devops-school/Terraform-Code-Azure-Linux-provisioner.tf

## Terraform-Code-Azure-Linux-provisioner.tf
# Create a resource group if it doesn't exist
resource "azurerm_resource_group" "myterraformgroup" {
    name     = "myResourceGroup"
    location = "eastus"

    tags = {
        environment = "Terraform Demo"
    }
}

# Create virtual network
resource "azurerm_virtual_network" "myterraformnetwork" {
    name                = "myVnet"
    address_space       = ["10.0.0.0/16"]
    location            = "eastus"
    resource_group_name = azurerm_resource_group.myterraformgroup.name

    tags = {
        environment = "Terraform Demo"
    }
}

# Create subnet
resource "azurerm_subnet" "myterraformsubnet" {
    name                 = "mySubnet"
    resource_group_name  = azurerm_resource_group.myterraformgroup.name
    virtual_network_name = azurerm_virtual_network.myterraformnetwork.name
    address_prefixes       = ["10.0.1.0/24"]
}

# Create public IPs
resource "azurerm_public_ip" "myterraformpublicip" {
    name                         = "myPublicIP"
    location                     = "eastus"
    resource_group_name          = azurerm_resource_group.myterraformgroup.name
    allocation_method            = "Dynamic"

    tags = {
        environment = "Terraform Demo"
    }
}

# Create Network Security Group and rule
resource "azurerm_network_security_group" "myterraformnsg" {
    name                = "myNetworkSecurityGroup"
    location            = "eastus"
    resource_group_name = azurerm_resource_group.myterraformgroup.name

    security_rule {
        name                       = "SSH"
        priority                   = 1001
        direction                  = "Inbound"
        access                     = "Allow"
        protocol                   = "Tcp"
        source_port_range          = "*"
        destination_port_range     = "22"
        source_address_prefix      = "*"
        destination_address_prefix = "*"
    }

    tags = {
        environment = "Terraform Demo"
    }
}

# Create network interface
resource "azurerm_network_interface" "myterraformnic" {
    name                      = "myNIC"
    location                  = "eastus"
    resource_group_name       = azurerm_resource_group.myterraformgroup.name

    ip_configuration {
        name                          = "myNicConfiguration"
        subnet_id                     = azurerm_subnet.myterraformsubnet.id
        private_ip_address_allocation = "Dynamic"
        public_ip_address_id          = azurerm_public_ip.myterraformpublicip.id
    }

    tags = {
        environment = "Terraform Demo"
    }
}

# Connect the security group to the network interface
resource "azurerm_network_interface_security_group_association" "example" {
    network_interface_id      = azurerm_network_interface.myterraformnic.id
    network_security_group_id = azurerm_network_security_group.myterraformnsg.id
}

# Generate random text for a unique storage account name
resource "random_id" "randomId" {
    keepers = {
        # Generate a new ID only when a new resource group is defined
        resource_group = azurerm_resource_group.myterraformgroup.name
    }

    byte_length = 8
}

# Create storage account for boot diagnostics
resource "azurerm_storage_account" "mystorageaccount" {
    name                        = "diag${random_id.randomId.hex}"
    resource_group_name         = azurerm_resource_group.myterraformgroup.name
    location                    = "eastus"
    account_tier                = "Standard"
    account_replication_type    = "LRS"

    tags = {
        environment = "Terraform Demo"
    }
}

# Create (and display) an SSH key
resource "tls_private_key" "example_ssh" {
  algorithm = "RSA"
  rsa_bits = 4096
}
output "tls_private_key" {
    value = tls_private_key.example_ssh.private_key_pem
    sensitive = true
}

# Create virtual machine
resource "azurerm_linux_virtual_machine" "myterraformvm" {
    name                  = "myVM"
    location              = "eastus"
    resource_group_name   = azurerm_resource_group.myterraformgroup.name
    network_interface_ids = [azurerm_network_interface.myterraformnic.id]
    size                  = "Standard_DS1_v2"

    os_disk {
        name              = "myOsDisk"
        caching           = "ReadWrite"
        storage_account_type = "Premium_LRS"
    }

    source_image_reference {
        publisher = "Canonical"
        offer     = "UbuntuServer"
        sku       = "18.04-LTS"
        version   = "latest"
    }

    computer_name  = "myvm"
    admin_username = "azureuser"
    disable_password_authentication = true

    admin_ssh_key {
        username       = "azureuser"
        public_key     = file("~/.ssh/id_rsa.pub")
    }

    boot_diagnostics {
        storage_account_uri = azurerm_storage_account.mystorageaccount.primary_blob_endpoint
    }

    tags = {
        environment = "Terraform Demo"
    }

	connection {
        host = self.public_ip_address
        user = "azureuser"
        type = "ssh"
        private_key = "${file("~/.ssh/id_rsa")}"
        timeout = "4m"
        agent = false
    }

	provisioner "file" {
        source = "example_file.txt"
        destination = "/tmp/example_file.txt"
    }

    provisioner "remote-exec" {
        inline = [
          "sudo apt-get update",
          "sudo apt-get install docker.io -y",
          "git clone https://github.com/devopsschool-training-notes/terraform-ey-june-2021",
          "sudo docker run -d -p 80:80 httpd"
        ]
    }

	provisioner "local-exec" {
    command = "deploy.bat"
	}
}

## Terraform-Code-Azure-Windows-provisioner.tf
  provisioner "remote-exec" {
    command = "C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\InitializeInstance.ps1 -Schedule",
    interpreter = ["PowerShell"]
    connection {
      type     = "winrm"
      user     = "Administrator"
      password = "${var.admin_password}"
    }
  }

# Example of using a userdata file in Terraform
# <powershell>
#  C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\InitializeInstance.ps1 -Schedule
# </powershell>

resource "aws_instance" "my-test-instance" {
  ami             = "${data.aws_ami.ec2-worker-initial-encrypted-ami.id}"
  instance_type   = "t2.micro"

  tags {
    Name = "my-test-instance"
  }

  user_data = "${file(userdata.txt)}"
}


provisioner "remote-exec" {
    connection {
      type     = "winrm"
      user     = "Administrator"
      password = "${var.admin_password}"
    }

inline = [
         "powershell -ExecutionPolicy Unrestricted -File C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\InitializeInstance.ps1 -Schedule"
        ]
      }

  provisioner "file" {
    source      = "${path.module}/some_path"
    destination = "C:/some_path"

    connection {
      host = "${azurerm_network_interface.vm_nic.private_ip_address}"
      timeout  = "3m"
      type     = "winrm"
      https    = true
      port     = 5986
      use_ntlm = true
      insecure = true

      #cacert = "${azurerm_key_vault_certificate.vm_cert.certificate_data}"
      user     = var.admin_username
      password = var.admin_password
    }
  }
	# Create a resource group if it doesn't exist
	resource "azurerm_resource_group" "myterraformgroup" {
	name = "myResourceGroup"
	location = "eastus"

	tags = {
	environment = "Terraform Demo"
	}
	}

	# Create virtual network
	resource "azurerm_virtual_network" "myterraformnetwork" {
	name = "myVnet"
	address_space = ["10.0.0.0/16"]
	location = "eastus"
	resource_group_name = azurerm_resource_group.myterraformgroup.name

	tags = {
	environment = "Terraform Demo"
	}
	}

	# Create subnet
	resource "azurerm_subnet" "myterraformsubnet" {
	name = "mySubnet"
	resource_group_name = azurerm_resource_group.myterraformgroup.name
	virtual_network_name = azurerm_virtual_network.myterraformnetwork.name
	address_prefixes = ["10.0.1.0/24"]
	}

	# Create public IPs
	resource "azurerm_public_ip" "myterraformpublicip" {
	name = "myPublicIP"
	location = "eastus"
	resource_group_name = azurerm_resource_group.myterraformgroup.name
	allocation_method = "Dynamic"

	tags = {
	environment = "Terraform Demo"
	}
	}

	# Create Network Security Group and rule
	resource "azurerm_network_security_group" "myterraformnsg" {
	name = "myNetworkSecurityGroup"
	location = "eastus"
	resource_group_name = azurerm_resource_group.myterraformgroup.name

	security_rule {
	name = "SSH"
	priority = 1001
	direction = "Inbound"
	access = "Allow"
	protocol = "Tcp"
	source_port_range = "*"
	destination_port_range = "22"
	source_address_prefix = "*"
	destination_address_prefix = "*"
	}

	tags = {
	environment = "Terraform Demo"
	}
	}

	# Create network interface
	resource "azurerm_network_interface" "myterraformnic" {
	name = "myNIC"
	location = "eastus"
	resource_group_name = azurerm_resource_group.myterraformgroup.name

	ip_configuration {
	name = "myNicConfiguration"
	subnet_id = azurerm_subnet.myterraformsubnet.id
	private_ip_address_allocation = "Dynamic"
	public_ip_address_id = azurerm_public_ip.myterraformpublicip.id
	}

	tags = {
	environment = "Terraform Demo"
	}
	}

	# Connect the security group to the network interface
	resource "azurerm_network_interface_security_group_association" "example" {
	network_interface_id = azurerm_network_interface.myterraformnic.id
	network_security_group_id = azurerm_network_security_group.myterraformnsg.id
	}

