tbugfinder/main.tf Secret

## main.tf
locals {
  name     = "test"
  location = "West Europe"

  tags = {
    Name = "${local.name}-${local.id}"
  }
}

resource "azurerm_resource_group" "rg" {
  name     = "${local.name}-${local.id}"
  location = local.location
}

resource "azurerm_virtual_network" "vnet" {
  name                = "${local.name}-${local.id}"
  resource_group_name = azurerm_resource_group.rg.name
  location            = local.location
  address_space       = ["10.0.0.0/16"]
}

resource "azurerm_subnet" "subnet" {
  name                 = "${local.name}-${local.id}"
  resource_group_name  = azurerm_resource_group.rg.name
  virtual_network_name = azurerm_virtual_network.vnet.name
  address_prefix       = "10.0.2.0/24"
}

resource "azurerm_network_security_group" "security-group" {
  name                = "${local.name}-${local.id}"
  location            = local.location
  resource_group_name = azurerm_resource_group.rg.name
  tags                = local.tags
}

resource "random_string" "password" {
  length      = 16
  lower       = true
  min_lower   = 1
  upper       = true
  min_upper   = 1
  number      = true
  min_numeric = 1
  special     = true
  min_special = 1
}

module "test" {
  source = "./module/"

  id   = local.id
  name = local.name

  location                  = local.location
  resource_group_name       = azurerm_resource_group.rg.name
  subnet_id                 = azurerm_subnet.subnet.id
  network_security_group_id = azurerm_network_security_group.security-group.id

  image = {
    publisher = "RedHat"
    offer     = "RHEL"
    sku       = "7.5"
    version   = "latest"
  }

  os_config = {
    disable_password_authentication = false
  }

  admin_username = "admsomeadm"
  admin_password = random_string.password.result
  size           = "Standard_DS1_V2"
  tags           = local.tags
}


## module_main.tf
locals {
  # Truncate name to an appropriate length if necessary.
  vm_name_windows = substr(var.name, 0, 15 - length(var.id) - 1)
  vm_name         = var.is_windows_image ? local.vm_name_windows : var.name

  unique_name    = "${var.name}-${var.id}"
  unique_vm_name = "${local.vm_name}-${var.id}"
}

resource "azurerm_network_interface" "ni" {
  name                      = local.unique_name
  location                  = var.location
  resource_group_name       = var.resource_group_name
  network_security_group_id = var.network_security_group_id

  ip_configuration {
    name                          = local.unique_name
    subnet_id                     = var.subnet_id
    private_ip_address_allocation = "Dynamic"
  }
}

resource "azurerm_storage_account" "boot-diagnostics" {
  count                    = var.enable_boot_diagnostics == "true" ? 1 : 0
  name                     = "${local.unique_name}-boot-diags"
  location                 = var.location
  resource_group_name      = var.resource_group_name
  account_tier             = element(split("_", var.boot_disk_storage_account_type), 0)
  account_replication_type = element(split("_", var.boot_disk_storage_account_type), 1)
  tags                     = var.tags
}

resource "azurerm_virtual_machine" "vm-linux" {
  count = var.is_windows_image != "true" ? 1 : 0

  name                = local.unique_vm_name
  location            = var.location
  resource_group_name = var.resource_group_name

  delete_data_disks_on_termination = var.delete_data_disks_on_termination
  delete_os_disk_on_termination    = var.delete_os_disk_on_termination
  network_interface_ids            = [azurerm_network_interface.ni.id]
  vm_size                          = var.size
  zones                            = var.zones

  boot_diagnostics {
    enabled = var.enable_boot_diagnostics
    storage_uri = var.enable_boot_diagnostics == "true" ? join(
      ",",
      azurerm_storage_account.boot-diagnostics.*.primary_blob_endpoint,
    ) : ""
  }

  os_profile {
    computer_name  = coalesce(var.hostname, var.name)
    admin_username = var.admin_username
    admin_password = var.admin_password
    custom_data    = var.custom_data
  }

  dynamic "os_profile_linux_config" {
    for_each = [var.os_config]
    content {
      # TF-UPGRADE-TODO: The automatic upgrade tool can't predict
      # which keys might be set in maps assigned here, so it has
      # produced a comprehensive set here. Consider simplifying
      # this after confirming which keys can be set in practice.

      disable_password_authentication = os_profile_linux_config.value.disable_password_authentication

      dynamic "ssh_keys" {

        #for_each = list(lookup(tomap(os_profile_linux_config.value), "ssh_keys", null))
        for_each = { for v in os_profile_linux_config.value : v => v }
        content {
          key_data = ssh_keys.value.key_data
          path     = ssh_keys.value.path

