This module creates a Linux Virtual Machine.
Following tags are automatically set with default values: env, stack, os_family, os_distribution, os_version.
- Microsoft.Compute/InGuestAutoAssessmentVMPreview must be activated on the subscription to use
patch_mode = "AutomaticByPlatform"patching option.
| Module version | Terraform version | AzureRM version |
|---|---|---|
| >= 7.x.x | 1.3.x | >= 3.0 |
| >= 6.x.x | 1.x | >= 3.0 |
| >= 5.x.x | 0.15.x | >= 2.0 |
| >= 4.x.x | 0.13.x / 0.14.x | >= 2.0 |
| >= 3.x.x | 0.12.x | >= 2.0 |
| >= 2.x.x | 0.12.x | < 2.0 |
| < 2.x.x | 0.11.x | < 2.0 |
If you want to contribute to this repository, feel free to use our pre-commit git hook configuration which will help you automatically update and format some files for you by enforcing our Terraform code module best-practices.
More details are available in the CONTRIBUTING.md file.
This module is optimized to work with the Claranet terraform-wrapper tool
which set some terraform variables in the environment needed by this module.
More details about variables set by the terraform-wrapper available in the documentation.
module "azure_region" {
source = "claranet/regions/azurerm"
version = "x.x.x"
azure_region = var.azure_region
}
module "rg" {
source = "claranet/rg/azurerm"
version = "x.x.x"
location = module.azure_region.location
client_name = var.client_name
environment = var.environment
stack = var.stack
}
module "azure_network_vnet" {
source = "claranet/vnet/azurerm"
version = "x.x.x"
environment = var.environment
location = module.azure_region.location
location_short = module.azure_region.location_short
client_name = var.client_name
stack = var.stack
resource_group_name = module.rg.resource_group_name
vnet_cidr = ["10.10.0.0/16"]
}
module "azure_network_subnet" {
source = "claranet/subnet/azurerm"
version = "x.x.x"
environment = var.environment
location_short = module.azure_region.location_short
client_name = var.client_name
stack = var.stack
resource_group_name = module.rg.resource_group_name
virtual_network_name = module.azure_network_vnet.virtual_network_name
subnet_cidr_list = ["10.10.10.0/24"]
route_table_name = module.azure_network_route_table.route_table_name
network_security_group_name = module.network_security_group.network_security_group_name
}
module "network_security_group" {
source = "claranet/nsg/azurerm"
version = "x.x.x"
client_name = var.client_name
environment = var.environment
stack = var.stack
resource_group_name = module.rg.resource_group_name
location = module.azure_region.location
location_short = module.azure_region.location_short
}
module "azure_network_route_table" {
source = "claranet/route-table/azurerm"
version = "x.x.x"
client_name = var.client_name
environment = var.environment
stack = var.stack
location = module.azure_region.location
location_short = module.azure_region.location_short
resource_group_name = module.rg.resource_group_name
}
resource "azurerm_availability_set" "vm_avset" {
name = "${var.stack}-${var.client_name}-${module.azure_region.location_short}-${var.environment}-as"
location = module.azure_region.location
resource_group_name = module.rg.resource_group_name
managed = true
}
module "run" {
source = "claranet/run/azurerm"
version = "x.x.x"
client_name = var.client_name
environment = var.environment
stack = var.stack
location = module.azure_region.location
location_short = module.azure_region.location_short
resource_group_name = module.rg.resource_group_name
monitoring_function_enabled = false
vm_monitoring_enabled = true
backup_vm_enabled = true
update_center_enabled = true
update_center_periodic_assessment_enabled = true
update_center_periodic_assessment_scopes = [module.rg.resource_group_id]
update_center_maintenance_configurations = [
{
configuration_name = "Donald"
start_date_time = "2021-08-21 04:00"
recur_every = "1Day"
},
{
configuration_name = "Hammer"
start_date_time = "1900-01-01 03:00"
recur_every = "1Week"
}
]
recovery_vault_cross_region_restore_enabled = true
vm_backup_daily_policy_retention = 31
}
module "vm" {
source = "claranet/linux-vm/azurerm"
version = "x.x.x"
location = module.azure_region.location
location_short = module.azure_region.location_short
client_name = var.client_name
environment = var.environment
stack = var.stack
resource_group_name = module.rg.resource_group_name
subnet_id = module.azure_network_subnet.subnet_id
vm_size = "Standard_B2s"
admin_username = var.vm_administrator_login
ssh_public_key = var.ssh_public_key
diagnostics_storage_account_name = module.run.logs_storage_account_name
azure_monitor_data_collection_rule_id = module.run.data_collection_rule_id
# Set to null to deactivate backup
backup_policy_id = module.run.vm_backup_policy_id
patch_mode = "AutomaticByPlatform"
maintenance_configuration_ids = [module.run.maintenance_configurations["Donald"].id, module.run.maintenance_configurations["Hammer"].id]
availability_set_id = azurerm_availability_set.vm_avset.id
# or use Availability Zone
# zone_id = 1
vm_image = {
publisher = "Debian"
offer = "debian-10"
sku = "10"
version = "latest"
}
# The feature must be activated upstream:
# az feature register --namespace Microsoft.Compute --name EncryptionAtHost --subscription <subscription_id_or_name>
encryption_at_host_enabled = true
storage_data_disk_config = {
appli_data_disk = {
name = "appli_data_disk"
disk_size_gb = 512
lun = 0
storage_account_type = "Standard_LRS"
extra_tags = {
some_data_disk_tag = "some_data_disk_tag_value"
}
}
logs_disk = {
# Used to define Logical Unit Number (LUN) parameter
lun = 10
disk_size_gb = 64
caching = "ReadWrite"
extra_tags = {
some_data_disk_tag = "some_data_disk_tag_value"
}
}
}
}| Name | Version |
|---|---|
| azurecaf | ~> 1.2, >= 1.2.22 |
| azurerm | ~> 3.108 |
| null | ~> 3 |
| Name | Source | Version |
|---|---|---|
| azure_region | claranet/regions/azurerm | ~> 7.1.0 |
| vm_logs | claranet/vm-logs/azurerm | 4.2.0 |
| vm_os_disk_tagging | claranet/tagging/azurerm | 6.0.1 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| aad_ssh_login_admin_objects_ids | Azure Active Directory objects IDs allowed to connect as administrator on the VM. | list(string) |
[] |
no |
| aad_ssh_login_enabled | Enable SSH logins with Azure Active Directory | bool |
false |
no |
| aad_ssh_login_extension_version | VM Extension version for Azure Active Directory SSH Login extension | string |
"1.0" |
no |
| aad_ssh_login_user_objects_ids | Azure Active Directory objects IDs allowed to connect as standard user on the VM. | list(string) |
[] |
no |
| admin_password | Password for the administrator account of the virtual machine. | string |
null |
no |
| admin_username | Username for Virtual Machine administrator account. | string |
n/a | yes |
| application_gateway_backend_pool_id | Id of the Application Gateway Backend Pool to attach the VM. | string |
null |
no |
| attach_application_gateway | True to attach this VM to an Application Gateway. | bool |
false |
no |
| attach_load_balancer | True to attach this VM to a Load Balancer. | bool |
false |
no |
| availability_set_id | Id of the availability set in which host the Virtual Machine. | string |
null |
no |
| azure_monitor_agent_auto_upgrade_enabled | Automatically update agent when publisher releases a new version of the agent. | bool |
false |
no |
| azure_monitor_agent_version | Azure Monitor Agent extension version | string |
"1.21" |
no |
| azure_monitor_data_collection_rule_id | Data Collection Rule ID from Azure Monitor for metrics and logs collection. Used with new monitoring agent, set to null if legacy agent is used. |
string |
n/a | yes |
| backup_policy_id | Backup policy ID from the Recovery Vault to attach the Virtual Machine to (value to null to disable backup). |
string |
n/a | yes |
| client_name | Client name/account used in naming. | string |
n/a | yes |
| custom_computer_name | Custom name for the Virtual Machine Hostname. vm_name if not set. |
string |
"" |
no |
| custom_data | The Base64-Encoded Custom Data which should be used for this Virtual Machine. Changing this forces a new resource to be created. | string |
null |
no |
| custom_dcr_name | Custom name for Data collection rule association | string |
null |
no |
| custom_dns_label | The DNS label to use for public access. VM name if not set. DNS will be .westeurope.cloudapp.azure.com. | string |
"" |
no |
| custom_ipconfig_name | Custom name for the IP config of the NIC. Generated if not set. | string |
