6a8582e54d
- Add Cloud for Sovereignty landing zone architecture and deployment - Implement complete legal document management system - Reorganize documentation with improved navigation - Add infrastructure improvements (Dockerfiles, K8s, monitoring) - Add operational improvements (graceful shutdown, rate limiting, caching) - Create comprehensive project structure documentation - Add Azure deployment automation scripts - Improve repository navigation and organization
61 lines
2.1 KiB
HCL
61 lines
2.1 KiB
HCL
# Azure Storage Account for Terraform State Backend
|
|
# This should be created first, then uncomment the backend block in versions.tf
|
|
# Naming: azwesadevstate (provider+region+sa+env+purpose, alphanumeric only, max 24 chars)
|
|
|
|
resource "azurerm_storage_account" "terraform_state" {
|
|
count = var.create_terraform_state_storage ? 1 : 0
|
|
name = local.sa_state_name
|
|
resource_group_name = azurerm_resource_group.terraform_state[0].name
|
|
location = var.azure_region
|
|
account_tier = "Standard"
|
|
account_replication_type = "LRS"
|
|
min_tls_version = "TLS1_2"
|
|
|
|
# Enable blob versioning and soft delete for state protection
|
|
blob_properties {
|
|
versioning_enabled = true
|
|
delete_retention_policy {
|
|
days = 30
|
|
}
|
|
}
|
|
|
|
tags = merge(local.common_tags, {
|
|
Purpose = "TerraformState"
|
|
})
|
|
}
|
|
|
|
resource "azurerm_storage_container" "terraform_state" {
|
|
count = var.create_terraform_state_storage ? 1 : 0
|
|
name = "terraform-state"
|
|
storage_account_name = azurerm_storage_account.terraform_state[0].name
|
|
container_access_type = "private"
|
|
}
|
|
|
|
# Storage Account for application data (object storage)
|
|
# Naming: azwesadevdata (provider+region+sa+env+purpose, alphanumeric only, max 24 chars) or custom from variable
|
|
resource "azurerm_storage_account" "app_data" {
|
|
name = var.storage_account_name != "" ? var.storage_account_name : local.sa_data_name
|
|
resource_group_name = azurerm_resource_group.main.name
|
|
location = var.azure_region
|
|
account_tier = "Standard"
|
|
account_replication_type = var.environment == "prod" ? "GRS" : "LRS"
|
|
min_tls_version = "TLS1_2"
|
|
allow_blob_public_access = false
|
|
|
|
# Enable blob versioning for data protection
|
|
blob_properties {
|
|
versioning_enabled = true
|
|
delete_retention_policy {
|
|
days = var.environment == "prod" ? 90 : 30
|
|
}
|
|
container_delete_retention_policy {
|
|
days = var.environment == "prod" ? 90 : 30
|
|
}
|
|
}
|
|
|
|
tags = merge(local.common_tags, {
|
|
Purpose = "ApplicationData"
|
|
})
|
|
}
|
|
|