	# Generate random text for a unique storage account name
	resource "random_id" "randomId" {
	keepers = {
	# Generate a new ID only when a new resource group is defined
	resource_group = azurerm_resource_group.myterraformgroup.name
	}

	byte_length = 8
	}

	# Create storage account for boot diagnostics
	resource "azurerm_storage_account" "mystorageaccount" {
	name = "diag${random_id.randomId.hex}"
	resource_group_name = azurerm_resource_group.myterraformgroup.name
	location = "eastus"
	account_tier = "Standard"
	account_replication_type = "LRS"

	tags = {
	environment = "Terraform Demo"
	}
	}

	# Create (and display) an SSH key
	resource "tls_private_key" "example_ssh" {
	algorithm = "RSA"
	rsa_bits = 4096
	}
	output "tls_private_key" {
	value = tls_private_key.example_ssh.private_key_pem
	sensitive = true
	}

	# Create virtual machine
	resource "azurerm_linux_virtual_machine" "myterraformvm" {
	name = "myVM"
	location = "eastus"
	resource_group_name = azurerm_resource_group.myterraformgroup.name
	network_interface_ids = [azurerm_network_interface.myterraformnic.id]
	size = "Standard_DS1_v2"

	os_disk {
	name = "myOsDisk"
	caching = "ReadWrite"
	storage_account_type = "Premium_LRS"
	}

	source_image_reference {
	publisher = "Canonical"
	offer = "UbuntuServer"
	sku = "18.04-LTS"
	version = "latest"
	}

	computer_name = "myvm"
	admin_username = "azureuser"
	disable_password_authentication = true

	admin_ssh_key {
	username = "azureuser"
	public_key = file("~/.ssh/id_rsa.pub")
	}

	boot_diagnostics {
	storage_account_uri = azurerm_storage_account.mystorageaccount.primary_blob_endpoint
	}

	tags = {
	environment = "Terraform Demo"
	}

	connection {
	host = self.public_ip_address
	user = "azureuser"
	type = "ssh"
	private_key = "${file("~/.ssh/id_rsa")}"
	timeout = "4m"
	agent = false
	}

	provisioner "file" {
	source = "example_file.txt"
	destination = "/tmp/example_file.txt"
	}

	provisioner "remote-exec" {
	inline = [
	"sudo apt-get update",
	"sudo apt-get install docker.io -y",
	"git clone https://github.com/devopsschool-training-notes/terraform-ey-june-2021",
	"sudo docker run -d -p 80:80 httpd"
	]
	}

	provisioner "local-exec" {
	command = "deploy.bat"
	}
	}
	provisioner "remote-exec" {
	command = "C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\InitializeInstance.ps1 -Schedule",
	interpreter = ["PowerShell"]
	connection {
	type = "winrm"
	user = "Administrator"
	password = "${var.admin_password}"
	}
	}

	# Example of using a userdata file in Terraform
	# <powershell>
	# C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\InitializeInstance.ps1 -Schedule
	# </powershell>

	resource "aws_instance" "my-test-instance" {
	ami = "${data.aws_ami.ec2-worker-initial-encrypted-ami.id}"
	instance_type = "t2.micro"

	tags {
	Name = "my-test-instance"
	}

	user_data = "${file(userdata.txt)}"
	}



	provisioner "remote-exec" {
	connection {
	type = "winrm"
	user = "Administrator"
	password = "${var.admin_password}"
	}

	inline = [
	"powershell -ExecutionPolicy Unrestricted -File C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\InitializeInstance.ps1 -Schedule"
	]
	}

	provisioner "file" {
	source = "${path.module}/some_path"
	destination = "C:/some_path"

	connection {
	host = "${azurerm_network_interface.vm_nic.private_ip_address}"
	timeout = "3m"
	type = "winrm"
	https = true
	port = 5986
	use_ntlm = true
	insecure = true

	#cacert = "${azurerm_key_vault_certificate.vm_cert.certificate_data}"
	user = var.admin_username
	password = var.admin_password
	}
	}