unity-builder/dist/platforms/azure/modules/environment-base/network.tf

#########################
# Azure Virtual Network #
#########################

# Top level virtual network
resource "azurerm_virtual_network" "virtual_network" {
  name                = "${var.environment}-${var.vnet_name}"
  address_space       = var.vnet_address_space
  location            = azurerm_resource_group.resource_group.location
  resource_group_name = azurerm_resource_group.resource_group.name
}

# Security group for the network that will hold our rules
resource "azurerm_network_security_group" "netsec_group" {
  name                = "netsec"
  resource_group_name = azurerm_resource_group.resource_group.name
  location            = azurerm_resource_group.resource_group.location

  tags = {
    environment = var.environment
  }

}

# Network Security rule to allow ssh form approved IPs
resource "azurerm_network_security_rule" "ssh" {
  name                        = "inboundSSH"
  priority                    = 100
  direction                   = "Inbound"
  access                      = "Allow"
  protocol                    = "Tcp"
  source_port_range           = "*"
  destination_port_range      = "22"
  source_address_prefixes      = var.allowed_ips
  destination_address_prefix  = "*"
  resource_group_name         = azurerm_resource_group.resource_group.name
  network_security_group_name = azurerm_network_security_group.netsec_group.name
}
initial layout for azure hosted ephmeral runners 2022-09-28 07:32:03 +00:00			`#########################`
			`# Azure Virtual Network #`
			`#########################`

			`# Top level virtual network`
			`resource "azurerm_virtual_network" "virtual_network" {`
			`name = "${var.environment}-${var.vnet_name}"`
			`address_space = var.vnet_address_space`
			`location = azurerm_resource_group.resource_group.location`
			`resource_group_name = azurerm_resource_group.resource_group.name`
			`}`

			`# Security group for the network that will hold our rules`
			`resource "azurerm_network_security_group" "netsec_group" {`
			`name = "netsec"`
			`resource_group_name = azurerm_resource_group.resource_group.name`
			`location = azurerm_resource_group.resource_group.location`

			`tags = {`
			`environment = var.environment`
			`}`

			`}`

			`# Network Security rule to allow ssh form approved IPs`
			`resource "azurerm_network_security_rule" "ssh" {`
			`name = "inboundSSH"`
			`priority = 100`
			`direction = "Inbound"`
			`access = "Allow"`
			`protocol = "Tcp"`
			`source_port_range = "*"`
			`destination_port_range = "22"`
			`source_address_prefixes = var.allowed_ips`
			`destination_address_prefix = "*"`
			`resource_group_name = azurerm_resource_group.resource_group.name`
			`network_security_group_name = azurerm_network_security_group.netsec_group.name`
			`}`