Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

disk encryption added with cmk and host encryption Argument added #4

Merged
merged 1 commit into from
Feb 13, 2023
Merged

disk encryption added with cmk and host encryption Argument added #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
233 changes: 124 additions & 109 deletions README.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,57 +38,72 @@ usage: |-
source = "clouddrove/virtual-machine/azure"
version = "1.0.0"
name = "app"
environment = "test"
label_order = ["environment", "name"]

## Common
is_vm_linux = true
enabled = true
machine_count = 1
resource_group_name = module.resource_group.resource_group_name
location = module.resource_group.resource_group_location
disable_password_authentication = true

## Network Interface
subnet_id = module.subnet.default_subnet_id
private_ip_address_version = "IPv4"
private_ip_address_allocation = "Static"
primary = true
private_ip_addresses = ["10.0.1.4"]
#nsg
network_interface_sg_enabled = true
network_security_group_id = module.security_group.id

## Availability Set
availability_set_enabled = true
platform_update_domain_count = 7
platform_fault_domain_count = 3

## Public IP
public_ip_enabled = true
sku = "Basic"
allocation_method = "Static"
ip_version = "IPv4"


## Virtual Machine
linux_enabled = true
vm_size = "Standard_B1s"
public_key = "ssh-rsa AAAAB3NzaC1yc2EoL9X+2+4Xb dev" # Enter valid public key here
username = "ubuntu"
os_profile_enabled = true
admin_username = "ubuntu"
# admin_password = "P@ssw0rd!123!" # It is compulsory when disable_password_authentication = false
create_option = "FromImage"
caching = "ReadWrite"
disk_size_gb = 30
os_type = "Linux"
managed_disk_type = "Standard_LRS"
storage_image_reference_enabled = true
image_publisher = "Canonical"
image_offer = "0001-com-ubuntu-server-focal"
image_sku = "20_04-lts"
image_version = "latest"
environment = "test"
label_order = ["environment", "name"]

## Common
is_vm_linux = true
enabled = true
machine_count = 1
resource_group_name = module.resource_group.resource_group_name
location = module.resource_group.resource_group_location
disable_password_authentication = true

## Network Interface
subnet_id = module.subnet.default_subnet_id
private_ip_address_version = "IPv4"
private_ip_address_allocation = "Static"
primary = true
private_ip_addresses = ["10.0.1.4"]
#nsg
network_interface_sg_enabled = true
network_security_group_id = module.security_group.id

## Availability Set
availability_set_enabled = true
platform_update_domain_count = 7
platform_fault_domain_count = 3

## Public IP
public_ip_enabled = true
sku = "Basic"
allocation_method = "Static"
ip_version = "IPv4"


## Virtual Machine
vm_size = "Standard_B1s"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCo0vgHNoVaTcSn9+go0GK8r98EDAGvjLH685+lPLPRuOY3w3OJf8B/wtTPIwC2RoCt0Jalc5ITXUtnPw/IEFNyOCN3j+dfBbw1A5NqbvGTFl3zZyCXWil2ek+5pGtSf75BJ6Dh4/229nkvlYy8WTA2Lswm0Ds6rTUfujXlPdc3EyuRQ1nR85vrYmTpnPEetAq2eekxS9+c1pwqoFjWt9VCDV5iSPLCIZ+EegQwAdidYi1QusEXaQ4C+31ZAm3YfgYmHEvApS52pAyNM2vqgqI+Iepig781Rma10sfaNGspMERNc5SU28rqFdogeZmpAxUlEu4kZh1DOw+Q4DnREV4eL4ydSLtnj36GFIdGN8TwG5wOPyARjGzthEAVZquz8bN7fTp61zODfpNfwshhPMRmL19kLHk95rdKgDIRtcy/NNebJtM8ZgTulakyundEPQDQoM1GGrg1EWMbM6aHNDEL6vUbZa0TLCwus2JrMIBqS7yg76uE3gvrOu5KEQnWZBWr0eWWygwBTZL2f1hGQKQVy7M+9Upl44WgziiS/3JSo0GS5m9CWcbqbKCcnlMgOMkP2VyXQW1h+/FagwMa1E2B32uZpTJAkzmX3sPREHDXOjA6HbAXTF1t4HMsuLbcEWiHjnOFKfCll5EFwQeJ6iZcpKaSrQcZWQ7sHEXL1NcSyw== chopra13arhit@gmail.com" # Enter valid public key here
admin_username = "ubuntu"
# admin_password = "P@ssw0rd!123!" # It is compulsory when disable_password_authentication = false
caching = "ReadWrite"
disk_size_gb = 30
os_type = "Linux"
disk_encryption_set_id = module.virtual-machine.disk_encryption_set-id
storage_image_reference_enabled = true
image_publisher = "Canonical"
image_offer = "0001-com-ubuntu-server-focal"
image_sku = "20_04-lts"
image_version = "latest"


