Skip to content

Instantly share code, notes, and snippets.

@adenosinew

adenosinew/joinDomain.tf

Last active February 20, 2024 23:57
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save adenosinew/30a6a9382a1a7511808fe24f4a782ecf to your computer and use it in GitHub Desktop.
Save adenosinew/30a6a9382a1a7511808fe24f4a782ecf to your computer and use it in GitHub Desktop.
Download ZIP
[Terrafrom Variables] Work with Terraform variables #terraform #devops
Raw
joinDomain.tf
resource "aws_ssm_document" "windows_2012" {
name = "Windows_2012_Domain_Join"
document_type = "Command"
content = <<DOC
{
"schemaVersion":"2.0",
"description":"Run a PowerShell script to securely domain-join a Windows instance",
"mainSteps":[
{
"action":"aws:runPowerShellScript",
"name":"runPowerShellWithSecureString",
"inputs":{
"runCommand":[
"$ipdns = (Get-SSMParameterValue -Name /domain/dns_ip).Parameters[0].Value\n",
"$domain = (Get-SSMParameterValue -Name /domain/name).Parameters[0].Value\n",
"$ouPath = (Get-SSMParameterValue -Name /domain/ou_path).Parameters[0].Value\n",
"$username = (Get-SSMParameterValue -Name /domain/username).Parameters[0].Value\n",
"$domain_username = \"$domain\\$username\"\n",
"$password = (Get-SSMParameterValue -Name /domain/password -WithDecryption $True).Parameters[0].Value | ConvertTo-SecureString -asPlainText -Force\n",
"$credential = New-Object System.Management.Automation.PSCredential($domain_username,$password)\n",
"Set-DnsClientServerAddress \"Ethernet 2\" -ServerAddresses ($ipdns)\n",
"Add-Computer -DomainName $domain -OUPath \"$ouPath\" -Credential $credential\n",
"Restart-Computer -Force"
]
}
}
]
}
DOC
}
resource "aws_ssm_document" "windows_2016" {
name = "Windows_2016_Domain_Join"
document_type = "Command"
content = <<DOC
{
"schemaVersion":"2.0",
"description":"Run a PowerShell script to securely domain-join a Windows instance",
"mainSteps":[
{
"action":"aws:runPowerShellScript",
"name":"runPowerShellWithSecureString",
"inputs":{
"runCommand":[
"$ipdns = (Get-SSMParameterValue -Name /domain/dns_ip).Parameters[0].Value\n",
"$domain = (Get-SSMParameterValue -Name /domain/name).Parameters[0].Value\n",
"$ouPath = (Get-SSMParameterValue -Name /domain/ou_path).Parameters[0].Value\n",
"$username = (Get-SSMParameterValue -Name /domain/username).Parameters[0].Value\n",
"$domain_username = \"$domain\\$username\"\n",
"echo $domain_username\n",
"$password = (Get-SSMParameterValue -Name /domain/password -WithDecryption $True).Parameters[0].Value | ConvertTo-SecureString -asPlainText -Force\n",
"$credential = New-Object System.Management.Automation.PSCredential($domain_username,$password)\n",
"Set-DnsClientServerAddress \"Ethernet\" -ServerAddresses $ipdns\n",
"Add-Computer -DomainName $domain -OUPath \"$ouPath\" -Credential $credential\n",
"Restart-Computer -Force"
]
}
}
]
}
DOC
}
Raw
terraformApplyWithVar.sh
terraform plan -var-file="secret.tfvars" -var-file="production.tfvars"
terraform apply -var-file="secret.tfvars" -var-file="production.tfvars"
terraform destroy -var-file="secret.tfvars" -var-file="production.tfvars"
Raw
variables.tf
# Define Variables
variable "access_key" {}
variable "secret_key" {}
variable "region" {
default = "us-east-1"
}
# Use Variables
provider "aws" {
access_key = "${var.access_key}"
secret_key = "${var.secret_key}"
region = "${var.region}"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment