Coder Social home page Coder Social logo

terraform-azurerm-service-bus's Introduction

Azure Service Bus feature

Changelog Notice Apache V2 License TF Registry

This Terraform module creates an Azure Service Bus.

Global versioning rule for Claranet Azure modules

Module version Terraform version AzureRM version
>= 7.x.x 1.3.x >= 3.0
>= 6.x.x 1.x >= 3.0
>= 5.x.x 0.15.x >= 2.0
>= 4.x.x 0.13.x / 0.14.x >= 2.0
>= 3.x.x 0.12.x >= 2.0
>= 2.x.x 0.12.x < 2.0
< 2.x.x 0.11.x < 2.0

Contributing

If you want to contribute to this repository, feel free to use our pre-commit git hook configuration which will help you automatically update and format some files for you by enforcing our Terraform code module best-practices.

More details are available in the CONTRIBUTING.md file.

Usage

This module is optimized to work with the Claranet terraform-wrapper tool which set some terraform variables in the environment needed by this module. More details about variables set by the terraform-wrapper available in the documentation.

module "azure_region" {
  source  = "claranet/regions/azurerm"
  version = "x.x.x"

  azure_region = var.azure_region
}

module "rg" {
  source  = "claranet/rg/azurerm"
  version = "x.x.x"

  location    = module.azure_region.location
  client_name = var.client_name
  environment = var.environment
  stack       = var.stack
}

module "logs" {
  source  = "claranet/run/azurerm//modules/logs"
  version = "x.x.x"

  client_name         = var.client_name
  environment         = var.environment
  stack               = var.stack
  location            = module.azure_region.location
  location_short      = module.azure_region.location_short
  resource_group_name = module.rg.resource_group_name
}

data "azurerm_subnet" "example" {
  name                 = "backend"
  virtual_network_name = "production"
  resource_group_name  = module.rg.resource_group_name
}

module "servicebus" {
  source  = "claranet/service-bus/azurerm"
  version = "x.x.x"

  location       = module.azure_region.location
  location_short = module.azure_region.location_short
  client_name    = var.client_name
  environment    = var.environment
  stack          = var.stack

  resource_group_name = module.rg.resource_group_name

  namespace_parameters = {
    sku = "Premium"
  }

  namespace_authorizations = {
    listen = true
    send   = false
  }

  # Network rules
  network_rules_enabled    = true
  trusted_services_allowed = true
  allowed_cidrs = [
    "1.2.3.4/32",
  ]
  subnet_ids = [
    data.azurerm_subnet.example.id,
  ]

  servicebus_queues = [{
    name                = "myqueue"
    default_message_ttl = "P1D" # 1 day

    dead_lettering_on_message_expiration = true

    authorizations = {
      listen = true
      send   = false
    }
  }]

  servicebus_topics = [{
    name                = "mytopic"
    default_message_ttl = 5 # 5min

    authorizations = {
      listen = true
      send   = true
      manage = false
    }

    subscriptions = [{
      name = "mainsub"

      max_delivery_count        = 10
      enable_batched_operations = true
      lock_duration             = 1 # 1 min
    }]
  }]

  logs_destinations_ids = [
    module.logs.logs_storage_account_id,
    module.logs.log_analytics_workspace_id
  ]

  extra_tags = {
    foo = "bar"
  }
}

Providers

Name Version
azurecaf ~> 1.2, >= 1.2.22
azurerm ~> 3.39

Modules

Name Source Version
diagnostics claranet/diagnostic-settings/azurerm ~> 6.5.0

Resources

Name Type
azurerm_servicebus_namespace.servicebus_namespace resource
azurerm_servicebus_namespace_authorization_rule.listen resource
azurerm_servicebus_namespace_authorization_rule.manage resource
azurerm_servicebus_namespace_authorization_rule.send resource
azurerm_servicebus_namespace_network_rule_set.network_rules resource
azurerm_servicebus_queue.queue resource
azurerm_servicebus_queue_authorization_rule.listen resource
azurerm_servicebus_queue_authorization_rule.manage resource
azurerm_servicebus_queue_authorization_rule.send resource
azurerm_servicebus_subscription.topic_sub resource
azurerm_servicebus_topic.topic resource
azurerm_servicebus_topic_authorization_rule.listen resource
azurerm_servicebus_topic_authorization_rule.manage resource
azurerm_servicebus_topic_authorization_rule.send resource
azurecaf_name.servicebus_namespace data source
azurecaf_name.servicebus_namespace_auth_rule data source
azurecaf_name.servicebus_queue data source
azurecaf_name.servicebus_queue_auth_rule data source
azurecaf_name.servicebus_topic data source
azurecaf_name.servicebus_topic_auth_rule data source
azurecaf_name.servicebus_topic_sub data source

