Initial v0.1.0 (#8)

* fix: grept apply

* initial update

* Initv0.1.0

* outputs update

* resolve conflicts

* fmt

* readme updates

* doc updates

* resolve conflicts

* remove todo

* format

* make

* make file update

* run make to fix fmt

* update variable, doc and group resource

* check and add group if doesnt exist, update header, fmt

* removed unused provider

* add random

* grept

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

.gitignore

@@ -35,7 +35,6 @@ override.tf.json
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
-
 *.md.tmp
 *tfplan*
 .DS_Store
@@ -45,4 +44,3 @@ avm.tflint.merged.hcl
 avm.tflint_example.hcl
 avm.tflint_example.merged.hcl
 avmmakefile
-

_header.md

@@ -1,19 +1,9 @@
-# terraform-azurerm-avm-template
+# terraform-azurerm-avm-ptn-avd-lza-managementplane
 
-This is a template repo for Terraform Azure Verified Modules.
+This is a repo for Terraform Azure Verified Module for Azure Virtual Desktop
 
-Things to do:
-
-1. Set up a GitHub repo environment called `test`.
-1. Configure environment protection rule to ensure that approval is required before deploying to this environment.
-1. Create a user-assigned managed identity in your test subscription.
-1. Create a role assignment for the managed identity on your test subscription, use the minimum required role.
-1. Configure federated identity credentials on the user assigned managed identity. Use the GitHub environment.
-1. Search and update TODOs within the code and remove the TODO comments once complete.
-
-> [!IMPORTANT]
-> As the overall AVM framework is not GA (generally available) yet - the CI framework and test automation is not fully functional and implemented across all supported languages yet - breaking changes are expected, and additional customer feedback is yet to be gathered and incorporated. Hence, modules **MUST NOT** be published at version `1.0.0` or higher at this time.
-> 
-> All module **MUST** be published as a pre-release version (e.g., `0.1.0`, `0.1.1`, `0.2.0`, etc.) until the AVM framework becomes GA.
-> 
-> However, it is important to note that this **DOES NOT** mean that the modules cannot be consumed and utilized. They **CAN** be leveraged in all types of environments (dev, test, prod etc.). Consumers can treat them just like any other IaC module and raise issues or feature requests against them as they learn from the usage of the module. Consumers should also read the release notes for each version, if considering updating to a more recent version of a module to see if there are any considerations or breaking changes etc.
+## Features
+- Azure Virtual Desktop Host Pool
+- Azure Virtual Desktop Application Group
+- Azure Virtual Desktop Workspace
+- Azure Virtual Desktop Scaling

examples/default/README.md

@@ -18,36 +18,42 @@ provider "azurerm" {
   features {}
 }
 
-variable "enable_telemetry" {
-  type        = bool
-  default     = true
-  description = <<DESCRIPTION
-This variable controls whether or not telemetry is enabled for the module.
-For more information see <https://aka.ms/avm/telemetryinfo>.
-If it is set to false, then no telemetry will be collected.
-DESCRIPTION
-}
-
 # This ensures we have unique CAF compliant names for our resources.
 module "naming" {
   source  = "Azure/naming/azurerm"
-  version = "0.4.0"
+  version = ">= 0.3.0"
 }
 
 # This is required for resource modules
 resource "azurerm_resource_group" "this" {
   name     = module.naming.resource_group.name_unique
-  location = "MYLOCATION" # TODO update with a real location, e.g. EastUS
+  location = "eastus"
+}
+
+resource "azurerm_log_analytics_workspace" "this" {
+  name                = module.naming.log_analytics_workspace.name_unique
+  resource_group_name = azurerm_resource_group.this.name
+  location            = azurerm_resource_group.this.location
 }
 
