Created
August 23, 2022 13:09
-
-
Save rtrentin73/68c067af47e46c66c652594f3bbccf57 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
resource "azurerm_resource_group" "central-app-vm1-rg" { | |
name = "central-app-vm1-rg" | |
location = var.region-a | |
} | |
resource "azurerm_public_ip" "central-app-vm1-pip" { | |
name = "central-app-vm1-pip" | |
resource_group_name = azurerm_resource_group.central-app-vm1-rg.name | |
location = var.region-a | |
allocation_method = "Static" | |
sku = "Standard" | |
} | |
resource "azurerm_network_interface" "central-app-vm1-nic" { | |
name = "central-app-vm1-nic" | |
location = var.region-a | |
resource_group_name = azurerm_resource_group.central-app-vm1-rg.name | |
ip_configuration { | |
name = "primary" | |
subnet_id = module.app-spoke-central.vpc.public_subnets[1].subnet_id | |
private_ip_address_allocation = "Dynamic" | |
public_ip_address_id = azurerm_public_ip.central-app-vm1-pip.id | |
} | |
} | |
resource "azurerm_network_security_group" "central-app-vm1-nsg" { | |
name = "central-app-vm1-nsg" | |
location = var.region-a | |
resource_group_name = azurerm_resource_group.central-app-vm1-rg.name | |
security_rule { | |
access = "Allow" | |
direction = "Inbound" | |
name = "ssh" | |
priority = 900 | |
protocol = "Tcp" | |
source_port_range = "*" | |
source_address_prefix = "*" | |
destination_port_range = "22" | |
destination_address_prefix = "*" | |
} | |
security_rule { | |
access = "Allow" | |
direction = "Inbound" | |
name = "http" | |
priority = 910 | |
protocol = "Tcp" | |
source_port_range = "*" | |
source_address_prefix = "*" | |
destination_port_range = "80" | |
destination_address_prefix = "*" | |
} | |
security_rule { | |
access = "Allow" | |
direction = "Outbound" | |
name = "AnyOut" | |
priority = 920 | |
protocol = "*" | |
source_port_range = "*" | |
source_address_prefix = "*" | |
destination_port_range = "*" | |
destination_address_prefix = "*" | |
} | |
} | |
resource "azurerm_subnet_network_security_group_association" "central-app-vm1-nsg-association" { | |
subnet_id = module.app-spoke-central.vpc.public_subnets[1].subnet_id | |
network_security_group_id = azurerm_network_security_group.central-app-vm1-nsg.id | |
} | |
resource "azurerm_linux_virtual_machine" "central-app-vm1" { | |
name = "central-app-vm1" | |
resource_group_name = azurerm_resource_group.central-app-vm1-rg.name | |
location = var.region-a | |
size = var.instance_size | |
admin_username = var.admin_username | |
admin_password = var.admin_password | |
disable_password_authentication = false | |
network_interface_ids = [ | |
azurerm_network_interface.central-app-vm1-nic.id | |
] | |
os_disk { | |
caching = "ReadWrite" | |
storage_account_type = "Standard_LRS" | |
} | |
source_image_reference { | |
publisher = "Canonical" | |
offer = "UbuntuServer" | |
sku = "16.04-LTS" | |
version = "latest" | |
} | |
provisioner "remote-exec" { | |
inline = [ | |
"/usr/bin/sudo apt install nginx -y" | |
] | |
connection { | |
type = "ssh" | |
user = var.admin_username | |
password = var.admin_password | |
host = azurerm_public_ip.central-app-vm1-pip.ip_address | |
} | |
} | |
} | |
resource "azurerm_resource_group" "central-app-vm2-rg" { | |
name = "central-app-vm2-rg" | |
location = var.region-a | |
} | |
resource "azurerm_public_ip" "central-app-vm2-pip" { | |
name = "central-app-vm2-pip" | |
resource_group_name = azurerm_resource_group.central-app-vm2-rg.name | |
location = var.region-a | |
allocation_method = "Static" | |
sku = "Standard" | |
} | |
resource "azurerm_network_interface" "central-app-vm2-nic" { | |
name = "central-app-vm2-nic" | |
location = var.region-a | |
resource_group_name = azurerm_resource_group.central-app-vm2-rg.name | |
ip_configuration { | |
name = "primary" | |
subnet_id = module.app-spoke-central.vpc.public_subnets[2].subnet_id | |
private_ip_address_allocation = "Dynamic" | |
public_ip_address_id = azurerm_public_ip.central-app-vm2-pip.id | |
} | |
} | |
resource "azurerm_network_security_group" "central-app-vm2-nsg" { | |
name = "central-app-vm2-nsg" | |
location = var.region-a | |
resource_group_name = azurerm_resource_group.central-app-vm2-rg.name | |
security_rule { | |
access = "Allow" | |
direction = "Inbound" | |
name = "ssh" | |
priority = 900 | |
protocol = "Tcp" | |
source_port_range = "*" | |
source_address_prefix = "*" | |
destination_port_range = "22" | |
destination_address_prefix = "*" | |
} | |
security_rule { | |
access = "Allow" | |
direction = "Inbound" | |
name = "http" | |
priority = 910 | |
protocol = "Tcp" | |
source_port_range = "*" | |
source_address_prefix = "*" | |
destination_port_range = "80" | |
destination_address_prefix = "*" | |
} | |
security_rule { | |
access = "Allow" | |
direction = "Outbound" | |
name = "AnyOut" | |
priority = 920 | |
protocol = "*" | |
source_port_range = "*" | |
source_address_prefix = "*" | |
destination_port_range = "*" | |
destination_address_prefix = "*" | |
} | |
} | |
resource "azurerm_subnet_network_security_group_association" "central-app-vm2-nsg-association" { | |
subnet_id = module.app-spoke-central.vpc.public_subnets[2].subnet_id | |
network_security_group_id = azurerm_network_security_group.central-app-vm2-nsg.id | |
} | |
resource "azurerm_linux_virtual_machine" "central-app-vm2" { | |
name = "central-app-vm2" | |
resource_group_name = azurerm_resource_group.central-app-vm2-rg.name | |
location = var.region-a | |
size = var.instance_size | |
admin_username = var.admin_username | |
admin_password = var.admin_password | |
disable_password_authentication = false | |
network_interface_ids = [ | |
azurerm_network_interface.central-app-vm2-nic.id | |
] | |
os_disk { | |
caching = "ReadWrite" | |
storage_account_type = "Standard_LRS" | |
} | |
source_image_reference { | |
publisher = "Canonical" | |
offer = "UbuntuServer" | |
sku = "16.04-LTS" | |
version = "latest" | |
} | |
provisioner "remote-exec" { | |
inline = [ | |
"/usr/bin/sudo apt install nginx -y" | |
] | |
connection { | |
type = "ssh" | |
user = var.admin_username | |
password = var.admin_password | |
host = azurerm_public_ip.central-app-vm2-pip.ip_address | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment