Resource Packs

Cloud

Example

Flavor

Feature

Mysql

Example: mysql resource based on Azure Database for MySQL

Configuration

This example configures a mysql Resource Definition using Azure Database for MySQL.

The created definition can be used in your Score file using:

resources:
  ...
  db:
    type: mysql

Infrastructure setup

graph TD;
    subgraph Resource Group
        db["Azure Database for MySQL"]
        subgraph Workload Virtual Network
          private["Private IP"]
          subgraph AKS Cluster
              workload-pod[Workload Pod]
          end
        end
        workload-pod --> private
        db -- private endpoint --> private
    end

Orchestrator setup

graph TD;
    workload_1 --> db_1["db_1, resource_type: mysql"]
    workload_1 --> shared_db_1["shared.db_1", resource_type: mysql]
    workload_2 --> shared_db_1

Terraform docs

Requirements

Name Version
terraform >= 1.3.0
azuread ~> 2.47
azurerm ~> 3.91
humanitec ~> 1.0

Providers

Name Version
azuread ~> 2.47
azurerm ~> 3.91
humanitec ~> 1.0

Modules

Name Source Version
mysql ../../humanitec-resource-defs/mysql/basic n/a

Resources

Name Type
azuread_application.humanitec_provisioner resource
azuread_service_principal.humanitec_provisioner resource
azuread_service_principal_password.humanitec_provisioner resource
azurerm_role_assignment.resource_group resource
humanitec_application.example resource
humanitec_resource_account.humanitec_provisioner resource
humanitec_resource_definition_criteria.mysql resource
azurerm_resource_group.main data source

Inputs

Name Description Type Default Required
administrator_login The Administrator login for the MySQL Server. string n/a yes
administrator_login_password The Password associated with the administrator_login for the MySQL Server. string n/a yes
resource_group_name Specifies the Name of the Resource Group within which this database will reside. string n/a yes
subnet_name The name of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. string n/a yes
subscription_id The Subscription ID which should be used. string n/a yes
virtual_network_name The name of the virtual network where Private Endpoint will be allocated. string n/a yes
virtual_network_resource_group_name Specifies the Name of the Resource Group within which the Private Endpoint should exist. string n/a yes
name Name of the example application. string "hum-rp-mysql-example" no
prefix Prefix of the created resources string "hum-rp-mysql-ex-" no
resource_packs_azure_rev Azure Resource Pack git branch. string "refs/heads/main" no
resource_packs_azure_url Azure Resource Pack git url. string "https://github.com/humanitec-architecture/resource-packs-azure.git" no

main.tf (view on GitHub) :

# Service principal used by Humanitec to provision resources
data "azurerm_resource_group" "main" {
  name = var.resource_group_name
}

resource "azuread_application" "humanitec_provisioner" {
  display_name = var.name
}

resource "azuread_service_principal" "humanitec_provisioner" {
  client_id = azuread_application.humanitec_provisioner.client_id
}

resource "azuread_service_principal_password" "humanitec_provisioner" {
  service_principal_id = azuread_service_principal.humanitec_provisioner.object_id
}

resource "azurerm_role_assignment" "resource_group" {
  scope                = data.azurerm_resource_group.main.id
  role_definition_name = "Contributor"
  principal_id         = azuread_service_principal.humanitec_provisioner.object_id
}

resource "humanitec_resource_account" "humanitec_provisioner" {
  id   = var.name
  name = var.name
  type = "azure"

  credentials = jsonencode({
    "appId" : azuread_service_principal.humanitec_provisioner.client_id,
    "displayName" : azuread_application.humanitec_provisioner.display_name,
    "password" : azuread_service_principal_password.humanitec_provisioner.value,
    "tenant" : azuread_service_principal.humanitec_provisioner.application_tenant_id
  })

  depends_on = [
    # Otherwise the account looses permissions before the resources are deleted
    azurerm_role_assignment.resource_group
  ]
}