        }
      }
    }
  }

  dynamic "storage_image_reference" {
    for_each = [var.image]
    content {
      # TF-UPGRADE-TODO: The automatic upgrade tool can't predict
      # which keys might be set in maps assigned here, so it has
      # produced a comprehensive set here. Consider simplifying
      # this after confirming which keys can be set in practice.

      id        = lookup(storage_image_reference.value, "id", null)
      offer     = lookup(storage_image_reference.value, "offer", null)
      publisher = lookup(storage_image_reference.value, "publisher", null)
      sku       = lookup(storage_image_reference.value, "sku", null)
      version   = lookup(storage_image_reference.value, "version", null)
    }
  }

  storage_os_disk {
    name              = "${local.unique_name}-os"
    caching           = "ReadWrite"
    create_option     = "FromImage"
    managed_disk_type = var.os_disk_storage_account_type
  }

  tags = merge(
    var.tags,
    {
      "Instance-Name" = local.unique_vm_name
    },
  )
}

## module_variables.tf
variable "id" {
  description = "A unique identifier."
  type        = string
}

variable "name" {
  type        = string
}

variable "location" {
  type        = string
}

variable "resource_group_name" {
  type        = string
}

variable "network_security_group_id" {
  type        = string
}

variable "admin_username" {
  type        = string
}

variable "admin_password" {
  type        = string
}

variable "image" {
  type        = map(string)
}

variable "os_config" {
  type        = map(string)
}

variable "subnet_id" {
  type        = string
}

variable "boot_disk_storage_account_type" {
  default     = "Standard_LRS"
  type        = string
}

variable "custom_data" {
  default     = ""
}

variable "delete_data_disks_on_termination" {
  default     = "false"
}

variable "delete_os_disk_on_termination" {
  default     = "false"
}

variable "enable_boot_diagnostics" {
  default     = "false"
}

variable "hostname" {
  default     = ""
  type        = string
}

variable "is_windows_image" {
  default     = false
}

variable "os_disk_storage_account_type" {
  default     = "Standard_LRS"
  type        = string
}

variable "size" {
  default     = "Standard_DS1_V2"
}

variable "tags" {
  default     = {}
  type        = map(string)
}

variable "zones" {
  default     = ["1"]
  type        = list(string)
}

## random.tf
provider "random" {
}

resource "random_id" "id" {
  byte_length = 4
}

locals {
  id = random_id.id.hex
}
	locals {
	name = "test"
	location = "West Europe"

	tags = {
	Name = "${local.name}-${local.id}"
	}
	}

	resource "azurerm_resource_group" "rg" {
	name = "${local.name}-${local.id}"
	location = local.location
	}

	resource "azurerm_virtual_network" "vnet" {
	name = "${local.name}-${local.id}"
	resource_group_name = azurerm_resource_group.rg.name
	location = local.location
	address_space = ["10.0.0.0/16"]
	}

	resource "azurerm_subnet" "subnet" {
	name = "${local.name}-${local.id}"
	resource_group_name = azurerm_resource_group.rg.name
	virtual_network_name = azurerm_virtual_network.vnet.name
	address_prefix = "10.0.2.0/24"
	}

	resource "azurerm_network_security_group" "security-group" {
	name = "${local.name}-${local.id}"
	location = local.location
	resource_group_name = azurerm_resource_group.rg.name
	tags = local.tags
	}

	resource "random_string" "password" {
	length = 16
	lower = true
	min_lower = 1
	upper = true
	min_upper = 1
	number = true
	min_numeric = 1
	special = true
	min_special = 1
	}

	module "test" {
	source = "./module/"

	id = local.id
	name = local.name

	location = local.location
	resource_group_name = azurerm_resource_group.rg.name
	subnet_id = azurerm_subnet.subnet.id
	network_security_group_id = azurerm_network_security_group.security-group.id

	image = {
	publisher = "RedHat"
	offer = "RHEL"
	sku = "7.5"
	version = "latest"
	}

	os_config = {
	disable_password_authentication = false
	}

	admin_username = "admsomeadm"
	admin_password = random_string.password.result
	size = "Standard_DS1_V2"
	tags = local.tags
	}
	locals {
	# Truncate name to an appropriate length if necessary.
	vm_name_windows = substr(var.name, 0, 15 - length(var.id) - 1)
	vm_name = var.is_windows_image ? local.vm_name_windows : var.name

	unique_name = "${var.name}-${var.id}"
	unique_vm_name = "${local.vm_name}-${var.id}"
	}

	resource "azurerm_network_interface" "ni" {
	name = local.unique_name
	location = var.location
	resource_group_name = var.resource_group_name
	network_security_group_id = var.network_security_group_id

	ip_configuration {
	name = local.unique_name
	subnet_id = var.subnet_id
	private_ip_address_allocation = "Dynamic"
	}
	}

	resource "azurerm_storage_account" "boot-diagnostics" {
	count = var.enable_boot_diagnostics == "true" ? 1 : 0
	name = "${local.unique_name}-boot-diags"
	location = var.location
	resource_group_name = var.resource_group_name
	account_tier = element(split("_", var.boot_disk_storage_account_type), 0)
	account_replication_type = element(split("_", var.boot_disk_storage_account_type), 1)
	tags = var.tags
	}

	resource "azurerm_virtual_machine" "vm-linux" {
	count = var.is_windows_image != "true" ? 1 : 0

	name = local.unique_vm_name
	location = var.location
	resource_group_name = var.resource_group_name

	delete_data_disks_on_termination = var.delete_data_disks_on_termination
	delete_os_disk_on_termination = var.delete_os_disk_on_termination
	network_interface_ids = [azurerm_network_interface.ni.id]
	vm_size = var.size
	zones = var.zones

	boot_diagnostics {
	enabled = var.enable_boot_diagnostics
	storage_uri = var.enable_boot_diagnostics == "true" ? join(
	",",
	azurerm_storage_account.boot-diagnostics.*.primary_blob_endpoint,
	) : ""
	}

	os_profile {
	computer_name = coalesce(var.hostname, var.name)
	admin_username = var.admin_username
	admin_password = var.admin_password
	custom_data = var.custom_data
	}

	dynamic "os_profile_linux_config" {
	for_each = [var.os_config]
	content {
	# TF-UPGRADE-TODO: The automatic upgrade tool can't predict
	# which keys might be set in maps assigned here, so it has
	# produced a comprehensive set here. Consider simplifying
	# this after confirming which keys can be set in practice.

	disable_password_authentication = os_profile_linux_config.value.disable_password_authentication

	dynamic "ssh_keys" {

	#for_each = list(lookup(tomap(os_profile_linux_config.value), "ssh_keys", null))
	for_each = { for v in os_profile_linux_config.value : v => v }
	content {
	key_data = ssh_keys.value.key_data
	path = ssh_keys.value.path

	}
	}
	}
	}

	dynamic "storage_image_reference" {
	for_each = [var.image]
	content {
	# TF-UPGRADE-TODO: The automatic upgrade tool can't predict
	# which keys might be set in maps assigned here, so it has
	# produced a comprehensive set here. Consider simplifying
	# this after confirming which keys can be set in practice.

	id = lookup(storage_image_reference.value, "id", null)
	offer = lookup(storage_image_reference.value, "offer", null)
	publisher = lookup(storage_image_reference.value, "publisher", null)
	sku = lookup(storage_image_reference.value, "sku", null)
	version = lookup(storage_image_reference.value, "version", null)
	}
	}

	storage_os_disk {
	name = "${local.unique_name}-os"
	caching = "ReadWrite"
	create_option = "FromImage"
	managed_disk_type = var.os_disk_storage_account_type
	}

	tags = merge(
	var.tags,
	{
	"Instance-Name" = local.unique_vm_name
	},
	)
	}
	variable "id" {
	description = "A unique identifier."
	type = string
	}

	variable "name" {
	type = string
	}

	variable "location" {
	type = string
	}

	variable "resource_group_name" {
	type = string
	}

	variable "network_security_group_id" {
	type = string
	}

	variable "admin_username" {
	type = string
	}

	variable "admin_password" {
	type = string
	}

	variable "image" {
	type = map(string)
	}

	variable "os_config" {
	type = map(string)
	}

	variable "subnet_id" {
	type = string
	}

	variable "boot_disk_storage_account_type" {
	default = "Standard_LRS"
	type = string
	}

	variable "custom_data" {
	default = ""
	}

	variable "delete_data_disks_on_termination" {
	default = "false"
	}

	variable "delete_os_disk_on_termination" {
	default = "false"
	}

	variable "enable_boot_diagnostics" {
	default = "false"
	}

	variable "hostname" {
	default = ""
	type = string
	}

	variable "is_windows_image" {
	default = false
	}

	variable "os_disk_storage_account_type" {
	default = "Standard_LRS"
	type = string
	}

	variable "size" {
	default = "Standard_DS1_V2"
	}

	variable "tags" {
	default = {}
	type = map(string)
	}

	variable "zones" {
	default = ["1"]
	type = list(string)
	}
	provider "random" {
	}

	resource "random_id" "id" {
	byte_length = 4
	}

	locals {
	id = random_id.id.hex
	}