Terraform module to create Virtual Machines in Azure.
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.
ravi 2241726bce fix review and make example more complex před 2 měsíci
examples fix review and make example more complex před 2 měsíci
.gitignore tech: adds .gitignore file před 5 měsíci
.pre-commit-config.yaml update README před 2 měsíci
CHANGELOG.md fix review and make example more complex před 2 měsíci
Jenkinsfile test: updates Jenkinsfile to use non-deperecated pipeline před 4 měsíci
LICENSE tech: adds LICENSE file před 5 měsíci
README.md fix review and make example more complex před 2 měsíci
data.tf add new resources před 2 měsíci
main.tf fix example před 2 měsíci
outputs.tf fix review před 2 měsíci
variables.tf fix review and make example more complex před 2 měsíci
versions.tf initial refactor commit před 2 měsíci

README.md

terraform-module-azurerm-virtual-machine

Usage

See examples folders for usage of this module.

Limitation

  • Any call of this module will create resources in a single resource group.
  • Any network interfaces created in this module will have a single ip_configuration.
  • Tags for VMs are shared among all VMs. Same thing for managed disks.
  • Only OSDisk encryption is possible with this module. Inorder to encrypt the Data disk we need to mount the guest OS Disk and encrypt it manually.

Requirements

Name Version
terraform >= 0.12.20
azurerm >= 2.0.0

Providers

Name Version
azurerm >= 2.0.0

Inputs

Name Description Type Default Required
additional_capabilities_ultra_ssd_enabled Should Ultra SSD disk be enabled for this Virtual Machine? bool false no
additional_unattend_content_windows_content Specifies the base-64 encoded XML formatted content that is added to the unattend.xml file for the specified path and component. string "" no
additional_unattend_content_windows_setting Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. string "FirstLogonCommands" no
admin_password The virtual machine password associated with the local administrator account. string "Passw0rd_TO_BE_CHANGED!" no
admin_username Specifies the name of the virtual machine local administrator account. string "testadmin" no
allow_extension_operations Boolean flag whcih provides the information about should the extension operations be allowed on the virtual machine? Chaning this forces a new resource to be created. bool true no
availability_set_enabled Whether or not to create an availability set. bool true no
availability_set_exists If defined, the existing availability set will be used by virtual machines instead of creating a new availability set inside this module. bool false no
availability_set_managed Specifies whether the availability set is managed or not. Possible values are true (to specify aligned) or false (to specify classic). bool true no
availability_set_name Specifies the name of the availability set. Changing this forces a new resource to be created. string "" no
availability_set_platform_fault_domain_count Specifies the number of fault domains that are used. number 2 no
availability_set_platform_update_domain_count Specifies the number of update domains that are used. number 5 no
availability_set_proximity_placement_group_id The ID of the proximity placement group to which the virtual machine should be assigned. Changing this forces a new resource to be created. string "" no
availability_set_tags Tags specific to the availability set. map {} no
boot_diagnostics_enabled Boolean flag which describes whether or not enable the boot diagnostics setting for the virtual machine. bool false no
boot_diagnostics_storage_account_uri The Storage Account's Blob Endpoint which should hold the virtual machine's diagnostic files. string "" no
certificate_url The Secret URL of the Key vault certificate.This can be sourced from the secret_url field within the azurerm_key_vault_certificate resource. string "" no
computer_names Specifies the hostname which should be used for the virtual machine.If unspecified this defaults to the value of vm_names filed. Changing this forces a new resource to be created. list(string)
[
null
]
no
custom_data The Base64-Encoded custom data which should be used for the virtual machine. Changing this forces a new resource to be created. any null no
dedicated_host_enabled Boolean flag which describes whether the Decicated host id enabled or not. bool false no
dedicated_host_ids The list IDs of a dedicated host where th emachien should be run on. Changing this forces a new resource to be created. list(string)
[
null
]
no
diff_disk_settings_option Specifies the Ephemeral disk settings for the OS Disk. At this time the only possible value is local. Changing this forces a new resource to be created. string "" no
enabled Enable or disable module bool true no
eviction_policy Specifies what should happen when the virtual machine is evicted for the price reason when using the spot instance. At this time only supported value is Deallocate. Changing this forces a new resource to be created. string "Deallocate" no
identity_identity_ids A list of list of User managed identity ID's which should be assigned to the virtual machine. list(list(string))
[
null
]
no
identity_types The list of types of Managed identity which should be assigned to the virtual machine. Possible values are systemassigned, UserAssigned and SustemAssigned,UserAssigned. list
[
““
]
no
linux_admin_ssh_keys One or more admin ssh_key blocks. NOTE: One of either admin_password or admin_ssh_key must be specified. list(object({ public_key = string, username = string }))
[
null
]
no
linux_vm_enabled Boolean flag which describes whether or not enable the linux virtual machine resource. bool false no
managed_data_disk_cachings Specifies the caching requirements for the Managed Disks. Possible values include None, ReadOnly and ReadWrite. list(string)
[
“ReadWrite"
]
no
managed_data_disk_create_options Specifies the list of create option of the data disk such as Empty or Attach. Defaults to Attach. Changing this forces a new resource to be created. list(string)
[
“Attach"
]
no
managed_data_disk_write_accelerator_enableds Specifies if Write Accelerator is enabled on Managed Disks. This can only be enabled on Premium_LRS managed disks with no caching and M-Series VMs. list(bool)
[
false
]
no
managed_disk_count How many additional managed disk to attach to EACH Virtual Machines. number 0 no
managed_disk_create_options The methods to use when creating the Managed Disks. Possible values include: Empty, FromImage, Copy, Import, Restore. list(string)
[
“Empty"
]
no
managed_disk_encryption_key_secret_url Refeerence to the URL of the key vault secret used as the disk encryption key. This can be found as id on the azurerm_key_vault_secret resource. string "" no
managed_disk_encryption_key_source_vault_id The URl of the key vault. This can be found as Vault_uri on the azurerm_key_vault resource. string "" no
managed_disk_encryption_settings_enabled Boolean flag which describes whether the encryption is enabled on the managed disk or not. Changing this forces a new resource to be created. bool false no
managed_disk_image_reference_ids IDs of an existing platform/marketplace disk image to copy when create_option is FromImage. CAREFUL: if you create multiple Managed Disks with different create_option, make sure this list matches with the disks having “FromImage” on (meaning this list may have empty values). list(string)
[
““
]
no
managed_disk_key_encryption_key_key_url The URL to the key vault key used as the key encryption key. This can be found as id on the azurerm_key_vault_key resource. string "" no
managed_disk_key_encryption_key_source_valut_id The ID of the source key vault. string "" no
managed_disk_names Specifies the names of the Managed Disks. Changing this forces a new resource to be created. list(string)
[
“vm-manage-disk"
]
no
managed_disk_os_types Specify values when the source of an Import or Copy operation targets a source that contains an operating system. Valid values inside the list are Linux or Windows. CAREFUL: if you create multiple Managed Disks with different create_option, make sure this list matches with the disks having “Copy”/“Import” on (meaning this list may have empty values). list(string)
[
“Windows"
]
no
managed_disk_size_gbs Specifies the sizes of the Managed Disks to create in gigabytes. If create_option is Copy or FromImage, then the value must be equal to or greater than the source's size. list(number)
[
5
]
no
managed_disk_source_resource_ids The IDs of existing Managed Disks to copy create_option is Copy or the recovery points to restore when create_option is Restore. CAREFUL: if you create multiple Managed Disks with different create_option, make sure this list matches with the disks having “Copy”/“Restore” on (meaning this list may have empty values). list(string)
[
““
]
no
managed_disk_source_uris URI to a valid VHD file to be used when create_option is Import. CAREFUL: if you create multiple Managed Disks with different create_option, make sure this list matches with the disks having “Import” on (meaning this list may have empty values). list(string)
[
““
]
no
managed_disk_storage_account_types The types of storage to use for the Managed Disks. Possible values inside the list are Standard_LRS, Premium_LRS, StandardSSD_LRS or UltraSSD_LRS. list(string)
[
“Standard_LRS"
]
no
