# Resource Group resource "azurerm_resource_group" "rg" { location = var.resource_group_location name = "${random_pet.prefix.id}-rg" } # Virtual Network resource "azurerm_virtual_network" "my_terraform_network" { name = "${random_pet.prefix.id}-vnet" address_space = ["10.0.0.0/16"] location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name } # Subnet resource "azurerm_subnet" "my_terraform_subnet" { name = "${random_pet.prefix.id}-subnet" resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.my_terraform_network.name address_prefixes = ["10.0.1.0/24"] } # Public IP resource "azurerm_public_ip" "my_terraform_public_ip" { name = "${random_pet.prefix.id}-public-ip" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name allocation_method = "Dynamic" } # Network Security Group and rules resource "azurerm_network_security_group" "my_terraform_nsg" { name = "${random_pet.prefix.id}-nsg" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name security_rule { name = "RDP" priority = 1000 direction = "Inbound" access = "Allow" protocol = "*" source_port_range = "*" destination_port_range = "3389" source_address_prefix = "*" destination_address_prefix = "*" } security_rule { name = "web" priority = 1001 direction = "Inbound" access = "Allow" protocol = "Tcp" source_port_range = "*" destination_port_range = "80" source_address_prefix = "*" destination_address_prefix = "*" } } # Network Interface resource "azurerm_network_interface" "my_terraform_nic" { name = "${random_pet.prefix.id}-nic" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name ip_configuration { name = "my_nic_configuration" subnet_id = azurerm_subnet.my_terraform_subnet.id private_ip_address_allocation = "Dynamic" public_ip_address_id = azurerm_public_ip.my_terraform_public_ip.id } } # Connect the security group to the network interface resource "azurerm_network_interface_security_group_association" "example" { network_interface_id = azurerm_network_interface.my_terraform_nic.id network_security_group_id = azurerm_network_security_group.my_terraform_nsg.id } # Storage account for boot diagnostics resource "azurerm_storage_account" "my_storage_account" { name = "diag${random_id.random_id.hex}" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name account_tier = "Standard" account_replication_type = "LRS" } # Virtual Machine resource "azurerm_windows_virtual_machine" "main" { name = "${var.prefix}-vm" admin_username = "azureuser" admin_password = random_password.password.result location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name network_interface_ids = [azurerm_network_interface.my_terraform_nic.id] size = "Standard_DS1_v2" os_disk { name = "myOsDisk" caching = "ReadWrite" storage_account_type = "Premium_LRS" } source_image_reference { publisher = "MicrosoftWindowsServer" offer = "WindowsServer" sku = "2022-datacenter-azure-edition" version = "latest" } boot_diagnostics { storage_account_uri = azurerm_storage_account.my_storage_account.primary_blob_endpoint } } # Azure Automation Account resource "azurerm_automation_account" "example" { name = "${random_pet.prefix.id}-automation-account" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name sku_name = "Basic" } # PowerShell Runbook resource "azurerm_automation_runbook" "example" { name = "${random_pet.prefix.id}-runbook" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name automation_account_name = azurerm_automation_account.example.name log_verbose = "true" log_progress = "true" description = "This is an example runbook" runbook_type = "PowerShell" publish_content_link { uri = "https://raw.githubusercontent.com/azureautomation/runbooks/master/Utility/ASM/Set-AzureScheduleWithRunbook.ps1" } } # One-time schedule for the runbook resource "azurerm_automation_schedule" "one_time" { name = "${random_pet.prefix.id}-one-time-schedule" resource_group_name = azurerm_resource_group.rg.name automation_account_name = azurerm_automation_account.example.name frequency = "OneTime" start_time = timeadd(timestamp(), "10m") # 10 minutes from now } # Hourly schedule for the runbook resource "azurerm_automation_schedule" "hourly" { name = "${random_pet.prefix.id}-hourly-schedule" resource_group_name = azurerm_resource_group.rg.name automation_account_name = azurerm_automation_account.example.name frequency = "Hour" interval = 1 start_time = timeadd(timestamp(), "15m") # 15 minutes from now } # Link the one-time schedule to the runbook resource "azurerm_automation_job_schedule" "one_time" { resource_group_name = azurerm_resource_group.rg.name automation_account_name = azurerm_automation_account.example.name schedule_name = azurerm_automation_schedule.one_time.name runbook_name = azurerm_automation_runbook.example.name } # Link the hourly schedule to the runbook resource "azurerm_automation_job_schedule" "hourly" { resource_group_name = azurerm_resource_group.rg.name automation_account_name = azurerm_automation_account.example.name schedule_name = azurerm_automation_schedule.hourly.name runbook_name = azurerm_automation_runbook.example.name } # Random resources for unique naming resource "random_id" "random_id" { keepers = { resource_group = azurerm_resource_group.rg.name } byte_length = 8 } resource "random_password" "password" { length = 20 min_lower = 1 min_upper = 1 min_numeric = 1 min_special = 1 special = true } resource "random_pet" "prefix" { prefix = var.prefix length = 1 }