From dbbada0dd6b35c888eb656b5579327054ede905e Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 1 Sep 2023 14:49:18 +0200 Subject: [PATCH 01/72] Added first code. --- README.md | 228 +++++++++++++++++++++++++++++++++-- data_disk.tf | 33 +++++ extension_azuremonitor.tf | 22 ++++ extension_dependencyagent.tf | 8 ++ locals.tf | 16 ++- main.tf | 96 +++++++++++++++ output.tf | 8 ++ terraform .tf | 8 ++ variables.tf | 190 +++++++++++++++++++++++++++++ 9 files changed, 600 insertions(+), 9 deletions(-) create mode 100644 data_disk.tf create mode 100644 extension_azuremonitor.tf create mode 100644 extension_dependencyagent.tf create mode 100644 output.tf create mode 100644 terraform .tf diff --git a/README.md b/README.md index 17bd684..b28000d 100644 --- a/README.md +++ b/README.md @@ -4,18 +4,180 @@ ---- -This is a template module. It just showcases how a module should look. This would be a short description of the module. +This module will create a linux virtual machine, a network interface and associates the network interface to the target subnet. Optionally one or more data disks and a public ip can be created. ## Usage -It's very easy to use! +This module provisions a linux virtual machine. Refer to the examples on how this could be done. It is a fast and easy to use deployment of a virtual machine! +#### Examples +###### Basic ```hcl provider "azurerm" { - features { + features {} +} + +module "virtual_machine" { + source = "../.." + virtual_machine_config = { + hostname = "CUSTAPP001" + location = local.location + admin_username = "local_admin" + size = "Standard_D2_v5" + } + + admin_password = "H3ll0W0rld!" + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this +} + +resource "azurerm_resource_group" "this" { + name = local.resource_group_name + location = local.location +} + +resource "azurerm_virtual_network" "this" { + name = local.virtual_network_name + address_space = [ "10.0.0.0/24" ] + location = azurerm_resource_group.this.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_subnet" "this" { + name = local.subnet_name + resource_group_name = azurerm_resource_group.this.name + virtual_network_name = azurerm_virtual_network.this.name + address_prefixes = [ "10.0.0.0/24" ] +} +``` +###### Advanced +```hcl +provider "azurerm" { + features {} +} + +module "virtual_machine" { + source = "../.." + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + public_ip_config = { + enabled = true + allocation_method = "Static" + } + nic_config = { + private_ip = "10.0.0.16" + dns_servers = [ "10.0.0.10", "10.0.0.11" ] + + # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg or create with resource azurerm_network_security_group. + # 2.- Insert the name of NSG and the NSG RG + nsg_name = local.nsg_name # Examp. nsg_name = "nsg-prd-example-01" + nsg_rg_name = azurerm_network_security_group.this.resource_group_name + } + virtual_machine_config = { + hostname = "CUSTAPP001" + location = azurerm_resource_group.rg.location + admin_username = "local_admin" + size = "Standard_D2_v5" + os_sku = "gen2" + os_offer = "sles-15-sp4" + os_version = "2023.02.05" + os_publisher = "SUSE" + zone = "" # Could be the default value "", or "1", or "2" or "3" + availability_set_id = azurerm_availability_set.this.id + os_disk_name = "OsDisk_01" + os_disk_caching = "ReadWrite" + os_disk_storage_type = "StandardSSD_LRS" + os_disk_size_gb = 128 + tags = { + "Environment" = "prd" + } + write_accelerator_enabled = false + } + admin_password = "" # If empty, not use admin password. + public_key = file("id_rsa.pub") # If empty, not use rsa. + vm_name_as_disk_prefix = true # true or false. Insert vm-- as prefix disk name. + disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- + data_disks = { + shared-01 = { # Examp. Name result, could be: vm-CUSTAPP001-datadisk-shared-01., or vm-CUSTAPP001-shared-01, or datadisk-shared-01, or shared-01 + lun = 1 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "StandardSSD_LRS" + write_accelerator_enabled = false + } + sap-01 = { + lun = 2 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "Premium_LRS" + write_accelerator_enabled = false + } + } + + log_analytics_agent = azurerm_log_analytics_workspace.this + + name_overrides = { + nic = local.nic + nic_ip_config = local.nic_ip_config + public_ip = local.public_ip + virtual_machine = local.virtual_machine + } +} + +resource "azurerm_resource_group" "this" { + name = local.resource_group_name + location = local.location +} + +resource "azurerm_virtual_network" "this" { + name = local.virtual_network_name + address_space = [ "10.0.0.0/24" ] + location = azurerm_resource_group.this.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_subnet" "this" { + name = local.subnet_name + resource_group_name = azurerm_resource_group.this.name + virtual_network_name = azurerm_virtual_network.this.name + address_prefixes = [ "10.0.0.0/24" ] +} + +resource "azurerm_availability_set" "this" { + name = local.availability_set_name + location = local.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_network_security_group" "this" { + name = local.nsg_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + security_rule { + name = "example" + priority = 100 + direction = "Outbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "*" + source_address_prefix = "*" + destination_address_prefix = "*" } } + +resource "azurerm_log_analytics_workspace" "this" { + name = local.law_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + sku = "PerGB2018" + retention_in_days = 30 +} ``` ## Requirements @@ -26,22 +188,74 @@ provider "azurerm" { ## Inputs -No inputs. +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | n/a | yes / or public_key | +| [public\_key](#input\_public\_key) | Public SSH key of the local administrator. | `string` | n/a | yes / or admin_password | +| [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | +| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object ({
    id = string
    address_prefixes = list(string)
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  os_sku: (Required) The os that will be running on the vm. Default: gen2. 
      os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: sles-15-sp4. 
  os_publisher: (Required) Specifies the publisher of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: SUSE.
  os_version: Optionally specify an os version for the chosen sku. Defaults: 2023.02.05.
  location: The location of the virtual machine.
  availability_set_id: Optionally specify an availibilty set for the vm.
  zone: Optionally specify an availibility zone for the vm.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
admin_ssh_key: 
    The local admin name could be changed by the gpo in the target ad.
  os_disk_name: (Optional) The name which should be used for the Internal OS Disk. Changing this forces a new resource to be created. Default: OsDisk_01.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  tags: Optionally specify tags in as a map.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
| 
object({
      hostname = string
      size = string 
      location = string
      os_sku = optional(string, "gen2")
      os_version                = optional(string, "2023.02.05") 
      os_offer                  = optional(string, "sles-15-sp4") 
      os_publisher              = optional(string, "SUSE") 
      availability_set_id = optional(string)
      zone = optional(string)
      admin_username = optional(string, "loc_sysadmin") 
      os_disk_name              = optional(string, "OsDisk_01") 
      os_disk_caching = optional(string, "ReadWrite")
      os_disk_storage_type = optional(string, "StandardSSD_LRS")
      os_disk_size_gb = optional(number)
      tags = optional(map(string)) 
      write_accelerator_enabled = optional(bool, false) 
  })
| n/a | yes | +| [vm\_name\_as\_disk\_prefix](#input\_vm\_name\_as\_disk\_prefix) | Optional. Prefix name of VM for additional disks. Insert vm-- as prefix disk name | `bool` | false | no | +| [disk\_prefix](#input\_disk\_prefix) | Optional. Prefix name for additional disks. | `string` | n/a | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: (Optional) The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs. 
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to ReadWrite.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
 }
| 
map(object({
    lun                       = number
    disk_size_gb              = number
    tier                      = optional(string)
    storage_account_type      = optional(string, "StandardSSD_LRS")
    caching                   = optional(string, "ReadWrite")
    create_option             = optional(string, "Empty")
    write_accelerator_enabled = optional(bool, false)
 }))
| `{}` | no | +| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id = string
    primary_shared_key = string 
  })
| `null` | no | +| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic = optional(string)
      nic_ip_config = optional(string)
      public_ip = optional(string)
      virtual_machine = optional(string)
  })
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_name: Optinally specify the name of a network security group that will be assigned to the nic.
  nsg_rg_name: Optinally specify the resource group name of a network security group that will be assigned to the nic.
| 
object({
      private_ip = optional(string)
      dns_servers = optional(list(string))
      nsg_name    = optional(string)
      nsg_rg_name = optional(string)
      })
| `{}` | no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | ## Outputs -No outputs. +| Name | Description | +|------|-------------| +| [virtual\_machine](#output\_virtual\_machine) | n/a | + ## Resource types -No resources. +| Type | Used | +|------|-------| +| [azurerm_managed_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/managed_disk) | 1 | +| [azurerm_network_interface](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | 1 | +| [azurerm_network_interface_security_group_association](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) | 1 | +| [azurerm_public_ip](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | 1 | +| [azurerm_virtual_machine_data_disk_attachment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_data_disk_attachment) | 1 | +| [azurerm_virtual_machine_extension](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | 2 | +| [azurerm_linux_virtual_machine](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | 1 | +**`Used` only includes resource blocks.** `for_each` and `count` meta arguments, as well as resource blocks of modules are not considered. ## Modules No modules. + ## Resources by Files -No resources. +### data_disk.tf + +| Name | Type | +|------|------| +| [azurerm_managed_disk.data_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/managed_disk) | resource | +| [azurerm_virtual_machine_data_disk_attachment.data_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_data_disk_attachment) | resource | + +### extension_azuremonitor.tf + +| Name | Type | +|------|------| +| [azurerm_virtual_machine_extension.microsoftmonitoringagent](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource | + +### extension_dependencyagent.tf + +| Name | Type | +|------|------| +| [azurerm_virtual_machine_extension.dependencyagentlinux](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource | + +### main.tf +| Name | Type | +|------|------| +| [azurerm_network_interface.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | resource | +| [azurerm_network_interface_security_group_association.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) | resource | +| [azurerm_public_ip.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource | +| [azurerm_linux_virtual_machine.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | resource | ## Contribute diff --git a/data_disk.tf b/data_disk.tf new file mode 100644 index 0000000..857466e --- /dev/null +++ b/data_disk.tf @@ -0,0 +1,33 @@ +locals { + disk_prefix = var.vm_name_as_disk_prefix ? (length(var.disk_prefix) > 0 ? "${local.virtual_machine.name}-${var.disk_prefix}" : local.virtual_machine.name) : (length(var.disk_prefix) > 0 ? "${var.disk_prefix}" : "") +} +resource "azurerm_managed_disk" "data_disk" { + for_each = var.data_disks + name = length(local.disk_prefix) > 0 ? "${local.disk_prefix}-${each.key}" : each.key + location = var.virtual_machine_config.location + resource_group_name = var.resource_group_name + tier = each.value["storage_account_type"] == "Premium_LRS" || each.value["storage_account_type"] == "Premium_ZRS" ? each.value["tier"] : "" + storage_account_type = each.value["storage_account_type"] + create_option = each.value["create_option"] + disk_size_gb = each.value["disk_size_gb"] + zone = length(var.virtual_machine_config.zone) > 0 ? var.virtual_machine_config.zone : null + lifecycle { + prevent_destroy = true + ignore_changes = [ + tags + ] + } +} + +resource "azurerm_virtual_machine_data_disk_attachment" "data_disk" { + for_each = var.data_disks + managed_disk_id = azurerm_managed_disk.data_disk[each.key].id + virtual_machine_id = azurerm_linux_virtual_machine.this.id + lun = each.value["lun"] + caching = each.value["caching"] + write_accelerator_enabled = each.value["write_accelerator_enabled"] + + lifecycle { + prevent_destroy = true + } +} \ No newline at end of file diff --git a/extension_azuremonitor.tf b/extension_azuremonitor.tf new file mode 100644 index 0000000..6587059 --- /dev/null +++ b/extension_azuremonitor.tf @@ -0,0 +1,22 @@ +resource "azurerm_virtual_machine_extension" "microsoftmonitoringagent" { + count = var.log_analytics_agent != null ? 1 : 0 + name = "MicrosoftMonitoringAgent" + virtual_machine_id = azurerm_linux_virtual_machine.this.id + publisher = "Microsoft.EnterpriseCloud.Monitoring" + type = "MicrosoftMonitoringAgent" + type_handler_version = "1.0" + auto_upgrade_minor_version = true + + settings = < 0 && length(var.nic_config.nsg_rg_name) > 0 ? 1 : 0 + name = var.nic_config.nsg_name + resource_group_name = var.nic_config.nsg_rg_name +} + +resource "azurerm_public_ip" "this" { + count = var.public_ip_config.enabled ? 1 : 0 + name = local.public_ip.name + resource_group_name = var.resource_group_name + location = var.virtual_machine_config.location + allocation_method = var.public_ip_config.allocation_method + lifecycle { + ignore_changes = [ + tags + ] + } +} + +resource "azurerm_network_interface" "this" { + name = local.nic.name + location = var.virtual_machine_config.location + resource_group_name = var.resource_group_name + dns_servers = var.nic_config.dns_servers + + ip_configuration { + name = local.nic.ip_config_name + subnet_id = var.subnet.id + private_ip_address_allocation = var.nic_config.private_ip == null ? "Dynamic" : "Static" + private_ip_address = var.nic_config.private_ip + public_ip_address_id = var.public_ip_config.enabled ? azurerm_public_ip.this[0].id : null + } + + lifecycle { + ignore_changes = [ + tags + ] + } +} + +resource "azurerm_network_interface_security_group_association" "this" { + count = length(var.nic_config.nsg_name) > 0 ? 1 : 0 + network_interface_id = azurerm_network_interface.this.id + network_security_group_id = data.azurerm_network_security_group.this[0].id +} + +resource "azurerm_linux_virtual_machine" "this" { + name = local.virtual_machine.name + computer_name = var.virtual_machine_config.hostname + location = var.virtual_machine_config.location + resource_group_name = var.resource_group_name + size = var.virtual_machine_config.size + provision_vm_agent = true + admin_username = var.virtual_machine_config.admin_username + admin_password = var.admin_password + + dynamic "admin_ssh_key" { + for_each = length(var.public_key) > 0 ? [1] : [] + content { + username = var.virtual_machine_config.admin_username + public_key = var.public_key + } + } + + network_interface_ids = [ + azurerm_network_interface.this.id, + ] + + os_disk { + name = var.virtual_machine_config.os_disk_name + caching = var.virtual_machine_config.os_disk_caching + disk_size_gb = var.virtual_machine_config.os_disk_size_gb + storage_account_type = var.virtual_machine_config.os_disk_storage_type + write_accelerator_enabled = var.virtual_machine_config.write_accelerator_enabled + } + + source_image_reference { + publisher = var.virtual_machine_config.os_publisher + offer = var.virtual_machine_config.os_offer + sku = var.virtual_machine_config.os_sku + version = var.virtual_machine_config.os_version + } + + availability_set_id = length(var.virtual_machine_config.availability_set_id) > 0 ? var.virtual_machine_config.availability_set_id : null + zone = length(var.virtual_machine_config.zone) > 0 ? var.virtual_machine_config.zone : null + tags = merge(var.virtual_machine_config.tags, {"Severity Group Monthly" = var.severity_group}) + + lifecycle { + prevent_destroy = true + ignore_changes = [ + identity, + tags + ] + } +} \ No newline at end of file diff --git a/output.tf b/output.tf new file mode 100644 index 0000000..4ae6f3d --- /dev/null +++ b/output.tf @@ -0,0 +1,8 @@ +output "virtual_machine" { + value = azurerm_linux_virtual_machine.this +} + +/* output "nic_id" { + value = azurerm_network_interface.interface.id + description = "VM nic id." +} */ \ No newline at end of file diff --git a/terraform .tf b/terraform .tf new file mode 100644 index 0000000..65173e7 --- /dev/null +++ b/terraform .tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = ">= 3.7.0" + } + } +} \ No newline at end of file diff --git a/variables.tf b/variables.tf index e69de29..d0551e0 100644 --- a/variables.tf +++ b/variables.tf @@ -0,0 +1,190 @@ +variable "public_ip_config" { + type = object({ + enabled = bool + allocation_method = optional(string, "Static") + }) + default = { + enabled = false + } + validation { + condition = contains(["Static","Dynamic"], var.public_ip_config.allocation_method) + error_message = "Allocation method must be Static or Dynamic" + } + description = <<-DOC + ``` + enabled: Optionally select true if a public ip should be created. Defaults to false. + allocation_method: The allocation method of the public ip that will be created. Defaults to static. + ``` + DOC +} + +# nsg needs to be an object to use the count object in main.tf. +variable "nic_config" { + type = object({ + private_ip = optional(string) + dns_servers = optional(list(string)) + nsg_name = optional(string) + nsg_rg_name = optional(string) + }) + default = {} + description = <<-DOC + ``` + private_ip: Optioanlly specify a private ip to use. Otherwise it will be allocated dynamically. + dns_servers: Optionally specify a list of dns servers for the nic. + nsg_name: Optinally specify the name of a network security group that will be assigned to the nic. + nsg_rg_name: Optinally specify the RG name of a network security group that will be assigned to the nic. + nsg_id: Optinally specify the id of a network security group that will be assigned to the nic. + ``` + DOC +} + +variable "subnet" { + type = object ({ + id = string + address_prefixes = list(string) + }) + description = "The variable takes the subnet as input and takes the id and the address prefix for further configuration." +} + +variable "virtual_machine_config" { + type = object({ + hostname = string + size = string + location = string + zone = optional(string) + admin_username = optional(string, "loc_sysadmin") + os_sku = optional(string, "gen2") + os_offer = optional(string, "sles-15-sp4") + os_version = optional(string, "2023.02.05") + os_publisher = optional(string, "SUSE") + os_disk_name = optional(string, "OsDisk_01") + os_disk_caching = optional(string, "ReadWrite") + os_disk_size_gb = optional(number, 64) + os_disk_storage_type = optional(string, "StandardSSD_LRS") + availability_set_id = optional(string) + write_accelerator_enabled = optional(bool, false) + tags = optional(map(string)) + }) + validation { + condition = contains(["None", "ReadOnly", "ReadWrite"], var.virtual_machine_config.os_disk_caching) + error_message = "Possible values are None, ReadOnly and ReadWrite" + } + validation { + condition = contains(["Standard_LRS", "StandardSSD_LRS", "Premium_LRS", "StandardSSD_ZRS", "Premium_ZRS"],var.virtual_machine_config.os_disk_storage_type) + error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS" + } + validation { + condition = contains(["", "1", "2", "3"],var.virtual_machine_config.zone) + error_message = "Possible values are empty, 1, 2, 3" + } + description = <<-DOC + ``` + size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes + os_sku: The os that will be running on the vm. + location: The location of the virtual machine. + availability_set_id: Optionally specify an availibilty set for the vm. + zone: Optionally specify an availibility zone for the vm. + os_version: Optionally specify an os version for the chosen sku. Defaults to latest. + admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. + The local admin name could be changed by the gpo in the target ad. + os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite. + os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS. + os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image. + tags: Optionally specify tags in as a map. + write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only + be activated on Premium_LRS disks and caching deactivated. Defaults to false. + ``` + DOC +} + +variable "severity_group" { + type = string + default = "" + description = "The severity group of the virtual machine." +} + +variable "admin_password" { + type = string + sensitive = true + description = "Password of the local administrator." +} + +variable "public_key" { + type = string + default = "" + description = "SSH public key file (e.g. file(id_rsa.pub)" +} + +variable "vm_name_as_disk_prefix" { + type = bool + default = false + description = "Insert vm-- as prefix disk name." +} + +variable "disk_prefix" { + type = string + default = "" + description = "Optional. Prefix name for additional disks." +} + +variable "data_disks" { # change to map of objects + type = map(object({ + lun = number + disk_size_gb = number + tier = optional(string) + caching = optional(string, "ReadWrite") + create_option = optional(string, "Empty") + storage_account_type = optional(string, "StandardSSD_LRS") + write_accelerator_enabled = optional(bool, false) + })) + validation { + condition = length([for v in var.data_disks : v.lun]) == length(distinct([for v in var.data_disks : v.lun])) + error_message = "One or more of the lun parameters in the map are duplicates." + } + default = {} + description = <<-DOC + ``` + = { + lun: Number of the lun. + disk_size_gb: The size of the data disk. + storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS. + caching: Optionally activate disk caching. Defaults to None. + create_option: Optionally change the create option. Defaults to Empty disk. + write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only + be activated on Premium_LRS disks and caching deactivated. Defaults to false. + } + ``` + DOC +} + +variable "resource_group_name" { + type = string + description = "Name of the resource group where the resources will be created." +} + +variable "name_overrides" { + type = object({ + nic = optional(string) + nic_ip_config = optional(string) + public_ip = optional(string) + virtual_machine = optional(string) + }) + description = "Possibility to override names that will be generated according to q.beyond naming convention." + default = {} +} + +variable "log_analytics_agent" { + type = object({ + workspace_id = string + primary_shared_key = string + }) + sensitive = true + default = null + description = <<-DOC + ``` + Installs the log analytics agent(MicrosoftMonitoringAgent). + workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent. + shared_key: The Primary shared key for the Log Analytics Workspace.. + ``` + DOC +} \ No newline at end of file From cdaac9d4b8c538c69d2f6c4006efb2401602b04c Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 1 Sep 2023 19:44:52 +0200 Subject: [PATCH 02/72] Added examples. --- examples/advanced/locals.tf | 14 +++++ examples/advanced/main.tf | 111 ++++++++++++++++++++++++++++++++++++ examples/basic/locals.tf | 6 ++ examples/basic/main.tf | 35 +++++++++++- main.tf | 21 +++---- variables.tf | 10 ++-- 6 files changed, 180 insertions(+), 17 deletions(-) create mode 100644 examples/advanced/locals.tf create mode 100644 examples/advanced/main.tf create mode 100644 examples/basic/locals.tf diff --git a/examples/advanced/locals.tf b/examples/advanced/locals.tf new file mode 100644 index 0000000..d45bf04 --- /dev/null +++ b/examples/advanced/locals.tf @@ -0,0 +1,14 @@ +locals { + location = "West Europe" + resource_group_name = "rg-examples_vm_deploy-02" + virtual_network_name = "vnet-examples_vm_deploy-02" + subnet_name = "snet-examples_vm_deploy-02" + availability_set_name = "as-examples_vm_deploy-02" + nsg_name = "nsg-examples_vm_deploy-02" + law_name = "law-examplesvmdeploy-02" + + nic = "nic-examples_vm_deploy-02" + nic_ip_config = "nic-ip-examples_vm_deploy-02" + public_ip = "pip-examples_vm_deploy-02" + virtual_machine = "vm-examples_vm_deploy-02" +} \ No newline at end of file diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf new file mode 100644 index 0000000..e017ccc --- /dev/null +++ b/examples/advanced/main.tf @@ -0,0 +1,111 @@ +provider "azurerm" { + features {} +} + +module "virtual_machine" { + source = "../.." + public_ip_config = { + enabled = true + allocation_method = "Static" + } + public_key = file("id_rsa.pub") + nic_config = { + private_ip = "10.178.14.71" + dns_servers = [ "10.0.0.10", "10.0.0.11" ] + nsg_name = local.nsg_name + nsg_rg_name = azurerm_network_security_group.this.resource_group_name + } + virtual_machine_config = { + hostname = "CUSTAPP007" + size = "Standard_D2_v5" + location = azurerm_resource_group.this.location + admin_username = "local_admin" + size = "Standard_D2_v5" + os_sku = "gen2" + os_offer = "sles-15-sp4" + os_version = "2023.02.05" + os_publisher = "SUSE" + availability_set_id = azurerm_availability_set.this.id + os_disk_name = "OsDisk_01" + os_disk_caching = "ReadWrite" + os_disk_storage_type = "StandardSSD_LRS" + os_disk_size_gb = 128 + tags = { + "Environment" = "prd" + } + write_accelerator_enabled = false + } + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + data_disks = { + shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 + lun = 1 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "StandardSSD_LRS" + write_accelerator_enabled = false + } + } + + log_analytics_agent = azurerm_log_analytics_workspace.this + + name_overrides = { + nic = local.nic + nic_ip_config = local.nic_ip_config + public_ip = local.public_ip + virtual_machine = local.virtual_machine + } +} + +resource "azurerm_resource_group" "this" { + name = local.resource_group_name + location = local.location +} + +resource "azurerm_virtual_network" "this" { + name = local.virtual_network_name + address_space = [ "10.0.0.0/24" ] + location = azurerm_resource_group.this.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_subnet" "this" { + name = local.subnet_name + resource_group_name = azurerm_resource_group.this.name + virtual_network_name = azurerm_virtual_network.this.name + address_prefixes = [ "10.0.0.0/24" ] +} + +resource "azurerm_availability_set" "this" { + name = local.availability_set_name + location = local.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_network_security_group" "this" { + name = local.nsg_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + + security_rule { + name = "example" + priority = 100 + direction = "Outbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "*" + source_address_prefix = "*" + destination_address_prefix = "*" + } +} + +resource "azurerm_log_analytics_workspace" "this" { + name = local.law_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + sku = "PerGB2018" + retention_in_days = 30 +} \ No newline at end of file diff --git a/examples/basic/locals.tf b/examples/basic/locals.tf new file mode 100644 index 0000000..df7663b --- /dev/null +++ b/examples/basic/locals.tf @@ -0,0 +1,6 @@ +locals { + location = "West Europe" + resource_group_name = "rg-examples_vm_deploy-01" + virtual_network_name = "vnet-examples_vm_deploy-01" + subnet_name = "snet-examples_vm_deploy-01" +} \ No newline at end of file diff --git a/examples/basic/main.tf b/examples/basic/main.tf index f4a573d..05bb1d7 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -1,5 +1,36 @@ provider "azurerm" { - features { + features {} +} - } +module "virtual_machine" { + source = "../.." + virtual_machine_config = { + hostname = "CUSTAPP001" + location = local.location + admin_username = "local_admin" + size = "Standard_D32as_v5" + } + + admin_password = "H3ll0W0rld!" + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this +} + +resource "azurerm_resource_group" "this" { + name = local.resource_group_name + location = local.location +} + +resource "azurerm_virtual_network" "this" { + name = local.virtual_network_name + address_space = [ "10.0.0.0/24" ] + location = azurerm_resource_group.this.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_subnet" "this" { + name = local.subnet_name + resource_group_name = azurerm_resource_group.this.name + virtual_network_name = azurerm_virtual_network.this.name + address_prefixes = [ "10.0.0.0/24" ] } \ No newline at end of file diff --git a/main.tf b/main.tf index c02c118..bad7077 100644 --- a/main.tf +++ b/main.tf @@ -47,14 +47,15 @@ resource "azurerm_network_interface_security_group_association" "this" { } resource "azurerm_linux_virtual_machine" "this" { - name = local.virtual_machine.name - computer_name = var.virtual_machine_config.hostname - location = var.virtual_machine_config.location - resource_group_name = var.resource_group_name - size = var.virtual_machine_config.size - provision_vm_agent = true - admin_username = var.virtual_machine_config.admin_username - admin_password = var.admin_password + name = local.virtual_machine.name + computer_name = var.virtual_machine_config.hostname + location = var.virtual_machine_config.location + resource_group_name = var.resource_group_name + size = var.virtual_machine_config.size + provision_vm_agent = true + admin_username = var.virtual_machine_config.admin_username + admin_password = var.admin_password + disable_password_authentication = length(var.admin_password) > 0 && length(var.public_key) == 0 ? false : true dynamic "admin_ssh_key" { for_each = length(var.public_key) > 0 ? [1] : [] @@ -83,8 +84,8 @@ resource "azurerm_linux_virtual_machine" "this" { version = var.virtual_machine_config.os_version } - availability_set_id = length(var.virtual_machine_config.availability_set_id) > 0 ? var.virtual_machine_config.availability_set_id : null - zone = length(var.virtual_machine_config.zone) > 0 ? var.virtual_machine_config.zone : null + availability_set_id = var.virtual_machine_config.availability_set_id + zone = length(var.virtual_machine_config.zone) > 0 && var.virtual_machine_config.availability_set_id == null ? var.virtual_machine_config.zone : null tags = merge(var.virtual_machine_config.tags, {"Severity Group Monthly" = var.severity_group}) lifecycle { diff --git a/variables.tf b/variables.tf index d0551e0..7404d69 100644 --- a/variables.tf +++ b/variables.tf @@ -23,8 +23,8 @@ variable "nic_config" { type = object({ private_ip = optional(string) dns_servers = optional(list(string)) - nsg_name = optional(string) - nsg_rg_name = optional(string) + nsg_name = optional(string, "") + nsg_rg_name = optional(string, "") }) default = {} description = <<-DOC @@ -51,7 +51,7 @@ variable "virtual_machine_config" { hostname = string size = string location = string - zone = optional(string) + zone = optional(string, "") admin_username = optional(string, "loc_sysadmin") os_sku = optional(string, "gen2") os_offer = optional(string, "sles-15-sp4") @@ -74,8 +74,8 @@ variable "virtual_machine_config" { error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS" } validation { - condition = contains(["", "1", "2", "3"],var.virtual_machine_config.zone) - error_message = "Possible values are empty, 1, 2, 3" + condition = contains(["", "1", "2", "3"], var.virtual_machine_config.zone) + error_message = "Possible values are empty, 1, 2, or 3" } description = <<-DOC ``` From ac629f867190cfe0372e36c4edcff1a355ec1e24 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 1 Sep 2023 19:45:32 +0200 Subject: [PATCH 03/72] Fix variable. --- variables.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/variables.tf b/variables.tf index 7404d69..210d68f 100644 --- a/variables.tf +++ b/variables.tf @@ -107,6 +107,7 @@ variable "admin_password" { type = string sensitive = true description = "Password of the local administrator." + default = "" } variable "public_key" { From 6d38b078f13ecdb7ed5e1ad3c153b3c38cfc91d2 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 1 Sep 2023 19:48:19 +0200 Subject: [PATCH 04/72] Fix private ip. --- examples/advanced/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index e017ccc..bab8b64 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -10,7 +10,7 @@ module "virtual_machine" { } public_key = file("id_rsa.pub") nic_config = { - private_ip = "10.178.14.71" + private_ip = "10.0.0.16" dns_servers = [ "10.0.0.10", "10.0.0.11" ] nsg_name = local.nsg_name nsg_rg_name = azurerm_network_security_group.this.resource_group_name From fca5573c10ec76d8ed2ffa81917bd547b8a56f04 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Tue, 5 Sep 2023 10:13:27 +0200 Subject: [PATCH 05/72] Delete and rename files. --- output.tf | 8 -------- outputs.tf | 8 ++++++++ terraform .tf | 8 -------- terraform.tf | 2 +- 4 files changed, 9 insertions(+), 17 deletions(-) delete mode 100644 output.tf delete mode 100644 terraform .tf diff --git a/output.tf b/output.tf deleted file mode 100644 index 4ae6f3d..0000000 --- a/output.tf +++ /dev/null @@ -1,8 +0,0 @@ -output "virtual_machine" { - value = azurerm_linux_virtual_machine.this -} - -/* output "nic_id" { - value = azurerm_network_interface.interface.id - description = "VM nic id." -} */ \ No newline at end of file diff --git a/outputs.tf b/outputs.tf index e69de29..4ae6f3d 100644 --- a/outputs.tf +++ b/outputs.tf @@ -0,0 +1,8 @@ +output "virtual_machine" { + value = azurerm_linux_virtual_machine.this +} + +/* output "nic_id" { + value = azurerm_network_interface.interface.id + description = "VM nic id." +} */ \ No newline at end of file diff --git a/terraform .tf b/terraform .tf deleted file mode 100644 index 65173e7..0000000 --- a/terraform .tf +++ /dev/null @@ -1,8 +0,0 @@ -terraform { - required_providers { - azurerm = { - source = "hashicorp/azurerm" - version = ">= 3.7.0" - } - } -} \ No newline at end of file diff --git a/terraform.tf b/terraform.tf index 47f36fb..65173e7 100644 --- a/terraform.tf +++ b/terraform.tf @@ -5,4 +5,4 @@ terraform { version = ">= 3.7.0" } } -} +} \ No newline at end of file From c279ff57bb85554055286d20af992bbf8c0cc7f8 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Mon, 11 Sep 2023 14:34:59 +0200 Subject: [PATCH 06/72] Adapt agent extension for Linux and fix availability set if not present. --- extension_azuremonitor.tf | 7 ++++--- extension_dependencyagent.tf | 1 + main.tf | 2 +- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/extension_azuremonitor.tf b/extension_azuremonitor.tf index 6587059..0253856 100644 --- a/extension_azuremonitor.tf +++ b/extension_azuremonitor.tf @@ -3,8 +3,9 @@ resource "azurerm_virtual_machine_extension" "microsoftmonitoringagent" { name = "MicrosoftMonitoringAgent" virtual_machine_id = azurerm_linux_virtual_machine.this.id publisher = "Microsoft.EnterpriseCloud.Monitoring" - type = "MicrosoftMonitoringAgent" - type_handler_version = "1.0" + type = "OmsAgentForLinux" + type_handler_version = "1.16" + automatic_upgrade_enabled = true auto_upgrade_minor_version = true settings = < 0 ? var.virtual_machine_config.availability_set_id : null zone = length(var.virtual_machine_config.zone) > 0 && var.virtual_machine_config.availability_set_id == null ? var.virtual_machine_config.zone : null tags = merge(var.virtual_machine_config.tags, {"Severity Group Monthly" = var.severity_group}) From c7c68b1b360efebad1333bbd3a828493739025e9 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Mon, 11 Sep 2023 15:37:45 +0200 Subject: [PATCH 07/72] Added example adavanced two. --- README.md | 242 +++++++++++++++++++++++++++++++++-- examples/advanced2/locals.tf | 124 ++++++++++++++++++ examples/advanced2/main.tf | 88 +++++++++++++ 3 files changed, 443 insertions(+), 11 deletions(-) create mode 100644 examples/advanced2/locals.tf create mode 100644 examples/advanced2/main.tf diff --git a/README.md b/README.md index b28000d..21a36dd 100644 --- a/README.md +++ b/README.md @@ -159,24 +159,244 @@ resource "azurerm_network_security_group" "this" { resource_group_name = azurerm_resource_group.this.name security_rule { - name = "example" - priority = 100 - direction = "Outbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "*" - source_address_prefix = "*" + name = "example" + priority = 100 + direction = "Outbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "*" + source_address_prefix = "*" destination_address_prefix = "*" } } resource "azurerm_log_analytics_workspace" "this" { - name = local.law_name + name = local.law_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + sku = "PerGB2018" + retention_in_days = 30 +} +``` + +###### Adavanced two + +```hcl +locals { + + location = "West Europe" + resource_group_name = "rg-examples_vm_deploy-02" + virtual_network_name = "vnet-examples_vm_deploy-02" + subnet_name = "snet-examples_vm_deploy-02" + availability_set_name = "as-examples_vm_deploy-02" + nsg_name = "nsg-examples_vm_deploy-02" + law_name = "law-examplesvmdeploy-02" + + ## VM DECLARATION. + + vm_ux_qby = { + PEACFASE033 = { + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + public_ip_config = { + enabled = true + allocation_method = "Dynamic" + } + nic_config = { + private_ip = "10.0.0.16" + dns_servers = ["10.0.0.10", "10.0.0.11"] + + # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg + # 2.- Insert the name of NSG and the NSG RG + nsg_name = "nsg-examples_vm_deploy-02" # nsg_name = "nsg-multiiacvm-dev-demo21-01" + nsg_rg_name = azurerm_network_security_group.this.resource_group_name # nsg_rg_name = azurerm_resource_group.rg.name + } + size = "Standard_E4as_v5" + location = local.location + zone = "" + admin_username = "qbinstall" + admin_password = "" # Write a password if you need. + public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". + os_sku = "gen2" + os_offer = "sles-15-sp4" + os_version = "2023.02.05" + os_publisher = "SUSE" + os_disk_name = "OsDisk_01" + os_disk_caching = "ReadWrite" + os_disk_size_gb = 64 + os_disk_storage_type = "Premium_LRS" + availability_set_id = azurerm_availability_set.this.id + write_accelerator_enabled = false + severity_group = "" + name_overrides = { + nic = "nic-examples_vm_PEACFASE033" + nic_ip_config = "nic-ip-examples_vm_PEACFASE033" + public_ip = "pip-examples_vm_PEACFASE033" + virtual_machine = "vm-PEACFASE033" + } + log_analytics_agent = azurerm_log_analytics_workspace.this + + ## DISK DECLARATION + + vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name + disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- + data_disks = { # 'vm-' is added by the VM module. + shared-01 = { # Examp. With disk prefix: vm-PEACFASE033-datadisk-shared-01., Without: vm-PEACFASE033-shared-01 + lun = 1 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "StandardSSD_LRS" + write_accelerator_enabled = false + } + sap-01 = { + lun = 2 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "Premium_LRS" + write_accelerator_enabled = false + } + } + } + PEACFASE034 = { + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + public_ip_config = { + enabled = false + allocation_method = "Dynamic" + } + nic_config = { + private_ip = "10.0.0.17" + dns_servers = ["10.0.0.10", "10.0.0.11"] + + # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg + # 2.- Insert the name of NSG and the NSG RG + nsg_name = "nsg-examples_vm_deploy-02" # nsg_name = "nsg-multiiacvm-dev-demo21-01" + nsg_rg_name = azurerm_network_security_group.this.resource_group_name # nsg_rg_name = azurerm_resource_group.rg.name + } + size = "Standard_E4as_v5" + location = local.location + zone = "" + admin_username = "qbinstall" + admin_password = "" # Write a password if you need. + public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". + os_sku = "gen2" + os_offer = "sles-15-sp4" + os_version = "2023.02.05" + os_publisher = "SUSE" + os_disk_name = "OsDisk_01" + os_disk_caching = "ReadWrite" + os_disk_size_gb = 64 + os_disk_storage_type = "Premium_LRS" + availability_set_id = azurerm_availability_set.this.id + write_accelerator_enabled = false + severity_group = "" + name_overrides = {} + log_analytics_agent = azurerm_log_analytics_workspace.this + + ## DISK DECLARATION + + vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name + disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- + data_disks = { # 'vm-' is added by the VM module. + } + } + } +} + +### RESOURCES DECLARATION + +provider "azurerm" { + features {} +} + +module "linux_vm_qby" { + source = "../.." + for_each = local.vm_ux_qby + resource_group_name = each.value.resource_group_name + public_ip_config = each.value.public_ip_config + nic_config = each.value.nic_config + subnet = each.value.subnet + virtual_machine_config = { + hostname = each.key + size = each.value.size + location = local.location + zone = each.value.zone + admin_username = each.value.admin_username + os_sku = each.value.os_sku + os_offer = each.value.os_offer + os_version = each.value.os_version + os_publisher = each.value.os_publisher + os_disk_name = each.value.os_disk_name + os_disk_caching = each.value.os_disk_caching + os_disk_size_gb = each.value.os_disk_size_gb + os_disk_storage_type = each.value.os_disk_storage_type + availability_set_id = each.value.availability_set_id + write_accelerator_enabled = each.value.write_accelerator_enabled + } + admin_password = each.value.admin_password + public_key = each.value.public_key + vm_name_as_disk_prefix = each.value.vm_name_as_disk_prefix + disk_prefix = each.value.disk_prefix + data_disks = each.value.data_disks + name_overrides = each.value.name_overrides + severity_group = each.value.severity_group + log_analytics_agent = each.value.log_analytics_agent +} + +resource "azurerm_resource_group" "this" { + name = local.resource_group_name location = local.location +} + +resource "azurerm_virtual_network" "this" { + name = local.virtual_network_name + address_space = [ "10.0.0.0/24" ] + location = azurerm_resource_group.this.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_subnet" "this" { + name = local.subnet_name + resource_group_name = azurerm_resource_group.this.name + virtual_network_name = azurerm_virtual_network.this.name + address_prefixes = [ "10.0.0.0/24" ] +} + +resource "azurerm_availability_set" "this" { + name = local.availability_set_name + location = local.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_network_security_group" "this" { + name = local.nsg_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + + security_rule { + name = "example" + priority = 100 + direction = "Outbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "*" + source_address_prefix = "*" + destination_address_prefix = "*" + } +} + +resource "azurerm_log_analytics_workspace" "this" { + name = local.law_name + location = local.location resource_group_name = azurerm_resource_group.this.name - sku = "PerGB2018" - retention_in_days = 30 + sku = "PerGB2018" + retention_in_days = 30 } ``` diff --git a/examples/advanced2/locals.tf b/examples/advanced2/locals.tf new file mode 100644 index 0000000..692291d --- /dev/null +++ b/examples/advanced2/locals.tf @@ -0,0 +1,124 @@ +locals { + + location = "West Europe" + resource_group_name = "rg-examples_vm_deploy-02" + virtual_network_name = "vnet-examples_vm_deploy-02" + subnet_name = "snet-examples_vm_deploy-02" + availability_set_name = "as-examples_vm_deploy-02" + nsg_name = "nsg-examples_vm_deploy-02" + law_name = "law-examplesvmdeploy-02" + + ## VM DECLARATION. + + vm_ux_qby = { + PEACFASE033 = { + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + public_ip_config = { + enabled = true + allocation_method = "Dynamic" + } + nic_config = { + private_ip = "10.0.0.16" + dns_servers = ["10.0.0.10", "10.0.0.11"] + + # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg + # 2.- Insert the name of NSG and the NSG RG + nsg_name = "nsg-examples_vm_deploy-02" # nsg_name = "nsg-multiiacvm-dev-demo21-01" + nsg_rg_name = azurerm_network_security_group.this.resource_group_name # nsg_rg_name = azurerm_resource_group.rg.name + } + size = "Standard_E4as_v5" + location = local.location + zone = "" + admin_username = "qbinstall" + admin_password = "" # Write a password if you need. + public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". + os_sku = "gen2" + os_offer = "sles-15-sp4" + os_version = "2023.02.05" + os_publisher = "SUSE" + os_disk_name = "OsDisk_01" + os_disk_caching = "ReadWrite" + os_disk_size_gb = 64 + os_disk_storage_type = "Premium_LRS" + availability_set_id = azurerm_availability_set.this.id + write_accelerator_enabled = false + severity_group = "" + name_overrides = { + nic = "nic-examples_vm_PEACFASE033" + nic_ip_config = "nic-ip-examples_vm_PEACFASE033" + public_ip = "pip-examples_vm_PEACFASE033" + virtual_machine = "vm-PEACFASE033" + } + log_analytics_agent = azurerm_log_analytics_workspace.this + + ## DISK DECLARATION + + vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name + disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- + data_disks = { # 'vm-' is added by the VM module. + shared-01 = { # Examp. With disk prefix: vm-PEACFASE033-datadisk-shared-01., Without: vm-PEACFASE033-shared-01 + lun = 1 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "StandardSSD_LRS" + write_accelerator_enabled = false + } + sap-01 = { + lun = 2 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "Premium_LRS" + write_accelerator_enabled = false + } + } + } + PEACFASE034 = { + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + public_ip_config = { + enabled = false + allocation_method = "Dynamic" + } + nic_config = { + private_ip = "10.0.0.17" + dns_servers = ["10.0.0.10", "10.0.0.11"] + + # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg + # 2.- Insert the name of NSG and the NSG RG + nsg_name = "nsg-examples_vm_deploy-02" # nsg_name = "nsg-multiiacvm-dev-demo21-01" + nsg_rg_name = azurerm_network_security_group.this.resource_group_name # nsg_rg_name = azurerm_resource_group.rg.name + } + size = "Standard_E4as_v5" + location = local.location + zone = "" + admin_username = "qbinstall" + admin_password = "" # Write a password if you need. + public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". + os_sku = "gen2" + os_offer = "sles-15-sp4" + os_version = "2023.02.05" + os_publisher = "SUSE" + os_disk_name = "OsDisk_01" + os_disk_caching = "ReadWrite" + os_disk_size_gb = 64 + os_disk_storage_type = "Premium_LRS" + availability_set_id = azurerm_availability_set.this.id + write_accelerator_enabled = false + severity_group = "" + name_overrides = {} + log_analytics_agent = azurerm_log_analytics_workspace.this + + ## DISK DECLARATION + + vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name + disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- + data_disks = { # 'vm-' is added by the VM module. + } + } + } +} \ No newline at end of file diff --git a/examples/advanced2/main.tf b/examples/advanced2/main.tf new file mode 100644 index 0000000..d8288fc --- /dev/null +++ b/examples/advanced2/main.tf @@ -0,0 +1,88 @@ +provider "azurerm" { + features {} +} + +module "linux_vm_qby" { + source = "../.." + for_each = local.vm_ux_qby + resource_group_name = each.value.resource_group_name + public_ip_config = each.value.public_ip_config + nic_config = each.value.nic_config + subnet = each.value.subnet + virtual_machine_config = { + hostname = each.key + size = each.value.size + location = local.location + zone = each.value.zone + admin_username = each.value.admin_username + os_sku = each.value.os_sku + os_offer = each.value.os_offer + os_version = each.value.os_version + os_publisher = each.value.os_publisher + os_disk_name = each.value.os_disk_name + os_disk_caching = each.value.os_disk_caching + os_disk_size_gb = each.value.os_disk_size_gb + os_disk_storage_type = each.value.os_disk_storage_type + availability_set_id = each.value.availability_set_id + write_accelerator_enabled = each.value.write_accelerator_enabled + } + admin_password = each.value.admin_password + public_key = each.value.public_key + vm_name_as_disk_prefix = each.value.vm_name_as_disk_prefix + disk_prefix = each.value.disk_prefix + data_disks = each.value.data_disks + name_overrides = each.value.name_overrides + severity_group = each.value.severity_group + log_analytics_agent = each.value.log_analytics_agent +} + +resource "azurerm_resource_group" "this" { + name = local.resource_group_name + location = local.location +} + +resource "azurerm_virtual_network" "this" { + name = local.virtual_network_name + address_space = [ "10.0.0.0/24" ] + location = azurerm_resource_group.this.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_subnet" "this" { + name = local.subnet_name + resource_group_name = azurerm_resource_group.this.name + virtual_network_name = azurerm_virtual_network.this.name + address_prefixes = [ "10.0.0.0/24" ] +} + +resource "azurerm_availability_set" "this" { + name = local.availability_set_name + location = local.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_network_security_group" "this" { + name = local.nsg_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + + security_rule { + name = "example" + priority = 100 + direction = "Outbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "*" + source_address_prefix = "*" + destination_address_prefix = "*" + } +} + +resource "azurerm_log_analytics_workspace" "this" { + name = local.law_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + sku = "PerGB2018" + retention_in_days = 30 +} \ No newline at end of file From 0a1ba907f9d4f2bfc0d291c4e20abe1da7e5fdf7 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 11 Sep 2023 13:49:04 +0000 Subject: [PATCH 08/72] terraform-docs: automated action --- README.md | 386 +++--------------------------------------------------- 1 file changed, 18 insertions(+), 368 deletions(-) diff --git a/README.md b/README.md index 21a36dd..2e5e229 100644 --- a/README.md +++ b/README.md @@ -9,9 +9,7 @@ This module will create a linux virtual machine, a network interface and associa ## Usage -This module provisions a linux virtual machine. Refer to the examples on how this could be done. It is a fast and easy to use deployment of a virtual machine! -#### Examples -###### Basic +It's very easy to use! ```hcl provider "azurerm" { features {} @@ -23,10 +21,10 @@ module "virtual_machine" { hostname = "CUSTAPP001" location = local.location admin_username = "local_admin" - size = "Standard_D2_v5" + size = "Standard_D32as_v5" } - admin_password = "H3ll0W0rld!" + admin_password = "H3ll0W0rld!" resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this } @@ -50,355 +48,6 @@ resource "azurerm_subnet" "this" { address_prefixes = [ "10.0.0.0/24" ] } ``` -###### Advanced -```hcl -provider "azurerm" { - features {} -} - -module "virtual_machine" { - source = "../.." - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - public_ip_config = { - enabled = true - allocation_method = "Static" - } - nic_config = { - private_ip = "10.0.0.16" - dns_servers = [ "10.0.0.10", "10.0.0.11" ] - - # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg or create with resource azurerm_network_security_group. - # 2.- Insert the name of NSG and the NSG RG - nsg_name = local.nsg_name # Examp. nsg_name = "nsg-prd-example-01" - nsg_rg_name = azurerm_network_security_group.this.resource_group_name - } - virtual_machine_config = { - hostname = "CUSTAPP001" - location = azurerm_resource_group.rg.location - admin_username = "local_admin" - size = "Standard_D2_v5" - os_sku = "gen2" - os_offer = "sles-15-sp4" - os_version = "2023.02.05" - os_publisher = "SUSE" - zone = "" # Could be the default value "", or "1", or "2" or "3" - availability_set_id = azurerm_availability_set.this.id - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 128 - tags = { - "Environment" = "prd" - } - write_accelerator_enabled = false - } - admin_password = "" # If empty, not use admin password. - public_key = file("id_rsa.pub") # If empty, not use rsa. - vm_name_as_disk_prefix = true # true or false. Insert vm-- as prefix disk name. - disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- - data_disks = { - shared-01 = { # Examp. Name result, could be: vm-CUSTAPP001-datadisk-shared-01., or vm-CUSTAPP001-shared-01, or datadisk-shared-01, or shared-01 - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false - } - sap-01 = { - lun = 2 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "Premium_LRS" - write_accelerator_enabled = false - } - } - - log_analytics_agent = azurerm_log_analytics_workspace.this - - name_overrides = { - nic = local.nic - nic_ip_config = local.nic_ip_config - public_ip = local.public_ip - virtual_machine = local.virtual_machine - } -} - -resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location -} - -resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] - location = azurerm_resource_group.this.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_subnet" "this" { - name = local.subnet_name - resource_group_name = azurerm_resource_group.this.name - virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] -} - -resource "azurerm_availability_set" "this" { - name = local.availability_set_name - location = local.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_network_security_group" "this" { - name = local.nsg_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - security_rule { - name = "example" - priority = 100 - direction = "Outbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "*" - source_address_prefix = "*" - destination_address_prefix = "*" - } -} - -resource "azurerm_log_analytics_workspace" "this" { - name = local.law_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - sku = "PerGB2018" - retention_in_days = 30 -} -``` - -###### Adavanced two - -```hcl -locals { - - location = "West Europe" - resource_group_name = "rg-examples_vm_deploy-02" - virtual_network_name = "vnet-examples_vm_deploy-02" - subnet_name = "snet-examples_vm_deploy-02" - availability_set_name = "as-examples_vm_deploy-02" - nsg_name = "nsg-examples_vm_deploy-02" - law_name = "law-examplesvmdeploy-02" - - ## VM DECLARATION. - - vm_ux_qby = { - PEACFASE033 = { - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - public_ip_config = { - enabled = true - allocation_method = "Dynamic" - } - nic_config = { - private_ip = "10.0.0.16" - dns_servers = ["10.0.0.10", "10.0.0.11"] - - # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg - # 2.- Insert the name of NSG and the NSG RG - nsg_name = "nsg-examples_vm_deploy-02" # nsg_name = "nsg-multiiacvm-dev-demo21-01" - nsg_rg_name = azurerm_network_security_group.this.resource_group_name # nsg_rg_name = azurerm_resource_group.rg.name - } - size = "Standard_E4as_v5" - location = local.location - zone = "" - admin_username = "qbinstall" - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - os_sku = "gen2" - os_offer = "sles-15-sp4" - os_version = "2023.02.05" - os_publisher = "SUSE" - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_size_gb = 64 - os_disk_storage_type = "Premium_LRS" - availability_set_id = azurerm_availability_set.this.id - write_accelerator_enabled = false - severity_group = "" - name_overrides = { - nic = "nic-examples_vm_PEACFASE033" - nic_ip_config = "nic-ip-examples_vm_PEACFASE033" - public_ip = "pip-examples_vm_PEACFASE033" - virtual_machine = "vm-PEACFASE033" - } - log_analytics_agent = azurerm_log_analytics_workspace.this - - ## DISK DECLARATION - - vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name - disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- - data_disks = { # 'vm-' is added by the VM module. - shared-01 = { # Examp. With disk prefix: vm-PEACFASE033-datadisk-shared-01., Without: vm-PEACFASE033-shared-01 - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false - } - sap-01 = { - lun = 2 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "Premium_LRS" - write_accelerator_enabled = false - } - } - } - PEACFASE034 = { - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - public_ip_config = { - enabled = false - allocation_method = "Dynamic" - } - nic_config = { - private_ip = "10.0.0.17" - dns_servers = ["10.0.0.10", "10.0.0.11"] - - # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg - # 2.- Insert the name of NSG and the NSG RG - nsg_name = "nsg-examples_vm_deploy-02" # nsg_name = "nsg-multiiacvm-dev-demo21-01" - nsg_rg_name = azurerm_network_security_group.this.resource_group_name # nsg_rg_name = azurerm_resource_group.rg.name - } - size = "Standard_E4as_v5" - location = local.location - zone = "" - admin_username = "qbinstall" - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - os_sku = "gen2" - os_offer = "sles-15-sp4" - os_version = "2023.02.05" - os_publisher = "SUSE" - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_size_gb = 64 - os_disk_storage_type = "Premium_LRS" - availability_set_id = azurerm_availability_set.this.id - write_accelerator_enabled = false - severity_group = "" - name_overrides = {} - log_analytics_agent = azurerm_log_analytics_workspace.this - - ## DISK DECLARATION - - vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name - disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- - data_disks = { # 'vm-' is added by the VM module. - } - } - } -} - -### RESOURCES DECLARATION - -provider "azurerm" { - features {} -} - -module "linux_vm_qby" { - source = "../.." - for_each = local.vm_ux_qby - resource_group_name = each.value.resource_group_name - public_ip_config = each.value.public_ip_config - nic_config = each.value.nic_config - subnet = each.value.subnet - virtual_machine_config = { - hostname = each.key - size = each.value.size - location = local.location - zone = each.value.zone - admin_username = each.value.admin_username - os_sku = each.value.os_sku - os_offer = each.value.os_offer - os_version = each.value.os_version - os_publisher = each.value.os_publisher - os_disk_name = each.value.os_disk_name - os_disk_caching = each.value.os_disk_caching - os_disk_size_gb = each.value.os_disk_size_gb - os_disk_storage_type = each.value.os_disk_storage_type - availability_set_id = each.value.availability_set_id - write_accelerator_enabled = each.value.write_accelerator_enabled - } - admin_password = each.value.admin_password - public_key = each.value.public_key - vm_name_as_disk_prefix = each.value.vm_name_as_disk_prefix - disk_prefix = each.value.disk_prefix - data_disks = each.value.data_disks - name_overrides = each.value.name_overrides - severity_group = each.value.severity_group - log_analytics_agent = each.value.log_analytics_agent -} - -resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location -} - -resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] - location = azurerm_resource_group.this.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_subnet" "this" { - name = local.subnet_name - resource_group_name = azurerm_resource_group.this.name - virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] -} - -resource "azurerm_availability_set" "this" { - name = local.availability_set_name - location = local.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_network_security_group" "this" { - name = local.nsg_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - security_rule { - name = "example" - priority = 100 - direction = "Outbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "*" - source_address_prefix = "*" - destination_address_prefix = "*" - } -} - -resource "azurerm_log_analytics_workspace" "this" { - name = local.law_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - sku = "PerGB2018" - retention_in_days = 30 -} -``` ## Requirements @@ -410,19 +59,19 @@ resource "azurerm_log_analytics_workspace" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | n/a | yes / or public_key | -| [public\_key](#input\_public\_key) | Public SSH key of the local administrator. | `string` | n/a | yes / or admin_password | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | -| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object ({
