Fix 201-vmss-jumpbox (#275)

* Fix 201-vmss-jumpbox
Azure · Nov 17, 2023 · 256f1ed · 256f1ed
1 parent a09e5f2
commit 256f1ed
Show file tree

Hide file tree

Showing 3 changed files with 176 additions and 170 deletions.
diff --git a/quickstart/201-vmss-jumpbox/main.tf b/quickstart/201-vmss-jumpbox/main.tf
@@ -1,205 +1,209 @@
 terraform {
   required_version = ">=0.12"
-  
+
   required_providers {
     azurerm = {
-      source = "hashicorp/azurerm"
+      source  = "hashicorp/azurerm"
       version = "~>2.0"
     }
   }
 }
 
 provider "azurerm" {
-  features {}
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
 }
 
 resource "azurerm_resource_group" "vmss" {
- name     = var.resource_group_name
- location = var.location
- tags     = var.tags
+  name     = var.resource_group_name
+  location = var.location
+  tags     = var.tags
 }
 
 resource "random_string" "fqdn" {
- length  = 6
- special = false
- upper   = false
- number  = false
+  length  = 6
+  special = false
+  upper   = false
+  number  = false
 }
 
 resource "azurerm_virtual_network" "vmss" {
- name                = "vmss-vnet"
- address_space       = ["10.0.0.0/16"]
- location            = var.location
- resource_group_name = azurerm_resource_group.vmss.name
- tags                = var.tags
+  name                = "vmss-vnet"
+  address_space       = ["10.0.0.0/16"]
+  location            = var.location
+  resource_group_name = azurerm_resource_group.vmss.name
+  tags                = var.tags
 }
 
 resource "azurerm_subnet" "vmss" {
- name                 = "vmss-subnet"
- resource_group_name  = azurerm_resource_group.vmss.name
- virtual_network_name = azurerm_virtual_network.vmss.name
- address_prefixes       = ["10.0.2.0/24"]
+  name                 = "vmss-subnet"
+  resource_group_name  = azurerm_resource_group.vmss.name
+  virtual_network_name = azurerm_virtual_network.vmss.name
+  address_prefixes     = ["10.0.2.0/24"]
 }
 
 resource "azurerm_public_ip" "vmss" {
- name                         = "vmss-public-ip"
- location                     = var.location
- resource_group_name          = azurerm_resource_group.vmss.name
- allocation_method            = "Static"
- domain_name_label            = random_string.fqdn.result
- tags                         = var.tags
+  name                = "vmss-public-ip"
+  location            = var.location
+  resource_group_name = azurerm_resource_group.vmss.name
+  allocation_method   = "Static"
+  domain_name_label   = random_string.fqdn.result
+  tags                = var.tags
 }
 
 resource "azurerm_lb" "vmss" {
- name                = "vmss-lb"
- location            = var.location
- resource_group_name = azurerm_resource_group.vmss.name
+  name                = "vmss-lb"
+  location            = var.location
+  resource_group_name = azurerm_resource_group.vmss.name
 
- frontend_ip_configuration {
-   name                 = "PublicIPAddress"
-   public_ip_address_id = azurerm_public_ip.vmss.id
- }
+  frontend_ip_configuration {
+    name                 = "PublicIPAddress"
+    public_ip_address_id = azurerm_public_ip.vmss.id
+  }
 
- tags = var.tags
+  tags = var.tags
 }
 
 resource "azurerm_lb_backend_address_pool" "bpepool" {
- loadbalancer_id     = azurerm_lb.vmss.id
- name                = "BackEndAddressPool"
+  loadbalancer_id = azurerm_lb.vmss.id
+  name            = "BackEndAddressPool"
 }
 
 resource "azurerm_lb_probe" "vmss" {
- resource_group_name = azurerm_resource_group.vmss.name
- loadbalancer_id     = azurerm_lb.vmss.id
- name                = "ssh-running-probe"
- port                = var.application_port
+  resource_group_name = azurerm_resource_group.vmss.name
+  loadbalancer_id     = azurerm_lb.vmss.id
+  name                = "ssh-running-probe"
+  port                = var.application_port
 }
 
