azure: expose vnet_cidr parameter in main module (#188)

Author: diogocp

azure/README.md

@@ -107,6 +107,7 @@ terraform apply -var="datadog-api-key=$DD_API_KEY"
 | <a name="input_scanner_version"></a> [scanner\_version](#input\_scanner\_version) | Version of the scanner to install | `string` | `"0.11"` | no |
 | <a name="input_site"></a> [site](#input\_site) | By default the Agent sends its data to Datadog US site. If your organization is on another site, you must update it. See https://docs.datadoghq.com/getting_started/site/ | `string` | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | A map of additional tags to add to the resources created. | `map(string)` | `{}` | no |
+| <a name="input_vnet_cidr"></a> [vnet\_cidr](#input\_vnet\_cidr) | The CIDR block for the Virtual Network | `string` | `"10.0.0.0/16"` | no |
 
 ## Outputs
 

azure/main.tf

@@ -33,6 +33,7 @@ module "virtual_network" {
   source              = "./modules/virtual-network"
   resource_group_name = module.resource_group.resource_group.name
   location            = var.location
+  cidr                = var.vnet_cidr
   bastion             = var.bastion
   tags                = var.tags
 }

azure/modules/virtual-network/main.tf

@@ -51,30 +51,32 @@ resource "azurerm_subnet_nat_gateway_association" "subnet_natgw_assoc" {
 
 # Bastion (optional)
 resource "azurerm_bastion_host" "bastion" {
-  count = var.bastion == true ? 1 : 0
+  count = var.bastion ? 1 : 0
 
   name                = "bastion"
   location            = azurerm_virtual_network.vnet.location
   resource_group_name = azurerm_virtual_network.vnet.resource_group_name
   ip_configuration {
     name                 = "ipconfig"
-    subnet_id            = azurerm_subnet.bastion_subnet.id
-    public_ip_address_id = azurerm_public_ip.bastion_ip[count.index].id
+    subnet_id            = one(azurerm_subnet.bastion_subnet).id
+    public_ip_address_id = one(azurerm_public_ip.bastion_ip).id
   }
   sku               = "Standard"
   tunneling_enabled = true
   tags              = merge(var.tags, local.dd_tags)
 }
 
 resource "azurerm_subnet" "bastion_subnet" {
+  count = var.bastion ? 1 : 0
+
   name                 = "AzureBastionSubnet"
   resource_group_name  = azurerm_virtual_network.vnet.resource_group_name
   virtual_network_name = azurerm_virtual_network.vnet.name
   address_prefixes     = [cidrsubnet(var.cidr, 2, 1)]
 }
 
 resource "azurerm_public_ip" "bastion_ip" {
-  count = var.bastion == true ? 1 : 0
+  count = var.bastion ? 1 : 0
 
   name                = "bastion-ip"
   location            = azurerm_virtual_network.vnet.location

azure/variables.tf

@@ -48,6 +48,12 @@ variable "scan_scopes" {
   default     = []
 }
 
+variable "vnet_cidr" {
+  description = "The CIDR block for the Virtual Network"
+  type        = string
+  default     = "10.0.0.0/16"
+}
+
 variable "bastion" {
   description = "Create a bastion in the subnet."
   type        = bool