bastion

claranet/bastion/azurerm

Terraform Module HCL AZURERM

Terraform module for Azure Bastion (Managed Jump Host)

Install

module "bastion" {

source = "claranet/bastion/azurerm"

version = "8.0.2"

}

plain text: /constructs/tfmod-claranet-bastion-azurerm/install.txt

⭐ Source on GitHub 📦 Registry page

README

Azure Bastion ![Changelog](CHANGELOG.md) ![Notice](NOTICE) ![Apache V2 License](LICENSE) ![OpenTofu Registry](https://search.opentofu.org/module/claranet/bastion/azurerm/) Azure terraform module to create an Azure Bastion (managed jump host) with optional dedicated subnet. Naming Resource naming is based on the Microsoft CAF naming convention best practices. Legacy naming is available by setting the parameter use_caf_naming to false. We rely on the official Terraform Azure CAF naming provider to generate resource names. Global versioning rule for Claranet Azure modules | Module version | Terraform version | OpenTofu version | AzureRM version | | -------------- | ----------------- | ---------------- | --------------- | | >= 8.x.x | Unverified | 1.8.x | >= 4.0 | | >= 7.x.x | 1.3.x | | >= 3.0

Inputs (29)

Name	Type	Description	Default
location	string	Azure region to use.	required
client_name	string	Client name/account used in naming.	required
environment	string	Project environment.	required
logs_destinations_ids	list(string)	List of destination resources IDs for logs diagnostic destination. Can be `Stora	required
location_short	string	Short string for Azure location.	required
virtual_network_name	string	Virtual Network Name where the dedicated Subnet and Bastion will be created.	required
subnet_bastion_cidr	string	CIDR range for the dedicated Bastion subnet. Must be a range available in the VN	required
resource_group_name	string	Name of the resource group.	required
stack	string	Project stack name.	required
shareable_link_enabled	bool	Is Shareable Link feature enabled for the Bastion Host.	`false`
file_copy_enabled	bool	Is File Copy feature enabled for the Bastion Host.	`true`
logs_categories	list(string)	Log categories to send to destinations.	`null`
logs_metrics_categories	list(string)	Metrics categories to send to destinations.	`null`
custom_name	string	Custom Bastion name, generated if not set.	`""`
custom_ipconfig_name	string	Bastion IP Config custom name.	`""`
default_outbound_access_enabled	bool	Enable or Disable default_outbound_access. See [documentation](https://learn.mic	`false`
name_prefix	string	Optional prefix for the generated name.	`""`
custom_public_ip_name	string	Bastion IP Config resource custom name.	`""`
extra_tags	map(string)	Additional tags to associate with resources.	`{}`
sku	string	The SKU of the Bastion Host. Accepted values are `Basic` and `Standard`.	`"Standard"`
scale_units	number	The number of scale units which to provision the Bastion Host. Possible values a	`2`
network_resource_group_name	string	VNet and subnet Resource group name. To use only if you need to have a dedicated	`""`
public_ip_zones	list(number)	Zones for public IP attached to the Bastion Host. Can be `null` if no zone distp	`[ 1, 2, 3 ]`
diagnostic_settings_custom_name	string	Custom name of the diagnostics settings, name will be `default` if not set.	`"default"`
name_suffix	string	Optional suffix for the generated name.	`""`
tunneling_enabled	bool	Is Tunneling feature enabled for the Bastion Host.	`true`
ip_connect_enabled	bool	Is IP Connect feature enabled for the Bastion Host.	`true`
copy_paste_enabled	bool	Is Copy/Paste feature enabled for the Bastion Host.	`true`
default_tags_enabled	bool	Option to enable or disable default tags.	`true`