Reliability and Versioning updates

AVS-Landing-Zone/GreenField/Terraform/bastion.tf

@@ -4,6 +4,7 @@ resource "azurerm_public_ip" "bastionpip" {
   resource_group_name = azurerm_resource_group.jumpbox.name
   allocation_method   = "Static"
   sku                 = "Standard"
+  zones               = ["1","2","3"]
 }
 
 resource "azurerm_bastion_host" "bastion" {

AVS-Landing-Zone/GreenField/Terraform/gateway.tf

@@ -3,6 +3,8 @@ resource "azurerm_public_ip" "gatewaypip" {
   resource_group_name = azurerm_resource_group.network.name
   location            = azurerm_resource_group.network.location
   allocation_method   = "Dynamic"
+  zones               = ["1","2","3"]
+  sku                 = "Standard"
 }
 
 resource "azurerm_virtual_network_gateway" "gateway" {
@@ -11,7 +13,7 @@ resource "azurerm_virtual_network_gateway" "gateway" {
   location            = azurerm_resource_group.network.location
 
   type = "ExpressRoute"
-  sku  = "Standard"
+  sku  = "ErGw1AZ"
 
   ip_configuration {
     name                          = "default"

AVS-Landing-Zone/GreenField/Terraform/hcx_addon.tf

@@ -4,12 +4,12 @@ resource "azapi_resource" "hcx_addon" {
   #Resource Name must match the addonType
   name      = "HCX"
   parent_id = azurerm_vmware_private_cloud.privatecloud.id
-  body = jsonencode({
+  body = {
     properties = {
       addonType = "HCX"
       offer     = "VMware MaaS Cloud Provider"
     }
-  })
+  }
 
   #adding lifecycle block to handle replacement issue with parent_id
   lifecycle {
@@ -53,7 +53,7 @@ resource "azapi_resource" "hcx_keys" {
 
 output "hcx_keys" {
   value = {
-    for key, value in azapi_resource.hcx_keys : key => jsondecode(value.output).properties.activationKey
+    for key, value in azapi_resource.hcx_keys : key => value.output.properties.activationKey
   }
 }
 

AVS-Landing-Zone/GreenField/Terraform/jumpbox.tf

@@ -18,13 +18,14 @@ resource "azurerm_windows_virtual_machine" "vm" {
   size                = var.jumpboxsku
   admin_username      = var.adminusername
   admin_password      = var.adminpassword
+  zone                = 1
   network_interface_ids = [
     azurerm_network_interface.nic.id,
   ]
 
   os_disk {
     caching              = "ReadWrite"
-    storage_account_type = "Standard_LRS"
+    storage_account_type = "Premium_LRS"
   }
 
   source_image_reference {

AVS-Landing-Zone/GreenField/Terraform/main.tf

@@ -6,12 +6,12 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "~>3.0.0"
+      version = "~>3.105"
     }
 
     azapi = {
-      source  = "azure/azapi"
-      version = "~>1.1.0"
+      source  = "Azure/azapi"
+      version = "~> 1.13, != 1.13.0"
     }
   }
 }
@@ -21,6 +21,10 @@ provider "azurerm" {
   partner_id = "754599a0-0a6f-424a-b4c5-1b12be198ae8"
 }
 
+provider "azapi" {
+  enable_hcl_output_for_data_source = true
+}
+
 ## Optional settings to setup a terraform backend in Azure storage
 
 # terraform {

BrownField/Monitoring/AVS-Dashboard/Terraform/main.tf

@@ -6,7 +6,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "~>3.00"
+      version = "~>3.105"
     }
   }
 }

BrownField/Monitoring/AVS-Service-Health/Terraform/main.tf

@@ -6,7 +6,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "~>2.68"
+      version = "~>3.105"
     }
   }
 }

BrownField/Monitoring/AVS-Utilization-Alerts/Terraform/main.tf

@@ -6,7 +6,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "~>2.68"
+      version = "~>3.105"
     }
   }
 }

BrownField/Storage/AVS-to-ANFdatastore-NewVNet/Terraform/AVS-to-ANFdatastore-NewVNet.tfvars.sample

@@ -10,10 +10,10 @@ VNetAddressSpaceCIDR = ["10.4.0.0/16",]
 VNetGatewaySubnetCIDR = ["10.4.0.0/24",]
 VNetANFDelegatedSubnetCIDR = ["10.4.10.0/24",]
 GatewayName = "GatewayTF"
-GatewaySku = "UltraPerformance"
+GatewaySku = "ErGw3AZ"
 netappAccountName = "NetAppAccount-AVSdatastore"
 netappCapacityPoolName = "CapacityPool-AVSdatastore"
 netappCapacityPoolServiceLevel = "Premium"
 netappCapacityPoolSize = 4
 netappVolumeName = "ANFdatastore001"
-netappVolumeSize = 4398046511104
+netappVolumeSize = 100