    id = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  os_sku: (Required) The os that will be running on the vm. Default: gen2. 
      os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: sles-15-sp4. 
  os_publisher: (Required) Specifies the publisher of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: SUSE.
  os_version: Optionally specify an os version for the chosen sku. Defaults: 2023.02.05.
  location: The location of the virtual machine.
  availability_set_id: Optionally specify an availibilty set for the vm.
  zone: Optionally specify an availibility zone for the vm.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
admin_ssh_key: 
    The local admin name could be changed by the gpo in the target ad.
  os_disk_name: (Optional) The name which should be used for the Internal OS Disk. Changing this forces a new resource to be created. Default: OsDisk_01.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  tags: Optionally specify tags in as a map.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
| 
object({
      hostname = string
      size = string 
      location = string
      os_sku = optional(string, "gen2")
      os_version                = optional(string, "2023.02.05") 
      os_offer                  = optional(string, "sles-15-sp4") 
      os_publisher              = optional(string, "SUSE") 
      availability_set_id = optional(string)
      zone = optional(string)
      admin_username = optional(string, "loc_sysadmin") 
      os_disk_name              = optional(string, "OsDisk_01") 
      os_disk_caching = optional(string, "ReadWrite")
      os_disk_storage_type = optional(string, "StandardSSD_LRS")
      os_disk_size_gb = optional(number)
      tags = optional(map(string)) 
      write_accelerator_enabled = optional(bool, false) 
  })
| n/a | yes | -| [vm\_name\_as\_disk\_prefix](#input\_vm\_name\_as\_disk\_prefix) | Optional. Prefix name of VM for additional disks. Insert vm-- as prefix disk name | `bool` | false | no | -| [disk\_prefix](#input\_disk\_prefix) | Optional. Prefix name for additional disks. | `string` | n/a | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: (Optional) The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs. 
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to ReadWrite.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
 }
| 
map(object({
    lun                       = number
    disk_size_gb              = number
    tier                      = optional(string)
    storage_account_type      = optional(string, "StandardSSD_LRS")
    caching                   = optional(string, "ReadWrite")
    create_option             = optional(string, "Empty")
    write_accelerator_enabled = optional(bool, false)
 }))
| `{}` | no | -| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id = string
    primary_shared_key = string 
  })
| `null` | no | -| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic = optional(string)
      nic_ip_config = optional(string)
      public_ip = optional(string)
      virtual_machine = optional(string)
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_name: Optinally specify the name of a network security group that will be assigned to the nic.
  nsg_rg_name: Optinally specify the resource group name of a network security group that will be assigned to the nic.
| 
object({
      private_ip = optional(string)
      dns_servers = optional(list(string))
      nsg_name    = optional(string)
      nsg_rg_name = optional(string)
      })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object ({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  os_sku: The os that will be running on the vm.
  location: The location of the virtual machine.
  availability_set_id: Optionally specify an availibilty set for the vm.
  zone: Optionally specify an availibility zone for the vm. 
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  tags: Optionally specify tags in as a map.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
| 
object({
      hostname                  = string
      size                      = string
      location                  = string
      zone                      = optional(string, "")
      admin_username            = optional(string, "loc_sysadmin")
      os_sku                    = optional(string, "gen2")
      os_offer                  = optional(string, "sles-15-sp4")
      os_version                = optional(string, "2023.02.05")
      os_publisher              = optional(string, "SUSE")
      os_disk_name              = optional(string, "OsDisk_01")
      os_disk_caching           = optional(string, "ReadWrite")
      os_disk_size_gb           = optional(number, 64)
      os_disk_storage_type      = optional(string, "StandardSSD_LRS")
      availability_set_id       = optional(string)
      write_accelerator_enabled = optional(bool, false)
      tags                      = optional(map(string))
  })
| n/a | yes | +| [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | `""` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
 }
| 
map(object({
    lun                       = number
    disk_size_gb              = number
    tier                      = optional(string)
    caching                   = optional(string, "ReadWrite")
    create_option             = optional(string, "Empty")
    storage_account_type      = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled = optional(bool, false)
 }))
| `{}` | no | +| [disk\_prefix](#input\_disk\_prefix) | Optional. Prefix name for additional disks. | `string` | `""` | no | +| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string 
  })
| `null` | no | +| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic             = optional(string)
      nic_ip_config   = optional(string)
      public_ip       = optional(string)
      virtual_machine = optional(string)
  })
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_name: Optinally specify the name of a network security group that will be assigned to the nic.
  nsg_rg_name: Optinally specify the RG name of a network security group that will be assigned to the nic.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
      private_ip  = optional(string)
      dns_servers = optional(list(string))
      nsg_name    = optional(string, "")
      nsg_rg_name = optional(string, "")
  })
| `{}` | no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled           = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [public\_key](#input\_public\_key) | SSH public key file (e.g. file(id\_rsa.pub) | `string` | `""` | no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | +| [vm\_name\_as\_disk\_prefix](#input\_vm\_name\_as\_disk\_prefix) | Insert vm-- as prefix disk name. | `bool` | `false` | no | ## Outputs | Name | Description | @@ -433,13 +82,13 @@ resource "azurerm_log_analytics_workspace" "this" { | Type | Used | |------|-------| +| [azurerm_linux_virtual_machine](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | 1 | | [azurerm_managed_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/managed_disk) | 1 | | [azurerm_network_interface](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | 1 | | [azurerm_network_interface_security_group_association](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) | 1 | | [azurerm_public_ip](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | 1 | | [azurerm_virtual_machine_data_disk_attachment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_data_disk_attachment) | 1 | | [azurerm_virtual_machine_extension](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | 2 | -| [azurerm_linux_virtual_machine](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | 1 | **`Used` only includes resource blocks.** `for_each` and `count` meta arguments, as well as resource blocks of modules are not considered. @@ -466,16 +115,17 @@ No modules. | Name | Type | |------|------| -| [azurerm_virtual_machine_extension.dependencyagentlinux](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource | +| [azurerm_virtual_machine_extension.DependencyAgentLinux](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource | ### main.tf | Name | Type | |------|------| +| [azurerm_linux_virtual_machine.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | resource | | [azurerm_network_interface.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | resource | | [azurerm_network_interface_security_group_association.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) | resource | | [azurerm_public_ip.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource | -| [azurerm_linux_virtual_machine.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | resource | +| [azurerm_network_security_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/network_security_group) | data source | ## Contribute From 9674e425204fc59903292f9823c7470a17ec226a Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Tue, 12 Sep 2023 09:27:57 +0200 Subject: [PATCH 09/72] Added on_demand_bursting_enabled. --- README.md | 63 +++++++++++++++++++++++++++------------------------- data_disk.tf | 19 ++++++++-------- variables.tf | 15 +++++++------ 3 files changed, 51 insertions(+), 46 deletions(-) diff --git a/README.md b/README.md index 21a36dd..4350611 100644 --- a/README.md +++ b/README.md @@ -99,13 +99,14 @@ module "virtual_machine" { disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- data_disks = { shared-01 = { # Examp. Name result, could be: vm-CUSTAPP001-datadisk-shared-01., or vm-CUSTAPP001-shared-01, or datadisk-shared-01, or shared-01 - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false + lun = 1 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "StandardSSD_LRS" + write_accelerator_enabled = false + on_demand_bursting_enabled = true } sap-01 = { lun = 2 @@ -243,13 +244,14 @@ locals { disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- data_disks = { # 'vm-' is added by the VM module. shared-01 = { # Examp. With disk prefix: vm-PEACFASE033-datadisk-shared-01., Without: vm-PEACFASE033-shared-01 - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false + lun = 1 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "StandardSSD_LRS" + write_accelerator_enabled = false + on_demand_bursting_enabled = true } sap-01 = { lun = 2 @@ -322,21 +324,22 @@ module "linux_vm_qby" { nic_config = each.value.nic_config subnet = each.value.subnet virtual_machine_config = { - hostname = each.key - size = each.value.size - location = local.location - zone = each.value.zone - admin_username = each.value.admin_username - os_sku = each.value.os_sku - os_offer = each.value.os_offer - os_version = each.value.os_version - os_publisher = each.value.os_publisher - os_disk_name = each.value.os_disk_name - os_disk_caching = each.value.os_disk_caching - os_disk_size_gb = each.value.os_disk_size_gb - os_disk_storage_type = each.value.os_disk_storage_type - availability_set_id = each.value.availability_set_id - write_accelerator_enabled = each.value.write_accelerator_enabled + hostname = each.key + size = each.value.size + location = local.location + zone = each.value.zone + admin_username = each.value.admin_username + os_sku = each.value.os_sku + os_offer = each.value.os_offer + os_version = each.value.os_version + os_publisher = each.value.os_publisher + os_disk_name = each.value.os_disk_name + os_disk_caching = each.value.os_disk_caching + os_disk_size_gb = each.value.os_disk_size_gb + os_disk_storage_type = each.value.os_disk_storage_type + availability_set_id = each.value.availability_set_id + write_accelerator_enabled = each.value.write_accelerator_enabled + on_demand_bursting_enabled = length(each.value.on_demand_bursting_enabled) > 0 ? true : false } admin_password = each.value.admin_password public_key = each.value.public_key @@ -417,7 +420,7 @@ resource "azurerm_log_analytics_workspace" "this" { | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  os_sku: (Required) The os that will be running on the vm. Default: gen2. 
      os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: sles-15-sp4. 
  os_publisher: (Required) Specifies the publisher of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: SUSE.
  os_version: Optionally specify an os version for the chosen sku. Defaults: 2023.02.05.
  location: The location of the virtual machine.
  availability_set_id: Optionally specify an availibilty set for the vm.
  zone: Optionally specify an availibility zone for the vm.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
admin_ssh_key: 
    The local admin name could be changed by the gpo in the target ad.
  os_disk_name: (Optional) The name which should be used for the Internal OS Disk. Changing this forces a new resource to be created. Default: OsDisk_01.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  tags: Optionally specify tags in as a map.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
| 
object({
      hostname = string
      size = string 
      location = string
      os_sku = optional(string, "gen2")
      os_version                = optional(string, "2023.02.05") 
      os_offer                  = optional(string, "sles-15-sp4") 
      os_publisher              = optional(string, "SUSE") 
      availability_set_id = optional(string)
      zone = optional(string)
      admin_username = optional(string, "loc_sysadmin") 
      os_disk_name              = optional(string, "OsDisk_01") 
      os_disk_caching = optional(string, "ReadWrite")
      os_disk_storage_type = optional(string, "StandardSSD_LRS")
      os_disk_size_gb = optional(number)
      tags = optional(map(string)) 
      write_accelerator_enabled = optional(bool, false) 
  })
| n/a | yes | | [vm\_name\_as\_disk\_prefix](#input\_vm\_name\_as\_disk\_prefix) | Optional. Prefix name of VM for additional disks. Insert vm-- as prefix disk name | `bool` | false | no | | [disk\_prefix](#input\_disk\_prefix) | Optional. Prefix name for additional disks. | `string` | n/a | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: (Optional) The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs. 
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to ReadWrite.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
 }
| 
map(object({
    lun                       = number
    disk_size_gb              = number
    tier                      = optional(string)
    storage_account_type      = optional(string, "StandardSSD_LRS")
    caching                   = optional(string, "ReadWrite")
    create_option             = optional(string, "Empty")
    write_accelerator_enabled = optional(bool, false)
 }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: (Optional) The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs. 
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to ReadWrite.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    tier                       = optional(string)
    storage_account_type       = optional(string, "StandardSSD_LRS")
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id = string
    primary_shared_key = string 
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic = optional(string)
      nic_ip_config = optional(string)
      public_ip = optional(string)
      virtual_machine = optional(string)
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_name: Optinally specify the name of a network security group that will be assigned to the nic.
  nsg_rg_name: Optinally specify the resource group name of a network security group that will be assigned to the nic.
| 
object({
      private_ip = optional(string)
      dns_servers = optional(list(string))
      nsg_name    = optional(string)
      nsg_rg_name = optional(string)
      })
| `{}` | no | diff --git a/data_disk.tf b/data_disk.tf index 857466e..f3a5411 100644 --- a/data_disk.tf +++ b/data_disk.tf @@ -2,15 +2,16 @@ locals { disk_prefix = var.vm_name_as_disk_prefix ? (length(var.disk_prefix) > 0 ? "${local.virtual_machine.name}-${var.disk_prefix}" : local.virtual_machine.name) : (length(var.disk_prefix) > 0 ? "${var.disk_prefix}" : "") } resource "azurerm_managed_disk" "data_disk" { - for_each = var.data_disks - name = length(local.disk_prefix) > 0 ? "${local.disk_prefix}-${each.key}" : each.key - location = var.virtual_machine_config.location - resource_group_name = var.resource_group_name - tier = each.value["storage_account_type"] == "Premium_LRS" || each.value["storage_account_type"] == "Premium_ZRS" ? each.value["tier"] : "" - storage_account_type = each.value["storage_account_type"] - create_option = each.value["create_option"] - disk_size_gb = each.value["disk_size_gb"] - zone = length(var.virtual_machine_config.zone) > 0 ? var.virtual_machine_config.zone : null + for_each = var.data_disks + name = length(local.disk_prefix) > 0 ? "${local.disk_prefix}-${each.key}" : each.key + location = var.virtual_machine_config.location + resource_group_name = var.resource_group_name + tier = each.value["storage_account_type"] == "Premium_LRS" || each.value["storage_account_type"] == "Premium_ZRS" ? each.value["tier"] : "" + storage_account_type = each.value["storage_account_type"] + create_option = each.value["create_option"] + disk_size_gb = each.value["disk_size_gb"] + zone = length(var.virtual_machine_config.zone) > 0 ? var.virtual_machine_config.zone : null + on_demand_bursting_enabled = each.value["on_demand_bursting_enabled"] lifecycle { prevent_destroy = true ignore_changes = [ diff --git a/variables.tf b/variables.tf index 210d68f..6baae72 100644 --- a/variables.tf +++ b/variables.tf @@ -130,13 +130,14 @@ variable "disk_prefix" { variable "data_disks" { # change to map of objects type = map(object({ - lun = number - disk_size_gb = number - tier = optional(string) - caching = optional(string, "ReadWrite") - create_option = optional(string, "Empty") - storage_account_type = optional(string, "StandardSSD_LRS") - write_accelerator_enabled = optional(bool, false) + lun = number + disk_size_gb = number + tier = optional(string) + caching = optional(string, "ReadWrite") + create_option = optional(string, "Empty") + storage_account_type = optional(string, "StandardSSD_LRS") + write_accelerator_enabled = optional(bool, false) + on_demand_bursting_enabled = optional(bool, false) })) validation { condition = length([for v in var.data_disks : v.lun]) == length(distinct([for v in var.data_disks : v.lun])) From 7d3b2ad8decf7ca7ca71a00ec98e296f5cf10dc7 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Tue, 12 Sep 2023 09:41:27 +0200 Subject: [PATCH 10/72] Fix example and documentation. --- README.md | 14 +++++++------- examples/advanced2/locals.tf | 29 +++++++++++++++-------------- examples/advanced2/main.tf | 31 ++++++++++++++++--------------- 3 files changed, 38 insertions(+), 36 deletions(-) diff --git a/README.md b/README.md index 4350611..b79f83d 100644 --- a/README.md +++ b/README.md @@ -197,7 +197,7 @@ locals { ## VM DECLARATION. vm_ux_qby = { - PEACFASE033 = { + CUSTAPP001 = { resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this public_ip_config = { @@ -231,10 +231,10 @@ locals { write_accelerator_enabled = false severity_group = "" name_overrides = { - nic = "nic-examples_vm_PEACFASE033" - nic_ip_config = "nic-ip-examples_vm_PEACFASE033" - public_ip = "pip-examples_vm_PEACFASE033" - virtual_machine = "vm-PEACFASE033" + nic = "nic-examples_vm_CUSTAPP001" + nic_ip_config = "nic-ip-examples_vm_CUSTAPP001" + public_ip = "pip-examples_vm_CUSTAPP001" + virtual_machine = "vm-CUSTAPP001" } log_analytics_agent = azurerm_log_analytics_workspace.this @@ -243,7 +243,7 @@ locals { vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- data_disks = { # 'vm-' is added by the VM module. - shared-01 = { # Examp. With disk prefix: vm-PEACFASE033-datadisk-shared-01., Without: vm-PEACFASE033-shared-01 + shared-01 = { # Examp. With disk prefix: vm-CUSTAPP001-datadisk-shared-01., Without: vm-CUSTAPP001-shared-01 lun = 1 tier = "P4" caching = "ReadWrite" @@ -264,7 +264,7 @@ locals { } } } - PEACFASE034 = { + CUSTAPP002 = { resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this public_ip_config = { diff --git a/examples/advanced2/locals.tf b/examples/advanced2/locals.tf index 692291d..3efd3a7 100644 --- a/examples/advanced2/locals.tf +++ b/examples/advanced2/locals.tf @@ -11,7 +11,7 @@ locals { ## VM DECLARATION. vm_ux_qby = { - PEACFASE033 = { + CUSTAPP001 = { resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this public_ip_config = { @@ -45,10 +45,10 @@ locals { write_accelerator_enabled = false severity_group = "" name_overrides = { - nic = "nic-examples_vm_PEACFASE033" - nic_ip_config = "nic-ip-examples_vm_PEACFASE033" - public_ip = "pip-examples_vm_PEACFASE033" - virtual_machine = "vm-PEACFASE033" + nic = "nic-examples_vm_CUSTAPP001" + nic_ip_config = "nic-ip-examples_vm_CUSTAPP001" + public_ip = "pip-examples_vm_CUSTAPP001" + virtual_machine = "vm-CUSTAPP001" } log_analytics_agent = azurerm_log_analytics_workspace.this @@ -57,14 +57,15 @@ locals { vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- data_disks = { # 'vm-' is added by the VM module. - shared-01 = { # Examp. With disk prefix: vm-PEACFASE033-datadisk-shared-01., Without: vm-PEACFASE033-shared-01 - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false + shared-01 = { # Examp. With disk prefix: vm-CUSTAPP001-datadisk-shared-01., Without: vm-CUSTAPP001-shared-01 + lun = 1 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "StandardSSD_LRS" + write_accelerator_enabled = false + on_demand_bursting_enabled = true } sap-01 = { lun = 2 @@ -77,7 +78,7 @@ locals { } } } - PEACFASE034 = { + CUSTAPP002 = { resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this public_ip_config = { diff --git a/examples/advanced2/main.tf b/examples/advanced2/main.tf index d8288fc..3f355c7 100644 --- a/examples/advanced2/main.tf +++ b/examples/advanced2/main.tf @@ -10,21 +10,22 @@ module "linux_vm_qby" { nic_config = each.value.nic_config subnet = each.value.subnet virtual_machine_config = { - hostname = each.key - size = each.value.size - location = local.location - zone = each.value.zone - admin_username = each.value.admin_username - os_sku = each.value.os_sku - os_offer = each.value.os_offer - os_version = each.value.os_version - os_publisher = each.value.os_publisher - os_disk_name = each.value.os_disk_name - os_disk_caching = each.value.os_disk_caching - os_disk_size_gb = each.value.os_disk_size_gb - os_disk_storage_type = each.value.os_disk_storage_type - availability_set_id = each.value.availability_set_id - write_accelerator_enabled = each.value.write_accelerator_enabled + hostname = each.key + size = each.value.size + location = local.location + zone = each.value.zone + admin_username = each.value.admin_username + os_sku = each.value.os_sku + os_offer = each.value.os_offer + os_version = each.value.os_version + os_publisher = each.value.os_publisher + os_disk_name = each.value.os_disk_name + os_disk_caching = each.value.os_disk_caching + os_disk_size_gb = each.value.os_disk_size_gb + os_disk_storage_type = each.value.os_disk_storage_type + availability_set_id = each.value.availability_set_id + write_accelerator_enabled = each.value.write_accelerator_enabled + on_demand_bursting_enabled = length(each.value.on_demand_bursting_enabled) > 0 ? true : false } admin_password = each.value.admin_password public_key = each.value.public_key From c05d36859372f6dad12dbd8bf3a0e9c85415e984 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Thu, 14 Sep 2023 12:15:31 +0200 Subject: [PATCH 11/72] Fixed PR suggestion. --- examples/advanced/main.tf | 3 +-- examples/advanced2/locals.tf | 3 +-- extension_azuremonitor.tf | 15 ++------------ locals.tf | 13 ++++++------ main.tf | 19 ++++++----------- outputs.tf | 7 +------ variables.tf | 40 +++++++++++++++++++++--------------- 7 files changed, 42 insertions(+), 58 deletions(-) diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index bab8b64..9aa85c3 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -12,8 +12,7 @@ module "virtual_machine" { nic_config = { private_ip = "10.0.0.16" dns_servers = [ "10.0.0.10", "10.0.0.11" ] - nsg_name = local.nsg_name - nsg_rg_name = azurerm_network_security_group.this.resource_group_name + nsg = azurerm_network_security_group.this } virtual_machine_config = { hostname = "CUSTAPP007" diff --git a/examples/advanced2/locals.tf b/examples/advanced2/locals.tf index 3efd3a7..10cada0 100644 --- a/examples/advanced2/locals.tf +++ b/examples/advanced2/locals.tf @@ -24,8 +24,7 @@ locals { # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg # 2.- Insert the name of NSG and the NSG RG - nsg_name = "nsg-examples_vm_deploy-02" # nsg_name = "nsg-multiiacvm-dev-demo21-01" - nsg_rg_name = azurerm_network_security_group.this.resource_group_name # nsg_rg_name = azurerm_resource_group.rg.name + nsg = azurerm_network_security_group.this } size = "Standard_E4as_v5" location = local.location diff --git a/extension_azuremonitor.tf b/extension_azuremonitor.tf index 0253856..f2be712 100644 --- a/extension_azuremonitor.tf +++ b/extension_azuremonitor.tf @@ -7,17 +7,6 @@ resource "azurerm_virtual_machine_extension" "microsoftmonitoringagent" { type_handler_version = "1.16" automatic_upgrade_enabled = true auto_upgrade_minor_version = true - - settings = < 0 && length(var.nic_config.nsg_rg_name) > 0 ? 1 : 0 - name = var.nic_config.nsg_name - resource_group_name = var.nic_config.nsg_rg_name -} - resource "azurerm_public_ip" "this" { count = var.public_ip_config.enabled ? 1 : 0 name = local.public_ip.name @@ -41,9 +34,9 @@ resource "azurerm_network_interface" "this" { } resource "azurerm_network_interface_security_group_association" "this" { - count = length(var.nic_config.nsg_name) > 0 ? 1 : 0 - network_interface_id = azurerm_network_interface.this.id - network_security_group_id = data.azurerm_network_security_group.this[0].id + count = var.nic_config.nsg != null ? 1 : 0 + network_interface_id = azurerm_network_interface.this.id + network_security_group_id = var.nic_config.nsg.id } resource "azurerm_linux_virtual_machine" "this" { @@ -84,9 +77,9 @@ resource "azurerm_linux_virtual_machine" "this" { version = var.virtual_machine_config.os_version } - availability_set_id = length(var.virtual_machine_config.availability_set_id) > 0 ? var.virtual_machine_config.availability_set_id : null - zone = length(var.virtual_machine_config.zone) > 0 && var.virtual_machine_config.availability_set_id == null ? var.virtual_machine_config.zone : null - tags = merge(var.virtual_machine_config.tags, {"Severity Group Monthly" = var.severity_group}) + availability_set_id = var.virtual_machine_config.availability_set_id + zone = var.virtual_machine_config.zone + tags = local.virtual_machine.tags lifecycle { prevent_destroy = true diff --git a/outputs.tf b/outputs.tf index 4ae6f3d..8b69579 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,8 +1,3 @@ output "virtual_machine" { value = azurerm_linux_virtual_machine.this -} - -/* output "nic_id" { - value = azurerm_network_interface.interface.id - description = "VM nic id." -} */ \ No newline at end of file +} \ No newline at end of file diff --git a/variables.tf b/variables.tf index 6baae72..5f14915 100644 --- a/variables.tf +++ b/variables.tf @@ -21,19 +21,18 @@ variable "public_ip_config" { # nsg needs to be an object to use the count object in main.tf. variable "nic_config" { type = object({ - private_ip = optional(string) - dns_servers = optional(list(string)) - nsg_name = optional(string, "") - nsg_rg_name = optional(string, "") + private_ip = optional(string) + dns_servers = optional(list(string)) + nsg = optional(object({ + id = string + })) }) - default = {} + default = {} description = <<-DOC ``` private_ip: Optioanlly specify a private ip to use. Otherwise it will be allocated dynamically. dns_servers: Optionally specify a list of dns servers for the nic. - nsg_name: Optinally specify the name of a network security group that will be assigned to the nic. - nsg_rg_name: Optinally specify the RG name of a network security group that will be assigned to the nic. - nsg_id: Optinally specify the id of a network security group that will be assigned to the nic. + nsg_id: Optinally specify the id of a network security group that will be assigned to the nic. ``` DOC } @@ -51,7 +50,6 @@ variable "virtual_machine_config" { hostname = string size = string location = string - zone = optional(string, "") admin_username = optional(string, "loc_sysadmin") os_sku = optional(string, "gen2") os_offer = optional(string, "sles-15-sp4") @@ -61,6 +59,7 @@ variable "virtual_machine_config" { os_disk_caching = optional(string, "ReadWrite") os_disk_size_gb = optional(number, 64) os_disk_storage_type = optional(string, "StandardSSD_LRS") + zone = optional(string, "") availability_set_id = optional(string) write_accelerator_enabled = optional(bool, false) tags = optional(map(string)) @@ -75,24 +74,27 @@ variable "virtual_machine_config" { } validation { condition = contains(["", "1", "2", "3"], var.virtual_machine_config.zone) - error_message = "Possible values are empty, 1, 2, or 3" + error_message = "Possible values are null, 1, 2, or 3 per zone" } description = <<-DOC ``` size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes - os_sku: The os that will be running on the vm. location: The location of the virtual machine. - availability_set_id: Optionally specify an availibilty set for the vm. - zone: Optionally specify an availibility zone for the vm. - os_version: Optionally specify an os version for the chosen sku. Defaults to latest. admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. The local admin name could be changed by the gpo in the target ad. + os_sku: The os that will be running on the vm. + os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created. + os_version: Optionally specify an os version for the chosen sku. Defaults to latest. + os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created. + os_disk_name: The name which should be used for the Internal OS Disk. Changing this forces a new resource to be created os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite. - os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS. os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image. - tags: Optionally specify tags in as a map. + os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS. + zone: Optionally specify an availibility zone for the vm. + availability_set_id: Optionally specify an availibilty set for the vm. write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false. + tags: Optionally specify tags in as a map. ``` DOC } @@ -103,6 +105,12 @@ variable "severity_group" { description = "The severity group of the virtual machine." } +variable "update_allowed" { + type = bool + default = true + description = "Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`." +} + variable "admin_password" { type = string sensitive = true From 5de7f4668a20a355d53856e102f9b65c84564295 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Tue, 17 Oct 2023 14:36:13 +0200 Subject: [PATCH 12/72] Deleted ignore change tags in vm resource. --- main.tf | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/main.tf b/main.tf index 0193c6e..6937348 100644 --- a/main.tf +++ b/main.tf @@ -84,8 +84,7 @@ resource "azurerm_linux_virtual_machine" "this" { lifecycle { prevent_destroy = true ignore_changes = [ - identity, - tags + identity ] } } \ No newline at end of file From 2fd95331330135de3bcc9656e519c3333614fcbb Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Tue, 5 Dec 2023 19:13:40 +0100 Subject: [PATCH 13/72] Added proximity placement group, wirte acceleration, on demand bursting. --- README.md | 322 +++++++++++++++++++++-------------- data_disk.tf | 4 +- examples/advanced/locals.tf | 23 +-- examples/advanced/main.tf | 37 ++-- examples/advanced2/locals.tf | 160 +++++++++-------- examples/advanced2/main.tf | 115 +++++++++---- extension_azuremonitor.tf | 4 +- extension_dependencyagent.tf | 1 + main.tf | 14 +- variables.tf | 60 ++++--- 10 files changed, 444 insertions(+), 296 deletions(-) diff --git a/README.md b/README.md index b79f83d..020ce12 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ ---- -This module will create a linux virtual machine, a network interface and associates the network interface to the target subnet. Optionally one or more data disks and a public ip can be created. +This module will create a linux virtual machine, a network interface and associates the network interface to the target subnet. Optionally one or more data disks and a public ip can be created and additional network interfaces. ## Usage @@ -52,69 +52,69 @@ resource "azurerm_subnet" "this" { ``` ###### Advanced ```hcl +locals { + location = "West Europe" + resource_group_name = "rg-examples_vm_deploy-02" + virtual_network_name = "vnet-examples_vm_deploy-02" + subnet_name = "snet-examples_vm_deploy-02" + availability_set_name = "as-examples_vm_deploy-02" + proximity_placement_group_name = "ppg-examples_vm_deploy-02" + nsg_name = "nsg-examples_vm_deploy-02" + law_name = "law-examplesvmdeploy-02" + + nic = "nic-examples_vm_deploy-02" + nic_ip_config = "nic-ip-examples_vm_deploy-02" + public_ip = "pip-examples_vm_deploy-02" + virtual_machine = "vm-examples_vm_deploy-02" +} + provider "azurerm" { features {} } module "virtual_machine" { source = "../.." - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this public_ip_config = { - enabled = true - allocation_method = "Static" + enabled = true + allocation_method = "Static" } + public_key = file("id_rsa.pub") nic_config = { private_ip = "10.0.0.16" dns_servers = [ "10.0.0.10", "10.0.0.11" ] - - # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg or create with resource azurerm_network_security_group. - # 2.- Insert the name of NSG and the NSG RG - nsg_name = local.nsg_name # Examp. nsg_name = "nsg-prd-example-01" - nsg_rg_name = azurerm_network_security_group.this.resource_group_name + nsg = azurerm_network_security_group.this } - virtual_machine_config = { - hostname = "CUSTAPP001" - location = azurerm_resource_group.rg.location - admin_username = "local_admin" - size = "Standard_D2_v5" - os_sku = "gen2" - os_offer = "sles-15-sp4" - os_version = "2023.02.05" - os_publisher = "SUSE" - zone = "" # Could be the default value "", or "1", or "2" or "3" - availability_set_id = azurerm_availability_set.this.id - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 128 + virtual_machine_config = { + hostname = "CUSTAPP007" + size = "Standard_D2_v5" + location = azurerm_resource_group.this.location + admin_username = "local_admin" + size = "Standard_D2_v5" + os_sku = "gen2" + os_offer = "sles-15-sp5" + os_version = "2023.09.21" + os_publisher = "SUSE" + availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. + proximity_placement_group_id = azurerm_proximity_placement_group.this.id + os_disk_name = "OsDisk_01" + os_disk_caching = "ReadWrite" + os_disk_storage_type = "StandardSSD_LRS" + os_disk_size_gb = 128 tags = { "Environment" = "prd" } write_accelerator_enabled = false } - admin_password = "" # If empty, not use admin password. - public_key = file("id_rsa.pub") # If empty, not use rsa. - vm_name_as_disk_prefix = true # true or false. Insert vm-- as prefix disk name. - disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- - data_disks = { - shared-01 = { # Examp. Name result, could be: vm-CUSTAPP001-datadisk-shared-01., or vm-CUSTAPP001-shared-01, or datadisk-shared-01, or shared-01 - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = true - } - sap-01 = { - lun = 2 + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + data_disks = { + shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 + lun = 1 tier = "P4" caching = "ReadWrite" disk_size_gb = 32 create_option = "Empty" - storage_account_type = "Premium_LRS" + storage_account_type = "StandardSSD_LRS" write_accelerator_enabled = false } } @@ -154,6 +154,12 @@ resource "azurerm_availability_set" "this" { resource_group_name = azurerm_resource_group.this.name } +resource "azurerm_proximity_placement_group" "this" { + name = local.proximity_placement_group_name + location = local.location + resource_group_name = azurerm_resource_group.this.name +} + resource "azurerm_network_security_group" "this" { name = local.nsg_name location = local.location @@ -177,7 +183,7 @@ resource "azurerm_log_analytics_workspace" "this" { location = local.location resource_group_name = azurerm_resource_group.this.name sku = "PerGB2018" - retention_in_days = 30 + retention_in_days = 30 } ``` @@ -185,7 +191,6 @@ resource "azurerm_log_analytics_workspace" "this" { ```hcl locals { - location = "West Europe" resource_group_name = "rg-examples_vm_deploy-02" virtual_network_name = "vnet-examples_vm_deploy-02" @@ -198,46 +203,46 @@ locals { vm_ux_qby = { CUSTAPP001 = { - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] public_ip_config = { - enabled = true + enabled = false allocation_method = "Dynamic" } nic_config = { private_ip = "10.0.0.16" dns_servers = ["10.0.0.10", "10.0.0.11"] - - # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg - # 2.- Insert the name of NSG and the NSG RG - nsg_name = "nsg-examples_vm_deploy-02" # nsg_name = "nsg-multiiacvm-dev-demo21-01" - nsg_rg_name = azurerm_network_security_group.this.resource_group_name # nsg_rg_name = azurerm_resource_group.rg.name +# nsg = azurerm_network_security_group.this } - size = "Standard_E4as_v5" - location = local.location - zone = "" - admin_username = "qbinstall" - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - os_sku = "gen2" - os_offer = "sles-15-sp4" - os_version = "2023.02.05" - os_publisher = "SUSE" - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_size_gb = 64 - os_disk_storage_type = "Premium_LRS" - availability_set_id = azurerm_availability_set.this.id - write_accelerator_enabled = false - severity_group = "" + size = "Standard_B1ms" + location = local.location + zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. + admin_username = "qbinstall" + admin_password = "" # Write a password if you need. + public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". + os_sku = "gen2" + os_offer = "sles-15-sp5" + os_version = "2023.09.21" + os_publisher = "SUSE" + os_disk_name = "OsDisk_01" + os_disk_caching = "ReadWrite" + os_disk_size_gb = 64 + os_disk_storage_type = "Premium_LRS" + availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. + write_accelerator_enabled = false + severity_group = "01-third-tuesday-0200-XCSUFEDTG-reboot" + update_allowed = true name_overrides = { nic = "nic-examples_vm_CUSTAPP001" nic_ip_config = "nic-ip-examples_vm_CUSTAPP001" public_ip = "pip-examples_vm_CUSTAPP001" virtual_machine = "vm-CUSTAPP001" } - log_analytics_agent = azurerm_log_analytics_workspace.this - + log_analytics_agent = azurerm_log_analytics_workspace.this + #log_analytics_agent = null + tags = {} + ## DISK DECLARATION vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name @@ -251,22 +256,24 @@ locals { create_option = "Empty" storage_account_type = "StandardSSD_LRS" write_accelerator_enabled = false - on_demand_bursting_enabled = true + on_demand_bursting_enabled = false } sap-01 = { - lun = 2 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "Premium_LRS" - write_accelerator_enabled = false + lun = 2 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "Premium_LRS" + write_accelerator_enabled = false + on_demand_bursting_enabled = false } } } CUSTAPP002 = { - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + additional_network_interface_ids = [azurerm_network_interface.additional_nic_02.id] public_ip_config = { enabled = false allocation_method = "Dynamic" @@ -274,37 +281,45 @@ locals { nic_config = { private_ip = "10.0.0.17" dns_servers = ["10.0.0.10", "10.0.0.11"] - - # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg - # 2.- Insert the name of NSG and the NSG RG - nsg_name = "nsg-examples_vm_deploy-02" # nsg_name = "nsg-multiiacvm-dev-demo21-01" - nsg_rg_name = azurerm_network_security_group.this.resource_group_name # nsg_rg_name = azurerm_resource_group.rg.name +# nsg = azurerm_network_security_group.this } - size = "Standard_E4as_v5" + size = "Standard_B1ms" location = local.location - zone = "" + zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. admin_username = "qbinstall" admin_password = "" # Write a password if you need. public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". os_sku = "gen2" - os_offer = "sles-15-sp4" - os_version = "2023.02.05" + os_offer = "sles-15-sp5" + os_version = "2023.09.21" os_publisher = "SUSE" os_disk_name = "OsDisk_01" os_disk_caching = "ReadWrite" os_disk_size_gb = 64 os_disk_storage_type = "Premium_LRS" - availability_set_id = azurerm_availability_set.this.id + availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. write_accelerator_enabled = false severity_group = "" - name_overrides = {} + update_allowed = false + name_overrides = {} log_analytics_agent = azurerm_log_analytics_workspace.this - + #log_analytics_agent = null + tags = {} ## DISK DECLARATION vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- data_disks = { # 'vm-' is added by the VM module. + shared-01 = { # Examp. With disk prefix: vm-CUSTAPP001-datadisk-shared-01., Without: vm-CUSTAPP001-shared-01 + lun = 1 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "StandardSSD_LRS" + write_accelerator_enabled = false + on_demand_bursting_enabled = false + } } } } @@ -317,29 +332,30 @@ provider "azurerm" { } module "linux_vm_qby" { - source = "../.." - for_each = local.vm_ux_qby - resource_group_name = each.value.resource_group_name - public_ip_config = each.value.public_ip_config - nic_config = each.value.nic_config - subnet = each.value.subnet + source = "../.." + for_each = local.vm_ux_qby + resource_group_name = each.value.resource_group_name + public_ip_config = each.value.public_ip_config + nic_config = each.value.nic_config + subnet = each.value.subnet + additional_network_interface_ids = each.value.additional_network_interface_ids virtual_machine_config = { - hostname = each.key - size = each.value.size - location = local.location - zone = each.value.zone - admin_username = each.value.admin_username - os_sku = each.value.os_sku - os_offer = each.value.os_offer - os_version = each.value.os_version - os_publisher = each.value.os_publisher - os_disk_name = each.value.os_disk_name - os_disk_caching = each.value.os_disk_caching - os_disk_size_gb = each.value.os_disk_size_gb - os_disk_storage_type = each.value.os_disk_storage_type - availability_set_id = each.value.availability_set_id - write_accelerator_enabled = each.value.write_accelerator_enabled - on_demand_bursting_enabled = length(each.value.on_demand_bursting_enabled) > 0 ? true : false + hostname = each.key + size = each.value.size + location = local.location + zone = each.value.zone + admin_username = each.value.admin_username + os_sku = each.value.os_sku + os_offer = each.value.os_offer + os_version = each.value.os_version + os_publisher = each.value.os_publisher + os_disk_name = each.value.os_disk_name + os_disk_caching = each.value.os_disk_caching + os_disk_size_gb = each.value.os_disk_size_gb + os_disk_storage_type = each.value.os_disk_storage_type + availability_set_id = each.value.availability_set_id + write_accelerator_enabled = each.value.write_accelerator_enabled + tags = each.value.tags } admin_password = each.value.admin_password public_key = each.value.public_key @@ -348,6 +364,7 @@ module "linux_vm_qby" { data_disks = each.value.data_disks name_overrides = each.value.name_overrides severity_group = each.value.severity_group + update_allowed = each.value.update_allowed log_analytics_agent = each.value.log_analytics_agent } @@ -376,7 +393,57 @@ resource "azurerm_availability_set" "this" { resource_group_name = azurerm_resource_group.this.name } -resource "azurerm_network_security_group" "this" { +resource "azurerm_log_analytics_workspace" "this" { + name = local.law_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + sku = "PerGB2018" + retention_in_days = 30 +} + +resource "azurerm_network_interface" "additional_nic_01" { + name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" + location = local.location + resource_group_name = azurerm_resource_group.this.name + dns_servers = [] + + ip_configuration { + name = "ip-nic-01" + subnet_id = azurerm_subnet.this.id + private_ip_address_allocation = "Dynamic" + private_ip_address = null + public_ip_address_id = null + } + + lifecycle { + ignore_changes = [ + tags + ] + } +} + +resource "azurerm_network_interface" "additional_nic_02" { + name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-02" + location = local.location + resource_group_name = azurerm_resource_group.this.name + dns_servers = [] + + ip_configuration { + name = "ip-nic-02" + subnet_id = azurerm_subnet.this.id + private_ip_address_allocation = "Dynamic" + private_ip_address = null + public_ip_address_id = null + } + + lifecycle { + ignore_changes = [ + tags + ] + } +} + +/* resource "azurerm_network_security_group" "this" { name = local.nsg_name location = local.location resource_group_name = azurerm_resource_group.this.name @@ -392,15 +459,7 @@ resource "azurerm_network_security_group" "this" { source_address_prefix = "*" destination_address_prefix = "*" } -} - -resource "azurerm_log_analytics_workspace" "this" { - name = local.law_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - sku = "PerGB2018" - retention_in_days = 30 -} +} */ ``` ## Requirements @@ -417,14 +476,15 @@ resource "azurerm_log_analytics_workspace" "this" { | [public\_key](#input\_public\_key) | Public SSH key of the local administrator. | `string` | n/a | yes / or admin_password | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object ({
    id = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  os_sku: (Required) The os that will be running on the vm. Default: gen2. 
