Tips-Of-Mine/terraform-azure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Tips-Of-Mine:201-vmss-jumpbox
Branches Tags
Tips-Of-Mine:master Tips-Of-Mine:UserStory335474 Tips-Of-Mine:UserStory281947b Tips-Of-Mine:UserStory330782 Tips-Of-Mine:UserStory281947 Tips-Of-Mine:f-101-aks-standard-lb-and-vmss Tips-Of-Mine:UserStory330721 Tips-Of-Mine:UserStory327082 Tips-Of-Mine:UserStory327081 Tips-Of-Mine:UserStory327080 Tips-Of-Mine:UserStory327079 Tips-Of-Mine:301-machine-learning-hub-spoke-secure Tips-Of-Mine:301-hub-spoke Tips-Of-Mine:201-vmss-jumpbox Tips-Of-Mine:UserStory284326 Tips-Of-Mine:101-vm-with-infrastructure Tips-Of-Mine:101-devtest-labs Tips-Of-Mine:101-attestation-provider Tips-Of-Mine:101-authn-managed-identity Tips-Of-Mine:UserStory316624 Tips-Of-Mine:202-machine-learning-moderately-secure-existing-VNet Tips-Of-Mine:UserStory316612 Tips-Of-Mine:cron Tips-Of-Mine:bump-changed-files Tips-Of-Mine:release/358 Tips-Of-Mine:users/GitHubPolicyService/46ac6b72-fb6d-4399-a02a-714c519189f1 Tips-Of-Mine:rebrand
Tips-Of-Mine:release/UserStory316624
..
compare: Tips-Of-Mine:101-authn-managed-identity
Branches Tags
Tips-Of-Mine:master Tips-Of-Mine:UserStory335474 Tips-Of-Mine:UserStory281947b Tips-Of-Mine:UserStory330782 Tips-Of-Mine:UserStory281947 Tips-Of-Mine:f-101-aks-standard-lb-and-vmss Tips-Of-Mine:UserStory330721 Tips-Of-Mine:UserStory327082 Tips-Of-Mine:UserStory327081 Tips-Of-Mine:UserStory327080 Tips-Of-Mine:UserStory327079 Tips-Of-Mine:301-machine-learning-hub-spoke-secure Tips-Of-Mine:301-hub-spoke Tips-Of-Mine:201-vmss-jumpbox Tips-Of-Mine:UserStory284326 Tips-Of-Mine:101-vm-with-infrastructure Tips-Of-Mine:101-devtest-labs Tips-Of-Mine:101-attestation-provider Tips-Of-Mine:101-authn-managed-identity Tips-Of-Mine:UserStory316624 Tips-Of-Mine:202-machine-learning-moderately-secure-existing-VNet Tips-Of-Mine:UserStory316612 Tips-Of-Mine:cron Tips-Of-Mine:bump-changed-files Tips-Of-Mine:release/358 Tips-Of-Mine:users/GitHubPolicyService/46ac6b72-fb6d-4399-a02a-714c519189f1 Tips-Of-Mine:rebrand
Tips-Of-Mine:release/UserStory316624

1 Commits
201-vmss-j ... 101-authn-

Author SHA1 Message Date
zjhe
3c17fdd146 bump azurerm provider to v3 2024-10-04 08:56:30 +08:00
7 changed files with 14 additions and 30 deletions
Expand all files Collapse all files

11
quickstart/101-attestation-provider/main.tf
View File

@ -21,7 +21,7 @@ resource "tls_private_key" "signing_cert" {
resource "tls_self_signed_cert" "attestation" { resource "tls_self_signed_cert" "attestation" {
count = local.create_signing_cert ? 1 : 0 count = local.create_signing_cert ? 1 : 0
private_key_pem = tls_private_key.signing_cert[0].private_key_pem private_key_pem = tls_private_key.signing_cert[0].private_key_pem
validity_period_hours = 12 validity_period_hours = 12
allowed_uses = [ allowed_uses = [
"cert_signing", "cert_signing",
@ -40,13 +40,4 @@ resource "azurerm_attestation_provider" "corp_attestation" {
name = "${var.attestation_provider_name}${random_string.attestation_suffix.result}" name = "${var.attestation_provider_name}${random_string.attestation_suffix.result}"
resource_group_name = azurerm_resource_group.rg.name resource_group_name = azurerm_resource_group.rg.name
policy_signing_certificate_data = try(tls_self_signed_cert.attestation[0].cert_pem, file(var.cert_path)) policy_signing_certificate_data = try(tls_self_signed_cert.attestation[0].cert_pem, file(var.cert_path))
#https://github.com/hashicorp/terraform-provider-azurerm/issues/21998#issuecomment-1573312297
lifecycle {
ignore_changes = [
"open_enclave_policy_base64",
"sev_snp_policy_base64",
"sgx_enclave_policy_base64",
"tpm_policy_base64",
]
}
} }

