Put network and subnets in separate rg

pivotal-cf · May 30, 2019 · a4b9b32 · a4b9b32
1 parent b224e8c
commit a4b9b32
Show file tree

Hide file tree

Showing 5 changed files with 32 additions and 12 deletions.
diff --git a/modules/infra/main.tf b/modules/infra/main.tf
@@ -2,6 +2,10 @@ variable "env_name" {
   default = ""
 }
 
+variable "pcf_vnet_rg" {
+  default = ""
+}
+
 variable "location" {
   default = ""
 }
@@ -11,7 +15,6 @@ variable "dns_subdomain" {
 }
 
 variable "dns_suffix" {
-  default = ""
 }
 
 variable "pcf_virtual_network_address_space" {
@@ -28,12 +31,17 @@ resource "azurerm_resource_group" "pcf_resource_group" {
   location = "${var.location}"
 }
 
+resource "azurerm_resource_group" "pcf_network_rg" {
+  name = "${var.pcf_vnet_rg != "" ? var.pcf_vnet_rg : var.env_name}"
+  location = "${var.location}"
+}
+
 # ============== Security Groups ===============
 
 resource "azurerm_network_security_group" "ops_manager_security_group" {
   name                = "${var.env_name}-ops-manager-security-group"
   location            = "${var.location}"
-  resource_group_name = "${azurerm_resource_group.pcf_resource_group.name}"
+  resource_group_name = "${azurerm_resource_group.pcf_network_rg.name}"
 
   security_rule {
     name                       = "ssh"
@@ -75,7 +83,7 @@ resource "azurerm_network_security_group" "ops_manager_security_group" {
 resource "azurerm_network_security_group" "bosh_deployed_vms_security_group" {
   name                = "${var.env_name}-bosh-deployed-vms-security-group"
   location            = "${var.location}"
-  resource_group_name = "${azurerm_resource_group.pcf_resource_group.name}"
+  resource_group_name = "${azurerm_resource_group.pcf_network_rg.name}"
 
   security_rule {
     name                       = "internal-anything"
@@ -228,16 +236,16 @@ resource "azurerm_network_security_group" "bosh_deployed_vms_security_group" {
 
 resource "azurerm_virtual_network" "pcf_virtual_network" {
   name                = "${var.env_name}-virtual-network"
-  depends_on          = ["azurerm_resource_group.pcf_resource_group"]
-  resource_group_name = "${azurerm_resource_group.pcf_resource_group.name}"
+  depends_on          = ["azurerm_resource_group.pcf_network_rg"]
+  resource_group_name = "${azurerm_resource_group.pcf_network_rg.name}"
   address_space       = "${var.pcf_virtual_network_address_space}"
   location            = "${var.location}"
 }
 
 resource "azurerm_subnet" "infrastructure_subnet" {
   name                      = "${var.env_name}-infrastructure-subnet"
-  depends_on                = ["azurerm_resource_group.pcf_resource_group"]
-  resource_group_name       = "${azurerm_resource_group.pcf_resource_group.name}"
+  depends_on                = ["azurerm_resource_group.pcf_network_rg"]
+  resource_group_name       = "${azurerm_resource_group.pcf_network_rg.name}"
   virtual_network_name      = "${azurerm_virtual_network.pcf_virtual_network.name}"
   address_prefix            = "${var.pcf_infrastructure_subnet}"
   network_security_group_id = "${azurerm_network_security_group.ops_manager_security_group.id}"
@@ -271,6 +279,10 @@ output "resource_group_name" {
   value = "${azurerm_resource_group.pcf_resource_group.name}"
 }
 
+output "network_rg_name" {
+  value = "${azurerm_resource_group.pcf_network_rg.name}"
+}
+
 output "network_name" {
   value = "${azurerm_virtual_network.pcf_virtual_network.name}"
 }

diff --git a/modules/pas/subnets.tf b/modules/pas/subnets.tf
@@ -3,8 +3,8 @@
 resource "azurerm_subnet" "pas_subnet" {
   name = "${var.env_name}-pas-subnet"
 
-  //  depends_on                = ["${var.resource_group_name}"]
-  resource_group_name       = "${var.resource_group_name}"
+  //  depends_on                = ["${var.network_rg_name}"]
+  resource_group_name       = "${var.network_rg_name}"
   virtual_network_name      = "${var.network_name}"
   address_prefix            = "${var.pas_subnet_cidr}"
   network_security_group_id = "${var.bosh_deployed_vms_security_group_id}"
@@ -18,8 +18,8 @@ resource "azurerm_subnet_network_security_group_association" "pas_subnet" {
 resource "azurerm_subnet" "services_subnet" {
   name = "${var.env_name}-services-subnet"
 
-  //  depends_on                = ["${var.resource_group_name}"]
-  resource_group_name       = "${var.resource_group_name}"
+  //  depends_on                = ["${var.network_rg_name}"]
+  resource_group_name       = "${var.network_rg_name}"
   virtual_network_name      = "${var.network_name}"
   address_prefix            = "${var.services_subnet_cidr}"
   network_security_group_id = "${var.bosh_deployed_vms_security_group_id}"

diff --git a/modules/pas/variables.tf b/modules/pas/variables.tf
@@ -1,6 +1,7 @@
 variable "env_name" {}
 variable "location" {}
 variable "resource_group_name" {}
+variable "network_rg_name" {}
 variable "dns_zone_name" {}
 
 variable "cf_buildpacks_storage_container_name" {}

diff --git a/terraforming-pas/main.tf b/terraforming-pas/main.tf
@@ -16,6 +16,7 @@ module "infra" {
   source = "../modules/infra"
 
   env_name                          = "${var.env_name}"
+  pcf_vnet_rg                       = "${var.pcf_vnet_rg}"
   location                          = "${var.location}"
   dns_subdomain                     = "${var.dns_subdomain}"
   dns_suffix                        = "${var.dns_suffix}"
@@ -57,6 +58,7 @@ module "pas" {
   cf_resources_storage_container_name  = "${var.cf_resources_storage_container_name}"
 
   resource_group_name                 = "${module.infra.resource_group_name}"
+  network_rg_name                     = "${module.infra.network_rg_name}"
   dns_zone_name                       = "${module.infra.dns_zone_name}"
   network_name                        = "${module.infra.network_name}"
   bosh_deployed_vms_security_group_id = "${module.infra.bosh_deployed_vms_security_group_id}"

diff --git a/terraforming-pas/variables.tf b/terraforming-pas/variables.tf
@@ -89,7 +89,8 @@ variable "ops_manager_vm_size" {
   default = "Standard_DS2_v2"
 }
 
-variable "dns_suffix" {}
+variable "dns_suffix" {
+}
 
 variable "dns_subdomain" {
   "type"        = "string"
@@ -144,3 +145,7 @@ variable "pcf_services_subnet" {
   type    = "string"
   default = "10.0.4.0/22"
 }
+
+variable "pcf_vnet_rg" {
+  default = ""
+}