diff --git a/application_insights_web_test_preview/README.md b/application_insights_web_test_preview/README.md
index ed2dfbc5..7b207ecd 100644
--- a/application_insights_web_test_preview/README.md
+++ b/application_insights_web_test_preview/README.md
@@ -68,13 +68,13 @@ No modules.
|------|------|
| [azurerm_monitor_metric_alert.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_metric_alert) | resource |
| [azurerm_template_deployment.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/template_deployment) | resource |
-| [azurerm_application_insights.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/application_insights) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [actions](#input\_actions) | n/a | list(object({
action_group_id = string
})) | n/a | yes |
+| [application\_insight\_id](#input\_application\_insight\_id) | Application insight id. | `string` | n/a | yes |
| [application\_insight\_name](#input\_application\_insight\_name) | Application insight instance name. | `string` | n/a | yes |
| [auto\_mitigate](#input\_auto\_mitigate) | (Optional) Should the alerts in this Metric Alert be auto resolved? Defaults to false. | `bool` | `false` | no |
| [content\_validation](#input\_content\_validation) | Required text that should appear in the response for this WebTest. | `string` | `"null"` | no |
diff --git a/cdn/README.md b/cdn/README.md
index 9aef40a7..51343f96 100644
--- a/cdn/README.md
+++ b/cdn/README.md
@@ -285,6 +285,20 @@ resource "azurerm_key_vault_secret" "selc_web_storage_blob_connection_string" {
```
+## Migration from v2
+
+Due to drift into the state, is possible that you need to delete the state linked to this resource and re-import the resource
+
+```sh
+terraform state rm module.devopslab_cdn.azurerm_cdn_endpoint.this
+```
+
+🆕 To use this module you need to use change this variables/arguments:
+
+❌ Don't use this variables:
+
+* `lock_enabled` -> don't use any more, the locks are managed outside
+
Storage account
@@ -302,14 +316,14 @@ Storage account
| Name | Version |
|------|---------|
-| [azurerm](#provider\_azurerm) | 3.38.0 |
+| [azurerm](#provider\_azurerm) | 3.36.0 |
| [null](#provider\_null) | 3.2.1 |
## Modules
| Name | Source | Version |
|------|--------|---------|
-| [cdn\_storage\_account](#module\_cdn\_storage\_account) | git::https://github.com/pagopa/azurerm.git//storage_account | v2.7.0 |
+| [cdn\_storage\_account](#module\_cdn\_storage\_account) | git::https://github.com/pagopa/terraform-azurerm-v3.git//storage_account | v3.5.1 |
## Resources
@@ -343,7 +357,6 @@ Storage account
| [keyvault\_subscription\_id](#input\_keyvault\_subscription\_id) | Key vault subscription id | `string` | n/a | yes |
| [keyvault\_vault\_name](#input\_keyvault\_vault\_name) | Key vault name | `string` | n/a | yes |
| [location](#input\_location) | n/a | `string` | n/a | yes |
-| [lock\_enabled](#input\_lock\_enabled) | n/a | `bool` | n/a | yes |
| [name](#input\_name) | n/a | `string` | n/a | yes |
| [prefix](#input\_prefix) | n/a | `string` | n/a | yes |
| [querystring\_caching\_behaviour](#input\_querystring\_caching\_behaviour) | n/a | `string` | `"IgnoreQueryString"` | no |
diff --git a/cdn/main.tf b/cdn/main.tf
index bbde7d7c..3603b409 100644
--- a/cdn/main.tf
+++ b/cdn/main.tf
@@ -3,28 +3,21 @@
**/
module "cdn_storage_account" {
- source = "git::https://github.com/pagopa/azurerm.git//storage_account?ref=v2.7.0"
-
- name = replace(format("%s-%s-sa", var.prefix, var.name), "-", "")
- versioning_name = format("%s-%s-sa-versioning", var.prefix, var.name)
-
- account_kind = var.storage_account_kind
- account_tier = var.storage_account_tier
- account_replication_type = var.storage_account_replication_type
- access_tier = var.storage_access_tier
- enable_versioning = true
- resource_group_name = var.resource_group_name
- location = var.location
- allow_blob_public_access = true
+ source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//storage_account?ref=v3.5.1"
