fixes for synapse

fix
spark version for databricks
2022-10-24 17:02:21 +02:00 · 2022-10-24 15:03:22 +02:00 · 2022-10-21 09:33:34 +02:00 · 2022-10-20 16:09:23 +02:00 · 2022-10-20 16:02:03 +02:00 · 2022-10-20 15:50:55 +02:00
54 changed files with 908 additions and 1073 deletions
--- a/appgateways/appgw-e2e/main.tf
+++ b/appgateways/appgw-e2e/main.tf
@@ -416,6 +416,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_https
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_443
    priority                   = 1
  }
@@ -426,6 +427,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_8443
    backend_address_pool_name  = local.backend_address_pool_qdc
    backend_http_settings_name = local.http_setting_name_8443
    priority                   = 2
  }
  # NPrinting routing rules
@@ -435,6 +437,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_4993
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_4993
    priority                   = 3
  }
  request_routing_rule {
    name                       = local.request_routing_rule_4994
@@ -442,6 +445,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_4994
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_4994
    priority                   = 4
  }
@@ -451,6 +455,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_4552
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_4552
    priority                   = 5
  }
@@ -461,6 +466,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_4435
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_4435
    priority                   = 6
  }
@@ -477,6 +483,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    rule_type                   = "Basic"
    http_listener_name          = local.listener_name_http
    redirect_configuration_name = local.redirect_configuration_80
    priority                    = 7
  }
  # Redirect QDC 8080 to 8443
@@ -492,6 +499,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    rule_type                   = "Basic"
    http_listener_name          = local.listener_name_8080
    redirect_configuration_name = local.redirect_configuration_8080
    priority                    = 8
  }
 }
--- a/appgateways/appgw-e2e/variables.tf
+++ b/appgateways/appgw-e2e/variables.tf
@@ -24,7 +24,7 @@ variable "app_gw_subnet" {
 }
 variable "log_analytics_workspace_id" {
-  default = "/subscriptions/62ebff8f-c40b-41be-9239-252d6c0c8ad9/resourcegroups/appgw_rg/providers/microsoft.operationalinsights/workspaces/qmi-log-analytics"
+  default = "/subscriptions/62ebff8f-c40b-41be-9239-252d6c0c8ad9/resourceGroups/appgw_rg/providers/Microsoft.OperationalInsights/workspaces/qmi-log-analytics"
 }
 variable "cert_name" {
--- a/appgateways/appgw-qdc-qs/main.tf
+++ b/appgateways/appgw-qdc-qs/main.tf
@@ -357,6 +357,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_https
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_443
    priority                   = 1
  }
@@ -367,6 +368,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_8443
    backend_address_pool_name  = local.backend_address_pool_qdc
    backend_http_settings_name = local.http_setting_name_8443
    priority                   = 2
  }
  # NPrinting routing rules
@@ -376,6 +378,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_4993
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_4993
    priority                   = 3
  }
  request_routing_rule {
    name                       = local.request_routing_rule_4994
@@ -383,6 +386,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_4994
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_4994
    priority                   = 4
  }
  # QIB routing rule
@@ -392,6 +396,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_4435
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_4435
    priority                   = 5
  }
@@ -408,6 +413,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    rule_type                   = "Basic"
    http_listener_name          = local.listener_name_http
    redirect_configuration_name = local.redirect_configuration_80
    priority                   = 6
  }
 }
--- a/appgateways/appgw-qdc-qs/variables.tf
+++ b/appgateways/appgw-qdc-qs/variables.tf
@@ -24,7 +24,7 @@ variable "app_gw_subnet" {
 }
 variable "log_analytics_workspace_id" {
-  default = "/subscriptions/62ebff8f-c40b-41be-9239-252d6c0c8ad9/resourcegroups/appgw_rg/providers/microsoft.operationalinsights/workspaces/qmi-log-analytics"
+  default = "/subscriptions/62ebff8f-c40b-41be-9239-252d6c0c8ad9/resourceGroups/appgw_rg/providers/Microsoft.OperationalInsights/workspaces/qmi-log-analytics"
 }
 variable "cert_name" {
--- a/appgateways/appgw-qdc/main.tf
+++ b/appgateways/appgw-qdc/main.tf
@@ -127,6 +127,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_8443
    backend_address_pool_name  = local.backend_address_pool_qdc
    backend_http_settings_name = local.http_setting_name_8443
    priority                   = 1
  }
 }
--- a/appgateways/appgw-qdc/variables.tf
+++ b/appgateways/appgw-qdc/variables.tf
@@ -24,7 +24,7 @@ variable "app_gw_subnet" {
 }
 variable "log_analytics_workspace_id" {
-  default = "/subscriptions/62ebff8f-c40b-41be-9239-252d6c0c8ad9/resourcegroups/appgw_rg/providers/microsoft.operationalinsights/workspaces/qmi-log-analytics"
+  default = "/subscriptions/62ebff8f-c40b-41be-9239-252d6c0c8ad9/resourceGroups/appgw_rg/providers/Microsoft.OperationalInsights/workspaces/qmi-log-analytics"
 }
 variable "cert_name" {
--- a/appgateways/appgw-qs/main.tf
+++ b/appgateways/appgw-qs/main.tf
@@ -338,6 +338,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_https
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_443
    priority                   = 1
  }
@@ -348,6 +349,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_4993
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_4993
    priority                   = 2
  }
  request_routing_rule {
    name                       = local.request_routing_rule_4994
@@ -355,6 +357,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_4994
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_4994
    priority                   = 3
  }
  # QIB routing rule (needs QIB using qmi.qlik-poc.com certs)
@@ -364,6 +367,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_4435
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_4435
    priority                   = 4
  }
  # Qlik Alerting routing rule (needs Qlik Alerting using qmi.qlik-poc.com certs)
@@ -373,6 +377,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    http_listener_name         = local.listener_name_4552
    backend_address_pool_name  = local.backend_address_pool_qs
    backend_http_settings_name = local.http_setting_name_4552
    priority                   = 5
  }
@@ -389,6 +394,7 @@ resource "azurerm_application_gateway" "qmi-app-gw" {
    rule_type                   = "Basic"
    http_listener_name          = local.listener_name_http
    redirect_configuration_name = local.redirect_configuration_80
    priority                    = 6
  }
 }
--- a/appgateways/appgw-qs/variables.tf
+++ b/appgateways/appgw-qs/variables.tf
@@ -24,7 +24,7 @@ variable "app_gw_subnet" {
 }
 variable "log_analytics_workspace_id" {
-  default = "/subscriptions/62ebff8f-c40b-41be-9239-252d6c0c8ad9/resourcegroups/appgw_rg/providers/microsoft.operationalinsights/workspaces/qmi-log-analytics"
+  default = "/subscriptions/62ebff8f-c40b-41be-9239-252d6c0c8ad9/resourceGroups/appgw_rg/providers/Microsoft.OperationalInsights/workspaces/qmi-log-analytics"
 }
 variable "cert_name" {
--- a/aws-credentials/main.tf
+++ b/aws-credentials/main.tf
@@ -1,19 +0,0 @@
 terraform {
    required_version = ">= 0.13"
 }
 provider "azurerm" {    
    features {}
    subscription_id = var.subscription_id
    use_msi = true
 }
 data "azurerm_key_vault_secret" "qmi-aws-access-key" {
  name         = "qmi-aws-access-key"
  key_vault_id = var.key_vault_id
 }
 data "azurerm_key_vault_secret" "qmi-aws-access-secret" {
  name         = "qmi-aws-access-secret"
  key_vault_id = var.key_vault_id
 }
--- a/aws-credentials/output.tf
+++ b/aws-credentials/output.tf
@@ -1,7 +0,0 @@
 output "qmi-aws-access-key" {
    value = data.azurerm_key_vault_secret.qmi-aws-access-key.value
 }
 output "qmi-aws-access-secret" {
    value = data.azurerm_key_vault_secret.qmi-aws-access-secret.value
 }
--- a/aws-credentials/variables.tf
+++ b/aws-credentials/variables.tf
@@ -1,7 +0,0 @@
 variable "subscription_id" {
    default = "62ebff8f-c40b-41be-9239-252d6c0c8ad9"
 }
 variable "key_vault_id" {
    default = "/subscriptions/62ebff8f-c40b-41be-9239-252d6c0c8ad9/resourceGroups/QMI-Machines/providers/Microsoft.KeyVault/vaults/qmisecrets"
 }
--- a/databases/aws-kinesis/output.tf
+++ b/databases/aws-kinesis/output.tf
@@ -23,5 +23,5 @@ output "iam_access_key" {
 }
 output "iam_access_secret" {
-  value = module.iam_user.this_iam_access_key_secret
+  value = nonsensitive(module.iam_user.this_iam_access_key_secret)
 }
--- a/databases/aws-rds/main.tf
+++ b/databases/aws-rds/main.tf
@@ -1,11 +1,11 @@
 terraform {
-  required_version = ">= 0.13"
+  required_version = ">= 0.14"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
-      version = ">= 3.49.0"
+      version = "3.74.0"
    }
  }
 }
@@ -31,6 +31,10 @@ locals {
 }
 module "fw-ips" {
    source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//databases/firewall_ips"
