A Terraform module which deploys a Snowplow Iglu Server application on Azure running on top of a scale-set.
This module by default collects and forwards telemetry information to Snowplow to understand how our applications are being used. No identifying information about your sub-account or account fingerprints are ever forwarded to us - it is very simple information about what modules and applications are deployed and active.
If you wish to subscribe to our mailing list for updates to these modules or security advisories please set the user_provided_id variable to include a valid email address which we can reach you at.
To disable telemetry simply set variable telemetry_enabled = false.
For details on what information is collected please see this module: https://github.com/snowplow-devops/terraform-snowplow-telemetry
The Iglu Server stack requires a Load Balancer and a Postgres instance to save information into for its backend. Here we are using several managed modules to facilitate this requirement but you can also sub in your own Postgres Host and Load Balancer if you prefer to do so.
locals {
iglu_db_name = "iglu"
iglu_db_username = "iglu"
# Keep this secret!!
iglu_db_password = "Hell0W0rld!"
# Used for API actions on the Iglu Server. Keep this secret!!
iglu_super_api_key = "2f48ad70-b70c-4f58-af3b-f19d8b7706e1"
}
module "iglu_db" {
source = "snowplow-devops/postgresql-server/azurerm"
version = "0.1.1"
name = "iglu-db"
resource_group_name = var.resource_group_name
subnet_id = var.subnet_id
db_name = local.iglu_db_name
db_username = local.iglu_db_username
db_password = local.iglu_db_password
}
module "iglu_lb" {
source = "snowplow-devops/lb/azurerm"
version = "0.2.0"
name = "iglu-lb"
resource_group_name = var.resource_group_name
subnet_id = var.agw_subnet_id
probe_path = "/api/meta/health"
}
module "iglu_server" {
source = "snowplow-devops/iglu-server-vmss/azurerm"
accept_limited_use_license = true
name = "iglu-server"
resource_group_name = var.resource_group_name
subnet_id = var.subnet_id
application_gateway_backend_address_pool_ids = [module.iglu_lb.agw_backend_address_pool_id]
ingress_port = module.iglu_lb.agw_backend_egress_port
ssh_public_key = "your-public-key-here"
ssh_ip_allowlist = ["0.0.0.0/0"]
db_name = module.iglu_db.db_name
db_host = module.iglu_db.db_host
db_port = module.iglu_db.db_port
db_username = module.iglu_db.db_username
db_password = module.iglu_db.db_password
super_api_key = local.iglu_super_api_key
}| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| azurerm | >= 3.58.0 |
| Name | Version |
|---|---|
| azurerm | >= 3.58.0 |
| Name | Source | Version |
|---|---|---|
| service | snowplow-devops/service-vmss/azurerm | 0.1.1 |
| telemetry | snowplow-devops/telemetry/snowplow | 0.5.0 |
| Name | Type |
|---|---|
| azurerm_network_security_group.nsg | resource |
| azurerm_network_security_rule.egress_tcp_443 | resource |
| azurerm_network_security_rule.egress_tcp_80 | resource |
| azurerm_network_security_rule.egress_tcp_db | resource |
| azurerm_network_security_rule.egress_udp_123 | resource |
| azurerm_network_security_rule.ingress_tcp_22 | resource |
| azurerm_resource_group.rg | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| db_host | The hostname of the database to connect to | string |
n/a | yes |
| db_name | The name of the database to connect to | string |
n/a | yes |
| db_password | The password to use to connect to the database | string |
n/a | yes |
| db_port | The port the database is running on | number |
n/a | yes |
| db_username | The username to use to connect to the database | string |
n/a | yes |
| ingress_port | The port that the Iglu Server will be bound to and expose over HTTP | number |
n/a | yes |
| name | A name which will be pre-pended to the resources created | string |
n/a | yes |
| resource_group_name | The name of the resource group to deploy the service into | string |
n/a | yes |
| ssh_public_key | The SSH public key attached for access to the servers | string |
n/a | yes |
| subnet_id | The subnet id to deploy the load balancer across | string |
n/a | yes |
| super_api_key | A UUIDv4 string to use as the master API key for Iglu Server management | string |
n/a | yes |
| accept_limited_use_license | Acceptance of the SLULA terms (https://docs.snowplow.io/limited-use-license-1.0/) | bool |
false |
no |
| app_version | App version to use. This variable facilitates dev flow, the modules may not work with anything other than the default value. | string |
"0.12.0" |
no |
| application_gateway_backend_address_pool_ids | The ID of an Application Gateway backend address pool to bind the VM scale-set to the load balancer | list(string) |
[] |
no |
| associate_public_ip_address | Whether to assign a public ip address to this instance | bool |
true |
no |
| java_opts | Custom JAVA Options | string |
"-XX:InitialRAMPercentage=75 -XX:MaxRAMPercentage=75" |
no |
| patches_allowed | Whether or not patches are allowed for published Iglu Schemas | bool |
true |
no |
| ssh_ip_allowlist | The comma-seperated list of CIDR ranges to allow SSH traffic from | list(string) |
[ |
no |
| tags | The tags to append to this resource | map(string) |
{} |
no |
| telemetry_enabled | Whether or not to send telemetry information back to Snowplow Analytics Ltd | bool |
true |
no |
| user_provided_id | An optional unique identifier to identify the telemetry events emitted by this stack | string |
"" |
no |
| vm_instance_count | The instance count to use | number |
1 |
no |
| vm_sku | The instance type to use | string |
"Standard_B1ms" |
no |
| Name | Description |
|---|---|
| nsg_id | ID of the network security group attached to the Iglu Server nodes |
| vmss_id | ID of the VM scale-set |
Copyright 2023-present Snowplow Analytics Ltd.
Licensed under the Snowplow Limited Use License Agreement. (If you are uncertain how it applies to your use case, check our answers to frequently asked questions.)