diff --git a/quickstart/301-machine-learning-hub-spoke-secure/azure-firewall.tf b/quickstart/301-machine-learning-hub-spoke-secure/azure-firewall.tf index 6293ab1cb..a45c5930d 100644 --- a/quickstart/301-machine-learning-hub-spoke-secure/azure-firewall.tf +++ b/quickstart/301-machine-learning-hub-spoke-secure/azure-firewall.tf @@ -3,7 +3,7 @@ resource "random_string" "fw_diag_prefix" { length = 8 upper = false special = false - number = false + numeric = false } resource "azurerm_ip_group" "ip_group_hub" { name = "hub-ipgroup" @@ -48,6 +48,8 @@ resource "azurerm_firewall" "azure_firewall_instance" { location = azurerm_resource_group.default.location resource_group_name = azurerm_resource_group.hub_rg.name firewall_policy_id = azurerm_firewall_policy.base_policy.id + sku_name = "AZFW_VNet" + sku_tier = "Standard" ip_configuration { name = "configuration" @@ -158,10 +160,12 @@ resource "azurerm_firewall_policy_rule_collection_group" "azure_firewall_rules_c port = 80 } source_ip_groups = [azurerm_ip_group.ip_group_spoke.id] - destination_fqdns = ["crl.microsoft.com", + destination_fqdns = [ + "crl.microsoft.com", "mscrl.microsoft.com", "crl3.digicert.com", - "ocsp.digicert.com"] + "ocsp.digicert.com" + ] } rule { @@ -205,10 +209,12 @@ resource "azurerm_firewall_policy_rule_collection_group" "azure_firewall_rules_c port = 443 } source_ip_groups = [azurerm_ip_group.ip_group_spoke.id] - destination_fqdns = ["acs-mirror.azureedge.net", + destination_fqdns = [ + "acs-mirror.azureedge.net", "*.docker.io", "production.cloudflare.docker.com", - "*.azurecr.io"] + "*.azurecr.io" + ] } rule { @@ -487,4 +493,4 @@ resource "azurerm_firewall_policy_rule_collection_group" "azure_firewall_rules_c azurerm_ip_group.ip_group_hub, azurerm_ip_group.ip_group_spoke ] -} \ No newline at end of file +} diff --git a/quickstart/301-machine-learning-hub-spoke-secure/compute.tf b/quickstart/301-machine-learning-hub-spoke-secure/compute.tf index 520031a73..0d352c33e 100644 --- a/quickstart/301-machine-learning-hub-spoke-secure/compute.tf +++ b/quickstart/301-machine-learning-hub-spoke-secure/compute.tf @@ -11,7 +11,7 @@ resource "azurerm_machine_learning_compute_instance" "compute_instance" { name = "${random_string.ci_prefix.result}instance" location = azurerm_resource_group.default.location machine_learning_workspace_id = azurerm_machine_learning_workspace.default.id - virtual_machine_size = "STANDARD_DS2_V2" + virtual_machine_size = "STANDARD_D2_V2" subnet_resource_id = azurerm_subnet.snet-training.id depends_on = [ diff --git a/quickstart/301-machine-learning-hub-spoke-secure/dsvm.tf b/quickstart/301-machine-learning-hub-spoke-secure/dsvm.tf index 204e9b6ee..8ac8cc3c2 100644 --- a/quickstart/301-machine-learning-hub-spoke-secure/dsvm.tf +++ b/quickstart/301-machine-learning-hub-spoke-secure/dsvm.tf @@ -17,7 +17,7 @@ resource "azurerm_windows_virtual_machine" "dsvm" { network_interface_ids = [ azurerm_network_interface.dsvm.id ] - size = "Standard_DS3_v2" + size = "Standard_D1_v2" source_image_reference { publisher = "microsoft-dsvm" @@ -29,7 +29,7 @@ resource "azurerm_windows_virtual_machine" "dsvm" { os_disk { name = "osdisk-${var.dsvm_name}" caching = "ReadWrite" - storage_account_type = "Premium_LRS" + storage_account_type = "Standard_LRS" } identity { diff --git a/quickstart/301-machine-learning-hub-spoke-secure/main.tf b/quickstart/301-machine-learning-hub-spoke-secure/main.tf index 074cec954..08d80758a 100644 --- a/quickstart/301-machine-learning-hub-spoke-secure/main.tf +++ b/quickstart/301-machine-learning-hub-spoke-secure/main.tf @@ -4,29 +4,35 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "=2.78.0" + version = ">=2.78.0" } azureml = { - source = "registry.terraform.io/Telemaco019/azureml" + source = "registry.terraform.io/orobix/azureml" } } } provider "azurerm" { - features {} + features { + resource_group { + prevent_deletion_if_contains_resources = false + } + } } data "azurerm_client_config" "current" {} +resource "random_pet" "pet" {} + resource "azurerm_resource_group" "default" { - name = "rg-${var.name}-${var.environment}" + name = "301mlhss-${var.name}-${var.environment}-${random_pet.pet.id}" location = var.location } #Hub Resource Group resource "azurerm_resource_group" "hub_rg" { - name = "rg-hub-${var.name}-${var.environment}" + name = "301mlhss-hub-${var.name}-${var.environment}-${random_pet.pet.id}" location = var.location -} \ No newline at end of file +} diff --git a/quickstart/301-machine-learning-hub-spoke-secure/variables.tf b/quickstart/301-machine-learning-hub-spoke-secure/variables.tf index 9618d98c6..d2969abaa 100644 --- a/quickstart/301-machine-learning-hub-spoke-secure/variables.tf +++ b/quickstart/301-machine-learning-hub-spoke-secure/variables.tf @@ -1,6 +1,7 @@ variable "name" { type = string description = "Name of the deployment" + default = "exampleml" } variable "environment" { @@ -89,5 +90,6 @@ variable "dsvm_admin_username" { variable "dsvm_host_password" { type = string description = "Password for the admin username of the Data Science VM" + default = "ChangeMe123!" sensitive = true -} \ No newline at end of file +} diff --git a/quickstart/301-machine-learning-hub-spoke-secure/workspace.tf b/quickstart/301-machine-learning-hub-spoke-secure/workspace.tf index 1b205537e..6bf3db19e 100644 --- a/quickstart/301-machine-learning-hub-spoke-secure/workspace.tf +++ b/quickstart/301-machine-learning-hub-spoke-secure/workspace.tf @@ -8,7 +8,7 @@ resource "azurerm_application_insights" "default" { } resource "azurerm_key_vault" "default" { - name = "kv-${var.name}-${var.environment}" + name = substr("kv-${var.name}-${var.environment}-${random_pet.pet.id}", 0, 24) location = azurerm_resource_group.default.location resource_group_name = azurerm_resource_group.default.name tenant_id = data.azurerm_client_config.current.tenant_id @@ -21,8 +21,14 @@ resource "azurerm_key_vault" "default" { } } +resource "random_string" "suffix" { + length = 6 + upper = false + special = false +} + resource "azurerm_storage_account" "default" { - name = "st${var.name}${var.environment}" + name = "st${var.name}${var.environment}${random_string.suffix.result}" location = azurerm_resource_group.default.location resource_group_name = azurerm_resource_group.default.name account_tier = "Standard" @@ -36,7 +42,7 @@ resource "azurerm_storage_account" "default" { } resource "azurerm_container_registry" "default" { - name = "cr${var.name}${var.environment}" + name = "cr${var.name}${var.environment}${random_string.suffix.result}" location = azurerm_resource_group.default.location resource_group_name = azurerm_resource_group.default.name sku = "Premium" @@ -50,7 +56,7 @@ resource "azurerm_container_registry" "default" { # Machine Learning workspace resource "azurerm_machine_learning_workspace" "default" { - name = "mlw-${var.name}-${var.environment}" + name = "mlw-${var.name}-${var.environment}${random_string.suffix.result}" location = azurerm_resource_group.default.location resource_group_name = azurerm_resource_group.default.name application_insights_id = azurerm_application_insights.default.id @@ -65,7 +71,7 @@ resource "azurerm_machine_learning_workspace" "default" { # Args of use when using an Azure Private Link configuration public_network_access_enabled = false image_build_compute_name = var.image_build_compute_name - depends_on = [ + depends_on = [ azurerm_firewall.azure_firewall_instance, azurerm_private_endpoint.kv_ple, azurerm_private_endpoint.st_ple_blob,