 resource "azurerm_lb_rule" "lbnatrule" {
-   resource_group_name            = azurerm_resource_group.vmss.name
-   loadbalancer_id                = azurerm_lb.vmss.id
-   name                           = "http"
-   protocol                       = "Tcp"
-   frontend_port                  = var.application_port
-   backend_port                   = var.application_port
-   backend_address_pool_id        = azurerm_lb_backend_address_pool.bpepool.id
-   frontend_ip_configuration_name = "PublicIPAddress"
-   probe_id                       = azurerm_lb_probe.vmss.id
+  resource_group_name            = azurerm_resource_group.vmss.name
+  loadbalancer_id                = azurerm_lb.vmss.id
+  name                           = "http"
+  protocol                       = "Tcp"
+  frontend_port                  = var.application_port
+  backend_port                   = var.application_port
+  backend_address_pool_ids       = [azurerm_lb_backend_address_pool.bpepool.id]
+  frontend_ip_configuration_name = "PublicIPAddress"
+  probe_id                       = azurerm_lb_probe.vmss.id
 }
 
 resource "azurerm_virtual_machine_scale_set" "vmss" {
- name                = "vmscaleset"
- location            = var.location
- resource_group_name = azurerm_resource_group.vmss.name
- upgrade_policy_mode = "Manual"
-
- sku {
-   name     = "Standard_DS1_v2"
-   tier     = "Standard"
-   capacity = 2
- }
-
- storage_profile_image_reference {
-   publisher = "Canonical"
-   offer     = "UbuntuServer"
-   sku       = "16.04-LTS"
-   version   = "latest"
- }
-
- storage_profile_os_disk {
-   name              = ""
-   caching           = "ReadWrite"
-   create_option     = "FromImage"
-   managed_disk_type = "Standard_LRS"
- }
-
- storage_profile_data_disk {
-   lun          = 0
-   caching        = "ReadWrite"
-   create_option  = "Empty"
-   disk_size_gb   = 10
- }
-
- os_profile {
-   computer_name_prefix = "vmlab"
-   admin_username       = var.admin_user
-   admin_password       = var.admin_password
-   custom_data          = file("web.conf")
- }
-
- os_profile_linux_config {
-   disable_password_authentication = false
- }
-
- network_profile {
-   name    = "terraformnetworkprofile"
-   primary = true
-
-   ip_configuration {
-     name                                   = "IPConfiguration"
-     subnet_id                              = azurerm_subnet.vmss.id
-     load_balancer_backend_address_pool_ids = [azurerm_lb_backend_address_pool.bpepool.id]
-     primary = true
-   }
- }
-
- tags = var.tags
+  name                = "vmscaleset"
+  location            = var.location
+  resource_group_name = azurerm_resource_group.vmss.name
+  upgrade_policy_mode = "Manual"
+
+  sku {
+    name     = "Standard_DS1_v2"
+    tier     = "Standard"
+    capacity = 2
+  }
+
+  storage_profile_image_reference {
+    publisher = "Canonical"
+    offer     = "UbuntuServer"
+    sku       = "16.04-LTS"
+    version   = "latest"
+  }
+
+  storage_profile_os_disk {
+    name              = ""
+    caching           = "ReadWrite"
+    create_option     = "FromImage"
+    managed_disk_type = "Standard_LRS"
+  }
+
+  storage_profile_data_disk {
+    lun           = 0
+    caching       = "ReadWrite"
+    create_option = "Empty"
+    disk_size_gb  = 10
+  }
+
+  os_profile {
+    computer_name_prefix = "vmlab"
+    admin_username       = var.admin_user
+    admin_password       = var.admin_password
+    custom_data          = file("web.conf")
+  }
+
+  os_profile_linux_config {
+    disable_password_authentication = false
+  }
+
+  network_profile {
+    name    = "terraformnetworkprofile"
+    primary = true
+
+    ip_configuration {
+      name                                   = "IPConfiguration"
+      subnet_id                              = azurerm_subnet.vmss.id
+      load_balancer_backend_address_pool_ids = [azurerm_lb_backend_address_pool.bpepool.id]
+      primary                                = true
+    }
+  }
+
+  tags = var.tags
 }
 
