Common Azure terraform module to create an Azure Site Recovery configuration with its cache Storage Account.
Resource naming is based on the Microsoft CAF naming convention best practices. Legacy naming is available by setting the parameter use_caf_naming to false.
We rely on the official Terraform Azure CAF naming provider to generate resource names.
| Module version | Terraform version | OpenTofu version | AzureRM version |
|---|---|---|---|
| >= 8.x.x | Unverified | 1.8.x | >= 4.0 |
| >= 7.x.x | 1.3.x | >= 3.0 | |
| >= 6.x.x | 1.x | >= 3.0 | |
| >= 5.x.x | 0.15.x | >= 2.0 | |
| >= 4.x.x | 0.13.x / 0.14.x | >= 2.0 | |
| >= 3.x.x | 0.12.x | >= 2.0 | |
| >= 2.x.x | 0.12.x | < 2.0 | |
| < 2.x.x | 0.11.x | < 2.0 |
If you want to contribute to this repository, feel free to use our pre-commit git hook configuration which will help you automatically update and format some files for you by enforcing our Terraform code module best-practices.
More details are available in the CONTRIBUTING.md file.
This module is optimized to work with the Claranet terraform-wrapper tool
which set some terraform variables in the environment needed by this module.
More details about variables set by the terraform-wrapper available in the documentation.
data "azapi_resource" "vms_infos" {
name = "vm01"
parent_id = "/subscriptions/xxxx-yyyyyy-aaaaaa-zzzzzzz-tttttttt/resourceGroups/rg-primary-region-vm01"
type = "Microsoft.Compute/virtualMachines@2022-08-01"
response_export_values = ["name", "id", "properties.storageProfile.osDisk.managedDisk", "properties.storageProfile.dataDisks", "properties.networkProfile.networkInterfaces"]
}
module "run" {
source = "claranet/run/azurerm"
version = "x.x.x"
client_name = var.client_name
location = module.secondary_location.location
location_short = module.secondary_location.location_short
environment = var.environment
stack = var.stack
resource_group_name = module.rg.name
monitoring_function_splunk_token = "xxxxxx"
monitoring_function_metrics_extra_dimensions = {
env = var.environment
sfx_monitored = "true"
}
backup_vm_enabled = true
backup_postgresql_enabled = true
update_center_enabled = true
extra_tags = {
foo = "bar"
}
}
module "site_recovery" {
source = "claranet/site-recovery/azurerm"
version = "x.x.x"
client_name = var.client_name
environment = var.environment
stack = var.stack
location = module.secondary_location.location
resource_group_name = module.rg.name
primary_location = module.primary_location.location
primary_location_short = module.primary_location.location_short
logs_destinations_ids = [
module.run.log_analytics_workspace_id,
module.run.logs_storage_account_id,
]
cache_storage_resource_group_name = "rg-cache-storage"
replicated_vms = {
vm01 = {
vm_id = data.azapi_resource.vms_infos.output.id
target_resource_group_id = module.rg.id
target_network_id = module.subnet.id
managed_disks = [
{
disk_id = data.azapi_resource.vms_infos.output.properties.storageProfile.osDisk.managedDisk.id
disk_type = data.azapi_resource.vms_infos.output.properties.storageProfile.osDisk.managedDisk.storageAccountType
}
]
network_interfaces = [
{
network_interface_id = data.azapi_resource.vms_infos.output.properties.networkProfile.networkInterfaces[0].id
target_subnet_name = module.subnet.name
target_static_ip = "172.16.2.10"
}
]
}
}
replication_policy = {
name = "replipol-01"
}
}| Name | Version |
|---|---|
| azapi | ~> 2.0 |
| azurecaf | ~> 1.2.29 |
| azurerm | ~> 4.9 |
| Name | Source | Version |
|---|---|---|
| cache_storage_account | claranet/storage-account/azurerm | ~> 8.6.0 |
| diagnostics | claranet/diagnostic-settings/azurerm | ~> 8.1.0 |
| Name | Type |
|---|---|
| azurerm_recovery_services_vault.main | resource |
| azurerm_site_recovery_fabric.primary | resource |
| azurerm_site_recovery_fabric.secondary | resource |
| azurerm_site_recovery_network_mapping.main | resource |
| azurerm_site_recovery_protection_container.primary | resource |
| azurerm_site_recovery_protection_container.secondary | resource |
| azurerm_site_recovery_protection_container_mapping.main | resource |
| azurerm_site_recovery_replicated_vm.main | resource |
| azurerm_site_recovery_replication_policy.main | resource |
| azapi_resource.nic_interfaces | data source |
| azurecaf_name.primary_srf | data source |
| azurecaf_name.primary_srpc | data source |
| azurecaf_name.rsv | data source |
| azurecaf_name.secondary_srf | data source |
| azurecaf_name.secondary_srpc | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| cache_storage_account_logs_destinations_ids | List of destination resources IDs for logs diagnostic destination. Can be Storage Account, Log Analytics Workspace and Event Hub. No more than one of each can be set.If you want to use Azure EventHub as a destination, you must provide a formatted string containing both the EventHub Namespace authorization send ID and the EventHub name (name of the queue to use in the Namespace) separated by the | character. |