managed_disk_tags Tags specific to the Managed Disks. map {} no
marketplace_agreement_offers Should Ultra SSD disk be enabled for this Virtual Machine? list [] no
marketplace_agreement_plans Should Ultra SSD disk be enabled for this Virtual Machine? list [] no
marketplace_agreement_publishers Should Ultra SSD disk be enabled for this Virtual Machine? list [] no
max_bid_price The maximum price youre willing to pay for the vitual machine, in US Dollard; which must be greater tha the current spot price. If this bid price falls below the current spot price the virtual machine will be evicted using the evction_policy. Defaults to -1, which means that the virtual machine should not be evicted for the price reason. string "-1" no
network_interface_application_gateway_backend_address_pool_count How many Gateway Backend Address Pools to associate per Network Interface. number 0 no
network_interface_application_gateway_backend_address_pool_ids The IDs of the Application Gateway's Backend Address Pools which each Network Interfaces which should be connected to. Changing this forces a new resource to be created. Beware: network_interface_index value is the index per Virtual Machine. list(object({ network_interface_index = number, application_gateway_backend_address_pool_id = string }))
[
{
“application_gateway_backend_address_pool_id”: “",
“network_interface_index”: 0
}
]
no
network_interface_application_security_group_count How many Network Interfaces security groups to associate per Network Interface. number 0 no
network_interface_application_security_group_ids The IDs of the Application Security Groups which each Network Interfaces which should be connected to. Changing this forces a new resource to be created. Beware: network_interface_index value is the index per Virtual Machine. list(object({ network_interface_index = number, application_security_group_id = string }))
[
{
“application_security_group_id”: “",
“network_interface_index”: 0
}
]
no
network_interface_backend_address_pool_count How many Backend Address Pools to associate per Network Interface. number 0 no
network_interface_backend_address_pool_ids The IDs of the Load Balancer Backend Address Pools which each Network Interfaces which should be connected to. Changing this forces a new resource to be created. Beware: network_interface_index value is the index per Virtual Machine. list(object({ network_interface_index = number, backend_address_pool_id = string }))
[
{
“backend_address_pool_id”: “",
“network_interface_index”: 0
}
]
no
network_interface_count How many Network Interfaces to create per Virtual Machine. number 1 no
network_interface_dns_servers List of DNS servers IP addresses to use for this NIC, overrides the VNet-level server list list(list(string))
[
null
]
no
network_interface_enable_accelerated_networkings Enables Azure Accelerated Networking using SR-IOV. Only certain VM instance sizes are supported. list(bool)
[
false
]
no
network_interface_enable_ip_forwardings Enables IP Forwarding on the NICs. list(bool)
[
false
]
no
network_interface_enabled Whether or not to create a network interface. bool true no
network_interface_exists If defined, will use var.network_interface_external_names to get network interfaces instead of creating a new network interfaces inside this module. bool false no
network_interface_external_names If defined, this network interfaces will be used by other virtual machines instead of creating a new network interfaces inside this module. list
[
““
]
no
network_interface_internal_dns_name_labels Relative DNS names for this NIC used for internal communications between VMs in the same VNet. list(string)
[
““
]
no
network_interface_ip_configuration_names User-defined name of the IPs for the Network Interfaces. Careful: this defines all the IP configurations meaning network_interface_count times vm_count. list(string)
[
““
]
no
network_interface_ip_configuration_primary Boolean flag which describes if ip configuration is primary one or not. Must be true for the first ip_configuration when multiple are specified. Defaults to fasle. list(bool)
[
true
]
no
network_interface_ip_configuration_private_ip_address_allocations Defines how a private IP addresses are assigned. Options are Static or Dynamic. Careful: this defines all the IP configurations meaning network_interface_count times vm_count. list(string)
[
“Dynamic"
]
no
network_interface_ip_configuration_private_ip_address_versions The IP versions to use. Possible values are IPv4 or IPv6. Careful: this defines all the IP configurations meaning network_interface_count times vm_count. list(string)
[
“IPv4"
]
no
network_interface_ip_configuration_private_ip_addresses Static IP Addresses. Careful: this defines all the IP configurations meaning network_interface_count times vm_count. list(string)
[
““
]
no
network_interface_ip_configuration_public_ip_address_ids Reference to a Public IP Address to associate with this NIC. Careful: this defines all the IP configurations meaning network_interface_count times vm_count. list(string)
[
““
]
no
network_interface_ip_configuration_subnet_ids Reference to subnets in which this NICs have been created. Required when private_ip_address_versions is IPv4. Careful: this defines all the IP configurations meaning network_interface_count times vm_count. list(string)
[
““
]
no
network_interface_names The name of the network interface. Changing this forces a new resource to be created. list
[
“net-interface"
]
no
network_interface_nat_rule_association_count How many NAT Rules to associate per Network Interface. number 0 no
network_interface_nat_rule_association_ids The IDs of the Load Balancer NAT Rules which each Network Interfaces which should be connected to. Changing this forces a new resource to be created. Beware: network_interface_index value is the index per Virtual Machine. list(object({ network_interface_index = number, nat_rule_id = string }))
[
{
“nat_rule_id”: “",
“network_interface_index”: 0
}
]
no
network_interface_network_security_group_ids The IDs of the Network Security Groups to associate with the network interfaces. list
[
““
]
no
network_interface_tags Tags specific to the network interface. map {} no
num_suffix_digits How many digits to use for resources names. number 0 no
os_disk_caching Specifies the caching requirements for the OS Disk. Possible values include None, ReadOnly and ReadWrite. string "ReadWrite" no
os_disk_encryption_set_id The ID of the Disk encryption set which should be used to encrypt the OS disk. NOTE: The Disk encryption set must have the READER role assignmnet scoped on the key vault- in addition to an access policy to the key vault. any null no
os_disk_size_gb Specifies the size of the OS Disk in gigabytes. number 30 no
os_disk_storage_account_type The type of storage account which should back the internal OS disk. Possible values are Standard_LRS, StandardSSD_LRS and Premium_LRS. Changing this forces a new resource to be created. string "Standard_LRS" no
osdisk_encryption_enabled Boolean flag which describes whether or not enable the OS disk encryption. bool false no
osdisk_encryption_key_encryption_key_urls The list of IDs of the key valut key resource. This can be obtained from id attribute of key_vault_key resource list(string)
[
““
]
no
osdisk_encryption_keyvault_resource_id The ID of the key vault. The can be obtained from id attribute of the key vault resource. string "" no
osdisk_encryption_keyvault_url The url of the key vault. And it has to be in specific format when deploying example: https://key_vault_name.vault.azure.net string "" no
plan_name Specifies the name of the image from the marketplace. string "" no
plan_product Specifies the product of the image from the marketplace. string "" no
plan_publisher Specifies the publisher of the image. string "" no
priority Specfies the priority of the virtual machine. Posssible values are regular an Spot. Defaults to Regular. Changing this forces a new resourec to be created. string "Regular" no
provision_vm_agent Boolean flag which descibes should the Azure VM agent to provisioned on the virtual machine or not. Defaults to true. Changing this forces a new resource to be created. bool true no
proximity_placement_group_id The ID of the proximity placement group which the virtual machine should be assigned to. Changing this forces a new resource to be created. any null no
resource_group_location Specifies the supported Azure location where the resources exist. Changing this forces a new resource to be created. string "eastus" no
resource_group_name The name of the resource group in which to create the resources in this module. Changing this forces a new resource to be created. string "" no
secret_key_vault_id The ID of the key vault from where all the certificates or secrets are stored. This can be source from id filed from the azurerm_key_vault resource. string "" no
source_image_id The ID of the image which the virtual machine should be created from. Changing this forces a new resource to be created. any null no
source_image_reference_offer Specifies the offer of the image used to create the virtual machine. Changing this forces a new resource to be created. string "WindowsServer" no
source_image_reference_publisher Specifies the publisher of the image used to create the virtual machine. Changing this forces a new resource to be created. string "MicrosoftWindowsServer" no
source_image_reference_sku Specifies the SKU of the image used to create the virtual machine. Changing this forces a new resource to be created. string "2016-Datacenter" no
source_image_reference_version Specifies the version of the image used to create the virtual machine. Changing this forces a new resource to be created. string "latest" no
tags Tags shared by all resources of this module. Will be merged with any other specific tags by resource map {} no
vm_count How many Virtual Machines to create. number 1 no
vm_extension_auto_upgarde_minor_version Boolean flag list which describes if the platform deploys the latest minor version update to the type_handler_version specified. list
[
false
]
no
vm_extension_count How many extensions have to be configured to EACH virtual machine. number 1 no
vm_extension_names The list of names of virtual machine extension peering. Changing this forces a new resource to be created. list(string)
[
““
]
no
vm_extension_protected_settings The list of protected settings passed to the extension, like settings, these are specified as a JSON object in a string. list(string)
[
““
]
no
vm_extension_publishers The List of publisher of the extensions, available publisher can be found by using the Azure CLI via: az vm extension image list --location westus -o table. list(string)
[
““
]
no
vm_extension_settings List of settings passed to the extension, these are specified as a JSON object in a string. Please Note: Certain VM Extensions require that the keys in the settings block are case sensitive. If you're seeing unhelpful errors, please ensure the keys are consistent with how Azure is expecting them (for instance, for the JsonADDomainExtension extension, the keys are expected to be in TitleCase.). list(string)
[
““
]
no
vm_extension_tags Tags which will be associated to the virtual machine extensions. map {} no
vm_extension_type_handler_versions Specifies the list of version of the extensions to use, available versions can be found using Azure CLI. list(string)
[
““
]
no
vm_extension_types List which specifies the type of extension, available types for a publisher can be found using Azure CLI. NOTE: The Publisher and Type of virtual machine extension can be found using the Azure CLI, via: shell $ az vm extension image list --location westus -o table. list(string)
[
““
]
no
vm_extensions_enabled Booelan flag which describes whether or not to enable the virtual machine extensions. bool false no
vm_names Specifies the names of the Virtual Machine. Changing this forces a new resource to be created. list(string)
[
“vm"
]
no
vm_size Specifies the size of the Virtual Machines. https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes?toc=%2Fazure%2Fvirtual-machines%2Fwindows%2Ftoc.json. string "Standard_B2ms" no
vm_tags Tags specific to the Virtual Machines. map {} no
vm_type The type of Virtual Machine. Can be either “Linux” or “Windows”. string "Windows" no
windows_certificate_store The certificate store on the windows virtual machine where the certificate should be added. string "" no
windows_enable_automatic_updates Specifies if the automatic updates are enabled for the windows virtual machine. Changing this forces a new resource to be created. bool false no
windows_license_type Specifies the type of on-premise license (also know as Azure Hybrid Use Benefits) which should be used for the virtual machine. Possible values are None, Windows_client and Windows_Server. Changing this forces a new resource to be created. string "" no
windows_timezone Specifies the timezone which should be used by the virtual machine. The possible values are defined over here: https://jackstromberg.com/2017/01/list-of-time-zones-consumed-by-azure/ string "UTC" no
windows_vm_enabled Whether or not create windows virtual machine. bool false no
winrm_listener_certificate_url The ID of the Key Vault Secret which contains the encrypted Certificate which should be installed on the Virtual Machine. This certificate must also be specified in the vault_certificates block within the os_profile_secrets block. string "" no
winrm_listener_protocol Specifies the protocol of listener. Possible values are Http or Https. string "Http" no
zone The zone in which the virtual machine should be created. Changing this forces a new resource to be created. number null no
zone_enabled Boolean flag which describes whether or not enable the zone. Changing this will force a new resource to be created. bool false no

Outputs

Name Description
availability_set_id n/a
identities n/a
ids n/a
managed_disk_ids n/a
marketplace_agreement_ids n/a
network_interface_ids n/a
network_interface_private_ip_addresses n/a