 resource "azurerm_public_ip" "jumpbox" {
- name                         = "jumpbox-public-ip"
- location                     = var.location
- resource_group_name          = azurerm_resource_group.vmss.name
- allocation_method            = "Static"
- domain_name_label            = "${random_string.fqdn.result}-ssh"
- tags                         = var.tags
+  name                = "jumpbox-public-ip"
+  location            = var.location
+  resource_group_name = azurerm_resource_group.vmss.name
+  allocation_method   = "Static"
+  domain_name_label   = "${random_string.fqdn.result}-ssh"
+  tags                = var.tags
 }
 
 resource "azurerm_network_interface" "jumpbox" {
- name                = "jumpbox-nic"
- location            = var.location
- resource_group_name = azurerm_resource_group.vmss.name
-
- ip_configuration {
-   name                          = "IPConfiguration"
-   subnet_id                     = azurerm_subnet.vmss.id
-   private_ip_address_allocation = "dynamic"
-   public_ip_address_id          = azurerm_public_ip.jumpbox.id
- }
-
- tags = var.tags
+  name                = "jumpbox-nic"
+  location            = var.location
+  resource_group_name = azurerm_resource_group.vmss.name
+
+  ip_configuration {
+    name                          = "IPConfiguration"
+    subnet_id                     = azurerm_subnet.vmss.id
+    private_ip_address_allocation = "Dynamic"
+    public_ip_address_id          = azurerm_public_ip.jumpbox.id
+  }
+
+  tags = var.tags
 }
 
 resource "azurerm_virtual_machine" "jumpbox" {
- name                  = "jumpbox"
- location              = var.location
- resource_group_name   = azurerm_resource_group.vmss.name
- network_interface_ids = [azurerm_network_interface.jumpbox.id]
- vm_size               = "Standard_DS1_v2"
-
- storage_image_reference {
-   publisher = "Canonical"
-   offer     = "UbuntuServer"
-   sku       = "16.04-LTS"
-   version   = "latest"
- }
-
- storage_os_disk {
-   name              = "jumpbox-osdisk"
-   caching           = "ReadWrite"
-   create_option     = "FromImage"
-   managed_disk_type = "Standard_LRS"
- }
-
- os_profile {
-   computer_name  = "jumpbox"
-   admin_username = var.admin_user
-   admin_password = var.admin_password
- }
-
- os_profile_linux_config {
-   disable_password_authentication = false
- }
-
- tags = var.tags
-}
+  name                  = "jumpbox"
+  location              = var.location
+  resource_group_name   = azurerm_resource_group.vmss.name
+  network_interface_ids = [azurerm_network_interface.jumpbox.id]
+  vm_size               = "Standard_DS1_v2"
+
+  storage_image_reference {
+    publisher = "Canonical"
+    offer     = "UbuntuServer"
+    sku       = "16.04-LTS"
+    version   = "latest"
+  }
+
+  storage_os_disk {
+    name              = "jumpbox-osdisk"
+    caching           = "ReadWrite"
+    create_option     = "FromImage"
+    managed_disk_type = "Standard_LRS"
+  }
+
+  os_profile {
+    computer_name  = "jumpbox"
+    admin_username = var.admin_user
+    admin_password = var.admin_password
+  }
+
+  os_profile_linux_config {
+    disable_password_authentication = false
+  }
+
+  tags = var.tags
+}
diff --git a/quickstart/201-vmss-jumpbox/readme.md b/quickstart/201-vmss-jumpbox/readme.md
@@ -27,7 +27,7 @@ This template deploys an Azure virtual machine scale set with a jumpbox.
 | `tags` | Map of the tags to use for the resources that are deployed |
 | `application_port` | Port that you want to expose to the external load balancer |
 | `admin_user` | User name to use as the admin account on the VMs that will be part of the VM scale set |
-| `admin_password` | Default password for admin account (NOTE: For security reasons, this value is not set in the plaintext variables.tf file.)  |
+| `admin_password` | Default password for admin account  |
 
 ## Example