+
+ name = replace("${var.prefix}-${var.name}-sa", "-", "")
+ account_kind = var.storage_account_kind
+ account_tier = var.storage_account_tier
+ account_replication_type = var.storage_account_replication_type
+ access_tier = var.storage_access_tier
+ blob_versioning_enabled = true
+ resource_group_name = var.resource_group_name
+ location = var.location
+ allow_nested_items_to_be_public = true
index_document = var.index_document
error_404_document = var.error_404_document
- lock_enabled = var.lock_enabled
- lock_name = format("%s-%s-sa-lock", var.prefix, var.name)
- lock_level = "CanNotDelete"
- lock_notes = null
-
tags = var.tags
}
@@ -32,7 +25,7 @@ module "cdn_storage_account" {
* cdn profile
**/
resource "azurerm_cdn_profile" "this" {
- name = format("%s-%s-cdn-profile", var.prefix, var.name)
+ name = "${var.prefix}-${var.name}-cdn-profile"
resource_group_name = var.resource_group_name
location = var.location
sku = "Standard_Microsoft"
@@ -41,7 +34,7 @@ resource "azurerm_cdn_profile" "this" {
}
resource "azurerm_cdn_endpoint" "this" {
- name = format("%s-%s-cdn-endpoint", var.prefix, var.name)
+ name = "${var.prefix}-${var.name}-cdn-endpoint"
resource_group_name = var.resource_group_name
location = var.location
profile_name = azurerm_cdn_profile.this.name
@@ -548,7 +541,7 @@ resource "null_resource" "custom_domain" {
# record APEX https://docs.microsoft.com/it-it/azure/dns/dns-zones-records#record-names
resource "azurerm_dns_a_record" "hostname" {
- # create this iff DNS zone name equal to HOST NAME azurerm_cdn_endpoint.this.host_name
+ # create this iff DNS zone name equal to HOST NAME azurerm_cdn_endpoint.this.fqdn
count = var.dns_zone_name == var.hostname ? 1 : 0
name = "@"
@@ -562,7 +555,7 @@ resource "azurerm_dns_a_record" "hostname" {
# record A
resource "azurerm_dns_a_record" "hostname_a" {
- # create this iff DNS zone name equal to HOST NAME azurerm_cdn_endpoint.this.host_name
+ # create this iff DNS zone name equal to HOST NAME azurerm_cdn_endpoint.this.fqdn
# true if ex: dns_zone_name = dev.pagopa.it, hostname = west.dev.pagopa.it
count = length(split(var.dns_zone_name, var.hostname)) > 1 ? 1 : 0
@@ -583,9 +576,13 @@ resource "azurerm_dns_cname_record" "cdnverify" {
zone_name = var.dns_zone_name
resource_group_name = var.dns_zone_resource_group_name
ttl = 3600
- record = "cdnverify.${azurerm_cdn_endpoint.this.host_name}"
+ record = "cdnverify.${azurerm_cdn_endpoint.this.fqdn}"
tags = var.tags
+
+ depends_on = [
+ azurerm_cdn_endpoint.this
+ ]
}
resource "azurerm_dns_cname_record" "custom_subdomain" {
@@ -596,8 +593,12 @@ resource "azurerm_dns_cname_record" "custom_subdomain" {
zone_name = var.dns_zone_name
resource_group_name = var.dns_zone_resource_group_name
ttl = 3600
- record = azurerm_cdn_endpoint.this.host_name
+ record = azurerm_cdn_endpoint.this.fqdn
tags = var.tags
+
+ depends_on = [
+ azurerm_cdn_endpoint.this
+ ]
}
diff --git a/cdn/variables.tf b/cdn/variables.tf
index 90977826..eea232e4 100644
--- a/cdn/variables.tf
+++ b/cdn/variables.tf
@@ -298,10 +298,6 @@ variable "hostname" {
type = string
}
-variable "lock_enabled" {
- type = bool
-}
-
variable "index_document" {
type = string
}
diff --git a/storage_account/README.md b/storage_account/README.md
index 5b072b75..da041a1a 100644
--- a/storage_account/README.md
+++ b/storage_account/README.md
@@ -42,169 +42,14 @@ module "diego_storage_account" {
❌ Don't use this variables:
* `enable_https_traffic_only` -> don't use any more, now default is true and mandatory
-* `enable_versioning`
* `versioning_name`
-🔥 State manual changes
-
-Is possible that you need to removed manually this resources:
-
-* `allow_blob_public_access`
-
-```json
-
- {
- "module": "module.devopslab_cdn.module.cdn_storage_account",
- "mode": "managed",
- "type": "azurerm_storage_account",
- "name": "this",
- "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]",
- "instances": [
- {
- "schema_version": 2,
- "attributes": {
- "access_tier": "Hot",
