├── .github └── workflows │ └── Greetings-workflow.yaml ├── .gitignore ├── Azure-DevOps └── Create-project-git-service-conn │ ├── main.tf │ └── provider.tf ├── Azure ├── 101-AKS-Cluster │ ├── main.tf │ ├── variables.tf │ └── variables.tfvars ├── 101-ApplicationGateway │ ├── main.tf │ ├── variables.tf │ └── variables.tfvars ├── 101-Azure-Resource-Group │ └── main.tf ├── 101-Azure-VNet │ ├── main.tf │ ├── variables.tf │ └── variables.tfvars ├── 101-AzureVM-LinuxVM │ ├── main.tf │ ├── variables.tf │ └── variables.tfvars ├── 101-AzureVM-Windows │ ├── main.tf │ ├── variables.tf │ └── variables.tfvars ├── 101-Recovery-Service-Vault │ ├── main.tf │ ├── variables.tf │ └── variables.tfvars ├── 101-Storage-Account │ ├── main.tf │ ├── variables.tf │ └── variables.tfvars ├── 101-VNet-Peering │ ├── main.tf │ ├── variables.tf │ └── variables.tfvars ├── 201-App-Service-Azure-SQL │ ├── app_service │ │ ├── main.tf │ │ ├── output.tf │ │ └── variables.tf │ ├── azure_sql │ │ ├── main.tf │ │ ├── output.tf │ │ └── variables.tf │ ├── logging-monitoring │ │ ├── main.tf │ │ ├── output.tf │ │ └── variables.tf │ ├── main.tf │ ├── output.tf │ ├── variables.tf │ └── variables.tfvars ├── 201-AzureVM-Extensions │ ├── main.tf │ ├── variable.tf │ └── variables.tfvars ├── 201-Enable-Backup-VM │ ├── main.tf │ ├── variables.tf │ └── variables.tfvars ├── 201-Enable-Update-Management-VMs │ ├── main.tf │ ├── variables.tf │ └── variables.tfvars ├── 201-VMCreds-KeyVault │ ├── Readme.md │ ├── main.tf │ ├── variables.tf │ └── variables.tfvars └── 201-Win-Update-Enabled │ ├── main.tf │ ├── variables.tf │ └── variables.tfvars ├── Docker └── 101-Start-Container │ ├── main.tf │ ├── output.tf │ ├── variables.tf │ └── variables.tfvars ├── Kubernetes └── aks-k8s-manifests │ ├── .terraform.lock.hcl │ ├── README.md │ ├── main.tf │ └── manifests │ ├── deployment.yaml │ └── service.yaml ├── README.md └── Terraform-Concepts ├── Readme.md └── for_each ├── Readme.md ├── main.tf ├── output.tf └── providers.tf /.github/workflows/Greetings-workflow.yaml: -------------------------------------------------------------------------------- 1 | 2 | name: Greet first-time contributors 3 | 4 | on: [pull_request, issues] 5 | 6 | jobs: 7 | greeting: 8 | runs-on: ubuntu-latest 9 | steps: 10 | - uses: actions/first-interaction@v1 11 | with: 12 | repo-token: ${{ secrets.GITHUB_TOKEN }} 13 | issue-message: 'Message that will be displayed on users'' first issue' 14 | pr-message: 'Message that will be displayed on users'' first pr' 15 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .envrc 2 | .DS_Store 3 | .terraform 4 | *.tfstate 5 | *.tfstate.backup 6 | tags 7 | TestFolder/ 8 | keys/ 9 | .vscode 10 | .terraform.tfstate.lock.info 11 | .idea 12 | -------------------------------------------------------------------------------- /Azure-DevOps/Create-project-git-service-conn/main.tf: -------------------------------------------------------------------------------- 1 | resource "azuredevops_project" "project" { 2 | description = "Created by Terraform" 3 | name = "terraform-project" 4 | version_control = "git" 5 | visibility = "private" 6 | work_item_template = "Agile" 7 | } 8 | 9 | resource "azuredevops_git_repository" "git_repository" { 10 | project_id = azuredevops_project.project.id 11 | name = "terraform-repo" 12 | default_branch = "refs/heads/main" 13 | initialization { 14 | init_type = "Clean" 15 | } 16 | lifecycle { 17 | ignore_changes = [ 18 | initialization 19 | ] 20 | } 21 | } 22 | 23 | resource "azuredevops_serviceendpoint_azurerm" "azure_service_connection" { 24 | project_id = azuredevops_project.project.id 25 | service_endpoint_name = "AzureRM-Create-Terraform" 26 | description = "Managed by Terraform" 27 | service_endpoint_authentication_scheme = "ServicePrincipal" 28 | credentials { 29 | serviceprincipalid = "4f149c0e-5f8c-4020-921d-98d4e9c9651b" 30 | serviceprincipalkey = "6Uh8Q~99wjBBMX3iIDbYB.6Yjg~m8FKfC2yb.diH" 31 | } 32 | azurerm_spn_tenantid = "67e62596-f24c-4eae-9a15-e9aa38182dfd" 33 | azurerm_subscription_id = "dac4cab6-7da3-4bba-a0c6-b93e33e6717a" 34 | azurerm_subscription_name = "Created-By-Terraform" 35 | } -------------------------------------------------------------------------------- /Azure-DevOps/Create-project-git-service-conn/provider.tf: -------------------------------------------------------------------------------- 1 | terraform { 2 | required_providers { 3 | azuredevops = { 4 | source = "microsoft/azuredevops" 5 | version = ">= 0.1.0" 6 | } 7 | } 8 | } 9 | 10 | provider "azuredevops" { 11 | org_service_url = "https://dev.azure.com/infrakloud/" 12 | personal_access_token = "4bxm5iicuhfuvdzavapd3c3goitnfphhxf6gi4ryw5rz6osiriua" 13 | } -------------------------------------------------------------------------------- /Azure/101-AKS-Cluster/main.tf: -------------------------------------------------------------------------------- 1 | /* 2 | *Author - Kasun Rajapakse 3 | *Subject - Create AKS Cluster 4 | *Language - HCL 5 | ! Last Modify Date - Sep 7 2019 6 | ! Disclaimer- LEGAL DISCLAIMER 7 | This Sample Code is provided for the purpose of illustration only and is not 8 | intended to be used in a production environment. THIS SAMPLE CODE AND ANY 9 | RELATED INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER 10 | EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF 11 | MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. We grant You a 12 | nonexclusive, royalty-free right to use and modify the Sample Code and to 13 | reproduce and distribute the object code form of the Sample Code, provided 14 | that You agree: (i) to not use Our name, logo, or trademarks to market Your 15 | software product in which the Sample Code is embedded; (ii) to include a valid 16 | copyright notice on Your software product in which the Sample Code is embedded; 17 | and (iii) to indemnify, hold harmless, and defend Us and Our suppliers from and 18 | against any claims or lawsuits, including attorneys’ fees, that arise or result 19 | from the use or distribution of the Sample Code. 20 | */ 21 | 22 | 23 | #Add Azure Provider 24 | provider "azurerm" { 25 | } 26 | 27 | #Create Resource Group 28 | resource "azurerm_resource_group" "k8terraform" { 29 | name = "${var.resource_group_name}" 30 | location = "${var.location}" 31 | } 32 | 33 | #Create Log Analytics Workspace 34 | resource "azurerm_log_analytics_workspace" "aksterraform" { 35 | name = "${var.log_analytics_workspace_name}" 36 | location = "${var.log_analytics_workspace_location}" 37 | resource_group_name = "${azurerm_resource_group.k8terraform.name}" 38 | sku = "${var.log_analytics_workspace_sku}" 39 | } 40 | 41 | #Enable Log Analytics Solution 42 | resource "azurerm_log_analytics_solution" "aksterraformsolution" { 43 | solution_name = "ContainerInsights" 44 | location = "${azurerm_log_analytics_workspace.aksterraform.location}" 45 | resource_group_name = "${azurerm_resource_group.k8terraform.name}" 46 | workspace_resource_id = "${azurerm_log_analytics_workspace.aksterraform.id}" 47 | workspace_name = "${azurerm_log_analytics_workspace.aksterraform.name}" 48 | 49 | plan { 50 | publisher = "Microsoft" 51 | product = "OMSGallery/ContainerInsights" 52 | } 53 | } 54 | 55 | #Create AKS Cluster 56 | resource "azurerm_kubernetes_cluster" "k8cluster" { 57 | name = "${var.cluster_name}" 58 | location = "${azurerm_resource_group.k8terraform.location}" 59 | resource_group_name = "${azurerm_resource_group.k8terraform.name}" 60 | dns_prefix = "${var.dns_prifix}" 61 | 62 | agent_pool_profile{ 63 | name = "aksterraform" 64 | count = "${var.agent_count}" 65 | vm_size = "Standard_B2ms" 66 | os_type = "Linux" 67 | os_disk_size_gb = 30 68 | } 69 | addon_profile{ 70 | oms_agent{ 71 | enabled = true 72 | log_analytics_workspace_id = "${azurerm_log_analytics_workspace.aksterraform.id}" 73 | } 74 | } 75 | 76 | service_principal{ 77 | client_id = "${var.arm_client_id}" 78 | client_secret = "${var.arm_client_secret}" 79 | } 80 | tags ={ 81 | Enviornment = "Development" 82 | } 83 | 84 | default_node_pool { 85 | name = "linux-pool" 86 | vm_size = "Standard_B2ms" 87 | } 88 | } 89 | 90 | #Outputs 91 | output "client_key" { 92 | value = "${azurerm_kubernetes_cluster.k8cluster.kube_config.0.client_key}" 93 | } 94 | 95 | output "client_certificate" { 96 | value = "${azurerm_kubernetes_cluster.k8cluster.kube_config.0.client_certificate}" 97 | } 98 | 99 | output "cluster_ca_certificate" { 100 | value = "${azurerm_kubernetes_cluster.k8cluster.kube_config.0.cluster_ca_certificate}" 101 | } 102 | 103 | output "cluster_username" { 104 | value = "${azurerm_kubernetes_cluster.k8cluster.kube_config.0.username}" 105 | } 106 | 107 | output "cluster_password" { 108 | value = "${azurerm_kubernetes_cluster.k8cluster.kube_config.0.password}" 109 | } 110 | 111 | output "kube_config" { 112 | value = "${azurerm_kubernetes_cluster.k8cluster.kube_config_raw}" 113 | } 114 | 115 | output "host" { 116 | value = "${azurerm_kubernetes_cluster.k8cluster.kube_config.0.host}" 117 | } -------------------------------------------------------------------------------- /Azure/101-AKS-Cluster/variables.tf: -------------------------------------------------------------------------------- 1 | #Variable 2 | variable "arm_client_id" { 3 | } 4 | 5 | variable "arm_client_secret" { 6 | } 7 | 8 | variable "location" { 9 | } 10 | 11 | variable "cluster_name" { 12 | } 13 | 14 | variable "dns_prifix" { 15 | } 16 | 17 | variable "agent_count" { 18 | default = 3 19 | } 20 | 21 | variable "resource_group_name" { 22 | } 23 | 24 | variable "log_analytics_workspace_name" { 25 | 26 | } 27 | variable "log_analytics_workspace_location" { 28 | default = "eastus" 29 | } 30 | variable "log_analytics_workspace_sku" { 31 | default = "PerNode" 32 | } 33 | 34 | -------------------------------------------------------------------------------- /Azure/101-AKS-Cluster/variables.tfvars: -------------------------------------------------------------------------------- 1 | arm_client_id = "Client-ID" 2 | 3 | arm_client_secret = "Secret" 4 | 5 | resource_group_name = "k8terraform" 6 | 7 | log_analytics_workspace_name = "aksterraform" 8 | 9 | log_analytics_workspace_location = "eastus" 10 | 11 | log_analytics_workspace_sku = "PerNode" 12 | 13 | location = "East US" 14 | 15 | cluster_name = "k8terraform" 16 | 17 | dns_prifix = "k8terraform1232" 18 | 19 | agent_count = 3 -------------------------------------------------------------------------------- /Azure/101-ApplicationGateway/main.tf: -------------------------------------------------------------------------------- 1 | /* 2 | *Author - Kasun Rajapakse 3 | *Subject - Application GW 4 | *Language - HCL 5 | ! Last Modify Date - Sep 7 2019 6 | ! Disclaimer- LEGAL DISCLAIMER 7 | This Sample Code is provided for the purpose of illustration only and is not 8 | intended to be used in a production environment. THIS SAMPLE CODE AND ANY 9 | RELATED INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER 10 | EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF 11 | MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. We grant You a 12 | nonexclusive, royalty-free right to use and modify the Sample Code and to 13 | reproduce and distribute the object code form of the Sample Code, provided 14 | that You agree: (i) to not use Our name, logo, or trademarks to market Your 15 | software product in which the Sample Code is embedded; (ii) to include a valid 16 | copyright notice on Your software product in which the Sample Code is embedded; 17 | and (iii) to indemnify, hold harmless, and defend Us and Our suppliers from and 18 | against any claims or lawsuits, including attorneys’ fees, that arise or result 19 | from the use or distribution of the Sample Code. 20 | */ 21 | 22 | provider "azurerm" { 23 | 24 | } 25 | 26 | #START Azure RM Resource Group 27 | resource "azurerm_resource_group" "App-GW-RG" { 28 | name = "${var.rg_name}" 29 | location = "${var.location}" 30 | } 31 | #END Azure RM Resource Group 32 | 33 | #START Virtual Network 34 | resource "azurerm_virtual_network" "appgw_vnet" { 35 | name = "${var.vnet_name}" 36 | address_space = ["${var.network_address_space}"] 37 | location = "${azurerm_resource_group.App-GW-RG.location}" 38 | resource_group_name = "${azurerm_resource_group.App-GW-RG.name}" 39 | } 40 | 41 | resource "azurerm_subnet" "app-gw-subnet" { 42 | name = "${var.appgw_subnet_name}" 43 | address_prefix = "${var.appgw_subnet_address_prefix}" 44 | virtual_network_name = "${azurerm_virtual_network.appgw_vnet.name}" 45 | resource_group_name = "${azurerm_resource_group.App-GW-RG.name}" 46 | } 47 | 48 | resource "azurerm_subnet" "web-subnet" { 49 | name = "${var.web_subnet_name}" 50 | address_prefix = "${var.web_subnet_address_prefix}" 51 | virtual_network_name = "${azurerm_virtual_network.appgw_vnet.name}" 52 | resource_group_name = "${azurerm_resource_group.App-GW-RG.name}" 53 | } 54 | 55 | 56 | 57 | #Public IP Resources 58 | resource "azurerm_public_ip" "app-gw-pip" { 59 | name = "${var.app_gw_pip}" 60 | resource_group_name = "${azurerm_resource_group.App-GW-RG.name}" 61 | location = "${azurerm_resource_group.App-GW-RG.location}" 62 | allocation_method = "Dynamic" 63 | } 64 | 65 | 66 | #locals for the App-GW 67 | locals { 68 | backend_address_pool_name = "${azurerm_virtual_network.appgw_vnet.name}-backpool" 69 | frontend_port_name = "${azurerm_virtual_network.appgw_vnet.name}-frontport" 70 | frontend_ip_configuration_name = "${azurerm_virtual_network.appgw_vnet.name}-frondip" 71 | http_setting_name = "${azurerm_virtual_network.appgw_vnet.name}-backend-http" 72 | listener_name = "${azurerm_virtual_network.appgw_vnet.name}-http-listen" 73 | request_routing_rule_name = "${azurerm_virtual_network.appgw_vnet.name}-request-route-rule" 74 | redirect_configuration_name = "${azurerm_virtual_network.appgw_vnet.name}-redirect-config-name" 75 | } 76 | 77 | #END Virtual Network 78 | 79 | #START Azure Application Gateway 80 | resource "azurerm_application_gateway" "App-GW" { 81 | name = "${var.app_gw_name}" 82 | location = "${azurerm_resource_group.App-GW-RG.location}" 83 | resource_group_name = "${azurerm_resource_group.App-GW-RG.name}" 84 | 85 | sku { 86 | name = "Standard_Small" 87 | tier = "Standard" 88 | capacity = 2 89 | } 90 | 91 | gateway_ip_configuration { 92 | name = "app-gateway-ip-configuration" 93 | subnet_id = "${azurerm_subnet.app-gw-subnet.id}" 94 | } 95 | 96 | frontend_port { 97 | name = "${local.frontend_port_name}" 98 | port = 80 99 | } 100 | 101 | frontend_ip_configuration { 102 | name = "${local.frontend_ip_configuration_name}" 103 | public_ip_address_id = "${azurerm_public_ip.app-gw-pip.id}" 104 | } 105 | 106 | backend_address_pool { 107 | name = "${local.backend_address_pool_name}" 108 | } 109 | 110 | backend_http_settings { 111 | name = "${local.http_setting_name}" 112 | cookie_based_affinity = "Disabled" 113 | path = "/path1/" 114 | port = 80 115 | protocol = "Http" 116 | request_timeout = 1 117 | } 118 | 119 | http_listener { 120 | name = "${local.listener_name}" 121 | frontend_ip_configuration_name = "${local.frontend_ip_configuration_name}" 122 | frontend_port_name = "${local.frontend_port_name}" 123 | protocol = "Http" 124 | } 125 | 126 | request_routing_rule { 127 | name = "${local.request_routing_rule_name}" 128 | rule_type = "Basic" 129 | http_listener_name = "${local.listener_name}" 130 | backend_address_pool_name = "${local.backend_address_pool_name}" 131 | backend_http_settings_name = "${local.http_setting_name}" 132 | } 133 | } 134 | #END Azure Application Gateway 135 | -------------------------------------------------------------------------------- /Azure/101-ApplicationGateway/variables.tf: -------------------------------------------------------------------------------- 1 | #START Globle Variables 2 | variable "location" { 3 | 4 | } 5 | variable "rg_name" { 6 | 7 | } 8 | #END Globle Variables 9 | 10 | #START Application Gateway Variables 11 | variable "app_gw_name" { 12 | 13 | } 14 | #END Application Gateway Variables 15 | 16 | #VNet Variables 17 | variable "network_address_space" { 18 | 19 | } 20 | variable "vnet_name" { 21 | 22 | } 23 | variable "appgw_subnet_name" { 24 | 25 | } 26 | variable "appgw_subnet_address_prefix" { 27 | 28 | } 29 | 30 | variable "web_subnet_name" { 31 | 32 | } 33 | variable "web_subnet_address_prefix" { 34 | 35 | } 36 | variable "app_gw_pip" { 37 | 38 | } 39 | 40 | -------------------------------------------------------------------------------- /Azure/101-ApplicationGateway/variables.tfvars: -------------------------------------------------------------------------------- 1 | #globle Variables 2 | location = "Southeast Asia" 3 | rg_name = "App-GW" 4 | 5 | #App-GW Variables 6 | app_gw_name = "app_gw_name" 7 | 8 | #Veriables VNet