From be5a3d78150f3b8e564e80e63990e2c5b5651206 Mon Sep 17 00:00:00 2001
From: Fraser Davidson <fraser@gofrontier.com>
Date: Fri, 22 Dec 2023 19:09:22 +0000
Subject: [PATCH] WIP

---
 modules/storage-account/CHANGELOG.md      |  1 +
 modules/storage-account/VERSION           |  1 +
 modules/storage-account/src/locals.tf     | 15 ++++
 modules/storage-account/src/main.tf       | 86 +++++++++++++++++++++++
 modules/storage-account/src/outputs.tf    |  7 ++
 modules/storage-account/src/terraform.tf  | 10 +++
 modules/storage-account/src/variables.tf  | 50 +++++++++++++
 modules/storage-account/test/main.tf      | 21 ++++++
 modules/storage-account/test/terraform.tf | 10 +++
 9 files changed, 201 insertions(+)
 create mode 100644 modules/storage-account/CHANGELOG.md
 create mode 100644 modules/storage-account/VERSION
 create mode 100644 modules/storage-account/src/locals.tf
 create mode 100644 modules/storage-account/src/main.tf
 create mode 100644 modules/storage-account/src/outputs.tf
 create mode 100644 modules/storage-account/src/terraform.tf
 create mode 100644 modules/storage-account/src/variables.tf
 create mode 100644 modules/storage-account/test/main.tf
 create mode 100644 modules/storage-account/test/terraform.tf

diff --git a/modules/storage-account/CHANGELOG.md b/modules/storage-account/CHANGELOG.md
new file mode 100644
index 0000000..825c32f
--- /dev/null
+++ b/modules/storage-account/CHANGELOG.md
@@ -0,0 +1 @@
+# Changelog
diff --git a/modules/storage-account/VERSION b/modules/storage-account/VERSION
new file mode 100644
index 0000000..d3827e7
--- /dev/null
+++ b/modules/storage-account/VERSION
@@ -0,0 +1 @@
+1.0
diff --git a/modules/storage-account/src/locals.tf b/modules/storage-account/src/locals.tf
new file mode 100644
index 0000000..729f299
--- /dev/null
+++ b/modules/storage-account/src/locals.tf
@@ -0,0 +1,15 @@
+locals {
+  identifier = replace(lower(var.identifier), "/[^a-z1-9]/", "")
+
+  short_locations = {
+    "uksouth" = "uks"
+    "ukwest"  = "ukw"
+  }
+
+  tags = {
+    Environment     = var.environment
+    WorkloadName    = var.workload_name
+    WorkloadType    = var.workload_type
+    WorkloadVersion = var.workload_version
+  }
+}
diff --git a/modules/storage-account/src/main.tf b/modules/storage-account/src/main.tf
new file mode 100644
index 0000000..0ce5d31
--- /dev/null
+++ b/modules/storage-account/src/main.tf
@@ -0,0 +1,86 @@
+resource "azurerm_storage_account" "main" {
+  name                = "sa0${var.zone}0${var.environment}0${lookup(local.short_locations, var.location)}0${local.identifier}"
+  resource_group_name = var.resource_group_name
+  location            = var.location
+
+  account_tier             = var.account_tier
+  account_replication_type = var.account_replication_type
+  min_tls_version          = "TLS1_2"
+
+  tags = merge(var.tags, local.tags)
+}
+
+resource "azurerm_monitor_diagnostic_setting" "main" {
+  name = "log-analytics"
+
+  target_resource_id         = azurerm_storage_account.main.id
+  log_analytics_workspace_id = var.log_analytics_workspace_id
+
+  metric {
+    category = "Capacity"
+  }
+
+  metric {
+    category = "Transaction"
+  }
+}
+
+resource "azurerm_monitor_diagnostic_setting" "blob" {
+  name = "log-analytics"
+
+  target_resource_id         = "${azurerm_storage_account.main.id}/blobServices/default"
+  log_analytics_workspace_id = var.log_analytics_workspace_id
+
+  enabled_log {
+    category_group = "audit"
+  }
+
+  metric {
+    category = "Transaction"
+  }
+}
+
+resource "azurerm_monitor_diagnostic_setting" "queue" {
