Facebook

Untitled safest cryptocurrency exchange

From Amit Baranes, 4 Years ago, written in Plain Text.
URL https://pastebin.pl/view/bf64b144
Embed
Download Paste or View Raw
Hits: 380
  1. provider "azurerm" {
  2. version = "=2.25.0"
  3. features {}
  4. }
  5.  
  6. data "azurerm_client_config" "current" {}
  7.  
  8. resource "tls_private_key" "example_ssh" {
  9. algorithm = "RSA"
  10. rsa_bits = 4096
  11. }
  12.  
  13. output "tls_private_key" { value = "tls_private_key.example_ssh.private_key_pem" }
  14.  
  15. resource "azurerm_resource_group" "example" {
  16. name = "Encrypt-resources"
  17. location = "North Europe"
  18. }
  19.  
  20. resource "azurerm_virtual_network" "example" {
  21. name = "Encrypt-network"
  22. address_space = ["10.0.0.0/16"]
  23. location = "${azurerm_resource_group.example.location}"
  24. resource_group_name = "${azurerm_resource_group.example.name}"
  25. }
  26.  
  27. resource "azurerm_subnet" "internal" {
  28. name = "internal"
  29. resource_group_name = "${azurerm_resource_group.example.name}"
  30. virtual_network_name = "${azurerm_virtual_network.example.name}"
  31. address_prefix = "10.0.2.0/24"
  32. }
  33.  
  34. resource "azurerm_network_interface" "example" {
  35. name = "Encrypt-nic"
  36. location = "${azurerm_resource_group.example.location}"
  37. resource_group_name = "${azurerm_resource_group.example.name}"
  38.  
  39. ip_configuration {
  40. name = "testconfiguration1"
  41. subnet_id = "${azurerm_subnet.internal.id}"
  42. private_ip_address_allocation = "Dynamic"
  43. }
  44. }
  45.  
  46. resource "azurerm_key_vault" "example" {
  47. name = "TF-keyvault-omersh"
  48. location = "${azurerm_resource_group.example.location}"
  49. resource_group_name = "${azurerm_resource_group.example.name}"
  50. tenant_id = "${data.azurerm_client_config.current.tenant_id}"
  51. soft_delete_enabled = true
  52. enabled_for_disk_encryption = true
  53. purge_protection_enabled = true
  54. enabled_for_deployment = true
  55. sku_name = "premium"
  56.  
  57.  
  58.  
  59.   # Access Policy for Terraform User
  60.   access_policy {
  61.   tenant_id = data.azurerm_client_config.current.tenant_id
  62.   object_id = data.azurerm_client_config.current.object_id
  63.  
  64.     key_permissions = [
  65.       "Get",
  66.       "List",
  67.       "Update",
  68.       "Create",
  69.       "Import",
  70.       "Delete",
  71.       "Recover",
  72.       "Backup",
  73.       "Restore"
  74.     ]
  75.  
  76.     secret_permissions = [
  77.       "Get",
  78.       "List",
  79.       "Set",
  80.       "Delete",
  81.       "Recover",
  82.       "Backup",
  83.       "Restore"
  84.     ]
  85.  
  86.     certificate_permissions = [
  87.       "Get",
  88.       "List",
  89.       "Update",
  90.       "Create",
  91.       "Import",
  92.       "Delete",
  93.       "Recover",
  94.       "Backup",
  95.       "Restore",
  96.       "ManageContacts",
  97.       "ManageIssuers",
  98.       "GetIssuers",
  99.       "ListIssuers",
  100.       "SetIssuers",
  101.       "DeleteIssuers"
  102.     ]
  103.   }
  104.  
  105.  
  106. }
  107.  
  108. resource "azurerm_key_vault_key" "example" {
  109. name = "TF-key-omersh"
  110. key_vault_id = "${azurerm_key_vault.example.id}"
  111. key_type = "RSA"
  112. key_size = 2048
  113.  
  114. key_opts = [
  115. "decrypt",
  116. "encrypt",
  117. "sign",
  118. "unwrapKey",
  119. "verify",
  120. "wrapKey",
  121. ]
  122. }
  123.  
  124.  
  125. resource "azurerm_disk_encryption_set" "example" {
  126. name = "example-set"
  127. resource_group_name = "${azurerm_resource_group.example.name}"
  128. location = "${azurerm_resource_group.example.location}"
  129. key_vault_key_id = "${azurerm_key_vault_key.example.id}"
  130.  
  131. identity {
  132. type = "SystemAssigned"
  133. }
  134. }
  135. resource "azurerm_key_vault_access_policy" "disk-encryption" {
  136. key_vault_id = "${azurerm_key_vault.example.id}"
  137.  
  138. tenant_id = azurerm_disk_encryption_set.example.identity.0.tenant_id
  139. object_id = azurerm_disk_encryption_set.example.identity.0.principal_id
  140. key_permissions = [
  141. "create",
  142. "get",
  143. "list",
  144. "wrapkey",
  145. "unwrapkey",
  146. ]
  147. secret_permissions = [
  148. "get",
  149. "list",
  150. ]
  151.     storage_permissions = [
  152.       "get",
  153.     ]
  154. }
  155.  
  156. resource "azurerm_role_assignment" "disk-encryption-read-keyvault" {
  157. scope = "${azurerm_key_vault.example.id}"
  158. role_definition_name = "Reader"
  159. principal_id = "${azurerm_disk_encryption_set.example.identity.0.principal_id}"
  160. }
  161.  
  162.  

Replies to Untitled rss

Title Name Language When
Re: Untitled Amit Baranes text 4 Years ago.

Reply to "Untitled"