Parameters 9 | network_address_space = "10.70.0.0/16" 10 | vnet_name = "app-gw-01" 11 | appgw_subnet_name = "app-gw-subnet" 12 | appgw_subnet_address_prefix = "10.70.1.0/24" 13 | web_subnet_name = "web-subnet" 14 | web_subnet_address_prefix = "10.70.2.0/24" 15 | app_gw_pip = "app-gw-pip" -------------------------------------------------------------------------------- /Azure/101-Azure-Resource-Group/main.tf: -------------------------------------------------------------------------------- 1 | provider "azurerm" { 2 | features {} 3 | version = "~>2.00" 4 | } 5 | resource "azurerm_resource_group" "rg" { 6 | name = "TFResourceGroup" 7 | location = "centralus" 8 | } -------------------------------------------------------------------------------- /Azure/101-Azure-VNet/main.tf: -------------------------------------------------------------------------------- 1 | provider "azurerm" { 2 | features {} 3 | } 4 | 5 | resource "azurerm_resource_group" "vnet_rg" { 6 | location = var.region 7 | name = var.vnet_rg 8 | } 9 | 10 | resource "azurerm_virtual_network" "vnet" { 11 | address_space = [var.vnet_cidr] 12 | location = azurerm_resource_group.vnet_rg.location 13 | name = var.vnet_name 14 | resource_group_name = azurerm_resource_group.vnet_rg.name 15 | } 16 | 17 | resource "azurerm_subnet" "frontend_subnet" { 18 | name = var.frontend_subnet_name 19 | resource_group_name = azurerm_resource_group.vnet_rg.name 20 | virtual_network_name = azurerm_virtual_network.vnet.name 21 | address_prefixes = [var.frontend_subnet_cidr] 22 | } 23 | 24 | resource "azurerm_subnet" "backend_subnet" { 25 | name = var.backend_subnet_name 26 | resource_group_name = azurerm_resource_group.vnet_rg.name 27 | virtual_network_name = azurerm_virtual_network.vnet.name 28 | address_prefixes = [var.backend_subnet_cidr] 29 | } 30 | 31 | } -------------------------------------------------------------------------------- /Azure/101-Azure-VNet/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | description = "Region for Resource Deployment" 3 | } 4 | 5 | variable "vnet_rg" { 6 | description = "Virtual Network RG Name" 7 | } 8 | 9 | variable "vnet_cidr" { 10 | description = "CIDR of the VNet" 11 | } 12 | 13 | variable "vnet_name" { 14 | description = "VNet Name" 15 | } 16 | 17 | variable "frontend_subnet_name" { 18 | description = "Frontend Subnet Name" 19 | } 20 | 21 | variable "frontend_subnet_cidr" { 22 | description = "CIDR for frontend Subnet" 23 | } 24 | 25 | variable "backend_subnet_name" { 26 | description = "Backend Subnet Name" 27 | } 28 | 29 | variable "backend_subnet_cidr" { 30 | description = "CIDR for backend Subnet" 31 | } 32 | -------------------------------------------------------------------------------- /Azure/101-Azure-VNet/variables.tfvars: -------------------------------------------------------------------------------- 1 | region = "east us" 2 | vnet_rg = "simplevnet-rg" 3 | vnet_cidr = "10.50.0.0/16" 4 | vnet_name = "samplevnet" 5 | frontend_subnet_name = "web" 6 | frontend_subnet_cidr = "10.50.10.0/24" 7 | backend_subnet_name = "database" 8 | backend_subnet_cidr = "10.50.11.0/24" -------------------------------------------------------------------------------- /Azure/101-AzureVM-LinuxVM/main.tf: -------------------------------------------------------------------------------- 1 | /* 2 | *Author - Kasun Rajapakse 3 | *Subject - Create Linux VM 4 | *Language - HCL 5 | ! Last Modify Date - Jun 22 2020 6 | ! Disclaimer- LEGAL DISCLAIMER 7 | This Sample Code is provided for the purpose of illustration only and is not 8 | intended to be used in a production environment. THIS SAMPLE CODE AND ANY 9 | RELATED INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER 10 | EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF 11 | MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. We grant You a 12 | nonexclusive, royalty-free right to use and modify the Sample Code and to 13 | reproduce and distribute the object code form of the Sample Code, provided 14 | that You agree: (i) to not use Our name, logo, or trademarks to market Your 15 | software product in which the Sample Code is embedded; (ii) to include a valid 16 | copyright notice on Your software product in which the Sample Code is embedded; 17 | and (iii) to indemnify, hold harmless, and defend Us and Our suppliers from and 18 | against any claims or lawsuits, including attorneys’ fees, that arise or result 19 | from the use or distribution of the Sample Code. 20 | */ 21 | 22 | provider "azurerm" { 23 | 24 | } 25 | 26 | resource "azurerm_resource_group" "AzureVMRG" { 27 | name = var.rg-name 28 | location = var.location 29 | 30 | tags = { 31 | Deployed = "Terrraform" 32 | } 33 | } 34 | 35 | resource "azurerm_virtual_network" "VMvnet" { 36 | resource_group_name = azurerm_resource_group.AzureVMRG.name 37 | location = azurerm_resource_group.AzureVMRG.location 38 | address_space = [var.vnet_cidr] 39 | name = var.network_name 40 | tags = { 41 | Deployed = "Terrraform" 42 | } 43 | } 44 | 45 | resource "azurerm_subnet" "VMvnet_subnet" { 46 | name = var.subnet_name 47 | address_prefix = var.subnet_cidr 48 | resource_group_name = azurerm_resource_group.AzureVMRG.name 49 | virtual_network_name = azurerm_virtual_network.VMvnet.name 50 | } 51 | 52 | resource "azurerm_public_ip" "public_ip" { 53 | name = "${var.prefix}-TFPIP" 54 | location = azurerm_resource_group.AzureVMRG.location 55 | resource_group_name = azurerm_resource_group.AzureVMRG.name 56 | allocation_method = "Dynamic" 57 | tags = { 58 | Deployed = "Terrraform" 59 | } 60 | 61 | } 62 | 63 | resource "azurerm_network_security_group" "nsg" { 64 | name = "${var.prefix}-NSG" 65 | resource_group_name = azurerm_resource_group.AzureVMRG.name 66 | location = azurerm_resource_group.AzureVMRG.location 67 | tags = { 68 | Deployed = "Terrraform" 69 | } 70 | 71 | security_rule { 72 | name = "SSH" 73 | priority = 1000 74 | direction = "inbound" 75 | access = "Allow" 76 | protocol = "Tcp" 77 | source_port_range = "*" 78 | destination_port_range = "22" 79 | source_address_prefix = "*" 80 | destination_address_prefix = "*" 81 | } 82 | } 83 | 84 | resource "azurerm_network_interface" "nic" { 85 | name = "${var.prefix}-nic" 86 | location = azurerm_resource_group.AzureVMRG.location 87 | resource_group_name = azurerm_resource_group.AzureVMRG.name 88 | network_security_group_id = azurerm_network_security_group.nsg.id 89 | tags = { 90 | Deployed = "Terrraform" 91 | } 92 | ip_configuration { 93 | name = "${var.prefix}-nic-config" 94 | subnet_id = azurerm_subnet.VMvnet_subnet.id 95 | private_ip_address_allocation = "Dynamic" 96 | public_ip_address_id = azurerm_public_ip.public_ip.id 97 | } 98 | } 99 | 100 | resource "azurerm_virtual_machine" "vm" { 101 | name = var.vmname 102 | network_interface_ids = [azurerm_network_interface.nic.id] 103 | location = azurerm_resource_group.AzureVMRG.location 104 | vm_size = var.vmsize 105 | resource_group_name = azurerm_resource_group.AzureVMRG.name 106 | delete_data_disks_on_termination = true 107 | 108 | storage_os_disk { 109 | name = "${var.vmname}-OSdisk" 110 | caching = "ReadWrite" 111 | create_option = "FromImage" 112 | managed_disk_type = "Standard_LRS" 113 | } 114 | 115 | storage_image_reference { 116 | publisher = var.publisher 117 | offer = var.offer 118 | sku = var.sku 119 | version = var.osversion 120 | } 121 | 122 | os_profile { 123 | computer_name = var.computerName 124 | admin_username = "localadmin" 125 | admin_password = var.adminpassword 126 | } 127 | 128 | os_profile_linux_config { 129 | disable_password_authentication = false 130 | } 131 | } 132 | 133 | resource "azurerm_managed_disk" "datadisk" { 134 | name = "${var.vmname}-disk1" 135 | location = azurerm_resource_group.AzureVMRG.location 136 | resource_group_name = azurerm_resource_group.AzureVMRG.name 137 | storage_account_type = "Standard_LRS" 138 | create_option = "Empty" 139 | disk_size_gb = 10 140 | } 141 | 142 | resource "azurerm_virtual_machine_data_disk_attachment" "datdiskattach" { 143 | managed_disk_id = azurerm_managed_disk.datadisk.id 144 | virtual_machine_id = "azurerm_virtual_machine.vm.id 145 | lun = "10" 146 | caching = "ReadWrite" 147 | } 148 | 149 | -------------------------------------------------------------------------------- /Azure/101-AzureVM-LinuxVM/variables.tf: -------------------------------------------------------------------------------- 1 | variable "rg-name" { 2 | type = "string" 3 | default = "SimpleTFVM" 4 | description = "Resource Group Name of the VM" 5 | } 6 | 7 | variable "location" { 8 | type = "string" 9 | default = "Southeast Asia" 10 | description = "Location of the deployment" 11 | } 12 | 13 | variable "network_name" { 14 | type = "string" 15 | default = "simplevm-vnet" 16 | description = "VNet Name" 17 | 18 | } 19 | 20 | variable "vnet_cidr" { 21 | type = "string" 22 | default = "10.100.0.0/16" 23 | description = "Address Space for the VNet" 24 | 25 | } 26 | 27 | variable "subnet_name" { 28 | type = "string" 29 | default = "server-subnet" 30 | description = "VNet Subnet" 31 | 32 | } 33 | 34 | variable "subnet_cidr" { 35 | type = "string" 36 | default = "10.100.10.0/24" 37 | description = "Address Space for the Subnet" 38 | } 39 | 40 | variable "prefix" { 41 | type = "string" 42 | default = "vm" 43 | description = "Address Space for the Subnet" 44 | 45 | } 46 | 47 | variable "vmname" { 48 | } 49 | 50 | 51 | variable "publisher" { 52 | } 53 | 54 | variable "offer" { 55 | } 56 | 57 | variable "sku" { 58 | } 59 | 60 | variable "osversion" { 61 | } 62 | 63 | variable "vmsize" { 64 | default = "Standard_DS1_v2" 65 | } 66 | 67 | variable "adminpassword" { 68 | default = "Test@123" 69 | } 70 | 71 | variable "computerName" { 72 | default = "SimpleVM" 73 | } 74 | 75 | 76 | 77 | 78 | 79 | -------------------------------------------------------------------------------- /Azure/101-AzureVM-LinuxVM/variables.tfvars: -------------------------------------------------------------------------------- 1 | rg-name = "SimpleTFVM" 2 | location = "Southeast Asia" 3 | network_name = "simplevm-vnet" 4 | vnet_cidr = "10.100.0.0/16" 5 | subnet_name = "server-subnet" 6 | subnet_cidr = "10.100.10.0/24" 7 | prefix = "linux-vm" 8 | publisher = "Canonical" 9 | offer = "UbuntuServer" 10 | sku = "16.04-LTS" 11 | osversion = "latest" 12 | vmname = "linuxvm" 13 | vmsize = "Standard_DS1_v2" 14 | adminpassword = "Test@123" 15 | computerName = "SimpleVM" 16 | -------------------------------------------------------------------------------- /Azure/101-AzureVM-Windows/main.tf: -------------------------------------------------------------------------------- 1 | /* 2 | *Author - Kasun Rajapakse 3 | *Subject - Create Windows VM 4 | *Language - HCL 5 | ! Last Modify Date - Feb 24 2020 6 | ! Disclaimer- LEGAL DISCLAIMER 7 | This Sample Code is provided for the purpose of illustration only and is not 8 | intended to be used in a production environment. THIS SAMPLE CODE AND ANY 9 | RELATED INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER 10 | EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF 11 | MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. We grant You a 12 | nonexclusive, royalty-free right to use and modify the Sample Code and to 13 | reproduce and distribute the object code form of the Sample Code, provided 14 | that You agree: (i) to not use Our name, logo, or trademarks to market Your 15 | software product in which the Sample Code is embedded; (ii) to include a valid 16 | copyright notice on Your software product in which the Sample Code is embedded; 17 | and (iii) to indemnify, hold harmless, and defend Us and Our suppliers from and 18 | against any claims or lawsuits, including attorneys’ fees, that arise or result 19 | from the use or distribution of the Sample Code. 20 | */ 21 | 22 | provider "azurerm" { 23 | version = "~>2.00" 24 | features {} 25 | subscription_id = var.subscription_id 26 | client_id = var.client_id 27 | client_secret = var.client_secret 28 | tenant_id = var.tenent_id 29 | } 30 | 31 | resource "azurerm_resource_group" "AzureVMRG" { 32 | name = "${var.rg-name}" 33 | location = "${var.location}" 34 | 35 | tags = { 36 | Deployed = "Terrraform" 37 | } 38 | } 39 | 40 | resource "azurerm_virtual_network" "VMvnet" { 41 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 42 | location = "${azurerm_resource_group.AzureVMRG.location}" 43 | address_space = ["${var.vnet_cidr}"] 44 | name = "${var.network_name}" 45 | tags = { 46 | Deployed = "Terrraform" 47 | } 48 | } 49 | 50 | resource "azurerm_subnet" "VMvnet_subnet" { 51 | name = "${var.subnet_name}" 52 | address_prefixes = "${var.subnet_cidr}" 53 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 54 | virtual_network_name = "${azurerm_virtual_network.VMvnet.name}" 55 | } 56 | 57 | resource "azurerm_public_ip" "public_ip" { 58 | name = "${var.prefix}-TFPIP" 59 | location = "${azurerm_resource_group.AzureVMRG.location}" 60 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 61 | allocation_method = "Dynamic" 62 | tags = { 63 | Deployed = "Terrraform" 64 | } 65 | 66 | } 67 | 68 | resource "azurerm_network_security_group" "nsg" { 69 | name = "${var.prefix}-NSG" 70 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 71 | location = "${azurerm_resource_group.AzureVMRG.location}" 72 | tags = { 73 | Deployed = "Terrraform" 74 | } 75 | 76 | security_rule { 77 | name = "RDP" 78 | priority = 1000 79 | direction = "inbound" 80 | access = "Allow" 81 | protocol = "Tcp" 82 | source_port_range = "*" 83 | destination_port_range = "3389" 84 | source_address_prefix = "*" 85 | destination_address_prefix = "*" 86 | } 87 | } 88 | 89 | resource "azurerm_network_interface" "nic" { 90 | name = "${var.prefix}-nic" 91 | location = "${azurerm_resource_group.AzureVMRG.location}" 92 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 93 | network_security_group_id = "${azurerm_network_security_group.nsg.id}" 94 | tags = { 95 | Deployed = "Terrraform" 96 | } 97 | ip_configuration { 98 | name = "${var.prefix}-nic-config" 99 | subnet_id = "${azurerm_subnet.VMvnet_subnet.id}" 100 | private_ip_address_allocation = "Dynamic" 101 | public_ip_address_id = "${azurerm_public_ip.public_ip.id}" 102 | } 103 | } 104 | 105 | resource "azurerm_virtual_machine" "vm" { 106 | name = "${var.vmname}" 107 | network_interface_ids = ["${azurerm_network_interface.nic.id}"] 108 | location = "${azurerm_resource_group.AzureVMRG.location}" 109 | vm_size = "${var.vmsize}" 110 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 111 | delete_data_disks_on_termination = true 112 | 113 | storage_os_disk { 114 | name = "${var.vmname}-OSdisk" 115 | caching = "ReadWrite" 116 | create_option = "FromImage" 117 | managed_disk_type = "Standard_LRS" 118 | } 119 | 120 | storage_image_reference { 121 | publisher = "${var.publisher}" 122 | offer = "${var.offer}" 123 | sku = "${var.sku}" 124 | version = "${var.osversion}" 125 | } 126 | 127 | os_profile { 128 | computer_name = "${var.computerName}" 129 | admin_username = "localadmin" 130 | admin_password = "${var.adminpassword}" 131 | } 132 | 133 | os_profile_windows_config { 134 | provision_vm_agent = true 135 | } 136 | } 137 | 138 | resource "azurerm_managed_disk" "datadisk" { 139 | name = "${var.vmname}-disk1" 140 | location = "${azurerm_resource_group.AzureVMRG.location}" 141 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 142 | storage_account_type = "Standard_LRS" 143 | create_option = "Empty" 144 | disk_size_gb = 10 145 | } 146 | 147 | resource "azurerm_virtual_machine_data_disk_attachment" "datdiskattach" { 148 | managed_disk_id = "${azurerm_managed_disk.datadisk.id}" 149 | virtual_machine_id = "${azurerm_virtual_machine.vm.id}" 150 | lun = "10" 151 | caching = "ReadWrite" 152 | } 153 | 154 | -------------------------------------------------------------------------------- /Azure/101-AzureVM-Windows/variables.tf: -------------------------------------------------------------------------------- 1 | 2 | variable "rg-name" { 3 | type = "string" 4 | default = "SimpleTFVM" 5 | description = "Resource Group Name of the VM" 6 | } 7 | 8 | variable "location" { 9 | type = "string" 10 | default = "Southeast Asia" 11 | description = "Location of the deployment" 12 | } 13 | 14 | variable "network_name" { 15 | type = "string" 16 | default = "simplevm-vnet" 17 | description = "VNet Name" 18 | 19 | } 20 | 21 | variable "vnet_cidr" { 22 | type = "string" 23 | default = "10.100.0.0/16" 24 | description = "Address Space for the VNet" 25 | 26 | } 27 | 28 | variable "subnet_name" { 29 | type = "string" 30 | default = "server-subnet" 31 | description = "VNet Subnet" 32 | 33 | } 34 | 35 | variable "subnet_cidr" { 36 | type = "string" 37 | default = "10.100.10.0/24" 38 | description = "Address Space for the Subnet" 