 }
 module "security_group" {
  # SGs created here as Ports differ per Engine. Only Azure Firewall IPs added for now.
@@ -44,45 +48,8 @@ module "security_group" {
  # ingress
-  ingress_cidr_blocks = [
+  ingress_cidr_blocks = module.fw-ips.cidr_blocks
-    "52.249.189.38/32", 
+  
    "13.67.39.86/32", 
    "20.67.110.207/32", 
    "14.98.59.168/29", 
    "182.74.33.8/29", 
    "188.65.156.32/28", 
    "212.73.252.96/29", 
    "194.90.96.176/29", 
    "213.57.84.160/29", 
    "4.4.97.104/29", 
    "206.196.17.32/27", 
    #QCS
    "18.205.71.36/32", 
    "18.232.32.199/32", 
    "34.237.68.254/32", 
    "34.247.21.179/32", 
    "52.31.212.214/32", 
    "54.154.95.18/32", 
    "13.210.43.241/32", 
    "13.236.104.42/32", 
    "13.236.206.172/32",
    "18.138.163.172/32",
    "18.142.157.182/32",
    "54.179.13.251/32",
    #QAA
    "54.216.156.88/32",
    "3.248.156.131/32",
    "52.213.44.55/32",
    "18.235.133.252/32",
    "3.217.244.242/32",
    "18.214.8.201/32",
    "54.206.158.27/32",
    "3.104.137.20/32",
    "3.24.52.178/32",
    "54.169.84.213/32",
    "13.213.173.37/32",
    "13.213.113.162/32"
  ]
  ingress_with_cidr_blocks = [
    {
@@ -96,45 +63,7 @@ module "security_group" {
  # egress
-  egress_cidr_blocks = [
+  egress_cidr_blocks = module.fw-ips.cidr_blocks
    "52.249.189.38/32", 
    "13.67.39.86/32", 
    "20.67.110.207/32", 
    "14.98.59.168/29", 
    "182.74.33.8/29", 
    "188.65.156.32/28", 
    "212.73.252.96/29", 
    "194.90.96.176/29", 
    "213.57.84.160/29", 
    "4.4.97.104/29", 
    "206.196.17.32/27", 
    #QCS
    "18.205.71.36/32", 
    "18.232.32.199/32", 
    "34.237.68.254/32", 
    "34.247.21.179/32", 
    "52.31.212.214/32", 
    "54.154.95.18/32", 
    "13.210.43.241/32", 
    "13.236.104.42/32", 
    "13.236.206.172/32",
    "18.138.163.172/32",
    "18.142.157.182/32",
    "54.179.13.251/32",
    #QAA
    "54.216.156.88/32",
    "3.248.156.131/32",
    "52.213.44.55/32",
    "18.235.133.252/32",
    "3.217.244.242/32",
    "18.214.8.201/32",
    "54.206.158.27/32",
    "3.104.137.20/32",
    "3.24.52.178/32",
    "54.169.84.213/32",
    "13.213.173.37/32",
    "13.213.113.162/32"
  ]
  egress_with_cidr_blocks = [
    {
--- a/databases/aws-redshift/main.tf
+++ b/databases/aws-redshift/main.tf
@@ -37,6 +37,10 @@ locals {
  }
 }
 module "fw-ips" {
    source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//databases/firewall_ips"
 }
 module "security_group" {
  # SGs created here as Ports differ per Engine. Only Azure Firewall IPs added for now.
  source  = "terraform-aws-modules/security-group/aws"
@@ -49,45 +53,7 @@ module "security_group" {
  # ingress
-  ingress_cidr_blocks = [
+  ingress_cidr_blocks = module.fw-ips.cidr_blocks
    "52.249.189.38/32", 
    "13.67.39.86/32", 
    "20.67.110.207/32", 
    "14.98.59.168/29", 
    "182.74.33.8/29", 
    "188.65.156.32/28", 
    "212.73.252.96/29", 
    "194.90.96.176/29", 
    "213.57.84.160/29", 
    "4.4.97.104/29", 
    "206.196.17.32/27", 
    #QCS
    "18.205.71.36/32", 
    "18.232.32.199/32", 
    "34.237.68.254/32", 
    "34.247.21.179/32", 
    "52.31.212.214/32", 
    "54.154.95.18/32", 
    "13.210.43.241/32", 
    "13.236.104.42/32", 
    "13.236.206.172/32",
    "18.138.163.172/32",
    "18.142.157.182/32",
    "54.179.13.251/32",
    #QAA
    "54.216.156.88/32",
    "3.248.156.131/32",
    "52.213.44.55/32",
    "18.235.133.252/32",
    "3.217.244.242/32",
    "18.214.8.201/32",
    "54.206.158.27/32",
    "3.104.137.20/32",
    "3.24.52.178/32",
    "54.169.84.213/32",
    "13.213.173.37/32",
    "13.213.113.162/32"
  ]
  ingress_with_cidr_blocks = [
    {
@@ -101,45 +67,7 @@ module "security_group" {
  # egress
-  egress_cidr_blocks = [
+  egress_cidr_blocks = module.fw-ips.cidr_blocks
    "52.249.189.38/32", 
    "13.67.39.86/32", 
    "20.67.110.207/32", 
    "14.98.59.168/29", 
    "182.74.33.8/29", 
    "188.65.156.32/28", 
    "212.73.252.96/29", 
    "194.90.96.176/29", 
    "213.57.84.160/29", 
    "4.4.97.104/29", 
    "206.196.17.32/27", 
    #QCS
    "18.205.71.36/32", 
    "18.232.32.199/32", 
    "34.237.68.254/32", 
    "34.247.21.179/32", 
    "52.31.212.214/32", 
    "54.154.95.18/32", 
    "13.210.43.241/32", 
    "13.236.104.42/32", 
    "13.236.206.172/32",
    "18.138.163.172/32",
    "18.142.157.182/32",
    "54.179.13.251/32",
    #QAA
    "54.216.156.88/32",
    "3.248.156.131/32",
    "52.213.44.55/32",
    "18.235.133.252/32",
    "3.217.244.242/32",
    "18.214.8.201/32",
    "54.206.158.27/32",
    "3.104.137.20/32",
    "3.24.52.178/32",
    "54.169.84.213/32",
    "13.213.173.37/32",
    "13.213.113.162/32"
  ]
  egress_with_cidr_blocks = [
@@ -185,7 +113,7 @@ module "redshift" {
 module "qmi-s3-bucket" {
-  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//s3-bucket?ref=dev2"
+  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//s3-bucket"
  provision_id                  = var.provision_id
  region                        = var.region
--- a/databases/azure-eventhub/outputs.tf
+++ b/databases/azure-eventhub/outputs.tf
@@ -1,9 +1,9 @@
 output "default_primary_connection_string" {
-  value = azurerm_eventhub_namespace.ehbnamespace.default_primary_connection_string
+  value = nonsensitive(azurerm_eventhub_namespace.ehbnamespace.default_primary_connection_string)
 }
 output "default_primary_key" {
-  value = azurerm_eventhub_namespace.ehbnamespace.default_primary_key
+  value = nonsensitive(azurerm_eventhub_namespace.ehbnamespace.default_primary_key)
 }
 output "namespace_name" {
--- a/databases/azure-rds-flexmysql/firewall.tf
+++ b/databases/azure-rds-flexmysql/firewall.tf
@@ -0,0 +1,31 @@
 /*resource "azurerm_mysql_flexible_server_firewall_rule" "all-azure-services" {
  name                = "AllAzureServices"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_flexible_server.mysql-server.name
  start_ip_address    = "0.0.0.0"
  end_ip_address      = "0.0.0.0"
 }*/
 resource "azurerm_mysql_flexible_server_firewall_rule" "fw-a-rule1" {
  name                = "a1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_flexible_server.mysql-server.name
  start_ip_address    = "52.249.189.38"
  end_ip_address      = "52.249.189.38"
 }
 resource "azurerm_mysql_flexible_server_firewall_rule" "fw-a-rule2" {
  name                = "a2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_flexible_server.mysql-server.name
  start_ip_address    = "13.67.39.86"
  end_ip_address      = "13.67.39.86"
 }
 resource "azurerm_mysql_flexible_server_firewall_rule" "fw-a-rule3" {
  name                = "a3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_flexible_server.mysql-server.name
  start_ip_address    = "20.67.110.207"
  end_ip_address      = "20.67.110.207"
 }
--- a/databases/azure-rds-flexmysql/main.tf
+++ b/databases/azure-rds-flexmysql/main.tf
@@ -49,12 +49,4 @@ resource "azurerm_mysql_flexible_server_configuration" "example" {
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_flexible_server.mysql-server.name
  value               = "full"
 }
 resource "azurerm_mysql_flexible_server_firewall_rule" "all-azure-services" {
  name                = "AllAzureServices"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_flexible_server.mysql-server.name
  start_ip_address    = "0.0.0.0"
  end_ip_address      = "0.0.0.0"
 }
--- a/databases/azure-rds-flexpostgres/firewall.tf
+++ b/databases/azure-rds-flexpostgres/firewall.tf
@@ -0,0 +1,28 @@
 /*resource "azurerm_postgresql_flexible_server_firewall_rule" "all-azure-services" {
  name                = "AllAzureServices"
  server_id = azurerm_postgresql_flexible_server.postgresql-server.id
  start_ip_address    = "0.0.0.0"
  end_ip_address      = "0.0.0.0"
 }*/
 resource "azurerm_postgresql_flexible_server_firewall_rule" "fw-a-rule1" {
  name                = "a1"
  server_id = azurerm_postgresql_flexible_server.postgresql-server.id
  start_ip_address    = "52.249.189.38"
  end_ip_address      = "52.249.189.38"
 }
 resource "azurerm_postgresql_flexible_server_firewall_rule" "fw-a-rule2" {
  name                = "a2"
  server_id = azurerm_postgresql_flexible_server.postgresql-server.id
  start_ip_address    = "13.67.39.86"
  end_ip_address      = "13.67.39.86"
 }
 resource "azurerm_postgresql_flexible_server_firewall_rule" "fw-a-rule3" {
  name                = "a3"
  server_id = azurerm_postgresql_flexible_server.postgresql-server.id
  start_ip_address    = "20.67.110.207"
  end_ip_address      = "20.67.110.207"
 }
--- a/databases/azure-rds-flexpostgres/main.tf
+++ b/databases/azure-rds-flexpostgres/main.tf
@@ -51,11 +51,3 @@ resource "azurerm_postgresql_flexible_server_database" "postgresql-db" {
  collation = "en_US.utf8"
  charset   = "utf8"
 }
 resource "azurerm_postgresql_flexible_server_firewall_rule" "all-azure-services" {
  name                = "AllAzureServices"
  server_id = azurerm_postgresql_flexible_server.postgresql-server.id
  start_ip_address    = "0.0.0.0"
  end_ip_address      = "0.0.0.0"
 }
--- a/databases/azure-rds-mariadb/firewall.tf
+++ b/databases/azure-rds-mariadb/firewall.tf
@@ -0,0 +1,26 @@
 resource "azurerm_mariadb_virtual_network_rule" "vnetrule" {
  count = var.subnet_id != null? 1 : 0
  name                = "vnet-rule-${var.provision_id}"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mariadb_server.mariadb-server.name
  subnet_id           = var.subnet_id
 }
 module "fw-ips" {
    source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//databases/firewall_ips"
 }
 resource "azurerm_mariadb_firewall_rule" "fw_rule" {
  for_each = module.fw-ips.ips
  name                = each.key
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mariadb_server.mariadb-server.name
  start_ip_address    = each.value.0
  end_ip_address      = each.value.1
 }
--- a/databases/azure-rds-mariadb/main.tf
+++ b/databases/azure-rds-mariadb/main.tf
@@ -0,0 +1,47 @@
 resource "random_password" "password" {
  length = 16
  special = true
  override_special = "_!@"
  upper = true
  lower = true
  min_numeric = 2
  min_lower = 2
  min_upper = 2
  min_special = 2
 }
 resource "azurerm_mariadb_server" "mariadb-server" {
  name = "qmi-mariadb-${var.provision_id}"
  location = var.location
  resource_group_name = var.resource_group_name
  administrator_login = var.admin_login
  administrator_login_password = random_password.password.result
