Tips-Of-Mine/terraform-azure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add ssh key to module

Browse Source
This commit is contained in:
cshea15 2023-10-05 16:52:15 -04:00
parent e25785c539
commit deee58f798
5 changed files with 74 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
quickstart/201-azfw-with-ipgroups/main.tf
View File

@ -184,7 +184,7 @@ resource "azurerm_network_security_group" "vm_jump_nsg" {
priority = 1000 priority = 1000
direction = "Inbound" direction = "Inbound"
access = "Allow" access = "Allow"
protocol = "Tcp" protocol = "SSH"
source_port_range = "*" source_port_range = "*"
destination_port_range = "22" destination_port_range = "22"
source_address_prefix = "*" source_address_prefix = "*"
@ -208,8 +208,10 @@ resource "azurerm_linux_virtual_machine" "vm_server" {
location = azurerm_resource_group.rg.location location = azurerm_resource_group.rg.location
size = var.virtual_machine_size size = var.virtual_machine_size
admin_username = var.admin_username admin_username = var.admin_username
admin_password = random_password.password.result admin_ssh_key {
disable_password_authentication = false username = var.admin_username
public_key = jsondecode(azapi_resource_action.ssh_public_key_gen.output).publicKey
}
network_interface_ids = [azurerm_network_interface.vm_server_nic.id] network_interface_ids = [azurerm_network_interface.vm_server_nic.id]
os_disk { os_disk {
caching = "ReadWrite" caching = "ReadWrite"
@ -231,14 +233,16 @@ resource "azurerm_linux_virtual_machine" "vm_jump" {
resource_group_name = azurerm_resource_group.rg.name resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location location = azurerm_resource_group.rg.location
size = var.virtual_machine_size size = var.virtual_machine_size
admin_username = var.admin_username
admin_password = random_password.password.result
disable_password_authentication = false
network_interface_ids = [azurerm_network_interface.vm_jump_nic.id] network_interface_ids = [azurerm_network_interface.vm_jump_nic.id]
admin_username = var.admin_username
os_disk { os_disk {
caching = "ReadWrite" caching = "ReadWrite"
storage_account_type = "Standard_LRS" storage_account_type = "Standard_LRS"
} }
admin_ssh_key {
username = var.admin_username
public_key = jsondecode(azapi_resource_action.ssh_public_key_gen.output).publicKey
}
source_image_reference { source_image_reference {
publisher = "Canonical" publisher = "Canonical"
offer = "UbuntuServer" offer = "UbuntuServer"

4
quickstart/201-azfw-with-ipgroups/providers.tf
View File

@ -8,6 +8,10 @@ terraform {
source = "hashicorp/random" source = "hashicorp/random"
version = "~>3.0" version = "~>3.0"
} }
azapi = {
source = "azure/azapi"
version = "~>1.5"
}
} }
} }

2
quickstart/201-azfw-with-ipgroups/readme.md
View File

@ -31,6 +31,6 @@ This template deploys an [Azure Firewall](https://registry.terraform.io/provider
| `firewall_sku_tier` | SKU size for your Firewall and Firewall Policy. Possible values: Standard, Premium | Premium | | `firewall_sku_tier` | SKU size for your Firewall and Firewall Policy. Possible values: Standard, Premium | Premium |
| `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so that name is unique in your Azure subscription. | rg | | `resource_group_name_prefix` | Prefix of the resource group name that's combined with a random ID so that name is unique in your Azure subscription. | rg |
| `virtual_machine_size` | SKU size for your jump and workload VMs | Standard_D2_v3 | | `virtual_machine_size` | SKU size for your jump and workload VMs | Standard_D2_v3 |
| `admin_username` | THe admin username for the jump and workload VMs | azureuser | | `admin_username` | The admin username for the jump and workload VMs | azureuser |
## Example ## Example

25
quickstart/201-azfw-with-ipgroups/ssh.tf Normal file
View File

@ -0,0 +1,25 @@
resource "random_pet" "ssh_key_name" {
prefix = "ssh"
separator = ""
}
resource "azapi_resource_action" "ssh_public_key_gen" {
type = "Microsoft.Compute/sshPublicKeys@2022-11-01"
resource_id = azapi_resource.ssh_public_key.id
action = "generateKeyPair"
method = "POST"
response_export_values = ["publicKey", "privateKey"]
}
resource "azapi_resource" "ssh_public_key" {
type = "Microsoft.Compute/sshPublicKeys@2022-11-01"
name = random_pet.ssh_key_name.id
location = azurerm_resource_group.rg.location
parent_id = azurerm_resource_group.rg.id
}
output "key_data" {
value = jsondecode(azapi_resource_action.ssh_public_key_gen.output).publicKey
}