Update dependencies

PerfectThymeTech · Feb 12, 2024 · 0dd4b0b · 0dd4b0b
1 parent 69f10c6
commit 0dd4b0b
Show file tree

Hide file tree

Showing 3 changed files with 74 additions and 3 deletions.
diff --git a/code/infra/datalake.tf b/code/infra/datalake.tf
@@ -125,7 +125,8 @@ resource "azurerm_storage_data_lake_gen2_filesystem" "data_lake_gen2_filesystem_
   }
 
   depends_on = [
-    azurerm_role_assignment.current_roleassignment_datalake
+    azurerm_role_assignment.current_roleassignment_datalake,
+    azurerm_private_endpoint.datalake_private_endpoint_dfs,
   ]
 }
 
@@ -138,7 +139,8 @@ resource "azurerm_storage_container" "datalake_containers" {
   container_access_type = "private"
 
   depends_on = [
-    azurerm_role_assignment.current_roleassignment_datalake
+    azurerm_role_assignment.current_roleassignment_datalake,
+    azurerm_private_endpoint.datalake_private_endpoint_blob,
   ]
 }
 
@@ -167,6 +169,31 @@ resource "azurerm_private_endpoint" "datalake_private_endpoint_blob" {
   }
 }
 
+resource "azurerm_private_endpoint" "datalake_private_endpoint_dfs" {
+  name                = "${azurerm_storage_account.datalake.name}-dfs-pe"
+  location            = var.location
+  resource_group_name = azurerm_storage_account.datalake.resource_group_name
+  tags                = var.tags
+
+  custom_network_interface_name = "${azurerm_storage_account.datalake.name}-dfs-nic"
+  private_service_connection {
+    name                           = "${azurerm_storage_account.datalake.name}-dfs-pe"
+    is_manual_connection           = false
+    private_connection_resource_id = azurerm_storage_account.datalake.id
+    subresource_names              = ["dfs"]
+  }
+  subnet_id = data.azurerm_subnet.subnet.id
+  dynamic "private_dns_zone_group" {
+    for_each = var.private_dns_zone_id_blob == "" ? [] : [1]
+    content {
+      name = "${azurerm_storage_account.datalake.name}-dfs-arecord"
+      private_dns_zone_ids = [
+        var.private_dns_zone_id_blob
+      ]
+    }
+  }
+}
+
 resource "azurerm_private_endpoint" "datalake_private_endpoint_file" {
   name                = "${azurerm_storage_account.datalake.name}-file-pe"
   location            = var.location

diff --git a/code/infra/synapse_linked_services.tf b/code/infra/synapse_linked_services.tf
@@ -1,4 +1,4 @@
-resource "azurerm_synapse_linked_service" "synapse_linked_service_storage_account_external" {
+resource "azurerm_synapse_linked_service" "synapse_linked_service_datalake" {
   synapse_workspace_id = azurerm_synapse_workspace.synapse_workspace.id
   name                 = "DataLake"
 
@@ -18,3 +18,24 @@ resource "azurerm_synapse_linked_service" "synapse_linked_service_storage_accoun
     azurerm_synapse_managed_private_endpoint.synapse_managed_private_endpoint_datalake,
   ]
 }
+
+resource "azurerm_synapse_linked_service" "synapse_linked_service_storage" {
+  synapse_workspace_id = azurerm_synapse_workspace.synapse_workspace.id
+  name                 = "AzureMachineLearningStorage"
+
+  description          = "Default storage of Azure Machine Learning."
+  type                 = "AzureBlobFS"
+  type_properties_json = <<JSON
+  {
+    "url": "${azurerm_storage_account.storage.primary_blob_endpoint}"
+  }
+  JSON
+  integration_runtime {
+    name = local.linked_service_integration_runtime_name
+  }
+
+  depends_on = [
+    azurerm_private_endpoint.synapse_workspace_private_endpoint_dev,
+    azurerm_synapse_managed_private_endpoint.synapse_managed_private_endpoint_storage,
+  ]
+}
diff --git a/code/infra/synapse_managed_pes.tf b/code/infra/synapse_managed_pes.tf
@@ -43,3 +43,26 @@ resource "null_resource" "synapse_managed_private_endpoint_datalake_approval" {
     command     = "./Approve-ManagedPrivateEndpoint.ps1 -ResourceId '${azurerm_storage_account.datalake.id}' -SynapseWorkspaceName '${azurerm_synapse_workspace.synapse_workspace.name}' -SynapseManagedPrivateEndpointName '${azurerm_synapse_managed_private_endpoint.synapse_managed_private_endpoint_datalake.name}'"
   }
 }
+
+resource "azurerm_synapse_managed_private_endpoint" "synapse_managed_private_endpoint_storage" {
+  synapse_workspace_id = azurerm_synapse_workspace.synapse_workspace.id
+  name                 = "AzureMachineLearningStorage"
+
+  target_resource_id = azurerm_storage_account.storage.id
+  subresource_name   = "blob"
+
+  depends_on = [
+    azurerm_private_endpoint.synapse_workspace_private_endpoint_dev,
+  ]
+}
+
+resource "null_resource" "synapse_managed_private_endpoint_datalake_approval" {
+  triggers = {
+    run_once = "true"
+  }
+  provisioner "local-exec" {
+    working_dir = "${path.module}/../scripts/"
+    interpreter = ["pwsh", "-Command"]
+    command     = "./Approve-ManagedPrivateEndpoint.ps1 -ResourceId '${azurerm_storage_account.storage.id}' -SynapseWorkspaceName '${azurerm_synapse_workspace.synapse_workspace.name}' -SynapseManagedPrivateEndpointName '${azurerm_synapse_managed_private_endpoint.synapse_managed_private_endpoint_storage.name}'"
+  }
+}