enable_disk_encryption_set = true
key_vault_id = module.key_vault.id
key_vault_key_id = module.virtual-machine.key_id

data_disks = [
{
name = "disk1"
disk_size_gb = 100
storage_account_type = "StandardSSD_LRS"
},
{
name = "disk2"
disk_size_gb = 200
storage_account_type = "Standard_LRS"
}
]

}
```
### Windows Virtual Machine
Expand All @@ -97,63 +112,63 @@ usage: |-
source = "clouddrove/virtual-machine/azure"
version = "1.0.0"
name = "app"
environment = "test"
label_order = ["environment", "name"]

## Common
is_vm_windows = true
enabled = true
machine_count = 1
resource_group_name = module.resource_group.resource_group_name
location = module.resource_group.resource_group_location
disable_password_authentication = false
create_option = "FromImage"
disk_size_gb = 128

## Network Interface
subnet_id = module.subnet.default_subnet_id
private_ip_address_version = "IPv4"
private_ip_address_allocation = "Static"
primary = true
private_ip_addresses = ["10.0.1.4"]
#nsg
network_interface_sg_enabled = true
network_security_group_id = module.security_group.id

## Availability Set
availability_set_enabled = true
platform_update_domain_count = 7
platform_fault_domain_count = 3

## Public IP
public_ip_enabled = true
sku = "Basic"
allocation_method = "Static"
ip_version = "IPv4"


os_type = "windows"
computer_name="app-win-comp"

# windows_distribution_name = "windows2019dc"
vm_size = "Standard_B1s"
admin_username = "azureadmin"
admin_password = "Password@123"
image_publisher = "MicrosoftWindowsServer"
image_offer = "WindowsServer"
image_sku = "2019-Datacenter"
image_version = "latest"


enable_boot_diagnostics = false #Default is false

data_disks = [
{
name = "disk1"
disk_size_gb = 128
storage_account_type = "StandardSSD_LRS"
}
]
environment = "test"
label_order = ["environment", "name"]

## Common
is_vm_windows = true
enabled = true
machine_count = 1
resource_group_name = module.resource_group.resource_group_name
location = module.resource_group.resource_group_location
disable_password_authentication = false
create_option = "FromImage"
disk_size_gb = 128


## Network Interface
subnet_id = module.subnet.default_subnet_id
private_ip_address_version = "IPv4"
private_ip_address_allocation = "Static"
primary = true
private_ip_addresses = ["10.0.1.4"]
#nsg
network_interface_sg_enabled = true
network_security_group_id = module.security_group.id

## Availability Set
availability_set_enabled = true
platform_update_domain_count = 7
platform_fault_domain_count = 3

## Public IP
public_ip_enabled = true
sku = "Basic"
allocation_method = "Static"
ip_version = "IPv4"


os_type = "windows"
computer_name="app-win-comp"

# windows_distribution_name = "windows2019dc"
vm_size = "Standard_B1s"
admin_username = "azureadmin"
admin_password = "Password@123"
image_publisher = "MicrosoftWindowsServer"
image_offer = "WindowsServer"
image_sku = "2019-Datacenter"
image_version = "latest"


enable_boot_diagnostics = false #Default is false

data_disks = [
{
name = "disk1"
disk_size_gb = 128
storage_account_type = "StandardSSD_LRS"
}
]
}
```
57 changes: 48 additions & 9 deletions _example/linux-vm/example.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,28 @@ module "security_group" {

