-
Notifications
You must be signed in to change notification settings - Fork 150
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Disable local authentication between Airlock Processor and Azure Service Bus in Function Binding #4277
base: main
Are you sure you want to change the base?
Disable local authentication between Airlock Processor and Azure Service Bus in Function Binding #4277
Changes from 3 commits
5047495
ab18f68
7ad89d4
30f3151
228de03
e1a2a74
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
__version__ = "0.8.0" | ||
__version__ = "0.8.1" |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -69,23 +69,27 @@ resource "azurerm_linux_function_app" "airlock_function_app" { | |
} | ||
|
||
app_settings = { | ||
"SB_CONNECTION_STRING" = var.airlock_servicebus.default_primary_connection_string | ||
"BLOB_CREATED_TOPIC_NAME" = azurerm_servicebus_topic.blob_created.name | ||
"TOPIC_SUBSCRIPTION_NAME" = azurerm_servicebus_subscription.airlock_processor.name | ||
"EVENT_GRID_STEP_RESULT_TOPIC_URI_SETTING" = azurerm_eventgrid_topic.step_result.endpoint | ||
"EVENT_GRID_STEP_RESULT_TOPIC_KEY_SETTING" = azurerm_eventgrid_topic.step_result.primary_access_key | ||
"EVENT_GRID_DATA_DELETION_TOPIC_URI_SETTING" = azurerm_eventgrid_topic.data_deletion.endpoint | ||
"EVENT_GRID_DATA_DELETION_TOPIC_KEY_SETTING" = azurerm_eventgrid_topic.data_deletion.primary_access_key | ||
"WEBSITES_ENABLE_APP_SERVICE_STORAGE" = false | ||
"AIRLOCK_STATUS_CHANGED_QUEUE_NAME" = local.status_changed_queue_name | ||
"AIRLOCK_SCAN_RESULT_QUEUE_NAME" = local.scan_result_queue_name | ||
"AIRLOCK_DATA_DELETION_QUEUE_NAME" = local.data_deletion_queue_name | ||
"ENABLE_MALWARE_SCANNING" = var.enable_malware_scanning | ||
"ARM_ENVIRONMENT" = var.arm_environment | ||
"MANAGED_IDENTITY_CLIENT_ID" = azurerm_user_assigned_identity.airlock_id.client_id | ||
"TRE_ID" = var.tre_id | ||
"WEBSITE_CONTENTOVERVNET" = 1 | ||
"STORAGE_ENDPOINT_SUFFIX" = module.terraform_azurerm_environment_configuration.storage_suffix | ||
"SB_CONNECTION_STRING" = var.airlock_servicebus.default_primary_connection_string | ||
"SB_CONNECTION_STRING__tenantId" = azurerm_user_assigned_identity.airlock_id.tenant_id | ||
"SB_CONNECTION_STRING__clientId" = azurerm_user_assigned_identity.airlock_id.client_id | ||
"SB_CONNECTION_STRING__credential" = "managedidentity" | ||
"SB_CONNECTION_STRING__fullyQualifiedNamespace" = var.airlock_servicebus_fqdn | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Consider doing this like I have in the EventGrid PR. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. refactored to match the EventGrid PR |
||
"BLOB_CREATED_TOPIC_NAME" = azurerm_servicebus_topic.blob_created.name | ||
"TOPIC_SUBSCRIPTION_NAME" = azurerm_servicebus_subscription.airlock_processor.name | ||
"EVENT_GRID_STEP_RESULT_TOPIC_URI_SETTING" = azurerm_eventgrid_topic.step_result.endpoint | ||
"EVENT_GRID_STEP_RESULT_TOPIC_KEY_SETTING" = azurerm_eventgrid_topic.step_result.primary_access_key | ||
"EVENT_GRID_DATA_DELETION_TOPIC_URI_SETTING" = azurerm_eventgrid_topic.data_deletion.endpoint | ||
"EVENT_GRID_DATA_DELETION_TOPIC_KEY_SETTING" = azurerm_eventgrid_topic.data_deletion.primary_access_key | ||
"WEBSITES_ENABLE_APP_SERVICE_STORAGE" = false | ||
"AIRLOCK_STATUS_CHANGED_QUEUE_NAME" = local.status_changed_queue_name | ||
"AIRLOCK_SCAN_RESULT_QUEUE_NAME" = local.scan_result_queue_name | ||
"AIRLOCK_DATA_DELETION_QUEUE_NAME" = local.data_deletion_queue_name | ||
"ENABLE_MALWARE_SCANNING" = var.enable_malware_scanning | ||
"ARM_ENVIRONMENT" = var.arm_environment | ||
"MANAGED_IDENTITY_CLIENT_ID" = azurerm_user_assigned_identity.airlock_id.client_id | ||
"TRE_ID" = var.tre_id | ||
"WEBSITE_CONTENTOVERVNET" = 1 | ||
"STORAGE_ENDPOINT_SUFFIX" = module.terraform_azurerm_environment_configuration.storage_suffix | ||
} | ||
|
||
site_config { | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -62,6 +62,9 @@ variable "airlock_servicebus" { | |
default_primary_connection_string = string | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Have you tried to add the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. yes, it is, refactored |
||
}) | ||
} | ||
variable "airlock_servicebus_fqdn" { | ||
type = string | ||
} | ||
variable "tre_core_tags" { | ||
type = map(string) | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So you have confirmed that the current versions we use don't support this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not yet, planning to do confirm first thing this morning.