null |
no |
| custom_name | Custom name for the Virtual Machine. Generated if not set. | string |
"" |
no |
| custom_nic_name | Custom name for the NIC interface. Generated if not set. | string |
null |
no |
| custom_public_ip_name | Custom name for public IP. Generated if not set. | string |
null |
no |
| default_tags_enabled | Option to enable or disable default tags. | bool |
true |
no |
| diagnostics_storage_account_name | Name of the Storage Account in which store boot diagnostics and for legacy monitoring agent. | string |
n/a | yes |
| diagnostics_storage_account_sas_token | SAS token of the Storage Account in which store vm diagnostics. Used only with legacy monitoring agent, set to null if not needed. |
string |
null |
no |
| encryption_at_host_enabled | Should all disks (including the temporary disk) attached to the Virtual Machine be encrypted by enabling Encryption at Host? List of compatible VM sizes: https://learn.microsoft.com/en-us/azure/virtual-machines/linux/disks-enable-host-based-encryption-cli#finding-supported-vm-sizes. | bool |
false |
no |
| environment | Project environment. | string |
n/a | yes |
| extensions_extra_tags | Extra tags to set on the VM extensions. | map(string) |
{} |
no |
| extra_tags | Extra tags to set on each created resource. | map(string) |
{} |
no |
| identity | Map with identity block informations as described here https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine#identity. | object({ |
{ |
no |
| load_balancer_backend_pool_id | Id of the Load Balancer Backend Pool to attach the VM. | string |
null |
no |
| location | Azure location. | string |
n/a | yes |
| location_short | Short string for Azure location. | string |
n/a | yes |
| log_analytics_agent_enabled | Deploy Log Analytics VM extension - depending of OS (cf. https://docs.microsoft.com/fr-fr/azure/azure-monitor/agents/agents-overview#linux) | bool |
false |
no |
| log_analytics_agent_version | Azure Log Analytics extension version. | string |
"1.14" |
no |
| log_analytics_workspace_guid | GUID of the Log Analytics Workspace to link with. | string |
null |
no |
| log_analytics_workspace_key | Access key of the Log Analytics Workspace to link with. | string |
null |
no |
| maintenance_configuration_ids | List of maintenance configurations to attach to this VM. | list(string) |
[] |
no |
| name_prefix | Optional prefix for the generated name. | string |
"" |
no |
| name_suffix | Optional suffix for the generated name. | string |
"" |
no |
| nic_accelerated_networking_enabled | Should Accelerated Networking be enabled? Defaults to false. |
bool |
false |
no |
| nic_extra_tags | Extra tags to set on the network interface. | map(string) |
{} |
no |
| nic_nsg_id | NSG ID to associate on the Network Interface. No association if null. | string |
null |
no |
| os_disk_caching | Specifies the caching requirements for the OS Disk. | string |
"ReadWrite" |
no |
| os_disk_custom_name | Custom name for OS disk. Generated if not set. | string |
null |
no |
| os_disk_extra_tags | Extra tags to set on the OS disk. | map(string) |
{} |
no |
| os_disk_overwrite_tags | True to overwrite existing OS disk tags instead of merging. | bool |
false |
no |
| os_disk_size_gb | Specifies the size of the OS disk in gigabytes. | string |
null |
no |
| os_disk_storage_account_type | The Type of Storage Account which should back this the Internal OS Disk. Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS. |
string |
"Premium_ZRS" |
no |
| os_disk_tagging_enabled | Should OS disk tagging be enabled? Defaults to true. |
bool |
true |
no |
| patch_mode | Specifies the mode of in-guest patching to this Linux Virtual Machine. Possible values are AutomaticByPlatform and ImageDefault. Compatibility list is available here https://learn.microsoft.com/en-us/azure/virtual-machines/automatic-vm-guest-patching#supported-os-images. |
string |
"ImageDefault" |
no |
| patching_reboot_setting | Specifies the reboot setting for platform scheduled patching. Possible values are Always, IfRequired and Never. |
string |
"IfRequired" |
no |
| public_ip_extra_tags | Extra tags to set on the public IP resource. | map(string) |
{} |
no |
| public_ip_sku | SKU for the public IP attached to the VM. Can be null if no public IP needed. |
string |
"Standard" |
no |
| public_ip_zones | Zones for public IP attached to the VM. Can be null if no zone distpatch. |
list(number) |
[ |
no |
| resource_group_name | Resource group name. | string |
n/a | yes |
| spot_instance | True to deploy VM as a Spot Instance | bool |
false |
no |
| spot_instance_eviction_policy | Specifies what should happen when the Virtual Machine is evicted for price reasons when using a Spot instance. At this time the only supported value is Deallocate. Changing this forces a new resource to be created. |
string |
"Deallocate" |
no |
| spot_instance_max_bid_price | The maximum price you're willing to pay for this VM in US Dollars; must be greater than the current spot price. -1 If you don't want the VM to be evicted for price reasons. |
number |
-1 |
no |
| ssh_private_key | SSH private key. | string |
null |
no |
| ssh_public_key | SSH public key. | string |
null |
no |
| stack | Project stack name. | string |
n/a | yes |
| static_private_ip | Static private IP. Private IP is dynamic if not set. | string |
null |
no |
| storage_data_disk_config | Map of objects to configure storage data disk(s). | map(object({ |
{} |
no |
| subnet_id | ID of the Subnet in which create the Virtual Machine. | string |
n/a | yes |
| use_caf_naming | Use the Azure CAF naming provider to generate default resource name. custom_name override this if set. Legacy default name is used if this is set to false. |
bool |
true |
no |
| use_legacy_monitoring_agent | True to use the legacy monitoring agent instead of Azure Monitor Agent. | bool |
false |
no |
| user_data | The Base64-Encoded User Data which should be used for this Virtual Machine. | string |
null |
no |
| vm_image | Virtual Machine source image information. See https://www.terraform.io/docs/providers/azurerm/r/virtual_machine.html#storage_image_reference. This variable cannot be used if vm_image_id is already defined. |
map(string) |
{ |
no |
| vm_image_id | The ID of the Image which this Virtual Machine should be created from. This variable supersedes the vm_image variable if not null. |
string |
null |
no |
| vm_plan | Virtual Machine plan image information. See https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine#plan. This variable has to be used for BYOS image. Before using BYOS image, you need to accept legal plan terms. See https://docs.microsoft.com/en-us/cli/azure/vm/image?view=azure-cli-latest#az_vm_image_accept_terms. | object({ |
null |
no |
| vm_size | Size (SKU) of the Virtual Machine to create. | string |
n/a | yes |
| zone_id | Index of the Availability Zone which the Virtual Machine should be allocated in. | number |
null |
no |
| Name | Description |
|---|---|
| maintenance_configurations_assignments | Maintenance configurations assignments configurations. |
| terraform_module | Information about this Terraform module |
| vm_admin_password | Virtual Machine admin password |
| vm_admin_ssh_private_key | Virtual Machine admin SSH private key |
| vm_admin_ssh_public_key | Virtual Machine admin SSH public key |
| vm_admin_username | Virtual Machine admin username |
| vm_hostname | Hostname of the Virtual Machine |
| vm_id | ID of the Virtual Machine |
| vm_identity | Identity block with principal ID |
| vm_name | Name of the Virtual Machine |
| vm_nic_id | ID of the Network Interface Configuration attached to the Virtual Machine |
| vm_nic_ip_configuration_name | Name of the IP Configuration for the Network Interface Configuration attached to the Virtual Machine |
| vm_nic_name | Name of the Network Interface Configuration attached to the Virtual Machine |
| vm_os_disk | Virtual Machine OS disk |
| vm_private_ip_address | Private IP address of the Virtual Machine |
| vm_public_domain_name_label | Public DNS of the Virtual machine |
| vm_public_ip_address | Public IP address of the Virtual Machine |
| vm_public_ip_id | Public IP ID of the Virtual Machine |
Microsoft Azure documentation: docs.microsoft.com/en-us/azure/virtual-machines/linux/
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent