Resource Packs

Cloud

Example

Flavor

Feature

Dns

Example: dns resource based on Azure Cloud DNS

Configuration

This example configures a dns Resource Definition using Azure Cloud DNS.

The created Resource Definition can be used in your Score file using:

resources:
  ...
  dns:
    type: dns

Infrastructure setup 

graph TD;
    subgraph Resource Group
        subgraph Azure Hosted Zone
          record["Azure DNS record"]
        end
        subgraph AKS Cluster
            workload-pod[Workload Pod]
        end
        workload-pod --> record
    end

Orchestrator setup 

graph TD;
    workload_1 --> dns_1["dns_1, resource_type: dns"]
    workload_1 --> shared_dns_1["shared.dns_1", resource_type: dns]
    workload_2 --> shared_dns_1

Terraform docs

Requirements

Name Version
terraform >= 1.3.0
azuread ~> 2.47
azurerm ~> 3.91
humanitec ~> 1.0

Providers

Name Version
azuread ~> 2.47
azurerm ~> 3.91
humanitec ~> 1.0

Modules

Name Source Version
dns ../../humanitec-resource-defs/dns/basic n/a

Resources

Name Type
azuread_application.humanitec_provisioner resource
azuread_service_principal.humanitec_provisioner resource
azuread_service_principal_password.humanitec_provisioner resource
azurerm_role_assignment.resource_group resource
humanitec_application.example resource
humanitec_resource_account.humanitec_provisioner resource
humanitec_resource_definition_criteria.dns resource
azurerm_resource_group.main data source

Inputs

Name Description Type Default Required
dns_zone The id of the hosted zone in which this record set will reside. string n/a yes
resource_group_name Specifies the Name of the Resource Group within which this dns will reside. string n/a yes
subscription_id The Subscription ID which should be used. string n/a yes
name Name of the example application. string "hum-rp-dns-example" no
prefix Prefix of the created resources string "hum-rp-dns-ex-" no
resource_packs_azure_rev Azure Resource Pack git branch. string "refs/heads/main" no
resource_packs_azure_url Azure Resource Pack git url. string "https://github.com/humanitec-architecture/resource-packs-azure.git" no

main.tf ( view on GitHub ) :

# Service principal used by Humanitec to provision resources
data "azurerm_resource_group" "main" {
  name = var.resource_group_name
}

resource "azuread_application" "humanitec_provisioner" {
  display_name = var.name
}

resource "azuread_service_principal" "humanitec_provisioner" {
  client_id = azuread_application.humanitec_provisioner.client_id
}

resource "azuread_service_principal_password" "humanitec_provisioner" {
  service_principal_id = azuread_service_principal.humanitec_provisioner.object_id
}

resource "azurerm_role_assignment" "resource_group" {
  scope                = data.azurerm_resource_group.main.id
  role_definition_name = "Contributor"
  principal_id         = azuread_service_principal.humanitec_provisioner.object_id
}

resource "humanitec_resource_account" "humanitec_provisioner" {
  id   = var.name
  name = var.name
  type = "azure"

  credentials = jsonencode({
    "appId" : azuread_service_principal.humanitec_provisioner.client_id,
    "displayName" : azuread_application.humanitec_provisioner.display_name,
    "password" : azuread_service_principal_password.humanitec_provisioner.value,
    "tenant" : azuread_service_principal.humanitec_provisioner.application_tenant_id
  })

  depends_on = [
    # Otherwise the account looses permissions before the resources are deleted
    azurerm_role_assignment.resource_group
  ]
}

# Example application and resource definition criteria
resource "humanitec_application" "example" {
  id   = var.name
  name = var.name
}

module "dns" {
  source = "github.com/humanitec-architecture/resource-packs-azure?ref=v2024-06-14//humanitec-resource-defs/dns/basic"

  prefix                   = var.prefix
  resource_packs_azure_url = var.resource_packs_azure_url
  resource_packs_azure_rev = var.resource_packs_azure_rev
  append_logs_to_error     = true
  driver_account           = humanitec_resource_account.humanitec_provisioner.id
  subscription_id          = var.subscription_id
  dns_zone                 = var.dns_zone
  resource_group_name      = var.resource_group_name

}

resource "humanitec_resource_definition_criteria" "dns" {
  resource_definition_id = module.dns.id
  app_id                 = humanitec_application.example.id
}

providers.tf ( view on GitHub ) :

terraform {
  required_providers {
    azuread = {
      source  = "hashicorp/azuread"
      version = "~> 2.47"
    }
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.91"
    }
    humanitec = {
      source  = "humanitec/humanitec"
      version = "~> 1.0"
    }
  }

  required_version = ">= 1.3.0"
}

provider "humanitec" {
}

provider "azuread" {
}

provider "azurerm" {
  features {}

  subscription_id = var.subscription_id
}

terraform.tfvars.example ( view on GitHub ) :


# The id of the hosted zone in which this record set will reside.
dns_zone = ""

# Name of the example application.
name = "hum-rp-dns-example"

# Prefix of the created resources
prefix = "hum-rp-dns-ex-"

# Specifies the Name of the Resource Group within which this dns will reside.
resource_group_name = ""

# Azure Resource Pack git branch.
resource_packs_azure_rev = "refs/tags/v2024-06-14"

# Azure Resource Pack git url.
resource_packs_azure_url = "https://github.com/humanitec-architecture/resource-packs-azure.git"

# The Subscription ID which should be used.
subscription_id = ""

variables.tf ( view on GitHub ) :

variable "prefix" {
  description = "Prefix of the created resources"
  type        = string
  default     = "hum-rp-dns-ex-"
}

variable "name" {
  description = "Name of the example application."
  type        = string
  default     = "hum-rp-dns-example"
}

variable "resource_packs_azure_url" {
  description = "Azure Resource Pack git url."
  type        = string
  default     = "https://github.com/humanitec-architecture/resource-packs-azure.git"
}

variable "resource_packs_azure_rev" {
  description = "Azure Resource Pack git branch."
  type        = string
  default     = "refs/tags/v2024-06-14"
}

variable "subscription_id" {
  description = "The Subscription ID which should be used."
  type        = string
}

variable "dns_zone" {
  description = "The id of the hosted zone in which this record set will reside."
  type        = string
}

variable "resource_group_name" {
  description = "Specifies the Name of the Resource Group within which this dns will reside."
  type        = string
}