  sku_name = var.sku-name
  version = var.db-version
  storage_mb = var.storage
  auto_grow_enabled = true
  backup_retention_days         = 7
  geo_redundant_backup_enabled  = false
  public_network_access_enabled = true
  ssl_enforcement_enabled       = false
  tags = {
    Deployment = "QMI PoC"
    "Cost Center" = "3100"
    QMI_user = var.user_id
  }
 }
 resource "azurerm_mariadb_database" "mariadb-db" {
  name                = "QlikDB"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mariadb_server.mariadb-server.name
  charset             = "utf8"
  collation           = "utf8_unicode_ci"
 }
--- a/databases/azure-rds-mariadb/output.tf
+++ b/databases/azure-rds-mariadb/output.tf
@@ -0,0 +1,11 @@
 output "db_server_fqdn" {
  value = azurerm_mariadb_server.mariadb-server.fqdn
 }
 output "root_username" {
  value = "${var.admin_login}@qmi-mariadb-${var.provision_id}"
 }
 output "root_username_password" {
  value = nonsensitive(random_password.password.result)
 }
--- a/databases/azure-rds-mariadb/variables.tf
+++ b/databases/azure-rds-mariadb/variables.tf
@@ -0,0 +1,43 @@
 variable "resource_group_name" {
 }
 variable "provision_id" {
  type = string
  description = "(optional) describe your variable"
 }
 variable "location" {
  type = string
  description = "(optional) describe your variable"
  default = "EAST US"
 }
 variable "subnet_id" {
  default = null
 }
 variable "user_id" {
 }
 variable "admin_login" {
  type = string
  description = "Login to authenticate to MySQL Server"
  default = "qmi"
 }
 variable "db-version" {
  type = string
  description = "MariaDB Server version to deploy"
  default = "10.2"
 }
 variable "sku-name" {
  type = string
  description = "MariaDB SKU Name"
  default = "GP_Gen5_2"
 }
 variable "storage" {
  type = string
  description = "MariaDB Storage in MB"
  default = "5120"
  }
--- a/databases/azure-rds-mssql/firewall.tf
+++ b/databases/azure-rds-mssql/firewall.tf
@@ -0,0 +1,24 @@
 resource "azurerm_mssql_virtual_network_rule" "sqlvnetrule" {
  count = var.subnet_id != null? 1 : 0
  name                = "vnet-rule-${local.provision_id}"
  server_id           = azurerm_mssql_server.sqlserver.id
  subnet_id           = var.subnet_id
 }
 module "fw-ips" {
    source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//databases/firewall_ips"
 }
 resource "azurerm_mssql_firewall_rule" "fw_rule" {
  for_each = module.fw-ips.ips
  name                = each.key
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = each.value.0
  end_ip_address      = each.value.1
 }
--- a/databases/azure-rds-mssql/main.tf
+++ b/databases/azure-rds-mssql/main.tf
@@ -44,216 +44,6 @@ resource "azurerm_mssql_server" "sqlserver" {
  }
 }
 resource "azurerm_mssql_firewall_rule" "all-azure-services" {
  name                = "AllAzureServices"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "0.0.0.0"
  end_ip_address      = "0.0.0.0"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-ITG-rule1" {
  name                = "ITG"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "188.65.156.32"
  end_ip_address      = "188.65.156.47"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-ITG-rule2" {
  name                = "ITG1"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "212.73.252.96"
  end_ip_address      = "212.73.252.103"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-kfar_saba-rule1" {
  name                = "Kfar_Saba"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "194.90.96.176"
  end_ip_address      = "194.90.96.183"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-kfar_saba-rule2" {
  name                = "Kfar_Saba1"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "213.57.84.160"
  end_ip_address      = "213.57.84.167"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-Peak_10-rule1" {
  name                = "Peak_10"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "4.4.97.104"
  end_ip_address      = "4.4.97.111"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-Peak_10-rule2" {
  name                = "Peak_101"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "206.196.17.32"
  end_ip_address      = "206.196.17.63"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-Bangalore-rule1" {
  name                = "Bangalore"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "14.98.59.168"
  end_ip_address      = "14.98.59.175"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-Bangalore-rule2" {
  name                = "Bangalore1"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "182.74.33.8"
  end_ip_address      = "182.74.33.15"
 }
 # QCS
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QCSUS1" {
  name                = "QCSUS1"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "18.205.71.36"
  end_ip_address      = "18.205.71.36"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QCSUS2" {
  name                = "QCSUS2"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "18.232.32.199"
  end_ip_address      = "18.232.32.199"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QCSUS3" {
  name                = "QCSUS3"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "34.237.68.254"
  end_ip_address      = "34.237.68.254"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QCSEU1" {
  name                = "QCSEU1"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "34.247.21.179"
  end_ip_address      = "34.247.21.179"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QCSEU2" {
  name                = "QCSEU2"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "52.31.212.214"
  end_ip_address      = "52.31.212.214"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QCS3" {
  name                = "QCSEU3"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "54.154.95.18"
  end_ip_address      = "54.154.95.18"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QCSAPAC1" {
  name                = "QCSAPAC1"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "13.210.43.241"
  end_ip_address      = "13.210.43.241"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QCSAPAC2" {
  name                = "QCSAPAC2"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "13.236.104.42"
  end_ip_address      = "13.236.104.42"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QCSAPAC3" {
  name                = "QCSAPAC3"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "13.236.206.172"
  end_ip_address      = "13.236.206.172"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QCSSingapore1" {
  name                = "QCSSingapore1"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "18.138.163.172"
  end_ip_address      = "18.138.163.172"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QCSSingapore2" {
  name                = "QCSSingapore2"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "18.142.157.182"
  end_ip_address      = "18.142.157.182"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QCSSingapore3" {
  name                = "QCSSingapore3"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "54.179.13.251"
  end_ip_address      = "54.179.13.251"
 }
 resource "azurerm_mssql_virtual_network_rule" "sqlvnetrule" {
  name                = "sql-vnet-rule-${local.provision_id}"
  server_id           = azurerm_mssql_server.sqlserver.id
  subnet_id           = var.subnet_id
 }
 # QAA
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QAAeu1" {
  name                = "QAAeu1"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "54.216.156.88"
  end_ip_address      = "54.216.156.88"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QAAeu2" {
  name                = "QAAeu2"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "3.248.156.131"
  end_ip_address      = "3.248.156.131"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QAAeu3" {
  name                = "QAAeu3"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "52.213.44.55"
  end_ip_address      = "52.213.44.55"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QAAus1" {
  name                = "QAAus1"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "18.235.133.252"
  end_ip_address      = "18.235.133.252"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QAAus2" {
  name                = "QAAus2"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "3.217.244.242"
  end_ip_address      = "3.217.244.242"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QAAus3" {
  name                = "QAAus3"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "18.214.8.201"
  end_ip_address      = "18.214.8.201"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QAAapac1" {
  name                = "QAAapac1"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "54.206.158.27"
  end_ip_address      = "54.206.158.27"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QAAapac2" {
  name                = "QAAapac2"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "3.104.137.20"
  end_ip_address      = "3.104.137.20"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QAAapac3" {
  name                = "QAAapac3"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "3.24.52.178"
  end_ip_address      = "3.24.52.178"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QAAsing1" {
  name                = "QAAsing1"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "54.169.84.213"
  end_ip_address      = "54.169.84.213"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QAAsing2" {
  name                = "QAAsing2"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "13.213.173.37"
  end_ip_address      = "13.213.173.37"
 }
 resource "azurerm_mssql_firewall_rule" "azuresql-fw-QAAsing3" {
  name                = "QAAsing3"
  server_id           = azurerm_mssql_server.sqlserver.id
  start_ip_address    = "13.213.113.162"
  end_ip_address      = "13.213.113.162"
 }
 resource "azurerm_mssql_database" "db" {
  name           = "demoDB"
  server_id      = azurerm_mssql_server.sqlserver.id
--- a/databases/azure-rds-mssql/variables.tf
+++ b/databases/azure-rds-mssql/variables.tf
@@ -10,7 +10,7 @@ variable "provision_id" {
 }
 variable "subnet_id" {
-
+    default = null
 }
 variable "user_id" {
--- a/databases/azure-rds-mysql/firewall.tf
+++ b/databases/azure-rds-mysql/firewall.tf
@@ -0,0 +1,26 @@
 resource "azurerm_mysql_virtual_network_rule" "vnetrule" {
  count = var.subnet_id != null? 1 : 0
  name                = "vnet-rule-${var.provision_id}"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  subnet_id           = var.subnet_id
 }
 module "fw-ips" {
    source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//databases/firewall_ips"
 }
 resource "azurerm_mysql_firewall_rule" "fw_rule" {
  for_each = module.fw-ips.ips
  name                = each.key
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = each.value.0
  end_ip_address      = each.value.1
 }
--- a/databases/azure-rds-mysql/main.tf
+++ b/databases/azure-rds-mysql/main.tf
@@ -55,241 +55,4 @@ resource "azurerm_mysql_database" "mysql-db" {
  server_name         = azurerm_mysql_server.mysql-server.name
  charset             = "utf8"
  collation           = "utf8_unicode_ci"
 }
 resource "azurerm_mysql_firewall_rule" "all-azure-services" {
  name                = "AllAzureServices"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "0.0.0.0"
  end_ip_address      = "0.0.0.0"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-ITG-rule1" {
  name                = "ITG"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "188.65.156.32"
  end_ip_address      = "188.65.156.47"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-ITG-rule2" {
  name                = "ITG1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "212.73.252.96"
  end_ip_address      = "212.73.252.103"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-kfar_saba-rule1" {
  name                = "Kfar_Saba"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "194.90.96.176"
  end_ip_address      = "194.90.96.183"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-kfar_saba-rule2" {
  name                = "Kfar_Saba1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "213.57.84.160"
  end_ip_address      = "213.57.84.167"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-Peak_10-rule1" {
  name                = "Peak_10"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "4.4.97.104"
  end_ip_address      = "4.4.97.111"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-Peak_10-rule2" {
  name                = "Peak_101"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "206.196.17.32"
  end_ip_address      = "206.196.17.63"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-Bangalore-rule1" {
  name                = "Bangalore"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "14.98.59.168"
  end_ip_address      = "14.98.59.175"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-Bangalore-rule2" {
  name                = "Bangalore1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "182.74.33.8"
  end_ip_address      = "182.74.33.15"
 }
 # QCS
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QCSUS1" {
  name                = "QCSUS1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "18.205.71.36"
  end_ip_address      = "18.205.71.36"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QCSUS2" {
  name                = "QCSUS2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "18.232.32.199"
  end_ip_address      = "18.232.32.199"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QCSUS3" {
  name                = "QCSUS3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "34.237.68.254"
  end_ip_address      = "34.237.68.254"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QCSEU1" {
  name                = "QCSEU1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "34.247.21.179"
  end_ip_address      = "34.247.21.179"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QCSEU2" {
  name                = "QCSEU2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "52.31.212.214"
  end_ip_address      = "52.31.212.214"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QCS3" {
  name                = "QCSEU3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "54.154.95.18"
  end_ip_address      = "54.154.95.18"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QCSAPAC1" {
  name                = "QCSAPAC1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "13.210.43.241"
  end_ip_address      = "13.210.43.241"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QCSAPAC2" {
  name                = "QCSAPAC2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "13.236.104.42"
  end_ip_address      = "13.236.104.42"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QCSAPAC3" {
  name                = "QCSAPAC3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "13.236.206.172"
  end_ip_address      = "13.236.206.172"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QCSSingapore1" {
  name                = "QCSSingapore1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "18.138.163.172"
  end_ip_address      = "18.138.163.172"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QCSSingapore2" {
  name                = "QCSSingapore2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "18.142.157.182"
  end_ip_address      = "18.142.157.182"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QCSSingapore3" {
  name                = "QCSSingapore3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "54.179.13.251"
  end_ip_address      = "54.179.13.251"
 }
 # QAA
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QAAeu1" {
  name                = "QAAeu1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "54.216.156.88"
  end_ip_address      = "54.216.156.88"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QAAeu2" {
  name                = "QAAeu2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "3.248.156.131"
  end_ip_address      = "3.248.156.131"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QAAeu3" {
  name                = "QAAeu3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "52.213.44.55"
  end_ip_address      = "52.213.44.55"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QAAus1" {
  name                = "QAAus1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "18.235.133.252"
  end_ip_address      = "18.235.133.252"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QAAus2" {
  name                = "QAAus2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "3.217.244.242"
  end_ip_address      = "3.217.244.242"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QAAus3" {
  name                = "QAAus3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "18.214.8.201"
  end_ip_address      = "18.214.8.201"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QAAapac1" {
  name                = "QAAapac1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "54.206.158.27"
  end_ip_address      = "54.206.158.27"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QAAapac2" {
  name                = "QAAapac2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "3.104.137.20"
  end_ip_address      = "3.104.137.20"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QAAapac3" {
  name                = "QAAapac3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "3.24.52.178"
  end_ip_address      = "3.24.52.178"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QAAsing1" {
  name                = "QAAsing1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "54.169.84.213"
  end_ip_address      = "54.169.84.213"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QAAsing2" {
  name                = "QAAsing2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "13.213.173.37"
  end_ip_address      = "13.213.173.37"
 }
 resource "azurerm_mysql_firewall_rule" "mysql-fw-QAAsing3" {
  name                = "QAAsing3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_mysql_server.mysql-server.name
  start_ip_address    = "13.213.113.162"
  end_ip_address      = "13.213.113.162"
 }
--- a/databases/azure-rds-mysql/variables.tf
+++ b/databases/azure-rds-mysql/variables.tf
@@ -13,6 +13,10 @@ variable "location" {
  default = "EAST US"
 }
 variable "subnet_id" {
  default = null
 }
 variable "user_id" {
 }
--- a/databases/azure-rds-postgres/firewall.tf
+++ b/databases/azure-rds-postgres/firewall.tf
@@ -0,0 +1,25 @@
 resource "azurerm_postgresql_virtual_network_rule" "vnetrule" {
  count = var.subnet_id != null? 1 : 0
  name                = "vnet-rule-${var.provision_id}"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  subnet_id           = var.subnet_id
 }
 module "fw-ips" {
    source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//databases/firewall_ips"
 }
 resource "azurerm_postgresql_firewall_rule" "fw_rule" {
  for_each = module.fw-ips.ips
  name                = each.key
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = each.value.0
  end_ip_address      = each.value.1
 }
--- a/databases/azure-rds-postgres/main.tf
+++ b/databases/azure-rds-postgres/main.tf
@@ -46,242 +46,4 @@ resource "azurerm_postgresql_database" "postgresql-db" {
  server_name         = azurerm_postgresql_server.postgresql-server.name
  charset             = "utf8"
  collation           = "English_United States.1252"
 }
 resource "azurerm_postgresql_firewall_rule" "all-azure-services" {
  name                = "AllAzureServices"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "0.0.0.0"
  end_ip_address      = "0.0.0.0"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-ITG-rule1" {
  name                = "ITG"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "188.65.156.32"
  end_ip_address      = "188.65.156.47"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-ITG-rule2" {
  name                = "ITG1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "212.73.252.96"
  end_ip_address      = "212.73.252.103"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-kfar_saba-rule1" {
  name                = "Kfar_Saba"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "194.90.96.176"
  end_ip_address      = "194.90.96.183"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-kfar_saba-rule2" {
  name                = "Kfar_Saba1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "213.57.84.160"
  end_ip_address      = "213.57.84.167"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-Peak_10-rule1" {
  name                = "Peak_10"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "4.4.97.104"
  end_ip_address      = "4.4.97.111"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-Peak_10-rule2" {
  name                = "Peak_101"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "206.196.17.32"
