Terraform module to create virtual machine resource on AZURE.
We eat, drink, sleep and most importantly love DevOps. We are working towards strategies for standardizing architecture while ensuring security for the infrastructure. We are strong believer of the philosophy Bigger problems are always solved by breaking them into smaller manageable problems. Resonating with microservices architecture, it is considered best-practice to run database, cluster, storage in smaller connected yet manageable pieces within the infrastructure.
This module is basically combination of Terraform open source and includes automatation tests and examples. It also helps to create and improve your infrastructure with minimalistic code instead of maintaining the whole infrastructure code yourself.
We have fifty plus terraform modules. A few of them are comepleted and are available for open source usage while a few others are in progress.
This module has a few dependencies:
- Terraform 1.x.x
- Go
- github.com/stretchr/testify/assert
- github.com/gruntwork-io/terratest/modules/terraform
IMPORTANT: Since the master branch used in source varies based on new modifications, we suggest that you use the release versions here.
Here are some examples of how you can use this module in your inventory structure:
module "virtual-machine" {
source = "clouddrove/virtual-machine/azure"
version = "1.0.0"
name = "app"
environment = "test"
label_order = ["name", "environment"]
## Common
enabled = true
machine_count = 1
resource_group_name = module.resource_group.resource_group_name
location = module.resource_group.resource_group_location
## Network Interface
subnet_id = module.subnet.default_subnet_id
private_ip_address_version = "IPv4"
private_ip_address_allocation = "Static"
primary = true
private_ip_addresses = ["10.0.1.4"]
#nsg
network_interface_sg_enabled = true
network_security_group_id = module.security_group.id
## Availability Set
availability_set_enabled = true
platform_update_domain_count = 7
platform_fault_domain_count = 3
## Public IP
public_ip_enabled = true
sku = "Basic"
allocation_method = "Static"
ip_version = "IPv4"
## Virtual Machine
linux_enabled = true
vm_size = "Standard_B1s"
file_path = "~/.ssh/id_rsa.pub"
username = "ubuntu"
os_profile_enabled = true
admin_username = "ubuntu"
create_option = "FromImage"
caching = "ReadWrite"
disk_size_gb = 30
os_type = "Linux"
managed_disk_type = "Standard_LRS"
storage_image_reference_enabled = true
image_publisher = "Canonical"
image_offer = "UbuntuServer"
image_sku = "20.04-LTS"
image_version = "latest"
}| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| access_tier | Defines the access tier for BlobStorage, FileStorage and StorageV2 accounts. Valid options are Hot and Cool, defaults to Hot. | string |
"Hot" |
no |
| account_kind | Defines the Kind of account. Valid options are BlobStorage, BlockBlobStorage, FileStorage, Storage and StorageV2. | string |
"StorageV2" |
no |
| account_replication_type | Defines the type of replication to use for this storage account. Valid options are LRS, GRS, RAGRS, ZRS, GZRS and RAGZRS. | string |
"" |
no |
| account_tier | Defines the Tier to use for this storage account. Valid options are Standard and Premium. | string |
"" |
no |
| addtional_capabilities_enabled | Whether additional capabilities block is enabled. | bool |
false |
no |
| admin_password | The password associated with the local administrator account. | string |
"" |
no |
| admin_username | Specifies the name of the local administrator account. | string |
"" |
no |
| allocation_method | Defines the allocation method for this IP address. Possible values are Static or Dynamic. | string |
"" |
no |
| allowed_headers | A list of headers that are allowed to be a part of the cross-origin request. | list(any) |
[] |
no |
| allowed_methods | A list of http headers that are allowed to be executed by the origin. Valid options are DELETE, GET, HEAD, MERGE, POST, OPTIONS, PUT or PATCH. | list(any) |
[] |
no |
| allowed_origins | A list of origin domains that will be allowed by CORS. | list(any) |
[] |
no |
| application | Application (e.g. cd or clouddrove). |
string |
"" |
no |
| availability_set_enabled | Whether availability set is enabled. | bool |
false |
no |
| blob_endpoint | The Storage Account's Blob Endpoint which should hold the virtual machine's diagnostic files | string |
"" |
no |
| blob_properties_enabled | Is blob properties is enabled. | bool |
false |
no |
| boot_diagnostics_enabled | Whether boot diagnostics block is enabled. | bool |
false |
no |
| bypass | Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Valid options are any combination of Logging, Metrics, AzureServices, or None. | string |
"" |
no |
| caching | Specifies the caching requirements for the OS Disk. Possible values include None, ReadOnly and ReadWrite. | string |