}

module "key_vault" {
source = "clouddrove/key-vault/azure"
depends_on = [
module.resource_group
]
name = "app"
environment = "test"
label_order = ["name", "environment", ]
resource_group_name = module.resource_group.resource_group_name
purge_protection_enabled = true
enabled_for_disk_encryption = true
sku_name = "standard"
subnet_id = module.subnet.default_subnet_id[0]
virtual_network_id = module.vnet.vnet_id[0]
#private endpoint
enable_private_endpoint = true
##RBAC
enable_rbac_authorization = true
principal_id = ["c2f1e13d-XXXXXXXXXXXXXc99470c43"]
role_definition_name = ["Key Vault Administrator"]
}


module "virtual-machine" {
source = "../../"
Expand Down Expand Up @@ -120,21 +142,38 @@ module "virtual-machine" {


## Virtual Machine
linux_enabled = true
vm_size = "Standard_B1s"
public_key = "ssh-rsa AAAAB3NzaC1yc2EoL9X+2+4Xb dev" # Enter valid public key here
username = "ubuntu"
os_profile_enabled = true
admin_username = "ubuntu"
# admin_password = "P@ssw0rd!123!" # It is compulsory when disable_password_authentication = false
create_option = "FromImage"

vm_size = "Standard_B1s"
public_key = "ssh-rsa AAAAB3vjLH685+lPLPRuOY3w3OJ3j+dfBbw1A5NqbvGTFlJ6Dh4/229ggycTUfujXlPdc3EyuRQ1nR85vrYmTpnPEetAq2eekxS9+c1pwqoFjWt9VCDV5iSPLCIZ+EegQwAdidYi1QusEXaQ4C+31ZAm3YfgYmHEvApS52pAyNM2vqgqI+Iepig781Rma10sfaNGspMERNc5SU28rqFdogeZmpAxUlEu4kZh1DOw+Q4DnREV4eL4ydSLtnj36GFIdGN8TwG5wOPyARjGzthEAVZquz8bN7fTp61zODfpNfwshhPMRmL19kLHk95rdKgDIRtcy/NNebJtM8ZgTulakyundEPQDQoM1GGrg1EWMbM6aHNDEL6vUbZa0TLCwus2JrMIBqS7yg76uE3gvrOu5KEQnWZBWr0eWWygwBTZL2f1hGQKQVy7M+9Upl44WgziiS/3JSo0GS5m9CWcbqbKCcnlMgOMkP2VyXQW1h+/FagwMa1E2B32uZpTJAkzmX3sPREHDXOjA6HbAXTF1t4HMsuLbcEWiHjnOFKfCll5EFwQeJ6iZcpKaSrQcZWQ7sHEXL1NcSyw== chopra13arhit@gmail.com" # Enter valid public key here
admin_username = "ubuntu"
# admin_password = "P@ssw0rd!123!" # It is compulsory when disable_password_authentication = false
caching = "ReadWrite"
disk_size_gb = 30
os_type = "Linux"
managed_disk_type = "Standard_LRS"
disk_encryption_set_id = module.virtual-machine.disk_encryption_set-id
storage_image_reference_enabled = true
image_publisher = "Canonical"
image_offer = "0001-com-ubuntu-server-focal"
image_sku = "20_04-lts"
image_version = "latest"


enable_disk_encryption_set = true
key_vault_id = module.key_vault.id
key_vault_key_id = module.virtual-machine.key_id
enable_encryption_at_host = true

data_disks = [
{
name = "disk1"
disk_size_gb = 100
storage_account_type = "StandardSSD_LRS"
},
{
name = "disk2"
disk_size_gb = 200
storage_account_type = "Standard_LRS"
}
]

}
Loading