39 | } 40 | 41 | variable "prefix" { 42 | type = "string" 43 | default = "vm" 44 | description = "Address Space for the Subnet" 45 | 46 | } 47 | 48 | variable "subscription_id"{} 49 | 50 | variable "client_id"{} 51 | 52 | variable "client_secret"{} 53 | 54 | variable "tenent_id"{} 55 | 56 | variable "vmname" { 57 | } 58 | 59 | 60 | variable "publisher" { 61 | } 62 | 63 | variable "offer" { 64 | } 65 | 66 | variable "sku" { 67 | } 68 | 69 | variable "osversion" { 70 | } 71 | 72 | variable "vmsize" { 73 | default = "Standard_DS1_v2" 74 | } 75 | 76 | variable "adminpassword" { 77 | default = "Test@123" 78 | } 79 | 80 | variable "computerName" { 81 | default = "SimpleVM" 82 | } 83 | 84 | 85 | 86 | 87 | 88 | -------------------------------------------------------------------------------- /Azure/101-AzureVM-Windows/variables.tfvars: -------------------------------------------------------------------------------- 1 | rg-name = "SimpleTFVM" 2 | location = "Southeast Asia" 3 | network_name = "simplevm-vnet" 4 | vnet_cidr = "10.100.0.0/16" 5 | subnet_name = "server-subnet" 6 | subnet_cidr = "10.100.10.0/24" 7 | prefix = "win-vm" 8 | publisher = "MicrosoftWindowsServer" 9 | offer = "WindowsServer" 10 | sku = "2019-Datacenter" 11 | osversion = "latest" 12 | vmname = "windowsvm" 13 | vmsize = "Standard_DS1_v2" 14 | adminpassword = "Test@123" 15 | computerName = "SimpleVM1" 16 | subscription_id="" 17 | client_id = "" 18 | client_secret= "" 19 | tenent_id = "" 20 | -------------------------------------------------------------------------------- /Azure/101-Recovery-Service-Vault/main.tf: -------------------------------------------------------------------------------- 1 | /* 2 | *Author - Kasun Rajapakse 3 | *Subject - Create Azure Recovery Vault 4 | *Language - HCL 5 | ! Last Modify Date - Sep 7 2019 6 | ! Disclaimer- LEGAL DISCLAIMER 7 | This Sample Code is provided for the purpose of illustration only and is not 8 | intended to be used in a production environment. THIS SAMPLE CODE AND ANY 9 | RELATED INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER 10 | EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF 11 | MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. We grant You a 12 | nonexclusive, royalty-free right to use and modify the Sample Code and to 13 | reproduce and distribute the object code form of the Sample Code, provided 14 | that You agree: (i) to not use Our name, logo, or trademarks to market Your 15 | software product in which the Sample Code is embedded; (ii) to include a valid 16 | copyright notice on Your software product in which the Sample Code is embedded; 17 | and (iii) to indemnify, hold harmless, and defend Us and Our suppliers from and 18 | against any claims or lawsuits, including attorneys’ fees, that arise or result 19 | from the use or distribution of the Sample Code. 20 | */ 21 | 22 | #provider 23 | 24 | provider "azurerm" { 25 | 26 | } 27 | 28 | #Create Resource Group 29 | resource "azurerm_resource_group" "recovery-vault-rg" { 30 | name = "${var.vault_rg_name}" 31 | location = "${var.location}" 32 | } 33 | 34 | 35 | #Azure Recovery Service Vault 36 | resource "azurerm_recovery_services_vault" "vm-backup-vault" { 37 | name = "${var.vault_name}" 38 | location = "${azurerm_resource_group.recovery-vault-rg.location}" 39 | sku = "${var.sku}" 40 | resource_group_name = "${azurerm_resource_group.recovery-vault-rg.name}" 41 | 42 | } 43 | -------------------------------------------------------------------------------- /Azure/101-Recovery-Service-Vault/variables.tf: -------------------------------------------------------------------------------- 1 | variable "vault_rg_name" { 2 | 3 | } 4 | variable "vault_name" { 5 | 6 | } 7 | variable "sku" { 8 | 9 | } 10 | -------------------------------------------------------------------------------- /Azure/101-Recovery-Service-Vault/variables.tfvars: -------------------------------------------------------------------------------- 1 | vault_rg_name = "recovery-rg" 2 | vault_name = "sample-vault" 3 | sku = "Standard" 4 | location = "Southeast Asia" 5 | -------------------------------------------------------------------------------- /Azure/101-Storage-Account/main.tf: -------------------------------------------------------------------------------- 1 | /* 2 | *Author - Kasun Rajapakse 3 | *Subject - Create Storage Account 4 | *Language - HCL 5 | ! Last Modify Date - Sep 7 2019 6 | ! Disclaimer- LEGAL DISCLAIMER 7 | This Sample Code is provided for the purpose of illustration only and is not 8 | intended to be used in a production environment. THIS SAMPLE CODE AND ANY 9 | RELATED INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER 10 | EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF 11 | MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. We grant You a 12 | nonexclusive, royalty-free right to use and modify the Sample Code and to 13 | reproduce and distribute the object code form of the Sample Code, provided 14 | that You agree: (i) to not use Our name, logo, or trademarks to market Your 15 | software product in which the Sample Code is embedded; (ii) to include a valid 16 | copyright notice on Your software product in which the Sample Code is embedded; 17 | and (iii) to indemnify, hold harmless, and defend Us and Our suppliers from and 18 | against any claims or lawsuits, including attorneys’ fees, that arise or result 19 | from the use or distribution of the Sample Code. 20 | */ 21 | 22 | provider "azurerm" { 23 | features{} 24 | } 25 | resource "azurerm_resource_group" "storage-rg" { 26 | name = "${var.rg_name}" 27 | location = "${var.location}" 28 | } 29 | resource "azurerm_storage_account" "storage-account" { 30 | name = "${lower(var.storage_account_name)}" 31 | resource_group_name = "${azurerm_resource_group.storage-rg.name}" 32 | account_kind = "${var.account_kind}" 33 | access_tier = "${var.access_tier}" 34 | account_tier = "${var.account_tier}" 35 | account_replication_type = "${var.replication_type}" 36 | location = "${azurerm_resource_group.storage-rg.location}" 37 | tags ={ 38 | env = "staging" 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /Azure/101-Storage-Account/variables.tf: -------------------------------------------------------------------------------- 1 | variable "rg_name" { 2 | 3 | } 4 | 5 | variable "storage_account_name" { 6 | 7 | } 8 | variable "account_tier" { 9 | 10 | } 11 | variable "account_kind" { 12 | 13 | } 14 | 15 | variable "replication_type" { 16 | 17 | } 18 | 19 | variable "location" { 20 | 21 | } 22 | variable "access_tier" { 23 | 24 | } 25 | 26 | 27 | 28 | 29 | 30 | -------------------------------------------------------------------------------- /Azure/101-Storage-Account/variables.tfvars: -------------------------------------------------------------------------------- 1 | storage_account_name = "Cloudlifekasun" 2 | rg_name = "Storage-Account" 3 | account_tier = "Standard" 4 | account_kind = "StorageV2" 5 | replication_type = "GRS" 6 | location = "Southeast Asia" 7 | access_tier = "Hot" -------------------------------------------------------------------------------- /Azure/101-VNet-Peering/main.tf: -------------------------------------------------------------------------------- 1 | #Provider 2 | /* 3 | *Author - Kasun Rajapakse 4 | *Subject - Enable vNet Peering 5 | *Language - HCL 6 | ! Last Modify Date - Sep 7 2019 7 | ! Disclaimer- LEGAL DISCLAIMER 8 | This Sample Code is provided for the purpose of illustration only and is not 9 | intended to be used in a production environment. THIS SAMPLE CODE AND ANY 10 | RELATED INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER 11 | EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF 12 | MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. We grant You a 13 | nonexclusive, royalty-free right to use and modify the Sample Code and to 14 | reproduce and distribute the object code form of the Sample Code, provided 15 | that You agree: (i) to not use Our name, logo, or trademarks to market Your 16 | software product in which the Sample Code is embedded; (ii) to include a valid 17 | copyright notice on Your software product in which the Sample Code is embedded; 18 | and (iii) to indemnify, hold harmless, and defend Us and Our suppliers from and 19 | against any claims or lawsuits, including attorneys’ fees, that arise or result 20 | from the use