      os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: sles-15-sp4. 
  os_publisher: (Required) Specifies the publisher of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: SUSE.
  os_version: Optionally specify an os version for the chosen sku. Defaults: 2023.02.05.
  location: The location of the virtual machine.
  availability_set_id: Optionally specify an availibilty set for the vm.
  zone: Optionally specify an availibility zone for the vm.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
admin_ssh_key: 
    The local admin name could be changed by the gpo in the target ad.
  os_disk_name: (Optional) The name which should be used for the Internal OS Disk. Changing this forces a new resource to be created. Default: OsDisk_01.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  tags: Optionally specify tags in as a map.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
| 
object({
      hostname = string
      size = string 
      location = string
      os_sku = optional(string, "gen2")
      os_version                = optional(string, "2023.02.05") 
      os_offer                  = optional(string, "sles-15-sp4") 
      os_publisher              = optional(string, "SUSE") 
      availability_set_id = optional(string)
      zone = optional(string)
      admin_username = optional(string, "loc_sysadmin") 
      os_disk_name              = optional(string, "OsDisk_01") 
      os_disk_caching = optional(string, "ReadWrite")
      os_disk_storage_type = optional(string, "StandardSSD_LRS")
      os_disk_size_gb = optional(number)
      tags = optional(map(string)) 
      write_accelerator_enabled = optional(bool, false) 
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  os_sku: (Required) The os that will be running on the vm. Default: gen2. 
      os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: sles-15-sp5. 
  os_publisher: (Required) Specifies the publisher of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: SUSE.
  os_version: Optionally specify an os version for the chosen sku. Defaults: 2023.09.21.
  location: The location of the virtual machine.
  availability_set_id: Optionally specify an availibilty set for the vm. Not compatible with zone.
  zone: Optionally specify an availibility zone for the vm.  Values 1, 2 or 3. Not compatible with availability_set_id enabled.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
  admin_ssh_key: The local admin name could be changed by the gpo in the target ad.
  os_disk_name: (Optional) The name which should be used for the Internal OS Disk. Changing this forces a new resource to be created. Default: OsDisk_01.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
      hostname = string
      size = string 
      location = string
      os_sku = optional(string, "gen2")
      os_version                = optional(string, "2023.09.21") 
      os_offer                  = optional(string, "sles-15-sp5") 
      os_publisher              = optional(string, "SUSE") 
      availability_set_id = optional(string)
      zone = optional(string)
      admin_username = optional(string, "loc_sysadmin") 
      os_disk_name              = optional(string, "OsDisk_01") 
      os_disk_caching = optional(string, "ReadWrite")
      os_disk_storage_type = optional(string, "StandardSSD_LRS")
      os_disk_size_gb = optional(number)
      write_accelerator_enabled = optional(bool, false)
      proximity_placement_group_id = optional(string)
      tags = optional(map(string))
  })
| n/a | yes | | [vm\_name\_as\_disk\_prefix](#input\_vm\_name\_as\_disk\_prefix) | Optional. Prefix name of VM for additional disks. Insert vm-- as prefix disk name | `bool` | false | no | | [disk\_prefix](#input\_disk\_prefix) | Optional. Prefix name for additional disks. | `string` | n/a | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: (Optional) The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs. 
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to ReadWrite.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    tier                       = optional(string)
    storage_account_type       = optional(string, "StandardSSD_LRS")
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | -| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id = string
    primary_shared_key = string 
  })
| `null` | no | -| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic = optional(string)
      nic_ip_config = optional(string)
      public_ip = optional(string)
      virtual_machine = optional(string)
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_name: Optinally specify the name of a network security group that will be assigned to the nic.
  nsg_rg_name: Optinally specify the resource group name of a network security group that will be assigned to the nic.
| 
object({
      private_ip = optional(string)
      dns_servers = optional(list(string))
      nsg_name    = optional(string)
      nsg_rg_name = optional(string)
      })
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: (Optional) The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to ReadWrite.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    tier                       = optional(string)
    zone                       = optional(string)
    storage_account_type       = optional(string, "StandardSSD_LRS")
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | +| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id = string
    primary_shared_key = string 
  })
| `null` | no | +| [name\_overrides](#input\_name\_overrides) | 
Possibility to override names that will be generated according to q.beyond naming convention.
| 
object({
      nic = optional(string)
      nic_ip_config = optional(string)
      public_ip = optional(string)
      virtual_machine = optional(string)
  })
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [additional\_network\_interface](#additional\_network\_interface) | 
List of ids for additional azurerm_network_interface.
| `list(string)` | `[]` | no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | ## Outputs diff --git a/data_disk.tf b/data_disk.tf index f3a5411..c87cab5 100644 --- a/data_disk.tf +++ b/data_disk.tf @@ -6,11 +6,11 @@ resource "azurerm_managed_disk" "data_disk" { name = length(local.disk_prefix) > 0 ? "${local.disk_prefix}-${each.key}" : each.key location = var.virtual_machine_config.location resource_group_name = var.resource_group_name - tier = each.value["storage_account_type"] == "Premium_LRS" || each.value["storage_account_type"] == "Premium_ZRS" ? each.value["tier"] : "" + tier = each.value["storage_account_type"] == "Premium_LRS" || each.value["storage_account_type"] == "Premium_ZRS" ? each.value["tier"] : null + zone = each.value["zone"] storage_account_type = each.value["storage_account_type"] create_option = each.value["create_option"] disk_size_gb = each.value["disk_size_gb"] - zone = length(var.virtual_machine_config.zone) > 0 ? var.virtual_machine_config.zone : null on_demand_bursting_enabled = each.value["on_demand_bursting_enabled"] lifecycle { prevent_destroy = true diff --git a/examples/advanced/locals.tf b/examples/advanced/locals.tf index d45bf04..6242e2a 100644 --- a/examples/advanced/locals.tf +++ b/examples/advanced/locals.tf @@ -1,14 +1,15 @@ locals { - location = "West Europe" - resource_group_name = "rg-examples_vm_deploy-02" - virtual_network_name = "vnet-examples_vm_deploy-02" - subnet_name = "snet-examples_vm_deploy-02" - availability_set_name = "as-examples_vm_deploy-02" - nsg_name = "nsg-examples_vm_deploy-02" - law_name = "law-examplesvmdeploy-02" + location = "West Europe" + resource_group_name = "rg-examples_vm_deploy-02" + virtual_network_name = "vnet-examples_vm_deploy-02" + subnet_name = "snet-examples_vm_deploy-02" + availability_set_name = "as-examples_vm_deploy-02" + proximity_placement_group_name = "ppg-examples_vm_deploy-02" + nsg_name = "nsg-examples_vm_deploy-02" + law_name = "law-examplesvmdeploy-02" - nic = "nic-examples_vm_deploy-02" - nic_ip_config = "nic-ip-examples_vm_deploy-02" - public_ip = "pip-examples_vm_deploy-02" - virtual_machine = "vm-examples_vm_deploy-02" + nic = "nic-examples_vm_deploy-02" + nic_ip_config = "nic-ip-examples_vm_deploy-02" + public_ip = "pip-examples_vm_deploy-02" + virtual_machine = "vm-examples_vm_deploy-02" } \ No newline at end of file diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index 9aa85c3..fd79175 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -12,23 +12,24 @@ module "virtual_machine" { nic_config = { private_ip = "10.0.0.16" dns_servers = [ "10.0.0.10", "10.0.0.11" ] - nsg = azurerm_network_security_group.this + nsg = azurerm_network_security_group.this } virtual_machine_config = { - hostname = "CUSTAPP007" - size = "Standard_D2_v5" - location = azurerm_resource_group.this.location - admin_username = "local_admin" - size = "Standard_D2_v5" - os_sku = "gen2" - os_offer = "sles-15-sp4" - os_version = "2023.02.05" - os_publisher = "SUSE" - availability_set_id = azurerm_availability_set.this.id - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 128 + hostname = "CUSTAPP007" + size = "Standard_D2_v5" + location = azurerm_resource_group.this.location + admin_username = "local_admin" + size = "Standard_D2_v5" + os_sku = "gen2" + os_offer = "sles-15-sp5" + os_version = "2023.09.21" + os_publisher = "SUSE" + availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. + proximity_placement_group_id = azurerm_proximity_placement_group.this.id + os_disk_name = "OsDisk_01" + os_disk_caching = "ReadWrite" + os_disk_storage_type = "StandardSSD_LRS" + os_disk_size_gb = 128 tags = { "Environment" = "prd" } @@ -83,6 +84,12 @@ resource "azurerm_availability_set" "this" { resource_group_name = azurerm_resource_group.this.name } +resource "azurerm_proximity_placement_group" "this" { + name = local.proximity_placement_group_name + location = local.location + resource_group_name = azurerm_resource_group.this.name +} + resource "azurerm_network_security_group" "this" { name = local.nsg_name location = local.location diff --git a/examples/advanced2/locals.tf b/examples/advanced2/locals.tf index 10cada0..b3d43c1 100644 --- a/examples/advanced2/locals.tf +++ b/examples/advanced2/locals.tf @@ -1,58 +1,62 @@ locals { - - location = "West Europe" - resource_group_name = "rg-examples_vm_deploy-02" - virtual_network_name = "vnet-examples_vm_deploy-02" - subnet_name = "snet-examples_vm_deploy-02" - availability_set_name = "as-examples_vm_deploy-02" - nsg_name = "nsg-examples_vm_deploy-02" - law_name = "law-examplesvmdeploy-02" + location = "West Europe" + resource_group_name = "rg-examples_vm_deploy-02" + virtual_network_name = "vnet-examples_vm_deploy-02" + subnet_name = "snet-examples_vm_deploy-02" + availability_set_name = "as-examples_vm_deploy-02" + proximity_placement_group_name = "ppg-examples_vm_deploy-02" + nsg_name = "nsg-examples_vm_deploy-02" + law_name = "law-examplesvmdeploy-02" ## VM DECLARATION. vm_ux_qby = { CUSTAPP001 = { - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] public_ip_config = { - enabled = true + enabled = false allocation_method = "Dynamic" } nic_config = { private_ip = "10.0.0.16" dns_servers = ["10.0.0.10", "10.0.0.11"] - - # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg - # 2.- Insert the name of NSG and the NSG RG - nsg = azurerm_network_security_group.this +# nsg = azurerm_network_security_group.this } - size = "Standard_E4as_v5" - location = local.location - zone = "" - admin_username = "qbinstall" - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - os_sku = "gen2" - os_offer = "sles-15-sp4" - os_version = "2023.02.05" - os_publisher = "SUSE" - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_size_gb = 64 - os_disk_storage_type = "Premium_LRS" - availability_set_id = azurerm_availability_set.this.id - write_accelerator_enabled = false - severity_group = "" + size = "Standard_B1ms" + location = local.location + zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. + admin_username = "qbinstall" + admin_password = "" # Write a password if you need. + public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". + os_sku = "gen2" + os_offer = "sles-15-sp5" + os_version = "2023.09.21" + os_publisher = "SUSE" + os_disk_name = "OsDisk_01" + os_disk_caching = "ReadWrite" + os_disk_size_gb = 64 + os_disk_storage_type = "Premium_LRS" + availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. + proximity_placement_group_id = azurerm_proximity_placement_group.this.id + write_accelerator_enabled = false + severity_group = "01-third-tuesday-0200-XCSUFEDTG-reboot" + update_allowed = true + log_analytics_agent = azurerm_log_analytics_workspace.this + + # Tags + tags = {} + + # Name override name_overrides = { nic = "nic-examples_vm_CUSTAPP001" nic_ip_config = "nic-ip-examples_vm_CUSTAPP001" public_ip = "pip-examples_vm_CUSTAPP001" virtual_machine = "vm-CUSTAPP001" } - log_analytics_agent = azurerm_log_analytics_workspace.this - + ## DISK DECLARATION - vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- data_disks = { # 'vm-' is added by the VM module. @@ -64,22 +68,24 @@ locals { create_option = "Empty" storage_account_type = "StandardSSD_LRS" write_accelerator_enabled = false - on_demand_bursting_enabled = true + on_demand_bursting_enabled = false } sap-01 = { - lun = 2 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "Premium_LRS" - write_accelerator_enabled = false + lun = 2 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "Premium_LRS" + write_accelerator_enabled = false + on_demand_bursting_enabled = false } } } CUSTAPP002 = { - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + additional_network_interface_ids = [azurerm_network_interface.additional_nic_02.id] public_ip_config = { enabled = false allocation_method = "Dynamic" @@ -87,37 +93,49 @@ locals { nic_config = { private_ip = "10.0.0.17" dns_servers = ["10.0.0.10", "10.0.0.11"] - - # 1.- create a NSG with: https://github.com/qbeyond/terraform-azurerm-nsg - # 2.- Insert the name of NSG and the NSG RG - nsg_name = "nsg-examples_vm_deploy-02" # nsg_name = "nsg-multiiacvm-dev-demo21-01" - nsg_rg_name = azurerm_network_security_group.this.resource_group_name # nsg_rg_name = azurerm_resource_group.rg.name +# nsg = azurerm_network_security_group.this } - size = "Standard_E4as_v5" - location = local.location - zone = "" - admin_username = "qbinstall" - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - os_sku = "gen2" - os_offer = "sles-15-sp4" - os_version = "2023.02.05" - os_publisher = "SUSE" - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_size_gb = 64 - os_disk_storage_type = "Premium_LRS" - availability_set_id = azurerm_availability_set.this.id - write_accelerator_enabled = false - severity_group = "" + size = "Standard_B1ms" + location = local.location + zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. + admin_username = "qbinstall" + admin_password = "" # Write a password if you need. + public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". + os_sku = "gen2" + os_offer = "sles-15-sp5" + os_version = "2023.09.21" + os_publisher = "SUSE" + os_disk_name = "OsDisk_01" + os_disk_caching = "ReadWrite" + os_disk_size_gb = 64 + os_disk_storage_type = "Premium_LRS" + availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. + proximity_placement_group_id = azurerm_proximity_placement_group.this.id + write_accelerator_enabled = false + severity_group = "" + update_allowed = false + log_analytics_agent = azurerm_log_analytics_workspace.this + + # Tags + tags = {} + + # Name overrides name_overrides = {} - log_analytics_agent = azurerm_log_analytics_workspace.this ## DISK DECLARATION - - vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name - disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- + vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name + disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- data_disks = { # 'vm-' is added by the VM module. + shared-01 = { # Examp. With disk prefix: vm-CUSTAPP001-datadisk-shared-01., Without: vm-CUSTAPP001-shared-01 + lun = 1 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "StandardSSD_LRS" + write_accelerator_enabled = false + on_demand_bursting_enabled = false + } } } } diff --git a/examples/advanced2/main.tf b/examples/advanced2/main.tf index 3f355c7..c9e0332 100644 --- a/examples/advanced2/main.tf +++ b/examples/advanced2/main.tf @@ -3,29 +3,31 @@ provider "azurerm" { } module "linux_vm_qby" { - source = "../.." - for_each = local.vm_ux_qby - resource_group_name = each.value.resource_group_name - public_ip_config = each.value.public_ip_config - nic_config = each.value.nic_config - subnet = each.value.subnet + source = "../.." + for_each = local.vm_ux_qby + resource_group_name = each.value.resource_group_name + public_ip_config = each.value.public_ip_config + nic_config = each.value.nic_config + subnet = each.value.subnet + additional_network_interface_ids = each.value.additional_network_interface_ids virtual_machine_config = { - hostname = each.key - size = each.value.size - location = local.location - zone = each.value.zone - admin_username = each.value.admin_username - os_sku = each.value.os_sku - os_offer = each.value.os_offer - os_version = each.value.os_version - os_publisher = each.value.os_publisher - os_disk_name = each.value.os_disk_name - os_disk_caching = each.value.os_disk_caching - os_disk_size_gb = each.value.os_disk_size_gb - os_disk_storage_type = each.value.os_disk_storage_type - availability_set_id = each.value.availability_set_id - write_accelerator_enabled = each.value.write_accelerator_enabled - on_demand_bursting_enabled = length(each.value.on_demand_bursting_enabled) > 0 ? true : false + hostname = each.key + size = each.value.size + location = local.location + zone = each.value.zone + admin_username = each.value.admin_username + os_sku = each.value.os_sku + os_offer = each.value.os_offer + os_version = each.value.os_version + os_publisher = each.value.os_publisher + os_disk_name = each.value.os_disk_name + os_disk_caching = each.value.os_disk_caching + os_disk_size_gb = each.value.os_disk_size_gb + os_disk_storage_type = each.value.os_disk_storage_type + availability_set_id = each.value.availability_set_id + write_accelerator_enabled = each.value.write_accelerator_enabled + proximity_placement_group_id = each.value.proximity_placement_group_id + tags = each.value.tags } admin_password = each.value.admin_password public_key = each.value.public_key @@ -34,6 +36,7 @@ module "linux_vm_qby" { data_disks = each.value.data_disks name_overrides = each.value.name_overrides severity_group = each.value.severity_group + update_allowed = each.value.update_allowed log_analytics_agent = each.value.log_analytics_agent } @@ -62,7 +65,63 @@ resource "azurerm_availability_set" "this" { resource_group_name = azurerm_resource_group.this.name } -resource "azurerm_network_security_group" "this" { +resource "azurerm_proximity_placement_group" "this" { + name = local.proximity_placement_group_name + location = local.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_log_analytics_workspace" "this" { + name = local.law_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + sku = "PerGB2018" + retention_in_days = 30 +} + +resource "azurerm_network_interface" "additional_nic_01" { + name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" + location = local.location + resource_group_name = azurerm_resource_group.this.name + dns_servers = [] + + ip_configuration { + name = "ip-nic-01" + subnet_id = azurerm_subnet.this.id + private_ip_address_allocation = "Dynamic" + private_ip_address = null + public_ip_address_id = null + } + + lifecycle { + ignore_changes = [ + tags + ] + } +} + +resource "azurerm_network_interface" "additional_nic_02" { + name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-02" + location = local.location + resource_group_name = azurerm_resource_group.this.name + dns_servers = [] + + ip_configuration { + name = "ip-nic-02" + subnet_id = azurerm_subnet.this.id + private_ip_address_allocation = "Dynamic" + private_ip_address = null + public_ip_address_id = null + } + + lifecycle { + ignore_changes = [ + tags + ] + } +} + +/* resource "azurerm_network_security_group" "this" { name = local.nsg_name location = local.location resource_group_name = azurerm_resource_group.this.name @@ -78,12 +137,4 @@ resource "azurerm_network_security_group" "this" { source_address_prefix = "*" destination_address_prefix = "*" } -} - -resource "azurerm_log_analytics_workspace" "this" { - name = local.law_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - sku = "PerGB2018" - retention_in_days = 30 -} \ No newline at end of file +} */ \ No newline at end of file diff --git a/extension_azuremonitor.tf b/extension_azuremonitor.tf index f2be712..1f82379 100644 --- a/extension_azuremonitor.tf +++ b/extension_azuremonitor.tf @@ -7,6 +7,6 @@ resource "azurerm_virtual_machine_extension" "microsoftmonitoringagent" { type_handler_version = "1.16" automatic_upgrade_enabled = true auto_upgrade_minor_version = true - settings = jsonencode({"workspaceId" = var.log_analytics_agent.workspace_id}) - protected_settings = jsonencode({"workspaceKey" = var.log_analytics_agent.primary_shared_key}) + settings = jsonencode({"workspaceId" = var.log_analytics_agent.workspace_id}) + protected_settings = jsonencode({"workspaceKey" = var.log_analytics_agent.primary_shared_key}) } \ No newline at end of file diff --git a/extension_dependencyagent.tf b/extension_dependencyagent.tf index 21b690f..2be7969 100644 --- a/extension_dependencyagent.tf +++ b/extension_dependencyagent.tf @@ -1,4 +1,5 @@ resource "azurerm_virtual_machine_extension" "DependencyAgentLinux" { + count = var.log_analytics_agent != null ? 1 : 0 name = "DependencyAgentLinux" virtual_machine_id = azurerm_linux_virtual_machine.this.id publisher = "Microsoft.Azure.Monitoring.DependencyAgent" diff --git a/main.tf b/main.tf index 6937348..b88bf70 100644 --- a/main.tf +++ b/main.tf @@ -58,12 +58,8 @@ resource "azurerm_linux_virtual_machine" "this" { } } - network_interface_ids = [ - azurerm_network_interface.this.id, - ] - os_disk { - name = var.virtual_machine_config.os_disk_name + name = "${var.virtual_machine_config.hostname}-${var.virtual_machine_config.os_disk_name}" caching = var.virtual_machine_config.os_disk_caching disk_size_gb = var.virtual_machine_config.os_disk_size_gb storage_account_type = var.virtual_machine_config.os_disk_storage_type @@ -77,9 +73,11 @@ resource "azurerm_linux_virtual_machine" "this" { version = var.virtual_machine_config.os_version } - availability_set_id = var.virtual_machine_config.availability_set_id - zone = var.virtual_machine_config.zone - tags = local.virtual_machine.tags + proximity_placement_group_id = var.virtual_machine_config.proximity_placement_group_id + network_interface_ids = concat([azurerm_network_interface.this.id], var.additional_network_interface_ids) + availability_set_id = var.virtual_machine_config.availability_set_id + zone = var.virtual_machine_config.zone + tags = local.virtual_machine.tags lifecycle { prevent_destroy = true diff --git a/variables.tf b/variables.tf index 5f14915..7b20479 100644 --- a/variables.tf +++ b/variables.tf @@ -37,6 +37,12 @@ variable "nic_config" { DOC } +variable "additional_network_interface_ids" { + type = list(string) + default = [] + description = "List of ids for additional azurerm_network_interface." +} + variable "subnet" { type = object ({ id = string @@ -47,22 +53,23 @@ variable "subnet" { variable "virtual_machine_config" { type = object({ - hostname = string - size = string - location = string - admin_username = optional(string, "loc_sysadmin") - os_sku = optional(string, "gen2") - os_offer = optional(string, "sles-15-sp4") - os_version = optional(string, "2023.02.05") - os_publisher = optional(string, "SUSE") - os_disk_name = optional(string, "OsDisk_01") - os_disk_caching = optional(string, "ReadWrite") - os_disk_size_gb = optional(number, 64) - os_disk_storage_type = optional(string, "StandardSSD_LRS") - zone = optional(string, "") - availability_set_id = optional(string) - write_accelerator_enabled = optional(bool, false) - tags = optional(map(string)) + hostname = string + size = string + location = string + admin_username = optional(string, "loc_sysadmin") + os_sku = optional(string, "gen2") + os_offer = optional(string, "sles-15-sp5") + os_version = optional(string, "2023.09.21") + os_publisher = optional(string, "SUSE") + os_disk_name = optional(string, "OsDisk_01") + os_disk_caching = optional(string, "ReadWrite") + os_disk_size_gb = optional(number, 64) + os_disk_storage_type = optional(string, "StandardSSD_LRS") + zone = optional(string) + availability_set_id = optional(string) + write_accelerator_enabled = optional(bool, false) + proximity_placement_group_id = optional(string) + tags = optional(map(string)) }) validation { condition = contains(["None", "ReadOnly", "ReadWrite"], var.virtual_machine_config.os_disk_caching) @@ -72,10 +79,6 @@ variable "virtual_machine_config" { condition = contains(["Standard_LRS", "StandardSSD_LRS", "Premium_LRS", "StandardSSD_ZRS", "Premium_ZRS"],var.virtual_machine_config.os_disk_storage_type) error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS" } - validation { - condition = contains(["", "1", "2", "3"], var.virtual_machine_config.zone) - error_message = "Possible values are null, 1, 2, or 3 per zone" - } description = <<-DOC ``` size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes @@ -90,10 +93,11 @@ variable "virtual_machine_config" { os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite. os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image. os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS. - zone: Optionally specify an availibility zone for the vm. - availability_set_id: Optionally specify an availibilty set for the vm. + zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3. + availability_set_id: Optionally specify an availibility set for the vm. write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false. + proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to. tags: Optionally specify tags in as a map. ``` DOC @@ -141,6 +145,7 @@ variable "data_disks" { # change to map of objects lun = number disk_size_gb = number tier = optional(string) + zone = optional(string) caching = optional(string, "ReadWrite") create_option = optional(string, "Empty") storage_account_type = optional(string, "StandardSSD_LRS") @@ -151,17 +156,24 @@ variable "data_disks" { # change to map of objects condition = length([for v in var.data_disks : v.lun]) == length(distinct([for v in var.data_disks : v.lun])) error_message = "One or more of the lun parameters in the map are duplicates." } + validation { + condition = alltrue([for o in var.data_disks : contains(["Standard_LRS", "StandardSSD_LRS", "Premium_LRS", "StandardSSD_ZRS", "Premium_ZRS"], o.storage_account_type)]) + error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS" + } default = {} description = <<-DOC ``` = { lun: Number of the lun. disk_size_gb: The size of the data disk. + tier: Optional. The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs. + zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3. storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS. caching: Optionally activate disk caching. Defaults to None. create_option: Optionally change the create option. Defaults to Empty disk. write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false. + on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false. } ``` DOC @@ -188,8 +200,8 @@ variable "log_analytics_agent" { workspace_id = string primary_shared_key = string }) - sensitive = true - default = null + sensitive = true + default = null description = <<-DOC ``` Installs the log analytics agent(MicrosoftMonitoringAgent). From 11dd2659df50badd5f3c33b8cd89dd171ce07697 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Thu, 11 Jan 2024 16:11:26 +0100 Subject: [PATCH 14/72] Added more features and support multiples nic. --- CHANGELOG.md | 26 +++ LICENSE | 2 +- README.md | 393 ++++++----------------------------- data_disk.tf | 5 +- examples/advanced/locals.tf | 1 - examples/advanced/main.tf | 40 ++-- examples/advanced2/locals.tf | 142 ------------- examples/advanced2/main.tf | 140 ------------- examples/basic/main.tf | 2 +- extension_azuremonitor.tf | 2 +- extension_dependencyagent.tf | 3 +- locals.tf | 1 + main.tf | 2 +- variables.tf | 24 +-- 14 files changed, 123 insertions(+), 660 deletions(-) create mode 100644 CHANGELOG.md delete mode 100644 examples/advanced2/locals.tf delete mode 100644 examples/advanced2/main.tf diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..39582e9 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,26 @@ +# Changelog +All notable changes to this module will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), +and this module adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## [Unreleased] + +## [1.0.0] - 2024-01-11 + +Initial code module. + +### Added + +- VM creation. + - Multples NIC suppoted. + - Network acceleration. + - Availavility set. + - Proximity placement group. +- Disk management creation. + +### Changed + +### Removed + +### Fixed \ No newline at end of file diff --git a/LICENSE b/LICENSE index 1ab1286..b8db84a 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2023 q.beyond AG +Copyright (c) 2024 q.beyond AG Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 020ce12..22ee019 100644 --- a/README.md +++ b/README.md @@ -61,7 +61,6 @@ locals { proximity_placement_group_name = "ppg-examples_vm_deploy-02" nsg_name = "nsg-examples_vm_deploy-02" law_name = "law-examplesvmdeploy-02" - nic = "nic-examples_vm_deploy-02" nic_ip_config = "nic-ip-examples_vm_deploy-02" public_ip = "pip-examples_vm_deploy-02" @@ -73,59 +72,76 @@ provider "azurerm" { } module "virtual_machine" { - source = "../.." + source = "../.." public_ip_config = { - enabled = true - allocation_method = "Static" + enabled = true + allocation_method = "Static" } - public_key = file("id_rsa.pub") nic_config = { - private_ip = "10.0.0.16" - dns_servers = [ "10.0.0.10", "10.0.0.11" ] - nsg = azurerm_network_security_group.this + nic1 = { + private_ip = "10.0.0.16" + # dns_servers = [ "10.0.0.10", "10.0.0.11" ] + # nsg = azurerm_network_security_group.this + } } - virtual_machine_config = { - hostname = "CUSTAPP007" - size = "Standard_D2_v5" - location = azurerm_resource_group.this.location - admin_username = "local_admin" - size = "Standard_D2_v5" - os_sku = "gen2" - os_offer = "sles-15-sp5" - os_version = "2023.09.21" - os_publisher = "SUSE" - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - proximity_placement_group_id = azurerm_proximity_placement_group.this.id - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 128 + virtual_machine_config = { + hostname = "CUSTAPP007" + location = azurerm_resource_group.this.location + zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. + admin_username = "qbinstall" + size = "Standard_DS1_v2" + os_sku = "20_04-lts-gen2" + os_offer = "0001-com-ubuntu-server-focal" + os_version = "latest" + os_publisher = "Canonical" + os_disk_caching = "ReadWrite" + os_disk_storage_type = "StandardSSD_LRS" + os_disk_size_gb = 64 tags = { "Environment" = "prd" } - write_accelerator_enabled = false + availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. + write_accelerator_enabled = false } - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - data_disks = { - shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false + admin_password = "" # Write a password if you need. + public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] + severity_group = "01-third-tuesday-0200-XCSUFEDTG-reboot" + update_allowed = true + + ## DISK DECLARATION + data_disks = { + shared-01 = { # Name should be: vm-CUSTAPP001-datadisk-shared-01, or use name_override + lun = 1 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "StandardSSD_LRS" + write_accelerator_enabled = false + on_demand_bursting_enabled = false + } + sap-01 = { + lun = 2 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "Premium_LRS" + write_accelerator_enabled = false + on_demand_bursting_enabled = false } } - log_analytics_agent = azurerm_log_analytics_workspace.this - name_overrides = { - nic = local.nic - nic_ip_config = local.nic_ip_config - public_ip = local.public_ip - virtual_machine = local.virtual_machine + nic = "nic-examples_vm_CUSTAPP001" + nic_ip_config = "nic-ip-examples_vm_CUSTAPP001" + public_ip = "pip-examples_vm_CUSTAPP001" + data_disks = { + shared-01 = "vm-CUSTAPP007-datadisk-shared-01" + } } } @@ -177,289 +193,6 @@ resource "azurerm_network_security_group" "this" { destination_address_prefix = "*" } } - -resource "azurerm_log_analytics_workspace" "this" { - name = local.law_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - sku = "PerGB2018" - retention_in_days = 30 -} -``` - -###### Adavanced two - -```hcl -locals { - location = "West Europe" - resource_group_name = "rg-examples_vm_deploy-02" - virtual_network_name = "vnet-examples_vm_deploy-02" - subnet_name = "snet-examples_vm_deploy-02" - availability_set_name = "as-examples_vm_deploy-02" - nsg_name = "nsg-examples_vm_deploy-02" - law_name = "law-examplesvmdeploy-02" - - ## VM DECLARATION. - - vm_ux_qby = { - CUSTAPP001 = { - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] - public_ip_config = { - enabled = false - allocation_method = "Dynamic" - } - nic_config = { - private_ip = "10.0.0.16" - dns_servers = ["10.0.0.10", "10.0.0.11"] -# nsg = azurerm_network_security_group.this - } - size = "Standard_B1ms" - location = local.location - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - admin_username = "qbinstall" - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - os_sku = "gen2" - os_offer = "sles-15-sp5" - os_version = "2023.09.21" - os_publisher = "SUSE" - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_size_gb = 64 - os_disk_storage_type = "Premium_LRS" - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - write_accelerator_enabled = false - severity_group = "01-third-tuesday-0200-XCSUFEDTG-reboot" - update_allowed = true - name_overrides = { - nic = "nic-examples_vm_CUSTAPP001" - nic_ip_config = "nic-ip-examples_vm_CUSTAPP001" - public_ip = "pip-examples_vm_CUSTAPP001" - virtual_machine = "vm-CUSTAPP001" - } - log_analytics_agent = azurerm_log_analytics_workspace.this - #log_analytics_agent = null - tags = {} - - ## DISK DECLARATION - - vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name - disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- - data_disks = { # 'vm-' is added by the VM module. - shared-01 = { # Examp. With disk prefix: vm-CUSTAPP001-datadisk-shared-01., Without: vm-CUSTAPP001-shared-01 - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - sap-01 = { - lun = 2 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "Premium_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - } - } - CUSTAPP002 = { - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - additional_network_interface_ids = [azurerm_network_interface.additional_nic_02.id] - public_ip_config = { - enabled = false - allocation_method = "Dynamic" - } - nic_config = { - private_ip = "10.0.0.17" - dns_servers = ["10.0.0.10", "10.0.0.11"] -# nsg = azurerm_network_security_group.this - } - size = "Standard_B1ms" - location = local.location - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - admin_username = "qbinstall" - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - os_sku = "gen2" - os_offer = "sles-15-sp5" - os_version = "2023.09.21" - os_publisher = "SUSE" - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_size_gb = 64 - os_disk_storage_type = "Premium_LRS" - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - write_accelerator_enabled = false - severity_group = "" - update_allowed = false - name_overrides = {} - log_analytics_agent = azurerm_log_analytics_workspace.this - #log_analytics_agent = null - tags = {} - ## DISK DECLARATION - - vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name - disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- - data_disks = { # 'vm-' is added by the VM module. - shared-01 = { # Examp. With disk prefix: vm-CUSTAPP001-datadisk-shared-01., Without: vm-CUSTAPP001-shared-01 - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - } - } - } -} - -### RESOURCES DECLARATION - -provider "azurerm" { - features {} -} - -module "linux_vm_qby" { - source = "../.." - for_each = local.vm_ux_qby - resource_group_name = each.value.resource_group_name - public_ip_config = each.value.public_ip_config - nic_config = each.value.nic_config - subnet = each.value.subnet - additional_network_interface_ids = each.value.additional_network_interface_ids - virtual_machine_config = { - hostname = each.key - size = each.value.size - location = local.location - zone = each.value.zone - admin_username = each.value.admin_username - os_sku = each.value.os_sku - os_offer = each.value.os_offer - os_version = each.value.os_version - os_publisher = each.value.os_publisher - os_disk_name = each.value.os_disk_name - os_disk_caching = each.value.os_disk_caching - os_disk_size_gb = each.value.os_disk_size_gb - os_disk_storage_type = each.value.os_disk_storage_type - availability_set_id = each.value.availability_set_id - write_accelerator_enabled = each.value.write_accelerator_enabled - tags = each.value.tags - } - admin_password = each.value.admin_password - public_key = each.value.public_key - vm_name_as_disk_prefix = each.value.vm_name_as_disk_prefix - disk_prefix = each.value.disk_prefix - data_disks = each.value.data_disks - name_overrides = each.value.name_overrides - severity_group = each.value.severity_group - update_allowed = each.value.update_allowed - log_analytics_agent = each.value.log_analytics_agent -} - -resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location -} - -resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] - location = azurerm_resource_group.this.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_subnet" "this" { - name = local.subnet_name - resource_group_name = azurerm_resource_group.this.name - virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] -} - -resource "azurerm_availability_set" "this" { - name = local.availability_set_name - location = local.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_log_analytics_workspace" "this" { - name = local.law_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - sku = "PerGB2018" - retention_in_days = 30 -} - -resource "azurerm_network_interface" "additional_nic_01" { - name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" - location = local.location - resource_group_name = azurerm_resource_group.this.name - dns_servers = [] - - ip_configuration { - name = "ip-nic-01" - subnet_id = azurerm_subnet.this.id - private_ip_address_allocation = "Dynamic" - private_ip_address = null - public_ip_address_id = null - } - - lifecycle { - ignore_changes = [ - tags - ] - } -} - -resource "azurerm_network_interface" "additional_nic_02" { - name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-02" - location = local.location - resource_group_name = azurerm_resource_group.this.name - dns_servers = [] - - ip_configuration { - name = "ip-nic-02" - subnet_id = azurerm_subnet.this.id - private_ip_address_allocation = "Dynamic" - private_ip_address = null - public_ip_address_id = null - } - - lifecycle { - ignore_changes = [ - tags - ] - } -} - -/* resource "azurerm_network_security_group" "this" { - name = local.nsg_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - security_rule { - name = "example" - priority = 100 - direction = "Outbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "*" - source_address_prefix = "*" - destination_address_prefix = "*" - } -} */ ``` ## Requirements @@ -476,16 +209,16 @@ resource "azurerm_network_interface" "additional_nic_02" { | [public\_key](#input\_public\_key) | Public SSH key of the local administrator. | `string` | n/a | yes / or admin_password | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object ({
    id = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  os_sku: (Required) The os that will be running on the vm. Default: gen2. 