-# This is the module call
-module "MYMODULE" {
-  source = "../../"
-  # source             = "Azure/avm-<res/ptn>-<name>/azurerm"
-  # ...
+# This is the module desktop application group
+module "avd" {
+  source              = "../../"
   enable_telemetry    = var.enable_telemetry
-  name                = "" # TODO update with module.naming.<RESOURCE_TYPE>.name_unique
+  type                = var.type
+  description         = var.description
+  user_group_name     = var.user_group_name
   resource_group_name = azurerm_resource_group.this.name
+  location            = azurerm_resource_group.this.location
+  hostpooltype        = var.hostpooltype
+  name                = var.name
+  scalingplan         = var.scalingplan
+  diagnostic_settings = {
+    to_law = {
+      name                  = "to-law"
+      workspace_resource_id = azurerm_log_analytics_workspace.this.id
+    }
+  }
 }
 ```
 
@@ -70,6 +76,7 @@ The following providers are used by this module:
 
 The following resources are used by this module:
 
+- [azurerm_log_analytics_workspace.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) (resource)
 - [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) (resource)
 
 <!-- markdownlint-disable MD013 -->
@@ -81,6 +88,14 @@ No required inputs.
 
 The following input variables are optional (have default values):
 
+### <a name="input_description"></a> [description](#input\_description)
+
+Description: The description of the AVD.
+
+Type: `string`
+
+Default: `"AVD Management Plane Deployment"`
+
 ### <a name="input_enable_telemetry"></a> [enable\_telemetry](#input\_enable\_telemetry)
 
 Description: This variable controls whether or not telemetry is enabled for the module.  
@@ -91,6 +106,46 @@ Type: `bool`
 
 Default: `true`
 
+### <a name="input_hostpooltype"></a> [hostpooltype](#input\_hostpooltype)
+
+Description: The type of the AVD Host Pool. Valid values are 'Pooled' and 'Personal'.
+
+Type: `string`
+
+Default: `"Pooled"`
+
+### <a name="input_name"></a> [name](#input\_name)
+
+Description: The name of the AVD Application Group.
+
+Type: `string`
+
+Default: `"avm-avd"`
+
+### <a name="input_scalingplan"></a> [scalingplan](#input\_scalingplan)
+
+Description: The scaling plan for the AVD Host Pool.
+
+Type: `string`
+
+Default: `"scp-avd-01"`
+
+### <a name="input_type"></a> [type](#input\_type)
+
+Description: The type of the AVD Application Group. Valid values are 'Desktop' and 'RemoteApp'.
+
+Type: `string`
+
+Default: `"Desktop"`
+
+### <a name="input_user_group_name"></a> [user\_group\_name](#input\_user\_group\_name)
+
+Description: Microsoft Entra ID User Group for AVD users
+
+Type: `string`
+
+Default: `"avdusersgrp1"`
+
 ## Outputs
 
 No outputs.
@@ -99,7 +154,7 @@ No outputs.
 
 The following Modules are called:
 
-### <a name="module_MYMODULE"></a> [MYMODULE](#module\_MYMODULE)
+### <a name="module_avd"></a> [avd](#module\_avd)
 
 Source: ../../
 
@@ -109,10 +164,10 @@ Version:
 
 Source: Azure/naming/azurerm
 
-Version: 0.4.0
+Version: >= 0.3.0
 
 <!-- markdownlint-disable-next-line MD041 -->
 ## Data Collection
 
 The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at <https://go.microsoft.com/fwlink/?LinkID=824704>. You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
-<!-- END_TF_DOCS -->
+<!-- END_TF_DOCS -->

examples/default/main.tf

@@ -5,32 +5,13 @@ terraform {
       source  = "hashicorp/azurerm"
       version = ">= 3.7.0, < 4.0.0"
     }
-    random = {
-      source  = "hashicorp/random"
-      version = ">= 3.5.0, < 4.0.0"
-    }
   }
 }
 
 provider "azurerm" {
   features {}
 }
 
-
-## Section to provide a random Azure region for the resource group
-# This allows us to randomize the region for the resource group.
-module "regions" {
-  source  = "Azure/regions/azurerm"
-  version = ">= 0.3.0"
-}
-
-# This allows us to randomize the region for the resource group.
-resource "random_integer" "region_index" {
-  min = 0
-  max = length(module.regions.regions) - 1
-}
-## End of section to provide a random Azure region for the resource group
-
 # This ensures we have unique CAF compliant names for our resources.
 module "naming" {
   source  = "Azure/naming/azurerm"
@@ -40,18 +21,31 @@ module "naming" {
 # This is required for resource modules
 resource "azurerm_resource_group" "this" {
   name     = module.naming.resource_group.name_unique