Inputs

Name Description Type Default Required
allowed_cidrs List of CIDR to allow access to that Service Bus Namespace. list(string) [] no
client_name Client name/account used in naming string n/a yes
custom_diagnostic_settings_name Custom name of the diagnostics settings, name will be 'default' if not set. string "default" no
default_firewall_action Which default firewalling policy to apply. Valid values are Allow or Deny. string "Deny" no
default_tags_enabled Option to enable or disable default tags bool true no
environment Project environment string n/a yes
extra_tags Extra tags to add map(string) {} no
identity_ids Specifies a list of User Assigned Managed Identity IDs to be assigned to this Service Bus. list(string) null no
identity_type Specifies the type of Managed Service Identity that should be configured on this Service Bus. Possible values are SystemAssigned, UserAssigned, SystemAssigned, UserAssigned (to enable both). string "SystemAssigned" no
location Azure location for Servicebus. string n/a yes
location_short Short string for Azure location. string n/a yes
logs_categories Log categories to send to destinations. list(string) null no
logs_destinations_ids List of destination resources IDs for logs diagnostic destination.
Can be Storage Account, Log Analytics Workspace and Event Hub. No more than one of each can be set.
If you want to specify an Azure EventHub to send logs and metrics to, you need to provide a formated string with both the EventHub Namespace authorization send ID and the EventHub name (name of the queue to use in the Namespace) separated by the `		 ` character. list(string) n/a
logs_metrics_categories Metrics categories to send to destinations. list(string) null no
name_prefix Optional prefix for the generated name string "" no
name_suffix Optional suffix for the generated name string "" no
namespace_authorizations Object to specify which Namespace Authorization Rules need to be created. 
object({
    listen = optional(bool, true)
    send   = optional(bool, true)
    manage = optional(bool, true)
  })
 {} no
namespace_parameters Object to handle Service Bus Namespace options.
custom_name         = To override default resource name, generated if not set.
sku                 = Defines which tier to use. Options are Basic, Standard or Premium.
capacity            = Specifies the capacity. When SKU is Premium, capacity can be 1, 2, 4, 8 or 16.
local_auth_enabled  = Whether or not SAS authentication is enabled for the Service Bus Namespace.
zone_redundant      = Whether or not this resource is zone redundant. SKU needs to be Premium.
minimum_tls_version = The minimum supported TLS version for this Service Bus Namespace.

public_network_access_enabled = Is public network access enabled for the Service Bus Namespace?
 
object({
    custom_name         = optional(string)
    sku                 = optional(string, "Standard")
    capacity            = optional(number, 0)
    local_auth_enabled  = optional(bool, true)
    zone_redundant      = optional(bool, false)
    minimum_tls_version = optional(string, "1.2")

    public_network_access_enabled = optional(bool, true)
  })
 {} no
network_rules_enabled Boolean to enable Network Rules on the Service Bus Namespace, requires trusted_services_allowed, allowed_cidrs, subnet_ids or default_firewall_action correctly set if enabled. bool false no
resource_group_name Name of the resource group string n/a yes
servicebus_queues List of objects to create Queues with their options.
name        = Short Queue name.
custom_name = Custom name for Azure resource.

status = The status of the Queue. Possible values are Active, Creating, Deleting, Disabled, ReceiveDisabled, Renaming, SendDisabled, Unknown. Note that Restoring is not accepted.

auto_delete_on_idle                     = Duration of the idle interval after which the Queue is automatically deleted.
default_message_ttl                     = Duration of the TTL of messages sent to this Queue.
duplicate_detection_history_time_window = Duration during which duplicates can be detected.
lock_duration                           = Duration of a peek-lock that is, the amount of time that the message is locked for other receivers. Maximum value is 5 minutes.
max_message_size_in_kilobytes           = Integer value which controls the maximum size of a message allowed on the Queue for Premium SKU.
max_size_in_megabytes                   = Integer value which controls the size of memory allocated for the Queue.
max_delivery_count                      = Integer value which controls when a message is automatically dead lettered.

