diff --git a/alz/azuredevops/main.tf b/alz/azuredevops/main.tf index 3fa9989..607abe2 100644 --- a/alz/azuredevops/main.tf +++ b/alz/azuredevops/main.tf @@ -8,10 +8,13 @@ module "resource_names" { } module "architecture_definition" { - count = local.has_architecture_definition ? 1 : 0 - source = "../../modules/template_architecture_definition" - starter_module_folder_path = local.starter_root_module_folder_path - architecture_definition_name = local.architecture_definition_name + count = local.has_architecture_definition ? 1 : 0 + source = "../../modules/template_architecture_definition" + starter_module_folder_path = local.starter_root_module_folder_path + architecture_definition_name = local.architecture_definition_name + architecture_definition_template_path = var.architecture_definition_template_path + architecture_definition_override_path = var.architecture_definition_override_path + apply_alz_archetypes_via_architecture_definition_template = var.apply_alz_archetypes_via_architecture_definition_template } module "files" { diff --git a/alz/azuredevops/variables.hidden.tf b/alz/azuredevops/variables.hidden.tf index e462a8b..1e97593 100644 --- a/alz/azuredevops/variables.hidden.tf +++ b/alz/azuredevops/variables.hidden.tf @@ -419,3 +419,21 @@ variable "root_module_folder_relative_path" { description = "The root module folder path" default = "." } + +variable "architecture_definition_template_path" { + type = string + default = "" + description = "The path to the architecture definition template file to use." +} + +variable "architecture_definition_override_path" { + type = string + default = "" + description = "The path to the architecture definition file to use instead of the default." +} + +variable "apply_alz_archetypes_via_architecture_definition_template" { + type = bool + default = true + description = "Toggles assignment of ALZ policies. True to deploy, otherwise false. (e.g true)" +} diff --git a/alz/github/main.tf b/alz/github/main.tf index 693356b..af2f82f 100644 --- a/alz/github/main.tf +++ b/alz/github/main.tf @@ -8,10 +8,13 @@ module "resource_names" { } module "architecture_definition" { - count = local.has_architecture_definition ? 1 : 0 - source = "../../modules/template_architecture_definition" - starter_module_folder_path = local.starter_root_module_folder_path - architecture_definition_name = local.architecture_definition_name + count = local.has_architecture_definition ? 1 : 0 + source = "../../modules/template_architecture_definition" + starter_module_folder_path = local.starter_root_module_folder_path + architecture_definition_name = local.architecture_definition_name + architecture_definition_template_path = var.architecture_definition_template_path + architecture_definition_override_path = var.architecture_definition_override_path + apply_alz_archetypes_via_architecture_definition_template = var.apply_alz_archetypes_via_architecture_definition_template } module "files" { diff --git a/alz/github/variables.hidden.tf b/alz/github/variables.hidden.tf index d18f5f4..4bd54f1 100644 --- a/alz/github/variables.hidden.tf +++ b/alz/github/variables.hidden.tf @@ -419,3 +419,21 @@ variable "root_module_folder_relative_path" { description = "The root module folder path" default = "." } + +variable "architecture_definition_template_path" { + type = string + default = "" + description = "The path to the architecture definition template file to use." +} + +variable "architecture_definition_override_path" { + type = string + default = "" + description = "The path to the architecture definition file to use instead of the default." +} + +variable "apply_alz_archetypes_via_architecture_definition_template" { + type = bool + default = true + description = "Toggles assignment of ALZ policies. True to deploy, otherwise false. (e.g true)" +} diff --git a/alz/local/main.tf b/alz/local/main.tf index c7ccda7..ba780d3 100644 --- a/alz/local/main.tf +++ b/alz/local/main.tf @@ -8,10 +8,13 @@ module "resource_names" { } module "architecture_definition" { - count = local.has_architecture_definition ? 1 : 0 - source = "../../modules/template_architecture_definition" - starter_module_folder_path = local.starter_root_module_folder_path - architecture_definition_name = local.architecture_definition_name + count = local.has_architecture_definition ? 