  end_ip_address      = "206.196.17.63"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-Bangalore-rule1" {
  name                = "Bangalore"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "14.98.59.168"
  end_ip_address      = "14.98.59.175"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-Bangalore-rule2" {
  name                = "Bangalore1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "182.74.33.8"
  end_ip_address      = "182.74.33.15"
 }
 #QCS
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QCSUS1" {
  name                = "QCSUS1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "18.205.71.36"
  end_ip_address      = "18.205.71.36"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QCSUS2" {
  name                = "QCSUS2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "18.232.32.199"
  end_ip_address      = "18.232.32.199"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QCSUS3" {
  name                = "QCSUS3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "34.237.68.254"
  end_ip_address      = "34.237.68.254"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QCSEU1" {
  name                = "QCSEU1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "34.247.21.179"
  end_ip_address      = "34.247.21.179"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QCSEU2" {
  name                = "QCSEU2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "52.31.212.214"
  end_ip_address      = "52.31.212.214"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QCS3" {
  name                = "QCSEU3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "54.154.95.18"
  end_ip_address      = "54.154.95.18"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QCSAPAC1" {
  name                = "QCSAPAC1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "13.210.43.241"
  end_ip_address      = "13.210.43.241"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QCSAPAC2" {
  name                = "QCSAPAC2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "13.236.104.42"
  end_ip_address      = "13.236.104.42"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QCSAPAC3" {
  name                = "QCSAPAC3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "13.236.206.172"
  end_ip_address      = "13.236.206.172"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QCSSingapore1" {
  name                = "QCSSingapore1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "18.138.163.172"
  end_ip_address      = "18.138.163.172"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QCSSingapore2" {
  name                = "QCSSingapore2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "18.142.157.182"
  end_ip_address      = "18.142.157.182"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QCSSingapore3" {
  name                = "QCSSingapore3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "54.179.13.251"
  end_ip_address      = "54.179.13.251"
 }
 # QAA
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QAAeu1" {
  name                = "QAAeu1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "54.216.156.88"
  end_ip_address      = "54.216.156.88"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QAAeu2" {
  name                = "QAAeu2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "3.248.156.131"
  end_ip_address      = "3.248.156.131"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QAAeu3" {
  name                = "QAAeu3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "52.213.44.55"
  end_ip_address      = "52.213.44.55"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QAAus1" {
  name                = "QAAus1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "18.235.133.252"
  end_ip_address      = "18.235.133.252"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QAAus2" {
  name                = "QAAus2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "3.217.244.242"
  end_ip_address      = "3.217.244.242"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QAAus3" {
  name                = "QAAus3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "18.214.8.201"
  end_ip_address      = "18.214.8.201"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QAAapac1" {
  name                = "QAAapac1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "54.206.158.27"
  end_ip_address      = "54.206.158.27"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QAAapac2" {
  name                = "QAAapac2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "3.104.137.20"
  end_ip_address      = "3.104.137.20"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QAAapac3" {
  name                = "QAAapac3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "3.24.52.178"
  end_ip_address      = "3.24.52.178"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QAAsing1" {
  name                = "QAAsing1"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "54.169.84.213"
  end_ip_address      = "54.169.84.213"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QAAsing2" {
  name                = "QAAsing2"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "13.213.173.37"
  end_ip_address      = "13.213.173.37"
 }
 resource "azurerm_postgresql_firewall_rule" "postgresql-fw-QAAsing3" {
  name                = "QAAsing3"
  resource_group_name = var.resource_group_name
  server_name         = azurerm_postgresql_server.postgresql-server.name
  start_ip_address    = "13.213.113.162"
  end_ip_address      = "13.213.113.162"
 }
--- a/databases/azure-rds-postgres/variables.tf
+++ b/databases/azure-rds-postgres/variables.tf
@@ -13,6 +13,10 @@ variable "location" {
  default = "EAST US"
 }
 variable "subnet_id" {
  default = null
 }
 variable "admin_login" {
  type = string
--- a/databases/dbricks/main.tf
+++ b/databases/dbricks/main.tf
@@ -142,8 +142,8 @@ resource "databricks_cluster" "dbrickscluster" {
  ]
  cluster_name  = "cluster-${local.cluster_name}"
-  spark_version = "7.3.x-scala2.12"
+  spark_version = var.spark_version
-  node_type_id  = "Standard_DS3_v2"
+  node_type_id  = var.node_type_id
  spark_conf = {
    "spark.hadoop.hive.server2.enable.doAs": false,
--- a/databases/dbricks/varaibles.tf
+++ b/databases/dbricks/varaibles.tf
@@ -33,4 +33,12 @@ variable "enabled" {
 variable "create_cluster" {
    default = false
 }
 variable "spark_version" {
    default = "7.3.x-scala2.12"
 }
 variable "node_type_id" {
    default = "Standard_DS3_v2"
 }
--- a/databases/firewall_ips/output.tf
+++ b/databases/firewall_ips/output.tf
@@ -0,0 +1,103 @@
 locals {
  az = {
      az1          = ["52.249.189.38","52.249.189.38"]
      az2          = ["13.67.39.86", "13.67.39.86"]
      az3          = ["20.67.110.207", "20.67.110.207"]
  }
  q_routes = {
    ITG         = ["188.65.156.32", "188.65.156.47"]
    ITG1        = ["212.73.252.96", "212.73.252.103"]
    kfar_saba   = ["194.90.96.176", "194.90.96.183"]
    kfar_saba1  = ["213.57.84.160", "213.57.84.167"]
    peak_10     = ["4.4.97.104", "4.4.97.111"]
    peak_101    = ["206.196.17.32", "206.196.17.63"]
    Bangalore   = ["14.98.59.168", "14.98.59.175"]
    Bangalore1  = ["182.74.33.8", "182.74.33.15"]
  }
  qcs = {
      QCS_us1          = ["18.205.71.36", "18.205.71.36"]      
      QCS_us2          = ["18.232.32.199", "18.232.32.199"]   
      QCS_us3          = ["34.237.68.254", "34.237.68.254"]   
      QCS_eu1          = ["34.247.21.179", "34.247.21.179"]  
      QCS_eu2          = ["52.31.212.214", "52.31.212.214"]  
      QCS_eu3          = ["54.154.95.18", "54.154.95.18"]  
      QCS_apac1        = ["13.210.43.241", "13.210.43.241"] 
      QCS_apac2        = ["13.236.104.42", "13.236.104.42"]  
      QCS_apac3        = ["13.236.206.172", "13.236.206.172"] 
      QCS_sing1        = ["18.138.163.172", "18.138.163.172"]
      QCS_sing2        = ["18.142.157.182", "18.142.157.182"]
      QCS_sing3        = ["54.179.13.251", "54.179.13.251"]
  }
  qcs_qaa = {
      QCS_QAA_eu1     = ["54.216.156.88", "54.216.156.88"]
      QCS_QAA_eu2     = ["3.248.156.131", "3.248.156.131"]
      QCS_QAA_eu3     = ["52.213.44.55", "52.213.44.55"]
      QCS_QAA_us1     = ["18.235.133.252", "18.235.133.252"]
      QCS_QAA_us2     = ["3.217.244.242", "3.217.244.242"]
      QCS_QAA_us3     = ["18.214.8.201", "18.214.8.201"]
      QCS_QAA_apac1     = ["54.206.158.27", "54.206.158.27"]
      QCS_QAA_apac2     = ["3.104.137.20", "3.104.137.20"]
      QCS_QAA_apac3     = ["3.24.52.178", "3.24.52.178"]
      QCS_QAA_sing1     = ["54.169.84.213", "54.169.84.213"]
      QCS_QAA_sing2     = ["13.213.173.37", "13.213.173.37"]
      QCS_QAA_sing3     = ["13.213.113.162", "13.213.113.162"]
  }
 }
 output "ips2" {
  value = merge(local.q_routes, local.qcs)
 }
 output "ips" {
  value = merge(local.az, local.qcs, local.qcs_qaa, local.q_routes)
 }
 output "cidr_blocks" {
  value = [
    # Azure QMI machines
    "52.249.189.38/32", 
    "13.67.39.86/32", 
    "20.67.110.207/32", 
    # Qlik network routers
    "14.98.59.168/29", 
    "182.74.33.8/29", 
    "188.65.156.32/28", 
    "212.73.252.96/29", 
    "194.90.96.176/29", 
    "213.57.84.160/29", 
    "4.4.97.104/29", 
    "206.196.17.32/27", 
    # QCS
    "18.205.71.36/32", 
    "18.232.32.199/32", 
    "34.237.68.254/32", 
    "34.247.21.179/32", 
    "52.31.212.214/32", 
    "54.154.95.18/32", 
    "13.210.43.241/32", 
    "13.236.104.42/32", 
    "13.236.206.172/32",
    "18.138.163.172/32",
    "18.142.157.182/32",
    "54.179.13.251/32",
    # QCS-QAA
    "54.216.156.88/32",
    "3.248.156.131/32",
    "52.213.44.55/32",
    "18.235.133.252/32",
    "3.217.244.242/32",
    "18.214.8.201/32",
    "54.206.158.27/32",
    "3.104.137.20/32",
    "3.24.52.178/32",
    "54.169.84.213/32",
    "13.213.173.37/32",
    "13.213.113.162/32"
  ]
 }
--- a/databases/synapse-ws/firewall.tf
+++ b/databases/synapse-ws/firewall.tf
@@ -1,156 +1,49 @@
-resource "azurerm_synapse_firewall_rule" "azureservices" {
+/*resource "azurerm_synapse_firewall_rule" "azureservices" {
  name                 = "AllowAllWindowsAzureIps"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  // https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/synapse_firewall_rule
  start_ip_address     = "0.0.0.0"
  end_ip_address       = "0.0.0.0"
-}
+}*/
 resource "azurerm_synapse_firewall_rule" "fw-a-rule1" {
-  name                = "a1"