or distribution of the Sample Code. 21 | */ 22 | 23 | provider "azurerm" { 24 | 25 | } 26 | 27 | #Create a Resource Group 28 | 29 | resource "azurerm_resource_group" "peering-rg" { 30 | name = "${var.rg_name}" 31 | location = "${var.location}" 32 | } 33 | 34 | #Create First Virtual Network 35 | resource "azurerm_virtual_network" "vnet-01" { 36 | address_space = ["${var.network1_address_space}"] 37 | location = "${azurerm_resource_group.peering-rg.location}" 38 | resource_group_name = "${azurerm_resource_group.peering-rg.name}" 39 | name = "${var.vnet1_name}" 40 | tags = { 41 | Deployment = "Peering" 42 | } 43 | 44 | subnet{ 45 | name = "${var.vnet1_subnet1_name}" 46 | address_prefix = "${var.vnet1_subnet1_address_prefix}" 47 | } 48 | 49 | subnet{ 50 | name = "${var.vnet1_subnet2_name}" 51 | address_prefix = "${var.vnet1_subnet2_address_prefix}" 52 | } 53 | } 54 | 55 | #Create Second Virtual Network 56 | resource "azurerm_virtual_network" "vnet-02" { 57 | address_space = ["${var.network2_address_space}"] 58 | location = "${azurerm_resource_group.peering-rg.location}" 59 | resource_group_name = "${azurerm_resource_group.peering-rg.name}" 60 | name = "${var.vnet2_name}" 61 | tags = { 62 | Deployment = "Peering" 63 | } 64 | 65 | subnet{ 66 | name = "${var.vnet2_subnet1_name}" 67 | address_prefix = "${var.vnet2_subnet1_address_prefix}" 68 | } 69 | 70 | subnet{ 71 | name = "${var.vnet2_subnet2_name}" 72 | address_prefix = "${var.vnet2_subnet2_address_prefix}" 73 | } 74 | } 75 | 76 | #Peering Connection 77 | 78 | resource "azurerm_virtual_network_peering" "peering-01" { 79 | resource_group_name = "${azurerm_resource_group.peering-rg.name}" 80 | virtual_network_name = "${azurerm_virtual_network.vnet-01.name}" 81 | remote_virtual_network_id = "${azurerm_virtual_network.vnet-02.id}" 82 | name = "VNet1-Peering" 83 | allow_virtual_network_access = true 84 | allow_forwarded_traffic = true 85 | } 86 | 87 | resource "azurerm_virtual_network_peering" "peering-02" { 88 | resource_group_name = "${azurerm_resource_group.peering-rg.name}" 89 | virtual_network_name = "${azurerm_virtual_network.vnet-02.name}" 90 | remote_virtual_network_id = "${azurerm_virtual_network.vnet-01.id}" 91 | name = "VNet2-Peering" 92 | allow_virtual_network_access = true 93 | allow_forwarded_traffic = true 94 | 95 | } 96 | 97 | -------------------------------------------------------------------------------- /Azure/101-VNet-Peering/variables.tf: -------------------------------------------------------------------------------- 1 | #Globle Variables 2 | variable "location" { 3 | 4 | } 5 | variable "rg_name" { 6 | 7 | } 8 | 9 | 10 | #Veriables for the VNet-01 main file 11 | variable "network1_address_space" { 12 | 13 | } 14 | 15 | variable "vnet1_name" { 16 | 17 | } 18 | variable "vnet1_subnet1_name" { 19 | 20 | } 21 | variable "vnet1_subnet1_address_prefix" { 22 | 23 | } 24 | variable "vnet1_subnet2_name" { 25 | 26 | } 27 | variable "vnet1_subnet2_address_prefix" { 28 | 29 | } 30 | 31 | #Veriables for the VNet-02 main file 32 | variable "network2_address_space" { 33 | 34 | } 35 | 36 | variable "vnet2_name" { 37 | 38 | } 39 | variable "vnet2_subnet1_name" { 40 | 41 | } 42 | variable "vnet2_subnet1_address_prefix" { 43 | 44 | } 45 | variable "vnet2_subnet2_name" { 46 | 47 | } 48 | variable "vnet2_subnet2_address_prefix" { 49 | 50 | } 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | -------------------------------------------------------------------------------- /Azure/101-VNet-Peering/variables.tfvars: -------------------------------------------------------------------------------- 1 | #globle Variables 2 | location = "Southeast Asia" 3 | rg_name = "Peering-rg" 4 | 5 | #Veriables VNet-1 Parameters 6 | network1_address_space = "10.60.0.0/16" 7 | vnet1_name = "PeeringVNet-01" 8 | vnet1_subnet1_name = "Web" 9 | vnet1_subnet1_address_prefix = "10.60.1.0/24" 10 | vnet1_subnet2_name = "DB" 11 | vnet1_subnet2_address_prefix = "10.60.2.0/24" 12 | 13 | #Veriables VNet-2 Parameters 14 | network2_address_space = "10.61.0.0/16" 15 | vnet2_name = "PeeringVNet-02" 16 | vnet2_subnet1_name = "Web" 17 | vnet2_subnet1_address_prefix = "10.61.1.0/24" 18 | vnet2_subnet2_name = "DB" 19 | vnet2_subnet2_address_prefix = "10.61.2.0/24" -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/app_service/main.tf: -------------------------------------------------------------------------------- 1 | provider "azurerm" { 2 | features {} 3 | } 4 | 5 | 6 | resource "random_string" "random_suffix" { 7 | length = 5 8 | special = false 9 | number = false 10 | upper = false 11 | } 12 | 13 | 14 | resource "azurerm_app_service_plan" "app_service_plan" { 15 | location = var.region 16 | name = var.app_service_plan_name 17 | resource_group_name = var.rg_name 18 | sku { 19 | size = var.app_service_plan_sku 20 | tier = var.app_service_plan_size 21 | } 22 | 23 | tags = { 24 | env = "Prod" 25 | } 26 | 27 | } 28 | 29 | resource "azurerm_app_service" "web_frontend" { 30 | app_service_plan_id = azurerm_app_service_plan.app_service_plan.id 31 | location = var.region 32 | name = "${var.web_app_name}-${random_string.random_suffix.result}" 33 | resource_group_name = var.rg_name 34 | depends_on = [azurerm_storage_account.web_apps_logs] 35 | 36 | site_config { 37 | dotnet_framework_version = var.app_runtime_version 38 | always_on = true 39 | default_documents = [ 40 | "Default.htm", 41 | "Default.html", 42 | "hostingstart.html" 43 | ] 44 | } 45 | 46 | logs { 47 | application_logs { 48 | azure_blob_storage { 49 | level = "Error" 50 | retention_in_days = 180 51 | sas_url = data.azurerm_storage_account_sas.storage_sas.connection_string 52 | } 53 | } 54 | http_logs { 55 | azure_blob_storage { 56 | retention_in_days = 180 57 | sas_url = data.azurerm_storage_account_sas.storage_sas.connection_string 58 | } 59 | } 60 | } 61 | 62 | tags = { 63 | env = "Prod" 64 | } 65 | 66 | } 67 | 68 | resource "azurerm_app_service" "api_app" { 69 | app_service_plan_id = azurerm_app_service_plan.app_service_plan.id 70 | location = var.region 71 | name = "${var.api_app_name}-${random_string.random_suffix.result}" 72 | resource_group_name = var.rg_name 73 | depends_on = [azurerm_storage_account.web_apps_logs] 74 | 75 | site_config { 76 | dotnet_framework_version = var.app_runtime_version 77 | always_on = true 78 | default_documents = [ 79 | "Default.htm", 80 | "Default.html", 81 | "hostingstart.html" 82 | ] 83 | } 84 | 85 | #This should be added later, beacause sas url can't generated from azurerm module 86 | logs { 87 | application_logs { 88 | azure_blob_storage { 89 | level = "Error" 90 | retention_in_days = 180 91 | sas_url = data.azurerm_storage_account_sas.storage_sas.connection_string 92 | } 93 | } 94 | http_logs { 95 | azure_blob_storage { 96 | retention_in_days = 180 97 | sas_url = data.azurerm_storage_account_sas.storage_sas.connection_string 98 | } 99 | } 100 | } 101 | 102 | 103 | app_settings = { 104 | "SqlConnectionString" = "Server=tcp:${var.sql_server_fqdn},1433;Initial Catalog=${var.sql_db_name};Persist Security Info=False;User ID=${var.sql_server_username};Password=${var.sql_server_password};MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;" 105 | } 106 | 107 | tags = { 108 | env = "Prod" 109 | } 110 | } 111 | 112 | resource "azurerm_storage_account" "web_apps_logs" { 113 | account_replication_type = "LRS" 114 | account_tier = "Standard" 115 | location = var.region 116 | name = "weapplogs${random_string.random_suffix.result}" 117 | resource_group_name = var.rg_name 118 | 119 | tags = { 120 | env = "Prod" 121 | } 122 | 123 | } 124 | 125 | data "azurerm_storage_account_sas" "storage_sas" { 126 | depends_on = [azurerm_storage_account.web_apps_logs] 127 | connection_string = azurerm_storage_account.web_apps_logs.primary_blob_connection_string 128 | expiry = "2020-07-19T00:00:00Z" 129 | start = "2100-07-19T00:00:00Z" 130 | permissions { 131 | add = true 132 | create = true 133 | delete = true 134 | list = true 135 | process = true 136 | read = true 137 | update = true 138 | write = true 139 | } 140 | resource_types { 141 | container = true 142 | object = true 143 | service = false 144 | } 145 | services { 146 | blob = true 147 | file = false 148 | queue = false 149 | table = false 150 | } 151 | } -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/app_service/output.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kasunsjc/terraform-templates/9c16af26ba08fed9998895d25bafd005bd136924/Azure/201-App-Service-Azure-SQL/app_service/output.tf -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/app_service/variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | description = "Location of the App Service Plan" 3 | } 4 | 5 | variable "app_service_plan_name" { 6 | description = "Name of the App Service Plan" 7 | } 8 | 9 | variable "rg_name" { 10 | description = "Resource Group Name" 11 | } 12 | 13 | variable "app_service_plan_sku" { 14 | description = "SKU of the App Service Plan (Basic,Standard,Premium)" 15 | } 16 | 17 | variable "app_service_plan_size" { 18 | description = "Size of the App Service Plan (S1,S2 etc)" 19 | } 20 | 21 | variable "web_app_name" { 22 | description = "Front end Web App Name" 23 | } 24 | 25 | variable "app_runtime_version" { 26 | description = "Application Runtime Version .Net, Java or PHP" 27 | } 28 | 29 | variable "api_app_name" { 30 | description = "API Application for the .Net App" 31 | } 32 | 33 | variable "sql_server_fqdn" { 34 | description = "FQDN of the SQL server" 35 | } 36 | 37 | variable "sql_db_name" { 38 | description = "SQL DB Name" 39 | } 40 | 41 | variable "sql_server_username" { 42 | description = "SQL Server Username" 43 | } 44 | 45 | variable "sql_server_password" { 46 | description = "SQL Server Password" 47 | } 48 | -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/azure_sql/main.tf: -------------------------------------------------------------------------------- 1 | provider "azurerm" { 2 | features {} 3 | } 4 | resource "random_string" "random_suffix" { 5 | length = 5 6 | special = false 7 | number = false 8 | upper = false 9 | } 10 | 11 | # Provision Azure SQL DB server instance 12 | resource "azurerm_sql_server" "webapp_sqlserver" { 13 | name = "${var.sql_svr_name}-sqlserver" 14 | location = var.region 15 | resource_group_name = var.rg_name 16 | version = "12.0" 17 | administrator_login = var.sql_master_username 18 | administrator_login_password = var.sql_master_password 19 | 20 | tags = { 21 | env = "Prod" 22 | } 23 | } 24 | 25 | # Provision the Azure SQL Database (products database) 26 | resource "azurerm_sql_database" "webapp_sqldb" { 27 | name = "${var.sqldb_name}-sqldb" 28 | location = var.region 29 | resource_group_name = var.rg_name 30 | server_name = "${azurerm_sql_server.webapp_sqlserver.name}" 31 | edition = var.sqldb_edition 32 | requested_service_objective_name = "S0" 33 | 34 | extended_auditing_policy { 35 | storage_account_access_key = azurerm_storage_account.sql_auditing_sa.primary_access_key 36 | storage_endpoint = azurerm_storage_account.sql_auditing_sa.primary_blob_endpoint 37 | storage_account_access_key_is_secondary = true 38 | retention_in_days = 60 39 | } 40 | 41 | tags = { 42 | env = "Prod" 43 | } 44 | 45 | } 46 | 47 | resource "azurerm_sql_firewall_rule" "sql_svr_firewall" { 48 | name = "${var.sql_svr_name}-sqlfirewall" 49 | resource_group_name = var.rg_name 50 | server_name = azurerm_sql_server.webapp_sqlserver.name 51 | start_ip_address = "0.0.0.0" #Dont put in production env 52 | end_ip_address = "0.0.0.0" #Dont put in production env 53 | } 54 | 55 | resource "azurerm_storage_account" "sql_auditing_sa" { 56 | name = "sqlauditlog${random_string.random_suffix.result}" 57 | resource_group_name = var.rg_name 58 | location = var.region 59 | account_tier = "Standard" 60 | account_replication_type = "LRS" 61 | 62 | tags = { 63 | env = "Prod" 64 | } 65 | 66 | } 67 | -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/azure_sql/output.tf: -------------------------------------------------------------------------------- 1 | output "sql_server_fqdn" { 2 | value = azurerm_sql_server.webapp_sqlserver.fully_qualified_domain_name 3 | } 4 | 5 | output "sql_db_name" { 6 | value = azurerm_sql_database.webapp_sqldb.name 7 | } 8 | 9 | output "sql_server_username" { 10 | value = azurerm_sql_server.webapp_sqlserver.administrator_login 11 | } 12 | 13 | output "sql_server_password" { 14 | value = azurerm_sql_server.webapp_sqlserver.administrator_login_password 15 | } -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/azure_sql/variables.tf: -------------------------------------------------------------------------------- 1 | variable "sql_svr_name" { 2 | description = "SQL Server Name" 3 | } 4 | variable "rg_name" { 5 | description = "Resource Group Name" 6 | } 7 | 8 | variable "region" { 9 | description = "Location of the App Service Plan" 10 | } 11 | 12 | variable "sql_master_username" { 13 | description = "Master Username for SQl server" 14 | } 15 | 16 | variable "sql_master_password" { 17 | description = "Master password for SQL Server" 18 | } 19 | 20 | variable "sqldb_name" { 21 | description = "SQL Database name" 22 | } 23 | 24 | variable "sqldb_edition" { 25 | description = "SQL DB edition (Standard, Primium)" 26 | } -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/logging-monitoring/main.tf: -------------------------------------------------------------------------------- 1 | provider "azurerm" { 2 | features {} 3 | } 4 | resource "random_string" "random_suffix" { 5 | length = 5 6 | special = false 7 | number = false 8 | upper = false 9 | } 10 | 11 | resource "azurerm_log_analytics_workspace" "web_app_loganalytics" { 12 | location = var.region 13 | name = var.log_analytics_workspace_name 14 | resource_group_name = var.rg_name 15 | sku = var.log_analytics_sku 16 | } 17 | 18 | resource "azurerm_application_insights" "web_app_app_insights" { 19 | name = "${var.app_insights}-${random_string.random_suffix.result}" 20 | location = var.region 21 | resource_group_name = var.rg_name 22 | application_type = "web" 23 | retention_in_days = "30" 24 | } 25 | -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/logging-monitoring/output.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/kasunsjc/terraform-templates/9c16af26ba08fed9998895d25bafd005bd136924/Azure/201-App-Service-Azure-SQL/logging-monitoring/output.tf -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/logging-monitoring/variables.tf: -------------------------------------------------------------------------------- 1 | variable "rg_name" { 2 | description = "Resource Group Name" 3 | } 4 | 5 | variable "region" { 6 | description = "Location of the App Service Plan" 7 | } 8 | 9 | variable "log_analytics_workspace_name" { 10 | description = "Log Analytics workspace name" 11 | } 12 | 13 | variable "log_analytics_sku" { 14 | description = "SKU of the log analytics workspace" 15 | } 16 | 17 | variable "app_insights" { 18 | description = "Application insights" 19 | } -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/main.tf: -------------------------------------------------------------------------------- 1 | provider "azurerm" { 2 | features {} 3 | } 4 | 5 | resource "azurerm_resource_group" "rg_name" { 6 | location = var.region 7 | name = "${var.rg_name}-rg" 8 | } 9 | 10 | 11 | module "app_service" { 12 | source = "./app_service" 13 | app_service_plan_name = var.app_service_plan_name 14 | app_service_plan_size = var.app_service_plan_size 15 | app_service_plan_sku = var.app_service_plan_sku 16 | region = var.region 17 | web_app_name = var.web_app_name 18 | api_app_name = var.api_app_name 19 | app_runtime_version = var.app_runtime_version 20 | rg_name = azurerm_resource_group.rg_name.name 21 | sql_db_name = module.sql_server.sql_db_name 22 | sql_server_fqdn = module.sql_server.sql_server_fqdn 23 | sql_server_password = module.sql_server.sql_server_password 24 | sql_server_username = module.sql_server.sql_server_username 25 | } 26 | 27 | module "sql_server" { 28 | source = "./azure_sql" 29 | sql_svr_name = var.sql_svr_name 30 | rg_name = azurerm_resource_group.rg_name.name 31 | region = var.region 32 | sql_master_password = var.sql_master_password 33 | sql_master_username = var.sql_master_username 34 | sqldb_name = var.sqldb_name 35 | sqldb_edition = var.sqldb_edition 36 | } 37 | 38 | module "monitoring_logging" { 39 | source = "./logging-monitoring" 40 | app_insights = var.app_insights 41 | log_analytics_sku = var.log_analytics_sku 42 | log_analytics_workspace_name = var.log_analytics_workspace_name 43 | region = var.region 44 | rg_name = azurerm_resource_group.rg_name.name 45 | } -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/output.tf: -------------------------------------------------------------------------------- 