Deploys a Virtual Machine in Azure
Based of original module: https://github.com/Azure/terraform-azurerm-compute
It supports creating:
- Virtual Machine
- Availability Set
- Public IP
- Network Security Group
- Network Security Rule
- Network Interface
Review the examples folder: examples
Perform the following commands on the root folder:
terraform initto get the pluginsterraform planto see the infrastructure planterraform applyto apply the infrastructure buildterraform destroyto destroy the built infrastructure
use terraform-docs to create Inputs and Outpus documentation terraform-docs
terraform-docs markdown .
The following dependencies must be installed on the development system:
Azure
- Terraform Provider for Azure
- CLI Tool az
| Name | Version |
|---|---|
| azurerm | n/a |
| random | n/a |
| Name | Source | Version |
|---|---|---|
| os | ./os | n/a |
| Name | Type |
|---|---|
| azurerm_linux_virtual_machine.vm | resource |
| azurerm_managed_disk.data_disk | resource |
| azurerm_network_interface.vm | resource |
| azurerm_network_interface_security_group_association.nsgassoc | resource |
| azurerm_network_security_group.vm | resource |
| azurerm_network_security_rule.nsg_rule | resource |
| azurerm_public_ip.vm | resource |
| azurerm_storage_account.vm-sa | resource |
| azurerm_virtual_machine_data_disk_attachment.data_disk | resource |
| azurerm_virtual_machine_extension.provision_linux_vm | resource |
| local_sensitive_file.linux_provision_vm | resource |
| random_id.vm-sa | resource |
| azurerm_resource_group.vm | data source |
| template_file.linux_provision_vm | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| admin_password | The admin password to be used on the VMSS that will be deployed. The password must meet the complexity requirements of Azure. | string |
"" |
no |
| admin_ssh_key | Specifies public_key of admin user. | string |
null |
no |
| admin_username | The admin username of the VM that will be deployed. | string |
"azureuser" |
no |
| allocation_method | Defines the allocation method for this IP address. Possible values are Static or Dynamic |
string |
"Dynamic" |
no |
| allow_extension_operations | Should Extension Operations be allowed on this Virtual Machine | bool |
true |
no |
| availability_set_id | Specifies the ID of the Availability Set in which the Virtual Machine should exist | string |
null |
no |
| boot_diagnostics | (Optional) Enable or Disable boot diagnostics. | bool |
true |
no |
| boot_diagnostics_sa_type | (Optional) Storage account type for boot diagnostics. | string |
"Standard_LRS" |
no |
| computer_name | Specifies the Hostname which should be used for this Virtual Machine | string |
"" |
no |
| custom_data | The Base64-Encoded Custom Data which should be used for this Virtual Machine | string |
null |
no |
| data_disks | Managed Data Disks for azure viratual machine | list(object({ |
= number<br> storage_account_type = string<br> disk_size_gb = number<br> caching = string<br> }))</pre> | `[]` | no |
| dedicated_host_id | The ID of a Dedicated Host where this machine should be run on | string | null | no |
| disable_password_authentication | Should Password Authentication be disabled on this Virtual Machine? Defaults to true | bool | false | no |
| edge_zone | Specifies the Edge Zone within the Azure Region where this Linux Virtual Machine should exist. Changing this forces a new Linux Virtual Machine to be created. | string | null | no |
| enable_accelerated_networking | Enable accelerated networking on Network interface. | bool | true | no |
| enable_https_traffic_only | Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true. | bool | true | no |
| enable_ip_forwarding | Should IP Forwarding be enabled? Defaults to false | bool | false | no |
| enable_provision_script | Use provisoning script. | bool | true | no |
| enable_public_ip | Assign public IP to vm. Default False. | bool | false | no |
| enable_ultra_ssd | Should the capacity to enable Data Disks of the UltraSSD_LRS storage account type be supported on this Virtual Machine | bool | false | no |
| encryption_at_host_enabled | Should all of the disks (including the temp disk) attached to this Virtual Machine be encrypted by enabling Encryption at Host? | bool | true | no |
| eviction_policy | Specifies what should happen when the Virtual Machine is evicted for price reasons when using a Spot instance | string | null | no |
| existing_network_security_group_id | The resource id of existing network security group | any | null | no |
| extensions_time_budget | Specifies the duration allocated for all extensions to start. The time duration should be between 15 minutes and 120 minutes (inclusive) and should be specified in ISO 8601 format. Defaults to 90 minutes | string | "PT1H30M" | no |
