Skip to content

cyber-scot/terraform-azurerm-automation-account

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits

.azurepipelines

.azurepipelines

 
 

.github/workflows

.github/workflows

 
 

examples/standard

examples/standard

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

CHANGELOG.md

CHANGELOG.md

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Terraform-Release.ps1

Terraform-Release.ps1

 
 

main.tf

main.tf

 
 

outputs.tf

outputs.tf

 
 

tf-rel.sh

tf-rel.sh

 
 

variables.tf

variables.tf

 
 

Repository files navigation

resource "azurerm_automation_account" "aa" {
  name                          = var.automation_account_name
  location                      = var.location
  resource_group_name           = var.rg_name
  tags                          = var.tags
  sku_name                      = title(var.sku_name)
  public_network_access_enabled = var.public_network_access_enabled
  local_authentication_enabled  = var.local_authentication_enabled

  dynamic "identity" {
    for_each = length(var.identity_ids) == 0 && var.identity_type == "SystemAssigned" ? [var.identity_type] : []
    content {
      type = var.identity_type
    }
  }

  dynamic "identity" {
    for_each = var.identity_type == "UserAssigned" ? [var.identity_type] : []
    content {
      type         = var.identity_type
      identity_ids = length(var.identity_ids) > 0 ? var.identity_ids : []
    }
  }

  dynamic "identity" {
    for_each = var.identity_type == "SystemAssigned, UserAssigned" ? [var.identity_type] : []
    content {
      type         = var.identity_type
      identity_ids = length(var.identity_ids) > 0 ? var.identity_ids : []
    }
  }

  # Add dynamic block for encryption if you plan to use it
  dynamic "encryption" {
    for_each = var.key_vault_key_id != null ? [1] : []
    content {
      key_vault_key_id          = var.key_vault_key_id
      user_assigned_identity_id = var.user_assigned_identity_id
    }
  }
}


resource "azurerm_automation_module" "powershell_modules" {
  count                   = length(var.powershell_modules) > 0 ? length(var.powershell_modules) : 0
  name                    = var.powershell_modules[count.index].name
  resource_group_name     = var.rg_name
  automation_account_name = azurerm_automation_account.aa.name
  module_link {
    uri = var.powershell_modules[count.index].uri

    dynamic "hash" {
      for_each = var.powershell_modules[count.index].hash != null ? [var.powershell_modules[count.index].hash] : []
      content {
        algorithm = hash.value.algorithm
        value     = hash.value.value
      }
    }
  }
}

resource "azurerm_automation_python3_package" "python3_packages" {
  count                   = length(var.python3_packages) > 0 ? length(var.python3_packages) : 0
  name                    = var.python3_packages[count.index].name
  resource_group_name     = var.rg_name
  automation_account_name = azurerm_automation_account.aa.name
  content_uri             = var.python3_packages[count.index].content_uri
  content_version         = var.python3_packages[count.index].content_version
  hash_algorithm          = var.python3_packages[count.index].hash_algorithm
  hash_value              = var.python3_packages[count.index].hash_value
  tags                    = var.python3_packages[count.index].tags
}

resource "azurerm_automation_schedule" "schedules" {
  count                   = length(var.automation_schedule) > 0 ? length(var.automation_schedule) : 0
  name                    = var.automation_schedule[count.index].name
  resource_group_name     = var.rg_name
  automation_account_name = azurerm_automation_account.aa.name
  frequency               = var.automation_schedule[count.index].frequency
  description             = var.automation_schedule[count.index].description
  interval                = var.automation_schedule[count.index].interval
  start_time              = var.automation_schedule[count.index].start_time
  expiry_time             = var.automation_schedule[count.index].expiry_time
  timezone                = var.automation_schedule[count.index].timezone
  week_days               = var.automation_schedule[count.index].week_days
  month_days              = var.automation_schedule[count.index].month_days

  dynamic "monthly_occurrence" {
    for_each = var.automation_schedule[count.index].monthly_occurrence != null ? var.automation_schedule[count.index].monthly_occurrence : []
    content {
      day        = monthly_occurrence.value.day
      occurrence = monthly_occurrence.value.occurrence
    }
  }
}

resource "azurerm_automation_runbook" "runbook" {
  count                   = length(var.runbooks)
  name                    = var.runbooks[count.index].name
  location                = var.location
  resource_group_name     = var.rg_name
  automation_account_name = azurerm_automation_account.aa.name
  runbook_type            = var.runbooks[count.index].runbook_type
  log_progress            = var.runbooks[count.index].log_progress
  log_verbose             = var.runbooks[count.index].log_verbose
  description             = var.runbooks[count.index].description
  content                 = var.runbooks[count.index].content