+
  name                = "az1"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "52.249.189.38"
  end_ip_address      = "52.249.189.38"
 }
 resource "azurerm_synapse_firewall_rule" "fw-a-rule2" {
-  name                = "a2"
+
  name                = "az2"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "13.67.39.86"
  end_ip_address      = "13.67.39.86"
 }
 resource "azurerm_synapse_firewall_rule" "fw-a-rule3" {
-  name                = "a3"
+
  name                = "az3"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "20.67.110.207"
  end_ip_address      = "20.67.110.207"
 }
-resource "azurerm_synapse_firewall_rule" "fw-ITG-rule1" {
+module "fw-ips" {
-  name                = "ITG"
+    source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//databases/firewall_ips"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "188.65.156.32"
  end_ip_address      = "188.65.156.47"
 }
 resource "azurerm_synapse_firewall_rule" "fw-ITG-rule2" {
  name                = "ITG1"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "212.73.252.96"
  end_ip_address      = "212.73.252.103"
 }
 resource "azurerm_synapse_firewall_rule" "fw-kfar_saba-rule1" {
  name                = "Kfar_Saba"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "194.90.96.176"
  end_ip_address      = "194.90.96.183"
 }
 resource "azurerm_synapse_firewall_rule" "fw-kfar_saba-rule2" {
  name                = "Kfar_Saba1"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "213.57.84.160"
  end_ip_address      = "213.57.84.167"
 }
 resource "azurerm_synapse_firewall_rule" "fw-Peak_10-rule1" {
  name                = "Peak_10"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "4.4.97.104"
  end_ip_address      = "4.4.97.111"
 }
 resource "azurerm_synapse_firewall_rule" "fw-Peak_10-rule2" {
  name                = "Peak_101"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "206.196.17.32"
  end_ip_address      = "206.196.17.63"
 }
 resource "azurerm_synapse_firewall_rule" "fw-Bangalore-rule1" {
  name                = "Bangalore"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "14.98.59.168"
  end_ip_address      = "14.98.59.175"
 }
 resource "azurerm_synapse_firewall_rule" "fw-Bangalore-rule2" {
  name                = "Bangalore1"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "182.74.33.8"
  end_ip_address      = "182.74.33.15"
 }
-# QCS US
+resource "azurerm_synapse_firewall_rule" "fw_rule" {
-resource "azurerm_synapse_firewall_rule" "qcs_us_1" {
+  for_each = module.fw-ips.ips2
  name                = "QCS_US_1"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "18.205.71.36"
  end_ip_address      = "18.205.71.36"
 }
 resource "azurerm_synapse_firewall_rule" "qcs_us_2" {
  name                = "QCS_US_2"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "18.232.32.199"
  end_ip_address      = "18.232.32.199"
 }
 resource "azurerm_synapse_firewall_rule" "qcs_us_3" {
  name                = "QCS_US_3"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "34.237.68.254"
  end_ip_address      = "34.237.68.254"
 }
-# QCS EU
+  name                = each.key
 resource "azurerm_synapse_firewall_rule" "qcs_eu_1" {
  name                = "QCS_EU_1"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
-  start_ip_address    = "34.247.21.179"
+  start_ip_address    = each.value.0
-  end_ip_address      = "34.247.21.179"
+  end_ip_address      = each.value.1
 }
 resource "azurerm_synapse_firewall_rule" "qcs_eu_2" {
  name                = "QCS_EU_2"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "52.31.212.214"
  end_ip_address      = "52.31.212.214"
 }
 resource "azurerm_synapse_firewall_rule" "qcs_eu_3" {
  name                = "QCS_EU_3"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "54.154.95.18"
  end_ip_address      = "54.154.95.18"
 }
 # QCS AP
 resource "azurerm_synapse_firewall_rule" "qcs_ap_1" {
  name                = "QCS_AP_1"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "13.210.43.241"
  end_ip_address      = "13.210.43.241"
 }
 resource "azurerm_synapse_firewall_rule" "qcs_ap_2" {
  name                = "QCS_AP_2"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "13.236.104.42"
  end_ip_address      = "13.236.104.42"
 }
 resource "azurerm_synapse_firewall_rule" "qcs_ap_3" {
  name                = "QCS_AP_3"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "13.236.206.172"
  end_ip_address      = "13.236.206.172"
 }
-# QCS SINGAPORE
+}
 resource "azurerm_synapse_firewall_rule" "qcs_sp_1" {
  name                = "QCS_SP_1"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "18.138.163.172"
  end_ip_address      = "18.138.163.172"
 }
 resource "azurerm_synapse_firewall_rule" "qcs_sp_2" {
  name                = "QCS_SP_2"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "18.142.157.182"
  end_ip_address      = "18.142.157.182"
 }
 resource "azurerm_synapse_firewall_rule" "qcs_sp_3" {
  name                = "QCS_SP_3"
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
  start_ip_address    = "54.179.13.251"
  end_ip_address      = "54.179.13.251"
 }
--- a/databases/synapse-ws/main.tf
+++ b/databases/synapse-ws/main.tf
@@ -33,6 +33,8 @@ resource "azurerm_synapse_workspace" "synapsews" {
  sql_administrator_login              = var.sql_administrator_login
  sql_administrator_login_password     = var.sql_administrator_login_password
  managed_virtual_network_enabled      = true
  identity {
    type = "SystemAssigned"
  }
@@ -65,19 +67,11 @@ resource "azurerm_synapse_sql_pool" "db" {
 resource "azurerm_synapse_role_assignment" "sqladministrator_aor" {
  depends_on = [
-      azurerm_synapse_firewall_rule.azureservices
+      //azurerm_synapse_firewall_rule.azureservices,
-      /*,
+      
      azurerm_synapse_firewall_rule.fw-a-rule1,
      azurerm_synapse_firewall_rule.fw-a-rule2,
-      azurerm_synapse_firewall_rule.fw-a-rule3,
+      azurerm_synapse_firewall_rule.fw-a-rule3
      azurerm_synapse_firewall_rule.fw-ITG-rule1,
      azurerm_synapse_firewall_rule.fw-ITG-rule2,
      azurerm_synapse_firewall_rule.fw-kfar_saba-rule1,
      azurerm_synapse_firewall_rule.fw-kfar_saba-rule2,
      azurerm_synapse_firewall_rule.fw-Peak_10-rule1,
      azurerm_synapse_firewall_rule.fw-Peak_10-rule2,
      azurerm_synapse_firewall_rule.fw-Bangalore-rule1,
      azurerm_synapse_firewall_rule.fw-Bangalore-rule2*/
  ]
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
@@ -91,18 +85,11 @@ resource "azurerm_synapse_role_assignment" "sqladministrator" {
  count = (var.user_oid != null && var.user_oid != "c583b5aa-2844-4baf-b8bf-b6a1ae0b1520") ? 1 : 0
  depends_on = [
-      azurerm_synapse_firewall_rule.azureservices/*,
+      //azurerm_synapse_firewall_rule.azureservices,
      azurerm_synapse_firewall_rule.fw-a-rule1,
      azurerm_synapse_firewall_rule.fw-a-rule2,
-      azurerm_synapse_firewall_rule.fw-a-rule3,
+      azurerm_synapse_firewall_rule.fw-a-rule3
      azurerm_synapse_firewall_rule.fw-ITG-rule1,
      azurerm_synapse_firewall_rule.fw-ITG-rule2,
      azurerm_synapse_firewall_rule.fw-kfar_saba-rule1,
      azurerm_synapse_firewall_rule.fw-kfar_saba-rule2,
      azurerm_synapse_firewall_rule.fw-Peak_10-rule1,
      azurerm_synapse_firewall_rule.fw-Peak_10-rule2,
      azurerm_synapse_firewall_rule.fw-Bangalore-rule1,
      azurerm_synapse_firewall_rule.fw-Bangalore-rule2*/
  ]
  synapse_workspace_id = azurerm_synapse_workspace.synapsews.id
--- a/s3-bucket-sftp/main.tf
+++ b/s3-bucket-sftp/main.tf
@@ -0,0 +1,351 @@
 terraform {
  required_version = ">= 0.13"
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "= 3.74.1"
    }
  }
 }
 resource "tls_private_key" "sftp-key" {
  algorithm = "RSA"
  rsa_bits  = 4096
 }
 resource "aws_key_pair" "generated_key" {    
  key_name   = "key-${var.provision_id}"
  public_key = tls_private_key.sftp-key.public_key_openssh
 }
 ## Public_secret
 resource "aws_secretsmanager_secret" "public_key" {
  name = "pub-${var.provision_id}"
 }
 resource "aws_secretsmanager_secret_version" "public_key" {
  secret_id = aws_secretsmanager_secret.public_key.id
  secret_string = aws_key_pair.generated_key.public_key
 }
 ## Private Secret
 resource "aws_secretsmanager_secret" "private_key" {
  name = "priv-${var.provision_id}"
 }
 resource "aws_secretsmanager_secret_version" "private_key" {
  secret_id = aws_secretsmanager_secret.private_key.id
  secret_string = nonsensitive(tls_private_key.sftp-key.private_key_pem)
 }
 module "s3_bucket" {
  source = "terraform-aws-modules/s3-bucket/aws"
  version = "~> 2.1.0"
  bucket = "sftp-${var.provision_id}"
  acl    = "private"
  versioning = {
    enabled = false
  }
  force_destroy = true
  tags = {
    Deployment = "QMI"
    "Cost Center" = "3100"
    #QMI_user = var.user_id
    ProvID   = var.provision_id
    Name     = "sftp-${var.provision_id}"
  }
 }
 ###
 resource "aws_s3_bucket_public_access_block" "sftp-block" {
  bucket = module.s3_bucket.s3_bucket_id
  block_public_acls       = true
  block_public_policy     = true
  ignore_public_acls      = true
  restrict_public_buckets = true
 }
 ###
 resource "aws_iam_role" "logging" {
  name               = "${var.provision_id}-transfer-logging"
  assume_role_policy = <<EOF
 {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "transfer.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
 }
 EOF
 }
 resource "aws_iam_role_policy" "logging" {
  name   = "${var.provision_id}-transfer-logging"
  role   = aws_iam_role.logging.id
  policy = <<POLICY
 {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "logs:CreateLogStream",
        "logs:DescribeLogStreams",
        "logs:CreateLogGroup",
        "logs:PutLogEvents"
      ],
      "Resource": "*"
    }
  ]
 }
 POLICY
 }
 resource "aws_transfer_server" "sftp" {
  endpoint_type          = "VPC"
  protocols              = ["SFTP"]
  identity_provider_type = "SERVICE_MANAGED"
  logging_role           = aws_iam_role.logging.arn
  force_destroy          = var.force_destroy
  security_policy_name   = var.security_policy_name
  endpoint_details {
    vpc_id             = var.vpc_id
    subnet_ids         = var.subnet_ids
    security_group_ids = [module.security_group.security_group_id]
  }
  tags = {
    Deployment = "QMI"
    "Cost Center" = "3100"
    QMI_user = var.user_id
    ProvID   = var.provision_id
    Name     = "sftp-${var.provision_id}"
