsK+Nz/FX2Gg=", "h1:PO4Ye/+lu5hCaUEOtwNOldQYoA0dqL1bcBICIpdlcd8=", - "h1:i+DwtJK82sIWmTcQA9lL0mlET+14/QpUqv10fU2o3As=", - "h1:kO/d+ZMZYM2tNMMFHZqBmVR0MeemoGnI2G2NSN92CrU=", - "h1:lO10r6c/Wl8WZItrDabRqCirMVVuLAl9Yr3v2eRSUlc=", "zh:06224975f5910d41e73b35a4d5079861da2c24f9353e3ebb015fbb3b3b996b1c", "zh:2bc400a8d9fe7755cca27c2551564a9e2609cfadc77f526ef855114ee02d446f", "zh:3a479014187af1d0aec3a1d3d9c09551b801956fe6dd29af1186dec86712731b", @@ -98,26 +82,22 @@ provider "registry.terraform.io/hashicorp/kubernetes" { } provider "registry.terraform.io/hashicorp/null" { - version = "3.1.1" - constraints = "<= 3.1.1, <= 3.2.1" + version = "3.2.1" + constraints = "~> 3.2, <= 3.2.1" hashes = [ - "h1:1J3nqAREzuaLE7x98LEELCCaMV6BRiawHSg9MmFvfQo=", - "h1:71sNUDvmiJcijsvfXpiLCz0lXIBSsEJjMxljt7hxMhw=", - "h1:Pctug/s/2Hg5FJqjYcTM0kPyx3AoYK1MpRWO0T9V2ns=", - "h1:YvH6gTaQzGdNv+SKTZujU1O0bO+Pw6vJHOPhqgN8XNs=", - "h1:ZD4wyZ0KJzt5s2mD0xD7paJlVONNicLvZKdgtezz02I=", - "zh:063466f41f1d9fd0dd93722840c1314f046d8760b1812fa67c34de0afcba5597", - "zh:08c058e367de6debdad35fc24d97131c7cf75103baec8279aba3506a08b53faf", - "zh:73ce6dff935150d6ddc6ac4a10071e02647d10175c173cfe5dca81f3d13d8afe", + "h1:tSj1mL6OQ8ILGqR2mDu7OYYYWf+hoir0pf9KAQ8IzO8=", + "zh:58ed64389620cc7b82f01332e27723856422820cfd302e304b5f6c3436fb9840", + "zh:62a5cc82c3b2ddef7ef3a6f2fedb7b9b3deff4ab7b414938b08e51d6e8be87cb", + "zh:63cff4de03af983175a7e37e52d4bd89d990be256b16b5c7f919aff5ad485aa5", + "zh:74cb22c6700e48486b7cabefa10b33b801dfcab56f1a6ac9b6624531f3d36ea3", "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:8fdd792a626413502e68c195f2097352bdc6a0df694f7df350ed784741eb587e", - "zh:976bbaf268cb497400fd5b3c774d218f3933271864345f18deebe4dcbfcd6afa", - "zh:b21b78ca581f98f4cdb7a366b03ae9db23a73dfa7df12c533d7c19b68e9e72e5", - "zh:b7fc0c1615dbdb1d6fd4abb9c7dc7da286631f7ca2299fb9cd4664258ccfbff4", - "zh:d1efc942b2c44345e0c29bc976594cb7278c38cfb8897b344669eafbc3cddf46", - "zh:e356c245b3cd9d4789bab010893566acace682d7db877e52d40fc4ca34a50924", - "zh:ea98802ba92fcfa8cf12cbce2e9e7ebe999afbf8ed47fa45fc847a098d89468b", - "zh:eff8872458806499889f6927b5d954560f3d74bf20b6043409edf94d26cd906f", + "zh:79e553aff77f1cfa9012a2218b8238dd672ea5e1b2924775ac9ac24d2a75c238", + "zh:a1e06ddda0b5ac48f7e7c7d59e1ab5a4073bbcf876c73c0299e4610ed53859dc", + "zh:c37a97090f1a82222925d45d84483b2aa702ef7ab66532af6cbcfb567818b970", + "zh:e4453fbebf90c53ca3323a92e7ca0f9961427d2f0ce0d2b65523cc04d5d999c2", + "zh:e80a746921946d8b6761e77305b752ad188da60688cfd2059322875d363be5f5", + "zh:fbdb892d9822ed0e4cb60f2fedbdbb556e4da0d88d3b942ae963ed6ff091e48f", + "zh:fca01a623d90d0cad0843102f9b8b9fe0d3ff8244593bd817f126582b52dd694", ] } diff --git a/src/domains/printit-secrets/01_keyvault.tf b/src/domains/printit-secrets/01_keyvault.tf index d85d9d9711..36b99fdcdd 100644 --- a/src/domains/printit-secrets/01_keyvault.tf +++ b/src/domains/printit-secrets/01_keyvault.tf @@ -6,7 +6,7 @@ resource "azurerm_resource_group" "sec_rg" { } module "key_vault" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//key_vault?ref=v8.5.0" + source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//key_vault?ref=v8.22.0" name = "${local.product}-${var.location_short}-${var.domain}-kv" location = azurerm_resource_group.sec_rg.location @@ -92,7 +92,7 @@ resource "azurerm_key_vault_access_policy" "azdevops_iac_policy" { # create json letsencrypt inside kv # requierd: Docker module "letsencrypt_printit" { - source = "git::https://github.com/pagopa/terraform-azurerm-v3.git///letsencrypt_credential?ref=v8.5.0" + source = "git::https://github.com/pagopa/terraform-azurerm-v3.git///letsencrypt_credential?ref=v8.22.0" prefix = var.prefix env = var.env_short diff --git a/src/domains/printit-secrets/99_main.tf b/src/domains/printit-secrets/99_main.tf index b3995d2c53..93ec8f61ca 100644 --- a/src/domains/printit-secrets/99_main.tf +++ b/src/domains/printit-secrets/99_main.tf @@ -2,7 +2,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "<= 3.99.0" + version = "<= 3.106.0" } azuread = { source = "hashicorp/azuread" @@ -10,7 +10,7 @@ terraform { } null = { source = "hashicorp/null" - version = "<= 3.1.1" + version = "<= 3.2.1" } external = { source = "hashicorp/external" diff --git a/src/domains/printit-secrets/README.md b/src/domains/printit-secrets/README.md index b47fd0b456..92a43d11ab 100644 --- a/src/domains/printit-secrets/README.md +++ b/src/domains/printit-secrets/README.md @@ -12,17 +12,17 @@ | Name | Version | |------|---------| | [azuread](#requirement\_azuread) | <= 2.47.0 | -| [azurerm](#requirement\_azurerm) | <= 3.99.0 | +| [azurerm](#requirement\_azurerm) | <= 3.106.0 | | [external](#requirement\_external) | <= 2.2.3 | | [kubernetes](#requirement\_kubernetes) | <= 2.16.1 | -| [null](#requirement\_null) | <= 3.1.1 | +| [null](#requirement\_null) | <= 3.2.1 | ## Modules | Name | Source | Version | |------|--------|---------| -| [key\_vault](#module\_key\_vault) | git::https://github.com/pagopa/terraform-azurerm-v3.git//key_vault | v8.5.0 | -| [letsencrypt\_printit](#module\_letsencrypt\_printit) | git::https://github.com/pagopa/terraform-azurerm-v3.git///letsencrypt_credential | v8.5.0 | +| [key\_vault](#module\_key\_vault) | git::https://github.com/pagopa/terraform-azurerm-v3.git//key_vault | v8.22.0 | +| [letsencrypt\_printit](#module\_letsencrypt\_printit) | git::https://github.com/pagopa/terraform-azurerm-v3.git///letsencrypt_credential | v8.22.0 | ## Resources diff --git a/src/next-core/README.md b/src/next-core/README.md index 7147fe27bc..3cbd6f5625 100644 --- a/src/next-core/README.md +++ b/src/next-core/README.md @@ -125,9 +125,6 @@ | [azurerm_resource_group.azdo_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | | [azurerm_resource_group.tools_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | | [azurerm_role_assignment.data_contributor_role_donations](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource | -| [azurerm_servicebus_namespace.service_bus_01](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/servicebus_namespace) | resource | -| [azurerm_servicebus_queue.service_bus_01_queue](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/servicebus_queue) | resource | -| [azurerm_servicebus_queue_authorization_rule.service_bus_01_queue_authorization_rule](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/servicebus_queue_authorization_rule) | resource | | [azurerm_storage_blob.donation_logo10](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_blob) | resource | | [azurerm_storage_blob.donation_logo7](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_blob) | resource | | [azurerm_storage_blob.donation_logo8](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_blob) | resource | @@ -314,8 +311,6 @@ | [redis\_version](#input\_redis\_version) | The version of Redis to use: 4 (deprecated) or 6 | `string` | `"6"` | no | | [redis\_zones](#input\_redis\_zones) | (Optional) Zone list where redis will be deployed | `list(string)` | 
[
  "1"
]
| no | | [schema\_ip\_nexi](#input\_schema\_ip\_nexi) | Nodo Pagamenti Nexi schema://ip | `string` | n/a | yes | -| [service\_bus\_01](#input\_service\_bus\_01) | n/a | 
object({
    sku                                  = string
    requires_duplicate_detection         = bool
    dead_lettering_on_message_expiration = bool
    enable_partitioning                  = bool
  })
| 
{
  "dead_lettering_on_message_expiration": false,
  "enable_partitioning": true,
  "requires_duplicate_detection": false,
  "sku": "Standard"
}
| no | -| [service\_bus\_01\_queues](#input\_service\_bus\_01\_queues) | A list of Service Bus Queues to add to namespace service\_bus\_01. | 
list(object({
    name                = string
    enable_partitioning = bool
    keys = list(object({
      name   = string
      listen = bool
      send   = bool
      manage = bool
    }))
  }))
| `[]` | no | | [tags](#input\_tags) | n/a | `map(any)` | 
{
  "CreatedBy": "Terraform"
}
| no | | [vnet\_ita\_ddos\_protection\_plan](#input\_vnet\_ita\_ddos\_protection\_plan) | n/a | 
object({
    id     = string
    enable = bool
  })
| `null` | no |