"" |
no |
| certificate_store | Specifies the certificate store on the Virtual Machine where the certificate should be added to, such as My. | string |
"" |
no |
| certificate_url | The ID of the Key Vault Secret which contains the encrypted Certificate which should be installed on the Virtual Machine. This certificate must also be specified in the vault_certificates block within the os_profile_secrets block. | string |
"" |
no |
| component | Specifies the name of the component to configure with the added content. The only allowable value is Microsoft-Windows-Shell-Setup. | string |
"Microsoft-Windows-Shell-Setup" |
no |
| content | Specifies the base-64 encoded XML formatted content that is added to the unattend.xml file for the specified path and component. | string |
"" |
no |
| create | Used when creating the Resource Group. | string |
"60m" |
no |
| create_option | Specifies how the OS Disk should be created. Possible values are Attach (managed disks only) and FromImage. | string |
"" |
no |
| custom_domain_enabled | Whether custom domain is enabled. | bool |
false |
no |
| custom_image_id | Specifies the ID of the Custom Image which the Virtual Machine should be created from. | string |
"" |
no |
| days | Specifies the number of days that the blob should be retained, between 1 and 365 days. Defaults to 7. | number |
7 |
no |
| ddos_protection_mode | The DDoS protection mode of the public IP | string |
"VirtualNetworkInherited" |
no |
| default_action | Specifies the default action of allow or deny when no other rules match. Valid options are Deny or Allow. | string |
"" |
no |
| delete | Used when deleting the Resource Group. | string |
"60m" |
no |
| delete_data_disks_on_termination | Should the Data Disks (either the Managed Disks / VHD Blobs) be deleted when the Virtual Machine is destroyed? Defaults to false. | bool |
true |
no |
| delete_os_disk_on_termination | Should the OS Disk (either the Managed Disk / VHD Blob) be deleted when the Virtual Machine is destroyed? Defaults to false. | bool |
true |
no |
| disable_password_authentication | Specifies whether password authentication should be disabled. | bool |
true |
no |
| disk_size_gb | Specifies the size of the OS Disk in gigabytes. | number |
8 |
no |
| dns_servers | List of IP addresses of DNS servers. | list(string) |
[] |
no |
| domain_name_label | Label for the Domain Name. Will be used to make up the FQDN. If a domain name label is specified, an A DNS record is created for the public IP in the Microsoft Azure DNS system. | string |
null |
no |
| enable_accelerated_networking | Should Accelerated Networking be enabled? Defaults to false. | bool |
false |
no |
| enable_automatic_upgrades | Are automatic updates enabled on this Virtual Machine? Defaults to false. | bool |
false |
no |
| enable_https_traffic_only | Boolean flag which forces HTTPS if enabled. Defaults to true. | bool |
true |
no |
| enable_ip_forwarding | Should IP Forwarding be enabled? Defaults to false. | bool |
false |
no |
| enabled | Flag to control the module creation. | bool |
false |
no |
| environment | Environment (e.g. prod, dev, staging). |
string |
"" |
no |
| error_404_document | The absolute path to a custom webpage that should be used when a request is made which does not correspond to an existing file. | string |
"" |
no |
| exposed_headers | A list of response headers that are exposed to CORS clients. | list(any) |
[] |
no |
| file_path | The Public SSH Key which should be written to the path defined above. | string |
"~/.ssh/id_rsa.pub" |
no |
| hour_metrics_enabled | Indicates whether hour metrics are enabled for the Queue service. | bool |
false |
no |
| identity_enabled | Whether identity block is enabled. | bool |
false |
no |
| identity_ids | Specifies a list of user managed identity ids to be assigned to the VM. | list(any) |
[] |
no |
| idle_timeout_in_minutes | Specifies the timeout for the TCP idle connection. The value can be set between 4 and 60 minutes. | number |
10 |
no |
| image_offer | Specifies the offer of the image used to create the virtual machine. | string |
"" |
no |
| image_publisher | Specifies the publisher of the image used to create the virtual machine. | string |
"" |
no |
| image_sku | Specifies the SKU of the image used to create the virtual machine. | string |
"" |
no |
| image_uri | Specifies the Image URI in the format publisherName:offer:skus:version. This field can also specify the VHD uri of a custom VM image to clone. When cloning a Custom (Unmanaged) Disk Image the os_type field must be set. | string |
"" |
no |
| image_version | Specifies the version of the image used to create the virtual machine. | string |
"" |
no |
| include_apis | Indicates whether metrics should generate summary statistics for called API operations. | bool |