1 : 0 + source = "../../modules/template_architecture_definition" + starter_module_folder_path = local.starter_root_module_folder_path + architecture_definition_name = local.architecture_definition_name + architecture_definition_template_path = var.architecture_definition_template_path + architecture_definition_override_path = var.architecture_definition_override_path + apply_alz_archetypes_via_architecture_definition_template = var.apply_alz_archetypes_via_architecture_definition_template } resource "local_file" "architecture_definition_file" { diff --git a/alz/local/variables.hidden.tf b/alz/local/variables.hidden.tf index dee9586..2bac27c 100644 --- a/alz/local/variables.hidden.tf +++ b/alz/local/variables.hidden.tf @@ -312,3 +312,21 @@ variable "root_module_folder_relative_path" { description = "The root module folder path" default = "." } + +variable "architecture_definition_template_path" { + type = string + default = "" + description = "The path to the architecture definition template file to use." +} + +variable "architecture_definition_override_path" { + type = string + default = "" + description = "The path to the architecture definition file to use instead of the default." +} + +variable "apply_alz_archetypes_via_architecture_definition_template" { + type = bool + default = true + description = "Toggles assignment of ALZ policies. True to deploy, otherwise false. (e.g true)" +} diff --git a/modules/template_architecture_definition/data.tf b/modules/template_architecture_definition/data.tf index fbbdb49..1ffd774 100644 --- a/modules/template_architecture_definition/data.tf +++ b/modules/template_architecture_definition/data.tf @@ -1,4 +1,4 @@ data "local_file" "architecture_definition_override_json" { count = local.has_architecture_definition_override ? 1 : 0 - filename = local.architecture_definition_override_path + filename = var.architecture_definition_override_path } diff --git a/modules/template_architecture_definition/locals.tf b/modules/template_architecture_definition/locals.tf index a2f75d5..acab72f 100644 --- a/modules/template_architecture_definition/locals.tf +++ b/modules/template_architecture_definition/locals.tf @@ -1,15 +1,14 @@ locals { # Determine template architecture definition inputs from starter module tfvars - starter_module_tfvars = jsondecode(file("${var.starter_module_folder_path}/terraform.tfvars.json")) - default_prefix = local.starter_module_tfvars.default_prefix - default_postfix = local.starter_module_tfvars.default_postfix - enable_alz = local.starter_module_tfvars.apply_alz_archetypes_via_architecture_definition_template - architecture_definition_override_path = local.starter_module_tfvars.architecture_definition_override_path - default_template_file_path = "${path.module}/templates/${var.architecture_definition_name}.alz_architecture_definition.json.tftpl" - template_file_path = local.starter_module_tfvars.architecture_definition_template_path != "" ? local.starter_module_tfvars.architecture_definition_template_path : local.default_template_file_path + starter_module_tfvars = jsondecode(file("${var.starter_module_folder_path}/terraform.tfvars.json")) + default_prefix = local.starter_module_tfvars.default_prefix + default_postfix = local.starter_module_tfvars.default_postfix + top_level_management_group_name = local.starter_module_tfvars.top_level_management_group_name + default_template_file_path = "${path.module}/templates/${var.architecture_definition_name}.alz_architecture_definition.json.tftpl" + template_file_path = var.architecture_definition_template_path != "" ? var.architecture_definition_template_path : local.default_template_file_path # Customer has provided a custom architecture definition - has_architecture_definition_override = local.architecture_definition_override_path != "" + has_architecture_definition_override = var.architecture_definition_override_path != "" # ALZ archetypes alz_root = ["\"root\""] @@ -24,21 +23,22 @@ locals { alz_identity = ["\"identity\""] # management group layered archetypes - root = local.enable_alz ? local.alz_root : [] - platform = local.enable_alz ? local.alz_platform : [] - landing_zone = local.enable_alz ? local.alz_landing_zone : [] - decommissioned = local.enable_alz ? local.alz_decommissioned : [] - sandboxes = local.enable_alz ? local.alz_sandboxes : [] - corp = local.enable_alz ? local.alz_corp : [] - online = local.enable_alz ? local.alz_online : [] - management = local.enable_alz ? local.alz_management : [] - connectivity = local.enable_alz ? local.alz_connectivity : [] - identity = local.enable_alz ? local.alz_identity : [] - confidential_corp = local.enable_alz ? local.alz_corp : [] - confidential_online = local.enable_alz ? local.alz_online : [] + root = var.apply_alz_archetypes_via_architecture_definition_template ? local.alz_root : [] + platform = var.apply_alz_archetypes_via_architecture_definition_template ? local.alz_platform : [] + landing_zone = var.apply_alz_archetypes_via_architecture_definition_template ? local.alz_landing_zone : [] + decommissioned = var.apply_alz_archetypes_via_architecture_definition_template ? local.alz_decommissioned : [] + sandboxes = var.apply_alz_archetypes_via_architecture_definition_template ? local.alz_sandboxes : [] + corp = var.apply_alz_archetypes_via_architecture_definition_template ? local.alz_corp : [] + online = var.apply_alz_archetypes_via_architecture_definition_template ? local.alz_online : [] + management = var.apply_alz_archetypes_via_architecture_definition_template ? local.alz_management : [] + connectivity = var.apply_alz_archetypes_via_architecture_definition_template ? local.alz_connectivity : [] + identity = var.apply_alz_archetypes_via_architecture_definition_template ? local.alz_identity : [] + confidential_corp = var.apply_alz_archetypes_via_architecture_definition_template ? local.alz_corp : [] + confidential_online = var.apply_alz_archetypes_via_architecture_definition_template ? local.alz_online : [] template_vars = { architecture_definition_name = var.architecture_definition_name + top_level_management_group_name = local.top_level_management_group_name root_management_group_id = "${local.default_prefix}${local.default_postfix}" platform_management_group_id = "${local.default_prefix}-platform${local.default_postfix}" landing_zone_management_group_id = "${local.default_prefix}-landingzones${local.default_postfix}" diff --git a/modules/template_architecture_definition/templates/fsi.alz_architecture_definition.json.tftpl b/modules/template_architecture_definition/templates/fsi.alz_architecture_definition.json.tftpl index 1d14a42..19934c5 100644 --- a/modules/template_architecture_definition/templates/fsi.alz_architecture_definition.json.tftpl +++ b/modules/template_architecture_definition/templates/fsi.alz_architecture_definition.json.tftpl @@ -3,7 +3,7 @@ "management_groups": [ { "archetypes": [${root_archetypes}, "fsi_root", "tr_01_logging", "re_01_zonal_residency", "so_04_cmk", "so_01_data_residency"], - "display_name": "FSI Landing Zone", + "display_name": "${top_level_management_group_name}", "exists": false, "id": "${root_management_group_id}", "parent_id": null diff --git a/modules/template_architecture_definition/templates/slz.alz_architecture_definition.json.tftpl b/modules/template_architecture_definition/templates/slz.alz_architecture_definition.json.tftpl index 90d0510..ecbbf01 100644 --- a/modules/template_architecture_definition/templates/slz.alz_architecture_definition.json.tftpl +++ b/modules/template_architecture_definition/templates/slz.alz_architecture_definition.json.tftpl @@ -3,7 +3,7 @@ "management_groups": [ { "archetypes": [${root_archetypes}, "global"], - "display_name": "Sovereign Landing Zone", + "display_name": "${top_level_management_group_name}", "exists": false, "id": "${root_management_group_id}", "parent_id": null diff --git a/modules/template_architecture_definition/variables.tf b/modules/template_architecture_definition/variables.tf index ac04eed..310c7d0 100644 --- a/modules/template_architecture_definition/variables.tf +++ b/modules/template_architecture_definition/variables.tf @@ -7,3 +7,21 @@ variable "architecture_definition_name" { type = string description = "Name of the architecture definition" } + +variable "architecture_definition_template_path" { + type = string + default = "" + description = "The path to the architecture definition template file to use." +} + +variable "architecture_definition_override_path" { + type = string + default = "" + description = "The path to the architecture definition file to use instead of the default." +} + +variable "apply_alz_archetypes_via_architecture_definition_template" { + type = bool + default = true + description = "Toggles assignment of ALZ policies. True to deploy, otherwise false. (e.g true)" +}