feat: bump

Author: radomarina

README.md

@@ -39,11 +39,48 @@ client_secret   = ""
 tenant_id       = ""
 subscription_id = ""
 ```
-### Installation
+### Installation Discovered Subscriptions
+
+```hcl-terraform
+
+module "firefly_azure_integration" {
+  source = "github.com/gofireflyio/terraform-firefly-azure-onboarding?ref=v1.1.0"
+
+  client_id     = var.client_id
+  client_secret = var.client_secret
+
+  tenant_id = var.tenant_id
+  // firefly's landing subscription: eventgrid, storage_account and resource_group will be created here
+  subscription_id = var.subscription_id
+
+  // firefly credentials
+  firefly_access_key = var.firefly_access_key
+  firefly_secret_key = var.firefly_secret_key
+
+  // custom settings
+  location = var.location
+  prefix   = var.prefix
+  tags     = var.tags
+
+  // create resource provider registration
+  create_resource_provider_registration = false
+
+  // enablew on all subscriptions that can be discovered
+  eventdriven_auto_discover = true
+  // enable eventdriven on subscription_id that was given
+  eventdriven_enabled = true
+
+  // create integrations
+  trigger_integrations = true
+}
+
+```
+
+### Installation Single Subscription
 
 ```hcl-terraform
 module "firefly_azure_integration_00000000-0000-0000-0000-000000000000" {
-  source              = "github.com/gofireflyio/terraform-firefly-azure-onboarding?ref=v1.0.0"
+  source              = "github.com/gofireflyio/terraform-firefly-azure-onboarding?ref=v1.1.0"
   client_id           = var.client_id
   client_secret       = var.client_secret
   tenant_id           = var.tenant_id
@@ -69,7 +106,7 @@ output "firefly_subscription_id_00000000-0000-0000-0000-000000000000" {
 
 
 module "firefly_azure_integration_11111111-1111-1111-1111-111111111111" {
-  source              = "github.com/gofireflyio/terraform-firefly-azure-onboarding?ref=v1.0.0"
+  source              = "github.com/gofireflyio/terraform-firefly-azure-onboarding?ref=v1.1.0"
   client_id           = var.client_id
   client_secret       = var.client_secret
   tenant_id           = var.tenant_id

data.tf

@@ -1,8 +1,12 @@
 data "azurerm_management_group" "current" {
   name = var.tenant_id
 }
+
 data "azurerm_subscriptions" "current" {}
 data "azuread_client_config" "current" {}
+data "azurerm_subscription" "current" {
+  subscription_id = var.subscription_id
+}
 data "azuread_application_published_app_ids" "well_known" {}
 
 resource "azuread_service_principal" "msgraph" {

eventdriven.tf

@@ -45,6 +45,7 @@ resource "azurerm_eventgrid_system_topic_event_subscription" "current" {
 }
 
 resource "azurerm_role_definition" "FireflyStorageAccountBlobReader" {
+  count       = var.eventdriven_enabled ? 1 : 0
   name        = "${var.prefix}FireflyStorageAccountBlobReader-${var.subscription_id}${var.suffix}"
   scope       = "/subscriptions/${var.subscription_id}"
   description = "Firefly's requested permissions"
@@ -60,6 +61,7 @@ resource "azurerm_role_definition" "FireflyStorageAccountBlobReader" {
 }
 
 resource "azurerm_role_assignment" "FireflyStorageAccountBlobReader" {
+  count                = var.eventdriven_enabled ? 1 : 0
   principal_id         = azuread_service_principal.current.id
   role_definition_name = azurerm_role_definition.FireflyStorageAccountBlobReader.name
   scope                = "/subscriptions/${var.subscription_id}"
@@ -83,7 +85,7 @@ EOT
 }
 
 resource "azurerm_monitor_diagnostic_setting" "current" {
-  for_each           = local.kv_filtered_subscriptions
+  for_each           = var.eventdriven_enabled ? local.kv_filtered_subscriptions : {}
   name               = "${var.prefix}firefly${each.key}${var.suffix}"
   target_resource_id = "/subscriptions/${each.key}"
   storage_account_id = azurerm_storage_account.current[0].id

integration.tf

@@ -1,5 +1,5 @@
 data "http" "firefly_login" {
-  count = var.firefly_secret_key != "" ? 1 : 0
+  count  = var.firefly_secret_key != "" ? 1 : 0
   url    = "${var.firefly_endpoint}/account/access_keys/login"
   method = "POST"
   request_headers = {
@@ -15,17 +15,16 @@ locals {
 