      os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: sles-15-sp5. 
  os_publisher: (Required) Specifies the publisher of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: SUSE.
  os_version: Optionally specify an os version for the chosen sku. Defaults: 2023.09.21.
  location: The location of the virtual machine.
  availability_set_id: Optionally specify an availibilty set for the vm. Not compatible with zone.
  zone: Optionally specify an availibility zone for the vm.  Values 1, 2 or 3. Not compatible with availability_set_id enabled.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
  admin_ssh_key: The local admin name could be changed by the gpo in the target ad.
  os_disk_name: (Optional) The name which should be used for the Internal OS Disk. Changing this forces a new resource to be created. Default: OsDisk_01.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
      hostname = string
      size = string 
      location = string
      os_sku = optional(string, "gen2")
      os_version                = optional(string, "2023.09.21") 
      os_offer                  = optional(string, "sles-15-sp5") 
      os_publisher              = optional(string, "SUSE") 
      availability_set_id = optional(string)
      zone = optional(string)
      admin_username = optional(string, "loc_sysadmin") 
      os_disk_name              = optional(string, "OsDisk_01") 
      os_disk_caching = optional(string, "ReadWrite")
      os_disk_storage_type = optional(string, "StandardSSD_LRS")
      os_disk_size_gb = optional(number)
      write_accelerator_enabled = optional(bool, false)
      proximity_placement_group_id = optional(string)
      tags = optional(map(string))
  })
| n/a | yes | -| [vm\_name\_as\_disk\_prefix](#input\_vm\_name\_as\_disk\_prefix) | Optional. Prefix name of VM for additional disks. Insert vm-- as prefix disk name | `bool` | false | no | -| [disk\_prefix](#input\_disk\_prefix) | Optional. Prefix name for additional disks. | `string` | n/a | no | -| [data\_disks](#input\_data\_disks) | 
lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: (Optional) The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to ReadWrite.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    tier                       = optional(string)
    zone                       = optional(string)
    storage_account_type       = optional(string, "StandardSSD_LRS")
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: vm hostanme. 
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin.
  os_sku: (Required) The os that will be running on the vm. Default: 22_04-lts-gen2.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: 0001-com-ubuntu-server-jammy. 
  os_version: Optionally specify an os version for the chosen sku. Defaults: latest.
  os_publisher: (Required) Specifies the publisher of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: Canonical.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm.  Values 1, 2 or 3. Not compatible with availability_set_id enabled.
  availability_set_id: Optionally specify an availibilty set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
      hostname = string
      size = string 
      location = string
      admin_username = optional(string, "loc_sysadmin") 
      os_sku = optional(string, "22_04-lts-gen2") 
      os_offer                  = optional(string, "0001-com-ubuntu-server-jammy") 
      os_version                = optional(string, "latest") 
      os_publisher              = optional(string, "Canonical") 
      os_disk_caching = optional(string, "ReadWrite")
      os_disk_size_gb = optional(number)
      os_disk_storage_type = optional(string, "StandardSSD_LRS")
      zone = optional(string)
      availability_set_id = optional(string)
      write_accelerator_enabled = optional(bool, false)
      proximity_placement_group_id = optional(string)
      tags = optional(map(string))
  })
| n/a | yes | +| [data\_disks](#input\_data\_disks) | 
lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: (Optional) The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  caching: Optionally activate disk caching. Defaults to ReadWrite.
  create_option: Optionally change the create option. Defaults to Empty disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    tier                       = optional(string)
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id = string
    primary_shared_key = string 
  })
| `null` | no | -| [name\_overrides](#input\_name\_overrides) | 
Possibility to override names that will be generated according to q.beyond naming convention.
| 
object({
      nic = optional(string)
      nic_ip_config = optional(string)
      public_ip = optional(string)
      virtual_machine = optional(string)
  })
| `{}` | no | +| [name\_overrides](#input\_name\_overrides) | 
Possibility to override names that will be generated according to q.beyond naming convention.
| 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [additional\_network\_interface](#additional\_network\_interface) | 
List of ids for additional azurerm_network_interface.
| `list(string)` | `[]` | no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | +| [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `true` will set `yes`, `false` to `no`. | `bool` | `true` | no | +| ## Outputs | Name | Description | diff --git a/data_disk.tf b/data_disk.tf index c87cab5..af84555 100644 --- a/data_disk.tf +++ b/data_disk.tf @@ -1,9 +1,6 @@ -locals { - disk_prefix = var.vm_name_as_disk_prefix ? (length(var.disk_prefix) > 0 ? "${local.virtual_machine.name}-${var.disk_prefix}" : local.virtual_machine.name) : (length(var.disk_prefix) > 0 ? "${var.disk_prefix}" : "") -} resource "azurerm_managed_disk" "data_disk" { for_each = var.data_disks - name = length(local.disk_prefix) > 0 ? "${local.disk_prefix}-${each.key}" : each.key + name = lookup(var.name_overrides.data_disks, each.key, "disk-${var.virtual_machine_config.hostname}-${each.key}") location = var.virtual_machine_config.location resource_group_name = var.resource_group_name tier = each.value["storage_account_type"] == "Premium_LRS" || each.value["storage_account_type"] == "Premium_ZRS" ? each.value["tier"] : null diff --git a/examples/advanced/locals.tf b/examples/advanced/locals.tf index 6242e2a..7893dc7 100644 --- a/examples/advanced/locals.tf +++ b/examples/advanced/locals.tf @@ -7,7 +7,6 @@ locals { proximity_placement_group_name = "ppg-examples_vm_deploy-02" nsg_name = "nsg-examples_vm_deploy-02" law_name = "law-examplesvmdeploy-02" - nic = "nic-examples_vm_deploy-02" nic_ip_config = "nic-ip-examples_vm_deploy-02" public_ip = "pip-examples_vm_deploy-02" diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index fd79175..c8da42f 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -10,30 +10,30 @@ module "virtual_machine" { } public_key = file("id_rsa.pub") nic_config = { - private_ip = "10.0.0.16" - dns_servers = [ "10.0.0.10", "10.0.0.11" ] - nsg = azurerm_network_security_group.this + nic1 = { + private_ip = "10.0.0.16" + dns_servers = [ "10.0.0.10", "10.0.0.11" ] + nsg = azurerm_network_security_group.this + } } - virtual_machine_config = { - hostname = "CUSTAPP007" - size = "Standard_D2_v5" - location = azurerm_resource_group.this.location - admin_username = "local_admin" - size = "Standard_D2_v5" - os_sku = "gen2" - os_offer = "sles-15-sp5" - os_version = "2023.09.21" - os_publisher = "SUSE" - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - proximity_placement_group_id = azurerm_proximity_placement_group.this.id - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 128 + virtual_machine_config = { + hostname = "CUSTAPP007" + location = azurerm_resource_group.this.location + zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. + admin_username = "qbinstall" + size = "Standard_DS1_v2" + os_sku = "22_04-lts-gen2" + os_offer = "0001-com-ubuntu-server-jammy" + os_version = "latest" + os_publisher = "Canonical" + os_disk_caching = "ReadWrite" + os_disk_storage_type = "StandardSSD_LRS" + os_disk_size_gb = 64 tags = { "Environment" = "prd" } - write_accelerator_enabled = false + availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. + write_accelerator_enabled = false } resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this diff --git a/examples/advanced2/locals.tf b/examples/advanced2/locals.tf deleted file mode 100644 index b3d43c1..0000000 --- a/examples/advanced2/locals.tf +++ /dev/null @@ -1,142 +0,0 @@ -locals { - location = "West Europe" - resource_group_name = "rg-examples_vm_deploy-02" - virtual_network_name = "vnet-examples_vm_deploy-02" - subnet_name = "snet-examples_vm_deploy-02" - availability_set_name = "as-examples_vm_deploy-02" - proximity_placement_group_name = "ppg-examples_vm_deploy-02" - nsg_name = "nsg-examples_vm_deploy-02" - law_name = "law-examplesvmdeploy-02" - - ## VM DECLARATION. - - vm_ux_qby = { - CUSTAPP001 = { - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] - public_ip_config = { - enabled = false - allocation_method = "Dynamic" - } - nic_config = { - private_ip = "10.0.0.16" - dns_servers = ["10.0.0.10", "10.0.0.11"] -# nsg = azurerm_network_security_group.this - } - size = "Standard_B1ms" - location = local.location - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - admin_username = "qbinstall" - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - os_sku = "gen2" - os_offer = "sles-15-sp5" - os_version = "2023.09.21" - os_publisher = "SUSE" - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_size_gb = 64 - os_disk_storage_type = "Premium_LRS" - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - proximity_placement_group_id = azurerm_proximity_placement_group.this.id - write_accelerator_enabled = false - severity_group = "01-third-tuesday-0200-XCSUFEDTG-reboot" - update_allowed = true - log_analytics_agent = azurerm_log_analytics_workspace.this - - # Tags - tags = {} - - # Name override - name_overrides = { - nic = "nic-examples_vm_CUSTAPP001" - nic_ip_config = "nic-ip-examples_vm_CUSTAPP001" - public_ip = "pip-examples_vm_CUSTAPP001" - virtual_machine = "vm-CUSTAPP001" - } - - ## DISK DECLARATION - vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name - disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- - data_disks = { # 'vm-' is added by the VM module. - shared-01 = { # Examp. With disk prefix: vm-CUSTAPP001-datadisk-shared-01., Without: vm-CUSTAPP001-shared-01 - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - sap-01 = { - lun = 2 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "Premium_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - } - } - CUSTAPP002 = { - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - additional_network_interface_ids = [azurerm_network_interface.additional_nic_02.id] - public_ip_config = { - enabled = false - allocation_method = "Dynamic" - } - nic_config = { - private_ip = "10.0.0.17" - dns_servers = ["10.0.0.10", "10.0.0.11"] -# nsg = azurerm_network_security_group.this - } - size = "Standard_B1ms" - location = local.location - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - admin_username = "qbinstall" - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - os_sku = "gen2" - os_offer = "sles-15-sp5" - os_version = "2023.09.21" - os_publisher = "SUSE" - os_disk_name = "OsDisk_01" - os_disk_caching = "ReadWrite" - os_disk_size_gb = 64 - os_disk_storage_type = "Premium_LRS" - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - proximity_placement_group_id = azurerm_proximity_placement_group.this.id - write_accelerator_enabled = false - severity_group = "" - update_allowed = false - log_analytics_agent = azurerm_log_analytics_workspace.this - - # Tags - tags = {} - - # Name overrides - name_overrides = {} - - ## DISK DECLARATION - vm_name_as_disk_prefix = true # Insert vm-- as prefix disk name - disk_prefix = "datadisk" # Is part of the prefix of the disk name. 'vm--- - data_disks = { # 'vm-' is added by the VM module. - shared-01 = { # Examp. With disk prefix: vm-CUSTAPP001-datadisk-shared-01., Without: vm-CUSTAPP001-shared-01 - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - } - } - } -} \ No newline at end of file diff --git a/examples/advanced2/main.tf b/examples/advanced2/main.tf deleted file mode 100644 index c9e0332..0000000 --- a/examples/advanced2/main.tf +++ /dev/null @@ -1,140 +0,0 @@ -provider "azurerm" { - features {} -} - -module "linux_vm_qby" { - source = "../.." - for_each = local.vm_ux_qby - resource_group_name = each.value.resource_group_name - public_ip_config = each.value.public_ip_config - nic_config = each.value.nic_config - subnet = each.value.subnet - additional_network_interface_ids = each.value.additional_network_interface_ids - virtual_machine_config = { - hostname = each.key - size = each.value.size - location = local.location - zone = each.value.zone - admin_username = each.value.admin_username - os_sku = each.value.os_sku - os_offer = each.value.os_offer - os_version = each.value.os_version - os_publisher = each.value.os_publisher - os_disk_name = each.value.os_disk_name - os_disk_caching = each.value.os_disk_caching - os_disk_size_gb = each.value.os_disk_size_gb - os_disk_storage_type = each.value.os_disk_storage_type - availability_set_id = each.value.availability_set_id - write_accelerator_enabled = each.value.write_accelerator_enabled - proximity_placement_group_id = each.value.proximity_placement_group_id - tags = each.value.tags - } - admin_password = each.value.admin_password - public_key = each.value.public_key - vm_name_as_disk_prefix = each.value.vm_name_as_disk_prefix - disk_prefix = each.value.disk_prefix - data_disks = each.value.data_disks - name_overrides = each.value.name_overrides - severity_group = each.value.severity_group - update_allowed = each.value.update_allowed - log_analytics_agent = each.value.log_analytics_agent -} - -resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location -} - -resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] - location = azurerm_resource_group.this.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_subnet" "this" { - name = local.subnet_name - resource_group_name = azurerm_resource_group.this.name - virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] -} - -resource "azurerm_availability_set" "this" { - name = local.availability_set_name - location = local.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_proximity_placement_group" "this" { - name = local.proximity_placement_group_name - location = local.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_log_analytics_workspace" "this" { - name = local.law_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - sku = "PerGB2018" - retention_in_days = 30 -} - -resource "azurerm_network_interface" "additional_nic_01" { - name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" - location = local.location - resource_group_name = azurerm_resource_group.this.name - dns_servers = [] - - ip_configuration { - name = "ip-nic-01" - subnet_id = azurerm_subnet.this.id - private_ip_address_allocation = "Dynamic" - private_ip_address = null - public_ip_address_id = null - } - - lifecycle { - ignore_changes = [ - tags - ] - } -} - -resource "azurerm_network_interface" "additional_nic_02" { - name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-02" - location = local.location - resource_group_name = azurerm_resource_group.this.name - dns_servers = [] - - ip_configuration { - name = "ip-nic-02" - subnet_id = azurerm_subnet.this.id - private_ip_address_allocation = "Dynamic" - private_ip_address = null - public_ip_address_id = null - } - - lifecycle { - ignore_changes = [ - tags - ] - } -} - -/* resource "azurerm_network_security_group" "this" { - name = local.nsg_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - security_rule { - name = "example" - priority = 100 - direction = "Outbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "*" - source_address_prefix = "*" - destination_address_prefix = "*" - } -} */ \ No newline at end of file diff --git a/examples/basic/main.tf b/examples/basic/main.tf index 05bb1d7..ac475ca 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -8,7 +8,7 @@ module "virtual_machine" { hostname = "CUSTAPP001" location = local.location admin_username = "local_admin" - size = "Standard_D32as_v5" + size = "Standard_B1ms" } admin_password = "H3ll0W0rld!" diff --git a/extension_azuremonitor.tf b/extension_azuremonitor.tf index 1f82379..634c7ce 100644 --- a/extension_azuremonitor.tf +++ b/extension_azuremonitor.tf @@ -4,7 +4,7 @@ resource "azurerm_virtual_machine_extension" "microsoftmonitoringagent" { virtual_machine_id = azurerm_linux_virtual_machine.this.id publisher = "Microsoft.EnterpriseCloud.Monitoring" type = "OmsAgentForLinux" - type_handler_version = "1.16" + type_handler_version = "1.17" automatic_upgrade_enabled = true auto_upgrade_minor_version = true settings = jsonencode({"workspaceId" = var.log_analytics_agent.workspace_id}) diff --git a/extension_dependencyagent.tf b/extension_dependencyagent.tf index 2be7969..daa58e8 100644 --- a/extension_dependencyagent.tf +++ b/extension_dependencyagent.tf @@ -7,4 +7,5 @@ resource "azurerm_virtual_machine_extension" "DependencyAgentLinux" { type_handler_version = "9.5" automatic_upgrade_enabled = true auto_upgrade_minor_version = true -} + settings = jsonencode({"enableAMA" = true}) +} \ No newline at end of file diff --git a/locals.tf b/locals.tf index 761afe6..a6561c7 100644 --- a/locals.tf +++ b/locals.tf @@ -12,5 +12,6 @@ locals { name = coalesce(var.name_overrides.virtual_machine, "vm-${var.virtual_machine_config.hostname}") tags = merge(var.virtual_machine_config.tags, { "Severity Group Monthly" = var.severity_group }, { "Update allowed" = local.update_allowed }) } + os_disk_name = coalesce(var.name_overrides.os_disk, "disk-${var.virtual_machine_config.hostname}-Os") update_allowed = var.update_allowed ? "yes" : "no" } \ No newline at end of file diff --git a/main.tf b/main.tf index b88bf70..3e09c97 100644 --- a/main.tf +++ b/main.tf @@ -59,7 +59,7 @@ resource "azurerm_linux_virtual_machine" "this" { } os_disk { - name = "${var.virtual_machine_config.hostname}-${var.virtual_machine_config.os_disk_name}" + name = local.os_disk_name caching = var.virtual_machine_config.os_disk_caching disk_size_gb = var.virtual_machine_config.os_disk_size_gb storage_account_type = var.virtual_machine_config.os_disk_storage_type diff --git a/variables.tf b/variables.tf index 7b20479..532aa0b 100644 --- a/variables.tf +++ b/variables.tf @@ -57,11 +57,10 @@ variable "virtual_machine_config" { size = string location = string admin_username = optional(string, "loc_sysadmin") - os_sku = optional(string, "gen2") - os_offer = optional(string, "sles-15-sp5") - os_version = optional(string, "2023.09.21") - os_publisher = optional(string, "SUSE") - os_disk_name = optional(string, "OsDisk_01") + os_sku = optional(string, "22_04-lts-gen2") + os_offer = optional(string, "0001-com-ubuntu-server-jammy") + os_version = optional(string, "latest") + os_publisher = optional(string, "Canonical") os_disk_caching = optional(string, "ReadWrite") os_disk_size_gb = optional(number, 64) os_disk_storage_type = optional(string, "StandardSSD_LRS") @@ -89,7 +88,6 @@ variable "virtual_machine_config" { os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created. os_version: Optionally specify an os version for the chosen sku. Defaults to latest. os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created. - os_disk_name: The name which should be used for the Internal OS Disk. Changing this forces a new resource to be created os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite. os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image. os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS. @@ -128,18 +126,6 @@ variable "public_key" { description = "SSH public key file (e.g. file(id_rsa.pub)" } -variable "vm_name_as_disk_prefix" { - type = bool - default = false - description = "Insert vm-- as prefix disk name." -} - -variable "disk_prefix" { - type = string - default = "" - description = "Optional. Prefix name for additional disks." -} - variable "data_disks" { # change to map of objects type = map(object({ lun = number @@ -190,6 +176,8 @@ variable "name_overrides" { nic_ip_config = optional(string) public_ip = optional(string) virtual_machine = optional(string) + os_disk = optional(string) + data_disks = optional(map(string), {}) }) description = "Possibility to override names that will be generated according to q.beyond naming convention." default = {} From e538eb5b1e34e6a74ff8626c6ee08583e8a46b0c Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Thu, 11 Jan 2024 16:12:55 +0100 Subject: [PATCH 15/72] Added git tags and license. --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 22ee019..9cca925 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Module -[![GitHub tag](https://img.shields.io/github/tag/qbeyond/terraform-module-template.svg)](https://registry.terraform.io/modules/qbeyond/terraform-module-template/provider/latest) -[![License](https://img.shields.io/github/license/qbeyond/terraform-module-template.svg)](https://github.com/qbeyond/terraform-module-template/blob/main/LICENSE) +[![GitHub tag](https://img.shields.io/github/tag/qbeyond/terraform-azurerm-linux-vm.svg)](https://registry.terraform.io/modules/qbeyond/linux-vm/azurerm/latest) +[![License](https://img.shields.io/github/license/qbeyond/terraform-azurerm-linux-vm.svg)](https://github.com/qbeyond/terraform-azurerm-linux-vm/blob/main/LICENSE) ---- From 077bca054f0394fb31da6b651ec057cb1ce02201 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 11 Jan 2024 15:18:12 +0000 Subject: [PATCH 16/72] terraform-docs: automated action --- README.md | 168 ++++-------------------------------------------------- 1 file changed, 12 insertions(+), 156 deletions(-) diff --git a/README.md b/README.md index c30f4e4..d76150f 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,7 @@ module "virtual_machine" { hostname = "CUSTAPP001" location = local.location admin_username = "local_admin" - size = "Standard_D32as_v5" + size = "Standard_B1ms" } admin_password = "H3ll0W0rld!" @@ -48,150 +48,6 @@ resource "azurerm_subnet" "this" { address_prefixes = [ "10.0.0.0/24" ] } ``` -###### Advanced -```hcl -locals { - location = "West Europe" - resource_group_name = "rg-examples_vm_deploy-02" - virtual_network_name = "vnet-examples_vm_deploy-02" - subnet_name = "snet-examples_vm_deploy-02" - availability_set_name = "as-examples_vm_deploy-02" - proximity_placement_group_name = "ppg-examples_vm_deploy-02" - nsg_name = "nsg-examples_vm_deploy-02" - law_name = "law-examplesvmdeploy-02" - nic = "nic-examples_vm_deploy-02" - nic_ip_config = "nic-ip-examples_vm_deploy-02" - public_ip = "pip-examples_vm_deploy-02" - virtual_machine = "vm-examples_vm_deploy-02" -} - -provider "azurerm" { - features {} -} - -module "virtual_machine" { - source = "../.." - public_ip_config = { - enabled = true - allocation_method = "Static" - } - nic_config = { - nic1 = { - private_ip = "10.0.0.16" - # dns_servers = [ "10.0.0.10", "10.0.0.11" ] - # nsg = azurerm_network_security_group.this - } - } - virtual_machine_config = { - hostname = "CUSTAPP007" - location = azurerm_resource_group.this.location - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - admin_username = "qbinstall" - size = "Standard_DS1_v2" - os_sku = "20_04-lts-gen2" - os_offer = "0001-com-ubuntu-server-focal" - os_version = "latest" - os_publisher = "Canonical" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 64 - tags = { - "Environment" = "prd" - } - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - write_accelerator_enabled = false - } - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] - severity_group = "01-third-tuesday-0200-XCSUFEDTG-reboot" - update_allowed = true - - ## DISK DECLARATION - data_disks = { - shared-01 = { # Name should be: vm-CUSTAPP001-datadisk-shared-01, or use name_override - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - sap-01 = { - lun = 2 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "Premium_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - } - - name_overrides = { - nic = "nic-examples_vm_CUSTAPP001" - nic_ip_config = "nic-ip-examples_vm_CUSTAPP001" - public_ip = "pip-examples_vm_CUSTAPP001" - data_disks = { - shared-01 = "vm-CUSTAPP007-datadisk-shared-01" - } - } -} - -resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location -} - -resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] - location = azurerm_resource_group.this.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_subnet" "this" { - name = local.subnet_name - resource_group_name = azurerm_resource_group.this.name - virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] -} - -resource "azurerm_availability_set" "this" { - name = local.availability_set_name - location = local.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_proximity_placement_group" "this" { - name = local.proximity_placement_group_name - location = local.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_network_security_group" "this" { - name = local.nsg_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - security_rule { - name = "example" - priority = 100 - direction = "Outbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "*" - source_address_prefix = "*" - destination_address_prefix = "*" - } -} -``` ## Requirements @@ -204,17 +60,18 @@ resource "azurerm_network_security_group" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | -| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object ({
    id = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: vm hostanme. 
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin.
  os_sku: (Required) The os that will be running on the vm. Default: 22_04-lts-gen2.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: 0001-com-ubuntu-server-jammy. 
  os_version: Optionally specify an os version for the chosen sku. Defaults: latest.
  os_publisher: (Required) Specifies the publisher of the image used to create the virtual machines. Changing this forces a new resource to be created. Default: Canonical.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm.  Values 1, 2 or 3. Not compatible with availability_set_id enabled.
  availability_set_id: Optionally specify an availibilty set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
      hostname = string
      size = string 
      location = string
      admin_username = optional(string, "loc_sysadmin") 
      os_sku = optional(string, "22_04-lts-gen2") 
      os_offer                  = optional(string, "0001-com-ubuntu-server-jammy") 
      os_version                = optional(string, "latest") 
      os_publisher              = optional(string, "Canonical") 
      os_disk_caching = optional(string, "ReadWrite")
      os_disk_size_gb = optional(number)
      os_disk_storage_type = optional(string, "StandardSSD_LRS")
      zone = optional(string)
      availability_set_id = optional(string)
      write_accelerator_enabled = optional(bool, false)
      proximity_placement_group_id = optional(string)
      tags = optional(map(string))
  })
| n/a | yes | -| [data\_disks](#input\_data\_disks) | 
lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: (Optional) The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  caching: Optionally activate disk caching. Defaults to ReadWrite.
  create_option: Optionally change the create option. Defaults to Empty disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    tier                       = optional(string)
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | -| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id = string
    primary_shared_key = string 
  })
| `null` | no | -| [name\_overrides](#input\_name\_overrides) | 
Possibility to override names that will be generated according to q.beyond naming convention.
| 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | -| [additional\_network\_interface](#additional\_network\_interface) | 
List of ids for additional azurerm_network_interface.
| `list(string)` | `[]` | no | +| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object ({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
      hostname                     = string
      size                         = string
      location                     = string
      admin_username               = optional(string, "loc_sysadmin")
      os_sku                       = optional(string, "22_04-lts-gen2")
      os_offer                     = optional(string, "0001-com-ubuntu-server-jammy")
      os_version                   = optional(string, "latest")
      os_publisher                 = optional(string, "Canonical")
      os_disk_caching              = optional(string, "ReadWrite")
      os_disk_size_gb              = optional(number, 64)
      os_disk_storage_type         = optional(string, "StandardSSD_LRS")
      zone                         = optional(string)
      availability_set_id          = optional(string)
      write_accelerator_enabled    = optional(bool, false)
      proximity_placement_group_id = optional(string)
      tags                         = optional(map(string))
  })
| n/a | yes | +| [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | +| [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | `""` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: Optional. The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    tier                       = optional(string)
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | +| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string 
  })
| `null` | no | +| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic             = optional(string)
      nic_ip_config   = optional(string)
      public_ip       = optional(string)
      virtual_machine = optional(string)
      os_disk         = optional(string)
      data_disks      = optional(map(string), {})
  })
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled           = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [public\_key](#input\_public\_key) | SSH public key file (e.g. file(id\_rsa.pub) | `string` | `""` | no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | -| [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `true` will set `yes`, `false` to `no`. | `bool` | `true` | no | -| +| [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs | Name | Description | @@ -268,7 +125,6 @@ No modules. | [azurerm_network_interface.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | resource | | [azurerm_network_interface_security_group_association.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) | resource | | [azurerm_public_ip.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource | -| [azurerm_network_security_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/network_security_group) | data source | ## Contribute From 35e9b458ea424387574020c4846e714fb22c2d6f Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Thu, 11 Jan 2024 19:34:29 +0100 Subject: [PATCH 17/72] Added enable_accelerated_networking. --- README.md | 43 ++++++++++++++++++++++++++++++++------- examples/advanced/main.tf | 33 ++++++++++++++++++++++++++++-- main.tf | 9 ++++---- variables.tf | 6 ++++++ 4 files changed, 78 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index c30f4e4..3d0346c 100644 --- a/README.md +++ b/README.md @@ -101,13 +101,14 @@ module "virtual_machine" { availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. write_accelerator_enabled = false } - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] - severity_group = "01-third-tuesday-0200-XCSUFEDTG-reboot" - update_allowed = true + admin_password = "" # Write a password if you need. + public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] + enable_accelerated_networking = true + severity_group = "01-third-tuesday-0200-XCSUFEDTG-reboot" + update_allowed = true ## DISK DECLARATION data_disks = { @@ -172,6 +173,33 @@ resource "azurerm_proximity_placement_group" "this" { name = local.proximity_placement_group_name location = local.location resource_group_name = azurerm_resource_group.this.name + allowed_vm_sizes = ["Standard_DS1_v2", "Standard_M32ms_v2", "Standard_E16as_v5", "Standard_E8as_v5"] + + lifecycle { + ignore_changes = [tags] + } +} + +resource "azurerm_network_interface" "additional_nic_01" { + name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" + location = local.location + resource_group_name = azurerm_resource_group.this.name + dns_servers = [] + enable_accelerated_networking = true + + ip_configuration { + name = "ip-nic-01" + subnet_id = azurerm_subnet.this.id + private_ip_address_allocation = "Dynamic" + private_ip_address = null + public_ip_address_id = null + } + + lifecycle { + ignore_changes = [ + tags + ] + } } resource "azurerm_network_security_group" "this" { @@ -212,6 +240,7 @@ resource "azurerm_network_security_group" "this" { | [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [additional\_network\_interface](#additional\_network\_interface) | 
List of ids for additional azurerm_network_interface.
| `list(string)` | `[]` | no | +| [enable\_accelerated\_networking](#input\_enable\_accelerated\_networking) | Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.| `bool` | `false` | no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `true` will set `yes`, `false` to `no`. | `bool` | `true` | no | | diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index c8da42f..4b300c9 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -35,8 +35,10 @@ module "virtual_machine" { availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. write_accelerator_enabled = false } - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] + enable_accelerated_networking = true data_disks = { shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 lun = 1 @@ -88,6 +90,33 @@ resource "azurerm_proximity_placement_group" "this" { name = local.proximity_placement_group_name location = local.location resource_group_name = azurerm_resource_group.this.name + allowed_vm_sizes = ["Standard_DS1_v2", "Standard_M32ms_v2", "Standard_E16as_v5", "Standard_E8as_v5"] + + lifecycle { + ignore_changes = [tags] + } +} + +resource "azurerm_network_interface" "additional_nic_01" { + name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" + location = local.location + resource_group_name = azurerm_resource_group.this.name + dns_servers = [] + enable_accelerated_networking = true + + ip_configuration { + name = "ip-nic-01" + subnet_id = azurerm_subnet.this.id + private_ip_address_allocation = "Dynamic" + private_ip_address = null + public_ip_address_id = null + } + + lifecycle { + ignore_changes = [ + tags + ] + } } resource "azurerm_network_security_group" "this" { diff --git a/main.tf b/main.tf index 3e09c97..430c738 100644 --- a/main.tf +++ b/main.tf @@ -13,10 +13,11 @@ resource "azurerm_public_ip" "this" { } resource "azurerm_network_interface" "this" { - name = local.nic.name - location = var.virtual_machine_config.location - resource_group_name = var.resource_group_name - dns_servers = var.nic_config.dns_servers + name = local.nic.name + location = var.virtual_machine_config.location + resource_group_name = var.resource_group_name + dns_servers = var.nic_config.dns_servers + enable_accelerated_networking = var.enable_accelerated_networking ip_configuration { name = local.nic.ip_config_name diff --git a/variables.tf b/variables.tf index 532aa0b..b1459b3 100644 --- a/variables.tf +++ b/variables.tf @@ -37,6 +37,12 @@ variable "nic_config" { DOC } +variable "enable_accelerated_networking" { + description = "Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature. https://docs.microsoft.com/en-us/azure/virtual-network/create-vm-accelerated-networking-powershell" + type = bool + default = "false" +} + variable "additional_network_interface_ids" { type = list(string) default = [] From 4fe5f511437bf558f1d8917289fd64e749d0e314 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 11 Jan 2024 18:59:48 +0000 Subject: [PATCH 18/72] terraform-docs: automated action --- README.md | 174 +----------------------------------------------------- 1 file changed, 1 insertion(+), 173 deletions(-) diff --git a/README.md b/README.md index 9a761b1..ee3160f 100644 --- a/README.md +++ b/README.md @@ -48,178 +48,6 @@ resource "azurerm_subnet" "this" { address_prefixes = [ "10.0.0.0/24" ] } ``` -###### Advanced -```hcl -locals { - location = "West Europe" - resource_group_name = "rg-examples_vm_deploy-02" - virtual_network_name = "vnet-examples_vm_deploy-02" - subnet_name = "snet-examples_vm_deploy-02" - availability_set_name = "as-examples_vm_deploy-02" - proximity_placement_group_name = "ppg-examples_vm_deploy-02" - nsg_name = "nsg-examples_vm_deploy-02" - law_name = "law-examplesvmdeploy-02" - nic = "nic-examples_vm_deploy-02" - nic_ip_config = "nic-ip-examples_vm_deploy-02" - public_ip = "pip-examples_vm_deploy-02" - virtual_machine = "vm-examples_vm_deploy-02" -} - -provider "azurerm" { - features {} -} - -module "virtual_machine" { - source = "../.." - public_ip_config = { - enabled = true - allocation_method = "Static" - } - nic_config = { - nic1 = { - private_ip = "10.0.0.16" - # dns_servers = [ "10.0.0.10", "10.0.0.11" ] - # nsg = azurerm_network_security_group.this - } - } - virtual_machine_config = { - hostname = "CUSTAPP007" - location = azurerm_resource_group.this.location - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - admin_username = "qbinstall" - size = "Standard_DS1_v2" - os_sku = "20_04-lts-gen2" - os_offer = "0001-com-ubuntu-server-focal" - os_version = "latest" - os_publisher = "Canonical" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 64 - tags = { - "Environment" = "prd" - } - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - write_accelerator_enabled = false - } - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] - enable_accelerated_networking = true - severity_group = "01-third-tuesday-0200-XCSUFEDTG-reboot" - update_allowed = true - - ## DISK DECLARATION - data_disks = { - shared-01 = { # Name should be: vm-CUSTAPP001-datadisk-shared-01, or use name_override - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - sap-01 = { - lun = 2 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "Premium_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - } - - name_overrides = { - nic = "nic-examples_vm_CUSTAPP001" - nic_ip_config = "nic-ip-examples_vm_CUSTAPP001" - public_ip = "pip-examples_vm_CUSTAPP001" - data_disks = { - shared-01 = "vm-CUSTAPP007-datadisk-shared-01" - } - } -} - -resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location -} - -resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] - location = azurerm_resource_group.this.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_subnet" "this" { - name = local.subnet_name - resource_group_name = azurerm_resource_group.this.name - virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] -} - -resource "azurerm_availability_set" "this" { - name = local.availability_set_name - location = local.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_proximity_placement_group" "this" { - name = local.proximity_placement_group_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - allowed_vm_sizes = ["Standard_DS1_v2", "Standard_M32ms_v2", "Standard_E16as_v5", "Standard_E8as_v5"] - - lifecycle { - ignore_changes = [tags] - } -} - -resource "azurerm_network_interface" "additional_nic_01" { - name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" - location = local.location - resource_group_name = azurerm_resource_group.this.name - dns_servers = [] - enable_accelerated_networking = true - - ip_configuration { - name = "ip-nic-01" - subnet_id = azurerm_subnet.this.id - private_ip_address_allocation = "Dynamic" - private_ip_address = null - public_ip_address_id = null - } - - lifecycle { - ignore_changes = [ - tags - ] - } -} - -resource "azurerm_network_security_group" "this" { - name = local.nsg_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - security_rule { - name = "example" - priority = 100 - direction = "Outbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "*" - source_address_prefix = "*" - destination_address_prefix = "*" - } -} -``` ## Requirements @@ -237,12 +65,12 @@ resource "azurerm_network_security_group" "this" { | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | `""` | no | | [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: Optional. The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    tier                       = optional(string)
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | +| [enable\_accelerated\_networking](#input\_enable\_accelerated\_networking) | Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature. https://docs.microsoft.com/en-us/azure/virtual-network/create-vm-accelerated-networking-powershell | `bool` | `"false"` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string 
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic             = optional(string)
      nic_ip_config   = optional(string)
      public_ip       = optional(string)
      virtual_machine = optional(string)
      os_disk         = optional(string)
      data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled           = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [public\_key](#input\_public\_key) | SSH public key file (e.g. file(id\_rsa.pub) | `string` | `""` | no | -| [enable\_accelerated\_networking](#input\_enable\_accelerated\_networking) | Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.| `bool` | `false` | no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs From 5856ce14f51fea79cb2b8389b3f3aa5ee3617893 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 12 Jan 2024 12:53:06 +0100 Subject: [PATCH 19/72] Fix advance example, applied terraform fmt and add some documentation. --- README.md | 11 +++-- examples/advanced/main.tf | 14 +++---- extension_azuremonitor.tf | 4 +- extension_dependencyagent.tf | 4 +- main.tf | 6 +-- variables.tf | 79 ++++++++++++++++++------------------ 6 files changed, 59 insertions(+), 59 deletions(-) diff --git a/README.md b/README.md index 9a761b1..d645187 100644 --- a/README.md +++ b/README.md @@ -164,16 +164,16 @@ resource "azurerm_subnet" "this" { } resource "azurerm_availability_set" "this" { - name = local.availability_set_name - location = local.location - resource_group_name = azurerm_resource_group.this.name + name = local.availability_set_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + proximity_placement_group_id = azurerm_proximity_placement_group.this.id } resource "azurerm_proximity_placement_group" "this" { name = local.proximity_placement_group_name location = local.location resource_group_name = azurerm_resource_group.this.name - allowed_vm_sizes = ["Standard_DS1_v2", "Standard_M32ms_v2", "Standard_E16as_v5", "Standard_E8as_v5"] lifecycle { ignore_changes = [tags] @@ -185,7 +185,6 @@ resource "azurerm_network_interface" "additional_nic_01" { location = local.location resource_group_name = azurerm_resource_group.this.name dns_servers = [] - enable_accelerated_networking = true ip_configuration { name = "ip-nic-01" @@ -233,7 +232,7 @@ resource "azurerm_network_security_group" "this" { |------|-------------|------|---------|:--------:| | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object ({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
      hostname                     = string
      size                         = string
      location                     = string
      admin_username               = optional(string, "loc_sysadmin")
      os_sku                       = optional(string, "22_04-lts-gen2")
      os_offer                     = optional(string, "0001-com-ubuntu-server-jammy")
      os_version                   = optional(string, "latest")
      os_publisher                 = optional(string, "Canonical")
      os_disk_caching              = optional(string, "ReadWrite")
      os_disk_size_gb              = optional(number, 64)
      os_disk_storage_type         = optional(string, "StandardSSD_LRS")
      zone                         = optional(string)
      availability_set_id          = optional(string)
      write_accelerator_enabled    = optional(bool, false)
      proximity_placement_group_id = optional(string)
      tags                         = optional(map(string))
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
      hostname                     = string
      size                         = string
      location                     = string
      admin_username               = optional(string, "loc_sysadmin")
      os_sku                       = optional(string, "22_04-lts-gen2")
      os_offer                     = optional(string, "0001-com-ubuntu-server-jammy")
      os_version                   = optional(string, "latest")
      os_publisher                 = optional(string, "Canonical")
      os_disk_caching              = optional(string, "ReadWrite")
      os_disk_size_gb              = optional(number, 64)
      os_disk_storage_type         = optional(string, "StandardSSD_LRS")
      zone                         = optional(string)
      availability_set_id          = optional(string)
      write_accelerator_enabled    = optional(bool, false)
      proximity_placement_group_id = optional(string)
      tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | `""` | no | | [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: Optional. The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    tier                       = optional(string)
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index 4b300c9..ba1e333 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -32,8 +32,9 @@ module "virtual_machine" { tags = { "Environment" = "prd" } - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - write_accelerator_enabled = false + availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. + write_accelerator_enabled = false + proximity_placement_group_id = azurerm_proximity_placement_group.this.id } resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this @@ -81,16 +82,16 @@ resource "azurerm_subnet" "this" { } resource "azurerm_availability_set" "this" { - name = local.availability_set_name - location = local.location - resource_group_name = azurerm_resource_group.this.name + name = local.availability_set_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + proximity_placement_group_id = azurerm_proximity_placement_group.this.id } resource "azurerm_proximity_placement_group" "this" { name = local.proximity_placement_group_name location = local.location resource_group_name = azurerm_resource_group.this.name - allowed_vm_sizes = ["Standard_DS1_v2", "Standard_M32ms_v2", "Standard_E16as_v5", "Standard_E8as_v5"] lifecycle { ignore_changes = [tags] @@ -102,7 +103,6 @@ resource "azurerm_network_interface" "additional_nic_01" { location = local.location resource_group_name = azurerm_resource_group.this.name dns_servers = [] - enable_accelerated_networking = true ip_configuration { name = "ip-nic-01" diff --git a/extension_azuremonitor.tf b/extension_azuremonitor.tf index 634c7ce..b23fea2 100644 --- a/extension_azuremonitor.tf +++ b/extension_azuremonitor.tf @@ -7,6 +7,6 @@ resource "azurerm_virtual_machine_extension" "microsoftmonitoringagent" { type_handler_version = "1.17" automatic_upgrade_enabled = true auto_upgrade_minor_version = true - settings = jsonencode({"workspaceId" = var.log_analytics_agent.workspace_id}) - protected_settings = jsonencode({"workspaceKey" = var.log_analytics_agent.primary_shared_key}) + settings = jsonencode({ "workspaceId" = var.log_analytics_agent.workspace_id }) + protected_settings = jsonencode({ "workspaceKey" = var.log_analytics_agent.primary_shared_key }) } \ No newline at end of file diff --git a/extension_dependencyagent.tf b/extension_dependencyagent.tf index daa58e8..01c3cfe 100644 --- a/extension_dependencyagent.tf +++ b/extension_dependencyagent.tf @@ -1,11 +1,11 @@ resource "azurerm_virtual_machine_extension" "DependencyAgentLinux" { count = var.log_analytics_agent != null ? 1 : 0 name = "DependencyAgentLinux" - virtual_machine_id = azurerm_linux_virtual_machine.this.id + virtual_machine_id = azurerm_linux_virtual_machine.this.id publisher = "Microsoft.Azure.Monitoring.DependencyAgent" type = "DependencyAgentLinux" type_handler_version = "9.5" automatic_upgrade_enabled = true auto_upgrade_minor_version = true - settings = jsonencode({"enableAMA" = true}) + settings = jsonencode({ "enableAMA" = true }) } \ No newline at end of file diff --git a/main.tf b/main.tf index 430c738..5a249b4 100644 --- a/main.tf +++ b/main.tf @@ -35,8 +35,8 @@ resource "azurerm_network_interface" "this" { } resource "azurerm_network_interface_security_group_association" "this" { - count = var.nic_config.nsg != null ? 1 : 0 - network_interface_id = azurerm_network_interface.this.id + count = var.nic_config.nsg != null ? 1 : 0 + network_interface_id = azurerm_network_interface.this.id network_security_group_id = var.nic_config.nsg.id } @@ -63,7 +63,7 @@ resource "azurerm_linux_virtual_machine" "this" { name = local.os_disk_name caching = var.virtual_machine_config.os_disk_caching disk_size_gb = var.virtual_machine_config.os_disk_size_gb - storage_account_type = var.virtual_machine_config.os_disk_storage_type + storage_account_type = var.virtual_machine_config.os_disk_storage_type write_accelerator_enabled = var.virtual_machine_config.write_accelerator_enabled } diff --git a/variables.tf b/variables.tf index b1459b3..7afc206 100644 --- a/variables.tf +++ b/variables.tf @@ -1,13 +1,13 @@ variable "public_ip_config" { type = object({ - enabled = bool - allocation_method = optional(string, "Static") + enabled = bool + allocation_method = optional(string, "Static") }) default = { enabled = false } validation { - condition = contains(["Static","Dynamic"], var.public_ip_config.allocation_method) + condition = contains(["Static", "Dynamic"], var.public_ip_config.allocation_method) error_message = "Allocation method must be Static or Dynamic" } description = <<-DOC @@ -16,7 +16,7 @@ variable "public_ip_config" { allocation_method: The allocation method of the public ip that will be created. Defaults to static. ``` DOC -} +} # nsg needs to be an object to use the count object in main.tf. variable "nic_config" { @@ -50,7 +50,7 @@ variable "additional_network_interface_ids" { } variable "subnet" { - type = object ({ + type = object({ id = string address_prefixes = list(string) }) @@ -59,33 +59,34 @@ variable "subnet" { variable "virtual_machine_config" { type = object({ - hostname = string - size = string - location = string - admin_username = optional(string, "loc_sysadmin") - os_sku = optional(string, "22_04-lts-gen2") - os_offer = optional(string, "0001-com-ubuntu-server-jammy") - os_version = optional(string, "latest") - os_publisher = optional(string, "Canonical") - os_disk_caching = optional(string, "ReadWrite") - os_disk_size_gb = optional(number, 64) - os_disk_storage_type = optional(string, "StandardSSD_LRS") - zone = optional(string) - availability_set_id = optional(string) - write_accelerator_enabled = optional(bool, false) - proximity_placement_group_id = optional(string) - tags = optional(map(string)) + hostname = string + size = string + location = string + admin_username = optional(string, "loc_sysadmin") + os_sku = optional(string, "22_04-lts-gen2") + os_offer = optional(string, "0001-com-ubuntu-server-jammy") + os_version = optional(string, "latest") + os_publisher = optional(string, "Canonical") + os_disk_caching = optional(string, "ReadWrite") + os_disk_size_gb = optional(number, 64) + os_disk_storage_type = optional(string, "StandardSSD_LRS") + zone = optional(string) + availability_set_id = optional(string) + write_accelerator_enabled = optional(bool, false) + proximity_placement_group_id = optional(string) + tags = optional(map(string)) }) validation { condition = contains(["None", "ReadOnly", "ReadWrite"], var.virtual_machine_config.os_disk_caching) - error_message = "Possible values are None, ReadOnly and ReadWrite" + error_message = "Possible values are None, ReadOnly and ReadWrite" } validation { - condition = contains(["Standard_LRS", "StandardSSD_LRS", "Premium_LRS", "StandardSSD_ZRS", "Premium_ZRS"],var.virtual_machine_config.os_disk_storage_type) + condition = contains(["Standard_LRS", "StandardSSD_LRS", "Premium_LRS", "StandardSSD_ZRS", "Premium_ZRS"], var.virtual_machine_config.os_disk_storage_type) error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS" } description = <<-DOC ``` + hostname: Name of system hostname. size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes location: The location of the virtual machine. admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. @@ -143,16 +144,16 @@ variable "data_disks" { # change to map of objects storage_account_type = optional(string, "StandardSSD_LRS") write_accelerator_enabled = optional(bool, false) on_demand_bursting_enabled = optional(bool, false) - })) - validation { - condition = length([for v in var.data_disks : v.lun]) == length(distinct([for v in var.data_disks : v.lun])) - error_message = "One or more of the lun parameters in the map are duplicates." - } + })) + validation { + condition = length([for v in var.data_disks : v.lun]) == length(distinct([for v in var.data_disks : v.lun])) + error_message = "One or more of the lun parameters in the map are duplicates." + } validation { condition = alltrue([for o in var.data_disks : contains(["Standard_LRS", "StandardSSD_LRS", "Premium_LRS", "StandardSSD_ZRS", "Premium_ZRS"], o.storage_account_type)]) error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS" - } - default = {} + } + default = {} description = <<-DOC ``` = { @@ -178,23 +179,23 @@ variable "resource_group_name" { variable "name_overrides" { type = object({ - nic = optional(string) - nic_ip_config = optional(string) - public_ip = optional(string) - virtual_machine = optional(string) - os_disk = optional(string) - data_disks = optional(map(string), {}) + nic = optional(string) + nic_ip_config = optional(string) + public_ip = optional(string) + virtual_machine = optional(string) + os_disk = optional(string) + data_disks = optional(map(string), {}) }) description = "Possibility to override names that will be generated according to q.beyond naming convention." - default = {} + default = {} } variable "log_analytics_agent" { type = object({ workspace_id = string - primary_shared_key = string + primary_shared_key = string }) - sensitive = true + sensitive = true default = null description = <<-DOC ``` From 6513575ec958733e3b987c744e9044ea2f3870de Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Fri, 12 Jan 2024 11:55:35 +0000 Subject: [PATCH 20/72] terraform-docs: automated action --- README.md | 183 ++---------------------------------------------------- 1 file changed, 6 insertions(+), 177 deletions(-) diff --git a/README.md b/README.md index f410843..5a59462 100644 --- a/README.md +++ b/README.md @@ -48,177 +48,6 @@ resource "azurerm_subnet" "this" { address_prefixes = [ "10.0.0.0/24" ] } ``` -###### Advanced -```hcl -locals { - location = "West Europe" - resource_group_name = "rg-examples_vm_deploy-02" - virtual_network_name = "vnet-examples_vm_deploy-02" - subnet_name = "snet-examples_vm_deploy-02" - availability_set_name = "as-examples_vm_deploy-02" - proximity_placement_group_name = "ppg-examples_vm_deploy-02" - nsg_name = "nsg-examples_vm_deploy-02" - law_name = "law-examplesvmdeploy-02" - nic = "nic-examples_vm_deploy-02" - nic_ip_config = "nic-ip-examples_vm_deploy-02" - public_ip = "pip-examples_vm_deploy-02" - virtual_machine = "vm-examples_vm_deploy-02" -} - -provider "azurerm" { - features {} -} - -module "virtual_machine" { - source = "../.." - public_ip_config = { - enabled = true - allocation_method = "Static" - } - nic_config = { - nic1 = { - private_ip = "10.0.0.16" - # dns_servers = [ "10.0.0.10", "10.0.0.11" ] - # nsg = azurerm_network_security_group.this - } - } - virtual_machine_config = { - hostname = "CUSTAPP007" - location = azurerm_resource_group.this.location - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - admin_username = "qbinstall" - size = "Standard_DS1_v2" - os_sku = "20_04-lts-gen2" - os_offer = "0001-com-ubuntu-server-focal" - os_version = "latest" - os_publisher = "Canonical" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 64 - tags = { - "Environment" = "prd" - } - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - write_accelerator_enabled = false - } - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] - enable_accelerated_networking = true - severity_group = "01-third-tuesday-0200-XCSUFEDTG-reboot" - update_allowed = true - - ## DISK DECLARATION - data_disks = { - shared-01 = { # Name should be: vm-CUSTAPP001-datadisk-shared-01, or use name_override - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - sap-01 = { - lun = 2 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "Premium_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - } - - name_overrides = { - nic = "nic-examples_vm_CUSTAPP001" - nic_ip_config = "nic-ip-examples_vm_CUSTAPP001" - public_ip = "pip-examples_vm_CUSTAPP001" - data_disks = { - shared-01 = "vm-CUSTAPP007-datadisk-shared-01" - } - } -} - -resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location -} - -resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] - location = azurerm_resource_group.this.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_subnet" "this" { - name = local.subnet_name - resource_group_name = azurerm_resource_group.this.name - virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] -} - -resource "azurerm_availability_set" "this" { - name = local.availability_set_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - proximity_placement_group_id = azurerm_proximity_placement_group.this.id -} - -resource "azurerm_proximity_placement_group" "this" { - name = local.proximity_placement_group_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - lifecycle { - ignore_changes = [tags] - } -} - -resource "azurerm_network_interface" "additional_nic_01" { - name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" - location = local.location - resource_group_name = azurerm_resource_group.this.name - dns_servers = [] - - ip_configuration { - name = "ip-nic-01" - subnet_id = azurerm_subnet.this.id - private_ip_address_allocation = "Dynamic" - private_ip_address = null - public_ip_address_id = null - } - - lifecycle { - ignore_changes = [ - tags - ] - } -} - -resource "azurerm_network_security_group" "this" { - name = local.nsg_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - security_rule { - name = "example" - priority = 100 - direction = "Outbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "*" - source_address_prefix = "*" - destination_address_prefix = "*" - } -} -``` ## Requirements @@ -231,16 +60,16 @@ resource "azurerm_network_security_group" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | -| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object ({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
      hostname                     = string
      size                         = string
      location                     = string
      admin_username               = optional(string, "loc_sysadmin")
      os_sku                       = optional(string, "22_04-lts-gen2")
      os_offer                     = optional(string, "0001-com-ubuntu-server-jammy")
      os_version                   = optional(string, "latest")
      os_publisher                 = optional(string, "Canonical")
      os_disk_caching              = optional(string, "ReadWrite")
      os_disk_size_gb              = optional(number, 64)
      os_disk_storage_type         = optional(string, "StandardSSD_LRS")
      zone                         = optional(string)
      availability_set_id          = optional(string)
      write_accelerator_enabled    = optional(bool, false)
      proximity_placement_group_id = optional(string)
      tags                         = optional(map(string))
  })
| n/a | yes | +| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    admin_username               = optional(string, "loc_sysadmin")
    os_sku                       = optional(string, "22_04-lts-gen2")
    os_offer                     = optional(string, "0001-com-ubuntu-server-jammy")
    os_version                   = optional(string, "latest")
    os_publisher                 = optional(string, "Canonical")
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number, 64)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(string)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | `""` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: Optional. The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    tier                       = optional(string)
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: Optional. The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    tier                       = optional(string)
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [enable\_accelerated\_networking](#input\_enable\_accelerated\_networking) | Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature. https://docs.microsoft.com/en-us/azure/virtual-network/create-vm-accelerated-networking-powershell | `bool` | `"false"` | no | -| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string 
  })
| `null` | no | -| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic             = optional(string)
      nic_ip_config   = optional(string)
      public_ip       = optional(string)
      virtual_machine = optional(string)
      os_disk         = optional(string)
      data_disks      = optional(map(string), {})
  })
| `{}` | no | +| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | +| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled           = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [public\_key](#input\_public\_key) | SSH public key file (e.g. file(id\_rsa.pub) | `string` | `""` | no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | From 46c48061cbfecf9a25a2d58f8e78fb50e2d835d9 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 12 Jan 2024 13:05:34 +0100 Subject: [PATCH 21/72] Fix changelog as recommendation. --- CHANGELOG.md | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 39582e9..4807a76 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,17 +8,10 @@ and this module adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0. ## [1.0.0] - 2024-01-11 -Initial code module. +Initial code that creates a VM. ### Added -- VM creation. - - Multples NIC suppoted. - - Network acceleration. - - Availavility set. - - Proximity placement group. -- Disk management creation. - ### Changed ### Removed From 30060c3bfe0c9351ae47d809b8f375d6df8e188b Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 12 Jan 2024 13:13:02 +0100 Subject: [PATCH 22/72] Deleted tier option. --- README.md | 4 +--- data_disk.tf | 1 - examples/advanced/main.tf | 1 - variables.tf | 2 -- 4 files changed, 1 insertion(+), 7 deletions(-) diff --git a/README.md b/README.md index f410843..38d6d84 100644 --- a/README.md +++ b/README.md @@ -114,7 +114,6 @@ module "virtual_machine" { data_disks = { shared-01 = { # Name should be: vm-CUSTAPP001-datadisk-shared-01, or use name_override lun = 1 - tier = "P4" caching = "ReadWrite" disk_size_gb = 32 create_option = "Empty" @@ -124,7 +123,6 @@ module "virtual_machine" { } sap-01 = { lun = 2 - tier = "P4" caching = "ReadWrite" disk_size_gb = 32 create_option = "Empty" @@ -235,7 +233,7 @@ resource "azurerm_network_security_group" "this" { | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
      hostname                     = string
      size                         = string
      location                     = string
      admin_username               = optional(string, "loc_sysadmin")
      os_sku                       = optional(string, "22_04-lts-gen2")
      os_offer                     = optional(string, "0001-com-ubuntu-server-jammy")
      os_version                   = optional(string, "latest")
      os_publisher                 = optional(string, "Canonical")
      os_disk_caching              = optional(string, "ReadWrite")
      os_disk_size_gb              = optional(number, 64)
      os_disk_storage_type         = optional(string, "StandardSSD_LRS")
      zone                         = optional(string)
      availability_set_id          = optional(string)
      write_accelerator_enabled    = optional(bool, false)
      proximity_placement_group_id = optional(string)
      tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | `""` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  tier: Optional. The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    tier                       = optional(string)
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | | [enable\_accelerated\_networking](#input\_enable\_accelerated\_networking) | Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature. https://docs.microsoft.com/en-us/azure/virtual-network/create-vm-accelerated-networking-powershell | `bool` | `"false"` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string 
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic             = optional(string)
      nic_ip_config   = optional(string)
      public_ip       = optional(string)
      virtual_machine = optional(string)
      os_disk         = optional(string)
      data_disks      = optional(map(string), {})
  })
| `{}` | no | diff --git a/data_disk.tf b/data_disk.tf index af84555..c82e8f9 100644 --- a/data_disk.tf +++ b/data_disk.tf @@ -3,7 +3,6 @@ resource "azurerm_managed_disk" "data_disk" { name = lookup(var.name_overrides.data_disks, each.key, "disk-${var.virtual_machine_config.hostname}-${each.key}") location = var.virtual_machine_config.location resource_group_name = var.resource_group_name - tier = each.value["storage_account_type"] == "Premium_LRS" || each.value["storage_account_type"] == "Premium_ZRS" ? each.value["tier"] : null zone = each.value["zone"] storage_account_type = each.value["storage_account_type"] create_option = each.value["create_option"] diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index ba1e333..87c50f3 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -43,7 +43,6 @@ module "virtual_machine" { data_disks = { shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 lun = 1 - tier = "P4" caching = "ReadWrite" disk_size_gb = 32 create_option = "Empty" diff --git a/variables.tf b/variables.tf index 7afc206..ce9b892 100644 --- a/variables.tf +++ b/variables.tf @@ -137,7 +137,6 @@ variable "data_disks" { # change to map of objects type = map(object({ lun = number disk_size_gb = number - tier = optional(string) zone = optional(string) caching = optional(string, "ReadWrite") create_option = optional(string, "Empty") @@ -159,7 +158,6 @@ variable "data_disks" { # change to map of objects = { lun: Number of the lun. disk_size_gb: The size of the data disk. - tier: Optional. The disk performance tier to use. Possible values are documented here. This feature is currently supported only for premium SSDs. zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3. storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS. caching: Optionally activate disk caching. Defaults to None. From 23da987137dff6f04d1a66300f3d93af1b3c0cbd Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 12 Jan 2024 13:14:21 +0100 Subject: [PATCH 23/72] Delete unnecesary line. --- main.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/main.tf b/main.tf index 5a249b4..291ec20 100644 --- a/main.tf +++ b/main.tf @@ -46,7 +46,6 @@ resource "azurerm_linux_virtual_machine" "this" { location = var.virtual_machine_config.location resource_group_name = var.resource_group_name size = var.virtual_machine_config.size - provision_vm_agent = true admin_username = var.virtual_machine_config.admin_username admin_password = var.admin_password disable_password_authentication = length(var.admin_password) > 0 && length(var.public_key) == 0 ? false : true From 3bead9e3091dd429d55dfce67f831939e4277e1e Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 12 Jan 2024 13:34:51 +0100 Subject: [PATCH 24/72] Change enable_accelerated_networking to be part of nic_config. --- README.md | 4 ++-- examples/advanced/main.tf | 11 +++++------ main.tf | 2 +- variables.tf | 12 ++++-------- 4 files changed, 12 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 38d6d84..6c69043 100644 --- a/README.md +++ b/README.md @@ -234,10 +234,10 @@ resource "azurerm_network_security_group" "this" { | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | `""` | no | | [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | -| [enable\_accelerated\_networking](#input\_enable\_accelerated\_networking) | Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature. https://docs.microsoft.com/en-us/azure/virtual-network/create-vm-accelerated-networking-powershell | `bool` | `"false"` | no | +| [enable\_accelerated\_networking](#input\_enable\_accelerated\_networking) | Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature. | `bool` | `"false"` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string 
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic             = optional(string)
      nic_ip_config   = optional(string)
      public_ip       = optional(string)
      virtual_machine = optional(string)
      os_disk         = optional(string)
      data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled           = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [public\_key](#input\_public\_key) | SSH public key file (e.g. file(id\_rsa.pub) | `string` | `""` | no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index 87c50f3..e2b0ae2 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -10,11 +10,10 @@ module "virtual_machine" { } public_key = file("id_rsa.pub") nic_config = { - nic1 = { - private_ip = "10.0.0.16" - dns_servers = [ "10.0.0.10", "10.0.0.11" ] - nsg = azurerm_network_security_group.this - } + private_ip = "10.0.0.16" + dns_servers = [ "10.0.0.10", "10.0.0.11" ] + enable_accelerated_networking = true + nsg = azurerm_network_security_group.this } virtual_machine_config = { hostname = "CUSTAPP007" @@ -39,7 +38,7 @@ module "virtual_machine" { resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] - enable_accelerated_networking = true + data_disks = { shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 lun = 1 diff --git a/main.tf b/main.tf index 291ec20..56f18ff 100644 --- a/main.tf +++ b/main.tf @@ -17,7 +17,7 @@ resource "azurerm_network_interface" "this" { location = var.virtual_machine_config.location resource_group_name = var.resource_group_name dns_servers = var.nic_config.dns_servers - enable_accelerated_networking = var.enable_accelerated_networking + enable_accelerated_networking = var.nic_config.enable_accelerated_networking ip_configuration { name = local.nic.ip_config_name diff --git a/variables.tf b/variables.tf index ce9b892..ac3f866 100644 --- a/variables.tf +++ b/variables.tf @@ -21,8 +21,9 @@ variable "public_ip_config" { # nsg needs to be an object to use the count object in main.tf. variable "nic_config" { type = object({ - private_ip = optional(string) - dns_servers = optional(list(string)) + private_ip = optional(string) + dns_servers = optional(list(string)) + enable_accelerated_networking = optional(bool, false) nsg = optional(object({ id = string })) @@ -32,17 +33,12 @@ variable "nic_config" { ``` private_ip: Optioanlly specify a private ip to use. Otherwise it will be allocated dynamically. dns_servers: Optionally specify a list of dns servers for the nic. + enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature. nsg_id: Optinally specify the id of a network security group that will be assigned to the nic. ``` DOC } -variable "enable_accelerated_networking" { - description = "Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature. https://docs.microsoft.com/en-us/azure/virtual-network/create-vm-accelerated-networking-powershell" - type = bool - default = "false" -} - variable "additional_network_interface_ids" { type = list(string) default = [] From 8560e5c064902204839b37ec9ee2558968cc3d21 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 12 Jan 2024 13:46:56 +0100 Subject: [PATCH 25/72] Fix recommendation of vm config. --- README.md | 2 +- variables.tf | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 6c69043..6574326 100644 --- a/README.md +++ b/README.md @@ -230,7 +230,7 @@ resource "azurerm_network_security_group" "this" { |------|-------------|------|---------|:--------:| | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object ({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
      hostname                     = string
      size                         = string
      location                     = string
      admin_username               = optional(string, "loc_sysadmin")
      os_sku                       = optional(string, "22_04-lts-gen2")
      os_offer                     = optional(string, "0001-com-ubuntu-server-jammy")
      os_version                   = optional(string, "latest")
      os_publisher                 = optional(string, "Canonical")
      os_disk_caching              = optional(string, "ReadWrite")
      os_disk_size_gb              = optional(number, 64)
      os_disk_storage_type         = optional(string, "StandardSSD_LRS")
      zone                         = optional(string)
      availability_set_id          = optional(string)
      write_accelerator_enabled    = optional(bool, false)
      proximity_placement_group_id = optional(string)
      tags                         = optional(map(string))
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to Premium_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
      hostname                     = string
      size                         = string
      location                     = string
      admin_username               = optional(string, "loc_sysadmin")
      os_sku                       = string
      os_offer                     = optional(string)
      os_version                   = optional(string, "latest")
      os_publisher                 = optional(string)
      os_disk_caching              = optional(string, "ReadWrite")
      os_disk_size_gb              = optional(number, 64)
      os_disk_storage_type         = optional(string, "Premium_LRS")
      zone                         = optional(string)
      availability_set_id          = optional(string)
      write_accelerator_enabled    = optional(bool, false)
      proximity_placement_group_id = optional(string)
      tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | `""` | no | | [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | diff --git a/variables.tf b/variables.tf index ac3f866..37a9578 100644 --- a/variables.tf +++ b/variables.tf @@ -59,13 +59,13 @@ variable "virtual_machine_config" { size = string location = string admin_username = optional(string, "loc_sysadmin") - os_sku = optional(string, "22_04-lts-gen2") - os_offer = optional(string, "0001-com-ubuntu-server-jammy") + os_sku = string + os_offer = optional(string) os_version = optional(string, "latest") - os_publisher = optional(string, "Canonical") + os_publisher = optional(string) os_disk_caching = optional(string, "ReadWrite") os_disk_size_gb = optional(number, 64) - os_disk_storage_type = optional(string, "StandardSSD_LRS") + os_disk_storage_type = optional(string, "Premium_LRS") zone = optional(string) availability_set_id = optional(string) write_accelerator_enabled = optional(bool, false) @@ -93,7 +93,7 @@ variable "virtual_machine_config" { os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created. os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite. os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image. - os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS. + os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to Premium_LRS. zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3. availability_set_id: Optionally specify an availibility set for the vm. write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only From 49b0239fd440d8d6e1d6cc99efed22a54f8ce72b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Fri, 12 Jan 2024 12:55:08 +0000 Subject: [PATCH 26/72] terraform-docs: automated action --- README.md | 184 +++--------------------------------------------------- 1 file changed, 7 insertions(+), 177 deletions(-) diff --git a/README.md b/README.md index c777687..0fe4683 100644 --- a/README.md +++ b/README.md @@ -48,176 +48,6 @@ resource "azurerm_subnet" "this" { address_prefixes = [ "10.0.0.0/24" ] } ``` -###### Advanced -```hcl -locals { - location = "West Europe" - resource_group_name = "rg-examples_vm_deploy-02" - virtual_network_name = "vnet-examples_vm_deploy-02" - subnet_name = "snet-examples_vm_deploy-02" - availability_set_name = "as-examples_vm_deploy-02" - proximity_placement_group_name = "ppg-examples_vm_deploy-02" - nsg_name = "nsg-examples_vm_deploy-02" - law_name = "law-examplesvmdeploy-02" - nic = "nic-examples_vm_deploy-02" - nic_ip_config = "nic-ip-examples_vm_deploy-02" - public_ip = "pip-examples_vm_deploy-02" - virtual_machine = "vm-examples_vm_deploy-02" -} - -provider "azurerm" { - features {} -} - -module "virtual_machine" { - source = "../.." - public_ip_config = { - enabled = true - allocation_method = "Static" - } - nic_config = { - private_ip = "10.0.0.16" - dns_servers = [ "10.0.0.10", "10.0.0.11" ] - enable_accelerated_networking = true - nsg = azurerm_network_security_group.this - } - virtual_machine_config = { - hostname = "CUSTAPP007" - location = azurerm_resource_group.this.location - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - admin_username = "qbinstall" - size = "Standard_DS1_v2" - os_sku = "20_04-lts-gen2" - os_offer = "0001-com-ubuntu-server-focal" - os_version = "latest" - os_publisher = "Canonical" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 64 - tags = { - "Environment" = "prd" - } - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - write_accelerator_enabled = false - } - admin_password = "" # Write a password if you need. - public_key = file("id_rsa.pub") # If don't need rsa, leave empty with this "". - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] - enable_accelerated_networking = true - severity_group = "01-third-tuesday-0200-XCSUFEDTG-reboot" - update_allowed = true - - ## DISK DECLARATION - data_disks = { - shared-01 = { # Name should be: vm-CUSTAPP001-datadisk-shared-01, or use name_override - lun = 1 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - sap-01 = { - lun = 2 - tier = "P4" - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "Premium_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = false - } - } - - name_overrides = { - nic = "nic-examples_vm_CUSTAPP001" - nic_ip_config = "nic-ip-examples_vm_CUSTAPP001" - public_ip = "pip-examples_vm_CUSTAPP001" - data_disks = { - shared-01 = "vm-CUSTAPP007-datadisk-shared-01" - } - } -} - -resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location -} - -resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] - location = azurerm_resource_group.this.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_subnet" "this" { - name = local.subnet_name - resource_group_name = azurerm_resource_group.this.name - virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] -} - -resource "azurerm_availability_set" "this" { - name = local.availability_set_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - proximity_placement_group_id = azurerm_proximity_placement_group.this.id -} - -resource "azurerm_proximity_placement_group" "this" { - name = local.proximity_placement_group_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - lifecycle { - ignore_changes = [tags] - } -} - -resource "azurerm_network_interface" "additional_nic_01" { - name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" - location = local.location - resource_group_name = azurerm_resource_group.this.name - dns_servers = [] - - ip_configuration { - name = "ip-nic-01" - subnet_id = azurerm_subnet.this.id - private_ip_address_allocation = "Dynamic" - private_ip_address = null - public_ip_address_id = null - } - - lifecycle { - ignore_changes = [ - tags - ] - } -} - -resource "azurerm_network_security_group" "this" { - name = local.nsg_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - security_rule { - name = "example" - priority = 100 - direction = "Outbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "*" - source_address_prefix = "*" - destination_address_prefix = "*" - } -} -``` ## Requirements @@ -230,15 +60,15 @@ resource "azurerm_network_security_group" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | -| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object ({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to Premium_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
      hostname                     = string
      size                         = string
      location                     = string
      admin_username               = optional(string, "loc_sysadmin")
      os_sku                       = string
      os_offer                     = optional(string)
      os_version                   = optional(string, "latest")
      os_publisher                 = optional(string)
      os_disk_caching              = optional(string, "ReadWrite")
      os_disk_size_gb              = optional(number, 64)
      os_disk_storage_type         = optional(string, "Premium_LRS")
      zone                         = optional(string)
      availability_set_id          = optional(string)
      write_accelerator_enabled    = optional(bool, false)
      proximity_placement_group_id = optional(string)
      tags                         = optional(map(string))
  })
| n/a | yes | +| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to Premium_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    admin_username               = optional(string, "loc_sysadmin")
    os_sku                       = string
    os_offer                     = optional(string)
    os_version                   = optional(string, "latest")
    os_publisher                 = optional(string)
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number, 64)
    os_disk_storage_type         = optional(string, "Premium_LRS")
    zone                         = optional(string)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | `""` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | -| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string 
  })
| `null` | no | -| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic             = optional(string)
      nic_ip_config   = optional(string)
      public_ip       = optional(string)
      virtual_machine = optional(string)
      os_disk         = optional(string)
      data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled           = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | +| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [public\_key](#input\_public\_key) | SSH public key file (e.g. file(id\_rsa.pub) | `string` | `""` | no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | From 5f8fcc025b0278a567dc6f8a66aa03a5bba74591 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 12 Jan 2024 14:04:25 +0100 Subject: [PATCH 27/72] Added variable enable_accelerated_networking to documentation. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c777687..991be15 100644 --- a/README.md +++ b/README.md @@ -237,7 +237,7 @@ resource "azurerm_network_security_group" "this" { | [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string 
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic             = optional(string)
      nic_ip_config   = optional(string)
      public_ip       = optional(string)
      virtual_machine = optional(string)
      os_disk         = optional(string)
      data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled           = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [public\_key](#input\_public\_key) | SSH public key file (e.g. file(id\_rsa.pub) | `string` | `""` | no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | From d5c8a649495a5cee606cf80823ec67de9695e5a2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Fri, 12 Jan 2024 13:09:42 +0000 Subject: [PATCH 28/72] terraform-docs: automated action --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 1703bbd..0fe4683 100644 --- a/README.md +++ b/README.md @@ -64,11 +64,11 @@ resource "azurerm_subnet" "this" { | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to Premium_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    admin_username               = optional(string, "loc_sysadmin")
    os_sku                       = string
    os_offer                     = optional(string)
    os_version                   = optional(string, "latest")
    os_publisher                 = optional(string)
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number, 64)
    os_disk_storage_type         = optional(string, "Premium_LRS")
    zone                         = optional(string)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | `""` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | -| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string 
  })
| `null` | no | -| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic             = optional(string)
      nic_ip_config   = optional(string)
      public_ip       = optional(string)
      virtual_machine = optional(string)
      os_disk         = optional(string)
      data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled           = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | +| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [public\_key](#input\_public\_key) | SSH public key file (e.g. file(id\_rsa.pub) | `string` | `""` | no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | From 1a8b64678154adc1b0288d5efe73c2345e4d902d Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Thu, 22 Feb 2024 12:16:05 +0100 Subject: [PATCH 29/72] Fix all the recomendation and others identified. --- README.md | 34 +++++++++------ examples/advanced/main.tf | 48 ++++++++++++--------- examples/basic/main.tf | 18 +++++--- main.tf | 14 +++--- outputs.tf | 4 ++ variables.tf | 89 +++++++++++++++++++++++++-------------- 6 files changed, 131 insertions(+), 76 deletions(-) diff --git a/README.md b/README.md index 1703bbd..cb2fad1 100644 --- a/README.md +++ b/README.md @@ -16,17 +16,24 @@ provider "azurerm" { } module "virtual_machine" { - source = "../.." - virtual_machine_config = { - hostname = "CUSTAPP001" - location = local.location - admin_username = "local_admin" - size = "Standard_B1ms" + source = "../.." + virtual_machine_config = { + hostname = "CUSTAPP001" + location = local.location + size = "Standard_B1ms" + os_sku = "22_04-lts-gen2" + os_offer = "0001-com-ubuntu-server-jammy" + os_version = "latest" + os_publisher = "Canonical" + admin_credential = { + admin_username = "local_admin" + admin_password = "H3ll0W0rld!" + disable_password_authentication = false } + } - admin_password = "H3ll0W0rld!" - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this } resource "azurerm_resource_group" "this" { @@ -60,16 +67,15 @@ resource "azurerm_subnet" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | +| [admin\_credential](#input\_admin\_credential) |
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin.
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id\_rsa.pub).
  disable_password_authentication: When an admin_password is specified, must be set to false. Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to Premium_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    admin_username               = optional(string, "loc_sysadmin")
    os_sku                       = string
    os_offer                     = optional(string)
    os_version                   = optional(string, "latest")
    os_publisher                 = optional(string)
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number, 64)
    os_disk_storage_type         = optional(string, "Premium_LRS")
    zone                         = optional(string)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to Premium_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = optional(string)
    os_version                   = optional(string, "latest")
    os_publisher                 = optional(string)
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number, 64)
    os_disk_storage_type         = optional(string, "Premium_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [admin\_password](#input\_admin\_password) | Password of the local administrator. | `string` | `""` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium_LRS disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | -| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string 
  })
| `null` | no | +| [data\_disks](#input\_data\_disks) | 
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | +| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string 
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic             = optional(string)
      nic_ip_config   = optional(string)
      public_ip       = optional(string)
      virtual_machine = optional(string)
      os_disk         = optional(string)
      data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled           = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | -| [public\_key](#input\_public\_key) | SSH public key file (e.g. file(id\_rsa.pub) | `string` | `""` | no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index e2b0ae2..da4e150 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -5,22 +5,20 @@ provider "azurerm" { module "virtual_machine" { source = "../.." public_ip_config = { - enabled = true - allocation_method = "Static" + enabled = true + allocation_method = "Static" } - public_key = file("id_rsa.pub") nic_config = { private_ip = "10.0.0.16" - dns_servers = [ "10.0.0.10", "10.0.0.11" ] enable_accelerated_networking = true + dns_servers = [ "10.0.0.10", "10.0.0.11" ] nsg = azurerm_network_security_group.this } virtual_machine_config = { hostname = "CUSTAPP007" - location = azurerm_resource_group.this.location - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - admin_username = "qbinstall" - size = "Standard_DS1_v2" + location = local.location + size = "Standard_B1ms" + zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. os_sku = "22_04-lts-gen2" os_offer = "0001-com-ubuntu-server-jammy" os_version = "latest" @@ -28,35 +26,45 @@ module "virtual_machine" { os_disk_caching = "ReadWrite" os_disk_storage_type = "StandardSSD_LRS" os_disk_size_gb = 64 - tags = { - "Environment" = "prd" - } availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. write_accelerator_enabled = false proximity_placement_group_id = azurerm_proximity_placement_group.this.id + tags = { + "Environment" = "prd" + } + } + admin_credential = { + admin_username = "local_admin" + public_key = file("id_rsa.pub") } + resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] + log_analytics_agent = azurerm_log_analytics_workspace.this data_disks = { - shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 - lun = 1 - caching = "ReadWrite" - disk_size_gb = 32 - create_option = "Empty" - storage_account_type = "StandardSSD_LRS" - write_accelerator_enabled = false + shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 + lun = 1 + tier = "P4" + caching = "None" + disk_size_gb = 32 + create_option = "Empty" + storage_account_type = "Premium_LRS" + write_accelerator_enabled = true + on_demand_bursting_enabled = true } } - log_analytics_agent = azurerm_log_analytics_workspace.this - name_overrides = { nic = local.nic nic_ip_config = local.nic_ip_config public_ip = local.public_ip virtual_machine = local.virtual_machine + os_disk = "vm-CUSTAPP007_OsDisk" + data_disks = { + shared-01 = "vm-CUSTAPP007-datadisk-shared-01" + } } } diff --git a/examples/basic/main.tf b/examples/basic/main.tf index ac475ca..c16ed67 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -4,14 +4,22 @@ provider "azurerm" { module "virtual_machine" { source = "../.." + virtual_machine_config = { - hostname = "CUSTAPP001" - location = local.location - admin_username = "local_admin" - size = "Standard_B1ms" + hostname = "CUSTAPP001" + location = local.location + size = "Standard_B1ms" + os_sku = "22_04-lts-gen2" + os_offer = "0001-com-ubuntu-server-jammy" + os_version = "latest" + os_publisher = "Canonical" + } + admin_credential = { + admin_username = "local_admin" + admin_password = "H3ll0W0rld!" + disable_password_authentication = false } - admin_password = "H3ll0W0rld!" resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this } diff --git a/main.tf b/main.tf index 56f18ff..8eb5880 100644 --- a/main.tf +++ b/main.tf @@ -46,15 +46,17 @@ resource "azurerm_linux_virtual_machine" "this" { location = var.virtual_machine_config.location resource_group_name = var.resource_group_name size = var.virtual_machine_config.size - admin_username = var.virtual_machine_config.admin_username - admin_password = var.admin_password - disable_password_authentication = length(var.admin_password) > 0 && length(var.public_key) == 0 ? false : true + admin_username = var.admin_credential.admin_username + admin_password = var.admin_credential.admin_password + disable_password_authentication = var.admin_credential.disable_password_authentication + # disable_password_authentication = length(var.virtual_machine_config.admin_password) > 0 && length(var.virtual_machine_config.public_key) == 0 ? false : true dynamic "admin_ssh_key" { - for_each = length(var.public_key) > 0 ? [1] : [] + # for_each = length(var.admin_credential.public_key) > 0 ? [1] : [] + for_each = var.admin_credential.public_key != null ? [1] : [] content { - username = var.virtual_machine_config.admin_username - public_key = var.public_key + username = var.admin_credential.admin_username + public_key = var.admin_credential.public_key } } diff --git a/outputs.tf b/outputs.tf index 8b69579..8d8ebac 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,3 +1,7 @@ output "virtual_machine" { value = azurerm_linux_virtual_machine.this +} + +output "data_disks" { + value = azurerm_managed_disk.data_disk } \ No newline at end of file diff --git a/variables.tf b/variables.tf index 37a9578..159962e 100644 --- a/variables.tf +++ b/variables.tf @@ -53,20 +53,46 @@ variable "subnet" { description = "The variable takes the subnet as input and takes the id and the address prefix for further configuration." } +variable "admin_credential" { + type = object({ + admin_username = optional(string, "loc_sysadmin") + admin_password = optional(string) + public_key = optional(string) + disable_password_authentication = optional(bool, true) + }) + validation { + condition = (var.admin_credential.admin_password != null && var.admin_credential.disable_password_authentication == false) || (var.admin_credential.admin_password == null && var.admin_credential.disable_password_authentication == true) + error_message = "If use admin password, set disable_password_authentication to false." + } + validation { + condition = (var.admin_credential.admin_password != null && var.admin_credential.public_key == null) || (var.admin_credential.admin_password == null && var.admin_credential.public_key != null) + error_message = "Use admin password or public ssh key." + } + sensitive = true + description = <<-DOC + ``` + admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. + The local admin name could be changed by the gpo in the target ad. + admin_password: Password of the local administrator. + public_key: SSH public key file (e.g. file(id_rsa.pub) + disable_password_authentication: Default to true. + ``` + DOC +} + variable "virtual_machine_config" { type = object({ hostname = string size = string location = string - admin_username = optional(string, "loc_sysadmin") os_sku = string - os_offer = optional(string) - os_version = optional(string, "latest") - os_publisher = optional(string) + os_offer = string + os_version = string + os_publisher = string os_disk_caching = optional(string, "ReadWrite") - os_disk_size_gb = optional(number, 64) - os_disk_storage_type = optional(string, "Premium_LRS") - zone = optional(string) + os_disk_size_gb = optional(number) + os_disk_storage_type = optional(string, "StandardSSD_LRS") + zone = optional(number) availability_set_id = optional(string) write_accelerator_enabled = optional(bool, false) proximity_placement_group_id = optional(string) @@ -74,30 +100,36 @@ variable "virtual_machine_config" { }) validation { condition = contains(["None", "ReadOnly", "ReadWrite"], var.virtual_machine_config.os_disk_caching) - error_message = "Possible values are None, ReadOnly and ReadWrite" + error_message = "Possible values are None, ReadOnly and ReadWrite for os_disk_caching." } validation { condition = contains(["Standard_LRS", "StandardSSD_LRS", "Premium_LRS", "StandardSSD_ZRS", "Premium_ZRS"], var.virtual_machine_config.os_disk_storage_type) - error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS" + error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS for os_disk_storage_type." + } + validation { + condition = (contains(["Premium_LRS", "Premium_ZRS"], var.virtual_machine_config.os_disk_storage_type) && var.virtual_machine_config.write_accelerator_enabled == true && var.virtual_machine_config.os_disk_caching == "None") || (var.virtual_machine_config.write_accelerator_enabled == false) + error_message = "write_accelerator_enabled, can only be activated on Premium disks and caching deactivated." + } + validation { + condition = var.virtual_machine_config.zone == null || var.virtual_machine_config.zone == 1 || var.virtual_machine_config.zone == 2 || var.virtual_machine_config.zone == 3 + error_message = "Zone, can only be empty, 1, 2 or 3." } description = <<-DOC ``` hostname: Name of system hostname. size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes location: The location of the virtual machine. - admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. - The local admin name could be changed by the gpo in the target ad. - os_sku: The os that will be running on the vm. + os_sku: (Required) The os that will be running on the vm. os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created. - os_version: Optionally specify an os version for the chosen sku. Defaults to latest. + os_version: (Required) Optionally specify an os version for the chosen sku. os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created. os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite. os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image. - os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to Premium_LRS. + os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS. zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3. - availability_set_id: Optionally specify an availibility set for the vm. + availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone. write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only - be activated on Premium_LRS disks and caching deactivated. Defaults to false. + be activated on Premium disks and caching deactivated. Defaults to false. proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to. tags: Optionally specify tags in as a map. ``` @@ -116,19 +148,6 @@ variable "update_allowed" { description = "Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`." } -variable "admin_password" { - type = string - sensitive = true - description = "Password of the local administrator." - default = "" -} - -variable "public_key" { - type = string - default = "" - description = "SSH public key file (e.g. file(id_rsa.pub)" -} - variable "data_disks" { # change to map of objects type = map(object({ lun = number @@ -148,6 +167,14 @@ variable "data_disks" { # change to map of objects condition = alltrue([for o in var.data_disks : contains(["Standard_LRS", "StandardSSD_LRS", "Premium_LRS", "StandardSSD_ZRS", "Premium_ZRS"], o.storage_account_type)]) error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS" } + validation { + condition = (alltrue([for o in var.data_disks : contains(["Premium_LRS", "Premium_ZRS"], o.storage_account_type)]) && alltrue([for o in var.data_disks : o.write_accelerator_enabled == true]) && alltrue([for o in var.data_disks : o.caching == "None"])) || (alltrue([for o in var.data_disks : o.write_accelerator_enabled == false])) + error_message = "write_accelerator_enabled, can only be activated on Premium disks and caching deactivated." + } + validation { + condition = (alltrue([for o in var.data_disks : contains(["Premium_LRS", "Premium_ZRS"], o.storage_account_type)]) && alltrue([for o in var.data_disks : o.on_demand_bursting_enabled == true])) || (alltrue([for o in var.data_disks : o.on_demand_bursting_enabled == false])) + error_message = "If enable on demand bursting, possible storage account type values are Premium_LRS and Premium_ZRS" + } default = {} description = <<-DOC ``` @@ -159,8 +186,8 @@ variable "data_disks" { # change to map of objects caching: Optionally activate disk caching. Defaults to None. create_option: Optionally change the create option. Defaults to Empty disk. write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only - be activated on Premium_LRS disks and caching deactivated. Defaults to false. - on_demand_bursting_enabled: Optionally activate disk bursting. . Only for Premium disk. Default false. + be activated on Premium disks and caching deactivated. Defaults to false. + on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false. } ``` DOC From 2177074c1da7d81f86051fb1b1566971f49ecdec Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 22 Feb 2024 11:24:40 +0000 Subject: [PATCH 30/72] terraform-docs: automated action --- README.md | 40 +++++++++++++++++++++------------------- 1 file changed, 21 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index cb2fad1..7d7ef15 100644 --- a/README.md +++ b/README.md @@ -16,24 +16,25 @@ provider "azurerm" { } module "virtual_machine" { - source = "../.." - virtual_machine_config = { - hostname = "CUSTAPP001" - location = local.location - size = "Standard_B1ms" - os_sku = "22_04-lts-gen2" - os_offer = "0001-com-ubuntu-server-jammy" - os_version = "latest" - os_publisher = "Canonical" + source = "../.." + + virtual_machine_config = { + hostname = "CUSTAPP001" + location = local.location + size = "Standard_B1ms" + os_sku = "22_04-lts-gen2" + os_offer = "0001-com-ubuntu-server-jammy" + os_version = "latest" + os_publisher = "Canonical" + } admin_credential = { admin_username = "local_admin" admin_password = "H3ll0W0rld!" disable_password_authentication = false } - } - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this } resource "azurerm_resource_group" "this" { @@ -66,22 +67,23 @@ resource "azurerm_subnet" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| +| [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | -| [admin\_credential](#input\_admin\_credential) |
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin.
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id\_rsa.pub).
  disable_password_authentication: When an admin_password is specified, must be set to false. Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: Optionally specify an os version for the chosen sku. Defaults to latest.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to Premium_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = optional(string)
    os_version                   = optional(string, "latest")
    os_publisher                 = optional(string)
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number, 64)
    os_disk_storage_type         = optional(string, "Premium_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
 }))
| `{}` | no | -| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string 
  })
| `null` | no | -| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
      nic             = optional(string)
      nic_ip_config   = optional(string)
      public_ip       = optional(string)
      virtual_machine = optional(string)
      os_disk         = optional(string)
      data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip  = optional(string)
    dns_servers = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
      enabled           = bool
      allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | +| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs | Name | Description | |------|-------------| +| [data\_disks](#output\_data\_disks) | n/a | | [virtual\_machine](#output\_virtual\_machine) | n/a | ## Resource types From 6ed9d58fda0d9c6bd3223dc6aaaec738e6fa45b9 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Thu, 22 Feb 2024 12:33:26 +0100 Subject: [PATCH 31/72] Fix messages fo data disk. --- variables.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/variables.tf b/variables.tf index 159962e..cba17eb 100644 --- a/variables.tf +++ b/variables.tf @@ -165,7 +165,7 @@ variable "data_disks" { # change to map of objects } validation { condition = alltrue([for o in var.data_disks : contains(["Standard_LRS", "StandardSSD_LRS", "Premium_LRS", "StandardSSD_ZRS", "Premium_ZRS"], o.storage_account_type)]) - error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS" + error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS for storage_account_type" } validation { condition = (alltrue([for o in var.data_disks : contains(["Premium_LRS", "Premium_ZRS"], o.storage_account_type)]) && alltrue([for o in var.data_disks : o.write_accelerator_enabled == true]) && alltrue([for o in var.data_disks : o.caching == "None"])) || (alltrue([for o in var.data_disks : o.write_accelerator_enabled == false])) @@ -173,7 +173,7 @@ variable "data_disks" { # change to map of objects } validation { condition = (alltrue([for o in var.data_disks : contains(["Premium_LRS", "Premium_ZRS"], o.storage_account_type)]) && alltrue([for o in var.data_disks : o.on_demand_bursting_enabled == true])) || (alltrue([for o in var.data_disks : o.on_demand_bursting_enabled == false])) - error_message = "If enable on demand bursting, possible storage account type values are Premium_LRS and Premium_ZRS" + error_message = "If enable on demand bursting, possible storage_account_type values are Premium_LRS and Premium_ZRS." } default = {} description = <<-DOC From 02b364e72f1f6c35bd9b925071f2159060caa123 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Thu, 22 Feb 2024 14:08:09 +0100 Subject: [PATCH 32/72] Fix zone in data disk management. --- README.md | 2 +- data_disk.tf | 2 +- variables.tf | 4 +--- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 7d7ef15..710ab47 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,7 @@ resource "azurerm_subnet" "this" { | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | diff --git a/data_disk.tf b/data_disk.tf index c82e8f9..eb0ae96 100644 --- a/data_disk.tf +++ b/data_disk.tf @@ -3,7 +3,7 @@ resource "azurerm_managed_disk" "data_disk" { name = lookup(var.name_overrides.data_disks, each.key, "disk-${var.virtual_machine_config.hostname}-${each.key}") location = var.virtual_machine_config.location resource_group_name = var.resource_group_name - zone = each.value["zone"] + zone = var.virtual_machine_config.zone storage_account_type = each.value["storage_account_type"] create_option = each.value["create_option"] disk_size_gb = each.value["disk_size_gb"] diff --git a/variables.tf b/variables.tf index cba17eb..ebad685 100644 --- a/variables.tf +++ b/variables.tf @@ -148,11 +148,10 @@ variable "update_allowed" { description = "Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`." } -variable "data_disks" { # change to map of objects +variable "data_disks" { type = map(object({ lun = number disk_size_gb = number - zone = optional(string) caching = optional(string, "ReadWrite") create_option = optional(string, "Empty") storage_account_type = optional(string, "StandardSSD_LRS") @@ -181,7 +180,6 @@ variable "data_disks" { # change to map of objects = { lun: Number of the lun. disk_size_gb: The size of the data disk. - zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3. storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS. caching: Optionally activate disk caching. Defaults to None. create_option: Optionally change the create option. Defaults to Empty disk. From 0d1a718ec134f82b54ae82ef33972ca838425ed7 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 22 Feb 2024 13:08:34 +0000 Subject: [PATCH 33/72] terraform-docs: automated action --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 710ab47..b7981cb 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,7 @@ resource "azurerm_subnet" "this" { | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | From 170bb38c059a26e75d3e46ddc7f6945479477f36 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Thu, 22 Feb 2024 14:43:04 +0100 Subject: [PATCH 34/72] Fix documentation in data disk. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 710ab47..92cba7e 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,7 @@ resource "azurerm_subnet" "this" { | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    zone                       = optional(string)
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | From 7be47aaa738a163bd118292f2dbc581f7fbe11b7 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Thu, 22 Feb 2024 14:44:20 +0100 Subject: [PATCH 35/72] Fix data disk readme. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 92cba7e..3ed826c 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,7 @@ resource "azurerm_subnet" "this" { | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | From eca9f113431e7c3c1dee2d46ca8519e264a555dd Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 22 Feb 2024 13:46:20 +0000 Subject: [PATCH 36/72] terraform-docs: automated action --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3ed826c..b7981cb 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,7 @@ resource "azurerm_subnet" "this" { | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | From 3c0d006df55eec13779051f118caeb0427f8bd2b Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Thu, 22 Feb 2024 16:38:13 +0100 Subject: [PATCH 37/72] Fixed character error. --- README.md | 12 ++++++------ variables.tf | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index b7981cb..fca106c 100644 --- a/README.md +++ b/README.md @@ -67,16 +67,16 @@ resource "azurerm_subnet" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | +| [admin\_credential](#input\_admin\_credential) | 
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub))
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | -| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace..
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | +| [data\_disks](#input\_data\_disks) | 
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
  enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs diff --git a/variables.tf b/variables.tf index ebad685..4db93d8 100644 --- a/variables.tf +++ b/variables.tf @@ -220,7 +220,7 @@ variable "log_analytics_agent" { ``` Installs the log analytics agent(MicrosoftMonitoringAgent). workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent. - shared_key: The Primary shared key for the Log Analytics Workspace.. + shared_key: The Primary shared key for the Log Analytics Workspace. ``` DOC } \ No newline at end of file From a9e46767ef83ec3f528d73c0d8c3581e3fae81e3 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 22 Feb 2024 15:38:47 +0000 Subject: [PATCH 38/72] terraform-docs: automated action --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index fca106c..bbfb143 100644 --- a/README.md +++ b/README.md @@ -67,16 +67,16 @@ resource "azurerm_subnet" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [admin\_credential](#input\_admin\_credential) | 
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub))
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | +| [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
  enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs From 5e360ac82e199b35f558a18b5cb394dfddbc02d5 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 23 Feb 2024 11:28:58 +0100 Subject: [PATCH 39/72] Fix logical name of data disk. --- README.md | 2 +- variables.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index bbfb143..16c3cf9 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,7 @@ resource "azurerm_subnet" "this" { | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
\ = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | diff --git a/variables.tf b/variables.tf index 4db93d8..1760dd2 100644 --- a/variables.tf +++ b/variables.tf @@ -177,7 +177,7 @@ variable "data_disks" { default = {} description = <<-DOC ``` - = { + = { lun: Number of the lun. disk_size_gb: The size of the data disk. storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS. From 6f0aadbeb973897aef4e4afe791acd649de48aa8 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 23 Feb 2024 11:31:05 +0100 Subject: [PATCH 40/72] Fixed NSG variable description. --- README.md | 2 +- variables.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 16c3cf9..3672811 100644 --- a/README.md +++ b/README.md @@ -75,7 +75,7 @@ resource "azurerm_subnet" "this" { | [data\_disks](#input\_data\_disks) | 
\ = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg_id: Optinally specify the id of a network security group that will be assigned to the nic.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | diff --git a/variables.tf b/variables.tf index 1760dd2..4b6c1ee 100644 --- a/variables.tf +++ b/variables.tf @@ -34,7 +34,7 @@ variable "nic_config" { private_ip: Optioanlly specify a private ip to use. Otherwise it will be allocated dynamically. dns_servers: Optionally specify a list of dns servers for the nic. enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature. - nsg_id: Optinally specify the id of a network security group that will be assigned to the nic. + nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object. ``` DOC } From b7b42d64b2f52da61f3927dee6ceb5e881d87ba8 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Fri, 23 Feb 2024 11:32:09 +0100 Subject: [PATCH 41/72] Fix logical name of data disk. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3672811..d0c1a35 100644 --- a/README.md +++ b/README.md @@ -72,7 +72,7 @@ resource "azurerm_subnet" "this" { | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
\ = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
\ = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
}
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | From b1ddcd57ae9b3ea65f38af72c580a611366f11c8 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Fri, 23 Feb 2024 10:32:30 +0000 Subject: [PATCH 42/72] terraform-docs: automated action --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index d0c1a35..1524911 100644 --- a/README.md +++ b/README.md @@ -72,10 +72,10 @@ resource "azurerm_subnet" "this" { | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
\ = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
}
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | From b13b143cfdba9a48980f40243f338cb4067cb4c5 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Mon, 26 Feb 2024 11:57:13 +0100 Subject: [PATCH 43/72] Fixed documentation. --- README.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 1524911..a9171ee 100644 --- a/README.md +++ b/README.md @@ -67,16 +67,16 @@ resource "azurerm_subnet" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | +| [admin\_credential](#input\_admin\_credential) | 
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
})
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | -| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | +| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
})
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
})
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | -| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | -| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [data\_disks](#input\_data\_disks) | 
\ = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
}))
| `{}` | no | +| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
})
| `null` | no | +| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
})
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
})
| `{}` | no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
  enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
})
| 
{
  "enabled": false
}
| no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs From a00a1a54240742879560c19c7056dd9470c51e8b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 26 Feb 2024 10:57:34 +0000 Subject: [PATCH 44/72] terraform-docs: automated action --- README.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index a9171ee..1524911 100644 --- a/README.md +++ b/README.md @@ -67,16 +67,16 @@ resource "azurerm_subnet" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [admin\_credential](#input\_admin\_credential) | 
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
})
| n/a | yes | +| [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | -| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
})
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
})
| n/a | yes | +| [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
\ = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
}))
| `{}` | no | -| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
})
| `null` | no | -| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
})
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
})
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
  enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
})
| 
{
  "enabled": false
}
| no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | +| [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | +| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs From a2ec5be46bb099c3a45c3b1109d48158b98698d9 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Mon, 26 Feb 2024 12:11:42 +0100 Subject: [PATCH 45/72] Fix documentation. --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 1524911..1446a7a 100644 --- a/README.md +++ b/README.md @@ -67,16 +67,16 @@ resource "azurerm_subnet" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | +| [admin\_credential](#input\_admin\_credential) | 
Configuration variables.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
Configuration variables.
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
Configuration variables.
\ = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [nic\_config](#input\_nic\_config) | 
Configuration variables.
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
Configuration variables.
  enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs From 793f0537ec59987e054b2a8ca002e03c5d52612e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 26 Feb 2024 11:12:05 +0000 Subject: [PATCH 46/72] terraform-docs: automated action --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 1446a7a..1524911 100644 --- a/README.md +++ b/README.md @@ -67,16 +67,16 @@ resource "azurerm_subnet" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [admin\_credential](#input\_admin\_credential) | 
Configuration variables.
  admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | +| [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
Configuration variables.
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
Configuration variables.
\ = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | -| [nic\_config](#input\_nic\_config) | 
Configuration variables.
  private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
Configuration variables.
  enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs From 911c51ef9423d8b0ccd3fc3ef302fde27ded483e Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Mon, 25 Mar 2024 16:48:28 +0100 Subject: [PATCH 47/72] Delete extension old log analityc. --- README.md | 1 - examples/advanced/main.tf | 9 --------- extension_azuremonitor.tf | 12 ------------ extension_dependencyagent.tf | 11 ----------- variables.tf | 16 ---------------- 5 files changed, 49 deletions(-) delete mode 100644 extension_azuremonitor.tf delete mode 100644 extension_dependencyagent.tf diff --git a/README.md b/README.md index 1524911..950e7a4 100644 --- a/README.md +++ b/README.md @@ -73,7 +73,6 @@ resource "azurerm_subnet" "this" { | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | -| [log\_analytics\_agent](#input\_log\_analytics\_agent) | 
Installs the log analytics agent(MicrosoftMonitoringAgent).
  workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent.
  shared_key: The Primary shared key for the Log Analytics Workspace.
| 
object({
    workspace_id       = string
    primary_shared_key = string
  })
| `null` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index da4e150..e871cb1 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -41,7 +41,6 @@ module "virtual_machine" { resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] - log_analytics_agent = azurerm_log_analytics_workspace.this data_disks = { shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 @@ -141,12 +140,4 @@ resource "azurerm_network_security_group" "this" { source_address_prefix = "*" destination_address_prefix = "*" } -} - -resource "azurerm_log_analytics_workspace" "this" { - name = local.law_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - sku = "PerGB2018" - retention_in_days = 30 } \ No newline at end of file diff --git a/extension_azuremonitor.tf b/extension_azuremonitor.tf deleted file mode 100644 index b23fea2..0000000 --- a/extension_azuremonitor.tf +++ /dev/null @@ -1,12 +0,0 @@ -resource "azurerm_virtual_machine_extension" "microsoftmonitoringagent" { - count = var.log_analytics_agent != null ? 1 : 0 - name = "MicrosoftMonitoringAgent" - virtual_machine_id = azurerm_linux_virtual_machine.this.id - publisher = "Microsoft.EnterpriseCloud.Monitoring" - type = "OmsAgentForLinux" - type_handler_version = "1.17" - automatic_upgrade_enabled = true - auto_upgrade_minor_version = true - settings = jsonencode({ "workspaceId" = var.log_analytics_agent.workspace_id }) - protected_settings = jsonencode({ "workspaceKey" = var.log_analytics_agent.primary_shared_key }) -} \ No newline at end of file diff --git a/extension_dependencyagent.tf b/extension_dependencyagent.tf deleted file mode 100644 index 01c3cfe..0000000 --- a/extension_dependencyagent.tf +++ /dev/null @@ -1,11 +0,0 @@ -resource "azurerm_virtual_machine_extension" "DependencyAgentLinux" { - count = var.log_analytics_agent != null ? 1 : 0 - name = "DependencyAgentLinux" - virtual_machine_id = azurerm_linux_virtual_machine.this.id - publisher = "Microsoft.Azure.Monitoring.DependencyAgent" - type = "DependencyAgentLinux" - type_handler_version = "9.5" - automatic_upgrade_enabled = true - auto_upgrade_minor_version = true - settings = jsonencode({ "enableAMA" = true }) -} \ No newline at end of file diff --git a/variables.tf b/variables.tf index 4b6c1ee..be06a50 100644 --- a/variables.tf +++ b/variables.tf @@ -207,20 +207,4 @@ variable "name_overrides" { }) description = "Possibility to override names that will be generated according to q.beyond naming convention." default = {} -} - -variable "log_analytics_agent" { - type = object({ - workspace_id = string - primary_shared_key = string - }) - sensitive = true - default = null - description = <<-DOC - ``` - Installs the log analytics agent(MicrosoftMonitoringAgent). - workspace_id: Specify id of the log analytics workspace to which monitoring data will be sent. - shared_key: The Primary shared key for the Log Analytics Workspace. - ``` - DOC } \ No newline at end of file From 7ac865fa7f531f2b0b81dec74ab190afa104ce70 Mon Sep 17 00:00:00 2001 From: Esteban Valverde Date: Mon, 25 Mar 2024 16:50:39 +0100 Subject: [PATCH 48/72] Fix readme. --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 950e7a4..95bfe8c 100644 --- a/README.md +++ b/README.md @@ -70,9 +70,9 @@ resource "azurerm_subnet" "this" { | [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
\ = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
}))
| `{}` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | From 5efc4edbdfd35396dd1b1b0c887d78a29e8b621a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 25 Mar 2024 15:51:02 +0000 Subject: [PATCH 49/72] terraform-docs: automated action --- README.md | 66 +++++++++++++++++++++++-------------------------------- 1 file changed, 27 insertions(+), 39 deletions(-) diff --git a/README.md b/README.md index 95bfe8c..418356c 100644 --- a/README.md +++ b/README.md @@ -70,9 +70,9 @@ resource "azurerm_subnet" "this" { | [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
  hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | -| [data\_disks](#input\_data\_disks) | 
\ = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
}))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | @@ -85,53 +85,41 @@ resource "azurerm_subnet" "this" { | [data\_disks](#output\_data\_disks) | n/a | | [virtual\_machine](#output\_virtual\_machine) | n/a | -## Resource types + ## Resource types -| Type | Used | -|------|-------| -| [azurerm_linux_virtual_machine](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | 1 | -| [azurerm_managed_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/managed_disk) | 1 | -| [azurerm_network_interface](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | 1 | -| [azurerm_network_interface_security_group_association](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) | 1 | -| [azurerm_public_ip](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | 1 | -| [azurerm_virtual_machine_data_disk_attachment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_data_disk_attachment) | 1 | -| [azurerm_virtual_machine_extension](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | 2 | - -**`Used` only includes resource blocks.** `for_each` and `count` meta arguments, as well as resource blocks of modules are not considered. + | Type | Used | + |------|-------| + | [azurerm_linux_virtual_machine](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | 1 | + | [azurerm_managed_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/managed_disk) | 1 | + | [azurerm_network_interface](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | 1 | + | [azurerm_network_interface_security_group_association](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) | 1 | + | [azurerm_public_ip](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | 1 | + | [azurerm_virtual_machine_data_disk_attachment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_data_disk_attachment) | 1 | + **`Used` only includes resource blocks.** `for_each` and `count` meta arguments, as well as resource blocks of modules are not considered. + ## Modules No modules. -## Resources by Files - -### data_disk.tf - -| Name | Type | -|------|------| -| [azurerm_managed_disk.data_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/managed_disk) | resource | -| [azurerm_virtual_machine_data_disk_attachment.data_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_data_disk_attachment) | resource | - -### extension_azuremonitor.tf - -| Name | Type | -|------|------| -| [azurerm_virtual_machine_extension.microsoftmonitoringagent](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource | + ## Resources by Files -### extension_dependencyagent.tf + ### data_disk.tf -| Name | Type | -|------|------| -| [azurerm_virtual_machine_extension.DependencyAgentLinux](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource | + | Name | Type | + |------|------| + | [azurerm_managed_disk.data_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/managed_disk) | resource | + | [azurerm_virtual_machine_data_disk_attachment.data_disk](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_data_disk_attachment) | resource | -### main.tf + ### main.tf -| Name | Type | -|------|------| -| [azurerm_linux_virtual_machine.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | resource | -| [azurerm_network_interface.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | resource | -| [azurerm_network_interface_security_group_association.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) | resource | -| [azurerm_public_ip.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource | + | Name | Type | + |------|------| + | [azurerm_linux_virtual_machine.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | resource | + | [azurerm_network_interface.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | resource | + | [azurerm_network_interface_security_group_association.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface_security_group_association) | resource | + | [azurerm_public_ip.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource | + ## Contribute From 3a06058bdfdd3ad62d547c919170514c83919ca7 Mon Sep 17 00:00:00 2001 From: QBY-MarkusMaring <106068259+QBY-MarkusMaring@users.noreply.github.com> Date: Tue, 2 Apr 2024 17:01:59 +0200 Subject: [PATCH 50/72] PR review changes --- CHANGELOG.md | 4 +--- README.md | 2 +- data_disk.tf | 5 ++--- locals.tf | 4 ++-- main.tf | 15 ++------------- variables.tf | 13 +++++++++++-- 6 files changed, 19 insertions(+), 24 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4807a76..7139920 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,10 +8,8 @@ and this module adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0. ## [1.0.0] - 2024-01-11 -Initial code that creates a VM. - ### Added - + - Initial code that creates a VM ### Changed ### Removed diff --git a/README.md b/README.md index 418356c..07c3d59 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Module +# Linux VM [![GitHub tag](https://img.shields.io/github/tag/qbeyond/terraform-azurerm-linux-vm.svg)](https://registry.terraform.io/modules/qbeyond/linux-vm/azurerm/latest) [![License](https://img.shields.io/github/license/qbeyond/terraform-azurerm-linux-vm.svg)](https://github.com/qbeyond/terraform-azurerm-linux-vm/blob/main/LICENSE) diff --git a/data_disk.tf b/data_disk.tf index eb0ae96..9a976ac 100644 --- a/data_disk.tf +++ b/data_disk.tf @@ -8,11 +8,10 @@ resource "azurerm_managed_disk" "data_disk" { create_option = each.value["create_option"] disk_size_gb = each.value["disk_size_gb"] on_demand_bursting_enabled = each.value["on_demand_bursting_enabled"] + tags = var.tags + lifecycle { prevent_destroy = true - ignore_changes = [ - tags - ] } } diff --git a/locals.tf b/locals.tf index a6561c7..01b886c 100644 --- a/locals.tf +++ b/locals.tf @@ -1,6 +1,6 @@ locals { public_ip = { - name = coalesce(var.name_overrides.public_ip, "pip-vm-${var.virtual_machine_config.hostname}") # change to naming convention= + name = coalesce(var.name_overrides.public_ip, "pip-${var.stage}-${var.virtual_machine_config.hostname}-01-${var.virtual_machine_config.location}") } nic = { @@ -10,7 +10,7 @@ locals { virtual_machine = { name = coalesce(var.name_overrides.virtual_machine, "vm-${var.virtual_machine_config.hostname}") - tags = merge(var.virtual_machine_config.tags, { "Severity Group Monthly" = var.severity_group }, { "Update allowed" = local.update_allowed }) + tags = merge(var.tags, { "Severity Group Monthly" = var.severity_group }, { "Update allowed" = local.update_allowed }) } os_disk_name = coalesce(var.name_overrides.os_disk, "disk-${var.virtual_machine_config.hostname}-Os") update_allowed = var.update_allowed ? "yes" : "no" diff --git a/main.tf b/main.tf index 8eb5880..cafadb3 100644 --- a/main.tf +++ b/main.tf @@ -4,12 +4,7 @@ resource "azurerm_public_ip" "this" { resource_group_name = var.resource_group_name location = var.virtual_machine_config.location allocation_method = var.public_ip_config.allocation_method - - lifecycle { - ignore_changes = [ - tags - ] - } + tags = var.tags } resource "azurerm_network_interface" "this" { @@ -18,6 +13,7 @@ resource "azurerm_network_interface" "this" { resource_group_name = var.resource_group_name dns_servers = var.nic_config.dns_servers enable_accelerated_networking = var.nic_config.enable_accelerated_networking + tags = var.tags ip_configuration { name = local.nic.ip_config_name @@ -26,12 +22,6 @@ resource "azurerm_network_interface" "this" { private_ip_address = var.nic_config.private_ip public_ip_address_id = var.public_ip_config.enabled ? azurerm_public_ip.this[0].id : null } - - lifecycle { - ignore_changes = [ - tags - ] - } } resource "azurerm_network_interface_security_group_association" "this" { @@ -49,7 +39,6 @@ resource "azurerm_linux_virtual_machine" "this" { admin_username = var.admin_credential.admin_username admin_password = var.admin_credential.admin_password disable_password_authentication = var.admin_credential.disable_password_authentication - # disable_password_authentication = length(var.virtual_machine_config.admin_password) > 0 && length(var.virtual_machine_config.public_key) == 0 ? false : true dynamic "admin_ssh_key" { # for_each = length(var.admin_credential.public_key) > 0 ? [1] : [] diff --git a/variables.tf b/variables.tf index be06a50..42fbeec 100644 --- a/variables.tf +++ b/variables.tf @@ -96,7 +96,6 @@ variable "virtual_machine_config" { availability_set_id = optional(string) write_accelerator_enabled = optional(bool, false) proximity_placement_group_id = optional(string) - tags = optional(map(string)) }) validation { condition = contains(["None", "ReadOnly", "ReadWrite"], var.virtual_machine_config.os_disk_caching) @@ -131,7 +130,6 @@ variable "virtual_machine_config" { write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only be activated on Premium disks and caching deactivated. Defaults to false. proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to. - tags: Optionally specify tags in as a map. ``` DOC } @@ -207,4 +205,15 @@ variable "name_overrides" { }) description = "Possibility to override names that will be generated according to q.beyond naming convention." default = {} +} + +variable "tags" { + type = map(string) + description = "A map of tags that will be set on every resource this module creates." + default = {} +} + +variable "stage" { + type = string + description = "The stage of this VM like prd, dev, tst, ..." } \ No newline at end of file From 4f01e424806e1af66a780e8646e1b140eb794c84 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 2 Apr 2024 15:02:16 +0000 Subject: [PATCH 51/72] terraform-docs: automated action --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 07c3d59..b37f680 100644 --- a/README.md +++ b/README.md @@ -69,14 +69,16 @@ resource "azurerm_subnet" "this" { |------|-------------|------|---------|:--------:| | [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | +| [stage](#input\_stage) | The stage of this VM like prd, dev, tst, ... | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  tags: Optionally specify tags in as a map.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    tags                         = optional(map(string))
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | | [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | +| [tags](#input\_tags) | A map of tags that will be set on every resource this module creates. | `map(string)` | `{}` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs From 98ac9462edff222ee152c73fe3a7be06481f1d6c Mon Sep 17 00:00:00 2001 From: QBY Carl Pietsch Date: Wed, 3 Apr 2024 14:09:31 +0200 Subject: [PATCH 52/72] added write_accelerator test --- examples/advanced/.terraform.lock.hcl | 22 +++ examples/advanced/id_rsa.pub | 1 + examples/advanced/main.tf | 9 +- examples/basic/.terraform.lock.hcl | 22 +++ .../write_accelerator/.terraform.lock.hcl | 22 +++ examples/write_accelerator/id_rsa.pub | 1 + examples/write_accelerator/locals.tf | 14 ++ examples/write_accelerator/main.tf | 144 ++++++++++++++++++ 8 files changed, 231 insertions(+), 4 deletions(-) create mode 100644 examples/advanced/.terraform.lock.hcl create mode 100644 examples/advanced/id_rsa.pub create mode 100644 examples/basic/.terraform.lock.hcl create mode 100644 examples/write_accelerator/.terraform.lock.hcl create mode 100644 examples/write_accelerator/id_rsa.pub create mode 100644 examples/write_accelerator/locals.tf create mode 100644 examples/write_accelerator/main.tf diff --git a/examples/advanced/.terraform.lock.hcl b/examples/advanced/.terraform.lock.hcl new file mode 100644 index 0000000..ed623db --- /dev/null +++ b/examples/advanced/.terraform.lock.hcl @@ -0,0 +1,22 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/azurerm" { + version = "3.97.1" + constraints = ">= 3.7.0" + hashes = [ + "h1:m5wyoRGjbVfJU2YaGZrN1lfGgjpyuwi7Ykw1uHdwlAg=", + "zh:15171efcc3aa3a37748c502c493cb16ecff603b81ada4499a843574976bac524", + "zh:2ca6c13a4a96f67763ecced0015c7b101ee02d54ea54b28a8df4ae06468071b1", + "zh:2e3c77dbfd8f760132ecef2d6117e939cbea26b96aba5e4d926e7f7f0f7afe72", + "zh:4bc346eece1622be93c73801d8256502b11fd7c2e7f7cea12d048bb9fc9fe900", + "zh:4f1042942ed8d0433680a367527289459d43b0894a51eaba83ac414e80d5187f", + "zh:63e674c31482ae3579ea84daf5b1ba066ce40cb23475f54e17b6b131320a1bec", + "zh:8327148766dcb7a174673729a832c8095d7e137d0e6c7e2a9a01da48b8b73fbe", + "zh:851b3ae417059a80c7813e7f0063298a590a42f056004f2c2558ea14061c207e", + "zh:ac081b48907139c121a422ae9b1f40fc72c6aaaeb05cbdbf848102a6a5f426f4", + "zh:dc1d663df2d95e4ba91070ceb20d3560b6ea5c465d39c57a5979319302643e41", + "zh:ed26457367cbbb94237e935d297cb31b5687f9abf697377da0ee46974480db9b", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} diff --git a/examples/advanced/id_rsa.pub b/examples/advanced/id_rsa.pub new file mode 100644 index 0000000..da73e05 --- /dev/null +++ b/examples/advanced/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDeA/WEEO04H3b9quI2otmtXZ+sJepU4I+WulTSmakwchv0Nt0ebC0uiFRjHtMgtEM2MzrdkeBDuXkTumexcJ5SaauCbdrHKr0gkprSowe/hkTnJL+SZw3cGA6lPXKxdOIvSW2lFzX1z8QlcODdsfEiO/fLfqDNXW5sUBsQbmrBnGsiqVgXtKu53RWEcALQNvKn0qgPF2+nyCQ2yxwa2iCv1w7SgxMN+plf3Wts7zNn8sEzDwT5uWKi5P+9JKPpLRLS0Q8t2f68vaHkgS0LchPc7MhBG7iWQUDi8piY5Y47CBYW3kK59WOtWmRRMjvUecbQTKt+hQXpAv0n5tPYwBJfrqmfaG4X3l1HVdcpDuFls5ooZaIFPwHGNB7gYMqY1+8smoV4PtaEeOTFtfxe6ABP+Q90LmQNBPQHOtuWwkgDOQiPzNjNDffD7Tx/8g4eLaBUuKOVDUgcg6QDasE0pxSFVUO0BU/8/+rJgZ8cUV0wRX3rbqWbIy1VpOrLEeb46aM= one4all\caiet@5CG93225YL diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index e871cb1..16a3f4e 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -8,6 +8,7 @@ module "virtual_machine" { enabled = true allocation_method = "Static" } + stage = "tst" nic_config = { private_ip = "10.0.0.16" enable_accelerated_networking = true @@ -17,7 +18,7 @@ module "virtual_machine" { virtual_machine_config = { hostname = "CUSTAPP007" location = local.location - size = "Standard_B1ms" + size = "Standard_B2s_v2" zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. os_sku = "22_04-lts-gen2" os_offer = "0001-com-ubuntu-server-jammy" @@ -35,7 +36,7 @@ module "virtual_machine" { } admin_credential = { admin_username = "local_admin" - public_key = file("id_rsa.pub") + public_key = file("${path.root}/id_rsa.pub") } resource_group_name = azurerm_resource_group.this.name @@ -47,10 +48,10 @@ module "virtual_machine" { lun = 1 tier = "P4" caching = "None" - disk_size_gb = 32 + disk_size_gb = 513 create_option = "Empty" storage_account_type = "Premium_LRS" - write_accelerator_enabled = true + write_accelerator_enabled = false on_demand_bursting_enabled = true } } diff --git a/examples/basic/.terraform.lock.hcl b/examples/basic/.terraform.lock.hcl new file mode 100644 index 0000000..ed623db --- /dev/null +++ b/examples/basic/.terraform.lock.hcl @@ -0,0 +1,22 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/azurerm" { + version = "3.97.1" + constraints = ">= 3.7.0" + hashes = [ + "h1:m5wyoRGjbVfJU2YaGZrN1lfGgjpyuwi7Ykw1uHdwlAg=", + "zh:15171efcc3aa3a37748c502c493cb16ecff603b81ada4499a843574976bac524", + "zh:2ca6c13a4a96f67763ecced0015c7b101ee02d54ea54b28a8df4ae06468071b1", + "zh:2e3c77dbfd8f760132ecef2d6117e939cbea26b96aba5e4d926e7f7f0f7afe72", + "zh:4bc346eece1622be93c73801d8256502b11fd7c2e7f7cea12d048bb9fc9fe900", + "zh:4f1042942ed8d0433680a367527289459d43b0894a51eaba83ac414e80d5187f", + "zh:63e674c31482ae3579ea84daf5b1ba066ce40cb23475f54e17b6b131320a1bec", + "zh:8327148766dcb7a174673729a832c8095d7e137d0e6c7e2a9a01da48b8b73fbe", + "zh:851b3ae417059a80c7813e7f0063298a590a42f056004f2c2558ea14061c207e", + "zh:ac081b48907139c121a422ae9b1f40fc72c6aaaeb05cbdbf848102a6a5f426f4", + "zh:dc1d663df2d95e4ba91070ceb20d3560b6ea5c465d39c57a5979319302643e41", + "zh:ed26457367cbbb94237e935d297cb31b5687f9abf697377da0ee46974480db9b", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} diff --git a/examples/write_accelerator/.terraform.lock.hcl b/examples/write_accelerator/.terraform.lock.hcl new file mode 100644 index 0000000..ed623db --- /dev/null +++ b/examples/write_accelerator/.terraform.lock.hcl @@ -0,0 +1,22 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/azurerm" { + version = "3.97.1" + constraints = ">= 3.7.0" + hashes = [ + "h1:m5wyoRGjbVfJU2YaGZrN1lfGgjpyuwi7Ykw1uHdwlAg=", + "zh:15171efcc3aa3a37748c502c493cb16ecff603b81ada4499a843574976bac524", + "zh:2ca6c13a4a96f67763ecced0015c7b101ee02d54ea54b28a8df4ae06468071b1", + "zh:2e3c77dbfd8f760132ecef2d6117e939cbea26b96aba5e4d926e7f7f0f7afe72", + "zh:4bc346eece1622be93c73801d8256502b11fd7c2e7f7cea12d048bb9fc9fe900", + "zh:4f1042942ed8d0433680a367527289459d43b0894a51eaba83ac414e80d5187f", + "zh:63e674c31482ae3579ea84daf5b1ba066ce40cb23475f54e17b6b131320a1bec", + "zh:8327148766dcb7a174673729a832c8095d7e137d0e6c7e2a9a01da48b8b73fbe", + "zh:851b3ae417059a80c7813e7f0063298a590a42f056004f2c2558ea14061c207e", + "zh:ac081b48907139c121a422ae9b1f40fc72c6aaaeb05cbdbf848102a6a5f426f4", + "zh:dc1d663df2d95e4ba91070ceb20d3560b6ea5c465d39c57a5979319302643e41", + "zh:ed26457367cbbb94237e935d297cb31b5687f9abf697377da0ee46974480db9b", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} diff --git a/examples/write_accelerator/id_rsa.pub b/examples/write_accelerator/id_rsa.pub new file mode 100644 index 0000000..da73e05 --- /dev/null +++ b/examples/write_accelerator/id_rsa.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDeA/WEEO04H3b9quI2otmtXZ+sJepU4I+WulTSmakwchv0Nt0ebC0uiFRjHtMgtEM2MzrdkeBDuXkTumexcJ5SaauCbdrHKr0gkprSowe/hkTnJL+SZw3cGA6lPXKxdOIvSW2lFzX1z8QlcODdsfEiO/fLfqDNXW5sUBsQbmrBnGsiqVgXtKu53RWEcALQNvKn0qgPF2+nyCQ2yxwa2iCv1w7SgxMN+plf3Wts7zNn8sEzDwT5uWKi5P+9JKPpLRLS0Q8t2f68vaHkgS0LchPc7MhBG7iWQUDi8piY5Y47CBYW3kK59WOtWmRRMjvUecbQTKt+hQXpAv0n5tPYwBJfrqmfaG4X3l1HVdcpDuFls5ooZaIFPwHGNB7gYMqY1+8smoV4PtaEeOTFtfxe6ABP+Q90LmQNBPQHOtuWwkgDOQiPzNjNDffD7Tx/8g4eLaBUuKOVDUgcg6QDasE0pxSFVUO0BU/8/+rJgZ8cUV0wRX3rbqWbIy1VpOrLEeb46aM= one4all\caiet@5CG93225YL diff --git a/examples/write_accelerator/locals.tf b/examples/write_accelerator/locals.tf new file mode 100644 index 0000000..7893dc7 --- /dev/null +++ b/examples/write_accelerator/locals.tf @@ -0,0 +1,14 @@ +locals { + location = "West Europe" + resource_group_name = "rg-examples_vm_deploy-02" + virtual_network_name = "vnet-examples_vm_deploy-02" + subnet_name = "snet-examples_vm_deploy-02" + availability_set_name = "as-examples_vm_deploy-02" + proximity_placement_group_name = "ppg-examples_vm_deploy-02" + nsg_name = "nsg-examples_vm_deploy-02" + law_name = "law-examplesvmdeploy-02" + nic = "nic-examples_vm_deploy-02" + nic_ip_config = "nic-ip-examples_vm_deploy-02" + public_ip = "pip-examples_vm_deploy-02" + virtual_machine = "vm-examples_vm_deploy-02" +} \ No newline at end of file diff --git a/examples/write_accelerator/main.tf b/examples/write_accelerator/main.tf new file mode 100644 index 0000000..e52865b --- /dev/null +++ b/examples/write_accelerator/main.tf @@ -0,0 +1,144 @@ +provider "azurerm" { + features {} +} + +module "virtual_machine" { + source = "../.." + public_ip_config = { + enabled = true + allocation_method = "Static" + } + stage = "tst" + nic_config = { + private_ip = "10.0.0.16" + enable_accelerated_networking = true + dns_servers = [ "10.0.0.10", "10.0.0.11" ] + nsg = azurerm_network_security_group.this + } + virtual_machine_config = { + hostname = "CUSTAPP007" + location = local.location + size = "Standard_B2s_v2" + zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. + os_sku = "22_04-lts-gen2" + os_offer = "0001-com-ubuntu-server-jammy" + os_version = "latest" + os_publisher = "Canonical" + os_disk_caching = "ReadWrite" + os_disk_storage_type = "StandardSSD_LRS" + os_disk_size_gb = 64 + availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. + write_accelerator_enabled = false + proximity_placement_group_id = azurerm_proximity_placement_group.this.id + tags = { + "Environment" = "prd" + } + } + admin_credential = { + admin_username = "local_admin" + public_key = file("${path.root}/id_rsa.pub") + } + + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] + + data_disks = { + shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 + lun = 1 + tier = "P4" + caching = "None" + disk_size_gb = 513 + create_option = "Empty" + storage_account_type = "Premium_LRS" + write_accelerator_enabled = true + on_demand_bursting_enabled = true + } + } + + name_overrides = { + nic = local.nic + nic_ip_config = local.nic_ip_config + public_ip = local.public_ip + virtual_machine = local.virtual_machine + os_disk = "vm-CUSTAPP007_OsDisk" + data_disks = { + shared-01 = "vm-CUSTAPP007-datadisk-shared-01" + } + } +} + +resource "azurerm_resource_group" "this" { + name = local.resource_group_name + location = local.location +} + +resource "azurerm_virtual_network" "this" { + name = local.virtual_network_name + address_space = [ "10.0.0.0/24" ] + location = azurerm_resource_group.this.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_subnet" "this" { + name = local.subnet_name + resource_group_name = azurerm_resource_group.this.name + virtual_network_name = azurerm_virtual_network.this.name + address_prefixes = [ "10.0.0.0/24" ] +} + +resource "azurerm_availability_set" "this" { + name = local.availability_set_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + proximity_placement_group_id = azurerm_proximity_placement_group.this.id +} + +resource "azurerm_proximity_placement_group" "this" { + name = local.proximity_placement_group_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + + lifecycle { + ignore_changes = [tags] + } +} + +resource "azurerm_network_interface" "additional_nic_01" { + name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" + location = local.location + resource_group_name = azurerm_resource_group.this.name + dns_servers = [] + + ip_configuration { + name = "ip-nic-01" + subnet_id = azurerm_subnet.this.id + private_ip_address_allocation = "Dynamic" + private_ip_address = null + public_ip_address_id = null + } + + lifecycle { + ignore_changes = [ + tags + ] + } +} + +resource "azurerm_network_security_group" "this" { + name = local.nsg_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + + security_rule { + name = "example" + priority = 100 + direction = "Outbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "*" + source_address_prefix = "*" + destination_address_prefix = "*" + } +} \ No newline at end of file From 5d53b994dea45c262d8554856a14e6071ee1e041 Mon Sep 17 00:00:00 2001 From: Selin Kizildag Date: Wed, 3 Apr 2024 15:25:00 +0200 Subject: [PATCH 53/72] cleaned up & fixed validation Co-authored-by: QBY-MarkusMaring --- locals.tf | 2 +- main.tf | 5 +++-- variables.tf | 29 +++++++++++++++-------------- 3 files changed, 19 insertions(+), 17 deletions(-) diff --git a/locals.tf b/locals.tf index 01b886c..1f2305f 100644 --- a/locals.tf +++ b/locals.tf @@ -10,7 +10,7 @@ locals { virtual_machine = { name = coalesce(var.name_overrides.virtual_machine, "vm-${var.virtual_machine_config.hostname}") - tags = merge(var.tags, { "Severity Group Monthly" = var.severity_group }, { "Update allowed" = local.update_allowed }) + tags = merge(var.tags, { "Severity Group Monthly" = var.severity_group, "Update allowed" = local.update_allowed }) } os_disk_name = coalesce(var.name_overrides.os_disk, "disk-${var.virtual_machine_config.hostname}-Os") update_allowed = var.update_allowed ? "yes" : "no" diff --git a/main.tf b/main.tf index cafadb3..6bc4970 100644 --- a/main.tf +++ b/main.tf @@ -38,7 +38,8 @@ resource "azurerm_linux_virtual_machine" "this" { size = var.virtual_machine_config.size admin_username = var.admin_credential.admin_username admin_password = var.admin_credential.admin_password - disable_password_authentication = var.admin_credential.disable_password_authentication + disable_password_authentication = var.admin_credential.admin_password == null + dynamic "admin_ssh_key" { # for_each = length(var.admin_credential.public_key) > 0 ? [1] : [] @@ -76,4 +77,4 @@ resource "azurerm_linux_virtual_machine" "this" { identity ] } -} \ No newline at end of file +} diff --git a/variables.tf b/variables.tf index 42fbeec..661fc24 100644 --- a/variables.tf +++ b/variables.tf @@ -55,15 +55,11 @@ variable "subnet" { variable "admin_credential" { type = object({ - admin_username = optional(string, "loc_sysadmin") - admin_password = optional(string) - public_key = optional(string) - disable_password_authentication = optional(bool, true) + admin_username = optional(string, "loc_sysadmin") + admin_password = optional(string) + public_key = optional(string) }) - validation { - condition = (var.admin_credential.admin_password != null && var.admin_credential.disable_password_authentication == false) || (var.admin_credential.admin_password == null && var.admin_credential.disable_password_authentication == true) - error_message = "If use admin password, set disable_password_authentication to false." - } + validation { condition = (var.admin_credential.admin_password != null && var.admin_credential.public_key == null) || (var.admin_credential.admin_password == null && var.admin_credential.public_key != null) error_message = "Use admin password or public ssh key." @@ -72,7 +68,6 @@ variable "admin_credential" { description = <<-DOC ``` admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. - The local admin name could be changed by the gpo in the target ad. admin_password: Password of the local administrator. public_key: SSH public key file (e.g. file(id_rsa.pub) disable_password_authentication: Default to true. @@ -106,7 +101,7 @@ variable "virtual_machine_config" { error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS for os_disk_storage_type." } validation { - condition = (contains(["Premium_LRS", "Premium_ZRS"], var.virtual_machine_config.os_disk_storage_type) && var.virtual_machine_config.write_accelerator_enabled == true && var.virtual_machine_config.os_disk_caching == "None") || (var.virtual_machine_config.write_accelerator_enabled == false) + condition = (contains(["Premium_LRS", "Premium_ZRS"], var.virtual_machine_config.os_disk_storage_type) && var.virtual_machine_config.write_accelerator_enabled == true && var.virtual_machine_config.os_disk_caching == "None") || (var.virtual_machine_config.write_accelerator_enabled == false) error_message = "write_accelerator_enabled, can only be activated on Premium disks and caching deactivated." } validation { @@ -136,7 +131,6 @@ variable "virtual_machine_config" { variable "severity_group" { type = string - default = "" description = "The severity group of the virtual machine." } @@ -165,13 +159,20 @@ variable "data_disks" { error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS for storage_account_type" } validation { - condition = (alltrue([for o in var.data_disks : contains(["Premium_LRS", "Premium_ZRS"], o.storage_account_type)]) && alltrue([for o in var.data_disks : o.write_accelerator_enabled == true]) && alltrue([for o in var.data_disks : o.caching == "None"])) || (alltrue([for o in var.data_disks : o.write_accelerator_enabled == false])) + condition = alltrue([for o in var.data_disks : ( + (o.write_accelerator_enabled == true && contains(["Premium_LRS", "Premium_ZRS"], o.storage_account_type) && contains(["None", "ReadOnly"], o.caching)) || + (o.write_accelerator_enabled == false) + )]) error_message = "write_accelerator_enabled, can only be activated on Premium disks and caching deactivated." } validation { - condition = (alltrue([for o in var.data_disks : contains(["Premium_LRS", "Premium_ZRS"], o.storage_account_type)]) && alltrue([for o in var.data_disks : o.on_demand_bursting_enabled == true])) || (alltrue([for o in var.data_disks : o.on_demand_bursting_enabled == false])) + condition = alltrue([for o in var.data_disks : ( + (o.on_demand_bursting_enabled == true && contains(["Premium_LRS", "Premium_ZRS"], o.storage_account_type)) || + (o.on_demand_bursting_enabled == false) + )]) error_message = "If enable on demand bursting, possible storage_account_type values are Premium_LRS and Premium_ZRS." } + default = {} description = <<-DOC ``` @@ -216,4 +217,4 @@ variable "tags" { variable "stage" { type = string description = "The stage of this VM like prd, dev, tst, ..." -} \ No newline at end of file +} From ec3e7509b2f146b01f91e47e1d6356b150a3c0f8 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 3 Apr 2024 13:32:44 +0000 Subject: [PATCH 54/72] terraform-docs: automated action --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index b37f680..3790597 100644 --- a/README.md +++ b/README.md @@ -67,8 +67,9 @@ resource "azurerm_subnet" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
    The local admin name could be changed by the gpo in the target ad.
