# using service principle - need to create this "service account to use this" # provider "azurerm" { # environment = "public" # subscription_id = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" # client_id = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" # client_secret = "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" # tenant_id = "e790ea08-42f3-46fa-8819-aca5c465e424" # } # using local user auth provider "azurerm" { version = "=1.34.0" skip_provider_registration = true // https://www.terraform.io/docs/providers/azurerm/index.html#skip_provider_registration UON account rights restricted } locals { virtual_machine_pub_ip = "${var.customer}-cfme-pub-ip" virtual_machine_name = "${var.customer}-cfme" virtual_machine_nic = "${var.customer}-cfme-nic" virtual_machine_disk = "${var.customer}-osdisk" } # find image id from image name as we are using our own vhd derived image data "azurerm_image" "search_os_image" { name = "${var.os_image}" resource_group_name = "${var.resource_group}" } # output "os_image_id" { # value = "${data.azurerm_image.search_os_image.id}" # } resource "azurerm_public_ip" "pubip" { name = "${local.virtual_machine_pub_ip}" location = "${var.location}" resource_group_name = "${var.resource_group}" allocation_method = "Static" } resource "azurerm_network_interface" "nic" { name = "${var.customer}-nic" location = "${var.location}" resource_group_name = "${var.resource_group}" ip_configuration { name = "${var.customer}-configuration" subnet_id = "${data.azurerm_subnet.subnet_output.id}" private_ip_address_allocation = "Dynamic" public_ip_address_id = "${azurerm_public_ip.pubip.id}" } } resource "azurerm_virtual_machine" "cfme" { name = "${local.virtual_machine_name}" location = "${var.location}" resource_group_name = "${var.resource_group}" network_interface_ids = ["${azurerm_network_interface.nic.id}"] #vm_size = "Standard_B1ms" vm_size = "Standard_D4_v3" delete_os_disk_on_termination = true # storage_image_reference { # publisher = "Canonical" # offer = "UbuntuServer" # sku = "16.04-LTS" # version = "latest" # } storage_image_reference { id = "${data.azurerm_image.search_os_image.id}" } storage_os_disk { name = "${local.virtual_machine_disk}" caching = "ReadWrite" create_option = "FromImage" managed_disk_type = "Standard_LRS" } os_profile { // use azure agent to setup admin user, this also adds sudoers rule by default computer_name = "${local.virtual_machine_name}" admin_username = "${var.admin_username}" admin_password = "${var.admin_password}" } os_profile_linux_config { // use azure agent to install ssh key disable_password_authentication = false ssh_keys { path = "/home/${var.admin_username}/.ssh/authorized_keys" #key_data = "${file("~/keys/toby@TOBY-L19.openssh.pub")}" #key_data = "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAm+l9n70tSvow56eOLhDZT8VLCmU9MCjUa7d2v0fH2ix/mdWy+RUo9c24U9WJmBlxpAmMDpSxlFcOpBwk1y+tWC/24YJ+m0/6YGWTzbl84GCjdBfrWcTuV5MFYvkYfq8lx3VESyZrYVmoC9Shwtj825YjfVpWqWvFw2kJznyOHWSGv60j6AJyzoT8rWCt4tSusEVzwup7UWF8TDIB6GXO3hqBZcCo3mfyuWkAswkEbX8SKIXqlNUZWMsxdS5ZpodigG6pj9fIsob8P+PxXF7YQiPo4W1uDHGoh0033oLb2fQULs4VjwqNVUE4dKkruFdNupBNCY3BJWHMT/mDOnUiww==" # either use a local file or use an inline key, maybe required with UON key_data = "${file("${var.admin_ssh_pub_key_file}")}" #key_data = "${var.admin_ssh_pub_key}" } } # remote exec onto host using password provisioner "remote-exec" { connection { type = "ssh" host = "${azurerm_public_ip.pubip.ip_address}" user = "${var.admin_username}" password = "${var.admin_password}" } inline = [ "ls -la", ] } } # lookup subnet id using the subnet name data "azurerm_subnet" "subnet_output" { name = "${var.subnet}" virtual_network_name = "${var.vnet}" resource_group_name = "${var.resource_group}" } output "subnet_id" { value = "${data.azurerm_subnet.subnet_output.id}" } # get publlc ip data "azurerm_public_ip" "output_pub_ip" { name = "${azurerm_public_ip.pubip.name}" resource_group_name = "${azurerm_virtual_machine.cfme.resource_group_name}" } output "public_ip_address" { value = "${data.azurerm_public_ip.output_pub_ip.ip_address}" }