[User Guide] Connectivity Resources - sblair01/terraform-azurerm-caf-enterprise-scale GitHub Wiki
Overview
From release v0.4.0 onwards, the module includes new functionality to enable deployment of Network topology and connectivity resources into the current Subscription context.
This is currently limited to the Hub & Spoke network topology, but the addition of Virtual WAN capabilities is on our roadmap (date TBC).
NOTE: The module currently only configures the networking hub, and dependent resources for the
ConnectivitySubscription. To ensure we achieve the right balance of managing resources via Terraform vs. Azure Policy, we are still working on how best to handle the creation of spoke Virtual Networks and Virtual Network Peering. Improving this story is our next priority on the product roadmap.
Resource types
The following resource types are deployed and managed by this module when the Connectivity resources capabilities are enabled:
| Azure Resource | Terraform Resource | |
|---|---|---|
| Resource Groups | Microsoft.Resources/resourceGroups |
azurerm_resource_group |
| Virtual Networks | Microsoft.Network/virtualNetworks |
azurerm_virtual_network |
| Subnets | Microsoft.Network/virtualNetworks/subnets |
azurerm_subnet |
| Virtual Network Gateways | Microsoft.Network/virtualNetworkGateways |
azurerm_virtual_network_gateway |
| Azure Firewalls | Microsoft.Network/azureFirewalls |
azurerm_firewall |
| Public IP Addresses | Microsoft.Network/publicIPAddresses |
azurerm_public_ip |
| DDoS Protection Plans | Microsoft.Network/ddosProtectionPlans |
azurerm_network_ddos_protection_plan |
| DNS Zones (pending) | Microsoft.Network/dnsZones |
azurerm_dns_zone |
| Virtual Network Peerings (pending) | Microsoft.Network/virtualNetworks/virtualNetworkPeerings |
azurerm_virtual_network_peering |
Next steps
Please refer to Deploy Connectivity Examples for examples showing how to use this capability.