enable_batched_operations            = Boolean flag which controls whether server-side batched operations are enabled.
enable_partitioning                  = Boolean flag which controls whether to enable the Queue to be partitioned across multiple message brokers. Partitioning is available at entity creation for all Queues and Topics in Basic or Standard SKUs.
enable_express                       = Boolean flag which controls whether Express Entities are enabled. An express Queue holds a message in memory temporarily before writing it to persistent storage.
dead_lettering_on_message_expiration = Boolean flag which controls whether the Queue has dead letter support when a message expires.
requires_duplicate_detection         = Boolean flag which controls whether the Queue requires duplicate detection.
requires_session                     = Boolean flag which controls whether the Queue requires sessions. This will allow ordered handling of unbounded sequences of related messages. With sessions enabled a Queue can guarantee first-in-first-out delivery of messages.

forward_to                        = The name of a Queue or Topic to automatically forward messages to.
forward_dead_lettered_messages_to = The name of a Queue or Topic to automatically forward dead lettered messages to.

authorizations_custom_name = To override default Queue Authorization Rules names, generated if not set (first with the custom name of the Queue if set, otherwise with Azure CAF).
authorizations             = Object with listen, send and manage attributes to create Queues Authorizations Rules.
 
list(object({
    name        = string
    custom_name = optional(string)

    status = optional(string, "Active")

    auto_delete_on_idle                     = optional(string)
    default_message_ttl                     = optional(string)
    duplicate_detection_history_time_window = optional(string)
    lock_duration                           = optional(string)
    max_message_size_in_kilobytes           = optional(number)
    max_size_in_megabytes                   = optional(number)
    max_delivery_count                      = optional(number, 10)

    enable_batched_operations            = optional(bool, true)
    enable_partitioning                  = optional(bool)
    enable_express                       = optional(bool)
    dead_lettering_on_message_expiration = optional(bool)
    requires_duplicate_detection         = optional(bool)
    requires_session                     = optional(bool)

    forward_to                        = optional(string)
    forward_dead_lettered_messages_to = optional(string)

    authorizations_custom_name = optional(string)
    authorizations = optional(object({
      listen = optional(bool, true)
      send   = optional(bool, true)
      manage = optional(bool, true)
    }), {})
  }))
 [] no
servicebus_topics List of objects to create Topics with their options.
name        = Short Topic name.
custom_name = Custom name for Azure resource.

status = The status of the Service Bus Topic. Acceptable values are Active or Disabled.

auto_delete_on_idle                     = Duration of the idle interval after which the Topic is automatically deleted, minimum of 5 minutes.
default_message_ttl                     = Duration of TTL of messages sent to this Topic if no TTL value is set on the message itself.
duplicate_detection_history_time_window = Duration during which duplicates can be detected.
max_message_size_in_kilobytes           = Integer value which controls the maximum size of a message allowed on the Topic for Premium SKU.
max_size_in_megabytes                   = Integer value which controls the size of memory allocated for the Topic.

enable_batched_operations    = Boolean flag which controls if server-side batched operations are enabled.
enable_partitioning          = Boolean flag which controls whether to enable the Topic to be partitioned across multiple message brokers.
enable_express               = Boolean flag which controls whether Express Entities are enabled. An express Topic holds a message in memory temporarily before writing it to persistent storage.
requires_duplicate_detection = Boolean flag which controls whether the Topic requires duplicate detection.
support_ordering             = Boolean flag which controls whether the Topic supports ordering.

authorizations_custom_name = To override default Topic Authorization Rules names, generated if not set (first with the custom name of the Topic if set, otherwise with Azure CAF).
authorizations             = Object with listen, send and manage attributes to create Topics Authorizations Rules.

subscriptions = List of subscriptions per Topic.
 
list(object({
    name        = string
    custom_name = optional(string)

    status = optional(string, "Active")

    auto_delete_on_idle                     = optional(string)
    default_message_ttl                     = optional(string)
    duplicate_detection_history_time_window = optional(string)
    max_message_size_in_kilobytes           = optional(number)
    max_size_in_megabytes                   = optional(number)

    enable_batched_operations    = optional(bool)
    enable_partitioning          = optional(bool)
    enable_express               = optional(bool)
    requires_duplicate_detection = optional(bool)
    support_ordering             = optional(bool)

    authorizations_custom_name = optional(string)
    authorizations = optional(object({
      listen = optional(bool, true)
      send   = optional(bool, true)
      manage = optional(bool, true)
    }), {})

    # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/servicebus_subscription
    subscriptions = optional(list(object({
      name        = string
      custom_name = optional(string)

      status = optional(string, "Active")

      auto_delete_on_idle = optional(string)
      default_message_ttl = optional(string)
      lock_duration       = optional(string)
      max_delivery_count  = number

      enable_batched_operations                 = optional(bool, true)
      dead_lettering_on_message_expiration      = optional(bool)
      dead_lettering_on_filter_evaluation_error = optional(bool)
      requires_session                          = optional(bool)

      forward_to                        = optional(string)
      forward_dead_lettered_messages_to = optional(string)
    })), [])
  }))
 [] no
stack Project stack name string n/a yes
subnet_ids Subnets to allow access to that Service Bus Namespace. list(string) [] no
trusted_services_allowed If True, then Azure Services that are known and trusted for this resource type are allowed to bypass firewall configuration. bool true no
use_caf_naming Use the Azure CAF naming provider to generate default resource name. custom_name override this if set. Legacy default name is used if this is set to false. bool true no

Outputs

Name Description
namespace Service Bus Namespace outputs.
namespace_listen_authorization_rule Service Bus namespace listen only authorization rule.
namespace_manage_authorization_rule Service Bus namespace manage authorization rule.
namespace_send_authorization_rule Service Bus namespace send only authorization rule.
queues Service Bus queues outputs.
queues_listen_authorization_rule Service Bus queues listen only authorization rules.
queues_manage_authorization_rule Service Bus queues manage authorization rules.
queues_send_authorization_rule Service Bus queues send only authorization rules.
subscriptions Service Bus topics subscriptions outputs.
topics Service Bus topics outputs.
topics_listen_authorization_rule Service Bus topics listen only authorization rules.
topics_manage_authorization_rule Service Bus topics manage authorization rules.
topics_send_authorization_rule Service Bus topics send only authorization rules.

Related documentation

Microsoft Azure documentation: docs.microsoft.com/en-us/azure/service-bus/

terraform-azurerm-service-bus's People

Contributors

bzspi avatar jmapro avatar oleksiimorozenko avatar rossifumax avatar shr3ps avatar zfiel avatar

Stargazers

avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar

Forkers

karanratra vvalusa ryanoatz1999 ramaprasadguduru oladele1440 rightgates-inc densetax2 alouisbenagha oleksiimorozenko utrescu maungsan

terraform-azurerm-service-bus's Issues

Add azurerm_servicebus_subscription_rule

Community Note

  • Please vote on this issue by adding a ๐Ÿ‘ reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

I am struggling with adding azurerm_servicebus_subscription_rule in the module to be able to create one or several rule per subscription. Do you plan to develop this part?

New or Affected Resource(s)/Data Source(s)

azurerm_servicebus_subscription_rule

Potential Terraform Configuration

No response

References

No response

Multiple Topic and Subscription creation

Can you please add template to create Multiple Topic and Subscription? After topic_id and subscription id added subscription_id required unable to set the logic to create topics and associated subscription by just passing name as a variables.

terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~>3.13.0"
}

Allow "zone redundant" set to true in namespace

While provisioning the service bus namespace, by default value of zone_redundant is false.

By using this module, there is no way to enable it. Would it be possible if you may please add the below parameter in the below file:

File: https://github.com/claranet/terraform-azurerm-service-bus/blob/master/r-servicebus-namespaces.tf
Parameter:
`
r-servicebus-namespaces.tf:

resource "azurerm_servicebus_namespace" "servicebus_namespace" {
for_each = var.servicebus_namespaces_queues
name = lookup(each.value, "custom_name", azurecaf_name.servicebus_namespace[each.key].result)
location = var.location
resource_group_name = var.resource_group_name

sku = lookup(each.value, "sku", "Basic")
capacity = lookup(each.value, "capacity", lookup(each.value, "sku", "Basic") == "Premium" ? 1 : 0)
zone_redundant = var.zone_redundant #true/false

tags = merge(
local.default_tags,
var.extra_tags,
)
}
`

`
variables.tf:

variable "zone_redundant" {
type = bool
}
`

ServiceBus Topics and Authorization Rules

Hello Contributors,

Do you guys plan to add Service Bus Topics and Service Bus Topic Authorization rules in this module. It is pretty much same as queues, I was wondering if there is any such plan at your end to include service bus topics in this module in short time?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.