Added network/lb module

src/ASSIGNMENT-03/_tf/modules/deployed_net/network.input.tf

@@ -0,0 +1,25 @@
+variable "resource_group_name" {
+    type = string
+    description = "Azure resource group name"
+}
+
+variable "location" {
+    type = string
+    description = "Resource location (eastus / northeurope)"
+}
+
+variable "shortname" {
+    type = string
+    description = "Short name of the resource's location (use / eun)"
+}
+
+variable "zones" {
+    type = list(string)
+    description = "Short name of the resource's location (use / eun)"
+    default = ["1", "2", "3"]
+}
+
+variable "network_interfaces" {
+    type = list(string)
+    description = "list of network interfaces to associate with the deployed network"
+}

src/ASSIGNMENT-03/_tf/modules/deployed_net/network.output.tf

@@ -0,0 +1,10 @@
+output "all" {
+  value = {
+    lb           = azurerm_lb.lb
+    be_pool      = azurerm_lb_backend_address_pool.be_pool
+    nsg          = azurerm_network_security_group.vm-nsg
+    xref         = azurerm_network_interface_backend_address_pool_association.be-pool-xref
+    vm_nsg_assoc = azurerm_network_interface_security_group_association.vm_nsg_assoc
+    ssh          = azurerm_network_security_rule.nsrule-allow-ssh
+  }
+}

src/ASSIGNMENT-03/_tf/modules/deployed_net/network.plan.tf

@@ -0,0 +1,51 @@
+resource "azurerm_lb" "lb" {
+  location            = var.location
+  name                = "${var.shortname}-lb"
+  resource_group_name = var.resource_group_name
+  sku                 = "Standard"
+  frontend_ip_configuration {
+    name = "${var.shortname}-fe-ip-conf"
+  }
+}
+
+resource "azurerm_lb_backend_address_pool" "be_pool" {
+  loadbalancer_id = azurerm_lb.lb.id
+  name            = "${var.shortname}-be-pool"
+}
+
+resource "azurerm_network_security_group" "vm-nsg" {
+  location            = var.location
+  name                = "${var.location}-nsg"
+  resource_group_name = var.resource_group_name
+}
+
+resource "azurerm_network_interface_backend_address_pool_association" "be-pool-xref" {
+  for_each = { for k, v in var.network_interfaces: k => v }
+
+  network_interface_id    = each.value
+  backend_address_pool_id = azurerm_lb_backend_address_pool.be_pool.id
+  ip_configuration_name   = "ipconfig1" # each.value.host.
+}
+
+resource "azurerm_network_interface_security_group_association" "vm_nsg_assoc" {
+  for_each = { for k, v in var.network_interfaces: k => v }
+
+  network_interface_id    = each.value
+  network_security_group_id = azurerm_network_security_group.vm-nsg.id
+}
+
+resource "azurerm_network_security_rule" "nsrule-allow-ssh" {
+  for_each = { for k, v in azurerm_network_interface_security_group_association.vm_nsg_assoc: k => v }
+
+  access                      = "Allow"
+  destination_address_prefix  = "*"
+  destination_port_range      = "22"
+  direction                   = "Inbound"
+  name                        = "SSH-${each.key}"
+  network_security_group_name = each.key
+  priority                    = 300
+  protocol                    = "Tcp"
+  resource_group_name         = var.resource_group_name
+  source_address_prefix       = "*"
+  source_port_range           = "*"
+}

src/ASSIGNMENT-03/_tf/plan.tf

@@ -60,6 +60,19 @@ module "deployed_host" {
   local_subnet_cidr  = each.value.subnet_cidr
 }
 
+module "deployed_network" {
+  source = "./modules/deployed_net"
+
+  for_each = local.locations
+
+  resource_group_name = local.resource_group_name
+  location            = each.key
+  shortname           = each.value.shortname
+  network_interfaces = [for h in module.deployed_host :
+    h.resources.nic.id if h.resources.host.location == each.key
+  ]
+}
+
 # output "debug" {
 #   value = [ for o in module.deployed_host : o.resources.host.name ]
 # }