resource "azurerm_virtual_network" "this" { name = "vnet-green-${var.prefix}" address_space = ["10.0.0.0/24"] location = azurerm_resource_group.this.location resource_group_name = azurerm_resource_group.this.name tags = var.tags } resource "azurerm_subnet" "this" { name = "snet1-green-${var.prefix}" resource_group_name = azurerm_resource_group.this.name virtual_network_name = azurerm_virtual_network.this.name address_prefixes = ["10.0.0.0/25"] } resource "azurerm_network_security_group" "this" { name = "nsg1-green-${var.prefix}" location = var.location resource_group_name = azurerm_resource_group.this.name } resource "azurerm_subnet_network_security_group_association" "this" { subnet_id = azurerm_subnet.this.id network_security_group_id = azurerm_network_security_group.this.id } resource "azurerm_network_interface" "this" { name = "nic1-green-${var.prefix}" location = azurerm_resource_group.this.location resource_group_name = azurerm_resource_group.this.name ip_configuration { name = "internal" subnet_id = azurerm_subnet.this.id private_ip_address_allocation = "Dynamic" } ip_forwarding_enabled = true tags = var.tags } resource "azurerm_linux_virtual_machine" "this" { name = "vm1gr-${var.prefix}" resource_group_name = azurerm_resource_group.this.name location = azurerm_resource_group.this.location size = "Standard_F2" admin_username = random_string.this.result admin_password = random_password.this.result disable_password_authentication = false network_interface_ids = [azurerm_network_interface.this.id] os_disk { caching = "ReadWrite" storage_account_type = "Standard_LRS" } source_image_reference { publisher = "Canonical" offer = "UbuntuServer" sku = "16.04-LTS" version = "latest" } tags = var.tags } resource "azurerm_virtual_machine_extension" "VMAccessForLinux" { name = "VMAccessForLinux" virtual_machine_id = azurerm_linux_virtual_machine.this.id publisher = "Microsoft.OSTCExtensions" type = "VMAccessForLinux" type_handler_version = "1.5" auto_upgrade_minor_version = true # TODO: Check this in production protected_settings = jsonencode({ "username" : "${random_string.this.result}", "password" : "${random_password.this.result}", "reset_ssh" : "false" }) }