2
quickstart/101-attestation-provider/providers.tf
View File

@ -4,7 +4,7 @@ terraform {
required_providers { required_providers {
azurerm = { azurerm = {
source = "hashicorp/azurerm" source = "hashicorp/azurerm"
version = "~>3.0" version = "~>2.0"
} }
random = { random = {
source = "hashicorp/random" source = "hashicorp/random"

2
quickstart/101-devtest-labs/providers.tf
View File

@ -3,7 +3,7 @@ terraform {
required_providers { required_providers {
azurerm = { azurerm = {
source = "hashicorp/azurerm" source = "hashicorp/azurerm"
version = "~>3.0" version = "~>2.0"
} }
random = { random = {
source = "hashicorp/random" source = "hashicorp/random"

2
quickstart/101-vm-with-infrastructure/providers.tf
View File

@ -8,7 +8,7 @@ terraform {
} }
azurerm = { azurerm = {
source = "hashicorp/azurerm" source = "hashicorp/azurerm"
version = "~>3.0" version = "~>2.0"
} }
random = { random = {
source = "hashicorp/random" source = "hashicorp/random"

19
quickstart/201-vmss-jumpbox/main.tf
View File

@ -4,7 +4,7 @@ terraform {
required_providers { required_providers {
azurerm = { azurerm = {
source = "hashicorp/azurerm" source = "hashicorp/azurerm"
version = "~>3.0" version = "~>2.0"
} }
} }
} }
@ -17,15 +17,6 @@ provider "azurerm" {
} }
} }
resource "random_password" "password" {
count = var.admin_password == null ? 1 : 0
length = 20
}
locals {
admin_password = try(random_password.password[0].result, var.admin_password)
}
resource "azurerm_resource_group" "vmss" { resource "azurerm_resource_group" "vmss" {
name = var.resource_group_name name = var.resource_group_name
location = var.location location = var.location
@ -36,7 +27,7 @@ resource "random_string" "fqdn" {
length = 6 length = 6
special = false special = false
upper = false upper = false
numeric = false number = false
} }
resource "azurerm_virtual_network" "vmss" { resource "azurerm_virtual_network" "vmss" {
@ -82,12 +73,14 @@ resource "azurerm_lb_backend_address_pool" "bpepool" {
} }
resource "azurerm_lb_probe" "vmss" { resource "azurerm_lb_probe" "vmss" {
resource_group_name = azurerm_resource_group.vmss.name
loadbalancer_id = azurerm_lb.vmss.id loadbalancer_id = azurerm_lb.vmss.id
name = "ssh-running-probe" name = "ssh-running-probe"
port = var.application_port port = var.application_port
} }
resource "azurerm_lb_rule" "lbnatrule" { resource "azurerm_lb_rule" "lbnatrule" {
resource_group_name = azurerm_resource_group.vmss.name
loadbalancer_id = azurerm_lb.vmss.id loadbalancer_id = azurerm_lb.vmss.id
name = "http" name = "http"
protocol = "Tcp" protocol = "Tcp"
@ -134,7 +127,7 @@ resource "azurerm_virtual_machine_scale_set" "vmss" {
os_profile { os_profile {
computer_name_prefix = "vmlab" computer_name_prefix = "vmlab"
admin_username = var.admin_user admin_username = var.admin_user
admin_password = local.admin_password admin_password = var.admin_password
custom_data = file("web.conf") custom_data = file("web.conf")
} }
@ -205,7 +198,7 @@ resource "azurerm_virtual_machine" "jumpbox" {
os_profile { os_profile {
computer_name = "jumpbox" computer_name = "jumpbox"
admin_username = var.admin_user admin_username = var.admin_user
admin_password = local.admin_password admin_password = var.admin_password
} }
os_profile_linux_config { os_profile_linux_config {

6
quickstart/201-vmss-jumpbox/output.tf
View File

@ -1,11 +1,11 @@
output "vmss_public_ip_fqdn" { output "vmss_public_ip_fqdn" {
value = azurerm_public_ip.vmss.fqdn value = azurerm_public_ip.vmss.fqdn
} }
output "jumpbox_public_ip_fqdn" { output "jumpbox_public_ip_fqdn" {
value = azurerm_public_ip.jumpbox.fqdn value = azurerm_public_ip.jumpbox.fqdn
} }
output "jumpbox_public_ip" { output "jumpbox_public_ip" {
value = azurerm_public_ip.jumpbox.ip_address value = azurerm_public_ip.jumpbox.ip_address
} }

2
quickstart/201-vmss-jumpbox/variables.tf
View File

@ -28,6 +28,6 @@ variable "admin_user" {
variable "admin_password" { variable "admin_password" {
description = "Default password for admin account" description = "Default password for admin account"
default = null default = "ChangeMe123!"
sensitive = true sensitive = true
} }