-  location = module.regions.regions[random_integer.region_index.result].name
+  location = "eastus"
+}
+
+resource "azurerm_log_analytics_workspace" "this" {
+  name                = module.naming.log_analytics_workspace.name_unique
+  resource_group_name = azurerm_resource_group.this.name
+  location            = azurerm_resource_group.this.location
 }
 
-# This is the module call
-# Do not specify location here due to the randomization above.
-# Leaving location as `null` will cause the module to use the resource group location
-# with a data source.
-module "test" {
-  source = "../../"
-  # source             = "Azure/avm-<res/ptn>-<name>/azurerm"
-  # ...
-  enable_telemetry    = var.enable_telemetry # see variables.tf
-  name                = "TODO"               # TODO update with module.naming.<RESOURCE_TYPE>.name_unique
+# This is the module desktop application group
+module "avd" {
+  source              = "../../"
+  enable_telemetry    = var.enable_telemetry
+  type                = var.type
+  description         = var.description
+  user_group_name     = var.user_group_name
   resource_group_name = azurerm_resource_group.this.name
+  location            = azurerm_resource_group.this.location
+  hostpooltype        = var.hostpooltype
+  name                = var.name
+  scalingplan         = var.scalingplan
+  diagnostic_settings = {
+    to_law = {
+      name                  = "to-law"
+      workspace_resource_id = azurerm_log_analytics_workspace.this.id
+    }
+  }
 }

examples/default/variables.tf

@@ -7,3 +7,43 @@ For more information see <https://aka.ms/avm/telemetryinfo>.
 If it is set to false, then no telemetry will be collected.
 DESCRIPTION
 }
+
+variable "name" {
+  type        = string
+  description = "The name of the AVD Application Group."
+  default     = "avm-avd"
+  validation {
+    condition     = can(regex("^[a-z0-9-]{3,24}$", var.name))
+    error_message = "The name must be between 3 and 24 characters long and can only contain lowercase letters, numbers and dashes."
+  }
+}
+
+variable "type" {
+  type        = string
+  default     = "Desktop"
+  description = "The type of the AVD Application Group. Valid values are 'Desktop' and 'RemoteApp'."
+}
+
+variable "hostpooltype" {
+  type        = string
+  description = "The type of the AVD Host Pool. Valid values are 'Pooled' and 'Personal'."
+  default     = "Pooled"
+}
+
+variable "user_group_name" {
+  type        = string
+  default     = "avdusersgrp1"
+  description = "Microsoft Entra ID User Group for AVD users"
+}
+
+variable "description" {
+  type        = string
+  description = "The description of the AVD."
+  default     = "AVD Management Plane Deployment"
+}
+
+variable "scalingplan" {
+  type        = string
+  description = "The scaling plan for the AVD Host Pool."
+  default     = "scp-avd-01"
+}

locals.telemetry.tf

@@ -4,10 +4,10 @@ locals {
   telem_puid = "46d3xgtf"
 
   # TODO: change this to the name of the module. See https://azure.github.io/Azure-Verified-Modules/specs/shared/#id-sfr3---category-telemetry---deploymentusage-telemetry
-  module_name = "CHANGEME"
+  module_name = "avd-lza-managementplane"
 
   # TODO: Change this. Should be either `res` or `ptn`
-  module_type = "res"
+  module_type = "ptn"
 
   # This ensures we don't get errors if telemetry is disabled.
   telem_random_hex = can(random_id.telem[0].hex) ? random_id.telem[0].hex : ""

locals.tf

@@ -1,11 +1,19 @@
-# TODO: insert locals here.
 locals {
   resource_group_location            = try(data.azurerm_resource_group.parent[0].location, null)
   role_definition_resource_substring = "/providers/Microsoft.Authorization/roleDefinitions"
 }
 
+locals {
+  existing_group = [for g in data.azuread_groups.existing : g if g.display_name == var.user_group_name]
+}
+
+locals {
+  group_id = length(local.existing_group) > 0 ? local.existing_group[0].object_id : azuread_group.new[0].object_id
+}
+
 # Private endpoint application security group associations
 # Remove if this resource does not support private endpoints
+
 locals {
   private_endpoint_application_security_group_associations = { for assoc in flatten([
     for pe_k, pe_v in var.private_endpoints : [
@@ -17,3 +25,10 @@ locals {
     ]
   ]) : "${assoc.pe_key}-${assoc.asg_key}" => assoc }
 }
+
+# Define resource tags
+locals {
+  tags = {
+    cm-resource-parent = azurerm_virtual_desktop_host_pool.hostpool.id
+  }
+}