| internal_dns_name_label | The (relative) DNS Name used for internal communications between Virtual Machines in the same Virtual Network. | any | null | no |
| license_type | Specifies the BYOL Type for this Virtual Machine. Possible values are RHEL_BYOS and SLES_BYOS. | string | null | no |
| linux_provision_script | Path to Linux provisioning script. | string | "./scripts/linux_provision_vm.sh" | no |
| location | (Optional) The location in which the resources will be created. | string | "" | no |
| managed_identity_type | The type of Managed Identity which should be assigned to the Linux Virtual Machine. Possible values are SystemAssigned, UserAssigned and SystemAssigned, UserAssigned | any | null | no |
| max_bid_price | The maximum price you're willing to pay for this Virtual Machine, in US Dollars | number | null | no |
| min_tls_version | The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2. | string | "TLS1_2" | no |
| name | name of the azure vm | string | n/a | yes |
| network_interface_ids | A list of Network Interface ID's which should be associated with the Virtual Machine | list(string) | [] | no |
| nsg_inbound_rules | List of network rules to apply to network interface. | list | [] | no |
| os_disk | os disk reference block | list(map(string)) | [] | no |
| os_disk_caching | The Type of Caching which should be used for the Internal OS Disk. Possible values are None, ReadOnly and ReadWrite. | string | "ReadWrite" | no |
| os_disk_encryption_set_id | The ID of the Disk Encryption Set which should be used to Encrypt this OS Disk. | string | null | no |
| os_disk_size_gb | OS disk size (GB). | number | 30 | no |
| os_disk_storage_account_type | The Type of Storage Account which should back this the Internal OS Disk. Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS. Changing this forces a new resource to be created. | string | "Premium_LRS" | no |
| os_disk_write_accelerator_enabled | Should Write Accelerator be Enabled for this OS Disk? Defaults to false. | bool | false | no |
| plan | image details form the market place | list(map(string)) | [] | no |
| priority | Specifies the duration allocated for all extensions to start | string | "Regular" | no |
| private_ip_address | Defines static IP address to assign to VM. private_ip_address_allocation must be set to Static. | string | "Dynamic" | no |
| private_ip_address_allocation | Defines how an IP address is assigned. Options are Static or Dynamic. | string | "Dynamic" | no |
| private_ip_address_allocation_type | The allocation method used for the Private IP Address. Possible values are Dynamic and Static. | string | "Dynamic" | no |
| provision_vm_agent | Should the Azure VM Agent be provisioned on this Virtual Machine? Defaults to true | bool | true | no |
| proximity_placement_group_id | proximity_placement_group_id | string | null | no |
| public_ip_address_allocation | Defines how an IP address is assigned. Options are Static or Dynamic. | string | "Dynamic" | no |
| public_ip_dns | Optional globally unique per datacenter region domain name label to apply to each public ip address. e.g. thisvar.varlocation.cloudapp.azure.com where you specify only thisvar here. This is an array of names which will pair up sequentially to the number of public ips defined in var.nb_public_ip. One name or empty string is required for every public ip. If no public ip is desired, then set this to an array with a single empty string. | string | null | no |
| public_ip_sku | Defines the SKU of the Public IP. Accepted values are Basic and Standard. Defaults to Basic. | string | "Basic" | no |
| resource_group_name | The name of the resource group in which the resources will be created. | string | n/a | yes |
| secret | Specifies a list of certificates to be installed on the VM and the KeyVault where certificate is stored | list(map(string)) | [] | no |
| source_address_prefix | CIDR or source IP range or * to match any IP. Tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. This is required if source_address_prefixes is not specified. | list(string) |
[| no | | source_address_prefixes | (Optional) List of source address prefixes allowed to access var.remote_port. |
"0.0.0.0/0"
]
list(string) | [| no | | source_image_id | The ID of the Image which this Virtual Machine should be created from. Changing this forces a new resource to be created |
"0.0.0.0/0"
]
string | null | no |
| source_image_offer | Specifies the offer of the image used to create the virtual machines. | string | n/a | yes || source_image_publisher | Specifies the publisher of the image used to create the virtual machines. |