false |
no |
| index_document | The webpage that Azure Storage serves for requests to the root of a website or any subfolder. For example, index.html. The value is case-sensitive. | string |
"" |
no |
| internal_dns_name_label | The (relative) DNS Name used for internal communications between Virtual Machines in the same Virtual Network. | string |
null |
no |
| ip_version | The IP Version to use, IPv6 or IPv4. | string |
"" |
no |
| is_hns_enabled | Is Hierarchical Namespace enabled?. | bool |
false |
no |
| label_order | Label order, e.g. name,application. |
list(any) |
[] |
no |
| license_type | Specifies the BYOL Type for this Virtual Machine. This is only applicable to Windows Virtual Machines. Possible values are Windows_Client and Windows_Server. | string |
"Windows_Client" |
no |
| linux_enabled | Whether linux block is enabled. | bool |
false |
no |
| location | Location where resource should be created. | string |
"" |
no |
| log_delete | Indicates whether all delete requests should be logged. | bool |
false |
no |
| log_read | Indicates whether all read requests should be logged. | bool |
false |
no |
| log_version | The version of storage analytics to configure. | string |
"" |
no |
| log_write | Indicates whether all write requests should be logged. | bool |
false |
no |
| lun | Specifies the logical unit number of the data disk. This needs to be unique within all the Data Disks on the Virtual Machine. | number |
0 |
no |
| machine_count | Number of Virtual Machines to create. | number |
0 |
no |
| managed | Specifies whether the availability set is managed or not. Possible values are true (to specify aligned) or false (to specify classic). Default is true. | bool |
true |
no |
| managed_disk_id | Specifies the ID of an existing Managed Disk which should be attached as the OS Disk of this Virtual Machine. If this is set then the create_option must be set to Attach. | string |
"" |
no |
| managed_disk_type | Specifies the type of Managed Disk which should be created. Possible values are Standard_LRS, StandardSSD_LRS or Premium_LRS. | string |
"" |
no |
| managedby | ManagedBy, eg 'CloudDrove' or 'AnmolNagpal'. | string |
"anmol@clouddrove.com" |
no |
| max_age_in_seconds | The number of seconds the client should cache a preflight response. | number |
60 |
no |
| minute_metrics_enabled | Indicates whether minute metrics are enabled for the Queue service. | bool |
false |
no |
| name | Name (e.g. app or cluster). |
string |
"" |
no |
| network_interface_sg_enabled | Whether network interface security group is enabled. | bool |
false |
no |
| network_rules_enabled | Whether network rules block is enabled. | bool |
false |
no |
| network_security_group_id | The ID of the Network Security Group which should be attached to the Network Interface. | string |
"" |
no |
| os_profile_enabled | Whether os profile block is enabled. | bool |
false |
no |
| os_type | Specifies the Operating System on the OS Disk. Possible values are Linux and Windows. | string |
"" |
no |
| pass | Specifies the name of the pass that the content applies to. The only allowable value is oobeSystem. | string |
"oobeSystem" |
no |
| plan_enabled | Whether plan block is enabled. | bool |
false |
no |
| plan_name | Specifies the name of the image from the marketplace. | string |
"" |
no |
| plan_product | Specifies the product of the image from the marketplace. | string |
"" |
no |
| plan_publisher | Specifies the publisher of the image. | string |
"" |
no |
| platform_fault_domain_count | Specifies the number of fault domains that are used. Defaults to 3. | number |
3 |
no |
| platform_update_domain_count | Specifies the number of update domains that are used. Defaults to 5. | number |
5 |
no |
| primary | Is this the Primary IP Configuration? Must be true for the first ip_configuration when multiple are specified. Defaults to false. | bool |
false |
no |
| private_ip_address_allocation | The allocation method used for the Private IP Address. Possible values are Dynamic and Static. | string |
"Static" |
no |
| private_ip_address_version | The IP Version to use. Possible values are IPv4 or IPv6. Defaults to IPv4. | string |
"IPv4" |
no |
| private_ip_addresses | The Static IP Address which should be used. | list(any) |
[] |
no |
| protocol | Specifies the protocol of listener. Possible values are HTTP or HTTPS. | string |
"" |
no |
| provision_vm_agent | Should the Azure Virtual Machine Guest Agent be installed on this Virtual Machine? Defaults to false. | bool |
false |
no |
| proximity_placement_group_id | The ID of the Proximity Placement Group to which this Virtual Machine should be assigned. | string |
"" |
no |
| public_ip_enabled | Whether public IP is enabled. | bool |
false |
no |
| public_ip_prefix_id | If specified then public IP address allocated will be provided from the public IP prefix resource. | string |
null |
no |
| public_key | Name (e.g. ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQ). |
string |
"" |
no |
| queue_properties_enabled | Whether queue properties is enabled. | bool |
false |
no |
| read | Used when retrieving the Resource Group. | string |
"5m" |
no |
| repository | Terraform current module repo | string |
"" |
no |
| resource_group_name | The name of the resource group in which to create the virtual network. | string |
"" |
no |
| retention_policy_days | Specifies the number of days that logs will be retained. | number |
7 |
no |
| reverse_fqdn | A fully qualified domain name that resolves to this public IP address. If the reverseFqdn is specified, then a PTR DNS record is created pointing from the IP address in the in-addr.arpa domain to the reverse FQDN. | string |
"" |
no |
| sa_type | Specifies the identity type of the Storage Account. At this time the only allowed value is SystemAssigned. | string |
"SystemAssigned" |
no |
| setting_name | Specifies the name of the setting to which the content applies. Possible values are: FirstLogonCommands and AutoLogon. | string |
"" |
no |
| sku | The SKU of the Public IP. Accepted values are Basic and Standard. Defaults to Basic. | string |
"Basic" |
no |
| source_vault_id | Specifies the ID of the Key Vault to use. | string |
"" |
no |
| static_website_enabled | Whether static website block is enabled. | bool |
false |
no |
| storage_data_disk_enabled | Whether storage data disk is enabled. | bool |
false |
no |
| storage_image_reference_enabled | Whether storage image reference is enabled. | bool |
false |
no |
| subnet_id | The ID of the Subnet where this Network Interface should be located in. | list(any) |
[] |
no |
| tags | Additional tags (e.g. map(BusinessUnit,XYZ). |
map(any) |
{} |
no |
| timezone | Specifies the time zone of the virtual machine. | string |
"" |
no |
| ultra_ssd_enabled | Should Ultra SSD disk be enabled for this Virtual Machine?. | bool |
false |
no |
| update | Used when updating the Resource Group. | string |
"60m" |
no |
| use_subdomain | Should the Custom Domain Name be validated by using indirect CNAME validation?. | bool |
false |
no |
| username | The linux user name. | string |
"" |
no |
| vault_enabled | Whether key vault is enabled. | bool |
false |
no |
| vhd_uri | Specifies the URI of the VHD file backing this Unmanaged OS Disk. Changing this forces a new resource to be created. | string |
null |
no |
| vm_size | Specifies the size of the Virtual Machine. | string |
"" |
no |
| vm_type | The Managed Service Identity Type of this Virtual Machine. Possible values are SystemAssigned and UserAssigned. | string |
"" |
no |
| windows_enabled | Whether windows block is enabled. | bool |
false |
no |
| write_accelerator_enabled | Specifies if Write Accelerator is enabled on the disk. This can only be enabled on Premium_LRS managed disks with no caching and M-Series VMs. Defaults to false. | bool |
false |
no |
| zones | A collection containing the availability zone to allocate the Public IP in. | list(any) |
null |
no |
| Name | Description |
|---|---|
| availability_set_id | The ID of the Availability Set. |
| network_interface_id | The ID of the Network Interface. |
| network_interface_private_ip_addresses | The private IP addresses of the network interface. |
| network_interface_sg_association_id | The (Terraform specific) ID of the Association between the Network Interface and the Network Interface. |
| public_ip_address | The IP address value that was allocated. |
| public_ip_id | The Public IP ID. |
| tags | The tags associated to resources. |
| virtual_machine_id | The ID of the Virtual Machine. |
In this module testing is performed with terratest and it creates a small piece of infrastructure, matches the output like ARN, ID and Tags name etc and destroy infrastructure in your AWS account. This testing is written in GO, so you need a GO environment in your system.
You need to run the following command in the testing folder:
go test -run TestIf you come accross a bug or have any feedback, please log it in our issue tracker, or feel free to drop us an email at hello@clouddrove.com.
If you have found it worth your time, go ahead and give us a ★ on our GitHub!
At CloudDrove, we offer expert guidance, implementation support and services to help organisations accelerate their journey to the cloud. Our services include docker and container orchestration, cloud migration and adoption, infrastructure automation, application modernisation and remediation, and performance engineering.
We are The Cloud Experts!
We ❤️ Open Source and you can check out our other modules to get help with your new Cloud ideas.