Merge branch 'main' into add_dependabot_config

docs/wiki/Contributing.md

@@ -3,7 +3,7 @@ This project welcomes contributions and suggestions. Most contributions require
 
 When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
 
-This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.
+This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact <[email protected]> with any additional questions or comments.
 
 Please familiarize yourself with our [Code of Conduct][Code-of-Conduct] and the [MIT License][License] associated with this repository to ensure all code contributions are submitted in accordance with these terms.
 

docs/wiki/User-Guide.md

@@ -9,7 +9,6 @@ Please refer to the following to learn about the accelerator:
   - [Quick Start Phase 2][wiki_quick_start_phase_2]
   - [Quick Start Phase 3][wiki_quick_start_phase_3]
 
-
  [//]: # (************************)
  [//]: # (INSERT LINK LABELS BELOW)
  [//]: # (************************)

docs/wiki/[User-Guide]-Quick-Start-Phase-2.md

@@ -57,7 +57,6 @@ The inputs differ depending on the VCS you have chosen:
 1. If you are happy with the plan, then type `yes` and hit enter.
 1. The Terraform will `apply` and your environment will be bootstrapped.
 
-
  [//]: # (************************)
  [//]: # (INSERT LINK LABELS BELOW)
  [//]: # (************************)

docs/wiki/[User-Guide]-Starter-Module-Basic.md

@@ -1,12 +1,21 @@
 <!-- markdownlint-disable first-line-h1 -->
+The `basic` starter module creates a management group hierarchy with policy assignments, and deploys management resources such as the Log Analytics Workspace and Automation Account.
 
-The `basic` starter module creates a management group hierarchy and assigns policies.
+## High Level Design
+
+![Alt text](./media/starter-module-basic.png)
+
+## Terraform Modules
+
+### `caf-enterprise-scale`
+
+The `caf-enterprise-scale` module is solely used for this basic starter module, and has only been populated with its most basic of inputs. It is worth noting that the module itself can be extended to deploy, connectivity resources, custom polices and more. For more information on the module itself see [here](https://github.com/Azure/terraform-azurerm-caf-enterprise-scale).
 
 ## Inputs
 
 - `default_location`: The location for Azure resources (e.g 'uksouth').
 - `subscription_id_connectivity`: The identifier of the Connectivity Subscription.
 - `subscription_id_identity`: The identifier of the Identity Subscription.
 - `subscription_id_management`: The identifier of the Management Subscription.
-- `root_id`: The root id is the identity for the root managment group and a prefix applied to all management group identities.
+- `root_id`: The root id is the identity for the root management group and a prefix applied to all management group identities.
 - `root_name`: The display name for the root management group.

docs/wiki/[User-Guide]-Starter-Module-HubNetworking.md

@@ -1,16 +1,41 @@
 <!-- markdownlint-disable first-line-h1 -->
+The `hubnetworking` starter module builds off the `basic` starter module ([Basic Starter Module][wiki_starter_module_basic]) and additionally configures hub networking resources such as the Virtual Network, Firewall and Virtual Network Gateway.
 
-The `hubnetworking` starter module creates a management group hierarchy, assigns policies and deploys hub networking resources.
+## High Level Design
+
+![Alt text](./media/starter-module-hubnetworking.png)
+
+## Terraform Modules
+
+### `caf-enterprise-scale`
+
+The `caf-enterprise-scale` has been used to deploy the management group hierarchy, policy assignments and management resources. For more information on the module itself see [here](https://github.com/Azure/terraform-azurerm-caf-enterprise-scale).
+
+### `hubnetworking`
+
+The `hubnetworking` module is used to deploy connectivity resources such as Virtual Networks and Firewalls. By default, the module will deploy a Virtual Network with a Firewall in your `default_location`.
+ This module can be extended however to deploy multiple Virtual Networks at scale, Route Tables, and Resource Locks. For more information on the module itself see [here](https://github.com/Azure/terraform-azurerm-hubnetworking).
+
+### `vnet-gateway`
+
+The `vnet-gateway` module is used to deploy a Virtual Network Gateway inside your Virtual Network. By default, the resources of the module will not be deployed unless `virtual_network_gateway_creation_enabled` is set to true, if so, the module will deploy a VPN Gateway with SKU VpnGw1.
+ Further configuration can be added depending on requirements to deploy Local Network Gateways, configure Virtual Network Gateway Connections, deploy ExpressRoute Gateways and more. Additional information on the module can be found [here](https://github.com/Azure/terraform-azurerm-vnet-gateway).
 