  dynamic "publish_content_link" {
    for_each = var.runbooks[count.index].publish_content_link != null ? [var.runbooks[count.index].publish_content_link] : []
    content {
      uri     = publish_content_link.value.uri
      version = publish_content_link.value.version
      dynamic "hash" {
        for_each = publish_content_link.value.hash != null ? [publish_content_link.value.hash] : []
        content {
          algorithm = hash.value.algorithm
          value     = hash.value.value
        }
      }
    }
  }

  dynamic "draft" {
    for_each = var.runbooks[count.index].draft != null ? [var.runbooks[count.index].draft] : []
    content {
      edit_mode_enabled = draft.value.edit_mode_enabled

      dynamic "content_link" {
        for_each = draft.value.content_link != null ? [draft.value.content_link] : []
        content {
          uri     = content_link.value.uri
          version = content_link.value.version

          dynamic "hash" {
            for_each = content_link.value.hash != null ? [content_link.value.hash] : []
            content {
              algorithm = hash.value.algorithm
              value     = hash.value.value
            }
          }
        }
      }

      output_types = draft.value.output_types

      dynamic "parameters" {
        for_each = draft.value.parameters != null ? draft.value.parameters : []
        content {
          key           = parameters.value.key
          type          = parameters.value.type
          mandatory     = parameters.value.mandatory
          position      = parameters.value.position
          default_value = parameters.value.default_value
        }
      }
    }
  }
}

Requirements

No requirements.

Providers

Name Version
azurerm n/a

Modules

No modules.

Resources

Name Type
azurerm_automation_account.aa resource
azurerm_automation_module.powershell_modules resource
azurerm_automation_python3_package.python3_packages resource
azurerm_automation_runbook.runbook resource
azurerm_automation_schedule.schedules resource

Inputs

Name Description Type Default Required
automation_account_name The name of the automation account string n/a yes
automation_schedule Configuration for the Automation Schedule 
list(object({
    name        = string
    frequency   = string
    description = optional(string)
    interval    = optional(number)
    start_time  = optional(string)
    expiry_time = optional(string)
    timezone    = optional(string)
    week_days   = optional(list(string))
    month_days  = optional(list(number))
    monthly_occurrence = optional(list(object({
      day        = string
      occurrence = number
    })))
  }))
 [] no
identity_ids Specifies a list of user managed identity ids to be assigned to the VM. list(string) [] no
identity_type The Managed Service Identity Type of this Virtual Machine. string "" no
key_vault_key_id The ID of the Key Vault Key which should be used to Encrypt the data in this Automation Account. string null no
local_authentication_enable Whether local authentication enabled bool false no
local_authentication_enabled Whether local authentication should be anbled bool false no
location The location for this resource to be put in string n/a yes
powershell_modules List of PowerShell modules to be added 
list(object({
    name = string
    uri  = string
    hash = optional(object({
      algorithm = optional(string)
      value     = optional(string)
    }))
  }))
 [] no
public_network_access_enabled If public network access is enabled bool false no
python3_packages List of Python3 packages to be added 
list(object({
    name            = string
    content_uri     = string
    content_version = optional(string)
    hash_algorithm  = optional(string)
    hash_value      = optional(string)
    tags            = optional(map(string))
  }))
 [] no
rg_name The name of the resource group, this module does not create a resource group, it is expecting the value of a resource group already exists string n/a yes
runbooks List of runbooks to be created. 
list(object({
    name         = string
    runbook_type = string
    log_progress = bool
    log_verbose  = bool
    description  = optional(string)
    content      = optional(string)
    publish_content_link = optional(object({
      uri     = string
      version = optional(string)
      hash = optional(object({
        algorithm = string
        value     = string
      }))
    }))
    draft = optional(object({
      edit_mode_enabled = bool
      content_link = optional(object({
        uri     = string
        version = optional(string)
        hash = optional(object({
          algorithm = string
          value     = string
        }))
      }))
      output_types = optional(list(string))
      parameters = optional(list(object({
        key           = string
        type          = string
        mandatory     = optional(bool)
        position      = optional(number)
        default_value = optional(string)
      })))
    }))
  }))
 [] no
sku_name The SKU of the automation account, Basic is the only supported value string "Basic" no
tags A map of the tags to use on the resources that are deployed with this module. map(string) n/a yes
user_assigned_identity_id The User Assigned Managed Identity ID to be used for accessing the Customer Managed Key for encryption. string null no

Outputs

Name Description
aa_dsc_primary_access_key The DSC primary access key
aa_dsc_secondary_access_key The DSC secondary access key
aa_dsc_server_endpoint The DSC server endpoint of the automation account
aa_id The ID of the automation account
aa_identity The identity block of the automation account
aa_name The name of the automation account
automation_module_ids List of IDs for the Automation Modules.
automation_python3_package_ids List of IDs for the Automation Python3 Packages.
automation_runbook_ids List of IDs for the Automation Runbooks.
automation_schedule_ids List of IDs for the Automation Schedules.

About

A module used to deploy an Azure Automation account ⚡

Topics

azure terraform terraform-module terraform-registry azurerm-terraform-provider azure-terraform

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages