Merge pull request #26 from MicrosoftCloudEssentials-LearningHub/front-door

brown9804 · web-flow · commit 1d24188849a7 · 2025-06-12T13:44:04.000-06:00
Front door sample
diff --git a/3_networking/front-door/README.md b/3_networking/front-door/README.md
@@ -0,0 +1,62 @@
+# Terraform Template - Azure Front Door
+
+Costa Rica
+
+[![GitHub](https://img.shields.io/badge/--181717?logo=github&logoColor=ffffff)](https://github.com/)
+[brown9804](https://github.com/brown9804)
+
+Last updated: 2025-06-12
+
+----------
+
+> This template contains Terraform configurations to create and manage an Azure Front Door Standard/Premium profile, including frontend endpoint, backend pool, health probe, and routing rule.
+
+> [!NOTE]
+> This Front Door configuration uses best practices for global HTTP/HTTPS load balancing and health monitoring.
+
+<p align="center">
+    <img width="700" alt="image" src="https://github.com/user-attachments/assets/2571f8a5-a5d3-4785-9b50-71275a31ab77">
+</p>
+
+## File Descriptions
+
+- **main.tf**: Contains the main configuration for creating the Azure Front Door profile and its associated resources.
+- **variables.tf**: Defines the input variables used in the Terraform configuration.
+- **terraform.tfvars**: Provides default values for the variables defined in `variables.tf`.
+- **outputs.tf**: Defines the outputs such as Front Door profile ID and frontend endpoint hostname.
+
+## Variables
+
+> Below is a list of variables used in this template, their expected values, types, and examples:
+
+| Variable Name         | Description                                      | Type   | Example Value                |
+|---------------------- |--------------------------------------------------|--------|-----------------------------|
+| `subscription_id`     | The Azure subscription ID                        | string | `"00000000-0000-0000-0000-000000000000"` |
+| `resource_group_name` | The name of the resource group                   | string | `"my-frontdoor-rg"`         |
+| `location`            | The Azure region to deploy resources             | string | `"eastus"`                  |
+| `front_door_name`     | The name of the Azure Front Door profile         | string | `"myfrontdoorprofile"`      |
+| `backend_host`        | The backend host (FQDN or IP) for Front Door     | string | `"mybackend.example.com"`   |
+
+## Usage
+
+1. Clone the repository and navigate to the front-door directory.
+2. Update the `terraform.tfvars` file with your values.
+3. Initialize and apply the Terraform configuration:
+
+```bash
+terraform init
+terraform plan
+terraform apply
+```
+
+## Outputs
+
+| Output Name                  | Description                                 |
+|------------------------------|---------------------------------------------|
+| `front_door_id`              | The ID of the Front Door profile            |
+| `front_door_frontend_endpoint` | The frontend endpoint hostname of Front Door |
+
+<div align="center">
+  <h3 style="color: #4CAF50;">Total Visitors</h3>
+  <img src="https://profile-counter.glitch.me/brown9804/count.svg" alt="Visitor Count" style="border: 2px solid #4CAF50; border-radius: 5px; padding: 5px;"/>
+</div>
diff --git a/3_networking/front-door/main.tf b/3_networking/front-door/main.tf
@@ -0,0 +1,61 @@
+# main.tf
+# Azure Front Door Standard/Premium configuration with required origin group and origin
+
+resource "azurerm_resource_group" "fd" {
+  name     = var.resource_group_name
+  location = var.location
+}
+
+resource "azurerm_cdn_frontdoor_profile" "fd" {
+  name                = var.front_door_name
+  resource_group_name = azurerm_resource_group.fd.name
+  sku_name            = "Standard_AzureFrontDoor"
+}
+
+resource "azurerm_cdn_frontdoor_endpoint" "fd" {
+  name                     = var.frontend_endpoint_name
+  cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd.id
+}
+
+resource "azurerm_cdn_frontdoor_origin_group" "fd" {
+  name                     = "originGroup1"
+  cdn_frontdoor_profile_id = azurerm_cdn_frontdoor_profile.fd.id
+
+  health_probe {
+    interval_in_seconds = 30
+    path                = var.health_probe_path
+    protocol            = var.health_probe_protocol
+    request_type        = "GET"
+  }
+
+  load_balancing {
+    sample_size = 4
+    successful_samples_required = 3
+  }
+}
+
+resource "azurerm_cdn_frontdoor_origin" "fd" {
+  name                          = "origin1"
+  cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.fd.id
+  host_name                     = var.backend_host
+  http_port                     = 80
+  https_port                    = 443
+  enabled                       = true
+  origin_host_header            = var.backend_host
+  priority                      = 1
+  weight                        = 1000
+  certificate_name_check_enabled = true
+}
+
+resource "azurerm_cdn_frontdoor_route" "routing_rule" {
+  name                          = var.routing_rule_name
+  cdn_frontdoor_endpoint_id     = azurerm_cdn_frontdoor_endpoint.fd.id
+  cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.fd.id
+  cdn_frontdoor_origin_ids      = [azurerm_cdn_frontdoor_origin.fd.id]
+  supported_protocols           = var.accepted_protocols
+  patterns_to_match             = var.patterns_to_match
+  forwarding_protocol           = "MatchRequest"
+  enabled                       = true
+  https_redirect_enabled        = false
+  link_to_default_domain        = true
+}
diff --git a/3_networking/front-door/outputs.tf b/3_networking/front-door/outputs.tf
@@ -0,0 +1,12 @@
+# outputs.tf
+# This file defines the outputs for the Front Door configuration.
