These Terraform scripts are free to use, and intended to demonstrate the generation of "ethically walled", secure work environments that isolate customer networks in a multi-tenant environment, using Azure Virtual Desktops with access centrally controlled using Entra ID. Users gain machine access using the secure Remote Desktop Web client, which uses the same login route as the Azure console, and inherets all the MFA features found there, including FIDO2 security key support.

Terraform is a declarative language, which means it isn’t built for an object oriented approach. The fun part of this project is the use of for_each. While not OO in nature, this technique does allow the developer to create parent/child relationships, which can be driven by a data array. See main.tf for an example of for_each and variables.tf for an example array. Through recursion, we can get quite a lot of work done without repeating ourselves. The sad truth is that most Terraform repositories are littered with duplication, and therefore break the rule of DRY (Don’t Repeat Yourself).

Also note that the Azure virtual machine administrator password is stored in an environment variable for security reasons, check out this article. To apply the value in linux for automatic use in Terraform, use "export TF_VAR_admin_password=+EnterValueHere+" to set the password value.