Started taking notes on airgapped terraform on azure

.gitignore

@@ -1,3 +1,4 @@
+__pycache__
 .DS_Store
 .obsidian
 .vagrant

terraform/airgapped terraform enterprise on azure/README.md

@@ -0,0 +1,31 @@
+# Airgapped Terraform Enterprise on Azure
+
+> In progress and absolutely, totally **not** ready for use.
+
+Stateless active/active.
+
+## Requirements
+
+| Requirement      | Description                                                                                                                                        |
+| ---------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- |
+| TFE license file | A Terraform Enterprise license file must be provided as a Base64 encoded secret in Azure Key Vault.                                                |
+| TLS certificate  | The TLS certificate and private key files must be PEM-encoded. The TLS certificate file can contain a full chain of TLS certificates if necessary. |
+| Virtual machine  | Must be Linux.                                                                                                                                     |
+
+![requirements diagram]
+
+## Sources
+
+- [Terraform Enterprise]
+- Hashicorp's [Terraform Enterprise Azure Module][hashicorp/terraform-azurerm-terraform-enterprise] on GitHub
+- Azure's [Terraform Enterprise Azure Instance Module][azure-terraform/terraform-azurerm-terraform-enterprise-instance] on GitHub
+
+<!-- knowledge base -->
+[requirements diagram]: requirements.png
+
+<!-- hashicorp documentation -->
+[terraform enterprise]: https://developer.hashicorp.com/terraform/enterprise
+
+<!-- repositories -->
+[azure-terraform/terraform-azurerm-terraform-enterprise-instance]: https://github.com/Azure-Terraform/terraform-azurerm-terraform-enterprise-instance
+[hashicorp/terraform-azurerm-terraform-enterprise]: https://github.com/hashicorp/terraform-azurerm-terraform-enterprise

terraform/airgapped terraform enterprise on azure/diagram.py

@@ -0,0 +1,33 @@
+#!/usr/bin/env python3
+
+from diagrams import Diagram
+from diagrams.azure.compute import VMLinux
+from diagrams.azure.database import CacheForRedis, DatabaseForPostgresqlServers
+from diagrams.azure.network import LoadBalancers, NetworkInterfaces, Subnets, VirtualNetworks
+from diagrams.azure.security import KeyVaults
+from diagrams.azure.storage import BlobStorage
+from diagrams.onprem.container import Docker
+from diagrams.onprem.iac import Terraform
+
+with Diagram("Requirements", show=False):
+
+    cache = CacheForRedis("Redis Cache")
+    db = DatabaseForPostgresqlServers("PostgreSQL DB")
+    engine = Docker("Docker Engine")
+    kv = KeyVaults("Key Vault")
+    lb = LoadBalancers("Load Balancer")
+    nic = NetworkInterfaces("Network Interface")
+    storage = BlobStorage("Blob Storage")
+    subnet_private = Subnets("Private Subnet")
+    subnet_public = Subnets("Public Subnet")
+    tfe = Terraform("Terraform Enterprise")
+    vm = VMLinux("Linux Virtual Machine")
+    vnet = VirtualNetworks("VNet")
+
+    vnet >> [subnet_private, subnet_public]
+    subnet_private >> kv
+    [subnet_private, subnet_public] >> nic
+    kv >> [cache, db, storage, vm]
+    nic >> [lb, vm]
+    vm >> engine
+    [cache, db, engine, lb, storage] >> tfe