diff --git a/templates/azure_application_gateway.j2 b/templates/azure_application_gateway.j2 new file mode 100644 index 0000000..f326640 --- /dev/null +++ b/templates/azure_application_gateway.j2 @@ -0,0 +1,132 @@ +{ + "location": "{{ agw.location }}", + "properties": { + "sku": { + "capacity": "{{ agw.sku.capacity | default(2) }}", + "name": "{{ agw.sku.name | default('Standard_v2') }}", + "tier": "{{ agw.sku.tier | default('Standard_v2') }}" + }, + "gatewayIPConfigurations": [ +{% for gwipc in agw.gateway_ip_configurations %} + { + "name": "{{ gwipc.name }}", + "properties": { + "subnet": { + "id": "{{ gwipc.subnet }}" + } + } + }, +{% endfor %} + ], + "sslCertificates": [], + "frontendIPConfigurations": [ +{% for fipc in agw.frontend_ip_configurations %} + { + "name": "{{ fipc.name }}", + "properties": { + "privateIPAllocationMethod": "{{ fipc.private_ip_allocation_method | default('Dynamic') }}", + "publicIPAddress": { + "id": "{{ fipc.public_ip_address }}" + }, +{% if fipc.subnet is defined %} + "subnet": { + "id": "{{ fipc.subnet }}" + } +{% endif %} + } + }, +{% endfor %} + ], + "frontendPorts": [ +{% for fport in agw.frontend_ports %} + { + "name": "{{ fport.name }}", + "properties": { + "port": {{ fport.port }}, + } + }, +{% endfor %} + ], + "backendAddressPools": [ +{% for bp in agw.backend_address_pools %} + { + "name": "{{ bp.name }}", + "properties": { + "backendAddresses": [ +{% for ip in bp.backend_addresses %} + { + "ipAddress": "{{ ip }}" + }, +{% endfor %} + ], + }, + }, +{% endfor %} + ], + "backendHttpSettingsCollection": [ +{% for bset in agw.backend_http_settings_collection %} + { + "name": "{{ bset.name }}", + "properties": { + "port": {{ bset.port }}, + "protocol": "{{ bset.protocol | default('Http') }}", + "cookieBasedAffinity": "{{ bset.cookie_based_affinity | default('Enabled') }}", + "pickHostNameFromBackendAddress": {{ bset.pick_host_name_from_backend_address | default(false) }}, + "probeEnabled": {{ bset.probe_enabled | default(false) }}, +{% if bset.probe_enabled is defined and bset.probe_enabled %} + "probe": { + "id": "{{ bset.probe }}" + }, +{% endif %} + "affinityCookieName": "{{ bset.affinity_cookie_name | default('ApplicationGatewayAffinity') }}", + "requestTimeout": {{ bset.request_timeout | default(20) }}, + }, + }, +{% endfor %} + ], + "httpListeners": [ +{% for listener in agw.http_listeners %} + { + "name": "{{ listener.name }}", + "properties": { + "frontendIPConfiguration": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ agw.resource_group }}/providers/Microsoft.Network/applicationGateways/{{ agw.name }}/frontendIPConfigurations/{{ listener.frontend_ip_configuration }}" + }, + "frontendPort": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ agw.resource_group }}/providers/Microsoft.Network/applicationGateways/{{ agw.name }}/frontendPorts/{{ listener.frontend_port }}" + }, + "protocol": "{{ listener.protocol | default('Http') }}", + "requireServerNameIndication": {{ listener.require_sni | default(false) }}, +{% if listener.protocol is defined and listener.protocol == 'Https' %} + "sslCertificate": {{ listener.sslCertificate }}, + "sslProfile": {{ listener.sslProfile }}, +{% endif %} + }, + }, +{% endfor %} + ], + "urlPathMaps": [], + "requestRoutingRules": [ +{% for rrr in agw.request_routing_rules %} + { + "name": "{{ rrr.name }}", + "properties": { + "ruleType": "{{ rrr.rule_type | default('Basic') }}", + "httpListener": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ agw.resource_group }}/providers/Microsoft.Network/applicationGateways/{{ agw.name }}/httpListeners/{{ rrr.http_listener }}" + }, + "backendAddressPool": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ agw.resource_group }}/providers/Microsoft.Network/applicationGateways/{{ agw.name }}/backendAddressPools/{{ rrr.backend_address_pool }}" + }, + "backendHttpSettings": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ agw.resource_group }}/providers/Microsoft.Network/applicationGateways/{{ agw.name }}/backendHttpSettingsCollection/{{ rrr.backend_http_settings }}" + } + }, + }, +{% endfor %} + ], + "probes": [], + "redirectConfigurations": [], + "enableHttp2": false + } +} diff --git a/templates/azure_backendpool.j2 b/templates/azure_backendpool.j2 new file mode 100644 index 0000000..79609a8 --- /dev/null +++ b/templates/azure_backendpool.j2 @@ -0,0 +1,22 @@ +{ + "properties": { +{% if bp.lbbpaddresses is defined %} + "loadBalancerBackendAddresses": [ +{% for ip in bp.lbbpaddresses %} + { + "name": "address{{ loop.index }}", + "properties": { + "ipAddress": "{{ ip.ip }}", + "virtualNetwork": { + "id": "{{ ip.vnet }}" + } + } + }, +{% endfor %} + ], +{% endif %} +{%if bp.tunnelinterfaces is defined %} + "tunnelInterfaces": "{{ bp.tunnelinterfaces }}" +{%endif%} + } +} diff --git a/templates/azure_connection.j2 b/templates/azure_connection.j2 new file mode 100644 index 0000000..1b30fe9 --- /dev/null +++ b/templates/azure_connection.j2 @@ -0,0 +1,36 @@ +{ + "location": "{{ con.location }}", + "properties": { + "virtualNetworkGateway1": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resourcegroup }}/providers/Microsoft.Network/virtualNetworkGateways/{{ con.vngw }}" + }, +{% if con.lngw is defined %} + "localNetworkGateway2": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resourcegroup }}/providers/Microsoft.Network/localNetworkGateways/{{ con.lngw }}" + }, +{% elif con.erc is defined %} + "peer": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ resourcegroup }}/providers/Microsoft.Network/expressRouteCircuits/{{ con.erc }}" + }, +{% endif %} +{% if con.type is defined %} + "connectionType": "{{ con.type }}", +{% if con.protocol is defined %} + "connectionProtocol": "{{ con.protocol }}", +{% endif %} + "sharedKey": "{{ con.sharedkey }}", + "ipsecPolicies": [ +{% for policy in con.ipsecpolicies %} + {{ policy.body }}, +{% endfor %} + ], +{% endif %} + "routingWeight": {{ con.weight }}, + "enableBgp": {{ con.bgp }}, + "useLocalAzureIpAddress": {{ con.localAzip }}, + "usePolicyBasedTrafficSelectors": {{ con.usetspolicy }}, + "trafficSelectorPolicies": {{ con.tspolicies }}, + "dpdTimeoutSeconds": {{ con.dpdtimeout }}, + "connectionMode": "{{ con.mode }}" + } +} diff --git a/templates/azure_load_balancer.j2 b/templates/azure_load_balancer.j2 new file mode 100644 index 0000000..776e636 --- /dev/null +++ b/templates/azure_load_balancer.j2 @@ -0,0 +1,153 @@ +{ + "location": "{{ lb.location }}", + "properties": { + "backendAddressPools": [ +{% for bp in lb.backend_address_pools %} + { + "name": "{{ bp.name }}", + "properties": { + }, + }, +{% endfor %} + ], + "frontendIPConfigurations": [ +{% for fipc in ip_configurations %} + { + "name": "{{ fipc.name }}", + "properties": { +{% if fipc.gateway_lb_fip is defined %} + "gatewayLoadBalancer": { + "id": "{{ fipc.gateway_lb_fip }}" + }, +{% endif %} +{% if fipc.private_ip_version is defined %} + "privateIPAddressVersion": "{{ fipc.private_ip_version }}", +{% endif %} +{% if fipc.private_ip_allocation_method is defined %} + "privateIPAllocationMethod": "{{ fipc.private_ip_allocation_method }}", +{% endif %} +{% if fipc.private_ip_address is defined %} + "privateIPAddress": "{{ fipc.private_ip_address }}", +{% endif %} +{% if fipc.public_ip_address is defined %} + "publicIPAddress": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ lb.resource_group }}/providers/Microsoft.Network/publicIPAddresses/{{ fipc.public_ip_address }}", + } +{% endif %} +{% if fipc.subnet is defined %} + "subnet": { + "id": "{{ fipc.subnet }}" + }, +{% endif %} + }, +{% if fipc.zones is defined %} + "zones": [ +{% for zone in fipc.zones | default([]) %} + "{{ zone }}", +{% endfor %} + ] +{% endif %} + }, +{% endfor %} + ], + "probes": [ +{% for probe in lb.probes | default([]) %} + { + "name": "{{ probe.name }}", + "properties": { + "protocol": "{{ probe.protocol | default('Tcp') }}", + "port": {{ probe.port | default(22) }}, +{% if probe.protocol is defined and probe.protocol == 'Http' %} + "requestPath": "{{ probe.path | default('/') }}", +{% endif %} + "intervalInSeconds": {{ probe.interval | default(5) }}, + "numberOfProbes": {{ probe.failcount | default(3) }} + } + }, +{% endfor %} + ], + "loadBalancingRules": [ +{% for rule in lb.load_balancing_rules | default([]) %} + { + "name": "{{ rule.name }}", + "properties": { +{% if rule.probe is defined %} + "probe": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ lb.resource_group }}/providers/Microsoft.Network/loadBalancers/{{ lb.name }}/probes/{{ rule.probe }}" + }, +{% endif %} + "frontendIPConfiguration": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ lb.resource_group }}/providers/Microsoft.Network/loadBalancers/{{ lb.name }}/frontendIPConfigurations/{{ rule.frontend_ip_configuration }}" + }, + "backendAddressPool": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ lb.resource_group }}/providers/Microsoft.Network/loadBalancers/{{ lb.name }}/backendAddressPools/{{ rule.backend_address_pool }}" + }, + "frontendPort": {{ rule.frontend_port | default(0) }}, + "backendPort": {{ rule.backend_port | default(0) }}, + "enableFloatingIP": {{ rule.enable_floating_ip | default(false) }}, + "idleTimeoutInMinutes": {{ rule.idle | default(4) }}, + "protocol": "{{ rule.protocol | default('All') }}", + "enableTcpReset": {{ rule.tcpreset | default(false) }}, + "disableOutboundSnat": {{ rule.disable_outsnat | default(false) }}, + "loadDistribution": "{{ rule.load_distribution | default('Default') }}" + } + }, +{% endfor %} + ], + "outboundRules": [ +{% for outrule in lb.outbound_rules | default([]) %} + { + "name": "{{ outrule.name }}", + "properties": { +{% if outrule.nbport is defined %} + "allocatedOutboundPorts": {{ outrule.nbport }}, +{% endif %} + "backendAddressPool": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ lb.resource_group }}/providers/Microsoft.Network/loadBalancers/{{ lb.name }}/backendAddressPools/{{ outrule.backend_address_pool }}" + }, + "enableTcpReset": {{ outrule.tcpreset | default(false) }}, + "frontendIPConfigurations": [ +{% for fipc in outrule.frontend_ip_configurations | default([]) %} + { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ lb.resource_group }}/providers/Microsoft.Network/loadBalancers/{{ lb.name }}/frontendIPConfigurations/{{ fipc.name }}" + }, +{% endfor %} + ], + "idleTimeoutInMinutes": {{ outrule.idle | default(4) }}, + "protocol": "{{ outrule.protocol | default('All') }}", + } + }, +{% endfor %} + ], + "inboundNatRules": [ +{% for inatrule in lb.inbound_nat_rules | default([]) %} + { + "name": "{{ inatrule.name }}", + "properties": { + "frontendIPConfiguration": { + "id": "/subscriptions/{{ subscription_id }}/resourceGroups/{{ lb.resource_group }}/providers/Microsoft.Network/loadBalancers/{{ lb.name }}/frontendIPConfigurations/{{ inatrule.frontend_ip_configuration }}" + }, + "frontendPort": {{ inatrule.frontend_port | default(0) }}, + "backendPort": {{ inatrule.backend_port | default(0) }}, + "enableFloatingIP": {{ inatrule.enable_floating_ip | default(false) }}, + "idleTimeoutInMinutes": {{ inatrule.idle | default(4) }}, + "protocol": "{{ inatrule.protocol | default('Tcp') }}", + "enableTcpReset": {{ inatrule.tcpreset | default(false) }}, + } + }, +{% endfor %} + ], + "inboundNatPools": [] + }, + "sku": { + "name": "{{ lb.sku | default('Standard') }}", +{% if lb.tier is defined %} + "tier": "{{ lb.tier }} +{% endif %} + }, + "tags": { +{% for key, value in (lb.tags | default({})).items() %} + "{{ key }}": "{{ value }}", +{% endfor %} + } +} diff --git a/templates/azure_local_network_gateway.j2 b/templates/azure_local_network_gateway.j2 new file mode 100644 index 0000000..b509bf8 --- /dev/null +++ b/templates/azure_local_network_gateway.j2 @@ -0,0 +1,16 @@ +{ + "location": "{{ lngw.location }}", + "properties": { + "localNetworkAddressSpace": { + "addressPrefixes": {{ lngw.prefixes }} + }, + "gatewayIpAddress": "{{ lngw.gwip }}", + {% if lngw.asn is defined and lngw.asn != '' %} + "bgpSettings": { + "asn": {{ lngw.asn }}, + "bgpPeeringAddress": "{{ lngw.bgppeer }}", + "peerWeight": {{ lngw.weight }} + } + {% endif %} + } +} diff --git a/templates/azure_public_ip_address.j2 b/templates/azure_public_ip_address.j2 new file mode 100644 index 0000000..1f4bead --- /dev/null +++ b/templates/azure_public_ip_address.j2 @@ -0,0 +1,38 @@ +{ + "location": "{{ ip.location }}", + "properties": { + "publicIPAllocationMethod": "{{ ip.allocation_method | default('Static') }}", + "idleTimeoutInMinutes": {{ ip.idletimeout | default(5) }}, + "publicIPAddressVersion": "{{ ip.version | default('IPv4') }}", +{% if ip.ddos is defined %} + "ddosSettings": { +{% if ip.ddos.CustomPolicyid is defined %} + "ddosCustomPolicy": { + "id": "{{ ip.ddosCustomPolicyid }}" + }, +{% endif %} + "protectedIP": "{{ ip.ddos.enableprotection | default(false) }}", +{% if ip.ddos.enableprotection is defined and ip.ddos.enableprotection %} + "protectionCoverage": "{{ ip.ddos.protectionCoverage | default('Standard') }}", +{% endif %} + }, +{% endif %} + "deleteOption": "{{ ip.deleteOption | default('Detach') }}", +{% if ip.dns is defined %} + "dnsSettings": { + "domainNameLabel": "{{ ip.dns.label | default('') }}", + "fqdn": "{{ ip.dns.fqdn | default('') }}", + "reverseFqdn": "{{ ip.dns.reverse | default('') }}" + } +{% endif %} + }, + "sku": { + "name": "{{ ip.sku | default('Standard') }}", + "tier": "{{ ip.tier | default('Regional') }}" + }, + "zones": [ +{% for zone in ip.zones | default([]) %} + "{{ zone }}", +{% endfor %} + ] +} diff --git a/templates/azure_route_table.j2 b/templates/azure_route_table.j2 new file mode 100644 index 0000000..f0fffb4 --- /dev/null +++ b/templates/azure_route_table.j2 @@ -0,0 +1,38 @@ +{ + "location": "{{ rt.location }}", + "properties": { + "disableBgpRoutePropagation": "{{ rt.disableBgpRoutePropagation | default(true) }}", + "routes": [ +{% for udr in routes | default([]) %} + { + "name": "{{ udr.name }}", + "properties": { + "addressPrefix": "{{ udr.address_prefix }}", +{% if udr.hasBgpOverride is defined %} + "hasBgpOverride": {{ udr.hasBgpOverride }}, +{% endif %} +{% if 'ppliance' in udr.next_hop_type %} + "nextHopType": "VirtualAppliance", +{% elif 'nternet' in udr.next_hop_type %} + "nextHopType": "Internet", +{% elif 'etwork' in udr.next_hop_type %} + "nextHopType": "VirtualNetworkGateway", +{% elif 'ocal' in udr.next_hop_type %} + "nextHopType": "VnetLocal", +{% else %} + "nextHopType": "None", +{% endif %} +{% if udr.next_hop_type is undefined or 'ppliance' in udr.next_hop_type %} + "nextHopIpAddress": "{{ udr.next_hop_ip_address }}" +{% endif %} + } + }, +{% endfor %} + ] + }, + "tags": { +{% for key, value in (rt.tags | default({})).items() %} + "{{ key }}": "{{ value }}", +{% endfor %} + } +} diff --git a/templates/azure_virtual_network_gateway.j2 b/templates/azure_virtual_network_gateway.j2 new file mode 100644 index 0000000..1f49e44 --- /dev/null +++ b/templates/azure_virtual_network_gateway.j2 @@ -0,0 +1,48 @@ +{ + "location": "{{ vngw.location }}", + "properties": { + "enableBgpRouteTranslationForNat": {{ vngw.bgproute4nat }}, + "enableDnsForwarding": {{ vngw.dnsfwd }}, + "enablePrivateIpAddress": {{ vngw.privateip }}, + {% if vngw.lngwid is defined and vngw.lngwid != '' %} + "gatewayDefaultSite": { + "id": "{{ vngw.lngwid }}" + }, + {% endif %} + "ipConfigurations": [ + {% for ipc in vngw.ipcs %} + { + "name": "{{ ipc.name }}", + "properties": { + "privateIPAllocationMethod": "{{ ipc.allocmethod }}", + {% if ipc.allocmethod == "Static" %} + "privateIPAddress": "{{ ipc.privateip }}", + {% endif %} + "publicIPAddress": { + "id": "{{ ipc.pipid }}" + }, + "subnet": { + "id": "{{ ipc.subnetid }}" + } + } + }, + {% endfor %} + ], + "activeActive": {{ vngw.activeactive }}, + "sku": { + "name": "{{ vngw.sku }}", + "tier": "{{ vngw.sku }}" + }, + "gatewayType": "{{ vngw.gwtype }}", + "vpnType": "{{ vngw.vpntype }}", + "enableBgp": {{ vngw.enablebgp }}, + {% if vngw.enablebgp == "true" %} + "bgpSettings": { + "asn": {{ vngw.asn }}, + "bgpPeeringAddress": "{{ vngw.peers }}", + "peerWeight": {{ vngw.weight }} + }, + {% endif %} + "vpnGatewayGeneration": "{{ vngw.generation }}" + } +}