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username                  = optional(string, "loc_sysadmin")
    admin_password                  = optional(string)
    public_key                      = optional(string)
    disable_password_authentication = optional(bool, true)
  })
| n/a | yes | +| [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username = optional(string, "loc_sysadmin")
    admin_password = optional(string)
    public_key     = optional(string)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | +| [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | n/a | yes | | [stage](#input\_stage) | The stage of this VM like prd, dev, tst, ... | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | | [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
  })
| n/a | yes | @@ -77,7 +78,6 @@ resource "azurerm_subnet" "this" { | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | -| [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | `""` | no | | [tags](#input\_tags) | A map of tags that will be set on every resource this module creates. | `map(string)` | `{}` | no | | [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs From 2c1bf9ac084656cc4fcbeaf18755cf7d05d36987 Mon Sep 17 00:00:00 2001 From: QBY Carl Pietsch Date: Wed, 3 Apr 2024 17:03:19 +0200 Subject: [PATCH 55/72] added testing examples --- .../id_rsa.pub | 0 .../locals.tf | 0 examples/advanced copy/main.tf | 144 +++++++++++++++++ examples/basic/main.tf | 42 ++--- examples/write_accelerator/main.tf | 146 +++++------------- locals.tf | 2 +- main.tf | 4 +- variables.tf | 15 +- 8 files changed, 215 insertions(+), 138 deletions(-) rename examples/{write_accelerator => advanced copy}/id_rsa.pub (100%) rename examples/{write_accelerator => advanced copy}/locals.tf (100%) create mode 100644 examples/advanced copy/main.tf diff --git a/examples/write_accelerator/id_rsa.pub b/examples/advanced copy/id_rsa.pub similarity index 100% rename from examples/write_accelerator/id_rsa.pub rename to examples/advanced copy/id_rsa.pub diff --git a/examples/write_accelerator/locals.tf b/examples/advanced copy/locals.tf similarity index 100% rename from examples/write_accelerator/locals.tf rename to examples/advanced copy/locals.tf diff --git a/examples/advanced copy/main.tf b/examples/advanced copy/main.tf new file mode 100644 index 0000000..16a3f4e --- /dev/null +++ b/examples/advanced copy/main.tf @@ -0,0 +1,144 @@ +provider "azurerm" { + features {} +} + +module "virtual_machine" { + source = "../.." + public_ip_config = { + enabled = true + allocation_method = "Static" + } + stage = "tst" + nic_config = { + private_ip = "10.0.0.16" + enable_accelerated_networking = true + dns_servers = [ "10.0.0.10", "10.0.0.11" ] + nsg = azurerm_network_security_group.this + } + virtual_machine_config = { + hostname = "CUSTAPP007" + location = local.location + size = "Standard_B2s_v2" + zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. + os_sku = "22_04-lts-gen2" + os_offer = "0001-com-ubuntu-server-jammy" + os_version = "latest" + os_publisher = "Canonical" + os_disk_caching = "ReadWrite" + os_disk_storage_type = "StandardSSD_LRS" + os_disk_size_gb = 64 + availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. + write_accelerator_enabled = false + proximity_placement_group_id = azurerm_proximity_placement_group.this.id + tags = { + "Environment" = "prd" + } + } + admin_credential = { + admin_username = "local_admin" + public_key = file("${path.root}/id_rsa.pub") + } + + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this + additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] + + data_disks = { + shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 + lun = 1 + tier = "P4" + caching = "None" + disk_size_gb = 513 + create_option = "Empty" + storage_account_type = "Premium_LRS" + write_accelerator_enabled = false + on_demand_bursting_enabled = true + } + } + + name_overrides = { + nic = local.nic + nic_ip_config = local.nic_ip_config + public_ip = local.public_ip + virtual_machine = local.virtual_machine + os_disk = "vm-CUSTAPP007_OsDisk" + data_disks = { + shared-01 = "vm-CUSTAPP007-datadisk-shared-01" + } + } +} + +resource "azurerm_resource_group" "this" { + name = local.resource_group_name + location = local.location +} + +resource "azurerm_virtual_network" "this" { + name = local.virtual_network_name + address_space = [ "10.0.0.0/24" ] + location = azurerm_resource_group.this.location + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_subnet" "this" { + name = local.subnet_name + resource_group_name = azurerm_resource_group.this.name + virtual_network_name = azurerm_virtual_network.this.name + address_prefixes = [ "10.0.0.0/24" ] +} + +resource "azurerm_availability_set" "this" { + name = local.availability_set_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + proximity_placement_group_id = azurerm_proximity_placement_group.this.id +} + +resource "azurerm_proximity_placement_group" "this" { + name = local.proximity_placement_group_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + + lifecycle { + ignore_changes = [tags] + } +} + +resource "azurerm_network_interface" "additional_nic_01" { + name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" + location = local.location + resource_group_name = azurerm_resource_group.this.name + dns_servers = [] + + ip_configuration { + name = "ip-nic-01" + subnet_id = azurerm_subnet.this.id + private_ip_address_allocation = "Dynamic" + private_ip_address = null + public_ip_address_id = null + } + + lifecycle { + ignore_changes = [ + tags + ] + } +} + +resource "azurerm_network_security_group" "this" { + name = local.nsg_name + location = local.location + resource_group_name = azurerm_resource_group.this.name + + security_rule { + name = "example" + priority = 100 + direction = "Outbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "*" + source_address_prefix = "*" + destination_address_prefix = "*" + } +} \ No newline at end of file diff --git a/examples/basic/main.tf b/examples/basic/main.tf index c16ed67..74dcc5b 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -3,25 +3,27 @@ provider "azurerm" { } module "virtual_machine" { - source = "../.." + source = "../.." - virtual_machine_config = { - hostname = "CUSTAPP001" - location = local.location - size = "Standard_B1ms" - os_sku = "22_04-lts-gen2" - os_offer = "0001-com-ubuntu-server-jammy" - os_version = "latest" - os_publisher = "Canonical" - } - admin_credential = { - admin_username = "local_admin" - admin_password = "H3ll0W0rld!" - disable_password_authentication = false - } + virtual_machine_config = { + hostname = "CUSTAPP001" + location = local.location + size = "Standard_B1ms" + os_sku = "22_04-lts-gen2" + os_offer = "0001-com-ubuntu-server-jammy" + os_version = "latest" + os_publisher = "Canonical" + severity_group = "01-second-monday-0300-XCSUFEDTG-reboot" + } + admin_credential = { + admin_username = "local_admin" + admin_password = "H3ll0W0rld!" + disable_password_authentication = false + } + stage = "tst" - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this } resource "azurerm_resource_group" "this" { @@ -31,7 +33,7 @@ resource "azurerm_resource_group" "this" { resource "azurerm_virtual_network" "this" { name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] + address_space = ["10.0.0.0/24"] location = azurerm_resource_group.this.location resource_group_name = azurerm_resource_group.this.name } @@ -40,5 +42,5 @@ resource "azurerm_subnet" "this" { name = local.subnet_name resource_group_name = azurerm_resource_group.this.name virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] -} \ No newline at end of file + address_prefixes = ["10.0.0.0/24"] +} diff --git a/examples/write_accelerator/main.tf b/examples/write_accelerator/main.tf index e52865b..5b2e9f4 100644 --- a/examples/write_accelerator/main.tf +++ b/examples/write_accelerator/main.tf @@ -4,49 +4,36 @@ provider "azurerm" { module "virtual_machine" { source = "../.." - public_ip_config = { - enabled = true - allocation_method = "Static" - } - stage = "tst" - nic_config = { - private_ip = "10.0.0.16" - enable_accelerated_networking = true - dns_servers = [ "10.0.0.10", "10.0.0.11" ] - nsg = azurerm_network_security_group.this - } + virtual_machine_config = { - hostname = "CUSTAPP007" - location = local.location - size = "Standard_B2s_v2" - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - os_sku = "22_04-lts-gen2" - os_offer = "0001-com-ubuntu-server-jammy" - os_version = "latest" - os_publisher = "Canonical" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 64 - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - write_accelerator_enabled = false - proximity_placement_group_id = azurerm_proximity_placement_group.this.id - tags = { - "Environment" = "prd" - } + hostname = "CUSTAPP001" + location = azurerm_resource_group.this.location + size = "Standard_M8ms" + os_sku = "22_04-lts-gen2" + os_offer = "0001-com-ubuntu-server-jammy" + os_version = "latest" + os_publisher = "Canonical" + severity_group = "01-second-monday-0300-XCSUFEDTG-reboot" } admin_credential = { - admin_username = "local_admin" - public_key = file("${path.root}/id_rsa.pub") + admin_password = "H3ll0W0rld!" } - - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] + stage = "tst" data_disks = { - shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 + shared-01 = { lun = 1 tier = "P4" + caching = "ReadOnly" + disk_size_gb = 513 + create_option = "Empty" + storage_account_type = "Premium_LRS" + write_accelerator_enabled = true + on_demand_bursting_enabled = true + } + shared-02 = { + lun = 2 + tier = "P4" caching = "None" disk_size_gb = 513 create_option = "Empty" @@ -54,91 +41,36 @@ module "virtual_machine" { write_accelerator_enabled = true on_demand_bursting_enabled = true } - } - - name_overrides = { - nic = local.nic - nic_ip_config = local.nic_ip_config - public_ip = local.public_ip - virtual_machine = local.virtual_machine - os_disk = "vm-CUSTAPP007_OsDisk" - data_disks = { - shared-01 = "vm-CUSTAPP007-datadisk-shared-01" + shared-03 = { + lun = 3 + tier = "P4" + caching = "ReadWrite" + disk_size_gb = 513 + create_option = "Empty" + storage_account_type = "Premium_LRS" + write_accelerator_enabled = false + on_demand_bursting_enabled = false } } + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this } resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location + name = "rg-TestLinuxWriteAccelerator-tst-01" + location = "westeurope" } resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] + name = "vnet-10-0-0-0-24-${azurerm_resource_group.this.location}" + address_space = ["10.0.0.0/24"] location = azurerm_resource_group.this.location resource_group_name = azurerm_resource_group.this.name } resource "azurerm_subnet" "this" { - name = local.subnet_name + name = "snet-10-0-0-0-24-Test" resource_group_name = azurerm_resource_group.this.name virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] -} - -resource "azurerm_availability_set" "this" { - name = local.availability_set_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - proximity_placement_group_id = azurerm_proximity_placement_group.this.id -} - -resource "azurerm_proximity_placement_group" "this" { - name = local.proximity_placement_group_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - lifecycle { - ignore_changes = [tags] - } -} - -resource "azurerm_network_interface" "additional_nic_01" { - name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" - location = local.location - resource_group_name = azurerm_resource_group.this.name - dns_servers = [] - - ip_configuration { - name = "ip-nic-01" - subnet_id = azurerm_subnet.this.id - private_ip_address_allocation = "Dynamic" - private_ip_address = null - public_ip_address_id = null - } - - lifecycle { - ignore_changes = [ - tags - ] - } + address_prefixes = ["10.0.0.0/24"] } - -resource "azurerm_network_security_group" "this" { - name = local.nsg_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - security_rule { - name = "example" - priority = 100 - direction = "Outbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "*" - source_address_prefix = "*" - destination_address_prefix = "*" - } -} \ No newline at end of file diff --git a/locals.tf b/locals.tf index 1f2305f..050fef8 100644 --- a/locals.tf +++ b/locals.tf @@ -10,7 +10,7 @@ locals { virtual_machine = { name = coalesce(var.name_overrides.virtual_machine, "vm-${var.virtual_machine_config.hostname}") - tags = merge(var.tags, { "Severity Group Monthly" = var.severity_group, "Update allowed" = local.update_allowed }) + tags = merge(var.tags, { "Severity Group Monthly" = var.virtual_machine_config.severity_group, "Update allowed" = local.update_allowed }) } os_disk_name = coalesce(var.name_overrides.os_disk, "disk-${var.virtual_machine_config.hostname}-Os") update_allowed = var.update_allowed ? "yes" : "no" diff --git a/main.tf b/main.tf index 6bc4970..3204ec5 100644 --- a/main.tf +++ b/main.tf @@ -36,7 +36,7 @@ resource "azurerm_linux_virtual_machine" "this" { location = var.virtual_machine_config.location resource_group_name = var.resource_group_name size = var.virtual_machine_config.size - admin_username = var.admin_credential.admin_username + admin_username = var.admin_username admin_password = var.admin_credential.admin_password disable_password_authentication = var.admin_credential.admin_password == null @@ -45,7 +45,7 @@ resource "azurerm_linux_virtual_machine" "this" { # for_each = length(var.admin_credential.public_key) > 0 ? [1] : [] for_each = var.admin_credential.public_key != null ? [1] : [] content { - username = var.admin_credential.admin_username + username = var.admin_username public_key = var.admin_credential.public_key } } diff --git a/variables.tf b/variables.tf index 661fc24..6575f8e 100644 --- a/variables.tf +++ b/variables.tf @@ -53,9 +53,14 @@ variable "subnet" { description = "The variable takes the subnet as input and takes the id and the address prefix for further configuration." } +variable "admin_username" { + type = string + description = "Optionally choose the admin_username of the vm. Defaults to loc_sysadmin." + default = "loc_sysadmin" +} + variable "admin_credential" { type = object({ - admin_username = optional(string, "loc_sysadmin") admin_password = optional(string) public_key = optional(string) }) @@ -67,10 +72,8 @@ variable "admin_credential" { sensitive = true description = <<-DOC ``` - admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. admin_password: Password of the local administrator. public_key: SSH public key file (e.g. file(id_rsa.pub) - disable_password_authentication: Default to true. ``` DOC } @@ -91,6 +94,7 @@ variable "virtual_machine_config" { availability_set_id = optional(string) write_accelerator_enabled = optional(bool, false) proximity_placement_group_id = optional(string) + severity_group = string }) validation { condition = contains(["None", "ReadOnly", "ReadWrite"], var.virtual_machine_config.os_disk_caching) @@ -129,11 +133,6 @@ variable "virtual_machine_config" { DOC } -variable "severity_group" { - type = string - description = "The severity group of the virtual machine." -} - variable "update_allowed" { type = bool default = true From bf114fed446dbd9b0c88842035b85d6ec8e3a406 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 3 Apr 2024 15:03:50 +0000 Subject: [PATCH 56/72] terraform-docs: automated action --- README.md | 50 ++++++++++++++++++++++++++------------------------ 1 file changed, 26 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 3790597..f7ecf56 100644 --- a/README.md +++ b/README.md @@ -16,25 +16,27 @@ provider "azurerm" { } module "virtual_machine" { - source = "../.." - - virtual_machine_config = { - hostname = "CUSTAPP001" - location = local.location - size = "Standard_B1ms" - os_sku = "22_04-lts-gen2" - os_offer = "0001-com-ubuntu-server-jammy" - os_version = "latest" - os_publisher = "Canonical" - } - admin_credential = { - admin_username = "local_admin" - admin_password = "H3ll0W0rld!" - disable_password_authentication = false - } - - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this + source = "../.." + + virtual_machine_config = { + hostname = "CUSTAPP001" + location = local.location + size = "Standard_B1ms" + os_sku = "22_04-lts-gen2" + os_offer = "0001-com-ubuntu-server-jammy" + os_version = "latest" + os_publisher = "Canonical" + severity_group = "01-second-monday-0300-XCSUFEDTG-reboot" + } + admin_credential = { + admin_username = "local_admin" + admin_password = "H3ll0W0rld!" + disable_password_authentication = false + } + stage = "tst" + + resource_group_name = azurerm_resource_group.this.name + subnet = azurerm_subnet.this } resource "azurerm_resource_group" "this" { @@ -44,7 +46,7 @@ resource "azurerm_resource_group" "this" { resource "azurerm_virtual_network" "this" { name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] + address_space = ["10.0.0.0/24"] location = azurerm_resource_group.this.location resource_group_name = azurerm_resource_group.this.name } @@ -53,7 +55,7 @@ resource "azurerm_subnet" "this" { name = local.subnet_name resource_group_name = azurerm_resource_group.this.name virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] + address_prefixes = ["10.0.0.0/24"] } ``` @@ -67,13 +69,13 @@ resource "azurerm_subnet" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [admin\_credential](#input\_admin\_credential) | 
admin_username: Optionally choose the admin_username of the vm. Defaults to loc_sysadmin. 
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
  disable_password_authentication: Default to true.
| 
object({
    admin_username = optional(string, "loc_sysadmin")
    admin_password = optional(string)
    public_key     = optional(string)
  })
| n/a | yes | +| [admin\_credential](#input\_admin\_credential) | 
admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
| 
object({
    admin_password = optional(string)
    public_key     = optional(string)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | -| [severity\_group](#input\_severity\_group) | The severity group of the virtual machine. | `string` | n/a | yes | | [stage](#input\_stage) | The stage of this VM like prd, dev, tst, ... | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    severity_group               = string
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | +| [admin\_username](#input\_admin\_username) | Optionally choose the admin\_username of the vm. Defaults to loc\_sysadmin. | `string` | `"loc_sysadmin"` | no | | [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | From effac8aaa35b1c64c5ab4a5494a337a10593e4ff Mon Sep 17 00:00:00 2001 From: QBY Carl Pietsch Date: Thu, 4 Apr 2024 12:16:13 +0200 Subject: [PATCH 57/72] cleaned up tests --- examples/advanced copy/id_rsa.pub | 1 - examples/advanced copy/locals.tf | 14 --- examples/advanced copy/main.tf | 144 ------------------------------ examples/advanced/main.tf | 83 +++++++++-------- examples/basic/locals.tf | 6 -- examples/basic/main.tf | 10 +-- 6 files changed, 49 insertions(+), 209 deletions(-) delete mode 100644 examples/advanced copy/id_rsa.pub delete mode 100644 examples/advanced copy/locals.tf delete mode 100644 examples/advanced copy/main.tf delete mode 100644 examples/basic/locals.tf diff --git a/examples/advanced copy/id_rsa.pub b/examples/advanced copy/id_rsa.pub deleted file mode 100644 index da73e05..0000000 --- a/examples/advanced copy/id_rsa.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDeA/WEEO04H3b9quI2otmtXZ+sJepU4I+WulTSmakwchv0Nt0ebC0uiFRjHtMgtEM2MzrdkeBDuXkTumexcJ5SaauCbdrHKr0gkprSowe/hkTnJL+SZw3cGA6lPXKxdOIvSW2lFzX1z8QlcODdsfEiO/fLfqDNXW5sUBsQbmrBnGsiqVgXtKu53RWEcALQNvKn0qgPF2+nyCQ2yxwa2iCv1w7SgxMN+plf3Wts7zNn8sEzDwT5uWKi5P+9JKPpLRLS0Q8t2f68vaHkgS0LchPc7MhBG7iWQUDi8piY5Y47CBYW3kK59WOtWmRRMjvUecbQTKt+hQXpAv0n5tPYwBJfrqmfaG4X3l1HVdcpDuFls5ooZaIFPwHGNB7gYMqY1+8smoV4PtaEeOTFtfxe6ABP+Q90LmQNBPQHOtuWwkgDOQiPzNjNDffD7Tx/8g4eLaBUuKOVDUgcg6QDasE0pxSFVUO0BU/8/+rJgZ8cUV0wRX3rbqWbIy1VpOrLEeb46aM= one4all\caiet@5CG93225YL diff --git a/examples/advanced copy/locals.tf b/examples/advanced copy/locals.tf deleted file mode 100644 index 7893dc7..0000000 --- a/examples/advanced copy/locals.tf +++ /dev/null @@ -1,14 +0,0 @@ -locals { - location = "West Europe" - resource_group_name = "rg-examples_vm_deploy-02" - virtual_network_name = "vnet-examples_vm_deploy-02" - subnet_name = "snet-examples_vm_deploy-02" - availability_set_name = "as-examples_vm_deploy-02" - proximity_placement_group_name = "ppg-examples_vm_deploy-02" - nsg_name = "nsg-examples_vm_deploy-02" - law_name = "law-examplesvmdeploy-02" - nic = "nic-examples_vm_deploy-02" - nic_ip_config = "nic-ip-examples_vm_deploy-02" - public_ip = "pip-examples_vm_deploy-02" - virtual_machine = "vm-examples_vm_deploy-02" -} \ No newline at end of file diff --git a/examples/advanced copy/main.tf b/examples/advanced copy/main.tf deleted file mode 100644 index 16a3f4e..0000000 --- a/examples/advanced copy/main.tf +++ /dev/null @@ -1,144 +0,0 @@ -provider "azurerm" { - features {} -} - -module "virtual_machine" { - source = "../.." - public_ip_config = { - enabled = true - allocation_method = "Static" - } - stage = "tst" - nic_config = { - private_ip = "10.0.0.16" - enable_accelerated_networking = true - dns_servers = [ "10.0.0.10", "10.0.0.11" ] - nsg = azurerm_network_security_group.this - } - virtual_machine_config = { - hostname = "CUSTAPP007" - location = local.location - size = "Standard_B2s_v2" - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - os_sku = "22_04-lts-gen2" - os_offer = "0001-com-ubuntu-server-jammy" - os_version = "latest" - os_publisher = "Canonical" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 64 - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - write_accelerator_enabled = false - proximity_placement_group_id = azurerm_proximity_placement_group.this.id - tags = { - "Environment" = "prd" - } - } - admin_credential = { - admin_username = "local_admin" - public_key = file("${path.root}/id_rsa.pub") - } - - resource_group_name = azurerm_resource_group.this.name - subnet = azurerm_subnet.this - additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] - - data_disks = { - shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 - lun = 1 - tier = "P4" - caching = "None" - disk_size_gb = 513 - create_option = "Empty" - storage_account_type = "Premium_LRS" - write_accelerator_enabled = false - on_demand_bursting_enabled = true - } - } - - name_overrides = { - nic = local.nic - nic_ip_config = local.nic_ip_config - public_ip = local.public_ip - virtual_machine = local.virtual_machine - os_disk = "vm-CUSTAPP007_OsDisk" - data_disks = { - shared-01 = "vm-CUSTAPP007-datadisk-shared-01" - } - } -} - -resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location -} - -resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] - location = azurerm_resource_group.this.location - resource_group_name = azurerm_resource_group.this.name -} - -resource "azurerm_subnet" "this" { - name = local.subnet_name - resource_group_name = azurerm_resource_group.this.name - virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] -} - -resource "azurerm_availability_set" "this" { - name = local.availability_set_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - proximity_placement_group_id = azurerm_proximity_placement_group.this.id -} - -resource "azurerm_proximity_placement_group" "this" { - name = local.proximity_placement_group_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - lifecycle { - ignore_changes = [tags] - } -} - -resource "azurerm_network_interface" "additional_nic_01" { - name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" - location = local.location - resource_group_name = azurerm_resource_group.this.name - dns_servers = [] - - ip_configuration { - name = "ip-nic-01" - subnet_id = azurerm_subnet.this.id - private_ip_address_allocation = "Dynamic" - private_ip_address = null - public_ip_address_id = null - } - - lifecycle { - ignore_changes = [ - tags - ] - } -} - -resource "azurerm_network_security_group" "this" { - name = local.nsg_name - location = local.location - resource_group_name = azurerm_resource_group.this.name - - security_rule { - name = "example" - priority = 100 - direction = "Outbound" - access = "Allow" - protocol = "Tcp" - source_port_range = "*" - destination_port_range = "*" - source_address_prefix = "*" - destination_address_prefix = "*" - } -} \ No newline at end of file diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index 16a3f4e..dc1d72f 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -2,6 +2,10 @@ provider "azurerm" { features {} } +locals { + hostname = "CUSTAPP007" +} + module "virtual_machine" { source = "../.." public_ip_config = { @@ -12,31 +16,32 @@ module "virtual_machine" { nic_config = { private_ip = "10.0.0.16" enable_accelerated_networking = true - dns_servers = [ "10.0.0.10", "10.0.0.11" ] + dns_servers = ["10.0.0.10", "10.0.0.11"] nsg = azurerm_network_security_group.this } virtual_machine_config = { - hostname = "CUSTAPP007" - location = local.location - size = "Standard_B2s_v2" - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - os_sku = "22_04-lts-gen2" - os_offer = "0001-com-ubuntu-server-jammy" - os_version = "latest" - os_publisher = "Canonical" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 64 + hostname = local.hostname + location = azurerm_resource_group.this.location + size = "Standard_B2s_v2" + zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. + os_sku = "22_04-lts-gen2" + os_offer = "0001-com-ubuntu-server-jammy" + os_version = "latest" + os_publisher = "Canonical" + os_disk_caching = "ReadWrite" + os_disk_storage_type = "StandardSSD_LRS" + os_disk_size_gb = 64 availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. write_accelerator_enabled = false proximity_placement_group_id = azurerm_proximity_placement_group.this.id + severity_group = "01-second-monday-0300-XCSUFEDTG-reboot" tags = { - "Environment" = "prd" + "Environment" = "prd" } } + admin_username = "local_admin" admin_credential = { - admin_username = "local_admin" - public_key = file("${path.root}/id_rsa.pub") + public_key = file("${path.root}/id_rsa.pub") } resource_group_name = azurerm_resource_group.this.name @@ -57,58 +62,58 @@ module "virtual_machine" { } name_overrides = { - nic = local.nic - nic_ip_config = local.nic_ip_config - public_ip = local.public_ip - virtual_machine = local.virtual_machine - os_disk = "vm-CUSTAPP007_OsDisk" + nic = "nic-name-override" + nic_ip_config = "nic-ip-config-override" + public_ip = "pip-name-override" + virtual_machine = "vm-name-override" + os_disk = "vm-os-disk-override" data_disks = { - shared-01 = "vm-CUSTAPP007-datadisk-shared-01" + shared-01 = "vm-datadisk-override" } } } resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location + name = "rg-TestLinuxAdvanced-tst-01" + location = "westeurope" } resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name - address_space = [ "10.0.0.0/24" ] + name = "vnet-10-0-0-0-24-${azurerm_resource_group.this.location}" + address_space = ["10.0.0.0/24"] location = azurerm_resource_group.this.location resource_group_name = azurerm_resource_group.this.name } resource "azurerm_subnet" "this" { - name = local.subnet_name + name = "snet-10-0-0-0-24-Test" resource_group_name = azurerm_resource_group.this.name virtual_network_name = azurerm_virtual_network.this.name - address_prefixes = [ "10.0.0.0/24" ] + address_prefixes = ["10.0.0.0/24"] } resource "azurerm_availability_set" "this" { name = local.availability_set_name - location = local.location + location = azurerm_resource_group.this.location resource_group_name = azurerm_resource_group.this.name proximity_placement_group_id = azurerm_proximity_placement_group.this.id } resource "azurerm_proximity_placement_group" "this" { - name = local.proximity_placement_group_name - location = local.location + name = "ppg-Example-test-${azurerm_resource_group.this.location}-01" + location = azurerm_resource_group.this.location resource_group_name = azurerm_resource_group.this.name - + lifecycle { - ignore_changes = [tags] + ignore_changes = [tags] } } resource "azurerm_network_interface" "additional_nic_01" { - name = "nic-vm-${replace(element(azurerm_virtual_network.this.address_space,0), "/[./]/", "-")}-01" - location = local.location - resource_group_name = azurerm_resource_group.this.name - dns_servers = [] + name = "nic-${local.hostname}-${replace(element(azurerm_virtual_network.this.address_space, 0), "/[./]/", "-")}-02" + location = azurerm_resource_group.this.location + resource_group_name = azurerm_resource_group.this.name + dns_servers = [] ip_configuration { name = "ip-nic-01" @@ -126,8 +131,8 @@ resource "azurerm_network_interface" "additional_nic_01" { } resource "azurerm_network_security_group" "this" { - name = local.nsg_name - location = local.location + name = "nsg-${trimprefix(azurerm_network_interface.additional_nic_01.name, "nic-")}-Example-Test" + location = azurerm_resource_group.this.location resource_group_name = azurerm_resource_group.this.name security_rule { @@ -141,4 +146,4 @@ resource "azurerm_network_security_group" "this" { source_address_prefix = "*" destination_address_prefix = "*" } -} \ No newline at end of file +} diff --git a/examples/basic/locals.tf b/examples/basic/locals.tf deleted file mode 100644 index df7663b..0000000 --- a/examples/basic/locals.tf +++ /dev/null @@ -1,6 +0,0 @@ -locals { - location = "West Europe" - resource_group_name = "rg-examples_vm_deploy-01" - virtual_network_name = "vnet-examples_vm_deploy-01" - subnet_name = "snet-examples_vm_deploy-01" -} \ No newline at end of file diff --git a/examples/basic/main.tf b/examples/basic/main.tf index 74dcc5b..1ece4ce 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -7,7 +7,7 @@ module "virtual_machine" { virtual_machine_config = { hostname = "CUSTAPP001" - location = local.location + location = azurerm_resource_group.this.location size = "Standard_B1ms" os_sku = "22_04-lts-gen2" os_offer = "0001-com-ubuntu-server-jammy" @@ -27,19 +27,19 @@ module "virtual_machine" { } resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location + name = "rg-TestLinuxBasic-tst-01" + location = "westeurope" } resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name + name = "vnet-10-0-0-0-24-${azurerm_resource_group.this.location}" address_space = ["10.0.0.0/24"] location = azurerm_resource_group.this.location resource_group_name = azurerm_resource_group.this.name } resource "azurerm_subnet" "this" { - name = local.subnet_name + name = "snet-10-0-0-0-24-Test" resource_group_name = azurerm_resource_group.this.name virtual_network_name = azurerm_virtual_network.this.name address_prefixes = ["10.0.0.0/24"] From 6f7dcef5b2786e6bc621036447e9d1dc1c80d63a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 4 Apr 2024 10:16:55 +0000 Subject: [PATCH 58/72] terraform-docs: automated action --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index f7ecf56..3a2c8a4 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ module "virtual_machine" { virtual_machine_config = { hostname = "CUSTAPP001" - location = local.location + location = azurerm_resource_group.this.location size = "Standard_B1ms" os_sku = "22_04-lts-gen2" os_offer = "0001-com-ubuntu-server-jammy" @@ -40,19 +40,19 @@ module "virtual_machine" { } resource "azurerm_resource_group" "this" { - name = local.resource_group_name - location = local.location + name = "rg-TestLinuxBasic-tst-01" + location = "westeurope" } resource "azurerm_virtual_network" "this" { - name = local.virtual_network_name + name = "vnet-10-0-0-0-24-${azurerm_resource_group.this.location}" address_space = ["10.0.0.0/24"] location = azurerm_resource_group.this.location resource_group_name = azurerm_resource_group.this.name } resource "azurerm_subnet" "this" { - name = local.subnet_name + name = "snet-10-0-0-0-24-Test" resource_group_name = azurerm_resource_group.this.name virtual_network_name = azurerm_virtual_network.this.name address_prefixes = ["10.0.0.0/24"] From 1b1a3e50b84790f6ffb32251252a5af7ef36105d Mon Sep 17 00:00:00 2001 From: QBY Carl Pietsch Date: Tue, 9 Apr 2024 11:32:58 +0200 Subject: [PATCH 59/72] Adjusted test examples --- examples/advanced/id_rsa.pub | 2 +- examples/advanced/locals.tf | 14 --------- examples/advanced/main.tf | 6 ++-- examples/basic/main.tf | 5 ++-- examples/write_accelerator/main.tf | 6 ++-- main.tf | 5 ++-- variables.tf | 47 +++++++++++++++++------------- 7 files changed, 37 insertions(+), 48 deletions(-) delete mode 100644 examples/advanced/locals.tf diff --git a/examples/advanced/id_rsa.pub b/examples/advanced/id_rsa.pub index da73e05..59bc09e 100644 --- a/examples/advanced/id_rsa.pub +++ b/examples/advanced/id_rsa.pub @@ -1 +1 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDeA/WEEO04H3b9quI2otmtXZ+sJepU4I+WulTSmakwchv0Nt0ebC0uiFRjHtMgtEM2MzrdkeBDuXkTumexcJ5SaauCbdrHKr0gkprSowe/hkTnJL+SZw3cGA6lPXKxdOIvSW2lFzX1z8QlcODdsfEiO/fLfqDNXW5sUBsQbmrBnGsiqVgXtKu53RWEcALQNvKn0qgPF2+nyCQ2yxwa2iCv1w7SgxMN+plf3Wts7zNn8sEzDwT5uWKi5P+9JKPpLRLS0Q8t2f68vaHkgS0LchPc7MhBG7iWQUDi8piY5Y47CBYW3kK59WOtWmRRMjvUecbQTKt+hQXpAv0n5tPYwBJfrqmfaG4X3l1HVdcpDuFls5ooZaIFPwHGNB7gYMqY1+8smoV4PtaEeOTFtfxe6ABP+Q90LmQNBPQHOtuWwkgDOQiPzNjNDffD7Tx/8g4eLaBUuKOVDUgcg6QDasE0pxSFVUO0BU/8/+rJgZ8cUV0wRX3rbqWbIy1VpOrLEeb46aM= one4all\caiet@5CG93225YL +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDeA/WEEO04H3b9quI2otmtXZ+sJepU4I+WulTSmakwchv0Nt0ebC0uiFRjHtMgtEM2MzrdkeBDuXkTumexcJ5SaauCbdrHKr0gkprSowe/hkTnJL+SZw3cGA6lPXKxdOIvSW2lFzX1z8QlcODdsfEiO/fLfqDNXW5sUBsQbmrBnGsiqVgXtKu53RWEcALQNvKn0qgPF2+nyCQ2yxwa2iCv1w7SgxMN+plf3Wts7zNn8sEzDwT5uWKi5P+9JKPpLRLS0Q8t2f68vaHkgS0LchPc7MhBG7iWQUDi8piY5Y47CBYW3kK59WOtWmRRMjvUecbQTKt+hQXpAv0n5tPYwBJfrqmfaG4X3l1HVdcpDuFls5ooZaIFPwHGNB7gYMqY1+8smoV4PtaEeOTFtfxe6ABP+Q90LmQNBPQHOtuWwkgDOQiPzNjNDffD7Tx/8g4eLaBUuKOVDUgcg6QDasE0pxSFVUO0BU/8/+rJgZ8cUV0wRX3rbqWbIy1VpOrLEeb46aM= diff --git a/examples/advanced/locals.tf b/examples/advanced/locals.tf deleted file mode 100644 index 7893dc7..0000000 --- a/examples/advanced/locals.tf +++ /dev/null @@ -1,14 +0,0 @@ -locals { - location = "West Europe" - resource_group_name = "rg-examples_vm_deploy-02" - virtual_network_name = "vnet-examples_vm_deploy-02" - subnet_name = "snet-examples_vm_deploy-02" - availability_set_name = "as-examples_vm_deploy-02" - proximity_placement_group_name = "ppg-examples_vm_deploy-02" - nsg_name = "nsg-examples_vm_deploy-02" - law_name = "law-examplesvmdeploy-02" - nic = "nic-examples_vm_deploy-02" - nic_ip_config = "nic-ip-examples_vm_deploy-02" - public_ip = "pip-examples_vm_deploy-02" - virtual_machine = "vm-examples_vm_deploy-02" -} \ No newline at end of file diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index dc1d72f..0e538b2 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -32,7 +32,7 @@ module "virtual_machine" { os_disk_storage_type = "StandardSSD_LRS" os_disk_size_gb = 64 availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - write_accelerator_enabled = false + os_disk_write_accelerator_enabled = false proximity_placement_group_id = azurerm_proximity_placement_group.this.id severity_group = "01-second-monday-0300-XCSUFEDTG-reboot" tags = { @@ -49,7 +49,7 @@ module "virtual_machine" { additional_network_interface_ids = [azurerm_network_interface.additional_nic_01.id] data_disks = { - shared-01 = { # Examp. With disk prefix: vm-CUSTAPP007-datadisk-shared-01., Without: vm-CUSTAPP007-shared-01 + shared01 = { lun = 1 tier = "P4" caching = "None" @@ -93,7 +93,7 @@ resource "azurerm_subnet" "this" { } resource "azurerm_availability_set" "this" { - name = local.availability_set_name + name = "avs-example-01" location = azurerm_resource_group.this.location resource_group_name = azurerm_resource_group.this.name proximity_placement_group_id = azurerm_proximity_placement_group.this.id diff --git a/examples/basic/main.tf b/examples/basic/main.tf index 1ece4ce..830b0b9 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -15,10 +15,9 @@ module "virtual_machine" { os_publisher = "Canonical" severity_group = "01-second-monday-0300-XCSUFEDTG-reboot" } + admin_username = "local_admin" admin_credential = { - admin_username = "local_admin" - admin_password = "H3ll0W0rld!" - disable_password_authentication = false + admin_password = "H3ll0W0rld!" } stage = "tst" diff --git a/examples/write_accelerator/main.tf b/examples/write_accelerator/main.tf index 5b2e9f4..a86e3a3 100644 --- a/examples/write_accelerator/main.tf +++ b/examples/write_accelerator/main.tf @@ -21,7 +21,7 @@ module "virtual_machine" { stage = "tst" data_disks = { - shared-01 = { + shared01 = { lun = 1 tier = "P4" caching = "ReadOnly" @@ -31,7 +31,7 @@ module "virtual_machine" { write_accelerator_enabled = true on_demand_bursting_enabled = true } - shared-02 = { + shared02 = { lun = 2 tier = "P4" caching = "None" @@ -41,7 +41,7 @@ module "virtual_machine" { write_accelerator_enabled = true on_demand_bursting_enabled = true } - shared-03 = { + shared03 = { lun = 3 tier = "P4" caching = "ReadWrite" diff --git a/main.tf b/main.tf index 3204ec5..80eb668 100644 --- a/main.tf +++ b/main.tf @@ -38,11 +38,10 @@ resource "azurerm_linux_virtual_machine" "this" { size = var.virtual_machine_config.size admin_username = var.admin_username admin_password = var.admin_credential.admin_password - disable_password_authentication = var.admin_credential.admin_password == null + disable_password_authentication = var.admin_credential.admin_password == null dynamic "admin_ssh_key" { - # for_each = length(var.admin_credential.public_key) > 0 ? [1] : [] for_each = var.admin_credential.public_key != null ? [1] : [] content { username = var.admin_username @@ -55,7 +54,7 @@ resource "azurerm_linux_virtual_machine" "this" { caching = var.virtual_machine_config.os_disk_caching disk_size_gb = var.virtual_machine_config.os_disk_size_gb storage_account_type = var.virtual_machine_config.os_disk_storage_type - write_accelerator_enabled = var.virtual_machine_config.write_accelerator_enabled + write_accelerator_enabled = var.virtual_machine_config.os_disk_write_accelerator_enabled } source_image_reference { diff --git a/variables.tf b/variables.tf index 6575f8e..882a941 100644 --- a/variables.tf +++ b/variables.tf @@ -54,9 +54,9 @@ variable "subnet" { } variable "admin_username" { - type = string + type = string description = "Optionally choose the admin_username of the vm. Defaults to loc_sysadmin." - default = "loc_sysadmin" + default = "loc_sysadmin" } variable "admin_credential" { @@ -73,28 +73,28 @@ variable "admin_credential" { description = <<-DOC ``` admin_password: Password of the local administrator. - public_key: SSH public key file (e.g. file(id_rsa.pub) + public_key: SSH public key file (e.g. file(id_rsa.pub)) ``` DOC } variable "virtual_machine_config" { type = object({ - hostname = string - size = string - location = string - os_sku = string - os_offer = string - os_version = string - os_publisher = string - os_disk_caching = optional(string, "ReadWrite") - os_disk_size_gb = optional(number) - os_disk_storage_type = optional(string, "StandardSSD_LRS") - zone = optional(number) - availability_set_id = optional(string) - write_accelerator_enabled = optional(bool, false) - proximity_placement_group_id = optional(string) - severity_group = string + hostname = string + size = string + location = string + os_sku = string + os_offer = string + os_version = string + os_publisher = string + os_disk_caching = optional(string, "ReadWrite") + os_disk_size_gb = optional(number) + os_disk_storage_type = optional(string, "StandardSSD_LRS") + os_disk_write_accelerator_enabled = optional(bool, false) + zone = optional(number) + availability_set_id = optional(string) + proximity_placement_group_id = optional(string) + severity_group = string }) validation { condition = contains(["None", "ReadOnly", "ReadWrite"], var.virtual_machine_config.os_disk_caching) @@ -105,8 +105,8 @@ variable "virtual_machine_config" { error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS for os_disk_storage_type." } validation { - condition = (contains(["Premium_LRS", "Premium_ZRS"], var.virtual_machine_config.os_disk_storage_type) && var.virtual_machine_config.write_accelerator_enabled == true && var.virtual_machine_config.os_disk_caching == "None") || (var.virtual_machine_config.write_accelerator_enabled == false) - error_message = "write_accelerator_enabled, can only be activated on Premium disks and caching deactivated." + condition = (contains(["Premium_LRS", "Premium_ZRS"], var.virtual_machine_config.os_disk_storage_type) && var.virtual_machine_config.os_disk_write_accelerator_enabled == true && var.virtual_machine_config.os_disk_caching == "None") || (var.virtual_machine_config.os_disk_write_accelerator_enabled == false) + error_message = "os_disk_write_accelerator_enabled, can only be activated on Premium disks and caching deactivated." } validation { condition = var.virtual_machine_config.zone == null || var.virtual_machine_config.zone == 1 || var.virtual_machine_config.zone == 2 || var.virtual_machine_config.zone == 3 @@ -126,9 +126,10 @@ variable "virtual_machine_config" { os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS. zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3. availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone. - write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only + os_disk_write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only be activated on Premium disks and caching deactivated. Defaults to false. proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to. + severity_group: (Required) Sets tag 'Severity Group Monthly' to a specific time and date when an update will be done automatically. ``` DOC } @@ -171,6 +172,10 @@ variable "data_disks" { )]) error_message = "If enable on demand bursting, possible storage_account_type values are Premium_LRS and Premium_ZRS." } + validation { + condition = alltrue([for k, v in var.data_disks : !strcontains(k, "-")]) + error_message = "Logical Name can't contain a '-'" + } default = {} description = <<-DOC From ccb67468dd7df0e1dab05137fb00aad0cc214faf Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 9 Apr 2024 09:33:27 +0000 Subject: [PATCH 60/72] terraform-docs: automated action --- README.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 3a2c8a4..8d50e81 100644 --- a/README.md +++ b/README.md @@ -28,10 +28,9 @@ module "virtual_machine" { os_publisher = "Canonical" severity_group = "01-second-monday-0300-XCSUFEDTG-reboot" } + admin_username = "local_admin" admin_credential = { - admin_username = "local_admin" - admin_password = "H3ll0W0rld!" - disable_password_authentication = false + admin_password = "H3ll0W0rld!" } stage = "tst" @@ -69,11 +68,11 @@ resource "azurerm_subnet" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [admin\_credential](#input\_admin\_credential) | 
admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub)
| 
object({
    admin_password = optional(string)
    public_key     = optional(string)
  })
| n/a | yes | +| [admin\_credential](#input\_admin\_credential) | 
admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub))
| 
object({
    admin_password = optional(string)
    public_key     = optional(string)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [stage](#input\_stage) | The stage of this VM like prd, dev, tst, ... | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
| 
object({
    hostname                     = string
    size                         = string
    location                     = string
    os_sku                       = string
    os_offer                     = string
    os_version                   = string
    os_publisher                 = string
    os_disk_caching              = optional(string, "ReadWrite")
    os_disk_size_gb              = optional(number)
    os_disk_storage_type         = optional(string, "StandardSSD_LRS")
    zone                         = optional(number)
    availability_set_id          = optional(string)
    write_accelerator_enabled    = optional(bool, false)
    proximity_placement_group_id = optional(string)
    severity_group               = string
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  os_disk_write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  severity_group: (Required) Sets tag 'Severity Group Monthly' to a specific time and date when an update will be done automatically.