  }
 }
 module "security_group" {
  # SGs created here as Ports differ per Engine. Only Azure Firewall IPs added for now.
  source  = "terraform-aws-modules/security-group/aws"
  version = "~> 4.3"
  name        = "${var.provision_id}-SG"
  description = "${var.provision_id}-SG-SFTP"
  vpc_id      = var.vpc_id
  # ingress
  ingress_cidr_blocks = [
    "52.249.189.38/32", 
    "13.67.39.86/32", 
    "20.67.110.207/32", 
    "14.98.59.168/29", 
    "182.74.33.8/29", 
    "188.65.156.32/28", 
    "212.73.252.96/29", 
    "194.90.96.176/29", 
    "213.57.84.160/29", 
    "4.4.97.104/29", 
    "206.196.17.32/27", 
    #QCS
    "18.205.71.36/32", 
    "18.232.32.199/32", 
    "34.237.68.254/32", 
    "34.247.21.179/32", 
    "52.31.212.214/32", 
    "54.154.95.18/32", 
    "13.210.43.241/32", 
    "13.236.104.42/32", 
    "13.236.206.172/32",
    "18.138.163.172/32",
    "18.142.157.182/32",
    "54.179.13.251/32",
    #QAA
    "54.216.156.88/32",
    "3.248.156.131/32",
    "52.213.44.55/32",
    "18.235.133.252/32",
    "3.217.244.242/32",
    "18.214.8.201/32",
    "54.206.158.27/32",
    "3.104.137.20/32",
    "3.24.52.178/32",
    "54.169.84.213/32",
    "13.213.173.37/32",
    "13.213.113.162/32"
  ]
  ingress_with_cidr_blocks = [
    {
      from_port   = 22
      to_port     = 22
      protocol    = "tcp"
      description = "Allow SFTP Inbound"
    },
  ]
  # egress
  egress_cidr_blocks = [
    "52.249.189.38/32", 
    "13.67.39.86/32", 
    "20.67.110.207/32", 
    "14.98.59.168/29", 
    "182.74.33.8/29", 
    "188.65.156.32/28", 
    "212.73.252.96/29", 
    "194.90.96.176/29", 
    "213.57.84.160/29", 
    "4.4.97.104/29", 
    "206.196.17.32/27", 
    #QCS
    "18.205.71.36/32", 
    "18.232.32.199/32", 
    "34.237.68.254/32", 
    "34.247.21.179/32", 
    "52.31.212.214/32", 
    "54.154.95.18/32", 
    "13.210.43.241/32", 
    "13.236.104.42/32", 
    "13.236.206.172/32",
    "18.138.163.172/32",
    "18.142.157.182/32",
    "54.179.13.251/32",
    #QAA
    "54.216.156.88/32",
    "3.248.156.131/32",
    "52.213.44.55/32",
    "18.235.133.252/32",
    "3.217.244.242/32",
    "18.214.8.201/32",
    "54.206.158.27/32",
    "3.104.137.20/32",
    "3.24.52.178/32",
    "54.169.84.213/32",
    "13.213.173.37/32",
    "13.213.113.162/32"
  ]
  egress_with_cidr_blocks = [
    {
      from_port   = 22
      to_port     = 22
      protocol    = "tcp"
      description = "Allow SFTP outbound"
    },
  ]
  tags = {
    Deployment = "QMI"
    "Cost Center" = "3100"
    #QMI_user = var.user_id
    ProvID   = var.provision_id
    Name     = "sftp-${var.provision_id}"
  }
 }
 resource "aws_iam_role" "user" {
  for_each           = var.sftp_users
  name               = "${var.provision_id}-sftp-user-${each.key}"
  assume_role_policy = <<EOF
 {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "transfer.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
 }
 EOF
 }
 resource "aws_iam_role_policy" "user" {
  for_each = var.sftp_users
  name     = "${var.provision_id}-sftp-user-${each.key}"
  role     = aws_iam_role.user[each.key].id
  policy = <<POLICY
 {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowListingOfUserFolder",
      "Action": [
        "s3:ListBucket",
        "s3:GetBucketLocation"
      ],
      "Effect": "Allow",
      "Resource": [
       "${join("", ["arn:aws:s3:::", module.s3_bucket.s3_bucket_id])}"
      ]
    },
    {
      "Sid": "HomeDirObjectAccess",
      "Effect": "Allow",
      "Action": [
        "s3:PutObject",
        "s3:GetObject",
        "s3:DeleteObjectVersion",
        "s3:DeleteObject",
        "s3:GetObjectVersion"
      ],
      "Resource": "${join("", ["arn:aws:s3:::", module.s3_bucket.s3_bucket_id, "/", each.value, "/*"])}"
    }
  ]
 }
 POLICY
 }
 resource "aws_transfer_user" "this" {
  for_each       = var.sftp_users
  server_id      = aws_transfer_server.sftp.id
  user_name      = each.key
  home_directory = "/${module.s3_bucket.s3_bucket_id}/${each.value}"
  role           = aws_iam_role.user[each.key].arn
 }
 resource "aws_transfer_ssh_key" "this" {
  for_each   = { "sftpusr" = aws_secretsmanager_secret_version.public_key.secret_string }
  server_id  = aws_transfer_server.sftp.id
  user_name  = each.key
  body       = each.value
  depends_on = [aws_transfer_user.this]
 }
 /*resource "null_resource" "get-endpoint-dns" {
  provisioner "local-exec" {
    command = "aws ec2 describe-vpc-endpoints --vpc-endpoint-ids ${aws_transfer_server.sftp.endpoint_details[0].vpc_endpoint_id} --query 'VpcEndpoints[*].DnsEntries[0].DnsName'> dns.txt"
  }
 }
 data "local_file" "endpoint-dns" {
  filename   = "dns.txt"
  depends_on = [null_resource.get-endpoint-dns]
 }*/
--- a/s3-bucket-sftp/outputs.tf
+++ b/s3-bucket-sftp/outputs.tf
@@ -0,0 +1,28 @@
 output "vpc_endpoint" {
  value       = aws_transfer_server.sftp.endpoint_details[0].vpc_endpoint_id
  description = "VPC Endpoint of transfer server"
 }
 output "id" {
  value       = aws_transfer_server.sftp.id
  description = "ID of transfer server"
 }
 output "endpoint" {
  value       = aws_transfer_server.sftp.endpoint
  description = "Endpoint of transfer server"
 }
 output "endpoint-dns" {
  value = "" #data.local_file.endpoint-dns.content    
 }
 output "sftp-private" {
  value = nonsensitive(aws_secretsmanager_secret_version.private_key.secret_string)
 }
 output "username" {
  value = "sftpusr"
 }
--- a/s3-bucket-sftp/variables.tf
+++ b/s3-bucket-sftp/variables.tf
@@ -0,0 +1,38 @@
 variable "region" {
    default = "us-east-1"
 }
 variable "provision_id" { 
 }
 variable "user_id" {
 }
 variable "vpc_id" {
  default = "vpc-c079f5bd"
  description = "VPC For Transfer Server"
 }
 variable "sftp_users" {
  type    = map(string)
  default = { sftpusr = "sftpusr" }
 }
 variable "subnet_ids" {
  default = ["subnet-4d26552b"]
  description = "Subnets For Transfer Server"
 }
 variable "force_destroy" {
  type        = bool
  default     = true
  description = "Whether to delete all the users associated with server so that server can be deleted successfully."
 }
 variable "security_policy_name" {
  type        = string
  default     = "TransferSecurityPolicy-2020-06"
  description = "Specifies the name of the [security policy](https://docs.aws.amazon.com/transfer/latest/userguide/security-policies.html) to associate with the server"
 }
--- a/vm-centos/main.tf
+++ b/vm-centos/main.tf
@@ -76,7 +76,7 @@ resource "azurerm_linux_virtual_machine" "vm" {
 module "linux-common" {
-  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//linux-common?ref=dev2"
+  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//linux-common"
  depends_on = [
    azurerm_linux_virtual_machine.vm
--- a/vm-fort-az/outputs.tf
+++ b/vm-fort-az/outputs.tf
@@ -11,11 +11,11 @@ output "admin_username" {
 }
 output "admin_password" {
-  value = random_password.password.result
+  value = nonsensitive(random_password.password.result)
 }
 output "ssh" {
-  value = "ssh ${var.admin_username}@${module.qmi-nic.private_ip_address}   --> password: ${random_password.password.result}"
+  value = nonsensitive("ssh ${var.admin_username}@${module.qmi-nic.private_ip_address}   --> password: ${random_password.password.result}")
 }
 output "nic_id" {
--- a/vm-fromsnapshot-win/main.tf
+++ b/vm-fromsnapshot-win/main.tf
@@ -129,10 +129,9 @@ resource "azurerm_virtual_machine" "vm" {
 }
 module "win-common" {
  count = var.wincommon? 1 : 0
-  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//win-common?ref=dev2"
+  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//win-common"
  depends_on = [
    azurerm_virtual_machine.vm
@@ -142,6 +141,7 @@ module "win-common" {
  admin_username      = local.admin_username
  admin_password      = var.initial_password  
  carbonblack         = var.carbonblack
  tenable             = var.tenable
 }
--- a/vm-fromsnapshot-win/variables.tf
+++ b/vm-fromsnapshot-win/variables.tf
@@ -81,6 +81,10 @@ variable "carbonblack" {
  default = true
 }
 variable "tenable" {
  default = true
 }
 variable "wincommon" {
  default = true
 }
--- a/vm-qdc/main.tf
+++ b/vm-qdc/main.tf
@@ -113,7 +113,7 @@ resource "azurerm_linux_virtual_machine" "vm" {
 module "linux-common" {
-  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//linux-common?ref=dev2"
+  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//linux-common"
  depends_on = [
    azurerm_linux_virtual_machine.vm
--- a/vm-qs/main.tf
+++ b/vm-qs/main.tf
@@ -150,7 +150,7 @@ resource "azurerm_windows_virtual_machine" "vm" {
 module "win-common" {
-  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//win-common?ref=dev2"
+  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//win-common"
  depends_on = [
    azurerm_windows_virtual_machine.vm
--- a/vm-ubuntu/main.tf
+++ b/vm-ubuntu/main.tf
@@ -75,7 +75,7 @@ resource "azurerm_linux_virtual_machine" "vm" {
 module "linux-common" {
-  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//linux-common?ref=dev2"
+  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//linux-common"
  depends_on = [
    azurerm_linux_virtual_machine.vm
--- a/vm-win-dbs/main.tf
+++ b/vm-win-dbs/main.tf
@@ -66,7 +66,7 @@ resource "azurerm_windows_virtual_machine" "vm" {
 module "win-common" {
-  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//win-common?ref=dev2"
+  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//win-common"
  depends_on = [
    azurerm_windows_virtual_machine.vm
--- a/vm-win/main.tf
+++ b/vm-win/main.tf
@@ -114,7 +114,7 @@ resource "azurerm_windows_virtual_machine" "vm" {
 module "win-common" {
-  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//win-common?ref=dev2"
+  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//win-common"
  depends_on = [
    azurerm_windows_virtual_machine.vm
--- a/vm-win2/main.tf
+++ b/vm-win2/main.tf
@@ -135,7 +135,7 @@ resource "azurerm_windows_virtual_machine" "vm" {
 module "win-common" {
-  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//win-common?ref=dev2"
+  source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//win-common"
  depends_on = [
    azurerm_windows_virtual_machine.vm
--- a/win-common/scripts/disable-ie-sec.ps1
+++ b/win-common/scripts/disable-ie-sec.ps1
@@ -1,16 +1,20 @@
 # Disable Internet Explorer Enhanced Security
 function Disable-InternetExplorerESC {
    try {
-        $AdminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
+        if (Test-Path "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}") {        
-        $UserKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"
+            $AdminKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
-        Set-ItemProperty -Path $AdminKey -Name "IsInstalled" -Value 0 -Force
+            $UserKey = "HKLM:\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"
-        Set-ItemProperty -Path $UserKey -Name "IsInstalled" -Value 0 -Force
+            Set-ItemProperty -Path $AdminKey -Name "IsInstalled" -Value 0 -Force
-        Rundll32 iesetup.dll, IEHardenLMSettings
+            Set-ItemProperty -Path $UserKey -Name "IsInstalled" -Value 0 -Force
-        Rundll32 iesetup.dll, IEHardenUser
+            Rundll32 iesetup.dll, IEHardenLMSettings
-        Rundll32 iesetup.dll, IEHardenAdmin
+            Rundll32 iesetup.dll, IEHardenUser
-        Write-Host "--- IE Enhanced Security Configuration (ESC) has been disabled."