list(string) |
null |
no |
| cache_storage_advanced_threat_protection_enabled | Boolean flag which controls if advanced threat protection is enabled, see documentation for more information. | bool |
true |
no |
| cache_storage_allowed_cidrs | List of public IPs allowed to access to the cache Storage Account. | list(string) |
[] |
no |
| cache_storage_allowed_subnet_ids | List of subnet IDs allowed to access to the cache Storage Account. All subnets of replicated VMs are dynamically fetched. | list(string) |
[] |
no |
| cache_storage_custom_name | Custom name for cache Storage Account. | string |
null |
no |
| cache_storage_resource_group_name | Resource Group name in which to deploy the cache Storage Account. | string |
n/a | yes |
| client_name | Client name/account used in naming. | string |
n/a | yes |
| custom_name | Custom name for Azure Recovery Vault. | string |
"" |
no |
| default_tags_enabled | Option to enable or disable default tags. | bool |
true |
no |
| diagnostic_settings_custom_name | Custom name of the diagnostics settings, name will be default if not set. |
string |
"default" |
no |
| environment | Project environment. | string |
n/a | yes |
| extra_tags | Additional tags to associate with your Azure Storage Account. | map(string) |
{} |
no |
| location | Azure region to use. | string |
n/a | yes |
| logs_categories | Log categories to send to destinations. | list(string) |
null |
no |
| logs_destinations_ids | List of destination resources IDs for logs diagnostic destination. Can be Storage Account, Log Analytics Workspace and Event Hub. No more than one of each can be set.If you want to use Azure EventHub as a destination, you must provide a formatted string containing both the EventHub Namespace authorization send ID and the EventHub name (name of the queue to use in the Namespace) separated by the | character. |
list(string) |
n/a | yes |
| logs_metrics_categories | Metrics categories to send to destinations. | list(string) |
null |
no |
| name_prefix | Optional prefix for the generated name. | string |
"" |
no |
| name_suffix | Optional suffix for the generated name. | string |
"" |
no |
| network_mapping | Virtual Network mapping as { "source VNet ID" => "destination VNet ID" }. |
map(string) |
{} |
no |
| primary_location | Location of source resources to be replicated. | string |
n/a | yes |
| primary_location_short | Short name of the source location. | string |
n/a | yes |
| primary_site_recovery_fabric_custom_name | Custom name for Primary Azure Site Recovery Fabric. | string |
"" |
no |
| primary_site_recovery_protection_container_custom_name | Custom name for Primary Azure Site Recovery Protection Container. | string |
"" |
no |
| recovery_vault_logs_destinations_ids | List of destination resources IDs for logs diagnostic destination. Can be Storage Account, Log Analytics Workspace and Event Hub. No more than one of each can be set.If you want to use Azure EventHub as a destination, you must provide a formatted string containing both the EventHub Namespace authorization send ID and the EventHub name (name of the queue to use in the Namespace) separated by the | character. |
list(string) |
null |
no |
| replicated_vms | Map of VMs to replicate with Azure Site Recovery. VM Name is expected as a key. | map( |
n/a | yes |
| replication_policy | Site recovery replication policy. | object({ |
n/a | yes |
| resource_group_name | Resource group name. | string |
n/a | yes |
| secondary_site_recovery_fabric_custom_name | Custom name for Secondary Azure Site Recovery Fabric. | string |
"" |
no |
| secondary_site_recovery_protection_container_custom_name | Custom name for Secondary Azure Site Recovery Protection Container. | string |
"" |
no |
| stack | Project stack name. | string |
n/a | yes |
| Name | Description |
|---|---|
| cache_storage_account | Cache Storage Account. |
| container_mapping | Protection container mapping. |
| id | Azure Recovery Services Vault ID. |
| module_diagnostics | Diagnostics settings module outputs. |
| name | Azure Recovery Services Vault name. |
| network_mapping | Site recovery network mapping. |
| primary_fabric | Fabric of the source resources. Primary region. |
| primary_protection_container | Protection containers of the replicated resources. Primary region. |
| replicated_vms | Replicated virtual machines. |
| replication_policy | Replication policy. |
| resource | Azure Recovery Services Vault. |
| secondary_fabric | Fabric of the replicated resources. Secondary region. |
| secondary_protection_container | Protection containers of the replicated resources. Secondary region. |
Azure Site Recovery documentation: learn.microsoft.com/en-us/azure/site-recovery/site-recovery-overview