+
+output "front_door_id" {
+  description = "The ID of the Front Door profile"
+  value       = azurerm_cdn_frontdoor_profile.fd.id
+}
+
+output "front_door_frontend_endpoint" {
+  description = "The frontend endpoint hostname of the Front Door"
+  value       = azurerm_cdn_frontdoor_endpoint.fd.host_name
+}
diff --git a/3_networking/front-door/provider.tf b/3_networking/front-door/provider.tf
@@ -0,0 +1,19 @@
+# provider.tf
+# This file configures the Azure provider to interact with Azure resources.
+# It specifies the required provider and its version, along with provider-specific configurations.
+
+terraform {
+  required_version = ">= 1.8, < 2.0"
+  # Specify the required provider and its version
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"  # Source of the AzureRM provider
+      version = "~> 4.16.0"          # Version of the AzureRM provider
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}                        # Enable all features for the AzureRM provider
+  subscription_id = var.subscription_id  # Use the subscription ID variable
+}
diff --git a/3_networking/front-door/terraform.tfvars b/3_networking/front-door/terraform.tfvars
@@ -0,0 +1,26 @@
+# terraform.tfvars
+# This file provides default values for the variables defined in variables.tf.
+# These values can be overridden by specifying different values during Terraform execution.
+
+# Azure Subscription
+subscription_id = "" # your-subscription-id
+
+# Resource Group
+resource_group_name = "RG-frontdoor-test"
+location            = "eastus"
+
+# Front Door Configuration
+front_door_name     = "myfrontdoorprofilebrown"
+backend_host        = "mybackendtestbrown.example.com"
+
+# Frontend Endpoint Configuration
+frontend_endpoint_name = "frontendEndpoint"
+
+# Health Probe Configuration
+health_probe_path     = "/"
+health_probe_protocol = "Http"
+
+# Routing Rule Configuration
+routing_rule_name    = "routingRule1"
+accepted_protocols   = ["Http", "Https"]
+patterns_to_match    = ["/*"]
diff --git a/3_networking/front-door/variables.tf b/3_networking/front-door/variables.tf
@@ -0,0 +1,61 @@
+# variables.tf
+# This file defines the input variables used in the Terraform configuration.
+
+variable "subscription_id" {
+  description = "The Azure subscription ID"
+  type        = string
+}
+
+variable "resource_group_name" {
+  description = "The name of the resource group"
+  type        = string
+}
+
+variable "location" {
+  description = "The Azure region to deploy resources"
+  type        = string
+}
+
+variable "front_door_name" {
+  description = "The name of the Azure Front Door Standard profile"
+  type        = string
+}
+
+variable "backend_host" {
+  description = "The backend host (FQDN or IP) where Front Door will route traffic"
+  type        = string
+}
+
+variable "frontend_endpoint_name" {
+  description = "The name of the Front Door frontend endpoint"
+  type        = string
+}
+
+variable "health_probe_path" {
+  description = "The path used for health probing"
+  type        = string
+  default     = "/"
+}
+
+variable "health_probe_protocol" {
+  description = "The protocol for health probing (Http or Https)"
+  type        = string
+  default     = "Http"
+}
+
+variable "routing_rule_name" {
+  description = "The name of the routing rule"
+  type        = string
+}
+
+variable "accepted_protocols" {
+  description = "List of accepted protocols for routing"
+  type        = list(string)
+  default     = ["Http", "Https"]
+}
+
+variable "patterns_to_match" {
+  description = "URL patterns for request matching"
+  type        = list(string)
+  default     = ["/*"]
+}