| 
object({
    hostname                          = string
    size                              = string
    location                          = string
    os_sku                            = string
    os_offer                          = string
    os_version                        = string
    os_publisher                      = string
    os_disk_caching                   = optional(string, "ReadWrite")
    os_disk_size_gb                   = optional(number)
    os_disk_storage_type              = optional(string, "StandardSSD_LRS")
    os_disk_write_accelerator_enabled = optional(bool, false)
    zone                              = optional(number)
    availability_set_id               = optional(string)
    proximity_placement_group_id      = optional(string)
    severity_group                    = string
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [admin\_username](#input\_admin\_username) | Optionally choose the admin\_username of the vm. Defaults to loc\_sysadmin. | `string` | `"loc_sysadmin"` | no | | [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | From ac70c1551c4cff3243843ff48e19fc1dfcd3fc39 Mon Sep 17 00:00:00 2001 From: QBY Carl Pietsch Date: Tue, 9 Apr 2024 11:40:33 +0200 Subject: [PATCH 61/72] Format main --- examples/advanced/main.tf | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index 0e538b2..8eadc4a 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -20,21 +20,21 @@ module "virtual_machine" { nsg = azurerm_network_security_group.this } virtual_machine_config = { - hostname = local.hostname - location = azurerm_resource_group.this.location - size = "Standard_B2s_v2" - zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. - os_sku = "22_04-lts-gen2" - os_offer = "0001-com-ubuntu-server-jammy" - os_version = "latest" - os_publisher = "Canonical" - os_disk_caching = "ReadWrite" - os_disk_storage_type = "StandardSSD_LRS" - os_disk_size_gb = 64 - availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. - os_disk_write_accelerator_enabled = false - proximity_placement_group_id = azurerm_proximity_placement_group.this.id - severity_group = "01-second-monday-0300-XCSUFEDTG-reboot" + hostname = local.hostname + location = azurerm_resource_group.this.location + size = "Standard_B2s_v2" + zone = null # Could be the default value "1", or "2" or "3". Not compatible with availability_set_id enabled. + os_sku = "22_04-lts-gen2" + os_offer = "0001-com-ubuntu-server-jammy" + os_version = "latest" + os_publisher = "Canonical" + os_disk_caching = "ReadWrite" + os_disk_storage_type = "StandardSSD_LRS" + os_disk_size_gb = 64 + availability_set_id = azurerm_availability_set.this.id # Not compatible with zone. + os_disk_write_accelerator_enabled = false + proximity_placement_group_id = azurerm_proximity_placement_group.this.id + severity_group = "01-second-monday-0300-XCSUFEDTG-reboot" tags = { "Environment" = "prd" } From 40e2fba8cffa8fc6d1ccc5dba750218c7f45dcba Mon Sep 17 00:00:00 2001 From: QBY-MarkusMaring <106068259+QBY-MarkusMaring@users.noreply.github.com> Date: Tue, 9 Apr 2024 13:37:09 +0200 Subject: [PATCH 62/72] disallow nullable on variables --- variables.tf | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/variables.tf b/variables.tf index 882a941..de0f1c5 100644 --- a/variables.tf +++ b/variables.tf @@ -6,6 +6,7 @@ variable "public_ip_config" { default = { enabled = false } + nullable = false validation { condition = contains(["Static", "Dynamic"], var.public_ip_config.allocation_method) error_message = "Allocation method must be Static or Dynamic" @@ -29,6 +30,7 @@ variable "nic_config" { })) }) default = {} + nullable = false description = <<-DOC ``` private_ip: Optioanlly specify a private ip to use. Otherwise it will be allocated dynamically. @@ -42,6 +44,7 @@ variable "nic_config" { variable "additional_network_interface_ids" { type = list(string) default = [] + nullable = false description = "List of ids for additional azurerm_network_interface." } @@ -50,13 +53,15 @@ variable "subnet" { id = string address_prefixes = list(string) }) + nullable = false description = "The variable takes the subnet as input and takes the id and the address prefix for further configuration." } variable "admin_username" { type = string - description = "Optionally choose the admin_username of the vm. Defaults to loc_sysadmin." default = "loc_sysadmin" + nullable = false + description = "Optionally choose the admin_username of the vm. Defaults to loc_sysadmin." } variable "admin_credential" { @@ -72,6 +77,7 @@ variable "admin_credential" { sensitive = true description = <<-DOC ``` + Specify either admin_password or public_key: admin_password: Password of the local administrator. public_key: SSH public key file (e.g. file(id_rsa.pub)) ``` @@ -112,6 +118,7 @@ variable "virtual_machine_config" { condition = var.virtual_machine_config.zone == null || var.virtual_machine_config.zone == 1 || var.virtual_machine_config.zone == 2 || var.virtual_machine_config.zone == 3 error_message = "Zone, can only be empty, 1, 2 or 3." } + nullable = false description = <<-DOC ``` hostname: Name of system hostname. @@ -137,6 +144,7 @@ variable "virtual_machine_config" { variable "update_allowed" { type = bool default = true + nullable = false description = "Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`." } @@ -178,6 +186,7 @@ variable "data_disks" { } default = {} + nullable = false description = <<-DOC ``` = { @@ -196,6 +205,7 @@ variable "data_disks" { variable "resource_group_name" { type = string + nullable = false description = "Name of the resource group where the resources will be created." } @@ -208,17 +218,20 @@ variable "name_overrides" { os_disk = optional(string) data_disks = optional(map(string), {}) }) - description = "Possibility to override names that will be generated according to q.beyond naming convention." default = {} + nullable = false + description = "Possibility to override names that will be generated according to q.beyond naming convention." } variable "tags" { type = map(string) - description = "A map of tags that will be set on every resource this module creates." default = {} + nullable = false + description = "A map of tags that will be set on every resource this module creates." } variable "stage" { type = string + nullable = false description = "The stage of this VM like prd, dev, tst, ..." } From 5f40ec793ee324f142264e0b0137491f6c59b750 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 9 Apr 2024 11:37:24 +0000 Subject: [PATCH 63/72] terraform-docs: automated action --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8d50e81..ac6b8b7 100644 --- a/README.md +++ b/README.md @@ -68,7 +68,7 @@ resource "azurerm_subnet" "this" { | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [admin\_credential](#input\_admin\_credential) | 
admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub))
| 
object({
    admin_password = optional(string)
    public_key     = optional(string)
  })
| n/a | yes | +| [admin\_credential](#input\_admin\_credential) | 
Specify either admin_password or public_key:
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub))
| 
object({
    admin_password = optional(string)
    public_key     = optional(string)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [stage](#input\_stage) | The stage of this VM like prd, dev, tst, ... | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | From 1f9ac2d63caaf91d693f4468eb4d7904df31f275 Mon Sep 17 00:00:00 2001 From: QBY-MarkusMaring <106068259+QBY-MarkusMaring@users.noreply.github.com> Date: Tue, 9 Apr 2024 13:37:33 +0200 Subject: [PATCH 64/72] comment for lifecycle --- main.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/main.tf b/main.tf index 80eb668..8eee2d2 100644 --- a/main.tf +++ b/main.tf @@ -73,6 +73,7 @@ resource "azurerm_linux_virtual_machine" "this" { lifecycle { prevent_destroy = true ignore_changes = [ + # Ignore policy assigned managed identities identity ] } From 8b9fed5da161827933ddd8e216997b6c79a617ff Mon Sep 17 00:00:00 2001 From: QBY-MarkusMaring <106068259+QBY-MarkusMaring@users.noreply.github.com> Date: Tue, 9 Apr 2024 16:03:30 +0200 Subject: [PATCH 65/72] Code review --- main.tf | 7 +++++++ terraform.tf | 1 + variables.tf | 6 +++--- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/main.tf b/main.tf index 8eee2d2..993e66c 100644 --- a/main.tf +++ b/main.tf @@ -30,6 +30,13 @@ resource "azurerm_network_interface_security_group_association" "this" { network_security_group_id = var.nic_config.nsg.id } +check { + assert { + condition = length(azurerm_network_interface_security_group_association.this) == 0 + error_message = "Direct NSG associations to the NIC should be avoided. Assign to subnet instead." + } +} + resource "azurerm_linux_virtual_machine" "this" { name = local.virtual_machine.name computer_name = var.virtual_machine_config.hostname diff --git a/terraform.tf b/terraform.tf index 65173e7..320f9a4 100644 --- a/terraform.tf +++ b/terraform.tf @@ -1,4 +1,5 @@ terraform { + required_version = ">=1.5.0" required_providers { azurerm = { source = "hashicorp/azurerm" diff --git a/variables.tf b/variables.tf index de0f1c5..b17b681 100644 --- a/variables.tf +++ b/variables.tf @@ -95,7 +95,7 @@ variable "virtual_machine_config" { os_publisher = string os_disk_caching = optional(string, "ReadWrite") os_disk_size_gb = optional(number) - os_disk_storage_type = optional(string, "StandardSSD_LRS") + os_disk_storage_type = optional(string, "Premium_LRS") os_disk_write_accelerator_enabled = optional(bool, false) zone = optional(number) availability_set_id = optional(string) @@ -112,7 +112,7 @@ variable "virtual_machine_config" { } validation { condition = (contains(["Premium_LRS", "Premium_ZRS"], var.virtual_machine_config.os_disk_storage_type) && var.virtual_machine_config.os_disk_write_accelerator_enabled == true && var.virtual_machine_config.os_disk_caching == "None") || (var.virtual_machine_config.os_disk_write_accelerator_enabled == false) - error_message = "os_disk_write_accelerator_enabled, can only be activated on Premium disks and caching deactivated." + error_message = "os_disk_write_accelerator_enabled can only be activated on Premium disks and caching deactivated." } validation { condition = var.virtual_machine_config.zone == null || var.virtual_machine_config.zone == 1 || var.virtual_machine_config.zone == 2 || var.virtual_machine_config.zone == 3 @@ -154,7 +154,7 @@ variable "data_disks" { disk_size_gb = number caching = optional(string, "ReadWrite") create_option = optional(string, "Empty") - storage_account_type = optional(string, "StandardSSD_LRS") + storage_account_type = optional(string, "Premium_LRS") write_accelerator_enabled = optional(bool, false) on_demand_bursting_enabled = optional(bool, false) })) From bbe98c79c1a2d47f726d163741933018b8b717ad Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 9 Apr 2024 14:03:49 +0000 Subject: [PATCH 66/72] terraform-docs: automated action --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ac6b8b7..c10a8f0 100644 --- a/README.md +++ b/README.md @@ -62,6 +62,7 @@ resource "azurerm_subnet" "this" { | Name | Version | |------|---------| +| [terraform](#requirement\_terraform) | >=1.5.0 | | [azurerm](#requirement\_azurerm) | >= 3.7.0 | ## Inputs @@ -72,10 +73,10 @@ resource "azurerm_subnet" "this" { | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | | [stage](#input\_stage) | The stage of this VM like prd, dev, tst, ... | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  os_disk_write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  severity_group: (Required) Sets tag 'Severity Group Monthly' to a specific time and date when an update will be done automatically.
| 
object({
    hostname                          = string
    size                              = string
    location                          = string
    os_sku                            = string
    os_offer                          = string
    os_version                        = string
    os_publisher                      = string
    os_disk_caching                   = optional(string, "ReadWrite")
    os_disk_size_gb                   = optional(number)
    os_disk_storage_type              = optional(string, "StandardSSD_LRS")
    os_disk_write_accelerator_enabled = optional(bool, false)
    zone                              = optional(number)
    availability_set_id               = optional(string)
    proximity_placement_group_id      = optional(string)
    severity_group                    = string
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  os_disk_write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  severity_group: (Required) Sets tag 'Severity Group Monthly' to a specific time and date when an update will be done automatically.
| 
object({
    hostname                          = string
    size                              = string
    location                          = string
    os_sku                            = string
    os_offer                          = string
    os_version                        = string
    os_publisher                      = string
    os_disk_caching                   = optional(string, "ReadWrite")
    os_disk_size_gb                   = optional(number)
    os_disk_storage_type              = optional(string, "Premium_LRS")
    os_disk_write_accelerator_enabled = optional(bool, false)
    zone                              = optional(number)
    availability_set_id               = optional(string)
    proximity_placement_group_id      = optional(string)
    severity_group                    = string
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [admin\_username](#input\_admin\_username) | Optionally choose the admin\_username of the vm. Defaults to loc\_sysadmin. | `string` | `"loc_sysadmin"` | no | -| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "StandardSSD_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | +| [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "Premium_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | | [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | From 42a7e8546b2dbbab02e9072213f6611b3845c175 Mon Sep 17 00:00:00 2001 From: QBY-MarkusMaring <106068259+QBY-MarkusMaring@users.noreply.github.com> Date: Tue, 9 Apr 2024 16:12:49 +0200 Subject: [PATCH 67/72] Code review --- locals.tf | 4 ++-- variables.tf | 27 ++++++++++++--------------- 2 files changed, 14 insertions(+), 17 deletions(-) diff --git a/locals.tf b/locals.tf index 050fef8..c07017b 100644 --- a/locals.tf +++ b/locals.tf @@ -1,6 +1,6 @@ locals { public_ip = { - name = coalesce(var.name_overrides.public_ip, "pip-${var.stage}-${var.virtual_machine_config.hostname}-01-${var.virtual_machine_config.location}") + name = coalesce(var.name_overrides.public_ip, "pip-${var.public_ip_config.stage}-${var.virtual_machine_config.hostname}-01-${var.virtual_machine_config.location}") } nic = { @@ -13,5 +13,5 @@ locals { tags = merge(var.tags, { "Severity Group Monthly" = var.virtual_machine_config.severity_group, "Update allowed" = local.update_allowed }) } os_disk_name = coalesce(var.name_overrides.os_disk, "disk-${var.virtual_machine_config.hostname}-Os") - update_allowed = var.update_allowed ? "yes" : "no" + update_allowed = var.virtual_machine_config.update_allowed ? "yes" : "no" } \ No newline at end of file diff --git a/variables.tf b/variables.tf index b17b681..8c8eefa 100644 --- a/variables.tf +++ b/variables.tf @@ -2,6 +2,7 @@ variable "public_ip_config" { type = object({ enabled = bool allocation_method = optional(string, "Static") + stage = string }) default = { enabled = false @@ -14,7 +15,8 @@ variable "public_ip_config" { description = <<-DOC ``` enabled: Optionally select true if a public ip should be created. Defaults to false. - allocation_method: The allocation method of the public ip that will be created. Defaults to static. + allocation_method: The allocation method of the public ip that will be created. Defaults to static. + stage: The stage of this PIP. Ex: prd, dev, tst, ... ``` DOC } @@ -101,6 +103,7 @@ variable "virtual_machine_config" { availability_set_id = optional(string) proximity_placement_group_id = optional(string) severity_group = string + update_allowed = optional(bool, true) }) validation { condition = contains(["None", "ReadOnly", "ReadWrite"], var.virtual_machine_config.os_disk_caching) @@ -111,7 +114,13 @@ variable "virtual_machine_config" { error_message = "Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS for os_disk_storage_type." } validation { - condition = (contains(["Premium_LRS", "Premium_ZRS"], var.virtual_machine_config.os_disk_storage_type) && var.virtual_machine_config.os_disk_write_accelerator_enabled == true && var.virtual_machine_config.os_disk_caching == "None") || (var.virtual_machine_config.os_disk_write_accelerator_enabled == false) + condition = ( + var.virtual_machine_config.os_disk_write_accelerator_enabled == true && + contains(["Premium_LRS", "Premium_ZRS"], var.virtual_machine_config.os_disk_storage_type) && + contains(["None", "ReadOnly"], var.virtual_machine_config.os_disk_caching) + ) || ( + var.virtual_machine_config.os_disk_write_accelerator_enabled == false + ) error_message = "os_disk_write_accelerator_enabled can only be activated on Premium disks and caching deactivated." } validation { @@ -137,17 +146,11 @@ variable "virtual_machine_config" { be activated on Premium disks and caching deactivated. Defaults to false. proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to. severity_group: (Required) Sets tag 'Severity Group Monthly' to a specific time and date when an update will be done automatically. + update_allowed: Sets tag 'Update allowed' to yes or no to specify if this VM should currently receive updates. ``` DOC } -variable "update_allowed" { - type = bool - default = true - nullable = false - description = "Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`." -} - variable "data_disks" { type = map(object({ lun = number @@ -229,9 +232,3 @@ variable "tags" { nullable = false description = "A map of tags that will be set on every resource this module creates." } - -variable "stage" { - type = string - nullable = false - description = "The stage of this VM like prd, dev, tst, ..." -} From 09a4a509190609d22c5c9e0b8d343d226879dd14 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 9 Apr 2024 14:13:05 +0000 Subject: [PATCH 68/72] terraform-docs: automated action --- README.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index c10a8f0..a79354c 100644 --- a/README.md +++ b/README.md @@ -71,17 +71,15 @@ resource "azurerm_subnet" "this" { |------|-------------|------|---------|:--------:| | [admin\_credential](#input\_admin\_credential) | 
Specify either admin_password or public_key:
  admin_password: Password of the local administrator.
  public_key: SSH public key file (e.g. file(id_rsa.pub))
| 
object({
    admin_password = optional(string)
    public_key     = optional(string)
  })
| n/a | yes | | [resource\_group\_name](#input\_resource\_group\_name) | Name of the resource group where the resources will be created. | `string` | n/a | yes | -| [stage](#input\_stage) | The stage of this VM like prd, dev, tst, ... | `string` | n/a | yes | | [subnet](#input\_subnet) | The variable takes the subnet as input and takes the id and the address prefix for further configuration. | 
object({
    id               = string
    address_prefixes = list(string)
  })
| n/a | yes | -| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  os_disk_write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  severity_group: (Required) Sets tag 'Severity Group Monthly' to a specific time and date when an update will be done automatically.
| 
object({
    hostname                          = string
    size                              = string
    location                          = string
    os_sku                            = string
    os_offer                          = string
    os_version                        = string
    os_publisher                      = string
    os_disk_caching                   = optional(string, "ReadWrite")
    os_disk_size_gb                   = optional(number)
    os_disk_storage_type              = optional(string, "Premium_LRS")
    os_disk_write_accelerator_enabled = optional(bool, false)
    zone                              = optional(number)
    availability_set_id               = optional(string)
    proximity_placement_group_id      = optional(string)
    severity_group                    = string
  })
| n/a | yes | +| [virtual\_machine\_config](#input\_virtual\_machine\_config) | 
hostname: Name of system hostname.
  size: The size of the vm. Possible values can be seen here: https://learn.microsoft.com/en-us/azure/virtual-machines/sizes
  location: The location of the virtual machine.
  os_sku: (Required) The os that will be running on the vm.
  os_offer: (Required) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.
  os_version: (Required) Optionally specify an os version for the chosen sku.
  os_publisher: (Required) Specifies the Publisher of the Marketplace Image this Virtual Machine should be created from. Changing this forces a new resource to be created.
  os_disk_caching: Optionally change the caching option of the os disk. Defaults to ReadWrite.
  os_disk_size_gb: Optionally change the size of the os disk. Defaults to be specified by image.
  os_disk_storage_type: Optionally change the os_disk_storage_type. Defaults to StandardSSD_LRS.
  zone: Optionally specify an availibility zone for the vm. Values 1, 2 or 3.
  availability_set_id: Optionally specify an availibility set for the vm. Not compatible with zone.
  os_disk_write_accelerator_enabled: Optionally activate write accelaration for the os disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  proximity_placement_group_id: (Optional) The ID of the Proximity Placement Group which the Virtual Machine should be assigned to.
  severity_group: (Required) Sets tag 'Severity Group Monthly' to a specific time and date when an update will be done automatically.
  update_allowed: Sets tag 'Update allowed' to yes or no to specify if this VM should currently receive updates.
| 
object({
    hostname                          = string
    size                              = string
    location                          = string
    os_sku                            = string
    os_offer                          = string
    os_version                        = string
    os_publisher                      = string
    os_disk_caching                   = optional(string, "ReadWrite")
    os_disk_size_gb                   = optional(number)
    os_disk_storage_type              = optional(string, "Premium_LRS")
    os_disk_write_accelerator_enabled = optional(bool, false)
    zone                              = optional(number)
    availability_set_id               = optional(string)
    proximity_placement_group_id      = optional(string)
    severity_group                    = string
    update_allowed                    = optional(bool, true)
  })
| n/a | yes | | [additional\_network\_interface\_ids](#input\_additional\_network\_interface\_ids) | List of ids for additional azurerm\_network\_interface. | `list(string)` | `[]` | no | | [admin\_username](#input\_admin\_username) | Optionally choose the admin\_username of the vm. Defaults to loc\_sysadmin. | `string` | `"loc_sysadmin"` | no | | [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "Premium_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
  })
| 
{
  "enabled": false
}
| no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
  stage: The stage of this PIP. Ex: prd, dev, tst, ...
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
    stage             = string
  })
| 
{
  "enabled": false
}
| no | | [tags](#input\_tags) | A map of tags that will be set on every resource this module creates. | `map(string)` | `{}` | no | -| [update\_allowed](#input\_update\_allowed) | Set the tag `Update allowed`. `True` will set `yes`, `false` to `no`. | `bool` | `true` | no | ## Outputs | Name | Description | From 8a99ee495c130d1571d1a0d978ad0e45f1232d37 Mon Sep 17 00:00:00 2001 From: mmaring Date: Tue, 9 Apr 2024 16:26:57 +0200 Subject: [PATCH 69/72] More review and example fixes --- examples/advanced/main.tf | 2 +- examples/basic/main.tf | 1 - main.tf | 2 +- variables.tf | 6 +++++- 4 files changed, 7 insertions(+), 4 deletions(-) diff --git a/examples/advanced/main.tf b/examples/advanced/main.tf index 8eadc4a..6e66995 100644 --- a/examples/advanced/main.tf +++ b/examples/advanced/main.tf @@ -11,8 +11,8 @@ module "virtual_machine" { public_ip_config = { enabled = true allocation_method = "Static" + stage = "tst" } - stage = "tst" nic_config = { private_ip = "10.0.0.16" enable_accelerated_networking = true diff --git a/examples/basic/main.tf b/examples/basic/main.tf index 830b0b9..4b62d6e 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -19,7 +19,6 @@ module "virtual_machine" { admin_credential = { admin_password = "H3ll0W0rld!" } - stage = "tst" resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this diff --git a/main.tf b/main.tf index 993e66c..4f21979 100644 --- a/main.tf +++ b/main.tf @@ -30,7 +30,7 @@ resource "azurerm_network_interface_security_group_association" "this" { network_security_group_id = var.nic_config.nsg.id } -check { +check "no_nsg_on_nic" { assert { condition = length(azurerm_network_interface_security_group_association.this) == 0 error_message = "Direct NSG associations to the NIC should be avoided. Assign to subnet instead." diff --git a/variables.tf b/variables.tf index 8c8eefa..27fe5fb 100644 --- a/variables.tf +++ b/variables.tf @@ -2,7 +2,7 @@ variable "public_ip_config" { type = object({ enabled = bool allocation_method = optional(string, "Static") - stage = string + stage = optional(string) }) default = { enabled = false @@ -12,6 +12,10 @@ variable "public_ip_config" { condition = contains(["Static", "Dynamic"], var.public_ip_config.allocation_method) error_message = "Allocation method must be Static or Dynamic" } + validation { + condition = var.public_ip_config.enabled == true ? var.public_ip_config.stage != null : true + error_message = "If public ip is enabled, stage must be set." + } description = <<-DOC ``` enabled: Optionally select true if a public ip should be created. Defaults to false. From cd1115202bab3bd1df528e763fb70ea76fc2bddd Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 9 Apr 2024 14:27:20 +0000 Subject: [PATCH 70/72] terraform-docs: automated action --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index a79354c..2b2955f 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,6 @@ module "virtual_machine" { admin_credential = { admin_password = "H3ll0W0rld!" } - stage = "tst" resource_group_name = azurerm_resource_group.this.name subnet = azurerm_subnet.this @@ -78,7 +77,7 @@ resource "azurerm_subnet" "this" { | [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "Premium_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
  stage: The stage of this PIP. Ex: prd, dev, tst, ...
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
    stage             = string
  })
| 
{
  "enabled": false
}
| no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
  stage: The stage of this PIP. Ex: prd, dev, tst, ...
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
    stage             = optional(string)
  })
| 
{
  "enabled": false
}
| no | | [tags](#input\_tags) | A map of tags that will be set on every resource this module creates. | `map(string)` | `{}` | no | ## Outputs From 3e8b454da40f0559603f86a97d5184e97e765cca Mon Sep 17 00:00:00 2001 From: mmaring Date: Wed, 10 Apr 2024 10:47:11 +0200 Subject: [PATCH 71/72] Refactor public IP --- locals.tf | 2 +- main.tf | 4 ++-- variables.tf | 15 +++------------ 3 files changed, 6 insertions(+), 15 deletions(-) diff --git a/locals.tf b/locals.tf index c07017b..5a8ab15 100644 --- a/locals.tf +++ b/locals.tf @@ -1,6 +1,6 @@ locals { public_ip = { - name = coalesce(var.name_overrides.public_ip, "pip-${var.public_ip_config.stage}-${var.virtual_machine_config.hostname}-01-${var.virtual_machine_config.location}") + name = var.public_ip_config != null ? coalesce(var.name_overrides.public_ip, "pip-${var.public_ip_config.stage}-${var.virtual_machine_config.hostname}-01-${var.virtual_machine_config.location}") : "" } nic = { diff --git a/main.tf b/main.tf index 4f21979..c4e24c0 100644 --- a/main.tf +++ b/main.tf @@ -1,5 +1,5 @@ resource "azurerm_public_ip" "this" { - count = var.public_ip_config.enabled ? 1 : 0 + count = var.public_ip_config != null ? 1 : 0 name = local.public_ip.name resource_group_name = var.resource_group_name location = var.virtual_machine_config.location @@ -20,7 +20,7 @@ resource "azurerm_network_interface" "this" { subnet_id = var.subnet.id private_ip_address_allocation = var.nic_config.private_ip == null ? "Dynamic" : "Static" private_ip_address = var.nic_config.private_ip - public_ip_address_id = var.public_ip_config.enabled ? azurerm_public_ip.this[0].id : null + public_ip_address_id = var.public_ip_config != null ? azurerm_public_ip.this[0].id : null } } diff --git a/variables.tf b/variables.tf index 27fe5fb..536fd2c 100644 --- a/variables.tf +++ b/variables.tf @@ -1,24 +1,15 @@ variable "public_ip_config" { type = object({ - enabled = bool allocation_method = optional(string, "Static") - stage = optional(string) + stage = string }) - default = { - enabled = false - } - nullable = false + default = null validation { - condition = contains(["Static", "Dynamic"], var.public_ip_config.allocation_method) + condition = var.public_ip_config != null ? contains(["Static", "Dynamic"], var.public_ip_config.allocation_method) : true error_message = "Allocation method must be Static or Dynamic" } - validation { - condition = var.public_ip_config.enabled == true ? var.public_ip_config.stage != null : true - error_message = "If public ip is enabled, stage must be set." - } description = <<-DOC ``` - enabled: Optionally select true if a public ip should be created. Defaults to false. allocation_method: The allocation method of the public ip that will be created. Defaults to static. stage: The stage of this PIP. Ex: prd, dev, tst, ... ``` From 08eee22be11cf1f38ed052661d324fa22eff640a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Wed, 10 Apr 2024 08:47:32 +0000 Subject: [PATCH 72/72] terraform-docs: automated action --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2b2955f..0b6069e 100644 --- a/README.md +++ b/README.md @@ -77,7 +77,7 @@ resource "azurerm_subnet" "this" { | [data\_disks](#input\_data\_disks) | 
 = {
  lun: Number of the lun.
  disk_size_gb: The size of the data disk.
  storage_account_type: Optionally change the storage_account_type. Defaults to StandardSSD_LRS.
  caching: Optionally activate disk caching. Defaults to None.
  create_option: Optionally change the create option. Defaults to Empty disk.
  write_accelerator_enabled: Optionally activate write accelaration for the data disk. Can only
    be activated on Premium disks and caching deactivated. Defaults to false.
  on_demand_bursting_enabled: Optionally activate disk bursting. Only for Premium disk. Default false.
 }
| 
map(object({
    lun                        = number
    disk_size_gb               = number
    caching                    = optional(string, "ReadWrite")
    create_option              = optional(string, "Empty")
    storage_account_type       = optional(string, "Premium_LRS")
    write_accelerator_enabled  = optional(bool, false)
    on_demand_bursting_enabled = optional(bool, false)
  }))
| `{}` | no | | [name\_overrides](#input\_name\_overrides) | Possibility to override names that will be generated according to q.beyond naming convention. | 
object({
    nic             = optional(string)
    nic_ip_config   = optional(string)
    public_ip       = optional(string)
    virtual_machine = optional(string)
    os_disk         = optional(string)
    data_disks      = optional(map(string), {})
  })
| `{}` | no | | [nic\_config](#input\_nic\_config) | 
private_ip: Optioanlly specify a private ip to use. Otherwise it will  be allocated dynamically.
  dns_servers: Optionally specify a list of dns servers for the nic.
  enable_accelerated_networking: Enabled Accelerated networking (SR-IOV) on the NIC. The machine SKU must support this feature.
  nsg: Although it is discouraged you can optionally assign an NSG to the NIC. Optionally specify a NSG object.
| 
object({
    private_ip                    = optional(string)
    dns_servers                   = optional(list(string))
    enable_accelerated_networking = optional(bool, false)
    nsg = optional(object({
      id = string
    }))
  })
| `{}` | no | -| [public\_ip\_config](#input\_public\_ip\_config) | 
enabled: Optionally select true if a public ip should be created. Defaults to false.
  allocation_method: The allocation method of the public ip that will be created. Defaults to static.
  stage: The stage of this PIP. Ex: prd, dev, tst, ...
| 
object({
    enabled           = bool
    allocation_method = optional(string, "Static")
    stage             = optional(string)
  })
| 
{
  "enabled": false
}
| no | +| [public\_ip\_config](#input\_public\_ip\_config) | 
allocation_method: The allocation method of the public ip that will be created. Defaults to static.
  stage: The stage of this PIP. Ex: prd, dev, tst, ...
| 
object({
    allocation_method = optional(string, "Static")
    stage             = string
  })
| `null` | no | | [tags](#input\_tags) | A map of tags that will be set on every resource this module creates. | `map(string)` | `{}` | no | ## Outputs