+            Rundll32 iesetup.dll, IEHardenAdmin
            Write-Host "--- IE Enhanced Security Configuration (ESC) has been disabled."
        } else {
            Write-Host "--- Could NOT disable InternetExplorerESC."
        }
    } catch {
-        Write-Host "--- Could disable ESC."
+        Write-Host "--- Could NOT disable InternetExplorerESC."
    }
 }
--- a/win-common/scripts/resize-disk-tomax.ps1
+++ b/win-common/scripts/resize-disk-tomax.ps1
@@ -1,7 +1,7 @@
 Write-Host "--- Resize Partition C to max size"
 try {
    $size = Get-PartitionSupportedSize -DriveLetter C
-    Resize-Partition -DriveLetter C -Size $size.SizeMax -AsJob
+    Resize-Partition -DriveLetter C -Size $size.SizeMax | Out-Null
 } catch {
    Write-Host "--- Disk already at its maximum size."
 }
--- a/win-common/scripts/tenable-install.ps1
+++ b/win-common/scripts/tenable-install.ps1
@@ -3,7 +3,13 @@ Param(
 )
 Write-Host "--- Installing Tenable Nessus Agent..."
 New-Item -ItemType Directory -Force -Path C:\Temp | Out-Null
 $ProgressPreference = 'SilentlyContinue'
 [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
 $cbBinaryUrl = "https://d7ipctdjxxii4.cloudfront.net/others/NessusAgent-10.2.0-x64.msi"
 Invoke-WebRequest -Uri $cbBinaryUrl -OutFile "C:\Temp\NessusAgent-10.2.0-x64.msi"
-$command = "/I C:\provision\win-common\tenable\NessusAgent-10.2.0-x64.msi NESSUS_GROUPS=""Qlik IT Cloud Agents"" NESSUS_SERVER=""cloud.tenable.com:443"" NESSUS_KEY=$KEY /qn"
+$command = "/I C:\Temp\NessusAgent-10.2.0-x64.msi NESSUS_GROUPS=""Qlik IT Cloud Agents"" NESSUS_SERVER=""cloud.tenable.com:443"" NESSUS_KEY=$KEY /qn"
 Start-Process msiexec.exe -Wait -ArgumentList $command 
--- a/win-common/scripts/tenable/NessusAgent-10.2.0-x64.msi
+++ b/win-common/scripts/tenable/NessusAgent-10.2.0-x64.msi
Author	SHA1	Message	Date
Manuel Romero	cb2c299cc2	fixes for synapse	2022-10-24 17:02:21 +02:00
Manuel Romero	6c44031813	fix	2022-10-24 15:03:22 +02:00
Manuel Romero	92f41db6da	spark version for databricks	2022-10-21 09:33:34 +02:00
Manuel Romero	fd03d0fb78	fix fw synapse	2022-10-20 16:09:23 +02:00
Manuel Romero	8cdc80da72	fix fw synapse	2022-10-20 16:02:03 +02:00
Manuel Romero	ed07c8ebaf	fix fw synapse	2022-10-20 15:50:55 +02:00
Manuel Romero	53850cd0ac	fix fw synapse	2022-10-20 15:48:10 +02:00
Manuel Romero	e03e98ef27	fix synapse fw	2022-10-20 15:27:53 +02:00
Manuel Romero	e7afb0d9b5	firewall ips	2022-10-18 17:35:26 +02:00
Manuel Romero	e92e2c3501	firewall ips	2022-10-18 17:21:38 +02:00
Manuel Romero	900ae07307	firewall ips	2022-10-18 17:14:23 +02:00
Manuel Romero	b00e4877e2	firewall ips	2022-10-18 17:06:58 +02:00
Manuel Romero	2ff0cf6dbe	extracted firewall rules to tf files	2022-10-18 16:49:56 +02:00
Manuel Romero	6cec04aedc	extracted firewall rules to tf files	2022-10-18 16:46:02 +02:00
Manuel Romero	fa0fc77b88	extracted firewall rules to tf files	2022-10-18 16:43:49 +02:00
Manuel Romero	b3386b21f8	extracted firewall rules to tf files	2022-10-18 16:37:44 +02:00
Manuel Romero	c52079c850	extracted firewall rules to tf files	2022-10-18 16:37:03 +02:00
Manuel Romero	a305af55cc	extracted firewall rules to tf files	2022-10-18 16:33:52 +02:00
Manuel Romero	fb2c6bbadc	extracted firewall rules to tf files	2022-10-18 16:29:07 +02:00
Manuel Romero	0b876830e5	adding mariadb module azure	2022-10-18 16:22:14 +02:00
Manuel Romero	0888a591b5	adding mariadb module azure	2022-10-18 16:19:49 +02:00
Manuel Romero	2123fc40dd	fixes	2022-10-18 11:56:15 +02:00
Manuel Romero	45c6dc8ba7	fixes	2022-10-18 11:52:44 +02:00
Manuel Romero	30cd69f22c	fixes	2022-10-18 11:46:32 +02:00
Manuel Romero	c42cbc6428	fixes	2022-10-18 11:43:36 +02:00
Manuel Romero	34c23d363f	fixes	2022-10-18 11:41:27 +02:00
Manuel Romero	da2f3e0d84	fix output sftp username	2022-10-18 11:21:41 +02:00
Manuel Romero	7bcd7a765d	New s3 sftp bucket module	2022-10-18 11:07:26 +02:00
Manuel Romero	5aa0e7dec5	back to before	2022-10-17 21:52:50 +02:00
Manuel Romero	c6c678ae88	fixes appgw	2022-10-17 15:38:03 +02:00
Manuel Romero	aced77efba	fixes appgw	2022-10-17 15:29:52 +02:00
Manuel Romero	906569c476	fixes appgw	2022-10-17 15:09:04 +02:00
Manuel Romero	97faefed04	fixes appgw	2022-10-17 15:06:06 +02:00
Manuel Romero	989002cb32	not used anymore	2022-10-07 13:06:57 +02:00
Manuel Romero	d22d992ab8	fort	2022-10-07 13:00:04 +02:00
Manuel Romero	a0dae20911	updated version	2022-10-07 10:01:20 +02:00
Manuel Romero	9e27bb15bd	updated version	2022-10-07 09:56:30 +02:00
Manuel Romero	a4b9abb15e	fix	2022-10-06 17:10:37 +02:00
Manuel Romero	9f4db8b3ce	fix	2022-10-06 16:56:54 +02:00
Manuel Romero	7fcefed82f	fix	2022-10-06 16:56:12 +02:00
Manuel Romero	0e51697a81	tanable agent download	2022-10-06 16:39:11 +02:00
Manuel Romero	d92960d513	fix	2022-10-06 11:15:19 +02:00
Manuel Romero	6370ff8b18	fix	2022-10-06 11:11:53 +02:00
Manuel Romero	c96e8a5567	some fixes	2022-10-06 10:26:03 +02:00
Manuel Romero	5f2422165b	disallow allazureservices firewall rule for all databases	2022-10-06 10:02:00 +02:00
Manuel Romero	4c3821f84c	not allow all azure services for synapse	2022-10-06 09:44:58 +02:00
Manuel Romero	11f9bb336f	not allow all azure services for synapse	2022-10-06 09:40:12 +02:00
Manuel Romero	40e3d8ef10	kinesis	2022-10-06 09:32:30 +02:00
Manuel Romero	119f7914af	eventhub fix	2022-10-06 09:27:23 +02:00
Manuel Romero	2ac5289b62	Merge branch 'dev'	2022-10-05 17:34:28 +02:00
Manuel Romero	8c7f63aab3	disable wincommon	2022-10-05 17:27:21 +02:00
Manuel Romero	b5b57eb47f	no ref=dev2	2022-10-05 17:18:56 +02:00