Question 105048 in Azure Question posted in
The official documentation to get you started can be found here.

Azure – Extracting resource details from a module to use in another module

I have a two Terraform modules, one creates a log analytics workspace, and the other creates a virtual network.

I am trying to configure the virtual network module to send the virtual network diagnostics to the log analytics workspace created in the other module, however I am unsure on how to do this.

When writing the resource block to configure diagnostics settings, it prompts for the log_analytics_workspace_id, however the virtual network module doesn’t know what it is, how do I get that information from another module?

Thank you

Root Template

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.0.2"
    }
  }
  required_version = "> 1.1.0"
}

provider "azurerm" {
  features {}
}

module "log_analytics" {
  source = "./modules/log_analytics"
}

module "vnet" {
  source = "./modules/vnet"

  vnet_depends_on         = [module.log_analytics]
  log_analytics_workspace_id = module.log_analytics.log_analytics_workspace_id.id
}

Log Analytics Module

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.0.2"
    }
  }
  required_version = "> 1.1.0"
}

provider "azurerm" {
  features {}
}

# RESOURCE GROUP DEPLOYMENT
resource "azurerm_resource_group" "rg_log_analytics_workspace" {
  name     = var.rg_log_analytics.name
  location = var.rg_log_analytics.location
  tags     = var.rg_tags
}

# LOG ANALYTICS DEPLOYMENT
resource "azurerm_log_analytics_workspace" "log_analytics_workspace" {
  depends_on = [azurerm_resource_group.rg_log_analytics_workspace]
  name                = var.log_analytics.name
  resource_group_name = var.rg_log_analytics.name
  location            = var.rg_log_analytics.location
  retention_in_days   = var.log_analytics.retention
}

Log Analytics Module Output

output "log_analytics_workspace_id" {
    value = azurerm_log_analytics_workspace.log_analytics_workspace.id
}

Virtual Network Module

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.0.2"
    }
  }
  required_version = "> 1.1.0"
}

provider "azurerm" {
  features {}
}

variable "vnet_depends_on" {
  type = any
  default = []
}

variable "log_analytics_workspace_id" {
  type = any
  default = []
}

# RESOURCE GROUP DEPLOYMENT
resource "azurerm_resource_group" "rg_networking" {
  name     = var.rg_networking.name
  location = var.rg_networking.location
  tags     = var.rg_tags
}

# VIRTUAL NETWORK DEPLOYMENT
resource "azurerm_virtual_network" "vnet" {
  depends_on          = [azurerm_resource_group.rg_networking,var.vnet_depends_on]
  name                = var.vnet.config.name
  resource_group_name = var.rg_networking.name
  location            = var.rg_networking.location
  address_space       = var.vnet.config.address_space
  dns_servers         = var.vnet.config.dns_servers
}

# SUBNETS DEPLOYMENT
resource "azurerm_subnet" "subnets" {
  depends_on           = [azurerm_virtual_network.vnet]
  for_each             = var.subnets
  resource_group_name  = var.rg_networking.name
  virtual_network_name = var.vnet.config.name
  name                 = each.value.name
  address_prefixes     = each.value.address_prefixes
}

resource "azurerm_virtual_network_peering" "vnet_peering" {
  depends_on                   = [azurerm_virtual_network.vnet]
  for_each                     = var.vnet_peering
  name                         = each.value.name
  resource_group_name          = each.value.resource_group_name
  virtual_network_name         = each.value.virtual_network_name
  remote_virtual_network_id    = each.value.remote_virtual_network_id
  allow_virtual_network_access = each.value.allow_virtual_network_access
  allow_forwarded_traffic      = each.value.allow_forwarded_traffic
  allow_gateway_transit        = each.value.allow_gateway_transit
  use_remote_gateways          = each.value.use_remote_gateways
}

# CONFIGURE VNET DIAGNOSTIC SETTINGS
resource "azurerm_monitor_diagnostic_setting" "vnet_diagnostics" {
  name = "Diagnostic Settings"
  target_resource_id = azurerm_virtual_network.vnet.id
  log_analytics_workspace_id = var.log_analytics_workspace_id
  log {
    category = "VmprotectionAlerts"
    enabled = true
  }
}
Tags:

2

Answers


  1. 0

    Please make sure you understand how to reference the module outputs [1]. Module outputs are referenced like this:

    module.<MODULE NAME>.<OUTPUT NAME>

    The solution should be pretty easy. Instead of using this as output reference:

      log_analytics_workspace_id = module.log_analytics.log_analytics_workspace_id.id

    You need only this:

    log_analytics_workspace_id = module.log_analytics.log_analytics_workspace_id

    Additionally, when you are making an implicit reference (which you do when referencing a module output), you do not need the explicit reference that you have created with depends_on meta-argument. The code would then look like this:

    module "vnet" {
  source = "./modules/vnet"

  log_analytics_workspace_id = module.log_analytics.log_analytics_workspace_id
}

    The same applies for the virtual network module code as you can use implicit references to resources instead of variables, but that is a different discussion.

    [1] https://www.terraform.io/language/expressions/references#child-module-outputs

    Login or Signup to reply.
  2. 0

    Just remove the id reference from the vNet module, as only the output name is required:

    module "vnet" {
  source = "./modules/vnet"
  log_analytics_workspace_id = module.log_analytics.log_analytics_workspace_id
}

    I’ve removed the depends_on as well as it’s not needed here, there’s an implicit dependency already defined.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search