+  name = "log-analytics"
+
+  target_resource_id         = "${azurerm_storage_account.main.id}/queueServices/default"
+  log_analytics_workspace_id = var.log_analytics_workspace_id
+
+  enabled_log {
+    category_group = "audit"
+  }
+
+  metric {
+    category = "Transaction"
+  }
+}
+
+resource "azurerm_monitor_diagnostic_setting" "table" {
+  name = "log-analytics"
+
+  target_resource_id         = "${azurerm_storage_account.main.id}/tableServices/default"
+  log_analytics_workspace_id = var.log_analytics_workspace_id
+
+  enabled_log {
+    category_group = "audit"
+  }
+
+  metric {
+    category = "Transaction"
+  }
+}
+
+resource "azurerm_monitor_diagnostic_setting" "file" {
+  name = "log-analytics"
+
+  target_resource_id         = "${azurerm_storage_account.main.id}/fileServices/default"
+  log_analytics_workspace_id = var.log_analytics_workspace_id
+
+  enabled_log {
+    category_group = "audit"
+  }
+
+  metric {
+    category = "Transaction"
+  }
+}
diff --git a/modules/storage-account/src/outputs.tf b/modules/storage-account/src/outputs.tf
new file mode 100644
index 0000000..c0ffa15
--- /dev/null
+++ b/modules/storage-account/src/outputs.tf
@@ -0,0 +1,7 @@
+output "id" {
+  value = azurerm_storage_account.main.id
+}
+
+output "name" {
+  value = azurerm_storage_account.main.name
+}
diff --git a/modules/storage-account/src/terraform.tf b/modules/storage-account/src/terraform.tf
new file mode 100644
index 0000000..762ef2e
--- /dev/null
+++ b/modules/storage-account/src/terraform.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = "~> 1.5"
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~> 3.85"
+    }
+  }
+}
diff --git a/modules/storage-account/src/variables.tf b/modules/storage-account/src/variables.tf
new file mode 100644
index 0000000..5551193
--- /dev/null
+++ b/modules/storage-account/src/variables.tf
@@ -0,0 +1,50 @@
+variable "account_tier" {
+  type    = string
+  default = "Standard"
+}
+
+variable "account_replication_type" {
+  type    = string
+  default = "ZRS"
+}
+
+variable "environment" {
+  type = string
+}
+
+variable "identifier" {
+  type = string
+}
+
+variable "location" {
+  type = string
+}
+
+variable "log_analytics_workspace_id" {
+  type = string
+}
+
+variable "resource_group_name" {
+  type = string
+}
+
+variable "tags" {
+  type    = map(string)
+  default = {}
+}
+
+variable "workload_name" {
+  type = string
+}
+
+variable "workload_type" {
+  type = string
+}
+
+variable "workload_version" {
+  type = string
+}
+
+variable "zone" {
+  type = string
+}
diff --git a/modules/storage-account/test/main.tf b/modules/storage-account/test/main.tf
new file mode 100644
index 0000000..d36c832
--- /dev/null
+++ b/modules/storage-account/test/main.tf
@@ -0,0 +1,21 @@
+provider "azurerm" {
+  features {}
+}
+
+module "storage_account" {
+  source = "../src"
+
+  environment                = "bar"
+  identifier                 = "baz"
+  location                   = "uksouth"
+  log_analytics_workspace_id = "quz"
+  resource_group_name        = "bar"
+  workload_name              = "foo"
+  workload_type              = "foo/bar"
+  workload_version           = "1.0.0"
+  zone                       = "bat"
+
+  tags = {
+    Foo = "Bar"
+  }
+}
diff --git a/modules/storage-account/test/terraform.tf b/modules/storage-account/test/terraform.tf
new file mode 100644
index 0000000..762ef2e
--- /dev/null
+++ b/modules/storage-account/test/terraform.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = "~> 1.5"
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~> 3.85"
+    }
+  }
+}