Infrastructure for auth-audit-log component
Closed this issue · 2 comments
Description
Audit log component will be hosted as a container app. Authentication/Authorization component will write each authentication/authorization event to a storage queue. A function app is set with queue trigger such that each event is processed by the function app. The function app then sends api request to specific endpoint(Authentication/authorization) in auth-audit-log component. The auth-audit-log component write the event to the auth-audit-log database.
Tasks
- Set up a resource group for audit log application (All the new resources below will be created in this resource group)
- Setup Storage Queue
- Setup function app
- Setup auth-audit-log as container app
- Setup ny postgres sql server?
- Setup network/domain configuration for connections between function app and container app
- Setup security/network such that authentication component in platform gets access to the storage queue
- Setup security/network such that function app gets access to the storage queue
- Setup security/network such that container app gets access to the postgres sql server
Acceptance Criteria
- New resource group is created
- Storage Queue is setup
- Function app is setup
- auth-audit-log container app is setup
- postgres sql server is setup
- network/domain is setup for container app
- network is configured for storage queue
- network is configured for funciton app
- network is configured for postgres sqls erver
Support for container app secrets are currently limited in the Terraform provider. Temporary fix is to refer to the secret value instead of secret reference. Should be changed when provider support is added.
hashicorp/terraform-provider-azurerm#23958
@simon-ellefsen I have now run the basic tests on the setup and it works as expected