Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Terraform: Revoke BIG-IP License from BIG-IQ
# NOTE: This is a snipit of code and not a complete terraform file
# Assumes BIG-IQ information is stored in an Azure Key Vault
# Get BIG-IQ Information
data "azurerm_key_vault_secret" "bigiq_host" {
name = "bigiq-host"
key_vault_id = "${data.azurerm_key_vault.vault.id}"
}
data "azurerm_key_vault_secret" "bigiq_user" {
name = "bigiq-user"
key_vault_id = "${data.azurerm_key_vault.vault.id}"
}
data "azurerm_key_vault_secret" "bigiq_password" {
name = "bigiq-password"
key_vault_id = "${data.azurerm_key_vault.vault.id}"
}
# Revoke license
resource "null_resource" "revoke_license" {
count = "${var.bigip_count}"
provisioner "local-exec" {
command = <<-EOF
token=$(curl -k -X POST https://${data.azurerm_key_vault_secret.bigiq_host.value}:443/mgmt/shared/authn/login \
-H "Content-Type: application/json" \
-d "{\"username\": \"${data.azurerm_key_vault_secret.bigiq_user.value}\", \"password\": \"${data.azurerm_key_vault_secret.bigiq_password.value}\", \"loginProviderName\": \"tmos\"}" | jq -r ".token.token")
mac=${azurerm_network_interface.mgmt.*.mac_address[count.index]}
formated_mac="$${mac//-/:}"
curl -v -k -X POST https://${data.azurerm_key_vault_secret.bigiq_host.value}:443/mgmt/cm/device/tasks/licensing/pool/member-management \
--retry 60 \
--retry-connrefused \
--retry-delay 120 \
-H "Content-Type: application/json" \
-H "X-F5-Auth-Token: '$${token}'" \
-d "{\"licensePoolName\": \"${var.license_pool}\", \"command\": \"revoke\", \"address\": \"${azurerm_network_interface.mgmt.*.private_ip_address[count.index]}\", \"assignmentType\": \"UNREACHABLE\", \"macAddress\": \"$${formated_mac}\", \"hypervisor\": \"azure\"}"
EOF
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment