Add variable subnet_enforce_private_link_endpoint_network_policies (#…

…51) * 0.13 * update * update * update * update * update * update * update * update
Azure · Jan 21, 2021 · dc1d416 · dc1d416
1 parent ccb652f
commit dc1d416
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -53,6 +53,10 @@ module "network" {
   subnet_prefixes     = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
   subnet_names        = ["subnet1", "subnet2", "subnet3"]
 
+  subnet_enforce_private_link_endpoint_network_policies = {
+    "subnet1" : true
+  }
+
   tags = {
     environment = "dev"
     costcenter  = "it"

diff --git a/main.tf b/main.tf
@@ -13,9 +13,10 @@ resource "azurerm_virtual_network" "vnet" {
 }
 
 resource "azurerm_subnet" "subnet" {
-  count                = length(var.subnet_names)
-  name                 = var.subnet_names[count.index]
-  resource_group_name  = data.azurerm_resource_group.network.name
-  address_prefixes     = [var.subnet_prefixes[count.index]]
-  virtual_network_name = azurerm_virtual_network.vnet.name
+  count                                          = length(var.subnet_names)
+  name                                           = var.subnet_names[count.index]
+  resource_group_name                            = data.azurerm_resource_group.network.name
+  address_prefixes                               = [var.subnet_prefixes[count.index]]
+  virtual_network_name                           = azurerm_virtual_network.vnet.name
+  enforce_private_link_endpoint_network_policies = lookup(var.subnet_enforce_private_link_endpoint_network_policies, var.subnet_names[count.index], false)
 }
diff --git a/test/fixture/main.tf b/test/fixture/main.tf
@@ -18,6 +18,10 @@ module "network" {
   subnet_prefixes     = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
   subnet_names        = ["subnet1", "subnet2", "subnet3"]
 
+  subnet_enforce_private_link_endpoint_network_policies = {
+    "subnet1" : true
+  }
+
   tags = {
     environment = "dev"
     costcenter  = "it"

diff --git a/variables.tf b/variables.tf
@@ -42,3 +42,9 @@ variable "tags" {
     environment = "dev"
   }
 }
+
+variable "subnet_enforce_private_link_endpoint_network_policies" {
+  description = "A map with key (string) `subnet name`, value (bool) `true` or `false` to indicate enable or disable network policies for the private link endpoint on the subnet. Default value is false."
+  type        = map(bool)
+  default     = {}
+}