coreplus: removed network resources not needed

pagopa · Aug 11, 2023 · a8803a5 · a8803a5
1 parent 1c9cb36
commit a8803a5
Show file tree

Hide file tree

Showing 7 changed files with 17 additions and 116 deletions.
diff --git a/src/coreplus/00_network.tf b/src/coreplus/00_network.tf
@@ -11,3 +11,14 @@ data "azurerm_private_dns_zone" "internal" {
   name                = local.dns_zone_private_name
   resource_group_name = data.azurerm_resource_group.rg_vnet.name
 }
+
+data "azurerm_private_dns_zone" "privatelink_postgres_database_azure_com" {
+  name                = local.dns_zone_private_name_postgres
+  resource_group_name = data.azurerm_resource_group.rg_vnet.name
+}
+
+data "azurerm_subnet" "private_endpoints_snet" {
+  name                 = "${local.program}-private-endpoints-snet"
+  virtual_network_name = data.azurerm_virtual_network.vnet.name
+  resource_group_name  = data.azurerm_resource_group.rg_vnet.name
+}
diff --git a/src/coreplus/01_network.tf b/src/coreplus/01_network.tf
diff --git a/src/coreplus/05_postgres_flexible.tf b/src/coreplus/05_postgres_flexible.tf
@@ -38,27 +38,7 @@ module "postgres_flexible_snet" {
   }
 }
 
-# DNS private single server
-resource "azurerm_private_dns_zone" "privatelink_postgres_database_azure_com" {
 
-  name                = "privatelink.postgres.database.azure.com"
-  resource_group_name = data.azurerm_resource_group.rg_vnet.name
-
-  tags = var.tags
-}
-
-resource "azurerm_private_dns_zone_virtual_network_link" "privatelink_postgres_database_azure_com_vnet" {
-
-  name                  = "${local.program}-pg-flex-link"
-  private_dns_zone_name = azurerm_private_dns_zone.privatelink_postgres_database_azure_com.name
-
-  resource_group_name = data.azurerm_resource_group.rg_vnet.name
-  virtual_network_id  = data.azurerm_virtual_network.vnet.id
-
-  registration_enabled = false
-
-  tags = var.tags
-}
 
 # https://docs.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-compare-single-server-flexible-server
 module "postgres_flexible_server_private" {
@@ -73,7 +53,7 @@ module "postgres_flexible_server_private" {
 
   ### Network
   private_endpoint_enabled = false
-  private_dns_zone_id      = azurerm_private_dns_zone.privatelink_postgres_database_azure_com.id
+  private_dns_zone_id      = data.azurerm_private_dns_zone.privatelink_postgres_database_azure_com.id
   delegated_subnet_id      = module.postgres_flexible_snet.id
 
   ### Admin
@@ -111,9 +91,6 @@ module "postgres_flexible_server_private" {
   diagnostic_settings_enabled               = true
   log_analytics_workspace_id                = data.azurerm_log_analytics_workspace.log_analytics_workspace.id
   diagnostic_setting_destination_storage_id = data.azurerm_storage_account.security_monitoring_storage.id
-
-  depends_on = [azurerm_private_dns_zone_virtual_network_link.privatelink_postgres_database_azure_com_vnet]
-
 }
 
 #

diff --git a/src/coreplus/06_cosmosdb_mongo.tf b/src/coreplus/06_cosmosdb_mongo.tf
@@ -54,13 +54,13 @@ module "cosmos_mongo" {
   ip_range = ""
 
   allowed_virtual_network_subnet_ids = [
-    module.private_endpoints_snet.id
+    data.azurerm_subnet.private_endpoints_snet.id
   ]
 
   # private endpoint
   private_endpoint_name    = "${local.project}-cosmos-mongo-sql-endpoint"
   private_endpoint_enabled = true
-  subnet_id                = module.private_endpoints_snet.id
+  subnet_id                = data.azurerm_subnet.private_endpoints_snet.id
   private_dns_zone_ids     = [data.azurerm_private_dns_zone.internal.id]
 
   tags = var.tags

diff --git a/src/coreplus/06_cosmosdb_sql.tf b/src/coreplus/06_cosmosdb_sql.tf
@@ -46,13 +46,13 @@ module "cosmos_core" {
   ip_range = ""
 
   allowed_virtual_network_subnet_ids = [
-    module.private_endpoints_snet.id
+    data.azurerm_subnet.private_endpoints_snet.id
   ]
 
   # private endpoint
   private_endpoint_name    = "${local.project}-cosmos-core-sql-endpoint"
   private_endpoint_enabled = true
-  subnet_id                = module.private_endpoints_snet.id
+  subnet_id                = data.azurerm_subnet.private_endpoints_snet.id
   private_dns_zone_ids     = [data.azurerm_private_dns_zone.internal.id]
 
   tags = var.tags

diff --git a/src/coreplus/08_github_runner_self_hosted.tf b/src/coreplus/08_github_runner_self_hosted.tf
diff --git a/src/coreplus/99_variables.tf b/src/coreplus/99_variables.tf
@@ -33,6 +33,7 @@ locals {
   cosmosdb_enable = 1
 
   dns_zone_private_name = "internal.${var.prod_dns_zone_prefix}.${var.external_domain}"
+  dns_zone_private_name_postgres = "privatelink.postgres.database.azure.com"
 
   #
   # Container App
@@ -164,11 +165,6 @@ variable "cidr_subnet_flex_dbms" {
   description = "Subnet cidr postgres flex."
 }
 
-variable "cidr_subnet_private_endpoints" {
-  type        = list(string)
-  description = "Subnet cidr postgres flex."
-}
-
 variable "cidr_subnet_vpn" {
   type        = list(string)
   description = "Subnet cidr postgres flex."