/terraform-azurerm-caf-azure-firewall

Azure Firewall module for Cloud Adoption Framework for Azure landing zones

Primary LanguageHCLMIT LicenseMIT

VScodespaces Gitter

Deploys Azure Firewall

Creates an Azure Firewall in a given region

Reference the module to a specific version (recommended):

module "az_firewall" {
  source  = "aztfmod/caf-azure-firewall/azurerm"
  version = "0.x.y"

  convention                  = local.convention
  name                        = local.az_fw_config.name
  resource_group_name         = azurerm_resource_group.rg_test.name
  location                    = local.location 
  tags                        = local.tags
  la_workspace_id             = module.la_test.id
  diagnostics_map             = module.diags_test.diagnostics_map
  diagnostics_settings        = local.az_fw_config.diagnostics

  subnet_id                   = lookup(module.vnet_test.vnet_subnets, "AzureFirewallSubnet", null)
  public_ip_id                = module.public_ip_test.id
}

Requirements

No requirements.

Providers

Name Version
azurecaf n/a
azurerm n/a

Inputs

Name Description Type Default Required
convention (Required) Naming convention method to use any n/a yes
diagnostics_map (Required) Storage Account and Event Hub data for the AzFW diagnostics any n/a yes
diagnostics_settings (Required) Map with the diagnostics settings for AzFW deployment any n/a yes
la_workspace_id (Required) ID of Log Analytics data for the AzFW diagnostics any n/a yes
location (Required) Location of the Azure Firewall to be created any n/a yes
max_length (Optional) You can speficy a maximum length to the name of the resource string "50" no
name (Required) Name of the Azure Firewall to be created any n/a yes
postfix (Optional) You can use a postfix to the name of the resource string "" no
prefix (Optional) You can use a prefix to the name of the resource string "" no
public_ip_id (Required) Public IP address identifier. IP address must be of type static and standard. any n/a yes
resource_group_name (Required) Resource Group of the Azure Firewall to be created any n/a yes
subnet_id (Required) ID for the subnet where to deploy the Azure Firewall any n/a yes
tags (Required) Tags of the Azure Firewall to be created any n/a yes

Outputs

Name Description
az_firewall_config Outputs a map with az_fw_name,az_fw_id,az_ipconfig,az_object - to be deprecated in future version
id Output the object ID
name Output the object name
object Output the full object