diff --git a/.github/workflows/standalone-scenarios.json b/.github/workflows/standalone-scenarios.json index 2bd6a3da02..39a4adabaa 100644 --- a/.github/workflows/standalone-scenarios.json +++ b/.github/workflows/standalone-scenarios.json @@ -67,6 +67,7 @@ "maintenance_configuration/101-maintenance-configuration-schedule", "maintenance_configuration/200-maintenance-configuration-assignment-vm-windows", "maintenance_configuration/201-maintenance-configuration-assignment-vm-linux", + "maintenance_configuration/300-maintenance-configuration-assignment-dynamic-scope", "managed_service_identity/100-msi-levels", "maps/101-azure-maps-account", "messaging/eventgrid/100-simple-eventgrid-topic", @@ -120,7 +121,6 @@ "storage_accounts/107-storage-account-management-policy", "storage_accounts/109-storage-account-advanced-options-cmk", "storage_accounts/110-file-share-with-acl", - "storage_accounts/112-storage-account-with-defender", "storage_container/101-storage_container", "synapse_analytics/100-synapse", "synapse_analytics/101-synapse-sparkpool", diff --git a/examples/azuread/107-azuread-application-with-single-page-application/configuration.tfvars b/examples/azuread/107-azuread-application-with-single-page-application/configuration.tfvars index be32857be7..a8a7b91a7e 100644 --- a/examples/azuread/107-azuread-application-with-single-page-application/configuration.tfvars +++ b/examples/azuread/107-azuread-application-with-single-page-application/configuration.tfvars @@ -56,8 +56,8 @@ azuread_applications = { admin_consent_description = "Allow to administer app2." admin_consent_display_name = "Administer app2" enabled = true - type = "Admin" - value = "app2" + type = "Admin" + value = "app2" } ] } diff --git a/examples/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars b/examples/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars index 62c98ec3e1..79f8ab921a 100644 --- a/examples/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars +++ b/examples/cognitive_services/101-cognitive-services-account-managed-identity/configuration.tfvars @@ -27,14 +27,14 @@ cognitive_services_account = { # lz_key = "examples" key = "test-rg" } - name = "cs-test-1" - kind = "OpenAI" - sku_name = "S0" + name = "cs-test-1" + kind = "OpenAI" + sku_name = "S0" public_network_access_enabled = true identity = { type = "SystemAssigned, UserAssigned" // Can be "SystemAssigned, UserAssigned" or "SystemAssigned" or "UserAssigned" - key = "cognitive_msi" // A must with "SystemAssigned, UserAssigned" and "UserAssigned" + key = "cognitive_msi" // A must with "SystemAssigned, UserAssigned" and "UserAssigned" } tags = { diff --git a/examples/compute/kubernetes_services/101-single-cluster/aks.tfvars b/examples/compute/kubernetes_services/101-single-cluster/aks.tfvars index 87218b10ff..a55d375ee9 100644 --- a/examples/compute/kubernetes_services/101-single-cluster/aks.tfvars +++ b/examples/compute/kubernetes_services/101-single-cluster/aks.tfvars @@ -18,8 +18,6 @@ aks_clusters = { resource_group_key = "aks_re1" os_type = "Linux" - cost_analysis_enabled = true - identity = { type = "SystemAssigned" } diff --git a/examples/maintenance_configuration/300-maintenance-configuration-assignment-dynamic-scope/configuration.tfvars b/examples/maintenance_configuration/300-maintenance-configuration-assignment-dynamic-scope/configuration.tfvars new file mode 100644 index 0000000000..7ce629e832 --- /dev/null +++ b/examples/maintenance_configuration/300-maintenance-configuration-assignment-dynamic-scope/configuration.tfvars @@ -0,0 +1,74 @@ +global_settings = { + default_region = "region1" + regions = { + region1 = "northeurope" + } +} + +resource_groups = { + rg1 = { + name = "rsg_umc" + region = "region1" + } + rg2 = { + name = "rsg_umc2" + region = "region1" + } +} + +maintenance_configuration = { + mc_re1 = { + name = "example-mc" + region = "region1" + resource_group_key = "rg1" + scope = "InGuestPatch" + in_guest_user_patch_mode = "User" + window = { + start_date_time = "2023-06-08 15:04" + duration = "03:55" + time_zone = "Romance Standard Time" + recur_every = "2Day" + } + + install_patches = { + windows = { + classifications_to_include = ["Critical", "Security"] + # kb_numbers_to_exclude = ["KB123456", "KB789012"] + # kb_numbers_to_include = ["KB345678", "KB901234"] + } + reboot = "IfRequired" + } + # tags = {} # optional + } +} + +maintenance_assignment_dynamic_scope = { + example = { + name = "example-windows-tags" + maintenance_configuration_key = "mc_re1" + filter = { + # locations = ["France Central","Japan West"] + os_types = ["Windows"] + resource_types = ["Microsoft.Compute/virtualMachines"] + resource_group_key = ["rg1", "rg2"] + # resources_groups = { + # rg1 = { + # lz_key = "test" + # key = ["rg1", "rg2"] + # } + # } + tag_filter = "Any" + tags = { + tag_example = { + tag = "foo" + values = ["barbar"] + } + tag_example2 = { + tag = "foo2" + values = ["barbar2"] + } + } + } + } +} + diff --git a/examples/module.tf b/examples/module.tf index f2fbbc1c6c..819c7bddb0 100644 --- a/examples/module.tf +++ b/examples/module.tf @@ -430,6 +430,7 @@ module "example" { maintenance = { maintenance_configuration = var.maintenance_configuration + maintenance_assignment_dynamic_scope = var.maintenance_assignment_dynamic_scope maintenance_assignment_virtual_machine = var.maintenance_assignment_virtual_machine } search_services = { diff --git a/examples/storage_accounts/112-storage-account-with-defender/configuration.tfvars b/examples/storage_accounts/112-storage-account-with-defender/configuration.tfvars deleted file mode 100644 index 9aa028164b..0000000000 --- a/examples/storage_accounts/112-storage-account-with-defender/configuration.tfvars +++ /dev/null @@ -1,49 +0,0 @@ -global_settings = { - default_region = "region1" - regions = { - region1 = "australiaeast" - } -} - -resource_groups = { - test = { - name = "storage-account-defender" - } -} - -# https://docs.microsoft.com/en-us/azure/storage/ -storage_accounts = { - sa1 = { - name = "sa1dev" - # This option is to enable remote RG reference - # resource_group = { - # lz_key = "" - # key = "" - # } - - resource_group_key = "test" - # Account types are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. Defaults to StorageV2 - account_kind = "BlobStorage" - # Account Tier options are Standard and Premium. For BlockBlobStorage and FileStorage accounts only Premium is valid. - account_tier = "Standard" - # Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS - account_replication_type = "LRS" # https://docs.microsoft.com/en-us/azure/storage/common/storage-redundancy - tags = { - environment = "dev" - team = "IT" - ## - } - containers = { - dev = { - name = "random" - } - } - - defender = { - override_subscription_settings = true - malware_scanning_on_upload = true - malware_scanning_on_upload_cap_gb_per_month = 10 - sensitive_data_discovery_enabled = false - } - } -} diff --git a/examples/variables.tf b/examples/variables.tf index 53625d0dd2..ec4714881a 100644 --- a/examples/variables.tf +++ b/examples/variables.tf @@ -1123,10 +1123,7 @@ variable "cosmosdb_role_definitions" { variable "data_sources" { default = {} } -variable "maintenance_configuration" { - default = {} -} -variable "maintenance_assignment_virtual_machine" { +variable "maintenance" { default = {} } variable "search_services" { diff --git a/locals.combined_objects.tf b/locals.combined_objects.tf index 8c2f27186a..b4abb74814 100644 --- a/locals.combined_objects.tf +++ b/locals.combined_objects.tf @@ -12,177 +12,178 @@ locals { combined_objects_app_config = merge(tomap({ (local.client_config.landingzone_key) = module.app_config }), lookup(var.remote_objects, "app_config", {}), lookup(var.data_sources, "app_config", {})) combined_objects_app_service_environments = merge(tomap({ (local.client_config.landingzone_key) = module.app_service_environments }), lookup(var.remote_objects, "app_service_environments", {}), lookup(var.data_sources, "app_service_environments", {})) combined_objects_app_service_environments_all = merge(local.combined_objects_app_service_environments, local.combined_objects_app_service_environments_v3) - combined_objects_app_service_environments_v3 = merge(tomap({ (local.client_config.landingzone_key) = merge(module.app_service_environments_v3, lookup(var.data_sources, "app_service_environments_v3", {})) }), lookup(var.remote_objects, "app_service_environments_v3", {})) - combined_objects_app_service_plans = merge(tomap({ (local.client_config.landingzone_key) = merge(module.app_service_plans, lookup(var.data_sources, "app_service_plans", {})) }), lookup(var.remote_objects, "app_service_plans", {})) - combined_objects_app_services = merge(tomap({ (local.client_config.landingzone_key) = module.app_services }), lookup(var.remote_objects, "app_services", {}), lookup(var.data_sources, "app_services", {})) - combined_objects_application_gateway_platforms = merge(tomap({ (local.client_config.landingzone_key) = module.application_gateway_platforms }), lookup(var.remote_objects, "application_gateway_platforms", {})) - combined_objects_application_gateway_waf_policies = merge(tomap({ (local.client_config.landingzone_key) = module.application_gateway_waf_policies }), lookup(var.remote_objects, "application_gateway_waf_policies", {})) - combined_objects_application_gateways = merge(tomap({ (local.client_config.landingzone_key) = module.application_gateways }), lookup(var.remote_objects, "application_gateways", {}), lookup(var.data_sources, "application_gateways", {})) - combined_objects_application_insights = merge(tomap({ (local.client_config.landingzone_key) = module.azurerm_application_insights }), lookup(var.remote_objects, "azurerm_application_insights", {}), lookup(var.data_sources, "azurerm_application_insights", {})) - combined_objects_application_insights_standard_web_test = merge(tomap({ (local.client_config.landingzone_key) = module.azurerm_application_insights_standard_web_test }), lookup(var.remote_objects, "azurerm_application_insights_standard_web_test", {})) - combined_objects_application_insights_web_test = merge(tomap({ (local.client_config.landingzone_key) = module.azurerm_application_insights_web_test }), lookup(var.remote_objects, "azurerm_application_insights_web_test", {})) - combined_objects_application_security_groups = merge(tomap({ (local.client_config.landingzone_key) = module.application_security_groups }), lookup(var.remote_objects, "application_security_groups", {})) - combined_objects_automations = merge(tomap({ (local.client_config.landingzone_key) = module.automations }), lookup(var.remote_objects, "automations", {})) - combined_objects_availability_sets = merge(tomap({ (local.client_config.landingzone_key) = module.availability_sets }), lookup(var.remote_objects, "availability_sets", {})) - combined_objects_azure_container_registries = merge(tomap({ (local.client_config.landingzone_key) = module.container_registry }), lookup(var.remote_objects, "container_registry", {})) - combined_objects_azuread_administrative_units = merge(tomap({ (local.client_config.landingzone_key) = module.azuread_administrative_unit }), lookup(var.remote_objects, "administrative_units", {})) - combined_objects_azuread_applications = merge(tomap({ (local.client_config.landingzone_key) = module.azuread_applications_v1 }), lookup(var.remote_objects, "azuread_applications", {})) - combined_objects_azuread_apps = merge(tomap({ (local.client_config.landingzone_key) = module.azuread_applications }), lookup(var.remote_objects, "azuread_apps", {})) - combined_objects_azuread_groups = merge(tomap({ (local.client_config.landingzone_key) = merge(module.azuread_groups, lookup(var.data_sources, "azuread_groups", {})) }), lookup(var.remote_objects, "azuread_groups", {})) - combined_objects_azuread_service_principal_passwords = merge(tomap({ (local.client_config.landingzone_key) = module.azuread_service_principal_passwords }), lookup(var.remote_objects, "azuread_service_principal_passwords", {})) - combined_objects_azuread_service_principals = merge(tomap({ (local.client_config.landingzone_key) = module.azuread_service_principals }), lookup(var.remote_objects, "azuread_service_principals", {}), lookup(var.data_sources, "azuread_service_principals", {})) - combined_objects_azuread_users = merge(tomap({ (local.client_config.landingzone_key) = module.azuread_users }), lookup(var.remote_objects, "azuread_users", {}), lookup(var.data_sources, "azuread_users", {})) - combined_objects_azurerm_firewall_policies = merge(tomap({ (local.client_config.landingzone_key) = module.azurerm_firewall_policies }), lookup(var.remote_objects, "azurerm_firewall_policies", {}), lookup(var.data_sources, "azurerm_firewall_policies", {})) - combined_objects_azurerm_firewalls = merge(tomap({ (local.client_config.landingzone_key) = module.azurerm_firewalls }), lookup(var.remote_objects, "azurerm_firewalls", {}), lookup(var.data_sources, "azurerm_firewalls", {})) - combined_objects_backup_vault_instances = merge(tomap({ (local.client_config.landingzone_key) = local.backup_vault_instances }), lookup(var.remote_objects, "backup_vault_instances", {})) - combined_objects_backup_vault_policies = merge(tomap({ (local.client_config.landingzone_key) = local.backup_vault_policies }), lookup(var.remote_objects, "backup_vault_policies", {})) - combined_objects_backup_vaults = merge(tomap({ (local.client_config.landingzone_key) = module.backup_vaults }), lookup(var.remote_objects, "backup_vaults", {})) - combined_objects_batch_accounts = merge(tomap({ (local.client_config.landingzone_key) = module.batch_accounts }), lookup(var.remote_objects, "batch_accounts", {})) - combined_objects_batch_applications = merge(tomap({ (local.client_config.landingzone_key) = module.batch_applications }), lookup(var.remote_objects, "batch_applications", {})) - combined_objects_batch_certificates = merge(tomap({ (local.client_config.landingzone_key) = module.batch_certificates }), lookup(var.remote_objects, "batch_certificates", {})) - combined_objects_batch_jobs = merge(tomap({ (local.client_config.landingzone_key) = module.batch_jobs }), lookup(var.remote_objects, "batch_jobs", {})) - combined_objects_batch_pools = merge(tomap({ (local.client_config.landingzone_key) = module.batch_pools }), lookup(var.remote_objects, "batch_pools", {})) - combined_objects_cdn_profile = merge(tomap({ (local.client_config.landingzone_key) = module.cdn_profile }), lookup(var.remote_objects, "cdn_profile", {}), lookup(var.data_sources, "cdn_profile", {})) - combined_objects_cognitive_services_accounts = merge(tomap({ (local.client_config.landingzone_key) = module.cognitive_services_account }), lookup(var.remote_objects, "cognitive_services_account", {}), lookup(var.data_sources, "cognitive_services_account", {})) - combined_objects_consumption_budgets_resource_groups = merge(tomap({ (local.client_config.landingzone_key) = module.consumption_budgets_resource_groups }), lookup(var.remote_objects, "consumption_budgets_resource_groups", {}), lookup(var.data_sources, "consumption_budgets_resource_groups", {})) - combined_objects_consumption_budgets_subscriptions = merge(tomap({ (local.client_config.landingzone_key) = module.consumption_budgets_subscriptions }), lookup(var.remote_objects, "consumption_budgets_subscriptions", {}), lookup(var.data_sources, "consumption_budgets_subscriptions", {})) - combined_objects_container_registry = merge(tomap({ (local.client_config.landingzone_key) = module.container_registry }), lookup(var.remote_objects, "container_registry", {}), lookup(var.data_sources, "container_registry", {})) - combined_objects_container_app_environments = merge(tomap({ (local.client_config.landingzone_key) = module.container_app_environments }), lookup(var.remote_objects, "container_app_environments", {})) - combined_objects_container_app_environment_certificates = merge(tomap({ (local.client_config.landingzone_key) = module.container_app_environment_certificates }), lookup(var.remote_objects, "container_app_environment_certificates", {})) - combined_objects_container_app_environment_storages = merge(tomap({ (local.client_config.landingzone_key) = module.container_app_environment_storages }), lookup(var.remote_objects, "container_app_environment_storages", {})) - combined_objects_cosmos_dbs = merge(tomap({ (local.client_config.landingzone_key) = module.cosmos_dbs }), lookup(var.remote_objects, "cosmos_dbs", {}), lookup(var.data_sources, "cosmos_dbs", {})) - combined_objects_cosmosdb_sql_databases = merge(tomap({ (local.client_config.landingzone_key) = module.cosmosdb_sql_databases }), lookup(var.remote_objects, "cosmosdb_sql_databases", {})) - combined_objects_data_factory = merge(tomap({ (local.client_config.landingzone_key) = merge(module.data_factory, lookup(var.data_sources, "data_factory", {})) }), lookup(var.remote_objects, "data_factory", {})) - combined_objects_data_factory_integration_runtime_azure_ssis = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_integration_runtime_azure_ssis }), lookup(var.remote_objects, "combined_objects_data_factory_integration_runtime_azure_ssis", {})) - combined_objects_data_factory_integration_runtime_self_hosted = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_integration_runtime_self_hosted }), lookup(var.remote_objects, "data_factory_integration_runtime_self_hosted", {})) - combined_objects_data_factory_linked_service_azure_blob_storage = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_linked_service_azure_blob_storage }), lookup(var.remote_objects, "data_factory_linked_service_azure_blob_storage", {})) - combined_objects_data_factory_linked_service_cosmosdb = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_linked_service_cosmosdb }), lookup(var.remote_objects, "data_factory_linked_service_cosmosdb", {})) - combined_objects_data_factory_linked_service_mysql = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_linked_service_mysql }), lookup(var.remote_objects, "data_factory_linked_service_mysql", {})) - combined_objects_data_factory_linked_service_postgresql = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_linked_service_postgresql }), lookup(var.remote_objects, "data_factory_linked_service_postgresql", {})) - combined_objects_data_factory_linked_service_sql_server = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_linked_service_sql_server }), lookup(var.remote_objects, "data_factory_linked_service_sql_server", {})) - combined_objects_data_factory_linked_service_web = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_linked_service_web }), lookup(var.remote_objects, "data_factory_linked_service_web", {})) - combined_objects_data_factory_pipeline = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_pipeline }), lookup(var.remote_objects, "data_factory_pipeline", {})) - combined_objects_database_migration_services = merge(tomap({ (local.client_config.landingzone_key) = module.database_migration_services }), lookup(var.remote_objects, "database_migration_services", {})) - combined_objects_databricks_workspaces = merge(tomap({ (local.client_config.landingzone_key) = module.databricks_workspaces }), lookup(var.remote_objects, "databricks_workspaces", {}), lookup(var.data_sources, "databricks_workspaces", {})) - combined_objects_databricks_access_connectors = merge(tomap({ (local.client_config.landingzone_key) = module.databricks_access_connectors }), lookup(var.remote_objects, "databricks_access_connectors", {}), lookup(var.data_sources, "databricks_access_connectors", {})) - combined_objects_ddos_services = merge(tomap({ (local.client_config.landingzone_key) = azurerm_network_ddos_protection_plan.ddos_protection_plan }), lookup(var.remote_objects, "ddos_services", {}), lookup(var.remote_objects, "ddos_services", {})) - combined_objects_dedicated_host_groups = merge(tomap({ (local.client_config.landingzone_key) = module.dedicated_host_groups }), lookup(var.remote_objects, "dedicated_host_groups", {}), lookup(var.data_sources, "dedicated_host_groups", {})) - combined_objects_dedicated_hosts = merge(tomap({ (local.client_config.landingzone_key) = module.dedicated_hosts }), lookup(var.remote_objects, "dedicated_hosts", {}), lookup(var.data_sources, "dedicated_hosts", {})) - combined_objects_diagnostic_storage_accounts = merge(tomap({ (local.client_config.landingzone_key) = module.diagnostic_storage_accounts }), lookup(var.remote_objects, "diagnostic_storage_accounts", {})) - combined_objects_digital_twins_instances = merge(tomap({ (local.client_config.landingzone_key) = module.digital_twins_instances }), lookup(var.remote_objects, "digital_twins_instances", {})) - combined_objects_disk_encryption_sets = merge(tomap({ (local.client_config.landingzone_key) = merge(module.disk_encryption_sets, module.disk_encryption_sets_external) }), lookup(var.remote_objects, "disk_encryption_sets", {}), lookup(var.remote_objects, "disk_encryption_sets_external", {}), lookup(var.data_sources, "disk_encryption_sets", {})) - combined_objects_dns_zones = merge(tomap({ (local.client_config.landingzone_key) = module.dns_zones }), lookup(var.remote_objects, "dns_zones", {}), lookup(var.data_sources, "dns_zones", {})) - combined_objects_domain_name_registrations = merge(tomap({ (local.client_config.landingzone_key) = module.domain_name_registrations }), lookup(var.remote_objects, "domain_name_registrations", {})) - combined_objects_event_hub_auth_rules = merge(tomap({ (local.client_config.landingzone_key) = module.event_hub_auth_rules }), lookup(var.remote_objects, "event_hub_auth_rules", {})) - combined_objects_event_hub_namespaces = merge(tomap({ (local.client_config.landingzone_key) = module.event_hub_namespaces }), lookup(var.remote_objects, "event_hub_namespaces", {}), lookup(var.data_sources, "event_hub_namespaces", {})) - combined_objects_event_hubs = merge(tomap({ (local.client_config.landingzone_key) = module.event_hubs }), lookup(var.remote_objects, "event_hubs", {})) - combined_objects_eventgrid_domains = merge(tomap({ (local.client_config.landingzone_key) = module.eventgrid_domain }), lookup(var.remote_objects, "eventgrid_domain", {})) - combined_objects_eventgrid_topics = merge(tomap({ (local.client_config.landingzone_key) = module.eventgrid_topic }), lookup(var.remote_objects, "eventgrid_topic", {})) + combined_objects_app_service_environments_v3 = merge(tomap({ (local.client_config.landingzone_key) = merge(module.app_service_environments_v3, try(var.data_sources.app_service_environments_v3, {})) }), try(var.remote_objects.app_service_environments_v3, {})) + combined_objects_app_service_plans = merge(tomap({ (local.client_config.landingzone_key) = merge(module.app_service_plans, try(var.data_sources.app_service_plans, {})) }), try(var.remote_objects.app_service_plans, {})) + combined_objects_app_services = merge(tomap({ (local.client_config.landingzone_key) = module.app_services }), try(var.remote_objects.app_services, {}), try(var.data_sources.app_services, {})) + combined_objects_application_gateway_platforms = merge(tomap({ (local.client_config.landingzone_key) = module.application_gateway_platforms }), try(var.remote_objects.application_gateway_platforms, {})) + combined_objects_application_gateway_waf_policies = merge(tomap({ (local.client_config.landingzone_key) = module.application_gateway_waf_policies }), try(var.remote_objects.application_gateway_waf_policies, {})) + combined_objects_application_gateways = merge(tomap({ (local.client_config.landingzone_key) = module.application_gateways }), try(var.remote_objects.application_gateways, {}), try(var.data_sources.application_gateways, {})) + combined_objects_application_insights = merge(tomap({ (local.client_config.landingzone_key) = module.azurerm_application_insights }), try(var.remote_objects.azurerm_application_insights, {}), try(var.data_sources.azurerm_application_insights, {})) + combined_objects_application_insights_standard_web_test = merge(tomap({ (local.client_config.landingzone_key) = module.azurerm_application_insights_standard_web_test }), try(var.remote_objects.azurerm_application_insights_standard_web_test, {})) + combined_objects_application_insights_web_test = merge(tomap({ (local.client_config.landingzone_key) = module.azurerm_application_insights_web_test }), try(var.remote_objects.azurerm_application_insights_web_test, {})) + combined_objects_application_security_groups = merge(tomap({ (local.client_config.landingzone_key) = module.application_security_groups }), try(var.remote_objects.application_security_groups, {})) + combined_objects_automations = merge(tomap({ (local.client_config.landingzone_key) = module.automations }), try(var.remote_objects.automations, {})) + combined_objects_availability_sets = merge(tomap({ (local.client_config.landingzone_key) = module.availability_sets }), try(var.remote_objects.availability_sets, {})) + combined_objects_azure_container_registries = merge(tomap({ (local.client_config.landingzone_key) = module.container_registry }), try(var.remote_objects.container_registry, {})) + combined_objects_azuread_administrative_units = merge(tomap({ (local.client_config.landingzone_key) = module.azuread_administrative_unit }), try(var.remote_objects.administrative_units, {})) + combined_objects_azuread_applications = merge(tomap({ (local.client_config.landingzone_key) = module.azuread_applications_v1 }), try(var.remote_objects.azuread_applications, {})) + combined_objects_azuread_apps = merge(tomap({ (local.client_config.landingzone_key) = module.azuread_applications }), try(var.remote_objects.azuread_apps, {})) + combined_objects_azuread_groups = merge(tomap({ (local.client_config.landingzone_key) = merge(module.azuread_groups, try(var.data_sources.azuread_groups, {})) }), try(var.remote_objects.azuread_groups, {})) + combined_objects_azuread_service_principal_passwords = merge(tomap({ (local.client_config.landingzone_key) = module.azuread_service_principal_passwords }), try(var.remote_objects.azuread_service_principal_passwords, {})) + combined_objects_azuread_service_principals = merge(tomap({ (local.client_config.landingzone_key) = module.azuread_service_principals }), try(var.remote_objects.azuread_service_principals, {}), try(var.data_sources.azuread_service_principals, {})) + combined_objects_azuread_users = merge(tomap({ (local.client_config.landingzone_key) = module.azuread_users }), try(var.remote_objects.azuread_users, {}), try(var.data_sources.azuread_users, {})) + combined_objects_azurerm_firewall_policies = merge(tomap({ (local.client_config.landingzone_key) = module.azurerm_firewall_policies }), try(var.remote_objects.azurerm_firewall_policies, {}), try(var.data_sources.azurerm_firewall_policies, {})) + combined_objects_azurerm_firewalls = merge(tomap({ (local.client_config.landingzone_key) = module.azurerm_firewalls }), try(var.remote_objects.azurerm_firewalls, {}), try(var.data_sources.azurerm_firewalls, {})) + combined_objects_backup_vault_instances = merge(tomap({ (local.client_config.landingzone_key) = local.backup_vault_instances }), try(var.remote_objects.backup_vault_instances, {})) + combined_objects_backup_vault_policies = merge(tomap({ (local.client_config.landingzone_key) = local.backup_vault_policies }), try(var.remote_objects.backup_vault_policies, {})) + combined_objects_backup_vaults = merge(tomap({ (local.client_config.landingzone_key) = module.backup_vaults }), try(var.remote_objects.backup_vaults, {})) + combined_objects_batch_accounts = merge(tomap({ (local.client_config.landingzone_key) = module.batch_accounts }), try(var.remote_objects.batch_accounts, {})) + combined_objects_batch_applications = merge(tomap({ (local.client_config.landingzone_key) = module.batch_applications }), try(var.remote_objects.batch_applications, {})) + combined_objects_batch_certificates = merge(tomap({ (local.client_config.landingzone_key) = module.batch_certificates }), try(var.remote_objects.batch_certificates, {})) + combined_objects_batch_jobs = merge(tomap({ (local.client_config.landingzone_key) = module.batch_jobs }), try(var.remote_objects.batch_jobs, {})) + combined_objects_batch_pools = merge(tomap({ (local.client_config.landingzone_key) = module.batch_pools }), try(var.remote_objects.batch_pools, {})) + combined_objects_cdn_profile = merge(tomap({ (local.client_config.landingzone_key) = module.cdn_profile }), try(var.remote_objects.cdn_profile, {}), try(var.data_sources.cdn_profile, {})) + combined_objects_cognitive_services_accounts = merge(tomap({ (local.client_config.landingzone_key) = module.cognitive_services_account }), try(var.remote_objects.cognitive_services_account, {}), try(var.data_sources.cognitive_services_account, {})) + combined_objects_consumption_budgets_resource_groups = merge(tomap({ (local.client_config.landingzone_key) = module.consumption_budgets_resource_groups }), try(var.remote_objects.consumption_budgets_resource_groups, {}), try(var.data_sources.consumption_budgets_resource_groups, {})) + combined_objects_consumption_budgets_subscriptions = merge(tomap({ (local.client_config.landingzone_key) = module.consumption_budgets_subscriptions }), try(var.remote_objects.consumption_budgets_subscriptions, {}), try(var.data_sources.consumption_budgets_subscriptions, {})) + combined_objects_container_registry = merge(tomap({ (local.client_config.landingzone_key) = module.container_registry }), try(var.remote_objects.container_registry, {}), try(var.data_sources.container_registry, {})) + combined_objects_container_app_environments = merge(tomap({ (local.client_config.landingzone_key) = module.container_app_environments }), try(var.remote_objects.container_app_environments, {})) + combined_objects_container_app_environment_certificates = merge(tomap({ (local.client_config.landingzone_key) = module.container_app_environment_certificates }), try(var.remote_objects.container_app_environment_certificates, {})) + combined_objects_container_app_environment_storages = merge(tomap({ (local.client_config.landingzone_key) = module.container_app_environment_storages }), try(var.remote_objects.container_app_environment_storages, {})) + combined_objects_cosmos_dbs = merge(tomap({ (local.client_config.landingzone_key) = module.cosmos_dbs }), try(var.remote_objects.cosmos_dbs, {}), try(var.data_sources.cosmos_dbs, {})) + combined_objects_cosmosdb_sql_databases = merge(tomap({ (local.client_config.landingzone_key) = module.cosmosdb_sql_databases }), try(var.remote_objects.cosmosdb_sql_databases, {})) + combined_objects_data_factory = merge(tomap({ (local.client_config.landingzone_key) = merge(module.data_factory, try(var.data_sources.data_factory, {})) }), try(var.remote_objects.data_factory, {})) + combined_objects_data_factory_integration_runtime_azure_ssis = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_integration_runtime_azure_ssis }), try(var.remote_objects.combined_objects_data_factory_integration_runtime_azure_ssis, {})) + combined_objects_data_factory_integration_runtime_self_hosted = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_integration_runtime_self_hosted }), try(var.remote_objects.data_factory_integration_runtime_self_hosted, {})) + combined_objects_data_factory_linked_service_azure_blob_storage = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_linked_service_azure_blob_storage }), try(var.remote_objects.data_factory_linked_service_azure_blob_storage, {})) + combined_objects_data_factory_linked_service_cosmosdb = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_linked_service_cosmosdb }), try(var.remote_objects.data_factory_linked_service_cosmosdb, {})) + combined_objects_data_factory_linked_service_mysql = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_linked_service_mysql }), try(var.remote_objects.data_factory_linked_service_mysql, {})) + combined_objects_data_factory_linked_service_postgresql = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_linked_service_postgresql }), try(var.remote_objects.data_factory_linked_service_postgresql, {})) + combined_objects_data_factory_linked_service_sql_server = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_linked_service_sql_server }), try(var.remote_objects.data_factory_linked_service_sql_server, {})) + combined_objects_data_factory_linked_service_web = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_linked_service_web }), try(var.remote_objects.data_factory_linked_service_web, {})) + combined_objects_data_factory_pipeline = merge(tomap({ (local.client_config.landingzone_key) = module.data_factory_pipeline }), try(var.remote_objects.data_factory_pipeline, {})) + combined_objects_database_migration_services = merge(tomap({ (local.client_config.landingzone_key) = module.database_migration_services }), try(var.remote_objects.database_migration_services, {})) + combined_objects_databricks_workspaces = merge(tomap({ (local.client_config.landingzone_key) = module.databricks_workspaces }), try(var.remote_objects.databricks_workspaces, {}), try(var.data_sources.databricks_workspaces, {})) + combined_objects_databricks_access_connectors = merge(tomap({ (local.client_config.landingzone_key) = module.databricks_access_connectors }), try(var.remote_objects.databricks_access_connectors, {}), try(var.data_sources.databricks_access_connectors, {})) + combined_objects_ddos_services = merge(tomap({ (local.client_config.landingzone_key) = azurerm_network_ddos_protection_plan.ddos_protection_plan }), try(var.remote_objects.ddos_services, {}), try(var.remote_objects.ddos_services, {})) + combined_objects_dedicated_host_groups = merge(tomap({ (local.client_config.landingzone_key) = module.dedicated_host_groups }), try(var.remote_objects.dedicated_host_groups, {}), try(var.data_sources.dedicated_host_groups, {})) + combined_objects_dedicated_hosts = merge(tomap({ (local.client_config.landingzone_key) = module.dedicated_hosts }), try(var.remote_objects.dedicated_hosts, {}), try(var.data_sources.dedicated_hosts, {})) + combined_objects_diagnostic_storage_accounts = merge(tomap({ (local.client_config.landingzone_key) = module.diagnostic_storage_accounts }), try(var.remote_objects.diagnostic_storage_accounts, {})) + combined_objects_digital_twins_instances = merge(tomap({ (local.client_config.landingzone_key) = module.digital_twins_instances }), try(var.remote_objects.digital_twins_instances, {})) + combined_objects_disk_encryption_sets = merge(tomap({ (local.client_config.landingzone_key) = merge(module.disk_encryption_sets, module.disk_encryption_sets_external) }), try(var.remote_objects.disk_encryption_sets, {}), try(var.remote_objects.disk_encryption_sets_external, {}), try(var.data_sources.disk_encryption_sets, {})) + combined_objects_dns_zones = merge(tomap({ (local.client_config.landingzone_key) = module.dns_zones }), try(var.remote_objects.dns_zones, {}), try(var.data_sources.dns_zones, {})) + combined_objects_domain_name_registrations = merge(tomap({ (local.client_config.landingzone_key) = module.domain_name_registrations }), try(var.remote_objects.domain_name_registrations, {})) + combined_objects_event_hub_auth_rules = merge(tomap({ (local.client_config.landingzone_key) = module.event_hub_auth_rules }), try(var.remote_objects.event_hub_auth_rules, {})) + combined_objects_event_hub_namespaces = merge(tomap({ (local.client_config.landingzone_key) = module.event_hub_namespaces }), try(var.remote_objects.event_hub_namespaces, {}), try(var.data_sources.event_hub_namespaces, {})) + combined_objects_event_hubs = merge(tomap({ (local.client_config.landingzone_key) = module.event_hubs }), try(var.remote_objects.event_hubs, {})) + combined_objects_eventgrid_domains = merge(tomap({ (local.client_config.landingzone_key) = module.eventgrid_domain }), try(var.remote_objects.eventgrid_domain, {})) + combined_objects_eventgrid_topics = merge(tomap({ (local.client_config.landingzone_key) = module.eventgrid_topic }), try(var.remote_objects.eventgrid_topic, {})) combined_objects_eventgrid_system_topics = merge(tomap({ (local.client_config.landingzone_key) = module.eventgrid_system_topic }), lookup(var.remote_objects, "eventgrid_system_topic", {})) - combined_objects_express_route_circuit_authorizations = merge(tomap({ (local.client_config.landingzone_key) = module.express_route_circuit_authorizations }), lookup(var.remote_objects, "express_route_circuit_authorizations", {})) - combined_objects_express_route_circuit_peerings = merge(tomap({ (local.client_config.landingzone_key) = module.express_route_circuit_peerings }), lookup(var.remote_objects, "express_route_circuit_peerings", {})) - combined_objects_express_route_circuits = merge(tomap({ (local.client_config.landingzone_key) = module.express_route_circuits }), lookup(var.remote_objects, "express_route_circuits", {}), lookup(var.data_sources, "express_route_circuits", {})) - combined_objects_front_door = merge(tomap({ (local.client_config.landingzone_key) = module.front_doors }), lookup(var.remote_objects, "front_doors", {})) - combined_objects_front_door_waf_policies = merge(tomap({ (local.client_config.landingzone_key) = module.front_door_waf_policies }), lookup(var.remote_objects, "front_door_waf_policies", {})) - combined_objects_function_apps = merge(tomap({ (local.client_config.landingzone_key) = module.function_apps }), lookup(var.remote_objects, "function_apps", {})) - combined_objects_image_definitions = merge(tomap({ (local.client_config.landingzone_key) = module.image_definitions }), lookup(var.remote_objects, "image_definitions", {})) - combined_objects_integration_service_environment = merge(tomap({ (local.client_config.landingzone_key) = module.integration_service_environment }), lookup(var.remote_objects, "integration_service_environment", {})) - combined_objects_iot_central_application = merge(tomap({ (local.client_config.landingzone_key) = module.iot_central_application }), lookup(var.remote_objects, "iot_central_application", {})) - combined_objects_iot_dps_certificate = merge(tomap({ (local.client_config.landingzone_key) = module.iot_dps_certificate }), lookup(var.remote_objects, "iot_dps_certificate", {})) - combined_objects_iot_dps_shared_access_policy = merge(tomap({ (local.client_config.landingzone_key) = module.iot_dps_shared_access_policy }), lookup(var.remote_objects, "iot_dps_shared_access_policy", {})) - combined_objects_iot_hub = merge(tomap({ (local.client_config.landingzone_key) = module.iot_hub }), lookup(var.remote_objects, "iot_hub", {})) - combined_objects_iot_hub_certificate = merge(tomap({ (local.client_config.landingzone_key) = module.iot_hub_certificate }), lookup(var.remote_objects, "iot_hub_certificate", {})) - combined_objects_iot_hub_consumer_groups = merge(tomap({ (local.client_config.landingzone_key) = module.iot_hub_consumer_groups }), lookup(var.remote_objects, "iot_hub_consumer_groups", {})) - combined_objects_iot_hub_dps = merge(tomap({ (local.client_config.landingzone_key) = module.iot_hub_dps }), lookup(var.remote_objects, "iot_hub_dps", {})) - combined_objects_iot_hub_shared_access_policy = merge(tomap({ (local.client_config.landingzone_key) = module.iot_hub_shared_access_policy }), lookup(var.remote_objects, "iot_hub_shared_access_policy", {})) - combined_objects_iot_security_device_group = merge(tomap({ (local.client_config.landingzone_key) = module.iot_security_device_group }), lookup(var.remote_objects, "iot_security_device_group", {})) - combined_objects_iot_security_solution = merge(tomap({ (local.client_config.landingzone_key) = module.iot_security_solution }), lookup(var.remote_objects, "iot_security_solution", {})) - combined_objects_keyvault_certificate_requests = merge(tomap({ (local.client_config.landingzone_key) = module.keyvault_certificate_requests }), lookup(var.remote_objects, "keyvault_certificate_requests", {})) - combined_objects_keyvault_certificates = merge(tomap({ (local.client_config.landingzone_key) = module.keyvault_certificates }), lookup(var.remote_objects, "keyvault_certificates", {}), lookup(var.data_sources, "keyvault_certificates", {})) - combined_objects_keyvault_keys = merge(tomap({ (local.client_config.landingzone_key) = merge(module.keyvault_keys, lookup(var.data_sources, "keyvault_keys", {})) }), lookup(var.remote_objects, "keyvault_keys", {}), lookup(var.data_sources, "keyvault_keys", {})) - combined_objects_keyvaults = merge(tomap({ (local.client_config.landingzone_key) = merge(module.keyvaults, lookup(var.data_sources, "keyvaults", {})) }), lookup(var.remote_objects, "keyvaults", {})) - combined_objects_kusto_clusters = merge(tomap({ (local.client_config.landingzone_key) = module.kusto_clusters }), lookup(var.remote_objects, "kusto_clusters", {}), lookup(var.data_sources, "kusto_clusters", {})) - combined_objects_kusto_databases = merge(tomap({ (local.client_config.landingzone_key) = module.kusto_databases }), lookup(var.remote_objects, "kusto_databases", {})) - combined_objects_lb = merge(tomap({ (local.client_config.landingzone_key) = module.lb }), lookup(var.remote_objects, "lb", {}), lookup(var.data_sources, "load_balancers", {})) - combined_objects_lb_backend_address_pool = merge(tomap({ (local.client_config.landingzone_key) = module.lb_backend_address_pool }), lookup(var.remote_objects, "lb_backend_address_pool", {})) - combined_objects_lb_probe = merge(tomap({ (local.client_config.landingzone_key) = module.lb_probe }), lookup(var.remote_objects, "lb_probe", {})) - combined_objects_load_balancers = merge(tomap({ (local.client_config.landingzone_key) = module.load_balancers }), lookup(var.remote_objects, "load_balancers", {}), lookup(var.data_sources, "load_balancers", {})) - combined_objects_load_test = merge(tomap({ (local.client_config.landingzone_key) = module.load_test }), lookup(var.remote_objects, "load_test", {}), lookup(var.data_sources, "load_test", {})) - combined_objects_log_analytics = merge(tomap({ (local.client_config.landingzone_key) = module.log_analytics }), lookup(var.remote_objects, "log_analytics", {}), lookup(var.data_sources, "log_analytics", {})) - combined_objects_logic_app_integration_account = merge(tomap({ (local.client_config.landingzone_key) = module.logic_app_integration_account }), lookup(var.remote_objects, "logic_app_integration_account", {}), lookup(var.data_sources, "logic_app_integration_account", {})) - combined_objects_logic_app_standard = merge(tomap({ (local.client_config.landingzone_key) = module.logic_app_standard }), lookup(var.remote_objects, "logic_app_standard", {})) - combined_objects_logic_app_workflow = merge(tomap({ (local.client_config.landingzone_key) = module.logic_app_workflow }), lookup(var.remote_objects, "logic_app_workflow", {}), lookup(var.data_sources, "logic_app_workflow", {})) - combined_objects_machine_learning = merge(tomap({ (local.client_config.landingzone_key) = module.machine_learning_workspaces }), lookup(var.remote_objects, "machine_learning_workspaces", {}), lookup(var.data_sources, "machine_learning_workspaces", {})) - combined_objects_maintenance_configuration = merge(tomap({ (local.client_config.landingzone_key) = module.maintenance_configuration }), lookup(var.remote_objects, "maintenance_configuration", {})) - combined_objects_maintenance_assignment_virtual_machine = merge(tomap({ (local.client_config.landingzone_key) = module.maintenance_assignment_virtual_machine }), lookup(var.remote_objects, "maintenance_assignment_virtual_machine", {})) - combined_objects_managed_identities = merge(tomap({ (local.client_config.landingzone_key) = module.managed_identities }), lookup(var.remote_objects, "managed_identities", {}), lookup(var.data_sources, "managed_identities", {})) - combined_objects_maps_accounts = merge(tomap({ (local.client_config.landingzone_key) = module.maps_accounts }), lookup(var.remote_objects, "maps_accounts", {})) - combined_objects_monitor_action_groups = merge(tomap({ (local.client_config.landingzone_key) = module.monitor_action_groups }), lookup(var.remote_objects, "monitor_action_groups", {}), lookup(var.data_sources, "monitor_action_groups", {})) - combined_objects_mssql_databases = merge(tomap({ (local.client_config.landingzone_key) = module.mssql_databases }), lookup(var.remote_objects, "mssql_databases", {}), lookup(var.data_sources, "mssql_databases", {})) - combined_objects_mssql_elastic_pools = merge(tomap({ (local.client_config.landingzone_key) = merge(module.mssql_elastic_pools, lookup(var.data_sources, "mssql_elastic_pools", {})) }), lookup(var.remote_objects, "mssql_elastic_pools", {})) - combined_objects_mssql_managed_databases = merge(tomap({ (local.client_config.landingzone_key) = merge(module.mssql_managed_databases, module.mssql_managed_databases_v1) }), lookup(var.remote_objects, "mssql_managed_databases", {}), lookup(var.data_sources, "mssql_managed_databases", {})) - combined_objects_mssql_managed_instances = merge(tomap({ (local.client_config.landingzone_key) = merge(module.mssql_managed_instances, module.mssql_managed_instances_v1, lookup(var.data_sources, "mssql_managed_instances", {})) }), lookup(var.remote_objects, "mssql_managed_instances", {}), lookup(var.data_sources, "mssql_managed_instances", {})) - combined_objects_mssql_managed_instances_secondary = merge(tomap({ (local.client_config.landingzone_key) = merge(module.mssql_managed_instances_secondary, module.mssql_managed_instances_secondary_v1, lookup(var.data_sources, "mssql_managed_instances_secondary", {})) }), lookup(var.remote_objects, "mssql_managed_instances_secondary", {}), lookup(var.remote_objects, "mssql_managed_instances_secondary", {})) - combined_objects_mssql_servers = merge(tomap({ (local.client_config.landingzone_key) = merge(module.mssql_servers, lookup(var.data_sources, "mssql_servers", {})) }), lookup(var.remote_objects, "mssql_servers", {})) - combined_objects_mysql_flexible_server = merge(tomap({ (local.client_config.landingzone_key) = module.mysql_flexible_server }), lookup(var.remote_objects, "mysql_flexible_server", {})) - combined_objects_mysql_servers = merge(tomap({ (local.client_config.landingzone_key) = module.mysql_servers }), lookup(var.remote_objects, "mysql_servers", {}), lookup(var.data_sources, "mysql_servers", {})) - combined_objects_nat_gateways = merge(tomap({ (local.client_config.landingzone_key) = module.nat_gateways }), lookup(var.remote_objects, "nat_gateways", {}), lookup(var.data_sources, "nat_gateways", {})) - combined_objects_network_profiles = merge(tomap({ (local.client_config.landingzone_key) = module.network_profiles }), lookup(var.remote_objects, "network_profiles", {})) - combined_objects_network_security_groups = merge(tomap({ (local.client_config.landingzone_key) = module.network_security_groups }), lookup(var.remote_objects, "network_security_groups", {}), lookup(var.data_sources, "network_security_groups", {})) - combined_objects_network_watchers = merge(tomap({ (local.client_config.landingzone_key) = module.network_watchers }), lookup(var.remote_objects, "network_watchers", {}), lookup(var.data_sources, "network_watchers", {})) - combined_objects_networking = merge(tomap({ (local.client_config.landingzone_key) = merge(module.networking, lookup(var.data_sources, "vnets", {})) }), lookup(var.remote_objects, "vnets", {})) - combined_objects_postgresql_flexible_servers = merge(tomap({ (local.client_config.landingzone_key) = module.postgresql_flexible_servers }), lookup(var.remote_objects, "postgresql_flexible_servers", {})) - combined_objects_postgresql_servers = merge(tomap({ (local.client_config.landingzone_key) = module.postgresql_servers }), lookup(var.remote_objects, "postgresql_servers", {}), lookup(var.data_sources, "postgresql_servers", {})) - combined_objects_private_dns = merge(tomap({ (local.client_config.landingzone_key) = module.private_dns }), lookup(var.remote_objects, "private_dns", {}), lookup(var.data_sources, "private_dns", {})) - combined_objects_private_dns_resolver_dns_forwarding_rulesets = merge(tomap({ (local.client_config.landingzone_key) = module.private_dns_resolver_dns_forwarding_rulesets }), lookup(var.remote_objects, "private_dns_resolver_dns_forwarding_rulesets", {})) - combined_objects_private_dns_resolver_inbound_endpoints = merge(tomap({ (local.client_config.landingzone_key) = module.private_dns_resolver_inbound_endpoints }), lookup(var.remote_objects, "private_dns_resolver_inbound_endpoints", {})) - combined_objects_private_dns_resolver_outbound_endpoints = merge(tomap({ (local.client_config.landingzone_key) = module.private_dns_resolver_outbound_endpoints }), lookup(var.remote_objects, "private_dns_resolver_outbound_endpoints", {})) - combined_objects_private_dns_resolvers = merge(tomap({ (local.client_config.landingzone_key) = module.private_dns_resolvers }), lookup(var.remote_objects, "private_dns_resolvers", {})) - combined_objects_private_endpoints = merge(tomap({ (local.client_config.landingzone_key) = module.private_endpoints }), lookup(var.remote_objects, "private_endpoints", {})) - combined_objects_proximity_placement_groups = merge(tomap({ (local.client_config.landingzone_key) = module.proximity_placement_groups }), lookup(var.remote_objects, "proximity_placement_groups", {}), lookup(var.data_sources, "proximity_placement_groups", {})) - combined_objects_public_ip_addresses = merge(tomap({ (local.client_config.landingzone_key) = module.public_ip_addresses }), lookup(var.remote_objects, "public_ip_addresses", {}), lookup(var.data_sources, "public_ip_addresses", {})) - combined_objects_public_ip_prefixes = merge(tomap({ (local.client_config.landingzone_key) = module.public_ip_prefixes }), lookup(var.remote_objects, "public_ip_prefixes", {})) - combined_objects_purview_accounts = merge(tomap({ (local.client_config.landingzone_key) = module.purview_accounts }), lookup(var.remote_objects, "purview_accounts", {})) - combined_objects_recovery_vaults = merge(tomap({ (local.client_config.landingzone_key) = merge(module.recovery_vaults, lookup(var.data_sources, "recovery_vaults", {})) }), lookup(var.remote_objects, "recovery_vaults", {})) - combined_objects_redis_caches = merge(tomap({ (local.client_config.landingzone_key) = module.redis_caches }), lookup(var.remote_objects, "redis_caches", {}), lookup(var.data_sources, "redis_caches", {})) - combined_objects_relay_hybrid_connection = merge(tomap({ (local.client_config.landingzone_key) = module.relay_hybrid_connection }), lookup(var.remote_objects, "relay_hybrid_connection", {})) - combined_objects_relay_namespace = merge(tomap({ (local.client_config.landingzone_key) = module.relay_namespace }), lookup(var.remote_objects, "relay_namespace", {})) - combined_objects_resource_groups = merge(tomap({ (local.client_config.landingzone_key) = merge(local.resource_groups, lookup(var.data_sources, "resource_groups", {})) }), lookup(var.remote_objects, "resource_groups", {})) - combined_objects_route_tables = merge(tomap({ (local.client_config.landingzone_key) = module.route_tables }), lookup(var.remote_objects, "route_tables", {})) - combined_objects_search_services = merge(tomap({ (local.client_config.landingzone_key) = module.search_service }), lookup(var.remote_objects, "search_services", {}), lookup(var.data_sources, "search_services", {})) - combined_objects_sentinel_watchlists = merge(tomap({ (local.client_config.landingzone_key) = module.sentinel_watchlists }), lookup(var.remote_objects, "sentinel_watchlists", {})) - combined_objects_servicebus_namespaces = merge(tomap({ (local.client_config.landingzone_key) = module.servicebus_namespaces }), lookup(var.remote_objects, "servicebus_namespaces", {}), lookup(var.data_sources, "servicebus_namespaces", {})) - combined_objects_servicebus_queues = merge(tomap({ (local.client_config.landingzone_key) = module.servicebus_queues }), lookup(var.remote_objects, "servicebus_queues", {}), lookup(var.data_sources, "servicebus_queues", {})) - combined_objects_servicebus_topics = merge(tomap({ (local.client_config.landingzone_key) = module.servicebus_topics }), lookup(var.remote_objects, "servicebus_topics", {}), lookup(var.data_sources, "servicebus_topics", {})) - combined_objects_signalr_services = merge(tomap({ (local.client_config.landingzone_key) = module.signalr_services }), lookup(var.remote_objects, "signalr_services", {}), lookup(var.data_sources, "signalr_services", {})) - combined_objects_storage_account_file_shares = merge(tomap({ (local.client_config.landingzone_key) = module.storage_account_file_shares }), lookup(var.remote_objects, "storage_account_file_shares", {})) - combined_objects_storage_account_queues = merge(tomap({ (local.client_config.landingzone_key) = module.storage_account_queues }), lookup(var.remote_objects, "storage_account_queues", {})) - combined_objects_storage_accounts = merge(tomap({ (local.client_config.landingzone_key) = merge(module.storage_accounts, lookup(var.data_sources, "storage_accounts", {})) }), lookup(var.remote_objects, "storage_accounts", {})) - combined_objects_storage_containers = merge(tomap({ (local.client_config.landingzone_key) = module.storage_containers }), lookup(var.remote_objects, "storage_containers", {}), lookup(var.data_sources, "storage_containers", {})) - combined_objects_synapse_workspaces = merge(tomap({ (local.client_config.landingzone_key) = module.synapse_workspaces }), lookup(var.remote_objects, "synapse_workspaces", {}), lookup(var.data_sources, "synapse_workspaces", {})) - combined_objects_traffic_manager_azure_endpoint = merge(tomap({ (local.client_config.landingzone_key) = module.traffic_manager_azure_endpoint }), lookup(var.remote_objects, "traffic_manager_azure_endpoint", {})) - combined_objects_traffic_manager_external_endpoint = merge(tomap({ (local.client_config.landingzone_key) = module.traffic_manager_external_endpoint }), lookup(var.remote_objects, "traffic_manager_external_endpoint", {})) - combined_objects_traffic_manager_nested_endpoint = merge(tomap({ (local.client_config.landingzone_key) = module.traffic_manager_nested_endpoint }), lookup(var.remote_objects, "traffic_manager_nested_endpoint", {})) - combined_objects_traffic_manager_profile = merge(tomap({ (local.client_config.landingzone_key) = module.traffic_manager_profile }), lookup(var.remote_objects, "traffic_manager_profile", {})) - combined_objects_virtual_hub_connections = merge(tomap({ (local.client_config.landingzone_key) = azurerm_virtual_hub_connection.vhub_connection }), lookup(var.remote_objects, "vhub_peerings", {}), lookup(var.remote_objects, "virtual_hub_connections", {})) - combined_objects_virtual_hub_route_tables = merge(tomap({ (local.client_config.landingzone_key) = azurerm_virtual_hub_route_table.route_table }), lookup(var.remote_objects, "virtual_hub_route_tables", {})) - combined_objects_virtual_wans = merge(tomap({ (local.client_config.landingzone_key) = merge(module.virtual_wans, lookup(var.data_sources, "virtual_wans", {})) }), lookup(var.remote_objects, "virtual_wans", {}), lookup(var.data_sources, "virtual_wans", {})) - combined_objects_virtual_hubs = merge(tomap({ (local.client_config.landingzone_key) = merge(module.virtual_hubs, lookup(var.data_sources, "virtual_hubs", {})) }), lookup(var.remote_objects, "virtual_hubs", {}), lookup(var.data_sources, "virtual_hubs", {})) - combined_objects_virtual_machine_scale_sets = merge(tomap({ (local.client_config.landingzone_key) = module.virtual_machine_scale_sets }), lookup(var.remote_objects, "virtual_machine_scale_sets", {}), lookup(var.data_sources, "virtual_machine_scale_sets", {})) - combined_objects_virtual_machines = merge(tomap({ (local.client_config.landingzone_key) = module.virtual_machines }), lookup(var.remote_objects, "virtual_machines", {}), lookup(var.data_sources, "virtual_machines", {})) - combined_objects_virtual_subnets = merge(tomap({ (local.client_config.landingzone_key) = merge(module.virtual_subnets, lookup(var.data_sources, "virtual_subnets", {})) }), lookup(var.remote_objects, "virtual_subnets", {})) - combined_objects_vmware_clusters = merge(tomap({ (local.client_config.landingzone_key) = module.vmware_clusters }), lookup(var.remote_objects, "vmware_clusters", {})) - combined_objects_vmware_express_route_authorizations = merge(tomap({ (local.client_config.landingzone_key) = module.vmware_express_route_authorizations }), lookup(var.remote_objects, "vmware_express_route_authorizations", {})) - combined_objects_vmware_private_clouds = merge(tomap({ (local.client_config.landingzone_key) = module.vmware_private_clouds }), lookup(var.remote_objects, "vmware_private_clouds", {}), lookup(var.data_sources, "vmware_private_clouds", {})) - combined_objects_vpn_gateway_connections = merge(tomap({ (local.client_config.landingzone_key) = module.vpn_gateway_connections }), lookup(var.remote_objects, "vpn_gateway_connections", {})) - combined_objects_vpn_gateway_nat_rules = merge(tomap({ (local.client_config.landingzone_key) = module.vpn_gateway_nat_rules }), lookup(var.remote_objects, "vpn_gateway_nat_rules", {})) - combined_objects_vpn_sites = merge(tomap({ (local.client_config.landingzone_key) = module.vpn_sites }), lookup(var.remote_objects, "vpn_sites", {})) - combined_objects_web_pubsub_hubs = merge(tomap({ (local.client_config.landingzone_key) = module.web_pubsub_hubs }), lookup(var.remote_objects, "web_pubsub_hubs", {})) - combined_objects_web_pubsubs = merge(tomap({ (local.client_config.landingzone_key) = module.web_pubsubs }), lookup(var.remote_objects, "web_pubsubs", {})) - combined_objects_wvd_application_groups = merge(tomap({ (local.client_config.landingzone_key) = module.wvd_application_groups }), lookup(var.remote_objects, "wvd_application_groups", {})) - combined_objects_wvd_applications = merge(tomap({ (local.client_config.landingzone_key) = module.wvd_applications }), lookup(var.remote_objects, "wvd_applications", {})) - combined_objects_wvd_host_pools = merge(tomap({ (local.client_config.landingzone_key) = module.wvd_host_pools }), lookup(var.remote_objects, "wvd_host_pools", {})) - combined_objects_wvd_workspaces = merge(tomap({ (local.client_config.landingzone_key) = module.wvd_workspaces }), lookup(var.remote_objects, "wvd_workspaces", {})) + combined_objects_express_route_circuit_authorizations = merge(tomap({ (local.client_config.landingzone_key) = module.express_route_circuit_authorizations }), try(var.remote_objects.express_route_circuit_authorizations, {})) + combined_objects_express_route_circuit_peerings = merge(tomap({ (local.client_config.landingzone_key) = module.express_route_circuit_peerings }), try(var.remote_objects.express_route_circuit_peerings, {})) + combined_objects_express_route_circuits = merge(tomap({ (local.client_config.landingzone_key) = module.express_route_circuits }), try(var.remote_objects.express_route_circuits, {}), try(var.data_sources.express_route_circuits, {})) + combined_objects_front_door = merge(tomap({ (local.client_config.landingzone_key) = module.front_doors }), try(var.remote_objects.front_doors, {})) + combined_objects_front_door_waf_policies = merge(tomap({ (local.client_config.landingzone_key) = module.front_door_waf_policies }), try(var.remote_objects.front_door_waf_policies, {})) + combined_objects_function_apps = merge(tomap({ (local.client_config.landingzone_key) = module.function_apps }), try(var.remote_objects.function_apps, {})) + combined_objects_image_definitions = merge(tomap({ (local.client_config.landingzone_key) = module.image_definitions }), try(var.remote_objects.image_definitions, {})) + combined_objects_integration_service_environment = merge(tomap({ (local.client_config.landingzone_key) = module.integration_service_environment }), try(var.remote_objects.integration_service_environment, {})) + combined_objects_iot_central_application = merge(tomap({ (local.client_config.landingzone_key) = module.iot_central_application }), try(var.remote_objects.iot_central_application, {})) + combined_objects_iot_dps_certificate = merge(tomap({ (local.client_config.landingzone_key) = module.iot_dps_certificate }), try(var.remote_objects.iot_dps_certificate, {})) + combined_objects_iot_dps_shared_access_policy = merge(tomap({ (local.client_config.landingzone_key) = module.iot_dps_shared_access_policy }), try(var.remote_objects.iot_dps_shared_access_policy, {})) + combined_objects_iot_hub = merge(tomap({ (local.client_config.landingzone_key) = module.iot_hub }), try(var.remote_objects.iot_hub, {})) + combined_objects_iot_hub_certificate = merge(tomap({ (local.client_config.landingzone_key) = module.iot_hub_certificate }), try(var.remote_objects.iot_hub_certificate, {})) + combined_objects_iot_hub_consumer_groups = merge(tomap({ (local.client_config.landingzone_key) = module.iot_hub_consumer_groups }), try(var.remote_objects.iot_hub_consumer_groups, {})) + combined_objects_iot_hub_dps = merge(tomap({ (local.client_config.landingzone_key) = module.iot_hub_dps }), try(var.remote_objects.iot_hub_dps, {})) + combined_objects_iot_hub_shared_access_policy = merge(tomap({ (local.client_config.landingzone_key) = module.iot_hub_shared_access_policy }), try(var.remote_objects.iot_hub_shared_access_policy, {})) + combined_objects_iot_security_device_group = merge(tomap({ (local.client_config.landingzone_key) = module.iot_security_device_group }), try(var.remote_objects.iot_security_device_group, {})) + combined_objects_iot_security_solution = merge(tomap({ (local.client_config.landingzone_key) = module.iot_security_solution }), try(var.remote_objects.iot_security_solution, {})) + combined_objects_keyvault_certificate_requests = merge(tomap({ (local.client_config.landingzone_key) = module.keyvault_certificate_requests }), try(var.remote_objects.keyvault_certificate_requests, {})) + combined_objects_keyvault_certificates = merge(tomap({ (local.client_config.landingzone_key) = module.keyvault_certificates }), try(var.remote_objects.keyvault_certificates, {}), try(var.data_sources.keyvault_certificates, {})) + combined_objects_keyvault_keys = merge(tomap({ (local.client_config.landingzone_key) = merge(module.keyvault_keys, try(var.data_sources.keyvault_keys, {})) }), try(var.remote_objects.keyvault_keys, {}), try(var.data_sources.keyvault_keys, {})) + combined_objects_keyvaults = merge(tomap({ (local.client_config.landingzone_key) = merge(module.keyvaults, try(var.data_sources.keyvaults, {})) }), try(var.remote_objects.keyvaults, {})) + combined_objects_kusto_clusters = merge(tomap({ (local.client_config.landingzone_key) = module.kusto_clusters }), try(var.remote_objects.kusto_clusters, {}), try(var.data_sources.kusto_clusters, {})) + combined_objects_kusto_databases = merge(tomap({ (local.client_config.landingzone_key) = module.kusto_databases }), try(var.remote_objects.kusto_databases, {})) + combined_objects_lb = merge(tomap({ (local.client_config.landingzone_key) = module.lb }), try(var.remote_objects.lb, {}), try(var.data_sources.load_balancers, {})) + combined_objects_lb_backend_address_pool = merge(tomap({ (local.client_config.landingzone_key) = module.lb_backend_address_pool }), try(var.remote_objects.lb_backend_address_pool, {})) + combined_objects_lb_probe = merge(tomap({ (local.client_config.landingzone_key) = module.lb_probe }), try(var.remote_objects.lb_probe, {})) + combined_objects_load_balancers = merge(tomap({ (local.client_config.landingzone_key) = module.load_balancers }), try(var.remote_objects.load_balancers, {}), try(var.data_sources.load_balancers, {})) + combined_objects_load_test = merge(tomap({ (local.client_config.landingzone_key) = module.load_test }), try(var.remote_objects.load_test, {}), try(var.data_sources.load_test, {})) + combined_objects_log_analytics = merge(tomap({ (local.client_config.landingzone_key) = module.log_analytics }), try(var.remote_objects.log_analytics, {}), try(var.data_sources.log_analytics, {})) + combined_objects_logic_app_integration_account = merge(tomap({ (local.client_config.landingzone_key) = module.logic_app_integration_account }), try(var.remote_objects.logic_app_integration_account, {}), try(var.data_sources.logic_app_integration_account, {})) + combined_objects_logic_app_standard = merge(tomap({ (local.client_config.landingzone_key) = module.logic_app_standard }), try(var.remote_objects.logic_app_standard, {})) + combined_objects_logic_app_workflow = merge(tomap({ (local.client_config.landingzone_key) = module.logic_app_workflow }), try(var.remote_objects.logic_app_workflow, {}), try(var.data_sources.logic_app_workflow, {})) + combined_objects_machine_learning = merge(tomap({ (local.client_config.landingzone_key) = module.machine_learning_workspaces }), try(var.remote_objects.machine_learning_workspaces, {}), try(var.data_sources.machine_learning_workspaces, {})) + combined_objects_maintenance_configuration = merge(tomap({ (local.client_config.landingzone_key) = module.maintenance_configuration }), try(var.remote_objects.maintenance_configuration, {})) + combined_objects_maintenance_assignment_dynamic_scope = merge(tomap({ (local.client_config.landingzone_key) = module.maintenance_assignment_dynamic_scope }), try(var.remote_objects.maintenance_assignment_dynamic_scope, {})) + combined_objects_maintenance_assignment_virtual_machine = merge(tomap({ (local.client_config.landingzone_key) = module.maintenance_assignment_virtual_machine }), try(var.remote_objects.maintenance_assignment_virtual_machine, {})) + combined_objects_managed_identities = merge(tomap({ (local.client_config.landingzone_key) = module.managed_identities }), try(var.remote_objects.managed_identities, {}), try(var.data_sources.managed_identities, {})) + combined_objects_maps_accounts = merge(tomap({ (local.client_config.landingzone_key) = module.maps_accounts }), try(var.remote_objects.maps_accounts, {})) + combined_objects_monitor_action_groups = merge(tomap({ (local.client_config.landingzone_key) = module.monitor_action_groups }), try(var.remote_objects.monitor_action_groups, {}), try(var.data_sources.monitor_action_groups, {})) + combined_objects_mssql_databases = merge(tomap({ (local.client_config.landingzone_key) = module.mssql_databases }), try(var.remote_objects.mssql_databases, {}), try(var.data_sources.mssql_databases, {})) + combined_objects_mssql_elastic_pools = merge(tomap({ (local.client_config.landingzone_key) = merge(module.mssql_elastic_pools, try(var.data_sources.mssql_elastic_pools, {})) }), try(var.remote_objects.mssql_elastic_pools, {})) + combined_objects_mssql_managed_databases = merge(tomap({ (local.client_config.landingzone_key) = merge(module.mssql_managed_databases, module.mssql_managed_databases_v1) }), try(var.remote_objects.mssql_managed_databases, {}), try(var.data_sources.mssql_managed_databases, {})) + combined_objects_mssql_managed_instances = merge(tomap({ (local.client_config.landingzone_key) = merge(module.mssql_managed_instances, module.mssql_managed_instances_v1, try(var.data_sources.mssql_managed_instances, {})) }), try(var.remote_objects.mssql_managed_instances, {}), try(var.data_sources.mssql_managed_instances, {})) + combined_objects_mssql_managed_instances_secondary = merge(tomap({ (local.client_config.landingzone_key) = merge(module.mssql_managed_instances_secondary, module.mssql_managed_instances_secondary_v1, try(var.data_sources.mssql_managed_instances_secondary, {})) }), try(var.remote_objects.mssql_managed_instances_secondary, {}), try(var.remote_objects.mssql_managed_instances_secondary, {})) + combined_objects_mssql_servers = merge(tomap({ (local.client_config.landingzone_key) = merge(module.mssql_servers, try(var.data_sources.mssql_servers, {})) }), try(var.remote_objects.mssql_servers, {})) + combined_objects_mysql_flexible_server = merge(tomap({ (local.client_config.landingzone_key) = module.mysql_flexible_server }), try(var.remote_objects.mysql_flexible_server, {})) + combined_objects_mysql_servers = merge(tomap({ (local.client_config.landingzone_key) = module.mysql_servers }), try(var.remote_objects.mysql_servers, {}), try(var.data_sources.mysql_servers, {})) + combined_objects_nat_gateways = merge(tomap({ (local.client_config.landingzone_key) = module.nat_gateways }), try(var.remote_objects.nat_gateways, {}), try(var.data_sources.nat_gateways, {})) + combined_objects_network_profiles = merge(tomap({ (local.client_config.landingzone_key) = module.network_profiles }), try(var.remote_objects.network_profiles, {})) + combined_objects_network_security_groups = merge(tomap({ (local.client_config.landingzone_key) = module.network_security_groups }), try(var.remote_objects.network_security_groups, {}), try(var.data_sources.network_security_groups, {})) + combined_objects_network_watchers = merge(tomap({ (local.client_config.landingzone_key) = module.network_watchers }), try(var.remote_objects.network_watchers, {}), try(var.data_sources.network_watchers, {})) + combined_objects_networking = merge(tomap({ (local.client_config.landingzone_key) = merge(module.networking, try(var.data_sources.vnets, {})) }), try(var.remote_objects.vnets, {})) + combined_objects_postgresql_flexible_servers = merge(tomap({ (local.client_config.landingzone_key) = module.postgresql_flexible_servers }), try(var.remote_objects.postgresql_flexible_servers, {})) + combined_objects_postgresql_servers = merge(tomap({ (local.client_config.landingzone_key) = module.postgresql_servers }), try(var.remote_objects.postgresql_servers, {}), try(var.data_sources.postgresql_servers, {})) + combined_objects_private_dns = merge(tomap({ (local.client_config.landingzone_key) = module.private_dns }), try(var.remote_objects.private_dns, {}), try(var.data_sources.private_dns, {})) + combined_objects_private_dns_resolver_dns_forwarding_rulesets = merge(tomap({ (local.client_config.landingzone_key) = module.private_dns_resolver_dns_forwarding_rulesets }), try(var.remote_objects.private_dns_resolver_dns_forwarding_rulesets, {})) + combined_objects_private_dns_resolver_inbound_endpoints = merge(tomap({ (local.client_config.landingzone_key) = module.private_dns_resolver_inbound_endpoints }), try(var.remote_objects.private_dns_resolver_inbound_endpoints, {})) + combined_objects_private_dns_resolver_outbound_endpoints = merge(tomap({ (local.client_config.landingzone_key) = module.private_dns_resolver_outbound_endpoints }), try(var.remote_objects.private_dns_resolver_outbound_endpoints, {})) + combined_objects_private_dns_resolvers = merge(tomap({ (local.client_config.landingzone_key) = module.private_dns_resolvers }), try(var.remote_objects.private_dns_resolvers, {})) + combined_objects_private_endpoints = merge(tomap({ (local.client_config.landingzone_key) = module.private_endpoints }), try(var.remote_objects.private_endpoints, {})) + combined_objects_proximity_placement_groups = merge(tomap({ (local.client_config.landingzone_key) = module.proximity_placement_groups }), try(var.remote_objects.proximity_placement_groups, {}), try(var.data_sources.proximity_placement_groups, {})) + combined_objects_public_ip_addresses = merge(tomap({ (local.client_config.landingzone_key) = module.public_ip_addresses }), try(var.remote_objects.public_ip_addresses, {}), try(var.data_sources.public_ip_addresses, {})) + combined_objects_public_ip_prefixes = merge(tomap({ (local.client_config.landingzone_key) = module.public_ip_prefixes }), try(var.remote_objects.public_ip_prefixes, {})) + combined_objects_purview_accounts = merge(tomap({ (local.client_config.landingzone_key) = module.purview_accounts }), try(var.remote_objects.purview_accounts, {})) + combined_objects_recovery_vaults = merge(tomap({ (local.client_config.landingzone_key) = merge(module.recovery_vaults, try(var.data_sources.recovery_vaults, {})) }), try(var.remote_objects.recovery_vaults, {})) + combined_objects_redis_caches = merge(tomap({ (local.client_config.landingzone_key) = module.redis_caches }), try(var.remote_objects.redis_caches, {}), try(var.data_sources.redis_caches, {})) + combined_objects_relay_hybrid_connection = merge(tomap({ (local.client_config.landingzone_key) = module.relay_hybrid_connection }), try(var.remote_objects.relay_hybrid_connection, {})) + combined_objects_relay_namespace = merge(tomap({ (local.client_config.landingzone_key) = module.relay_namespace }), try(var.remote_objects.relay_namespace, {})) + combined_objects_resource_groups = merge(tomap({ (local.client_config.landingzone_key) = merge(local.resource_groups, try(var.data_sources.resource_groups, {})) }), try(var.remote_objects.resource_groups, {})) + combined_objects_route_tables = merge(tomap({ (local.client_config.landingzone_key) = module.route_tables }), try(var.remote_objects.route_tables, {})) + combined_objects_search_services = merge(tomap({ (local.client_config.landingzone_key) = module.search_service }), try(var.remote_objects.search_services, {}), try(var.data_sources.search_services, {})) + combined_objects_sentinel_watchlists = merge(tomap({ (local.client_config.landingzone_key) = module.sentinel_watchlists }), try(var.remote_objects.sentinel_watchlists, {})) + combined_objects_servicebus_namespaces = merge(tomap({ (local.client_config.landingzone_key) = module.servicebus_namespaces }), try(var.remote_objects.servicebus_namespaces, {}), try(var.data_sources.servicebus_namespaces, {})) + combined_objects_servicebus_queues = merge(tomap({ (local.client_config.landingzone_key) = module.servicebus_queues }), try(var.remote_objects.servicebus_queues, {}), try(var.data_sources.servicebus_queues, {})) + combined_objects_servicebus_topics = merge(tomap({ (local.client_config.landingzone_key) = module.servicebus_topics }), try(var.remote_objects.servicebus_topics, {}), try(var.data_sources.servicebus_topics, {})) + combined_objects_signalr_services = merge(tomap({ (local.client_config.landingzone_key) = module.signalr_services }), try(var.remote_objects.signalr_services, {}), try(var.data_sources.signalr_services, {})) + combined_objects_storage_account_file_shares = merge(tomap({ (local.client_config.landingzone_key) = module.storage_account_file_shares }), try(var.remote_objects.storage_account_file_shares, {})) + combined_objects_storage_account_queues = merge(tomap({ (local.client_config.landingzone_key) = module.storage_account_queues }), try(var.remote_objects.storage_account_queues, {})) + combined_objects_storage_accounts = merge(tomap({ (local.client_config.landingzone_key) = merge(module.storage_accounts, try(var.data_sources.storage_accounts, {})) }), try(var.remote_objects.storage_accounts, {})) + combined_objects_storage_containers = merge(tomap({ (local.client_config.landingzone_key) = module.storage_containers }), try(var.remote_objects.storage_containers, {}), try(var.data_sources.storage_containers, {})) + combined_objects_synapse_workspaces = merge(tomap({ (local.client_config.landingzone_key) = module.synapse_workspaces }), try(var.remote_objects.synapse_workspaces, {}), try(var.data_sources.synapse_workspaces, {})) + combined_objects_traffic_manager_azure_endpoint = merge(tomap({ (local.client_config.landingzone_key) = module.traffic_manager_azure_endpoint }), try(var.remote_objects.traffic_manager_azure_endpoint, {})) + combined_objects_traffic_manager_external_endpoint = merge(tomap({ (local.client_config.landingzone_key) = module.traffic_manager_external_endpoint }), try(var.remote_objects.traffic_manager_external_endpoint, {})) + combined_objects_traffic_manager_nested_endpoint = merge(tomap({ (local.client_config.landingzone_key) = module.traffic_manager_nested_endpoint }), try(var.remote_objects.traffic_manager_nested_endpoint, {})) + combined_objects_traffic_manager_profile = merge(tomap({ (local.client_config.landingzone_key) = module.traffic_manager_profile }), try(var.remote_objects.traffic_manager_profile, {})) + combined_objects_virtual_hub_connections = merge(tomap({ (local.client_config.landingzone_key) = azurerm_virtual_hub_connection.vhub_connection }), try(var.remote_objects.vhub_peerings, {}), try(var.remote_objects.virtual_hub_connections, {})) + combined_objects_virtual_hub_route_tables = merge(tomap({ (local.client_config.landingzone_key) = azurerm_virtual_hub_route_table.route_table }), try(var.remote_objects.virtual_hub_route_tables, {})) + combined_objects_virtual_wans = merge(tomap({ (local.client_config.landingzone_key) = merge(module.virtual_wans, try(var.data_sources.virtual_wans, {})) }), try(var.remote_objects.virtual_wans, {}), try(var.data_sources.virtual_wans, {})) + combined_objects_virtual_hubs = merge(tomap({ (local.client_config.landingzone_key) = merge(module.virtual_hubs, try(var.data_sources.virtual_hubs, {})) }), try(var.remote_objects.virtual_hubs, {}), try(var.data_sources.virtual_hubs, {})) + combined_objects_virtual_machine_scale_sets = merge(tomap({ (local.client_config.landingzone_key) = module.virtual_machine_scale_sets }), try(var.remote_objects.virtual_machine_scale_sets, {}), try(var.data_sources.virtual_machine_scale_sets, {})) + combined_objects_virtual_machines = merge(tomap({ (local.client_config.landingzone_key) = module.virtual_machines }), try(var.remote_objects.virtual_machines, {}), try(var.data_sources.virtual_machines, {})) + combined_objects_virtual_subnets = merge(tomap({ (local.client_config.landingzone_key) = merge(module.virtual_subnets, try(var.data_sources.virtual_subnets, {})) }), try(var.remote_objects.virtual_subnets, {})) + combined_objects_vmware_clusters = merge(tomap({ (local.client_config.landingzone_key) = module.vmware_clusters }), try(var.remote_objects.vmware_clusters, {})) + combined_objects_vmware_express_route_authorizations = merge(tomap({ (local.client_config.landingzone_key) = module.vmware_express_route_authorizations }), try(var.remote_objects.vmware_express_route_authorizations, {})) + combined_objects_vmware_private_clouds = merge(tomap({ (local.client_config.landingzone_key) = module.vmware_private_clouds }), try(var.remote_objects.vmware_private_clouds, {}), try(var.data_sources.vmware_private_clouds, {})) + combined_objects_vpn_gateway_connections = merge(tomap({ (local.client_config.landingzone_key) = module.vpn_gateway_connections }), try(var.remote_objects.vpn_gateway_connections, {})) + combined_objects_vpn_gateway_nat_rules = merge(tomap({ (local.client_config.landingzone_key) = module.vpn_gateway_nat_rules }), try(var.remote_objects.vpn_gateway_nat_rules, {})) + combined_objects_vpn_sites = merge(tomap({ (local.client_config.landingzone_key) = module.vpn_sites }), try(var.remote_objects.vpn_sites, {})) + combined_objects_web_pubsub_hubs = merge(tomap({ (local.client_config.landingzone_key) = module.web_pubsub_hubs }), try(var.remote_objects.web_pubsub_hubs, {})) + combined_objects_web_pubsubs = merge(tomap({ (local.client_config.landingzone_key) = module.web_pubsubs }), try(var.remote_objects.web_pubsubs, {})) + combined_objects_wvd_application_groups = merge(tomap({ (local.client_config.landingzone_key) = module.wvd_application_groups }), try(var.remote_objects.wvd_application_groups, {})) + combined_objects_wvd_applications = merge(tomap({ (local.client_config.landingzone_key) = module.wvd_applications }), try(var.remote_objects.wvd_applications, {})) + combined_objects_wvd_host_pools = merge(tomap({ (local.client_config.landingzone_key) = module.wvd_host_pools }), try(var.remote_objects.wvd_host_pools, {})) + combined_objects_wvd_workspaces = merge(tomap({ (local.client_config.landingzone_key) = module.wvd_workspaces }), try(var.remote_objects.wvd_workspaces, {})) combined_objects_subscriptions = merge( tomap( diff --git a/locals.tf b/locals.tf index e81350b46f..f7425d601d 100644 --- a/locals.tf +++ b/locals.tf @@ -470,6 +470,7 @@ locals { maintenance = { maintenance_configuration = try(var.maintenance.maintenance_configuration, {}) maintenance_assignment_virtual_machine = try(var.maintenance.maintenance_assignment_virtual_machine, {}) + maintenance_assignment_dynamic_scope = try(var.maintenance.maintenance_assignment_dynamic_scope, {}) } diff --git a/maintenance.tf b/maintenance.tf index 896772c45e..77593ff295 100644 --- a/maintenance.tf +++ b/maintenance.tf @@ -38,7 +38,19 @@ output "maintenance_assignment_virtual_machine" { } +module "maintenance_assignment_dynamic_scope" { + source = "./modules/maintenance/assignment_dynamic_scope" + depends_on = [module.maintenance_configuration] + for_each = local.maintenance.maintenance_assignment_dynamic_scope + client_config = local.client_config + global_settings = local.global_settings + name = each.value.name + maintenance_configuration_id = can(each.value.maintenance_configuration_id) ? each.value.maintenance_configuration_id : local.combined_objects_maintenance_configuration[try(each.value.lz_key, local.client_config.landingzone_key)][each.value.maintenance_configuration_key].id + resource_groups = local.combined_objects_resource_groups + settings = each.value +} - - +output "maintenance_assignment_dynamic_scope" { + value = module.maintenance_assignment_dynamic_scope +} diff --git a/modules/compute/aks/aks.tf b/modules/compute/aks/aks.tf index 0ace42bb06..3ac8887a23 100644 --- a/modules/compute/aks/aks.tf +++ b/modules/compute/aks/aks.tf @@ -161,7 +161,7 @@ resource "azurerm_kubernetes_cluster" "aks" { subnet_name = aci_connector_linux.value.subnet_name } } - cost_analysis_enabled = try(var.settings.cost_analysis_enabled, null) + azure_policy_enabled = can(var.settings.addon_profile.azure_policy) || can(var.settings.azure_policy_enabled) == false ? try(var.settings.addon_profile.azure_policy.0.enabled, null) : var.settings.azure_policy_enabled http_application_routing_enabled = can(var.settings.addon_profile.http_application_routing) || can(var.settings.http_application_routing_enabled) == false ? try(var.settings.addon_profile.http_application_routing.0.enabled, null) : var.settings.http_application_routing_enabled diff --git a/modules/maintenance/assignment_dynamic_scope/main.tf b/modules/maintenance/assignment_dynamic_scope/main.tf new file mode 100644 index 0000000000..64466a939c --- /dev/null +++ b/modules/maintenance/assignment_dynamic_scope/main.tf @@ -0,0 +1,14 @@ +terraform { + required_providers { + azurecaf = { + source = "aztfmod/azurecaf" + } + } + +} +locals { + module_tag = { + "module" = basename(abspath(path.module)) + } + tags = merge(var.base_tags, local.module_tag, try(var.tags, null)) +} diff --git a/modules/maintenance/assignment_dynamic_scope/module.tf b/modules/maintenance/assignment_dynamic_scope/module.tf new file mode 100644 index 0000000000..3d6e4f5c43 --- /dev/null +++ b/modules/maintenance/assignment_dynamic_scope/module.tf @@ -0,0 +1,23 @@ +resource "azurerm_maintenance_assignment_dynamic_scope" "maintenance_assignment_dynamic_scope" { + name = var.name + maintenance_configuration_id = var.maintenance_configuration_id + + filter { + locations = try(var.settings.filter.locations, []) + os_types = try(var.settings.filter.os_types, []) + resource_groups = try(flatten([for rg_key in var.settings.filter.resource_group_key : var.resource_groups[var.client_config.landingzone_key][rg_key].name]), try(flatten([for rg, rg_data in var.settings.filter.resources_groups : [for key in rg_data.key : var.resource_groups[var.client_config.landingzone_key][key].name]]), try(flatten([for rg, rg_data in var.settings.filter.resources_groups : [for key in rg_data.key : var.resource_groups[rg_data.lz_key][key].name]]), []))) + resource_types = try(var.settings.filter.resource_types, []) + tag_filter = try(var.settings.filter.tag_filter, null) + + dynamic "tags" { + for_each = { + for key, value in try(var.settings.filter.tags, {}) : key => value + } + + content { + tag = tags.value.tag + values = tags.value.values + } + } + } +} diff --git a/modules/maintenance/assignment_dynamic_scope/outputs.tf b/modules/maintenance/assignment_dynamic_scope/outputs.tf new file mode 100644 index 0000000000..c6263ff893 --- /dev/null +++ b/modules/maintenance/assignment_dynamic_scope/outputs.tf @@ -0,0 +1,4 @@ +output "maintenance_assignment_dynamic_scope_id" { + description = "The ID of the Dynamic Maintenance Assignment." + value = azurerm_maintenance_assignment_dynamic_scope.maintenance_assignment_dynamic_scope.id +} diff --git a/modules/maintenance/assignment_dynamic_scope/variables.tf b/modules/maintenance/assignment_dynamic_scope/variables.tf new file mode 100644 index 0000000000..9b287e0f8b --- /dev/null +++ b/modules/maintenance/assignment_dynamic_scope/variables.tf @@ -0,0 +1,37 @@ +variable "global_settings" { + description = "Global settings object (see module README.md)" +} + +variable "resource_groups" { + description = "(Required) The resource group objects where to create the resource." +} + +variable "client_config" { + description = "Client configuration object (see module README.md)." +} + +variable "tags" { + description = "Tags to be used for this resource deployment." + type = map(any) + default = {} +} + +variable "base_tags" { + description = "Base tags for the resource to be inherited from the resource group." + type = map(any) + default = {} +} + +variable "maintenance_configuration_id" { + description = "(Required) Specifies the ID of the Maintenance Configuration Resource. Changing this forces a new resource to be created." + type = string +} + +variable "settings" { + description = "(Required) The configuration for each module" +} + +variable "name" { + description = "(Required) The name which should be used for this Dynamic Maintenance Assignment. Changing this forces a new Dynamic Maintenance Assignment to be created." + type = string +} diff --git a/modules/messaging/signalr_service/output.tf b/modules/messaging/signalr_service/output.tf index 55f7108a04..336e66e8d7 100644 --- a/modules/messaging/signalr_service/output.tf +++ b/modules/messaging/signalr_service/output.tf @@ -8,16 +8,6 @@ output "name" { value = azurerm_signalr_service.signalr_service.name } -output "primary_connection_string" { - description = "The primary connection string of the SignalR Service" - value = azurerm_signalr_service.signalr_service.primary_connection_string -} - -output "secondary_connection_string" { - description = "The secondary connection string of the SignalR Service" - value = azurerm_signalr_service.signalr_service.secondary_connection_string -} - output "resource_group_name" { description = "The resource group name of the SignalR Service" value = local.resource_group_name diff --git a/modules/messaging/web_pubsub/private_endpoint.tf b/modules/messaging/web_pubsub/private_endpoint.tf index 9d95616fa1..ae1d455277 100644 --- a/modules/messaging/web_pubsub/private_endpoint.tf +++ b/modules/messaging/web_pubsub/private_endpoint.tf @@ -8,7 +8,7 @@ module "private_endpoint" { global_settings = var.global_settings location = local.location name = each.value.name - private_dns = var.remote_objects.private_dns + private_dns = can(each.value.private_dns) ? var.remote_objects.private_dns : {} resource_groups = var.remote_objects.resource_groups resource_id = azurerm_web_pubsub.wps.id settings = each.value diff --git a/modules/storage_account/storage_defender.tf b/modules/storage_account/storage_defender.tf deleted file mode 100644 index 8857e914e1..0000000000 --- a/modules/storage_account/storage_defender.tf +++ /dev/null @@ -1,9 +0,0 @@ -resource "azurerm_security_center_storage_defender" "defender" { - count = can(var.storage_account.defender) ? 1 : 0 - - storage_account_id = azurerm_storage_account.stg.id - override_subscription_settings_enabled = try(var.storage_account.defender.override_subscription_settings, null) - malware_scanning_on_upload_enabled = try(var.storage_account.defender.malware_scanning_on_upload, null) - malware_scanning_on_upload_cap_gb_per_month = try(var.storage_account.defender.malware_scanning_on_upload_cap_gb_per_month, null) - sensitive_data_discovery_enabled = try(var.storage_account.defender.sensitive_data_discovery_enabled, null) -}