 ## Inputs
 
 - `default_location`: The location for Azure resources (e.g 'uksouth').
 - `subscription_id_connectivity`: The identifier of the Connectivity Subscription.
 - `subscription_id_identity`: The identifier of the Identity Subscription.
 - `subscription_id_management`: The identifier of the Management Subscription.
-- `root_id`: The root id is the identity for the root managment group and a prefix applied to all management group identities.
+- `root_id`: The root id is the identity for the root management group and a prefix applied to all management group identities.
 - `root_name`: The display name for the root management group.
 - `hub_virtual_network_address_prefix`: The IP address range for the hub network in CIDR format.
 - `firewall_subnet_address_prefix`: The IP address range foe the firewall subnet in CIDR format.
-- `gateway_subnet_address_prefix`: The IP address range foe the gatway subnet in CIDR format.
+- `gateway_subnet_address_prefix`: The IP address range foe the gateway subnet in CIDR format.
 - `virtual_network_gateway_creation_enabled`: Whether the virtual network gateway is created.
+
+ [//]: # (************************)
+ [//]: # (INSERT LINK LABELS BELOW)
+ [//]: # (************************)
+
+[wiki_starter_module_basic]:                   %5BUser-Guide%5D-Starter-Module-Basic "Wiki - Starter Modules - Basic"

templates/.test/README.md

@@ -1,3 +1,3 @@
 # Test Module
 
-This module is used for testing the bootstrapping without needing elevated permissions or a clean tenant.
+This module is used for testing the bootstrapping without needing elevated permissions or a clean tenant.

templates/basic/main.tf

@@ -6,6 +6,7 @@ module "enterprise-scale" {
   root_parent_id   = data.azurerm_client_config.core.tenant_id
 
   deploy_corp_landing_zones    = true
+  deploy_management_resources  = true
   deploy_online_landing_zones  = true
   root_id                      = var.root_id
   root_name                    = var.root_name
@@ -19,17 +20,3 @@ module "enterprise-scale" {
     azurerm.management   = azurerm.management
   }
 }
-
-module "alz-management" {
-  source  = "Azure/alz-management/azurerm"
-  version = "0.1.4"
-
-  automation_account_name      = "aa-management-${var.default_location}"
-  location                     = var.default_location
-  log_analytics_workspace_name = "log-management-${var.default_location}"
-  resource_group_name          = "rg-management-${var.default_location}"
-
-  providers = {
-    azurerm = azurerm.management
-  }
-}

templates/basic/variables.tf

@@ -19,7 +19,7 @@ variable "subscription_id_management" {
 }
 
 variable "root_id" {
-  description = "The root id is the identity for the root managment group and a prefix applied to all management group identities|5|azure_name"
+  description = "The root id is the identity for the root management group and a prefix applied to all management group identities|5|azure_name"
   type        = string
   default     = "es"
 }

templates/hubnetworking/main.tf

@@ -6,6 +6,7 @@ module "enterprise-scale" {
   root_parent_id   = data.azurerm_client_config.core.tenant_id
 
   deploy_corp_landing_zones    = true
+  deploy_management_resources  = true
   deploy_online_landing_zones  = true
   root_id                      = var.root_id
   root_name                    = var.root_name
@@ -20,20 +21,6 @@ module "enterprise-scale" {
   }
 }
 
-module "alz-management" {
-  source  = "Azure/alz-management/azurerm"
-  version = "0.1.4"
-
-  automation_account_name      = "aa-management-${var.default_location}"
-  location                     = var.default_location
-  log_analytics_workspace_name = "log-management-${var.default_location}"
-  resource_group_name          = "rg-management-${var.default_location}"
-
-  providers = {
-    azurerm = azurerm.management
-  }
-}
-
 module "hubnetworking" {
   source  = "Azure/hubnetworking/azurerm"
   version = "1.1.0"

templates/hubnetworking/variables.tf

@@ -19,7 +19,7 @@ variable "subscription_id_management" {
 }
 
 variable "root_id" {
-  description = "The root id is the identity for the root managment group and a prefix applied to all management group identities|5|azure_name"
+  description = "The root id is the identity for the root management group and a prefix applied to all management group identities|5|azure_name"
   type        = string
   default     = "es"
 }
@@ -43,7 +43,7 @@ variable "firewall_subnet_address_prefix" {
 }
 
 variable "gateway_subnet_address_prefix" {
-  description = "The IP address range foe the gatway subnet in CIDR format|9|cidr_range"
+  description = "The IP address range foe the gateway subnet in CIDR format|9|cidr_range"
   type        = string
   default     = ""
 }