 // Multi
 module "firefly_integrate" {
-  for_each         = local.kv_filtered_subscriptions
-  firefly_endpoint = "https://api-eu.stag.firefly.ai/api"
-  source           = "./modules/firefly_azure_integration"
-  #firefly_token = local.token
+  for_each                    = var.trigger_integrations ? local.kv_filtered_subscriptions : {}
+  firefly_endpoint            = var.firefly_endpoint
+  source                      = "./modules/firefly_azure_integration"
   firefly_token               = local.token
   subscription_id             = each.key
   subscription_name           = each.value
   tenant_id                   = var.tenant_id
   application_id              = azuread_service_principal.current.client_id
   client_secret               = azuread_service_principal_password.current.value
-  directory_domain            = "firefly"
+  directory_domain            = var.directory_domain
   eventdriven_enabled         = var.eventdriven_enabled
-  iac_auto_discovery_disabled = true
+  iac_auto_discovery_disabled = var.iac_auto_discovery_disabled
 }

locals.tf

@@ -1,6 +1,6 @@
 locals {
-  filtered_subscriptions = [for subscription in data.azurerm_subscriptions.current.subscriptions : subscription if !contains(keys(subscription.tags), "disable_firefly_discovery") && subscription.state == "Enabled"]
-  kv_filtered_subscriptions = var.trigger_integrations && length(local.filtered_subscriptions) > 0 ? { for subscription in local.filtered_subscriptions : subscription.subscription_id => subscription.display_name } : {}
+  filtered_subscriptions    = [for subscription in data.azurerm_subscriptions.current.subscriptions : subscription if !contains(keys(subscription.tags), "disable_firefly_discovery") && subscription.state == "Enabled"]
+  kv_filtered_subscriptions = length(local.filtered_subscriptions) > 0 ? { for subscription in local.filtered_subscriptions : subscription.subscription_id => subscription.display_name } : { var.subscription_id = data.azurerm_subscription.current.display_name }
 
   tags = merge(var.tags, {
     "firefly" = "true"

modules/firefly_azure_integration/main.tf

@@ -1,26 +1,26 @@
-data "http" "firefly_aws_integration_request" {
-  url = "${var.firefly_endpoint}/integrations/azure/"
+data "http" "firefly_azure_integration_request" {
+  url    = "${var.firefly_endpoint}/integrations/azure/"
   method = "POST"
   request_headers = {
-    Content-Type = "application/json"
+    Content-Type  = "application/json"
     Authorization = "Bearer ${var.firefly_token}"
   }
   retry {
-    attempts = 3
+    attempts     = 3
     max_delay_ms = 5000
     min_delay_ms = 5000
   }
   request_body = jsonencode(
     {
-      "name"= var.subscription_name,
-      "subscriptionId"= var.subscription_id,
-      "tenantId"= var.tenant_id,
-      "applicationId"= var.application_id,
-      "clientSecret"= var.client_secret,
-      "directoryDomain" = var.directory_domain,
-      "isProd" = var.is_prod,
-      "isEventDriven" = var.eventdriven_enabled,
-      "isIacAutoDiscoveryDisabled" =  var.iac_auto_discovery_disabled
+      "name"                       = var.subscription_name,
+      "subscriptionId"             = var.subscription_id,
+      "tenantId"                   = var.tenant_id,
+      "applicationId"              = var.application_id,
+      "clientSecret"               = var.client_secret,
+      "directoryDomain"            = var.directory_domain,
+      "isProd"                     = var.is_prod,
+      "isEventDriven"              = var.eventdriven_enabled,
+      "isIacAutoDiscoveryDisabled" = var.iac_auto_discovery_disabled
     }
   )
 }

modules/firefly_azure_integration/terraform.tf

@@ -1,7 +1,7 @@
 terraform {
   required_providers {
     http = {
-      source = "hashicorp/http"
+      source  = "hashicorp/http"
       version = "3.4.2"
     }
   }

modules/firefly_azure_integration/vars.tf

@@ -4,7 +4,7 @@ variable "subscription_name" {
 }
 
 variable "firefly_token" {
-  type = string
+  type        = string
   description = "Token returned as result of login request, if provided firefly_access_key and firefly_secret_key are ignored"
 }
 
@@ -17,7 +17,7 @@ variable "subscription_id" {
 variable "firefly_endpoint" {
   type        = string
   description = "The Firefly endpoint to register account management"
-  default = "https://prodapi.gofirefly.io/api"
+  default     = "https://prodapi.gofirefly.io/api"
 }
 
 variable "is_prod" {
@@ -43,11 +43,11 @@ variable "directory_domain" {
 }
 
 variable "eventdriven_enabled" {
-  type = bool
+  type    = bool
   default = true
 }
 
 variable "iac_auto_discovery_disabled" {
-  type = bool
+  type    = bool
   default = false
 }

vars.tf

@@ -1,15 +1,19 @@
-variable "location" {
+variable "firefly_endpoint" {
   type    = string
-  default = "eastus"
+  default = "https://prodapi.firefly.io/api"
 }
 
-variable "firefly_endpoint" {
-  type        = string
-  default     = "https://prodapi.firefly.io/api"
+variable "firefly_webhook_url" {
+  type    = string
+  default = "https://azureevents.gofirefly.io"
 }
 
-
 variable "trigger_integrations" {
+  type    = bool
+  default = true
+}
+
+variable "iac_auto_discovery_disabled" {
   type = bool
   default = true
 }
@@ -32,6 +36,16 @@ variable "firefly_secret_key" {
   }
 }
 
+variable "directory_domain" {
+  type = string
+}
+
+variable "location" {
+  type    = string
+  default = "eastus"
+}
+
+
 variable "prefix" {
   type    = string
   default = ""
@@ -61,11 +75,6 @@ variable "tenant_id" {
   type = string
 }
 
-variable "firefly_webhook_url" {
-  type    = string
-  default = "https://azureevents.gofirefly.io"
-}
-
 variable "subscription_id" {
   type = string
 }