string | n/a | yes |
| source_image_reference | Virtual Machine source image information. See https://www.terraform.io/docs/providers/azurerm/r/virtual_machine.html#storage_image_reference. This variable cannot be used if vm_image_id is already defined. | any | {} | no |
| source_image_sku | Specifies the SKU of the image used to create the virtual machines. | string | n/a | yes |
| source_image_version | Specifies the version of the image used to create the virtual machines. | string | n/a | yes |
| tags | A map of the tags to use on the resources that are deployed with this module. | map(string) | {} | no |
| ultra_ssd_enabled | Should the capacity to enable Data Disks of the UltraSSD_LRS storage account type be supported on this Virtual Machine? Defaults to false. | bool | false | no |
| user_data | The Base64-Encoded User Data scripts which should be passed to this Virtual Machine at provisioning. | any | null | no || virtual_machine_scale_set_id | Specifies the Orchestrated Virtual Machine Scale Set that this Virtual Machine should be created within |
string | null | no |
| virtual_machine_size | Specifies the size of the virtual machine. | string | "Standard_D2s_v3" | no |
| vm_availability_zone | The Zone in which this Virtual Machine should be created. Conflicts with availability set and
shouldn't use both | any | null | no |
| vnet_subnet_id | The subnet id of the virtual network where the virtual machines will reside. | string | n/a | yes |
| zones | A list of a single item of the Availability Zone which the Virtual Machine should be allocated in | string | null | no |
| Name | Description |
|---|---|
| network_interface_private_ip | private ip addresses of the vm nics |
| network_security_group_id | id of the security group provisioned |
| network_security_group_name | name of the security group provisioned |
| public_ip_address | The actual ip address allocated for the resource. |
| public_ip_dns_name | fqdn to connect to the first vm provisioned. |
| public_ip_id | id of the public ip address provisoned. |
| virtual_machine_id | Virtual machine ids created. |
| virtual_machine_private_ips | ids of the vm nics provisoned. |
| Name | Type |
|---|---|
| azurerm_managed_disk.data_disk | resource |
| azurerm_network_interface.vm | resource |
| azurerm_network_interface_security_group_association.nsgassoc | resource |
| azurerm_network_security_group.vm | resource |
| azurerm_network_security_rule.nsg_rule | resource |
| azurerm_public_ip.vm | resource |
| azurerm_storage_account.vm-sa | resource |
| azurerm_virtual_machine_data_disk_attachment.data_disk | resource |
| azurerm_virtual_machine_extension.provision_windows_vm | resource |
| azurerm_windows_virtual_machine.vm | resource |
| local_sensitive_file.windows_provision_vm | resource |
| random_id.vm-sa | resource |
| azurerm_resource_group.vm | data source |
| template_file.windows_provision_vm | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| additional_unattend_content | The XML formatted content that is added to the unattend.xml file for the | |||
| specified path and component. | any |
null |
no | |
| additional_unattend_content_setting | The name of the setting to which the content applies. Possible values are AutoLogon and FirstLogonCommands |
any |
null |
no |
| admin_password | The admin password to be used on the VMSS that will be deployed. The password must meet the complexity requirements of Azure. | string |
"" |
no |
| admin_username | The admin username of the VM that will be deployed. | string |
"azureuser" |
no |
| allocation_method | Defines the allocation method for this IP address. Possible values are Static or Dynamic |
string |
"Dynamic" |
no |
| allow_extension_operations | Should Extension Operations be allowed on this Virtual Machine | bool |
true |
no |
| availability_set_id | Specifies the ID of the Availability Set in which the Virtual Machine should exist | string |
null |
no |
| boot_diagnostics | (Optional) Enable or Disable boot diagnostics. | bool |
true |
no |
| boot_diagnostics_sa_type | (Optional) Storage account type for boot diagnostics. | string |
"Standard_LRS" |
no |
| computer_name | Specifies the Hostname which should be used for this Virtual Machine | string |
"" |
no |
| custom_data | The Base64-Encoded Custom Data which should be used for this Virtual Machine | string |
null |
no |
| data_disks | Managed Data Disks for azure viratual machine | list(object({ |
= number<br> storage_account_type = string<br> disk_size_gb = number<br> caching = string<br> }))</pre> | `[]` | no |