- "account_kind": "StorageV2",
- "account_replication_type": "GRS",
- "account_tier": "Standard",
- "allow_blob_public_access": true, <-- REMOVE THIS ONE <<
- "azure_files_authentication": [],
- "blob_properties": [
- {
- "change_feed_enabled": false,
- "container_delete_retention_policy": [],
- "cors_rule": [],
- "default_service_version": "",
- "delete_retention_policy": [],
- "last_access_time_enabled": false,
- "versioning_enabled": true
- }
- ],
- "custom_domain": [],
- "customer_managed_key": [],
- "enable_https_traffic_only": true,
- "id": "xxx",
- "identity": [],
- "infrastructure_encryption_enabled": false,
- "is_hns_enabled": false,
- "large_file_share_enabled": null,
- "location": "northeurope",
- "min_tls_version": "TLS1_2",
- "name": "dvopladdevopslabsa",
- "network_rules": [
- {
- "bypass": [
- "AzureServices"
- ],
- "default_action": "Allow",
- "ip_rules": [],
- "private_link_access": [],
- "virtual_network_subnet_ids": []
- }
- ],
- "nfsv3_enabled": false,
- "primary_access_key": "xxx",
- "primary_blob_connection_string": "xxx",
- "primary_blob_endpoint": "https://dvopladdevopslabsa.blob.core.windows.net/",
- "primary_blob_host": "dvopladdevopslabsa.blob.core.windows.net",
- "primary_connection_string": "xxx",
- "primary_dfs_endpoint": "https://dvopladdevopslabsa.dfs.core.windows.net/",
- "primary_dfs_host": "dvopladdevopslabsa.dfs.core.windows.net",
- "primary_file_endpoint": "https://dvopladdevopslabsa.file.core.windows.net/",
- "primary_file_host": "dvopladdevopslabsa.file.core.windows.net",
- "primary_location": "northeurope",
- "primary_queue_endpoint": "https://dvopladdevopslabsa.queue.core.windows.net/",
- "primary_queue_host": "dvopladdevopslabsa.queue.core.windows.net",
- "primary_table_endpoint": "https://dvopladdevopslabsa.table.core.windows.net/",
- "primary_table_host": "dvopladdevopslabsa.table.core.windows.net",
- "primary_web_endpoint": "https://dvopladdevopslabsa.z16.web.core.windows.net/",
- "primary_web_host": "dvopladdevopslabsa.z16.web.core.windows.net",
- "queue_encryption_key_type": "Service",
- "queue_properties": [
- {
- "cors_rule": [],
- "hour_metrics": [
- {
- "enabled": true,
- "include_apis": true,
- "retention_policy_days": 7,
- "version": "1.0"
- }
- ],
- "logging": [
- {
- "delete": false,
- "read": false,
- "retention_policy_days": 0,
- "version": "1.0",
- "write": false
- }
- ],
- "minute_metrics": [
- {
- "enabled": false,
- "include_apis": false,
- "retention_policy_days": 0,
- "version": "1.0"
- }
- ]
- }
- ],
- "resource_group_name": "dvopla-d-selfcare-fe-rg",
- "routing": [],
- "secondary_access_key": "xxx",
- "secondary_blob_connection_string": "",
- "secondary_blob_endpoint": null,
- "secondary_blob_host": null,
- "secondary_connection_string": "xxx",
- "secondary_dfs_endpoint": null,
- "secondary_dfs_host": null,
- "secondary_file_endpoint": null,
- "secondary_file_host": null,
- "secondary_location": "westeurope",
- "secondary_queue_endpoint": null,
- "secondary_queue_host": null,
- "secondary_table_endpoint": null,
- "secondary_table_host": null,
- "secondary_web_endpoint": null,
- "secondary_web_host": null,
- "share_properties": [
- {
- "cors_rule": [],
- "retention_policy": [
- {
- "days": 7
- }
- ],
- "smb": []
- }
- ],
- "shared_access_key_enabled": true,
- "static_website": [
- {
- "error_404_document": "404.html",
- "index_document": "index.html"
- }
- ],
- "table_encryption_key_type": "Service",
- "tags": {
- "CostCenter": "TS310 - PAGAMENTI \u0026 SERVIZI",
- "CreatedBy": "Terraform",
- "Environment": "Lab",
- "Owner": "DevOps",
- "Source": "https://github.com/pagopa/devopslab-infra"
- },
- "timeouts": null
- },
- "sensitive_attributes": [],
- "private": "xxx",
- "dependencies": [
- "azurerm_resource_group.devopslab_cdn_rg"
- ]
- }
- ]
- },
-```
+❌ Don't use locks because are managed outside of the module:
+
+* `lock_enabled`
+* `lock_name`
+* `lock_level`
+* `lock_notes`
🔥 Broken compatibility and destroied resources