1 | output "rg_name" { 2 | value = azurerm_resource_group.rg_name.name 3 | } 4 | 5 | output "sql_db_name" { 6 | value = module.sql_server.sql_db_name 7 | } 8 | 9 | output "sql_server_username" { 10 | value = module.sql_server.sql_server_fqdn 11 | } -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/variables.tf: -------------------------------------------------------------------------------- 1 | #Globle Variables 2 | variable "region" { 3 | default = "East US" 4 | description = "Location of the Deployment" 5 | } 6 | 7 | variable "rg_name" { 8 | default = "app-service" 9 | } 10 | 11 | #App Service Variables 12 | variable "app_service_plan_name" { 13 | default = "app-service-test" 14 | description = "Name of the APp Service Plan" 15 | } 16 | 17 | variable "app_service_plan_sku" { 18 | default = "Standard" 19 | description = "SKU of the App Service Plan (Basic,Standard,Premium)" 20 | } 21 | 22 | variable "app_service_plan_size" { 23 | default = "S1" 24 | description = "Size of the App Service Plan (S1,S2 etc)" 25 | } 26 | 27 | variable "web_app_name" { 28 | default = "web-app-kasun" 29 | description = "Front end Web App Name" 30 | } 31 | 32 | variable "app_runtime_version" { 33 | default = "v4.0" 34 | description = "Application Runtime Version .Net, Java or PHP" 35 | } 36 | 37 | variable "api_app_name" { 38 | default = "v4.0" 39 | description = "API Application Name" 40 | } 41 | 42 | #SQL Server Variables 43 | variable "sql_svr_name" { 44 | default = "consultant" 45 | description = "SQL Server Name" 46 | } 47 | 48 | variable "sql_master_username" { 49 | default = "sqladmin" 50 | description = "Master Username for SQl server" 51 | } 52 | 53 | variable "sql_master_password" { 54 | default = "abc@12345" 55 | description = "Master password for SQL Server" 56 | } 57 | 58 | variable "sqldb_name" { 59 | default = "consultant" 60 | description = "SQL Database name" 61 | } 62 | 63 | variable "sqldb_edition" { 64 | description = "SQL DB edition (Standard, Primium)" 65 | } 66 | 67 | #Logging and monitoring Variables 68 | 69 | variable "log_analytics_workspace_name" { 70 | description = "Log Analytics workspace name" 71 | } 72 | 73 | variable "log_analytics_sku" { 74 | description = "SKU of the log analytics workspace" 75 | default = "Free" 76 | } 77 | 78 | variable "app_insights" { 79 | description = "Application insights" 80 | } -------------------------------------------------------------------------------- /Azure/201-App-Service-Azure-SQL/variables.tfvars: -------------------------------------------------------------------------------- 1 | region = "Canada Central" 2 | rg_name = "consultant" 3 | app_service_plan_size = "Standard" 4 | app_service_plan_sku = "S1" 5 | app_runtime_version = "v4.0" 6 | app_service_plan_name = "consultant" 7 | web_app_name = "web-front-kasun" 8 | api_app_name = "api-back-kasun" 9 | sql_svr_name = "consultant" 10 | sqldb_name = "consultant" 11 | sql_master_username = "sqladmin" 12 | sql_master_password = "abc@12345" 13 | sqldb_edition = "Standard" 14 | log_analytics_workspace_name = "consultant-kasun" 15 | log_analytics_sku = "Free" 16 | app_insights = "consultantapp" -------------------------------------------------------------------------------- /Azure/201-AzureVM-Extensions/main.tf: -------------------------------------------------------------------------------- 1 | /* 2 | *Author - Kasun Rajapakse 3 | *Subject - VM with Extensions 4 | *Language - HCL 5 | ! Last Modify Date - Sep 29 2019 6 | ! Disclaimer- LEGAL DISCLAIMER 7 | This Sample Code is provided for the purpose of illustration only and is not 8 | intended to be used in a production environment. THIS SAMPLE CODE AND ANY 9 | RELATED INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER 10 | EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF 11 | MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE. We grant You a 12 | nonexclusive, royalty-free right to use and modify the Sample Code and to 13 | reproduce and distribute the object code form of the Sample Code, provided 14 | that You agree: (i) to not use Our name, logo, or trademarks to market Your 15 | software product in which the Sample Code is embedded; (ii) to include a valid 16 | copyright notice on Your software product in which the Sample Code is embedded; 17 | and (iii) to indemnify, hold harmless, and defend Us and Our suppliers from and 18 | against any claims or lawsuits, including attorneys’ fees, that arise or result 19 | from the use or distribution of the Sample Code. 20 | */ 21 | 22 | #Provider 23 | 24 | provider "azurerm" { 25 | 26 | } 27 | 28 | #Create Resource Group 29 | resource "azurerm_resource_group" "AzureVMRG" { 30 | name = "${var.rg-name}" 31 | location = "${var.location}" 32 | 33 | tags = { 34 | Deployed = "Terrraform" 35 | } 36 | } 37 | 38 | #Create Virtual Network 39 | resource "azurerm_virtual_network" "VMvnet" { 40 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 41 | location = "${azurerm_resource_group.AzureVMRG.location}" 42 | address_space = ["${var.vnet_cidr}"] 43 | name = "${var.network_name}" 44 | tags = { 45 | Deployed = "Terrraform" 46 | } 47 | } 48 | 49 | #Subnets 50 | resource "azurerm_subnet" "VMvnet_subnet" { 51 | name = "${var.subnet_name}" 52 | address_prefix = "${var.subnet_cidr}" 53 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 54 | virtual_network_name = "${azurerm_virtual_network.VMvnet.name}" 55 | } 56 | 57 | #Public IP 58 | resource "azurerm_public_ip" "public_ip" { 59 | name = "${var.prefix}-TFPIP" 60 | location = "${azurerm_resource_group.AzureVMRG.location}" 61 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 62 | allocation_method = "Dynamic" 63 | tags = { 64 | Deployed = "Terrraform" 65 | } 66 | 67 | } 68 | 69 | #NSG 70 | resource "azurerm_network_security_group" "nsg" { 71 | name = "${var.prefix}-NSG" 72 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 73 | location = "${azurerm_resource_group.AzureVMRG.location}" 74 | tags = { 75 | Deployed = "Terrraform" 76 | } 77 | 78 | security_rule { 79 | name = "RDP" 80 | priority = 1000 81 | direction = "inbound" 82 | access = "Allow" 83 | protocol = "Tcp" 84 | source_port_range = "*" 85 | destination_port_range = "3389" 86 | source_address_prefix = "*" 87 | destination_address_prefix = "*" 88 | } 89 | } 90 | 91 | #VM NIC 92 | resource "azurerm_network_interface" "nic" { 93 | name = "${var.prefix}-nic" 94 | location = "${azurerm_resource_group.AzureVMRG.location}" 95 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 96 | network_security_group_id = "${azurerm_network_security_group.nsg.id}" 97 | tags = { 98 | Deployed = "Terrraform" 99 | } 100 | ip_configuration { 101 | name = "${var.prefix}-nic-config" 102 | subnet_id = "${azurerm_subnet.VMvnet_subnet.id}" 103 | private_ip_address_allocation = "Dynamic" 104 | public_ip_address_id = "${azurerm_public_ip.public_ip.id}" 105 | } 106 | } 107 | 108 | #Windows VM 109 | resource "azurerm_virtual_machine" "vm" { 110 | name = "${var.vmname}" 111 | network_interface_ids = ["${azurerm_network_interface.nic.id}"] 112 | location = "${azurerm_resource_group.AzureVMRG.location}" 113 | vm_size = "${var.vmsize}" 114 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 115 | delete_data_disks_on_termination = true 116 | 117 | storage_os_disk { 118 | name = "${var.vmname}-OSdisk" 119 | caching = "ReadWrite" 120 | create_option = "FromImage" 121 | managed_disk_type = "Standard_LRS" 122 | } 123 | 124 | storage_image_reference { 125 | publisher = "${var.publisher}" 126 | offer = "${var.offer}" 127 | sku = "${var.sku}" 128 | version = "${var.osversion}" 129 | } 130 | 131 | os_profile { 132 | computer_name = "${var.computerName}" 133 | admin_username = "localadmin" 134 | admin_password = "${var.adminpassword}" 135 | } 136 | 137 | os_profile_windows_config { 138 | provision_vm_agent = true 139 | } 140 | } 141 | 142 | #VM Extension 143 | resource "azurerm_virtual_machine_extension" "antimalware" { 144 | name = "IaaSAntimalware" 145 | location = "${azurerm_resource_group.AzureVMRG.location}" 146 | resource_group_name = "${azurerm_resource_group.AzureVMRG.name}" 147 | virtual_machine_name = "${azurerm_virtual_machine.vm.name}" 148 | publisher = "Microsoft.Azure.Security" 149 | type = "IaaSAntimalware" 150 | type_handler_version = "1.1" 151 | auto_upgrade_minor_version = "true" 152 | 153 | settings = <