BrownField/Storage/AVS-to-ANFdatastore-NewVNet/Terraform/main.tf

@@ -1,10 +1,13 @@
 terraform {
+  required_version = "~> 1.6"
   required_providers {
     azurerm = {
-      source = "hashicorp/azurerm"
+      source  = "hashicorp/azurerm"
+      version = "~> 3.105"
     }
     azapi = {
-      source = "azure/azapi"
+      source  = "Azure/azapi"
+      version = "~> 1.13, != 1.13.0"
     }
   }
 }
@@ -18,6 +21,7 @@ provider "azurerm" {
 
 provider "azapi" {
   skip_provider_registration = "true"
+  enable_hcl_output_for_data_source = true
 }
 
 resource "azurerm_resource_group" "deploymentRG" {
@@ -62,8 +66,10 @@ resource "azurerm_public_ip" "gatewayIP" {
   resource_group_name = azurerm_resource_group.deploymentRG.name
   location            = azurerm_resource_group.deploymentRG.location
   allocation_method   = "Dynamic"
-  sku                 = "Basic"
+  sku                 = "Standard"
   sku_tier            = "Regional"
+  zones               = ["1","2","3"]
+
 }
 
 resource "azurerm_virtual_network_gateway" "ERGateway" {
@@ -129,6 +135,38 @@ resource "azurerm_netapp_pool" "avs_anf_pool" {
   size_in_tb          = var.netappCapacityPoolSize
 }
 
+resource "azurerm_netapp_volume" "anf_volume" {
+  name                            = var.netappVolumeName
+  location                        = azurerm_resource_group.deploymentRG.location
+  resource_group_name             = azurerm_resource_group.deploymentRG.name
+  account_name                    = azurerm_netapp_account.avs_anf_account.name
+  pool_name                       = azurerm_netapp_pool.avs_anf_pool.name
+  volume_path                     = var.netappVolumeName
+  service_level                   = "Standard"
+  subnet_id                       = azurerm_subnet.ANFDelegatedSubnet.id
+  protocols                       = ["NFSv3"]
+  security_style                  = "unix"
+  storage_quota_in_gb             = var.netappVolumeSize
+  snapshot_directory_visible      = true
+  zone                            = var.anf_zone_number
+  azure_vmware_data_store_enabled = true
+
+  export_policy_rule {
+    rule_index          = 1
+    allowed_clients     = ["0.0.0.0/0"]
+    protocols_enabled   = ["NFSv3"]
+    root_access_enabled = true
+    unix_read_only      = false
+    unix_read_write     = true
+  }
+
+  lifecycle {
+    ignore_changes = [zone]
+  }
+}
+
+
+/*
 resource "azapi_resource" "avs_anf_volume_avsdatastoreenabled" {
   depends_on = [
     azurerm_netapp_pool.avs_anf_pool
@@ -160,6 +198,8 @@ resource "azapi_resource" "avs_anf_volume_avsdatastoreenabled" {
     }
   })
 }
+*/
+
 
 data "azurerm_vmware_private_cloud" "avs_privatecloud" {
   provider            = azurerm.AVS-to-ANFdatastore-NewVnet
@@ -185,11 +225,11 @@ resource "azapi_resource" "avs_datastore_attach_anfvolume" {
   ]
   name      = var.netappVolumeName
   parent_id = "${data.azurerm_vmware_private_cloud.avs_privatecloud.id}/clusters/Cluster-1"
-  body = jsonencode({
+  body = {
     properties = {
       netAppVolume = {
-        id = data.azurerm_netapp_volume.anf_datastorevolume.id
+        id = azurerm_netapp_volume.anf_volume.id
       }
     }
-  })
+  }
 }

BrownField/Storage/AVS-to-ANFdatastore-NewVNet/Terraform/vars.tf

@@ -81,5 +81,9 @@ variable "GatewayName" {
 variable "GatewaySku" {
   type        = string
   description = "Virtual network gateway SKU to be created"
+}
 
+variable "anf_zone_number" {
+  type        = number
+  description = "The zone where the ANF volume should be deployed."
 }

terraform/modules/avs_addon_hcx/main.tf

@@ -10,12 +10,12 @@ resource "azapi_resource" "hcx_addon" {
   #Resource Name must match the addonType
   name      = "HCX"
   parent_id = data.azurerm_vmware_private_cloud.hcx_private_cloud.id
-  body = jsonencode({
+  body = {
     properties = {
       addonType = "HCX"
       offer     = "VMware MaaS Cloud Provider"
     }
-  })
+  }
 
   #adding lifecycle block to handle replacement issue with parent_id
   lifecycle {

terraform/modules/avs_addon_hcx/outputs.tf

@@ -1,5 +1,5 @@
 output "keys" {
   value = {
-    for key, value in azapi_resource.hcx_keys : key => jsondecode(value.output).properties.activationKey
+    for key, value in azapi_resource.hcx_keys : key => value.output.properties.activationKey
   }
 }

terraform/modules/avs_addon_hcx/providers.tf

@@ -1,13 +1,21 @@
 terraform {
+  required_version = "~> 1.6"
   required_providers {
+    azapi = {
+      source  = "Azure/azapi"
+      version = "~> 1.13, != 1.13.0"
+    }
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "~>3.00"
+      version = "~> 3.105"
     }
-    azapi = {
-      source  = "azure/azapi"
-      version = "~>1.1.0"
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3.5"
+    }
+    time = {
+      source  = "hashicorp/time"
+      version = "~> 0.10"
     }
   }
-}
-
+}

terraform/modules/avs_azure_firewall_internet_outbound_rules/providers.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_version = "~> 1.6"
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~> 3.105"
+    }
+  }
+}