search

Azure / terraform-azurerm-alz-management

Terraform module to deploy Azure Landing Zone Management resources.
https://registry.terraform.io/modules/Azure/alz-management/azurerm/latest
MIT License
9 stars 6 forks source link

Support for Linked Automation Accounts in restricted regions #29

Closed OmnipotentOwl closed 1 year ago

OmnipotentOwl commented 1 year ago

Is there an existing issue for this?

Description

When deploying the module in EastUS or EastUS2 and intending to use the automation account functionality for Update Management, Change Tracking and Inventory, and Start/Stop VMs the functionality will fail to be operable because the region of the automation account is not supported for the pairing. Included in the references section is the article that describes the pairing limitations and includes the notes about the exception to the normal configuration when it comes to East US and East US2.

To support this capability to use the module when deploying in these regions I would propose that the module be updated to support allowing the overriding of the "location" variable for the automation account with the default value left to null so that it can be provided conditionally. This would support the ability to override while not including any breaking changes in the module.

New or Affected Resource(s)/Data Source(s)

azurerm_automation_account

Potential Terraform Configuration

module "management" {
  source = "../.."

  automation_account_name      = "aa-terraform-azure"
  automation_account_location  = "eastus2"
  location                     = "eastus"
  log_analytics_workspace_name = "law-terraform-azure"
  resource_group_name          = "rg-terraform-azure"
}

References

REF: https://learn.microsoft.com/en-us/azure/automation/how-to/region-mappings#supported-mappings-for-log-analytics-and-azure-automation