# Example application and resource definition criteria
resource "humanitec_application" "example" {
  id   = var.name
  name = var.name
}

module "mysql" {
  source = "github.com/humanitec-architecture/resource-packs-azure?ref=v2024-06-14//humanitec-resource-defs/mysql/basic"

  prefix                              = var.prefix
  resource_packs_azure_url            = var.resource_packs_azure_url
  resource_packs_azure_rev            = var.resource_packs_azure_rev
  append_logs_to_error                = true
  driver_account                      = humanitec_resource_account.humanitec_provisioner.id
  subscription_id                     = var.subscription_id
  resource_group_name                 = var.resource_group_name
  administrator_login                 = var.administrator_login
  administrator_login_password        = var.administrator_login_password
  virtual_network_name                = var.virtual_network_name
  virtual_network_resource_group_name = var.virtual_network_resource_group_name
  subnet_name                         = var.subnet_name
}

resource "humanitec_resource_definition_criteria" "mysql" {
  resource_definition_id = module.mysql.id
  app_id                 = humanitec_application.example.id
}


providers.tf (view on GitHub) :

terraform {
  required_providers {
    azuread = {
      source  = "hashicorp/azuread"
      version = "~> 2.47"
    }
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.91"
    }
    humanitec = {
      source  = "humanitec/humanitec"
      version = "~> 1.0"
    }
  }

  required_version = ">= 1.3.0"
}

provider "humanitec" {
}

provider "azuread" {
}

provider "azurerm" {
  features {}

  subscription_id = var.subscription_id
}


terraform.tfvars.example (view on GitHub) :


# The Administrator login for the MySQL Server.
administrator_login = ""

# The Password associated with the administrator_login for the MySQL Server.
administrator_login_password = ""

# Name of the example application.
name = "hum-rp-mysql-example"

# Prefix of the created resources
prefix = "hum-rp-mysql-ex-"

# Specifies the Name of the Resource Group within which this database will reside.
resource_group_name = ""

# Azure Resource Pack git branch.
resource_packs_azure_rev = "refs/tags/v2024-06-14"

# Azure Resource Pack git url.
resource_packs_azure_url = "https://github.com/humanitec-architecture/resource-packs-azure.git"

# The name of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint.
subnet_name = ""

# The Subscription ID which should be used.
subscription_id = ""

# The name of the virtual network where Private Endpoint will be allocated.
virtual_network_name = ""

# Specifies the Name of the Resource Group within which the Private Endpoint should exist.
virtual_network_resource_group_name = ""

variables.tf (view on GitHub) :

variable "prefix" {
  description = "Prefix of the created resources"
  type        = string
  default     = "hum-rp-mysql-ex-"
}

variable "name" {
  description = "Name of the example application."
  type        = string
  default     = "hum-rp-mysql-example"
}

variable "resource_packs_azure_url" {
  description = "Azure Resource Pack git url."
  type        = string
  default     = "https://github.com/humanitec-architecture/resource-packs-azure.git"
}

variable "resource_packs_azure_rev" {
  description = "Azure Resource Pack git branch."
  type        = string
  default     = "refs/tags/v2024-06-14"
}

variable "subscription_id" {
  description = "The Subscription ID which should be used."
  type        = string
}

variable "resource_group_name" {
  description = "Specifies the Name of the Resource Group within which this database will reside."
  type        = string
}

variable "administrator_login" {
  description = "The Administrator login for the MySQL Server."
  type        = string
}

variable "administrator_login_password" {
  description = "The Password associated with the administrator_login for the MySQL Server."
  type        = string
}

variable "virtual_network_name" {
  description = "The name of the virtual network where Private Endpoint will be allocated."
  type        = string
}

variable "virtual_network_resource_group_name" {
  description = "Specifies the Name of the Resource Group within which the Private Endpoint should exist."
  type        = string
}

variable "subnet_name" {
  description = "The name of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint."
  type        = string
}

Top