3bf47efa2b
- Add Well-Architected Framework implementation guide covering all 5 pillars - Create Well-Architected Terraform module (cost, operations, performance, reliability, security) - Add Cloud for Sovereignty compliance guide - Implement data residency policies and enforcement - Add operational sovereignty features (CMK, independent logging) - Configure compliance monitoring and reporting - Add budget management and cost optimization - Implement comprehensive security controls - Add backup and disaster recovery automation - Create performance optimization resources (Redis, Front Door) - Add operational excellence tools (Log Analytics, App Insights, Automation)
173 lines
3.6 KiB
HCL
173 lines
3.6 KiB
HCL
variable "name_prefix" {
|
|
description = "Prefix for resource names"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "environment" {
|
|
description = "Environment name (dev, staging, production)"
|
|
type = string
|
|
validation {
|
|
condition = contains(["dev", "staging", "production"], var.environment)
|
|
error_message = "Environment must be dev, staging, or production."
|
|
}
|
|
}
|
|
|
|
variable "region" {
|
|
description = "Azure region"
|
|
type = string
|
|
}
|
|
|
|
variable "resource_group_name" {
|
|
description = "Resource group name"
|
|
type = string
|
|
}
|
|
|
|
variable "resource_group_id" {
|
|
description = "Resource group ID"
|
|
type = string
|
|
}
|
|
|
|
variable "tags" {
|
|
description = "Additional tags"
|
|
type = map(string)
|
|
default = {}
|
|
}
|
|
|
|
variable "cost_center" {
|
|
description = "Cost center for cost allocation"
|
|
type = string
|
|
default = "legal-services"
|
|
}
|
|
|
|
variable "owner" {
|
|
description = "Resource owner"
|
|
type = string
|
|
default = "legal-team"
|
|
}
|
|
|
|
variable "data_classification" {
|
|
description = "Data classification level"
|
|
type = string
|
|
default = "confidential"
|
|
}
|
|
|
|
# Cost Optimization
|
|
variable "enable_cost_management" {
|
|
description = "Enable cost management features"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "monthly_budget_amount" {
|
|
description = "Monthly budget amount"
|
|
type = number
|
|
default = 10000
|
|
}
|
|
|
|
variable "budget_alert_emails" {
|
|
description = "Email addresses for budget alerts"
|
|
type = list(string)
|
|
default = []
|
|
}
|
|
|
|
variable "cost_export_storage_container_id" {
|
|
description = "Storage container ID for cost exports"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
# Operational Excellence
|
|
variable "enable_automation" {
|
|
description = "Enable automation account"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
# Performance Efficiency
|
|
variable "enable_front_door" {
|
|
description = "Enable Azure Front Door"
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "backend_host_header" {
|
|
description = "Backend host header for Front Door"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "backend_address" {
|
|
description = "Backend address for Front Door"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "enable_redis_cache" {
|
|
description = "Enable Redis cache"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "redis_capacity" {
|
|
description = "Redis cache capacity"
|
|
type = number
|
|
default = 1
|
|
}
|
|
|
|
variable "redis_family" {
|
|
description = "Redis cache family (C or P)"
|
|
type = string
|
|
default = "C"
|
|
validation {
|
|
condition = contains(["C", "P"], var.redis_family)
|
|
error_message = "Redis family must be C or P."
|
|
}
|
|
}
|
|
|
|
# Reliability
|
|
variable "enable_backup" {
|
|
description = "Enable backup services"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
# Security
|
|
variable "create_key_vault" {
|
|
description = "Create Key Vault (if not already exists)"
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "enable_defender" {
|
|
description = "Enable Microsoft Defender for Cloud"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "enable_ddos_protection" {
|
|
description = "Enable DDoS Protection"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
# Cloud for Sovereignty
|
|
variable "enable_sovereignty_policies" {
|
|
description = "Enable sovereignty policies"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "allowed_regions" {
|
|
description = "List of allowed regions for data residency"
|
|
type = list(string)
|
|
default = []
|
|
}
|
|
|
|
variable "management_group_id" {
|
|
description = "Management group ID for policy assignment"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|