adb-overwatch-regional-config

adb-overwatch-regional-config

This module deploys the regional Azure required resources for a multi-workspace Overwatch deployment :

• Storage account to store the logs generated by the workspaces where Overwatch will be deployed
• Role assignment of the SPN to the storage account created above
• Eventhub namespace and Eventhub namespace authorization rule
• Azure Key-Vault with its access policy
• Azure Vault secret to store the SPN secret value

Requirements

No requirements.

Providers

Name	Version
azuread	n/a
azurerm	n/a

Modules

No modules.

Resources

Name	Type
azurerm_eventhub_namespace.ehn	resource
azurerm_eventhub_namespace_authorization_rule.ehn-ar	resource
azurerm_key_vault.kv	resource
azurerm_key_vault_access_policy.kv-ap	resource
azurerm_key_vault_secret.spn-key	resource
azurerm_role_assignment.data-contributor-role-log	resource
azurerm_storage_account.log-sa	resource
azuread_service_principal.overwatch-spn	data source
azurerm_client_config.current	data source
azurerm_resource_group.rg	data source

Inputs

Name	Description	Type	Default	Required
ehn_name	Eventhubs namespace name	any	n/a	yes
key_vault_prefix	AKV prefix to use when creating the resource	string	n/a	yes
logs_sa_name	Logs storage account name	any	n/a	yes
overwatch_spn_app_id	Azure SPN ID used to create the mount points	string	n/a	yes
overwatch_spn_secret	Azure SPN secret	string	n/a	yes
random_string	Random string used as a suffix for the resources names	string	n/a	yes
rg_name	Resource group name	string	n/a	yes

Outputs

Name	Description
akv_name	AKV name
ehn_ar_name	Eventhubs namespace authorization rule name
ehn_name	Eventhubs namespace name
logs_sa_name	Logs storage account name