| dedicated_host_id | The ID of a Dedicated Host where this machine should be run on | string | null | no |
| edge_zone | Specifies the Edge Zone within the Azure Region where this Linux Virtual Machine should exist. Changing this forces a new Linux Virtual Machine to be created. | string | null | no |
| enable_accelerated_networking | Enable accelerated networking on Network interface. | bool | true | no |
| enable_automatic_updates | Specifies if Automatic Updates are Enabled for the Windows Virtual Machine. | bool | true | no |
| enable_https_traffic_only | Boolean flag which forces HTTPS if enabled, see here for more information. Defaults to true. | bool | true | no |
| enable_ip_forwarding | Should IP Forwarding be enabled? Defaults to false | bool | false | no |
| enable_provision_script | Use provisoning script. | bool | true | no |
| enable_public_ip | Assign public IP to vm. Default False. | bool | false | no |
| enable_ultra_ssd | Should the capacity to enable Data Disks of the UltraSSD_LRS storage account type be supported on this Virtual Machine | bool | false | no |
| encryption_at_host_enabled | Should all of the disks (including the temp disk) attached to this Virtual Machine be encrypted by enabling Encryption at Host? | bool | true | no |
| eviction_policy | Specifies what should happen when the Virtual Machine is evicted for price reasons when using a Spot instance | string | null | no |
| existing_network_security_group_id | The resource id of existing network security group | any | null | no |
| extensions_time_budget | Specifies the duration allocated for all extensions to start. The time duration should be between 15 minutes and 120 minutes (inclusive) and should be specified in ISO 8601 format. Defaults to 90 minutes | string | "PT1H30M" | no |
| internal_dns_name_label | The (relative) DNS Name used for internal communications between Virtual Machines in the same Virtual Network. | any | null | no |
| key_vault_certificate_secret_url | The Secret URL of a Key Vault Certificate, which must
be specified when protocol is set to Https | any | null | no |
| license_type | Specifies the BYOL Type for this Virtual Machine. Possible values are RHEL_BYOS and SLES_BYOS. | string | null | no |
| location | (Optional) The location in which the resources will be created. | string | "" | no |
| managed_identity_type | The type of Managed Identity which should be assigned to the Linux Virtual Machine. Possible values are SystemAssigned, UserAssigned and SystemAssigned, UserAssigned | any | null | no |
| max_bid_price | The maximum price you're willing to pay for this Virtual Machine, in US Dollars | number | null | no |
| min_tls_version | The minimum supported TLS version for the storage account. Possible values are TLS1_0, TLS1_1, and TLS1_2. Defaults to TLS1_2. | string | "TLS1_2" | no |
| name | name of the azure vm | string | n/a | yes |
| network_interface_ids | A list of Network Interface ID's which should be associated with the Virtual Machine | list(string) | [] | no |
| nsg_inbound_rules | List of network rules to apply to network interface. | list | [] | no |
| os_disk | os disk reference block | list(map(string)) | [] | no |
| os_disk_caching | The Type of Caching which should be used for the Internal OS Disk. Possible values are None, ReadOnly and ReadWrite. | string | "ReadWrite" | no |
| os_disk_encryption_set_id | The ID of the Disk Encryption Set which should be used to Encrypt this OS Disk. | string | null | no |
| os_disk_size_gb | OS disk size (GB). | number | 150 | no |
| os_disk_storage_account_type | The Type of Storage Account which should back this the Internal OS Disk. Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS. Changing this forces a new resource to be created. | string | "Premium_LRS" | no |
| os_disk_write_accelerator_enabled | Should Write Accelerator be Enabled for this OS Disk? Defaults to false. | bool | false | no |
| patch_mode | Specifies the mode of in-guest patching to this Windows Virtual Machine. Possible values are Manual, AutomaticByOS and AutomaticByPlatform | string | "AutomaticByOS" | no |
| plan | image details form the market place | list(map(string)) | [] | no |
| priority | Specifies the duration allocated for all extensions to start | string | "Regular" | no |
| private_ip_address | Defines static IP address to assign to VM. private_ip_address_allocation must be set to Static. | string | "Dynamic" | no |
| private_ip_address_allocation | Defines how an IP address is assigned. Options are Static or Dynamic. | string | "Dynamic" | no |
| private_ip_address_allocation_type | The allocation method used for the Private IP Address. Possible values are Dynamic and Static. | string | "Dynamic" | no |
| provision_vm_agent | Should the Azure VM Agent be provisioned on this Virtual Machine? Defaults to true | bool | true | no |
| proximity_placement_group_id | proximity_placement_group_id | string | null | no |
| public_ip_address_allocation | Defines how an IP address is assigned. Options are Static or Dynamic. | string | "Dynamic" | no |
| public_ip_dns | Optional globally unique per datacenter region domain name label to apply to each public ip address. e.g. thisvar.varlocation.cloudapp.azure.com where you specify only thisvar here. This is an array of names which will pair up sequentially to the number of public ips defined in var.nb_public_ip. One name or empty string is required for every public ip. If no public ip is desired, then set this to an array with a single empty string. | string | null | no |
| public_ip_sku | Defines the SKU of the Public IP. Accepted values are Basic and Standard. Defaults to Basic. | string | "Basic" | no |
| resource_group_name | The name of the resource group in which the resources will be created. | string | n/a | yes |
| secret | Specifies a list of certificates to be installed on the VM and the KeyVault where certificate is stored | list(map(string)) | [] | no |
| source_address_prefix | CIDR or source IP range or * to match any IP. Tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. This is required if source_address_prefixes is not specified. | list(string) |
[| no | | source_address_prefixes | (Optional) List of source address prefixes allowed to access var.remote_port. |
"0.0.0.0/0"
]
list(string) | [| no | | source_image_id | The ID of the Image which this Virtual Machine should be created from. Changing this forces a new resource to be created |
"0.0.0.0/0"
]
string | null | no |
| source_image_offer | Specifies the offer of the image used to create the virtual machines. | string | n/a | yes || source_image_publisher | Specifies the publisher of the image used to create the virtual machines. |
string | n/a | yes |
| source_image_reference | Virtual Machine source image information. See https://www.terraform.io/docs/providers/azurerm/r/virtual_machine.html#storage_image_reference. This variable cannot be used if vm_image_id is already defined. | any | {} | no |
| source_image_sku | Specifies the SKU of the image used to create the virtual machines. | string | n/a | yes |
| source_image_version | Specifies the version of the image used to create the virtual machines. | string | n/a | yes |
| tags | A map of the tags to use on the resources that are deployed with this module. | map(string) | {} | no |
| ultra_ssd_enabled | Should the capacity to enable Data Disks of the UltraSSD_LRS storage account type be supported on this Virtual Machine? Defaults to false. | bool | false | no |
| user_data | The Base64-Encoded User Data scripts which should be passed to this Virtual Machine at provisioning. | any | null | no || virtual_machine_scale_set_id | Specifies the Orchestrated Virtual Machine Scale Set that this Virtual Machine should be created within |
string | null | no |
| virtual_machine_size | Specifies the size of the virtual machine. | string | "Standard_D2s_v3" | no |
| vm_availability_zone | The Zone in which this Virtual Machine should be created. Conflicts with availability set and
shouldn't use both | any | null | no |
| vm_time_zone | Specifies the Time Zone which should be used by the Virtual Machine | any | null | no |
| vnet_subnet_id | The subnet id of the virtual network where the virtual machines will reside. | string | n/a | yes |
| windows_provision_script | Path to Windows provisioning script. | string | "./scripts/windows_provision_vm.ps1" | no |
| winrm_protocol | Specifies the protocol of winrm listener. Possible values are Http or Https | any | null | no |
| zones | A list of a single item of the Availability Zone which the Virtual Machine should be allocated in | string | null | no |
| Name | Description |
|---|---|
| network_interface_private_ip | private ip addresses of the vm nics |
| network_security_group_id | id of the security group provisioned |
| network_security_group_name | name of the security group provisioned |
| public_ip_address | The actual ip address allocated for the resource. |
| public_ip_dns_name | fqdn to connect to the first vm provisioned. |
| public_ip_id | id of the public ip address provisoned. |
| virtual_machine_id | Virtual machine ids created. |
| virtual_machine_private_ips | ids of the vm nics provisoned. |
Refer to the contribution guidelines for information on contributing to this module.